- +
Ticked Off at Tick the Box Mentality 04/02/2008 13:01:15
Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Web Security SaaS: The Next Generation of Web Security
Dude! You Say I Need an Application-Layer Firewall?!
Did you GET the memo? Getting you from Web 1.0 to Web 2.0 Security
Mimosa™ NearPoint™ for Microsoft® Exchange Server: Email Archiving 101
Radicati Market Quadrant 2008 on Corporate Web Security
Best Practice in Building an Integrated Information Management Strategy
Optimized Back-up and Recovery for VMWare for VMWare Infrastructure with EMC Avamar
Mobile Solutions Deliver Improved Efficiency to Star Track Express
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Name-brand Web sites such as Expedia.com and Rhapsody.com have been serving up malicious banner advertisements this week, researchers said Wednesday.
Rigged banner ads built with Flash have worked their way into the popular travel site of Expedia and into the advertising rotation of the Web site of RealNetworks' Rhapsody music-subscription service, said a pair of researchers at Trend Micro. Unwary users who click on the tricked-out banner ads eventually end up with malware installed on their PCs.
"Somehow, the bad guys are managing to get these malicious banners into the ad supply chain," said Paul Ferguson, a Trend Micro network architect. He and a colleague, Ivan Macalintal, a senior research engineer, declined to guess what tactic was used to place the banners on the sites, but they pointed fingers at ad networks.
"These sites are relying on the ad supplier to vet the ads," said Ferguson. "But they're not doing their job. They're not doing any vetting."
It's getting worse, added Ferguson. "This is a real problem," he said. "We've been seeing a lot more of this lately, especially in the last two months or so."
Ferguson credited Sandi Hardmeier, a Microsoft MVP (Most Valued Professional) who runs the "Spyware Sucks" blog, with first reporting the malicious ads coming from Expedia and Rhapsody. Hardmeier posted extensive notes on the two sites' behavior on Monday. She noted that the malicious banner served by Expedia originated from a domain well-known for pushing malware.
"This is an easy way for attackers to surreptitiously spread malware," said Ferguson.
Representatives from Expedia.com and Rhapsody.com did not respond to requests for comment.
That wouldn't surprise Ferguson, who said there was a "50-50" chance a site would react when notified of malicious ads stemming from its domain. "Some people don't think it's their problem, at least until someone publicizes it," he said. "They really need to share the responsibility with the ad suppliers. It's damaging their brand's reputation, after all."
Computerworld Member Login
Prioritizing Services with IT Service Management (ITSM)
Computerworld Live Webinar
Wednesday 20th, August 2008
11:00am EST (Sydney, Australia)
To be repeated on:
Thursday 4th, September 2008
11:00am EST (Sydney Australia)
Sign up and receive a free copy of The Forrester WaveTM Service Desk Management Tools, Q2 2008 at the conclusion of the Webinar.
Attend and discover:
- How to deliver value to your business through ITSM
- Best practice ITSM implementation
- Why emphasis is changing from optimizing IT management processes to better servicing customers and demonstrating real dollar value
- If service-oriented ITSM is best for your business
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Viva la Verticals! Key to Vendor Growth is Through Vertical Market Opportunities, Says IDC 2008-09-05 11:05:00+10
F-Secure delivers fastest protection in the online world 2008-09-04 16:50:00+10
NETGEAR expands ProSafe team as business-class products take off in SME market 2008-09-04 16:27:00+10
Rogue security apps dominate Fortinet's Aug 2008 IT threat report 2008-09-04 16:00:00+10
Adaptec Intelligent Power Management Reduces Storage Power Consumption Up to 70 Percent 2008-09-04 11:28:00+10
Wireless LANs: Is my enterprise at risk?
Achieve an overall understanding of the risks associated with wireless LANs. Discover their inherent properties, as well as what makes them different from wired networks. Read on to uncover a list of recently published articles on real-life breaches and incidents illustrating the need for proactive measures to mitigate wireless security risks.
