Profile of Gregg Keizer
News & Commentary Posts: 1659
Articles by Gregg Keizer
posted in August 2005
For the second day, the Times-Picayune, New Orleans' daily paper, published a Web-only edition, as like other businesses and the city's residents, it has had to abandon the city and deal with dislocation.
Farid Essebar, 18, also known as "Diabl0," may have written 20 variations of the Mytob mass-mailed worm and one version of the MyDoom worm.
Another Windows vulnerability disclosed earlier in August is ripe for exploit, security firm Symantec says.
Demand shut down the Weather Channel site for three hours, and caused slowdowns for other sites including CNN.com, ABCNews.com, and USAToday.com
In a filing to the SEC, Microsoft for the first time ever acknowledged that Mozilla's browsers pose a competitive threat. The company also said that security vulnerabilities in its own products leave it open to litigation.
As Hurricane Katrina lashed New Orleans and the central Gulf coast with winds that blew off parts of the giant Superdome's roof, charities geared up for relief efforts by posting appeals on their Web sites.
Finnish antivirus vendor F-Secure identified Farid Essebar, 18, who was arrested by Moroccan authorities, as the author of some Mytobs.
The FBI says two men were nabbed in Turkey and Morocco, and charged in connection with Zotob and the earlier Mytob and Rbot worms.
The current crop of Zotob bot worms could be modified without much trouble to attack PCs running Windows XP and XP SP1, says a Symantec executive.
This week marks not only the tenth anniversary of the release of Windows 95, but also the same landmark for Microsoft's browser, Internet Explorer, software that's been, by turns, an underdog, the root of the government's antitrust trial, and the cause of more security problems than any other single component of the operating system.
A look back on the $300 million publicity circus that marked the launch of Windows 95. Microsoft didn't even mark today's 10-year anniversary with a press release.
Microsoft advises XP users to be sure to upgrade to SP2, or at least apply the appropriate patch.
Spyware purveyors have dramatically expanded their distribution channels and infected an overwhelming majority of enterprise PCs, an anti-spyware vendor Webroot says.
Attackers are increasingly turning to stealthy rootkits to keep anti-virus vendors from detecting and deleting malicious worms or Trojan horses, a Russian security firm says.
After a tough week for system administrators, now they're getting blamed for lackluster patch management and contributing to the success of this week's bot worms attacks on Windows 2000 machines.
One of the week's dozen or so bots can be called the first "business" worm, agree some security experts.
Microsoft's Internet Explorer browser is vulnerable to an unpatched bug similar to one fixed last week, several security vendors said Thursday. Microsoft is investigating, the company confirmed in a security advisory.
Microsoft late Wednesday rushed out a new version of its Windows Malicious Software Removal Tool as one response to a bot worm attack that began earlier this week.
Don't panic. Take a breather. The Zotob bot attacks may be among the biggest of 2005, but they aren't anywhere near the level of last year's Sasser.
Think the Zotob bot worm sparked a mess? Just wait. Several security firms are warning computer users that a Bagle vs. Netsky-style battle between bots is underway.
While not infecting the Internet at large, the ongoing attack of multiple bot worm families stepped up Wednesday. Security experts estimated that so far more than 175 corporations have been hit with malicious code exploiting Windows 2000's Plug and Play vulnerability.
CNN reported late Tuesday that a worm had hit computers in its newsroom, those at ABC and the New York Times and some on Capitol Hill.
The speed with which the latest effort to exploit a week-old vulnerability in Windows was launched has security experts alarmed. They are urging users to move as quickly as possible to defend against hackers, once patches are announced.
Just five days after Microsoft divulged a critical vulnerability in Windows 2000, several bot worms began attacking unpatched systems using exploit code released by the same group responsible for the code used to construct the Sasser worm.
Exploit code for one of the most dangerous of the several recently disclosed "critical vulnerabilities" in Windows is already available on the Internet. Security firms warned Windows users to patch ASAP and also revealed evidence that hackers are trying to develop code that would successfully attack less-vulnerable Windows XP SP1 machines.
Security analysts say the latest vulnerabilities prove that Windows 2000, no matter where it is in Microsoft's support cycle, will continue to be a target for attackers.
The patch for Internet Explorer that Microsoft earlier this week urged users to install as soon as possible was flawed, the company says.
Microsoft issues six security bulletins for Windows, half of them carrying critical vulnerabilities, with the majority of the bugs able to be exploited remotely.
Microsoft's Strider HoneyMonkey research project sniffs out sites hosting malicious code, and turns the information over for patching or legal action.
Future worms may be able to slip through the early warning networks deployed by the likes of SANS Internet Storm Center and Symantec, researchers say.
A Forrester survey of over 68,000 U.S. households confirms that broadband users top all other types of Internet connections in terms of their online habits.
While the social-engineered scams typical of phishing are not going away, they are being replaced by more dangerous, and less directly deceptive technologies like keyloggers and site redirectors. These more sophisticated types of scams are growing at a faster rate.
Security at Cisco Systems remained front and center as the company confirms that it had to reset all passwords to its Web site because of a vulnerability in the search tool at Cisco.com.
Crooks find lax security makes ATMs easy pickings, after using the INternet to acquire account numbers and PINs.
Security experts and hackers at the DefCon conference, a follow-on to the Black Hat conference, are said to be working on an exploit based on potential exploits of existing vulnerabilities in Cisco's IOS (Internetwork Operating System).