- +
Is your boss a cybercrime target? 15 November, 2007 11:18:07
In one click, a CFO can have a big problem. If you're the IT manager, you're going to have one too.A CFO at a Fortune 1000 company holds his cursor over an e-mail that appears to be from a direct report. In reality, it's from someone he's never met, a criminal who's targeted and stalked the highly compensated executive, searching through company SEC filings and compiling personal details through corporate and social networking sites. - +
The 2007 security hall of shame 27 December, 2007 07:47:46
Bad breaches, ghastly gaffes and five people we'd like to forgetHow bad was 2007 for breaches, vulnerabilities and similar mayhem? On the bright side, it was better than 2008 is forecast to be. With more of every sort of meltdown predicted -- more criminalization of the hacker community, more Web-application attacks, more phishing, more spamming, more zero-day attacks and more virtualization-related threats -- we're happy to tell you that you are likely to look back on 2007 as the peaceful old days. - +
Mac e-mail showdown: Which program delivers? 12 October, 2007 12:01:08
Our reviewer weighs the pros and cons of Mail, Entourage and Thunderbird to see which one gets his stamp of approvalFor many of us, our e-mail client (mail program) chose us rather than the other way around. Apple's Mail sits in the dock of every new OS X-based Macintosh. If you're a Microsoft Office fan or liked Outlook Express back in the OS 9 days, inertia may have you using Entourage, Office's e-mail component. Or if you're partial to Web-based e-mail, such as Hotmail, Yahoo Mail or Gmail, you're probably using a browser by default to create, read and respond to e-mail. - +
True crime: The botnet barons 04 January, 2008 07:03:57
Two weeks ago, the feds revealed the names of eight people who had used botnets to engage in nefarious activity. Here are their storiesWhen federal agents announced on November 29 that they'd indicted or convicted eight individuals accused of using botnets (networks of computers infected with Trojan horse applications) to engage in criminal activity, the press release barely explained the nature and extent of the men's crimes -- or the investigations that led to arrests in an operation the FBI and other law enforcement agencies have termed Bot Roast II.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. CRM your salespeople will love
Dude! You Say I Need an Application-Layer Firewall?!
Taking On Demand CRM Integration to the Next Level
Email Archiving 101—Customer Case Study
Strategies for Eliminating .PST Files
Wireless LANs: Is my enterprise at risk?
Optimized Back-up and Recovery for VMWare for VMWare Infrastructure with EMC Avamar
Revolutionising Back-up and Recovery
Newsletter Subscription
Multiple hacker groups are using a "construction kit" supplied by the author of a Trojan horse program discovered in October 2006 to develop and unleash more dangerous variants of the original malware.
Already such variants have stolen sensitive information belonging to at least 10,000 individuals and sent the data to rogue servers in China, Russia and the US, according to Don Jackson, a security researcher at SecureWorks based in the US.
The stolen data includes Social Security numbers, online account information, bank account and credit card numbers, usernames and passwords, and other data that users would usually input during an SSL session.
The hackers are literally infecting thousands of users with one particular variant and once that version of the Trojan is blocked by antivirus, the hackers simply launch a new one in its place
The Prg Trojan, as it has been dubbed by SecureWorks, is a variant of another Trojan called wnspoem that was unearthed in October 2006. Similar to wnspoem, the Prg Trojan and its variants are designed to sniff sensitive data from Windows internal memory buffers before the data is encrypted and sent to SSL-protected Web sites.
The Trojans are programmed to send the stolen data to multiple servers around the world where it is stored in encrypted fashion and sold to others looking for such information. An analysis of log files on the servers storing the stolen data shows that a lot of the information is coming from corporate PCs, Jackson said.
The variants include a new function that allows them to listen on TCP port 6081 and wait for a remote attacker to connect and issue commands for forwarding data or for rummaging through files on the compromised system, Jackson said.
The newer variants are also more configurable and can be programmed to send stolen data to its final destination via a chain of proxy servers.
The new Prg variants encrypt stolen data differently from the original version, making older analysis tools obsolete, he said.
What makes the threat from the Prg Trojan especially potent is the availability of a construction toolkit that allows hackers to develop and release new versions of the code faster than antivirus vendors can devise applications, Jackson said.
The toolkit allows hackers to recompile and pack the malicious code in countless subtly different ways so as to evade detection by antivirus engines typically looking for specific signatures to identify and block threats, Jackson said.
