Security Vendor Issues Dec. Vulnerabilities List:
"Central Command Inc. on Thursday released its so-called Dirty Dozen list of top twelve viruses for December, 2003. The report is based on virus incidents confirmed through the Medina, Ohio-based company's Emergency Virus Response Team."
According to the company, the Gibe.C worm, with its HTML e-mail message that impersonated a Microsoft Web site, retained the top spot for December, a position that Klez.E held five times during the year.…
Gibe.C—21.4 percent
Klez.E—14.7 percent
MiMail.I—12.8 percent
MiMail.J—5.9 percent
BugBear.B—5.2 percent
MiMail.K—5.1 percent
MiMail.A—3.7 percent
Sober.C—1.9 percent
Nachi—1.6 percent
MiMail.C—1.6 percent
Hawawi.G—1.2 percent
Dumaru.A—1.1 percent
Others—23.8 percent
http://www.eweek.com/article2/0,4149,1425300,00.asp?kc=EWNWS010204DTX1K0000599
Friday, January 02, 2004
New Worm Spreads Via MSN Messenger:
"Anti-virus experts are watching a new worm that spreads through Microsoft Corp.'s MSN Messenger client. The worm is not harmful to infected machines and has infected only a few PCs at this point, according to an analysis by Trend Micro Inc.
Known as Jitux, the worm is self-propagating and contains a link to a Web site that automatically downloads an executable file named 'jituxramon.exe' to the PC. Once the file runs, the worm begins sending out copies of itself to all of the names in the user's Messenger contact list. The worm, first discovered Tuesday, is capable of spawning multiple instances of itself on one PC.… "
http://www.eweek.com/article2/0,4149,1424692,00.asp?kc=EWNWS010204DTX1K0000599
"Anti-virus experts are watching a new worm that spreads through Microsoft Corp.'s MSN Messenger client. The worm is not harmful to infected machines and has infected only a few PCs at this point, according to an analysis by Trend Micro Inc.
Known as Jitux, the worm is self-propagating and contains a link to a Web site that automatically downloads an executable file named 'jituxramon.exe' to the PC. Once the file runs, the worm begins sending out copies of itself to all of the names in the user's Messenger contact list. The worm, first discovered Tuesday, is capable of spawning multiple instances of itself on one PC.… "
http://www.eweek.com/article2/0,4149,1424692,00.asp?kc=EWNWS010204DTX1K0000599
Top Technologies of 2003:
"Anti-Spam Software and Services
As junk e-mail reached epidemic proportions this year, spam blockers rushed in to rescue ailing e-mail in-boxes."
Centralized Patch Management
Patches were the bane of IT managers' existence this year, and many have turned or are turning to centralized patch management to ease the burden (if not their ire over having to patch in the first place).…
http://www.eweek.com/article2/0,4149,1420259,00.asp?kc=EWNWS123103DTX1K0000599
"Anti-Spam Software and Services
As junk e-mail reached epidemic proportions this year, spam blockers rushed in to rescue ailing e-mail in-boxes."
Centralized Patch Management
Patches were the bane of IT managers' existence this year, and many have turned or are turning to centralized patch management to ease the burden (if not their ire over having to patch in the first place).…
http://www.eweek.com/article2/0,4149,1420259,00.asp?kc=EWNWS123103DTX1K0000599
Wednesday, December 31, 2003
An Unrepentant Spammer Considers the Risks:
"Alan Ralsky, according to experts in the field, has long been one of the most prolific senders of junk e-mail messages in the world. But he has not sent a single message over the Internet in the last few weeks.
He stopped sending e-mail offers for everything from debt repayment schemes to time-share vacations even before President Bush, on Dec. 16, signed the new Can Spam Act, a law meant to crack down on marketers like Mr. Ralsky.
He plans to resume in January, he said, after he overcomes some computer problems, and only after he changes his practices to include in his messages a return address and other information required by the law, the title of which stands for Controlling the Assault of Non-Solicited Pornography and Marketing. "
That is quite a switch for Mr. Ralsky, who has earned a reputation as a master of cyberdisguise. By his own admission, he once produced more than 70 million messages a day from domains registered with fake names, largely by way of foreign countries - or sometimes even by way of hijacked computers - so that the recipients could not trace the mail back to him.
