Update for January 19, 2007 to January 25, 2007
Welcome to Tech Talk! In this week's edition of Tech Talk, BOL Guru Jeff Patterson gives a STORM WORM attack update
|
You'll also learn about:
The dangers from hacker development kits;
Continued MS Word worries;
Patches from Cisco and Apple;
A Trojan scam against a Swedish bank;
A keylogging attack on government employees;
140 new vulnerabilities on the US-CERT list;
A "heads up" on desktop gadgets and widgets; and
Plans for a Vista update.
|
Get the details below.
Free Secure Instant Messaging White Paper
Introducing
WebEx AIM Pro Business Edition
Osterman Research’s semi-annual tracking survey reveals that IM is found in over 93% of businesses. However, IT departments have a difficult time halting the proliferation of unsecured and unmanaged IM in their organization.
Learn more about securing IM
|
Severe Storm Warnings
We first warned you about the "Storm Worm" last week. Since then, the new Trojan has gone on to attack more than 1.6 million computers. The goal of the "Storm Worm" is to build a large botnet. Experts believe this botnet will then be used to send spam or for identity mining and phishing networks. Symantec rates this new Internet threat as the most severe in the last twenty months. Read all the details in InformationWeek.
Hacking, By the Numbers
A single hacker's attack development kit was responsible for 71% of December's web based attacks, as reported in InformationWeek. The kit, known as "Q406 Roll-up," reportedly includes a dozen exploits, many of which derived from the Month of Browser Bugs. With kits like this available, ensuring your patch management program is at its best is essential.
More MS Word Woes
A fourth un-patched Microsoft Word vulnerability is being investigated by US-CERT. This new vulnerability could allow an attacker to execute arbitrary code on a victim's system. Silicon.com reports that the new vulnerability is actively being exploited in cyber attacks. If you're blocking Word documents at the gateway, it appears you'll have to continue blocking them for a while longer.
Cisco Patch Release
Cisco released patches to the Internetwork Operating System (IOS) software that runs many of their routers. The vulnerabilities all could lead to a denial-of-service attack and one could potentially allow for remote code execution on the vulnerable router. Read the US-CERT advisory for information on where to obtain the patches.
Apple Reacts, Too
Apple has released a patch for the first of the vulnerabilities announced during the Month of Apple Bugs. The patch is for their popular QuickTime media player. Find out more on CSOOnline.
Apple released another patch to fix a hole in its AirPort WiFi driver. The bug was first reported in November during the Month of Kernel Bugs. CNet has additional details.
Scam Stumps Swedes
Customers of Swedish bank Nordea have had over $1.2 million stolen from their accounts. The thefts were carried out using a Trojan targeted exclusively at the bank. Although Nordea has been aware of the attacks for several months, they have yet to inform their customers of the Trojan. Swedish police have arrested seven people so far, with an additional 121 wanted for questioning, but the attacks continue. Read more about the largest scam against a Swedish online bank ever to be reported on CSOOnline.
Government Employees Targeted
Nearly two dozen users of the Thrift Savings Plan (TSP) for U.S. Government employees were notified recently that they have had money stolen from their accounts. The victims had keylogging software installed on their system through spam or a virus. The keylogging software allowed the attackers to steal the login IDs and passwords of the users and transfer funds from their accounts. Read more about how the TSA lost $35,000 to hackers in ComputerWorld.
Apple Prominent in Latest Vulnerability List
The US-CERT Vulnerability Summary for the Week of January 15, 2007 lists sixty-three High severity, twenty-six Medium and fifty-one Low severity vulnerabilities. Apple continues to be haunted by the Month of Apple Bugs and Oracle's massive first quarter update provided for many of the new vulnerabilities. Additional vulnerabilities were announced in multiple Cisco routers, CA BrightStor ARCServe backup software, Microsoft's Windows XP and Windows Server 2003, Internet Explorer, Sun's Java Runtime Environment, FileZilla, the Snort intrusion detection system, and the Squid proxy software.
Troublesome Forecast for Weather and Stock Gadgets
You've seen them on your user's systems. The gadgets (or widgets) used to get the latest weather or stock quotes. Symantec believes these gadgets could become the next major attack vector. These gadgets are often full applications of their own and can perform whatever functions a normal application can. Get the full scoop at CSOOnline and decide if you need to start blocking users from installing these new security threats.
Vista Updates Already?
Vista isn't even out the door, but Microsoft is already planning Service Pack 1 according to CNet. Microsoft hasn't finalized what will be included in the upcoming service pack but has asked for businesses that would be willing to volunteer to test the new update.
Subscribe to Tech Talk and BOL Tech Advisories.
|
Print Friendly Version!
Email This Article!
Discuss NOW!
