Secure Computing Warns

Secure Computing warns that AI software used in testing by a small number of software developers is now being widely used by hackers

Dark Reading Staff, Dark Reading

July 20, 2006

1 Min Read
Dark Reading logo in a gray background | Dark Reading

SAN JOSE, Calif. -- Secure Computing Corporation (NASDAQ:SCUR), the experts in securing connections between people, applications and networks(TM), today warns that artificial intelligence (AI) software used in testing by a small number of software developers is now being widely used by hackers to find formerly undiscovered vulnerabilities.

These AI tools use a methodology referred to as "Fuzzing." This is an automated methodology for testing applications for bugs by checking allowed input for a given application and trying to force abnormal responses to see if unexpected results (bugs) can be generated. Once a bug is found, further research can determine if the bug can be exploited as a vulnerability and then be packaged as an exploit. Hackers are sharing their Fuzzing results in a collaborative effort in IRC chat rooms and in news groups to rapidly develop new threats. The large increase in application vulnerabilities that have recently been reported are thought to be a direct result of the use of Fuzzing tools. To further demonstrate the power of Fuzzing the vulnerability researchers at the Metaspolit Project are releasing a new vulnerability for MS Internet Explorer every day for the month of July.

"Fuzzing will clearly accelerate the ability for hackers to discover new vulnerabilities in software applications," said Paul Henry, vice president of Strategic Accounts for Secure Computing. "Software vendors were already struggling to keep up with patches for software bugs; the use of Fuzzing tools by hackers and the flood of newly discovered vulnerabilities may overwhelm software vendors' ability to respond with patches."

Secure Computing Corp. (Nasdaq: SCUR)

Read more about:

2006

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights