On mySimon: Chinese Laundry Top Over-the-Knee Boots
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 50 of 67:
Next »
« Previous
IE is better for criminals:Blended attacks
http://www.safecenter.net/UMBRELLAWEBV4/ie_unpatched/index.html
Unpatched Internet Explorer Bugs
There are currently 24 items, updated on 2004/01/27 UTC+800

Symantec Internet Security Threat Report

http://downloads.securityfocus.com/library/InternetThreatReportSept2003.pdf
QUOTE
Blended-Threat Targets
MICROSOFT IIS VULNERABILITIES
Microsoft IIS is one of the most widely deployed Web servers throughout the world. Symantec has documented several high-severity vulnerabilities affecting it. Their characteristics render these vulnerabilities attractive targets for future blended threats. Given Microsoft IIS s susceptibility to past blended threats such as Code Red and Nimda, Symantec believes that it may again be hit by highly destructive malicious-code attacks.

MICROSOFT INTERNET EXPLORER VULNERABILITIES
Several vulnerabilities allow attackers to compromise client systems through Web pages containing embedded malicious code. Others can enable the easy and almost undetectable installation of spyware, which allows attackers to extract confidential data.

THEFT OF CONFIDENTIAL DATA
The release of Bugbear and its variant Bugbear.B (discovered in early June 2003) were good examples of theft of confidential data. Once systems were infected, confidential data was extracted such as file names, processes, usernames, keystrokes, and other critical system information, and delivered to a third party, potentially compromising passwords and decryption keys. Furthermore, it appears that the creator of Bugbear specifically targeted banks. During the first half of 2003, Symantec saw a 50% increase in confidential data attacks using backdoors. By granting access to compromised systems, backdoors allow data to be exported to unauthorized individuals. For example, entire sessions can be logged, and passwords for systems and applications can be taken. Companies need to implement controls that make it difficult for malicious code to steal confidential data, such as updated firewalls, patch management policies, intrusion detection, virus protection, and so on.

ATTACKERS EXECUTING COMMANDS FROM THOUSANDS OF INFECTED SYSTEMS
Once a system is compromised, an attacker can install malicious code known as a bot that allows the attacker to use the system for future scanning or as a launching point for future attacks (such as planned, distributed denial-of-service attacks). Once a system has become infected, the attacker can maintain a running list of the entire botnet (network of infected systems) by simply issuing commands through Internet Relay Channel (IRC is a common communication channel used by bots). Afterwards, all listening bots (sometimes numbering in the thousands) will execute any command issued by the attacker. Symantec examined an automated tool like this, which accounted for supposable Nimda (blended threat) traffic, after it was captured in a Honeypot network3.

CONCLUSION
The evidence in this report clearly shows that the risk of blended threats and attacks is rising. Understanding how to budget for security and what products and services are needed will involve some of the most important decisions that every corporation faces in the 21st century. The trends that we discuss in this report help executives understand some of the threats faced by their systems administrators every day.
UNQUOTE
Posted by: David Mohring   Posted on: 01/29/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

2002-09-29:Why Linux will conquer the world  David Mohring | 01/29/04
That was actually pretty good  el1jones | 01/29/04
Updated links  David Mohring | 01/29/04
Excellent post...  prime21 | 01/29/04
I'm curious about something  IT_User | 01/29/04
What entices vendors...  prime21 | 01/29/04
For one thing:The insanity of software methord patents  David Mohring | 01/29/04
Funny  MEMSmaker | 01/29/04
Even funnier  Michael Kelly | 01/29/04
Funnier Still  MEMSmaker | 01/29/04
atleast stick to one story  ryusen | 01/29/04
I'm confused by your logic  Richard Flude | 01/29/04
what, no links?  MEMSmaker | 01/29/04
I think most of us already know this  Jose Jimenez | 01/29/04
ok, so what  MEMSmaker | 01/29/04
just to point it out  voska | 01/29/04
Symantec Internet Security Threat Report  David Mohring | 01/29/04
Sorry to disappoint  Michael Kelly | 01/29/04
All M$ User Have To Do  nikoli | 01/29/04
Completely incorrect...  prime21 | 01/29/04
So You're Going To Put Linux On  nikoli | 01/29/04
Of course  Bobby Sskcat | 01/29/04
So this doesn't apply  nikoli | 01/29/04
Yes and No...  prime21 | 01/29/04
And if you knew anything about Linux....  Jose Jimenez | 01/29/04
how many times?  MEMSmaker | 01/29/04
Until people like you and Nikoli understand....  Jose Jimenez | 01/29/04
i understand  MEMSmaker | 01/29/04
the masses?  ryusen | 01/29/04
Riddle me this..  Patrick Jones | 01/29/04
Exactly !!!  nikoli | 01/29/04
execute attachments?  dwest_z | 01/29/04
The Real World  voska | 01/29/04
Microsoft software is slapped together by a bunch of UNDERpaid programmers  DanIelWalker_z | 01/30/04
There's hogwash  IT_User | 01/29/04
isolated incidences  MEMSmaker | 01/29/04
Misconceptions?  IT_User | 01/29/04
no agreement on that  MEMSmaker | 01/29/04
Have seen the "study"  IT_User | 01/29/04
Interesting enough..  Patrick Jones | 01/29/04
And that was a bizarre assumption!  IT_User | 01/29/04
Microsoft is job security  voska | 01/29/04
nope, not funny at all  ryusen | 01/29/04
VHS tapes and M$N forever  prrawlins | 01/29/04
Well, hopefully nothing will dominate  FilledOut | 01/29/04
i can agree  MEMSmaker | 01/29/04
Yeah, we've seen the data  Jose Jimenez | 01/29/04
MS doesn't crush competition by offering superior products  criderja | 01/29/04
ie is better  MEMSmaker | 01/29/04
IE is better for criminals:Blended attacks  David Mohring | 01/29/04
Try using the new  voska | 01/29/04
apearences  ryusen | 01/29/04
Opera is better...  wploger | 01/29/04
better, faster, cheaper  jseigfreid | 01/29/04
When was the last time you tried it?  Jose Jimenez | 01/29/04
linux install?  ryusen | 01/30/04
Yes we have  openMind | 01/29/04
M$N forever  prrawlins | 01/29/04
No, $un forever  FilledOut | 01/29/04
Thanks everyone  MEMSmaker | 01/29/04
Microsoft advocates urinating directly into a heavy wind  David Mohring | 01/29/04
Pot, kettle, black. lower ground  FilledOut | 01/29/04
linux who?  izzy70 | 01/30/04
Fear, Uncertainty, and Doubt  Jose Jimenez | 01/30/04
www.LinuxCAD.com  yelenavt@... | 01/30/04
And you can suck right on site...  yelenavt@... | 01/30/04
Mac OSX: Unix-based & a single standard  YuridaMan | 02/01/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline