IronPort Threat Operations Center
The 24x7x365 IronPort Threat Operation Center provides human oversight to ensure speed and accuracy. Experienced analysts use sophisticated tools to verify anomalies and approve automatically generated Outbreak Rules.
What is a Virus Outbreak?
Of the email-based viruses that occur on a daily basis, only few qualify for Virus Outbreak status. For a virus to be classified as an outbreak, it must:
- be a new virus (or a new variant of an existing known virus),
- have moderate to significant damage potential,
- have a widespread distribution, and
- be an infection that IronPort has seen several instances of, from varied sources.
If any of these occurrences satisfy the above criteria, our Threat Operation Center (TOC) investigates the incident and issues outbreak rules to protect our customers.
Current Virus Outbreak Threat Level
- Red - Virus Outbreak In Progress
- Orange - Virus Outbreak In Last 24 Hours
- Green - No Virus Outbreak In Last 24 Hours
- Get Real Time Updates
Virus Outbreaks in the Last 24 Hours (Last Updated: May 11, 2008)
| Trojan variant |
| W32/Stayt variant |
Virus Outbreak Filters Lead Times
Below are the 20 most recent outbreaks tracked by the IronPort Threat Operations Center and the lead time that IronPort Virus Outbreak Filters provided for each, relative to the signature times of several other anti-virus vendors.
| Legend | |
|---|---|
| Zero Hour Detection | Post Zero Hour Detection |
| All times are GMT and in 24 hour format | |
| Virus Name | IronPort | Sophos | McAfee | Trend Micro | Symantec |
|---|---|---|---|---|---|
| Troj/DownLD-Z | 05/04/2008 15:14 | +0d 3h 41m | +2d 0h 6m | +1d 13h 2m | Not Published |
| Troj/RKDrop-A | 05/02/2008 11:48 | +0d 6h 35m | +4d 3h 32m | Not Published | +1d 3h 12m |
| Troj_Cutwail.AP | 04/20/2008 04:25 | Not Published | +1d 13h 32m | +0d 23h 18m | Not Published |
| Troj/MDrop-BRI | 04/05/2008 02:47 | +0d 0h 58m | Not Published | +2d 2h 49m | +0d 13h 15m |
| Troj/FakeAV-J | 04/04/2008 18:00 | +0d 5h 53m | +3d 20h 47m | Not Published | +1d 21h 32m |
| Troj/DwnLdr-HCB | 04/02/2008 18:23 | +0d 16h 23m | Not Published | +1d 10h 38m | Not Published |
| Troj/Pushdo-I | 03/25/2008 19:36 | +0d 2h 56m | +1d 20h 41m | +1d 8h 3m | Not Published |
| Troj/Zlob-AIW | 03/12/2008 07:36 | +0d 0h 40m | +1d 7h 57m | +0d 21h 2m | +1d 13h 21m |
| Troj/Dload-BR | 02/29/2008 14:06 | +0d 4h 34m | +4d 1h 57m | +2d 14h 42m | +1d 2h 26m |
| Troj/Dwnle-Gen | 02/26/2008 20:53 | +1d 6h 23m | +1d 8h 0m | +2d 20h 23m | +1d 21h 9m |
| Troj/Zbot-F | 02/20/2008 16:10 | +0d 10h 18m | +2d 0h 47m | +0d 11h 12m | +1d 0h 22m |
| Troj/Exchan-Gen | 02/19/2008 21:39 | Not Published | +2d 19h 18m | +1d 5h 43m | +0d 21h 52m |
| Troj/Pushdo-H | 02/16/2008 21:14 | +0d 1h 2m | +1d 18h 56m | +1d 6h 36m | +0d 19h 18m |
| W32/Dorf-AW | 02/12/2008 02:53 | +0d 1h 7m | +1d 13h 31m | +2d 3h 2m | +1d 17h 38m |
| Troj/Pushu-H | 02/10/2008 18:09 | +0d 2h 8m | +0d 22h 29m | +1d 9h 26m | +0d 22h 53m |
| Troj/Agent-GOL | 02/03/2008 09:14 | +0d 2h 46m | +1d 7h 40m | +0d 19h 6m | +1d 6h 48m |
| Troj/Dloadr-BIB | 01/28/2008 13:29 | +0d 7h 14m | Not Published | +0d 14h 7m | +0d 6h 2m |
| Troj/Pushdo-Gen | 01/25/2008 14:52 | Not Published | +0d 4h 31m | +2d 13h 4m | +1d 2h 10m |
| Troj/Pushdo-Gen | 01/20/2008 00:32 | +0d 1h 28m | +1d 15h 49m | +1d 3h 25m | +0d 16h 59m |
| Troj/Pushdo-Gen | 01/18/2008 15:53 | +1d 10h 7m | +3d 0h 28m | +2d 12h 4m | +2d 1h 38m |
Note: The AV signature times referenced are the first publicly published signature times. If signature time is not available, first publicly published alert time is used. Generic signatures not included.