Most experts in junk e-mail, known as spam, have dismissed the new federal law as largely ineffectual. And many high-volume e-mailers say the law may even improve the situation for them because it wipes away a handful of tougher state laws.
But Mr. Ralsky, who lives in a Detroit suburb, says the law's potential penalties - fines of up to $6 million and up to five years in jail - are making him rethink his business.
"Of course I'm worried about it," he said after the law was signed. "You would have to be stupid to try to violate this law."
No one is saying that e-mail in-boxes will be clean of spam any time soon. But the world is getting to be a much more hostile place for spammers, particularly those who send some of the most offensive messages. The biggest threat is not so much the new law, though it is expected to play a role in stepped-up enforcement, as the increased willingness of prosecutors to go after spammers.…
http://www.nytimes.com/2003/12/30/technology/30spam.html?pagewanted=all&position=
"Alan Ralsky, according to experts in the field, has long been one of the most prolific senders of junk e-mail messages in the world. But he has not sent a single message over the Internet in the last few weeks.
He stopped sending e-mail offers for everything from debt repayment schemes to time-share vacations even before President Bush, on Dec. 16, signed the new Can Spam Act, a law meant to crack down on marketers like Mr. Ralsky.
He plans to resume in January, he said, after he overcomes some computer problems, and only after he changes his practices to include in his messages a return address and other information required by the law, the title of which stands for Controlling the Assault of Non-Solicited Pornography and Marketing. "
That is quite a switch for Mr. Ralsky, who has earned a reputation as a master of cyberdisguise. By his own admission, he once produced more than 70 million messages a day from domains registered with fake names, largely by way of foreign countries - or sometimes even by way of hijacked computers - so that the recipients could not trace the mail back to him.
Most experts in junk e-mail, known as spam, have dismissed the new federal law as largely ineffectual. And many high-volume e-mailers say the law may even improve the situation for them because it wipes away a handful of tougher state laws.
But Mr. Ralsky, who lives in a Detroit suburb, says the law's potential penalties - fines of up to $6 million and up to five years in jail - are making him rethink his business.
"Of course I'm worried about it," he said after the law was signed. "You would have to be stupid to try to violate this law."
No one is saying that e-mail in-boxes will be clean of spam any time soon. But the world is getting to be a much more hostile place for spammers, particularly those who send some of the most offensive messages. The biggest threat is not so much the new law, though it is expected to play a role in stepped-up enforcement, as the increased willingness of prosecutors to go after spammers.…
http://www.nytimes.com/2003/12/30/technology/30spam.html?pagewanted=all&position=
Monday, December 29, 2003
Download details: Security Update for Windows XP (KB823980):
"This update addresses the vulnerability addressed in Microsoft Security Bulletin 03-026. Find out about more recent critical updates in the Overview section."
http://www.microsoft.com/downloads/details.aspx?FamilyID=2354406c-c5b6-44ac-9532-3de40f69c074&displaylang=en
"This update addresses the vulnerability addressed in Microsoft Security Bulletin 03-026. Find out about more recent critical updates in the Overview section."
http://www.microsoft.com/downloads/details.aspx?FamilyID=2354406c-c5b6-44ac-9532-3de40f69c074&displaylang=en
Revamping the Security Bulletin Release Process:
"Security Bulletins Expanded and Summarized by Product
Tools & Resources
The most significant change that the new security bulletin process will introduce for customers will be in the number and timing of security patches. Consequently, customers may need to revisit some of the processes they use for deploying patches. The following tools and resources will help customers evaluate, plan, manage and deploy security patches:"
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/revsbwp.asp
"Security Bulletins Expanded and Summarized by Product
Tools & Resources
The most significant change that the new security bulletin process will introduce for customers will be in the number and timing of security patches. Consequently, customers may need to revisit some of the processes they use for deploying patches. The following tools and resources will help customers evaluate, plan, manage and deploy security patches:"
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/revsbwp.asp
Security Bulletin Search:
"Microsoft Releases Enhanced Security Bulletin Search Tool"
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/current.asp
"Microsoft Releases Enhanced Security Bulletin Search Tool"
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/current.asp
Subscribe to:
Posts (Atom)
Posts
