Week in review: Aurora prevention, RSA Conference, and Mariposa botnet takedown

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Severe IE vulnerability threatens Windows XP users
News of a newly discovered bug in VBScript and Windows Help files in Internet Explorer that could allow a remote attacker to run an arbitrary command.

A 184% increase of malicious websites
The volume of spam saw an increase of 5,5 percent, and malicious websites of a whooping 184 percent since January, says the latest MessageLabs Intelligence report.

Top 7 threats to cloud computing
The Cloud Security Alliance and HP have presented new research findings that detail the potential threats linked to the use of cloud services.

Fake Virustotal serves malware
The reputation of VirusTotal, the well-known site that allows you to check if a suspicious file is malicious or not, is bound to be somewhat affected by the emergence of a malicious site that abuses the familiar name.

Q&A: Malware analysis
Greg Hoglund is the CEO and Founder of HBGary. He has been a pioneer in the area of software security. He wrote one of the first network vulnerability scanners, and created and documented the first Windows NT-based rootkit.

Video: RSA Conference 2010 showcase
In this RSA Conference 2010 video showcase, you can check out the look and feel of the event and the expo floor.

Can Aurora attacks be prevented?
Companies have been dealing with the breach in their own different ways, but what about those companies that haven’t been hit by these attacks? What can they do to prevent that from happening?

38% of IT managers ignore Web 2.0 risks
FaceTime’s fifth annual survey showed social media and Web 2.0 applications have been adopted by 99% of end users to support business processes, even though 38% of IT professionals believe there is no social networking present on their networks.

6 in 10 malicious URLs bypass AV scanners and URL filtering
A M86 Security report titled “Closing the Vulnerability Window in Today’s Web Environment” discloses both quantitative research on the percentage of Web threats correctly identified by URL filtering and Anti-virus scanning.

Massive Mariposa botnet shut down
Mariposa stole account information through infiltrating an estimated 12.7 million compromised personal, corporate, government and university IP addresses in more than 190 countries.

Quarantine and taxation to stomp out malware?
Is the quarantine of infected computers and setting up an internet usage tax the way to go about defusing the malware threat? Scott Charney, Corporate Vice President for Trustworthy Computing at Microsoft, seems to think so.

US cybersecurity plans revealed
Howard Schmidt unveiled the declassified abbreviated version of the Comprehensive National Cybersecurity Initiative at this year’s RSA Conference in San Francisco.

RSA authentication weakness discovered
The most common digital security technique used to protect both media copyright and Internet communications has a major weakness, University of Michigan computer scientists have discovered.

DHS casting its nets for cybersecurity experts
DHS Secretary Janet Napolitano announced a competition organized by the DHS, to which all security experts are invited to participate and share their ideas on how to raise cybersecurity awareness among the greater public.

Survey reveals IT skills in demand
Defying expectations amid a global recession, the (ISC)2 2010 Career Impact Survey revealed that more than half of information security professionals surveyed received salary increases in 2009, while less than five percent of participants lost their jobs.

Is there a solution to the ZeuS problem?
Zeus Trojan has for a while now become almost a synonym for banking malware. Its sneakiness and the ability of its makers to constantly change and adapt it would be admirable, were it not for the fact that it is used for criminal purposes.

Malicious files with fake digital signatures
Signing malicious files with fake signatures that at first glance seem authentic is one of the new methods used by malware writers to add an air of legitimacy to them and increase the probability of execution.

The cloud is changing how IT delivers services
Instant gratification may be the single greatest driver in the revolution that is fueled by virtualization and delivering software and services from the cloud.




Share this