Kindsight, an Alcatel-Lucent backed company that works with ISPs to analyze the behavior from their customer’s computers, has launched a new portal that details current network-based threats and vulnerabilities.
Kindsight, after detecting issues on a given user’s system, will often provide support to the ISP’s customer when needed. They partner with several ISPs, and the data collected from their day-to-day analysis of threats and vulnerabilities, means they have a treasure trove of information to share.
When developing signatures that detect current threats, Kindsight looks for network behavior that provides unequivocal evidence of infection coming from the user’s computer or device, including malware command and control communications, backdoor connections, attempts to infect others or send excessive email, and other denial of service (DoS) and hacking activity.
Rather than hoarding it all, the company launched Kindsight Security Labs, a new portal that will feature reports on actual threats and related stats.
For example, four of the top seven infections last week were botnet related. According to Kindsight, on a typical day, 12.2 percent of home networks showed signs of malware activity, with NineBall being the most prevalent threat. NineBall is a password stealing Trojan, which can also spread Rogue anti-Virus and send spam from compromised hosts.
“As the threat landscape continues to evolve, home networks – and, increasingly, mobile devices – are the primary target,” said Kevin McNamee, security architect and director of Kindsight Security Labs.
“The main purpose of Kindsight Security Labs is to identify the existence and behavior of malware in the network and develop signatures which can pinpoint these infections with low false positives”
While ISPs are some of the larger customers, Kindsight can work with any service provider. More information on their program and offerings are here and the new portal can be seen here.