Scaring the bejesus out of a lot of security folk this weekend is a new kind of phishing attack that doesn’t require the victim to do anything but visit the usual websites he might visit anyway. It works like this: The bad guy uses a weakness in web servers running Internet Information Services 5.0 (IIS) and… Read More »
Seems like the big anti-virus boys are waking up to Korgo, the ‘phishing worm’ that F-Secure was warning about a few days ago. Symantec have just issued an advisory upgrading W32.Korgo.F, a new variant of the worm, from a Level 2 to a Level 3 threat. As Symantec says, W32.Korgo.F is a worm that attempts… Read More »
How damaging are worms? Very, says Sandvine Inc, a Canada based Internet security company. It says that the main damage is on ISPs who lose bandwidth to them, and face daily Denial of Service attacks. “In fact,” Sandvine says in one new report (PDF, registration required), ”Internet worms and the malicious, malformed data traffic they generate… Read More »
Welcome to the phishing worm. Korgo, a new worm that appeared last week, scans for random machines to infect and attack, using a vulnerability in Windows called the LSASS flaw which was discovered in April, according to Internet Week. Korgo, also known as Padobot, then sits on users’ computers waiting for instructions from home. Most such… Read More »
Can we really keep out worms? An interesting piece from Information Security Magazine takes a look at a range of “antiworm” products which promise to contain worms by weeding out bad traffic. Among them: Mirage Networks, ForeScout, Check Point Software Technologies, Silicon Defense and IBM. They use different approaches, from looking for unfulfilled Address Resolution Protocol… Read More »