Detection of Flame malwareRetina Network Security Scanner
- Audit ID: 16484 - Audit Name: Flame/sKyWIper Malware Detected - Modules
- Audit ID: 16486 - Audit Name: Flame/sKyWIper Malware Detected - ~DEB93D.tmp
- Audit ID: 16487 - Audit Name: Flame/sKyWIper Malware Detected - Registry
- Audit ID: 16488 - Audit Name: Flame/sKyWIper Malware Detected - Audio Driver
- Malware Signature Name: W32/Flamer.A
- Rule ID: 10133 - Attack Rule Name: Print Spooler RCE Attack
- Rule ID: 110287 - Attack Rule Name: LNK File Attack
Detection of Flame vulnerabilitiesMicrosoft Bulletin MS10-046
- Audit ID: 13247 – Audit Name: Microsoft Windows Shortcut Remote Code Execution (2286198)
- Audit ID: 13426 – Audit Name: Microsoft Windows Print Spooler Remote Code Execution (2347290) - Remote
- Audit ID: 13432 – Audit Name: Microsoft Windows Print Spooler Remote Code Execution (2347290)
Remediation of Flame vulnerabilities
- Retina CS has the ability to do patching of Microsoft and third party application vulnerabilities in a closed loop process that takes you all the way from identifying vulnerabilities, such as those used by Flame, to remediation, through the deployment of a patch.
- Retina CS specifically has the capability to automate the deployment of the two known Microsoft vulnerabilities that Flame has been leveraging.
Scott Lang, Sr. Director, Product Marketing at BeyondTrust
Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.