IronPort Threat Operations Center
The 24x7x365 IronPort Threat Operation Center provides human oversight to ensure speed and accuracy. Experienced analysts use sophisticated tools to verify anomalies and approve automatically generated Outbreak Rules.
What is a Virus Outbreak?
Of the email-based viruses that occur on a daily basis, only few qualify for Virus Outbreak status. For a virus to be classified as an outbreak, it must:
- be a new virus (or a new variant of an existing known virus),
- have moderate to significant damage potential,
- have a widespread distribution, and
- be an infection that IronPort has seen several instances of, from varied sources.
If any of these occurrences satisfy the above criteria, our Threat Operation Center (TOC) investigates the incident and issues outbreak rules to protect our customers.
Current Virus Outbreak Threat Level
|
Virus Outbreaks in the Last 24 Hours (Last Updated: February 9, 2010)
|
Virus Outbreak Filters Lead Times
Below are the 20 most recent outbreaks tracked by the IronPort Threat Operations Center and the lead time that IronPort Virus Outbreak Filters provided for each, relative to the signature times of several other anti-virus vendors.
| Legend | |
|---|---|
| Zero Hour Detection | Post Zero Hour Detection |
| All times are GMT and in 24 hour format | |
| Virus Name | IronPort | Sophos | McAfee | Trend Micro | Symantec |
|---|---|---|---|---|---|
| W32/Autorun-AZJ | 02/05/2010 01:22 | +0d 9h 3m | Not Published | Not Published | Not Published |
| Mal/Generic-A | 02/04/2010 15:18 | +0d 10h 42m | Not Published | Not Published | +0d 9h 3m |
| Troj/Bredo-AS | 02/03/2010 21:54 | +0d 16h 31m | +0d 20h 3m | Not Published | +0d 10h 4m |
| Troj/Bancos-BGT | 02/02/2010 12:39 | +0d 13h 42m | Not Published | Not Published | Not Published |
| Troj/VB-EMQ | 02/02/2010 01:20 | +0d 10h 3m | Not Published | Not Published | Not Published |
| Troj/Bredo-AP | 02/01/2010 17:15 | +0d 2h 10m | +1d 22h 9m | Not Published | +0d 2h 24m |
| Troj/Banker-EWH | 02/01/2010 12:30 | +0d 22h 53m | Not Published | Not Published | Not Published |
| Troj/Bredo-AN | 02/01/2010 10:33 | +0d 5h 47m | Not Published | +0d 16h 47m | +0d 3h 53m |
| Troj/PDFJs-HD | 01/29/2010 15:29 | +1d 0h 17m | Not Published | Not Published | Not Published |
| Troj/Bredo-AL | 01/29/2010 08:10 | +0d 3h 38m | +0d 11h 32m | +0d 19h 20m | +0d 3h 5m |
| Mal/Generic-A | 01/28/2010 14:37 | +1d 0h 57m | +1d 1h 15m | Not Published | +1d 5h 8m |
| Troj/FakeAV-ASQ | 01/28/2010 11:30 | +0d 3h 1m | +1d 8h 12m | +0d 16h 28m | +0d 2h 46m |
| Troj/Agent-MHV | 01/28/2010 07:39 | +0d 6h 52m | Not Published | Not Published | Not Published |
| Mal/Generic-A | 01/27/2010 09:10 | +0d 5h 35m | Not Published | Not Published | Not Published |
| Mal/Delf-U | 01/26/2010 17:49 | +1d 9h 19m | +1d 9h 19m | Not Published | +2d 16h 44m |
| Troj/Bredo-AH | 01/26/2010 12:20 | +0d 2h 19m | Not Published | +0d 18h 3m | Not Published |
| Troj/PDFEx-CY | 01/26/2010 11:45 | +0d 14h 51m | Not Published | Not Published | Not Published |
| Troj/Banhost-AK | 01/26/2010 04:39 | +0d 10h 1m | Not Published | Not Published | Not Published |
| Mal/Generic-A | 01/25/2010 17:10 | +0d 6h 32m | +1d 1h 28m | Not Published | Not Published |
| Mal/Generic-A | 01/25/2010 14:53 | +0d 20h 0m | Not Published | Not Published | Not Published |
Note: The AV signature times referenced are the first publicly published signature times. If signature time is not available, first publicly published alert time is used. Generic signatures not included.
