|
2003
viruses caused $55B damage, antivirus firm says
Story by
Jennifer Tan
JANUARY
16, 2004 ( REUTERS ) - Computer virus attacks cost global
businesses an estimated $55 billion in damages in 2003, a sum that
would rise this year, said Trend Micro Inc., the world's
third-largest antivirus software maker. Companies lost roughly $20
billion to $30 billion in 2002 from the virus attacks, up from
about $13 billion in 2001, according to various industry
estimates.
"The economic and financial impact of virus attacks will
continue to climb in 2004," Lionel Phang, Trend Micro's
Managing Director told Reuters in an interview. He did not have a
forecast for the year.
Spam threats and network viruses will likely become more prevalent
in 2004, he said. "The spam threat will increase
exponentially, and will become the hideouts for viruses and
hacking programs trying to gain an entry into the network,"
he added. More....
PayPal
scam tries to jumpstart new Mimail worm
Virus
authors are using spam to spread a new version of the Mimail worm
Story by Paul Roberts
JANUARY 15, 2004 ( IDG NEWS SERVICE ) - After releasing a new
version of the Mimail e-mail worm last week, virus authors are
using a new tool this week to help it spread: spam e-mail
containing a Trojan horse program that, once installed, retrieves
and installs the worm. The new threat, which targets customers of
eBay Inc.'s PayPal online payment service, highlights a growing
trend in which online criminals combine computer viruses, spam
distribution techniques, Trojan horse programs and "phishing"
scams to circumvent security technology and fool Internet users,
said Carole Theriault, security consultant at Sophos PLC in
Abingdon, England. More....
Virus
alert: Beware of dodgy Bagle
Andrew Colley
ZDNet
Australia
January 19, 2004 Computer security experts fear a new worm - Bagle-A
- which began spreading rapidly across Australian email overnight
could be a rehearsal for a more concerted worldwide attack in
coming weeks.
According to Daniel Zatz, security director for Computer
Associates Australia, Bagle-A carries an expiry date, possibly
indicating more robust versions of the worm could be slated for
release soon - drawing comparison to the Sobig worm.
According to Zatz, while Bagle-A is already successful,
responsible for an alarming 80 per cent jump in queries to CA's
help desk and in virus submissions to rival computer security
company Sophos, the current version of the worm contains bugs. More....
HP
patches critical security holes in Tru64 Unix
By Munir Kotadia, Special to CNETAsia
Monday, January 19 2004 10:18 AM
Vulnerabilities have been found in HP's high-end Unix operating
system that could allow attackers to take over a server or knock
it offline.
Critical security vulnerabilities in HP's Tru64 Unix operating
system were patched last Friday after it was discovered that
implementations of IPsec and SSH programs, which carry VPN and
secure system command traffic, were vulnerable to attackers.
The vulnerabilities are an embarrassment to HP because both were
found in vital components of the operating system and both could
enable malicious users to either take control of a machine or
launch a denial of service attack. SSH, a secure Telnet program,
is used to securely send commands to a server, while IPSec is used
to create virtual private networks to carry encrypted information
over the Internet between two computers. More....
Standardizing
on Security
The Linux standards group publishes 565 pages of
data describing a standards-compliant Linux package. So why aren't
any of them about security?
By
Hal Flynn Security Focus
Things that are created in an open fashion tend to be the best of
breed. They benefit from the entire world seeing them at their
most basic level, and parties collaborating to enhance them and
make them better. Open technology is an example of this.
The Internet would be very different today had it not been built
on the open model. Through Requests For Comments (RFCs), Internet
Engineering Task Force drafts, and other open forums, the
development and discussion of ideas and technologies has
flourished into standards that, despite their age, are as good now
as when they were conceived. In most cases, open is best, because
it produces the best results. More....
Is
SSL security over-hyped?
NetworkIT
week
At the
start of the year I wrote about the benefits of web-based
alternatives to the traditional virtual private network (VPN), and
how they would use the Secure Sockets Layer (SSL) protocol to
handle the necessary encryption. Since then, it seems, the world
has gone SSL mad, and many analysts predict exponential growth,
the like of which we've not seen since before the dot-com crash.
In its World SSL VPN Products Market report, analyst firm Frost
& Sullivan forecasts sales of just under $90m (£52m) this
year, rising to $1bn (£660m) by the end of 2008. More....
Agriculture epidemics may hold clues to Net viruses
By Robert Lemos
Staff Writer, CNET News.com
In studying the effects of last summer's MSBlast worm, some security experts turned to an unlikely source in search of clues to the prevention of computer epidemics: plants.
Their idea was inspired by parallels that scientists are drawing between the proliferation of computer viruses and the spread of agricultural catastrophes such as Dutch Elm Disease, which has devastated a small variety of American elms since crossing the Atlantic decades ago. Like Dutch Elm, MSBlast was a single foreign entity that infected extremely susceptible hosts of an entire population--in this case, of Windows computers.
More....
Flaws threaten VoIP networks
A technical review conducted by the British government has found several security flaws in products that use VoIP and text messaging, including those from Microsoft and Cisco Systems.
The flaws affect software and hardware that support the real-time multimedia communications and processing standard, known as the International Telecommunications Union (ITU) H.323 standard.
The security problems can cause a product that supports H.323 to crash. For example, in Cisco telecommunications products running its IOS operating system, the vulnerability could be used to cause the devices to freeze or reboot. However, on Microsoft's Internet Security and Acceleration Server 2000, which is included with Small Business Server 2000 and 2003 editions, the vulnerability could allow an attacker to take control of the system.
More....
Vulnerabilities
|
16 January 2004
|
|
15 January 2004
|
|
13 January 2004
|
Advisories
|
16 January 2004
|
|
15 January 2004
|
|
14 January 2004
|
|
13 January 2004
|
|
12 January 2004
|
|
|
Security Products:
Intrusion
Detection Systems
Vulnerability
Scanners
Firewalls
Management
Virus
Control
Services
- Security audit
- Perimeter Vulnerability Scan
- Router/ switch optimization for
security
- Firewall checking and configuration
- VPN Design and Implementation
- Network design
- network based application analysis
- Network Baselining
- Security baselining
|
|
