Spyware, Viruses, & Security forum

General discussion

News - January 5, 2005

Viewing 2004: The security threats

By Will Sturgeon Silicon.com January 4, 2005, 6:04 AM PT

"2004 has been the year of phishing." Those were the words of Steve Purdham, CEO of SurfControl. And in the mind of many within the security industry they succinctly sum up the year for security vendors and consumers alike. All major vendors appear to agree, for once.

Of course if it really was that simple then security during 2004 wouldn't have been the story it was and wouldn't have continued to drive the levels of spending which it inspires. But as summaries go it's pretty much "on the money."

And money was a huge issue this year. It was the reason why we saw many of the threats we did and a portentous coming together of the usual suspects.

Graham Cluley, senior technology consultant at Sophos, told silicon.com: "During the course of the year we have seen a real shift in the reasons why people write viruses. Two or three years ago, and even up until last year, there was this frat-boy mentality--the kids in their mums' basements trying to cause mischief or impress their mates."

And it wasn't just viruses, according to Kevin Hogan, senior manager for Symantec security response EMEA, "mischief and gaining kudos among their peers" has been replaced by the realization that there is serious money to be made from phishing, spam, spyware, viruses and worms. And it's the reason why many of those threats and their perpetrators are joining forces.

more here
Discussion is locked
You are posting a reply to: News - January 5, 2005
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: News - January 5, 2005
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Spam joins pounds on New Year's 'to shed' list

In reply to: News - January 5, 2005

By Ed Frauenheim CNET News.com January 4, 2005, 3:35 PM PT

Tim Rechin didn't wait until the end of the holidays to wade through a mountain of work e-mail.

Instead, the manager at software firm Elance checked his e-mail from his home--as well as his parents' home and his in-laws' home--about every other day last week. Ostensibly off-duty, he spent hours sorting through his in-box hoping to start 2005 on a productive foot rather than buried in spam upon his return to work.

Spam overload after a few days out of the office is nothing new. But it tends to be more pronounced after the new year, when many workers return en masse from a week or more off.

"Unless you use an intricate organization system, you get this deluge of e-mail," Rechin said. "Most of the time gets spent trying to tell if it's of value."
Rechin's in-box, which typically gets about 80 messages a day, was far from the fullest this holiday season. One CNET News.com reporter returned from a 10-day vacation to discover he'd received more than 60,000 pieces of spam caught by various filtering programs. Another 8,100 messages landed in his in-box, of which more than 7,600 were spam that had to be deleted by hand.

more here

Collapse -
Preparing for a doomsday attack

In reply to: Spam joins pounds on New Year's 'to shed' list

By Charles Cooper CNET News.com January 4, 2005, 12:04 PM PT

The Internet has withstood major assaults to bring the system crashing down, but each new cyberattack raises the specter of a doomsday scenario.
What if terrorists launched a physical attack in combination with a major cybersalvo aimed at bringing the Internet to its knees? Because of the increasing overlap between the various energy, electrical and communications grids, the potential risk is no longer theoretical.

It's a chief concern for VeriSign CEO Stratton Sclavos, whose company is the leading provider of domain name registrations. Currently, VeriSign processes more than 14 billion daily queries, on average, in its operation of the .com and .net infrastructure. The company's new ATLAS system-- short for Advanced Transaction Lookup and Signaling System--is designed to accept more than 100 billion queries per day and 25,000 updates per second.

Sclavos recently sat down with a group of reporters and editors from CNET News.com to discuss the state of cybersecurity, the future of the Internet Corporation for Assigned Names and Numbers (ICANN), and directions for his company in 2005.

more here

Collapse -
eBay fights back against phishers

In reply to: News - January 5, 2005

By Stefanie Olsen CNET News.com January 4, 2005, 1:23 PM PT

eBay has moved to squelch spoofed e-mail bearing its name by introducing a private mail service.

In recent weeks, the online auctioneer introduced My Messages, a free, personalized in-box for eBay customers that contains communications only sent from eBay. That way, members can be sure to avoid spam in disguise or phishing scams designed to lure people to a fake eBay Web site in order to capture credit card numbers or other personal information.

"You'll know that the messages you get from eBay are truly from eBay," said Chris Donlay, a spokesman for the online auction company. "This is one way to fight spoof e-mail and phishing."

Phishing is one of the fastest-growing forms of personal fraud in the world. While consumers are the most obvious victims, the damage spreads far wider--hurting companies' finances and reputation and potentially undermining consumer confidence in the safety of e-commerce.

Such scams are a growing headache for companies online, but eBay and its financial payment service PayPal may be among the most targeted because of eBay's brand name and massive marketplace. Financial institutions and online retailers are also the targets of e-mail scammers, according to the Anti-Phishing Working Group.

more here

Collapse -
Giant step for Microsoft spyware killer

In reply to: News - January 5, 2005

By Christophe Guillemin ZDNet France January 5, 2005, 5:49 AM PT

Microsoft is putting the finishing touches on its spyware killer, which is based on technology from a recently acquired company, Giant Software. The beta version is expected to debut in a few days.

Microsoft's December purchase of Giant, a small U.S. publisher of spyware detection software, put Microsoft in a position to offer an antispyware application of its own. Spyware is software that can, among other things, inundate users with unwanted pop-ups and surreptitiously monitor a computer's activity.

The technology enthusiast Web site Neowin.net has just published the first screenshots of the beta version, putting a release date of Thursday on the beta.

more here

Collapse -
Symantec, Veritas reach out to investors

In reply to: News - January 5, 2005

Published: January 5, 2005, 12:21 PM PST

Faced with muted enthusiasm from investors, Symantec and Veritas outlined their case to shareholders Wednesday over the benefits of their pending $13.5 billion merger that will marry the security giant and a leading storage company.

Symantec, which announced plans last month to acquire storage vendor Veritas, is hoping to become the one-stop shop for chief information officers looking to consolidate the number of vendors they use. The new company would offer CIOs data storage, security protection and information recovery technology.

The CEOs--Symantec's John Thompson and Veritas' Gary Bloom--said their customers, partners and an assortment of hardware vendors have responded to the merger in a "positive fashion," but investors have yet to fall in line. Thus came Wednesday's Webcast pitch--the companies will need their investors, as well as regulators, to sign off on the deal.
"The deal will close sometime in the second quarter of this calendar year. We don't expect any regulatory issues, since there is no product overlap, and, as investors begin to understand the merger, we don't think this will be an issue," Thompson said during the Webcast.

more here

Collapse -
Firefox phishing vulnerability discovered

In reply to: News - January 5, 2005

A vulnerability in Firefox could make users of the open source browser more likely to fall for phishing scams. Secunia Research has discovered a vulnerability in Mozilla / Mozilla Firefox, which can be exploited to spoof the source displayed in the Download Dialog box. The problem is that long sub-domains and paths aren't displayed correctly, which therefore can be exploited to obfuscate what is being displayed in the source field of the Download Dialog box.

The vulnerability has been confirmed in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows, and Mozilla Firefox 1.0. Other versions may also be affected. Currently, no solution is available. However, the vendor reports that this vulnerability will be fixed in upcoming versions of the affected products.


Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Best Black Friday Deals

CNET editors are busy culling the list and highlighting what we think are the best deals out there this holiday season.