Hackers are using "Advanced Evasion Techniques" (AETs) to probe servers or network devices for weak points without tripping firewalls or intrusion prevention systems, says security firm Stonesoft. The researchers of the Finnish company came across this vector of attack while testing its own security appliance against the latest intrusion methods.

Stonesoft says AET works by combining different evasion techniques across several layers on the targeted network, which allows it to effectively sidestep conventional static defenses. Ilkka Hiidenheimo, chief executive at Stonesoft told Computer Weekly that cybercriminals are now using "200 different evasion techniques in combination to create an almost infinite number of different attack methods."

Apparently, details pertaining to the discovery have been shared with CERT-FI in Finland and independently validated by ICSA Labs.  Stonesoft COO, Juha Kivikoski said "The industry is facing a non-stop race against this type of advanced threats and we believe only dynamic solutions can address this vulnerability."

You can read more about AETs here.

For more on this story:
- check out this article at Network World
- check out this article at Computer Weekly
- check out this article at The Register

Related Articles:
Adobe warns: Critical Flash flaw under active attack 
Microsoft release security advisory about remote DLL flaw 
New Windows kernel bug surfaces days before Microsoft's largest Patch Tuesday 
New study says cybercrime costs enterprises $3.8 million a year