research the vector. close the
door.
|
|
|
December 2005 VECTORBLOG
December 31, 2005 closing The WMF vulnerability and exploit hype is rolling now. It may turn out to be the worst vulnerability ever, but I tend to doubt it. There is no telling exactly where the malware may go from this holiday-released code, but it better get there quickly, the patch cycle is scheduled for January 10.
Happy New Year.
December 23, 2005 wrap-up bandwagon It's that time of year for the "year end round up," so here is our submission. It is a part fact, part opinion review of attacks of 2005 and possibilities for 2006. "Predictions?" you groan, yes a predication or two is included. For the most part, why would anyone expect to see anything different from 2005? As has been stated in this space before, go with what works - and email scams work. Last year lots of people said mass mailers were dead. We said that's crazy. And in 2005 the top malware attackers were email worms. Check out the lowdown: "Vector Report 2005" and the PDF.
December 21, 2005 looking out The concept of a "neighborhood watch" has caught on in many places - it's a nice idea, people keeping an eye on their surroundings, a communal warning system. On the Web there's a little of that notion, there are quite a few sites dedicated to helping everyone steer clear of phishing attempts. Do organizations that make money or provide services via the Internet have a responsibility to monitor threats directed at their own customers?
Maybe there's good reason not to provide such a service. With the litigious nature of many customers, would one be liable for losses if you warned people about phishing directed at your customers and then they fell for something anyway - implied negligence? Would your company look digitally weak because phishers took aim at your logo? Maybe so, that is a concern that is warranted when considering the average phishing intelligence across the board.
A new article is posted in Emergency Preparedness today concerning the needs of both customers and organizations with respect to phishing. Check it out: Customer Advocate and as a PDF.
December 19, 2005 of the essence The review of exploit times with regards to Microsoft security announcements is complete for 2005 with the last installment of "Just in Time: September - December" (and PDF). Overall, my opinion would be that it was a good year for Windows (with no overwhelming worm outbreak), but there is still room for tweaking the patch release process. There are a few instances, notably at the beginning and end of 2005 where out-of-cycle offering may have been welcomed by administrators. In these cases, there does not need to be an automatic release, just an "available" release for those wanting to close a vulnerability that has special significance for their enterprise. We'll see. Any thoughts? Send them our way.
December 18, 2005 through the snow Dasher hit in the wake of Microsoft's December bulletin announcement. The worm takes advantage of one of last month's vulnerabilities: the MSDTC flaw (MS05-051). Check out the mechanics of this worm here.
December 16, 2005 complete set Barring an extraordinary catastrophe requiring additional security patches, we now have a complete set for 2005 form Microsoft with the two bulletins released this week. One of which is a fix for the IE flaw exploited by some Trojans already. Get the breakdown in the usual spot, as well as the XLS and CSV versions of the tables.
The complete listings for the year are out now: rolled up into CSV files. There's the full list (with reference table based on what was supported/requested at the time) and a short file with just bulletins and links.
December 9, 2005 surprised? Information Week is running a story on a survey that shows most people vulnerable to the tricks of phishers. This does come as a surprise to me, someone who thought the phishing game worked because 3% of each flood of attemtps were successful, not ten time that rate. http://www.informationweek.com/story/showArticle.jhtml?articleID=174904945
One other thing that came out of the article that should be noted for Microsoft: the number of households with properly configured firewalls jumped up from 28% to 58%, due to installation of XP's SP2. Now, the firewall can't stop phishing attempts, but it does make worm writer a little more frustrated.
December 7, 2005 anecdotal evidence Of course, it is not worth a whole lot, even from a site that keeps an eye on malware trends, but it sure seems like Sober.X/CME-681 is pushing more copies, not less as the week goes on. There are boxes @infectionvectors.com that have double and triple the number of copies from last week. Oh well, unscientific polls and all...
December 1, 2005 wrong line of work Continuing with thoughts about retailing and cyber crime, I came upon a very interesting quote that was part of a Reuters story used in the Holiday Scheming article. Valerie McNiven, US Treasury advisor notes that cyber crime raked in approximately US$105 billion in 2004.
This story can be found at ComputerWorld among other places:
The presentation puts the tally against drug trafficking, showing that the Internet is a pretty lucrative place to turn a dollar for a criminal. But, what is even more astounding to me is that US$105 billion represents more revenue than EVERY US-based Internet sale just 2 years ago (2003). The citation (Jack Love, June 2004, Internet Retailer): http://www.internetretailer.com/article.asp?id=12109
In 2003, there was just over US$70 billion in US sales. According to the US Census site, e-commerce sales in the United States were around US$70 billion in 2004. http://www.census.gov/mrts/www/data/html/04Q4.html
Worldwide statistics seem a little harder to come by, but I saw estimates for 2004 around US$225 billion - which would be a rather surprising 2:1 ratio of legitimate to criminally harvested dollars via the Web. How long before the criminals are consistently making more than legitimate retailers online? How long could the Web hang on at that rate?
|
Copyright Ó 2005 infectionvectors.com. All rights reserved.
