rootkits

Department of Homeland Security discusses own vulnerabilities

Sun, 17 Jun 2007 20:01:39 -0400

On June 20, officials from the U.S. Department of Homeland Security will hold a hearing on Capitol Hill to discuss the agency's apparent problems in staving off electronic attacks and IT systems intrusions. DHS's own CIO, Scott Charbo, and Gregory Wilshusen, director of information security issues at the Government Accountability Office (GAO) are scheduled to present their views in response to requests from Congress to test the agency's IT security defenses. Earlier this year, DHS was asked to conduct a review of its information system security in the wake of news that the departments of commerce and state were successfully hacked during 2006. The hearings will review cybersecurity incidents reported to the DHS Security Operations Center (SOC), such as instances of rootkits, classified leaks, compromised Web sites, bot infections, unauthorized use of networks by contractors, and virus attacks.

For more on this:
- read about it in Inforworld's article

Thwarting attacks with host-based anti-malware tools

Tue, 17 Apr 2007 20:01:38 -0400

Host-based technologies can target a range of threats from spam to rootkits while providing network repair. Host-based anti-malware products have two components: a security agent that resides on the desktop and a central management server, or host. The agent detects threats such as viruses, spam and rootkits while providing protection. The server portion manages and updates the agents and produces reports. These products also sometimes include firewalls and host intrusion prevention solutions. Other methods of thwarting malware include gateway appliances that sit on a network perimeter or routers and switches with enhanced security. Major security vendors like McAfee, Cisco and Symantec offer a multitude of choices, and Microsoft is poised to enter with its Forefront Client Security product. Although there are many choices, IT managers seem to want security products that can help them protect networks from threats that come from all sides.

Learn more about your security options:
- read the article at TechTarget

ALSO:
- read this on malware
- this on the malware risks of Vista
- this on malware writers
- this on malware as a security headache
- and this on malware that's hard to detect

Getting a grip on rootkits

Tue, 21 Nov 2006 19:01:39 -0500

While they're not topping the big security threat lists, rootkits still pose a danger to today's enterprises. It is extremely important to understand what a rootkit is and how it can be used maliciously by hackers and worm writers. Knowing how to eradicate the threat with new tools available to security and IT leaders is equally important. As recent news items relate, rootkits aren't going anywhere fast so like with any security vulnerability, the more you know, the more secure you can be.

For a comprehensive look at rootkits:
- check out the feature at Network Computing

Related Article: More on tools for fighting rootkits. Article

Tools for fighting rootkits

Mon, 13 Nov 2006 19:01:38 -0500

Remember that whole Sony rootkit scandal? The company was selling CDs with hidden rootkit software. Well, the man who discovered that copy protection strategy, which became a tool for hackers looking to hide malicious code, is now on Microsoft's payroll and played a big part in a new Windows system tool that can help fight hackers.

For more on the new anti-hacking tool set:
- read the article at Security.itworld

Related Articles:
How to destroy nasty rootkits. Report
Rootkits demand greater security attention. Report

More fun for Sony! Hitachi joins recall

Thu, 05 Oct 2006 20:01:37 -0400

Boy, it's been a fun year for Sony, hasn't it? Let's recap: they infected users' desktops with rootkits, they almost took down a plane with one of their exploding batteries and they had to massively scale back production forecasts for their Playstation 3 video game console. What's next? Well, it looks like the battery fiasco isn't over yet, with Hitachi joining the fray as of today. The company plans to recall 16,000 laptop batteries, not due to any reports of problems, but rather, for its customers' "peace of mind." Aw. That leaves HP as the last major laptop manufacturer who has not yet recalled the Sony-manufactured ~~time bombs~~ batteries. Word on the street is that they have other things to worry about, though.

For more on the continuing battery fiasco:
- read this Wall Street Journal piece (sub. req.)

Latest rootkit threat illustrates sophistication

Tue, 29 Aug 2006 20:01:37 -0400

Just on the heels of a recent report on the popularity of rootkits with hackers comes news of a new threat. A new form of malware loads a rootkit onto the compromised PC, then changes the local DNS settings and finally, dumps more malicious code on to the drive. Panda Software says that this so-called "Zcodec" malware is a part of a program that claims to install codecs required for multimedia formats. The security vendor says that the intricate attack demonstrates how malware writers are getting smarter everyday and are now using rootkits, social engineering, and Trojans to commit their dirty deeds.

For further insight on the new malware approach:
- check out this article at Vnunet

Rootkit removal method depends on who you ask

Wed, 23 Aug 2006 20:01:35 -0400

Quick, how do you remove rootkits? You're likely to hear a different theory from every security professional you ask. Whether it's even possible to remove rootkits without completely wiping out a system is becoming a controversial topic lately, because if you remove the rootkit, you'll probably leave a hole where the original healthy files used to be. The problem is acute because security vendors can't advertise rootkit removal tools if they don't know the actual consequences. So the advertising you see now is either for tools that may not work, or tools that could do more harm than good.

For more on security:
- read this Network World article

ALSO: Researchers wrestle over AOL logs. Article

How to detect and destroy bad rootkits

Tue, 22 Aug 2006 20:01:37 -0400

In and by itself, a rootkit isn't inherently dangerous. It's what malware and worm code writers can do with a rootkit that gives them a bad name. Knowing how to detect and eradicate malicious rootkits isn't easy and while some security experts recommend conducting system purges, others claim that new tools can help enterprises avoid cumbersome solutions. The good news is that now there are more and more tools and products hitting the market that aim to keep up with the increasingly sophisticated nature and attack strategies of emerging rootkits.

For more on fighting bad rootkits:
-check out this NetworkWorld article

Microsoft buys Winternals utility apps

Tue, 18 Jul 2006 20:01:38 -0400

Microsoft is buying Winternals Software for an undisclosed amount. Winternals is known among sysadmins for its Windows utility software and the Sysinternals blog of co-founder Mark Russinovich. (Russinovich himself is known as the guy who discovered rootkits in Sony music CDs last year.) Microsoft's plans for Winternals products are not yet clear. Russinovich and co-founder Bryce Cogswell both plan to stay, which bodes well for Windows itself.

For more on the deal:
- check out this TechWeb article

ALSO: Winternals buy is bittersweet. Article

SPOTLIGHT: Rootkits demand greater security attention

Mon, 01 May 2006 20:01:33 -0400

Ever since the Sony CD debacle involving rootkit technology, greater security attention and investigation has been focused on what rootkits can allow the criminal element to do to networks and systems. As one Microsoft security expert relates, the danger and damage level can be high. Mike Danseglio, a program manager in Microsoft's security solutions group, says that if a network gets infiltrated by a nasty rootkit, it might as well be trashed. Though the rootkit itself isn't the danger, its ability to let hackers use it to hide malicious code is very dangerous. Article