malicious code

Multiplayer online games pose threat

Judi Hasson — Wed, 03 Sep 2008 17:01:22 -0400

If you are trying to protect your passwords, prevent identity theft and avoid aggravation and possible loss of money, stay away from multiplayer online games like "World of Warcraft," "Everquest'' and "Lineage." McAfee's Avert antivirus labs found 24,600 versions of one type of malicious code aimed at stealing passwords from a variety of "massive multiplayer" online games during the first half of 2008.

This compared with 26,000 aimed at stealing banking passwords. McAfee researcher Igor Muttik said the goal is to gain possession of virtual in-game property and currency and resell it on auction sites like Hong Kong-based IGE.com. He said many individual gamers have built up accounts of in-game funds worth more than $10,000. "It's very visible that online games are the bad guys' focus," Muttik said.

Gary McGraw, a security consultant with Dulles, VA-based Cigital, said games often aren't as well protected. "As in the real world, a few people try to rob banks, but knocking over a 7-11 takes a lot less gunpowder and less planning," he said.

For more on cyber threats:
- see this Forbes.com article

ALSO NOTED: Two execs look to reclassify malicious code; SCO says it may shut down operations;

Thu, 20 Sep 2007 06:59:58 -0400

> Two execs look to reclassify malicious code. Article

> SCO says it may shut down operations. Article

> Cisco and Microsoft collaborate on unified communications. Article

> An update on data warehousing. Article

And finally... The battle of the coasts: which coast is better for IT, East or West? Article

Face threats head on

Wed, 24 Jan 2007 19:01:38 -0500

Even with the requisite complement of data protection software, your data and networks might not be as secure as you think, thanks to more aggressive, smarter viruses and other security threats. One type of "smart" attack can occur within root kits, a type of Trojan horse software implanted into a computer to capture passwords and message traffic. These attacks will allow a virus to make its way into the depths of the operating system, allowing it to interfere with the anti-virus software before it has a chance to detect the threat. Other emerging threats include embedded image spam, more threats around Voice over IP (VoIP), and malicious code concealed in video content.

Read on for more threats to your business:
- see the article at Vnunet.com
- and for even more information, check out this article at SpywareHunter

Beware of 'Happy New Year' worm

Mon, 01 Jan 2007 19:01:39 -0500

When users log-on for the first time in the New Year, they might be greeted by emails that wish them a happy new year and offer a post card greeting. It seems that a new worm is masquerading in such fashion, according to experts at Verisign. Once a user clicks through to the 'postcard' link, a file deploys different variants of malicious code onto the PC and then uses the computer to send similar mass mailings. Some big company networks are already feeling the pain, so make sure that your IT organization is ready to take on the first worm of 2007.

For more on the latest worm threat:
- check out the news item at Securityitworld.com

PLUS: A worm that sniffs for unprotected software via a TCP port. Article
PLUS: The three top security threats coming in the new year. Article

SPOTLIGHT: Symantec system flaws require action

Thu, 14 Dec 2006 19:01:34 -0500

Normally, security vendors are calling for organizations to upgrade security systems to meet new vulnerabilities. But yesterday, Symantec called on Veritas NetBackup users to upgrade, in order to patch flaws within its own system. It seems that the buffer-overflow issue could allow savvy hackers to deploy malicious code. Article

The risks involved in outsourcing code writing

Mon, 27 Nov 2006 19:01:36 -0500

Outsourcing application development could take a huge step backward, thanks to security concerns that even the Feds are worried about. According to the Department of Defense (DOD), the possibility of malicious code being baked into applications and software by overseas vendors could pose a increasing threat to national security. The DOD is readying a report that pushes for an increase in detection and prevention solutions when it comes to military code development. And while the focus is on making sure that military systems and net-abled applications are risk free, experts say the DOD's concern should also be a concern for the private enterprise as well.

For more on keeping code development safe:
- check out the article at Computerworld

Related Article: The latest studies on the impact of outsourcing. Article

Tools for fighting rootkits

Mon, 13 Nov 2006 19:01:38 -0500

Remember that whole Sony rootkit scandal? The company was selling CDs with hidden rootkit software. Well, the man who discovered that copy protection strategy, which became a tool for hackers looking to hide malicious code, is now on Microsoft's payroll and played a big part in a new Windows system tool that can help fight hackers.

For more on the new anti-hacking tool set:
- read the article at Security.itworld

Related Articles:
How to destroy nasty rootkits. Report
Rootkits demand greater security attention. Report

ALSO NOTED: U.S. in the lead when it comes to spam; Uncertified IT workers continue to see a rise in pay; and much more...

Mon, 06 Nov 2006 19:01:33 -0500

> U.S. in the lead when it comes to spam. Article

> Uncertified IT workers continue to see a rise in pay. Article

> HP's outsourced support quality is drawing complaints. Article

> IBM surveillance technology opens lots of security possibilities. Article

> Office 2007 goes gold, new tools paraded. Report

> LCD display shortage in 2007? Report

> Wikipedia used to distribute malicious code. Report

And Finally... What's holding back moblogging? Article

New group targets malware

Sun, 05 Nov 2006 19:01:39 -0500

A new organization, the Malware Incident Reporting and Termination Squad (MIRT), is focusing on getting rid of the increasing amount of malware that's hitting today's enterprises. According to project leader Paul Laudanski, owner of Computer Cops, the group is inviting users to send in pieces of potentially malicious code which MIRT will then analyze and reverse-engineer before sending the file off to authorities for criminal investigation. The group's modus operandi is very similar to an anti-phishing organization that was launched last Spring. That group has already handled 80,000 files and it's likely that MIRT will have more than enough code to deal with, given that there have been over 6,000 new worms and viruses in the first six months of this year alone.

For more about the new malware approach:
- read the news at Security.itworld

Related Articles:
Malware writers take a 'stealth' approach. Report
Get prepped before a malware attack hits. Report

Offshoring could impact military defense systems

Wed, 01 Nov 2006 19:01:38 -0500

It seemed like a smart move at the time--outsourcing and offshoring government software development to save money--but now Uncle Sam is reviewing the decision and the impact it could have down the road. It seems that the potential for embedded malicious code and system tinkering could have a dramatic effect on defense programs and systems. A task force has been studying the issue and is expected to release a recommendation for ensuring better security soon.

For more on the federal outsourcing risk:
- read the in-depth report at BusinessWeek

PLUS: The data loss taking place in the federal government. Article

Related Articles:
Don't ignore security in outsourcing processes. Report
Big changes in outsourcing expectations. Report
Competition ignites EDS business plans. Report