Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] New Windows Worms Make New Bot Armies, Break the Web

Hash: SHA1

How to Suck at Information Security


Microsoft Worm Variant Detected

,----[ Quote ]
| A variant of a malicious worm that targeted Microsoft Windows now is 
| spreading via USB sticks, researchers say. 
| Security company BitDefender Labs, based in Bucharest, Romania, detected the 
| Windows worm variant in late December. The original worm known as 
| Win32.Worm.Downadup, first made its appearance in late November, exploiting a 
| Microsoft vulnerability in the Windows RPC Server Service. Since then, it has 
| rapidly spread across numerous corporate networks with the aim of 
| distributing malicious software on susceptible computers.      


New Botnets Replace Vanquished Pests

,----[ Quote ]
| Although the shutdown of a California Web hosting company eradicated several 
| prominent botnets last year, others have stepped up to fill the gaps, a 
| security researcher says.  
| Gone from the landscape, said Joe Stewart, director of research at 
| Atlanta-based SecureWorks Inc., are "Srizbi" and "Storm," the botnets Stewart 
| ranked as No. 1 and No. 5, respectively, in an April 2008 botnet census.  


"Our products just aren't engineered for security."

                  --Brian Valentine, Microsoft executive, Windows boss



With Vista breached, Linux unbeaten in hacking contest

,----[ Quote ]
| The MacBook Air went first; a tiny Fujitsu laptop running Vista was hacked on
| the last day of the contest; but it was Linux, running on a Sony Vaio, that
| remained undefeated as conference organizers ended a three-way computer
| hacking challenge Friday at the CanSecWest conference.


Microsoft reacts to kernel hacks, defends Vista

,----[ Quote ]
| Microsoft wasn't much help in figuring out exactly what was beefed up by the
| PatchGuard update; the accompanying information was extremely vague. The
| MSRC's release manager, Simon Conant, was just as tight-lipped in a posting
| to the center's blog. "The update adds additional checks to Kernel Patch
| Protection for increased reliability, performance, and security," Conant
| said.    


Skeletons in Microsoft’s Patch Day closet

,----[ Quote ]
| This is the first time I’ve seen Microsoft prominently admit to silently
| fixing vulnerabilities in its bulletins — a controversial practice that
| effectively reduces the number of publicly documented bug fixes (for those
| keeping count) and affects patch management/deployment decisions.  


Beware of undisclosed Microsoft patches

,----[ Quote ]
| Forget for a moment whether Microsoft is throwing off patch counts
| that Microsoft brass use to compare its security record with those
| of its competitors. What do you think of Redmond’s silent patching
| practice?


Microsoft : Arrogance leads to Vulnerability

,----[ Quote ]
| Chatting with the Microsoft senior sales people, I was struck by
| their incredible arrogance. They know the company?s products are good,
| but they have no qualms whatsoever about charging top dollar as a
| result.
| It reminds us how Microsoft used to behave when it comes to their
| products' security records. IE5 and 6 were nothing short of being
| proper Swiss Cheese with loads of holes in them but hey, they had 95%
| of the browser market at that time and couldn't care less.

Version: GnuPG v1.4.9 (GNU/Linux)


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index