SAN JOSE, California, October 29 /PRNewswire/ --

- In its Latest Malicious Page of the Month Report, Finjan Provides a 
Step-By-Step Example of Corporate Data Theft by a Trojan That Successfully 
Avoided Traditional Passive Web Security Solutions

Finjan Inc., a leader in secure web gateway products, today announced
that its Malicious Code Research Center (MCRC) has documented step-by-step
how corporate data were being stolen and stored on remote servers owned by
criminals. In its October 2008 Malicious Page of the Month report, Finjan
describes how a corporate user, while browsing the web for his regular
business needs, got infected with a Trojan.

(Logo: http://www.newscom.com/cgi-bin/prnh/20080618/309345 )

The report outlines the following:

- How the corporate PC got infected by the Trojan;

    - What happened just after the malware was installed on that corporate
      PC;

    - What the Trojan looked for on that infected PC;

    - Where the stolen corporate data was stored;

    - What type of stolen data was found on a remote server owned by the
      cybercriminal

"Despite the existing passive web security solutions that the company was
using, such as traditional anti-virus signatures and a URL-filtering
database, it could not prevent this Trojan from infiltrating the network and
compromising confidential data," said Yuval Ben-Itzhak, CTO of Finjan. "This
case shows once again how dynamic code obfuscation enables cybercriminals to
plant "invisible" malicious code that infects a user's machine as soon as the
user visits a website with malicious content."

The case described in the current MPOM October 2008 report, confirms the
cybercrime evolution that Finjan has been following and reporting on for the
last years:

- The Commercialization of malicious code - Web Security Trend Report Q2,
      2006 (http://www.finjan.com/Content.aspx?id=827 )

    - Hackers play "Hide and Seek" - Web Security Trend Report Q4, 2006
      (http://www.finjan.com/Content.aspx?id=827 )

    - Evasive attacks, designed to evade anti-virus or the URL filtering -
      Web Security Trend Report Q2, 2007
      (http://www.finjan.com/Content.aspx?id=827 )

    - Crimeware-as-a-Service - Web Security Trend Report Q1, 2008
      (http://www.finjan.com/Content.aspx?id=827 )

    - Cybercrime organization structure and modus operandi - Web Security
      Trend Report Q2, 2008 (http://www.finjan.com/Content.aspx?id=827 )

    - Evolution of malicious obfuscated code - MPOM September 2008
      (http://www.finjan.com/Content.aspx?id=1367 )

According to Finjan, traditional web security products, such as
anti-virus or URL-filtering databases, are limited in preventing today's
cybercrime attacks targeting businesses. Their passive nature consisting of
attempts to match a known malicious code or URL to a database of known
signatures is by its nature limited in preventing today's attacks. A
different technology is therefore needed.

Real-time content inspection is the optimal way to detect and block
dynamically obfuscated code and similar types of advanced cybercrime
techniques, since it analyzes and understands the code embedded within web
content or files in real time - before it reaches the end-users.

The research is described in detail in Finjan's latest "Malicious Page of
the Month" report released today.

To download the report, please visit http://www.finjan.com/mpom

About MCRC

Malicious Code Research Center (MCRC) is the leading research department
at Finjan, dedicated to the research and detection of security
vulnerabilities in Internet applications, as well as other popular programs.
MCRC's goal is to stay steps ahead of hackers attempting to exploit open
platforms and technologies to develop malicious code such as Spyware,
Trojans, Phishing attacks, worms and viruses. MCRC shares its research
efforts with many of the world's leading software vendors to help patch their
security holes. MCRC is a driving force behind the development of next
generation security technologies used in Finjan's proactive web security
solutions. For more information, visit our MCRC subsite 
(http://www.finjan.com/SecurityLab.aspx?id=547 ).

About Finjan

Finjan is a global provider of web security solutions for the enterprise
market. Our real-time, appliance-based web security solutions deliver the
most effective shield against web-borne threats, freeing enterprises to
harness the web for maximum commercial results. Finjan's active real-time web
security solutions utilize patented behavior-based technology to repel all
types of threats arriving via the web, such as spyware, phishing, Trojans and
obfuscated malicious code, securing businesses against unknown and emerging
threats, as well as known malware. Finjan's security solutions have received
industry awards and recognition from leading analyst houses and publications,
including Gartner, IDC, Butler Group, SC Magazine, CRN, ITPro, PCPro, ITWeek,
Network Computing, and Information Security. With Finjan's award-winning and
widely used solutions, businesses can focus on implementing web strategies to
realize their full organizational and commercial potential. For more
information about Finjan, please visit: http://www.finjan.com.

(c) Copyright 1996-2008. Finjan Software Inc. and its affiliates and
subsidiaries. All rights reserved. All text and figures included in this
publication are the exclusive property of Finjan and are for your personal
and non-commercial use. You may not modify, copy, distribute, transmit,
display, perform, reproduce, publish, license, create derivative works from,
transfer, use or sell any part of its content in any way without the express
permission in writing from Finjan. Information in this document is subject to
change without notice and does not present a commitment or representation on
the part of Finjan. The Finjan technology and/or products and/or software
described and/or referenced to in this material are protected by registered
and/or pending patents including European patent EP 0 965 094 B1 and U.S.
Patents No. 6092194, 6154844, 6167520, 6480962, 6209103, 6298446, 6353892,
6804780, 6922693, 6944822, 6993662, 6965968, 7058822, 7076469, 7155743,
7155744, 7185358, 7418731, and may be protected by other U.S. Patents,
foreign patents, or pending applications.

Finjan, Finjan logo, Vital Security, Vulnerability Anti.dote,
Window-of-Vulnerability, and Finjan RUSafe are trademarks or registered
trademarks of Finjan Inc., and/or its affiliates and subsidiaries. All other
trademarks are the trademarks of their respective owners.

Media Contacts

    United States
    Marina Greenwood
    Activa PR
    Tel: +1-415-776-5350
    marina@activapr.com

    UK
    Neil Stinchcombe
    Eskenzi PR Ltd.
    Tel: +44(0)208-449-1007
    neil@eskenzipr.com