|
| Top
Security News |
Storm Worm Storms Back
ZIP files in password protected email bodies have replaced EXE files as the payload of choice for delivering Storm worm files to unsuspecting users. Storm worm downloads have been flying around the Internet in...
Study: Data Breaches Break Consumer Trust
E-commerce sites that have not been diligent in protecting their consumer information from attacks may find their customer bases drop off as a result.If you want to keep people visiting your site, you need...
Patched Microsoft Flaw Threatens Universal PnP
Users of Windows XP and other versions as designated in the latest advisory should apply a fix to a critical problem in Universal Plug and Play as soon as possible. Patch Tuesday arrived from Microsoft bearing five bulletins on eight vulnerabilities in their products.
Google Nailed For Copying Sohu Software
Google has been caught appropriating software developed by Chinese search engine Sohu.com for the purpose of easing the way for typing Chinese Chinese characters into an application. The rollout of...
Kaspersky Products Patching Problems
Security firm Kaspersky had to patch vulnerabilities in their products that could have resulted in theft of files or remote code execution.Kaspersky has fixed flaws in its AntiVirus and Internet Security Suite products...
Yahoo Messenger Fixes ActiveX Flaw
A buffer overflow in the audio conferencing feature of Yahoo Messenger could have been exploited by attackers. Visiting the wrong website with an older version of Yahoo Messenger could have left a...
|
|
|
|
Microsoft Word had been the target of choice for attackers, but more active patching of Word issues by Microsoft has pushed malefactors to target PowerPoint.
The popularity of Microsoft's software product PowerPoint has made it synonymous with meetings and presentations. As a component of Office, PowerPoint has a place on millions of desktops world wide.
That breadth combined with relatively less attention paid to its flaws has led attackers to focus more on PowerPoint. Security firm MessageLabs found in a sample analysis of several hundred emails in March that PowerPoint had emerged as a common attack vector for the first time.
The company said the PowerPoint focus has largely come from one place:
For the first time, PowerPoint has emerged as the most common exploit vector, likely driven by the large number of attacks perpetrated by one gang using the same attack file, mostly originating from an IP address within Taiwan. Achieving notoriety as a carrier of typical email viruses, .exe files only accounted for 15 percent of the targeted attacks, while the more familiar Microsoft Office suite accounted for 84 percent of targeted attacks in March 2007.
The attacks seem to have an espionage aspect to them, judging by their targets:
Other characteristics of these attacks include that they are typically timed to arrive during the busy workday and rarely over a weekend and most commonly target these five industry sectors: electronics, aviation, public sector, retail and communications.
Attacking during the workday indicates a hope that a busy person will activate the attack without checking the message too closely. The pattern of attacking sensitive industries and government has been seen before, notably last year in Great Britain where security researchers said these attempts originated in China.
DoubleClick To Google Deal Threatens Privacy: While Microsoft and AT&T have complained of possible antitrust violations with Google's purchase of DoubleClick, privacy concerns have been raised as well.
One scenario of how Google and DoubleClick interaction could disrupt someone's privacy comes from a ScrippsNews report:
Mark Welch, an Internet marketing consultant in Hayward, Calif., offers this scenario:
"Let's say your wife is unhappy and has been going online to look for divorce attorneys. Then you go online later and visit the New York Times site, and a banner ad comes up for a divorce attorney."
Clearly this represents a unique opportunity for that lawyer, who has gotten his name into a household that may desire his services. But has the wife's privacy been violated? Has her otherwise private search resulted in an unintended revelation for her husband?
Perhaps that will become a selling point for Yellow Pages publishers: Anonymous Business Searches For Over A Century.
About
the Author:
David Utter is a technology writer for SecurityProNews, WebProNews, and InternetFinancialNews.
|
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
