|
| Top
Security News |
Microsoft's Long Year Of Zero-Days
From May through December 2006, Microsoft endured the emergence of ten zero-day exploits affecting their products. When it came to the potential for a large number of people to experience problems stemming from attacks against software, Microsoft...
CAN-SPAM
Has Minimal Spam Impact
About three years after the debut of the CAN-SPAM act, very little impact has been made on the volume of spam deluging inboxes, a problem that has worsened each year Since CAN-SPAM was enacted on...
QuickTime Issues Still Plague Websites
Similar to the issue that allowed the MySpace worm to parade through the popular social networking site, another flaw in Apple's QuickTime can be exploited. Windows and Mac users are vulnerable to a pair of security issues with QuickTime. Any website...
Data Thieves Drop In On Your Phone
Spyware geared toward stealing data from a mobile device has been spotted accompanying phone-infecting viruses; this early effort probably signals more sophisticated attacks are in the offing.
Keeping An 'eEye' On Zero-Day Exploits
Marc Maiffret's eEye security firm has launched the Zero-Day Tracker, a website where the company will post and archive information on vulnerabilities hit by zero-day exploits. When a patch emerges from a prominent software company like Microsoft...
|
|
|
 |
|
Escalating efforts to increase the capabilities of rootkits could lead to them becoming a greater presence on the computer security landscape.
Rootkits have not been very common, but when a machine has been rooted they are a complete pain in the gluteals to remove. They are nearly impossible to detect, and criminals have built modern ones that can evade the most common software methods of finding them.
Symantec's Vincent Weaver brings this and other less than cheerful news to security professionals everywhere. In a summary of threats in 2006, he noted the aggressive attacks will be more common in 2007.
Online fraud persists as a problem. Weaver said Symantec has observed about seven million phishing attempts per day taking place. Along with spam, phishes that incorporate VoIP or SMS as a component in their scams have been observed.
Zero-day exploits, attacks created upon revelation of a previously unknown vulnerability, also grew in number in 2006. Weaver said the average time to develop a patch for one took 31 days, compared to a three-day average to create an exploit.
When it comes to rootkits, the potential issue of security becomes even more daunting. Compared to typical viruses and worms, rootkits haven't been as numerous of a threat. That could be changing, as Weaver said his company has seen more mainstream adoption of rootkits as well as polymorphic threats.
Another Symantec staffer discussed rootkits, specifically the Rustock variants. Mimi Hoang wrote how the newest version of Rustock poses more of a problem than the first iteration:
The second version of Rustock, named Rustock.B, employs even more sophisticated techniques than its predecessor - the original Rustock.A. Its advanced rootkit techniques, unique way of system hooking, and use of a polymorphic dropper (combined with a spam component) allow it to hide from many antivirus and antispyware vendors, as well as bypass firewalls and many rootkit detectors.
Firewall evasion likely became more of a concern for criminals when Microsoft dropped a firewall into Windows XP. Threats that tried to hook into services open to the Internet were blocked by firewalls. A shift to application exploits, like those that target Microsoft Office or Internet Explorer, has taken place.
Already, exploits for the newest operating system, Vista, have been created. That OS becomes available to the consumer market next month. It won't be time for people, especially security pros, to relax.
About
the Author:
David Utter is a technology writer for SecurityProNews, WebProNews, and InternetFinancialNews.
|
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