The toolkit appears to have been developed by the Russian authors of the original wnspoem Trojan and comes complete with a three-page instruction manual in Russian instructing buyers how to use it. Originally, the kit appears to have been sold to other hacker groups for around $US1000. But more recently it appears to have been posted on an underground site, where others have been downloading and using it, Jackson said.
"The hackers are literally infecting thousands of users with one particular variant and once that version of the Trojan is blocked by antivirus, the hackers simply launch a new one in its place," Jackson said.
One of the groups using the construction kit has been naming its attacks after makes of cars, including Ford, Bugatti and Mercedes, according to a SecureWorks description of the Trojan. The group has been spreading versions of the Trojan by taking advantage of vulnerabilities in the ADODB database wrapper library and other components of Windows and Internet Explorer, according to SecureWorks.
That group alone may have snared data from more than 8000 victims. Data stolen by this group's Trojans are sent to servers based in the US and China, according to SecureWorks.
Another group using the toolkit has been naming its attacks using the letter "H" and has sent its variants via spam e-mails to various individuals, SecureWorks said.
One recent attack involved an e-mail with a subject line reading "HAPPY FATHER'S DAY". Data stolen by this group's Trojans is being sent back to servers in Russia. According to Jackson, many of those servers have separate staging areas on them with multiple versions of Prg Trojan programs that can be released as older versions get detected by antivirus software.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00
Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00
Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05
Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
- +
Corporate security and the climate crisis 03 October, 2008 11:21:00
How to adapt security and risk management policies - including IT security - to deal with climate change.US military strategists, CIA analysts, international agency officials and Nobel Prize winning economists concur with the consensus of the world's scientific community: the Climate Crisis is a planetary security issue, as well as a national security issue for each of the one hundred ninety two countries that belong to the United Nations. But the Climate Crisis is also, by extension, a corporate security issue, as well as, yes, a cyber security issue. - +
Companies own up to virtual security blind spot 02 October, 2008 11:05:00
VMWorld attendees reveal vast majority of companies have little or no security in place for their virtual systems.The vast majority of companies have little or no security in place for their virtual systems. That is a scary statistic revealed in a survey of attendees at the recent VMWorld 2008 conference in Las Vegas. - +
How to minimize the impact of a data breach 01 October, 2008 08:54:00
ID Experts' Rick Kam describes a customer-centric action planThirty-one percent of customers--nearly one-third of a company's client base and revenue source--are terminating their relationship with organizations following a data breach, according to a recent study by the Ponemon Institute. - +
Five mistakes security pros would make again 30 September, 2008 10:18:00
Whether it's getting fired for standing up for what's right or making a network configuration mistake that leads to better security, there are some mistakes worth making. Five security pros offer personal examples.Ten years ago, Michael Riva was network administrator for a top-five American consultancy. Employees were downloading graphic pictures and videos onto the network. Riva told his boss a proxy server with content filtering might be in order; his boss laughed and suggested they put in a bigger file server instead. - +
What does the financial meltdown mean for security? 29 September, 2008 10:25:00
Bill Brenner wonders if it's irrational or appropriate to make connections between the current financial crisis and the state of securityAt first, this was going to be a column about the PR machine's hyperbolic efforts to connect the state of IT and security with the current financial crisis. Indeed, some have shamelessly sent me story pitches that try to get some bang out of the Wall Street meltdown.
Multimedia Technology & EVERKI sign exclusive distribution agreement. 06 October, 2008 14:34:00
ONCE A YEAR OPPORTUNITY TO SPEAK TO THE VENDORS! 06 October, 2008 13:48:00
New IBM Cognos Analytic Application Enables Quick, Actionable Insights Into Financial Performance 03 October, 2008 14:41:00
Verizon Business Data-Breach Report Examines Industry-Specific Challenges 03 October, 2008 12:24:00
IBM Launches Cognos 8 v4 - New Business-Driven Performance Management Software 02 October, 2008 12:02:00
|
||
|
||
|
|
||
|
Best Practice in Building an Integrated Information Management Strategy
Discover the business value that creating an integrated information platform can bring. Learn how to provide consistent, accurate information to all stakeholders within your business network. Integrate vital data from disparate sources and deliver a trusted information foundation. Read on to uncover the stepping-stones to your new information management strategy.
Subscribe to CIO
