Viruses

China and U.S. tie as Internet attack source

Mon, 02 Jun 2008 06:59:59 -0400

A new report finds that China and the U.S. were home to the greatest percentage of Internet attacks during the first quarter of 2008. Akamai, which operates a global server network, said the most common attacks were associated with Microsoft Windows. The company also found many of the attacks came from "worms, viruses, and bots that spread across the Internet several years ago," and speculates that this might indicate that some of the attack traffic could be coming from "a large pool of Microsoft Windows-based systems that are insufficiently maintained, and remain unpatched.''

To read more:
- check out this cnet.com article

U.S., China largest originators of Internet attacks

Paul Mah — Fri, 30 May 2008 07:19:10 -0400

Akamai Technologies, which operates a global network of servers used to support the distribution of online media as well as large-scale websites and applications hosted online, has released its inaugural "State of the Internet" report. The hefty report extrapolates data gathered across Akamai's global network. It notes that while Internet-attack traffic is observed originating from 125 countries, the United States and China are the two largest sources of this traffic. Internet-attack traffic could involve denial of service and hacking attempts, as well as traffic from worms, viruses and bots. Almost 17 percent of this traffic comes from China, though the U.S. is a close second at 14 percent.

For more on Internet attacks:
- check out Network World article

Get ready for cell phone spam

Mon, 12 May 2008 06:59:59 -0400

Anthony Melone, Verizon Wireless's chief technology officer, started getting complaints last March from customers about unsolicited text messages that were flooding the network. He and his Verizon tech staff found the messages were coming from someone using email accounts at Microsoft's Internet portal, msn.com--just one recent source of the estimated 1.5 billion unsolicited cell phone text message expected in 2008.

This not only is an issue for CIOs and their IT departments at telecommunications companies, but also for employers who pay the cell phone bills of their workers and may get stuck with unnecessary charges and even bigger problems. Experts say that besides the annoyance and the extra costs, there is a threat of viruses as phones become more like personal computers.

Carriers adjust their spam filters to try and block offending messages, and computer security companies have developed products to help fight mobile phone spam. It might be worth assessing whether this is an issue at your company, and whether it rises to the level where action is needed.

For more on cell phone spam:
- see this New York Times article

HP ships infected flash drives

Mehan Jayasuriya — Tue, 08 Apr 2008 13:11:31 -0400

You'd think you could trust a USB key, especially one shipped to enterprise customers by the largest PC vendor in the world. But you would be wrong. Looks like HP Australia unwittingly shipped out a few viruses to enterprises--namely, Fakerecy and SillyFDC--alongside optional USB keys for the company's Proliant servers. Luckily, the two viruses in question are fairly old, pose a low-risk and should be caught by any up-to-date anti-virus software. Still, it goes to show that you can never be too careful where security is concerned.

For more on the mishap:
- see this article from the Register

ALSO NOTED: Also Noted: April will be a big month for Microsoft patches; IT free trade up in the air;

Mon, 07 Apr 2008 06:59:58 -0400

> Microsoft: April will be a big month for patches. Article
> IT free trade up in the air. Article
> Job tips for a recession. Article
> Legacy systems hurt e-Commerce growth. Article
> Harris Interactive names a new CIO. Article

And Finally… Viruses will top 1 million by '09. Article

Watch out for your IT security scorecard

Thu, 06 Mar 2008 06:59:58 -0500

A quarterly review of a company's information security is essential for top IT personnel trying to ensure their systems are airtight. While it's important for the IT department not to get lost in trivial details, it's key to recognize the company's vulnerability. And that means sharing the results of the information security scorecard with the IT team and moving quickly to seal any security holes. For most CIOs, it's essential to know about viruses and a system's susceptibility to an attack.

For more on the importance of the scorecard:
- see this ComputerWorld article

Cisco patches IP phones

Fri, 15 Feb 2008 06:59:54 -0500

To think, there once was a time when you didn't have to worry about your phones, of all things, getting infected with viruses. Well, those carefree days are officially over: this week Cisco released a series of patches for buffer overflow and denial of service vulnerabilities in a number of its IP phones. The affected models are as follows: Cisco Unified IP Phone models 7940, 7940G, 7960 and 7960G. In related news, Cisco also patched its Unified Communications Manager this week, due to a vulnerability that could have allowed for SQL injection attacks.

For more on the patches:
- see this ZDnet article

ALSO NOTED: Intel to show Wireless USB tech at CES; gOS 2.0 imminent;

Fri, 04 Jan 2008 06:59:51 -0500

> Samsung preps ruggedized GSM phone. Article
> Could WiFi network viruses spread like human viruses? Article
> Realtek and Intel to show single-chip Wireless USB solutions at CES. Release
> Open-source gOS 2.0 (aka "Rocket") to debut at CES. Release
> CompactFlash hits SATA speeds. Article

And Finally... At last, a leopard skin print cover for your...router? Article

Protect your networks

Mon, 15 Oct 2007 06:59:58 -0400

You've likely heard about honey pots, fake sites that can lure the bad guys to the wrong place. There are other ways to test your site to make sure the door is bolted to keep intruders out. You can put messages in the mail stream in real time, to see how your security responds to spam and viruses, for example, before committing to any one messaging-security gateway.

The bottom line for all CIOs investing in anti-spam software is to see how the mail comes in from the spammers and to extract specific information about how they get in and how to respond to the attack. If you are using security settings, such as encryption requirements, you will need to put that device in its final position to test its accuracy. One suggestion: keep your old messaging-security gateway inside of the new test system. And be sure to keep the old system until you are certain that the new one works.

For more on protecting your network:
- see NetworkWorld article

The threat within trumps external risks

Mon, 17 Sep 2007 06:59:58 -0400

While CIOs and CSOs are often concerned with the threat of viruses and other external sources of danger, a new study from the U.S. Computer Security Institute (CSI) concludes that company insiders should be a bigger focus in efforts to protect networks. CSI released its annual Computer Crime and Security Survey for 2007 in which 494 security professionals from U.S. corporations and government agencies were interviewed. Insider incidents were cited as having occurred by 59 percent of respondents, while only 52 percent said they had encountered a conventional virus in the previous year. Both insider and virus incidents have been falling since a high in the year 2000, but this is the first time insider incidents have been more reported than viruses. Other incidents on the rise include: laptop and mobile device theft and targeted attacks, especially those where organizations felt they had been specifically singled out for attack.

For more updates on security:
- see the article in InfoWorld