Read up on the latest ideas and technologies from companies that sell hardware, software and services. Email Archiving Technical Overview
Improving Sales Productivity: An Opportunity for Sales and IT Leadership
Web Security SaaS: The Next Generation of Web Security
Mimosa™ NearPoint™ for Microsoft® Exchange Server: Email Archiving 101
Wireless LANs: Is my enterprise at risk?
Strategies for Eliminating .PST Files
Revolutionising Back-up and Recovery
Taking On Demand CRM Integration to the Next Level
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Security experts now believe that trojan, spam and malware protection software cannot adequately prevent system compromise by increasingly sophisticated rootkits.
Rootkits are used to conceal the presence of trojans, hacker backdoors, and botnets by cloaking their files and processes through modifying the output of common operating system routines. They grant administrator access to a system after a hacker installs them typically through obtaining user level access by exploiting known vulnerabilities.
Intelligent Business Research Services analyst James Turner said rootkits will be increasingly used in highly targeted attacks as they become more sophisticated and form a critical part of hacker arsenals.
"We are going to see rootkits used in highly targeted attacks where hackers will source, for example, a CFO's operating system and the typical applications they use, and then find a specific vulnerability based on these which allows a rootkit to be inserted," Turner said.
According to Turner, information security infrastructure is heating up through increased education and simulations of information security warfare, however he said the biggest problem is getting people who have been hacked to warn the public about it.
Rootkits can be classified as; kernel-mode, which intercept kernel interface calls and alter OS kernel data to conceal rootkits from process lists; persistent, which use the system registry to execute on boot; user-mode, which can use keyloggers and infect or masquerade as OS commands; and memory-based, which rely on manual user execution to operate.
The most critical exist in unpatched exploits in common applications, according to Chris Gatford, senior security analyst at penetration testing firm Pure Hacking.
"Microsoft Word has an unspecific exploit that has been unpatched for 47 days; if I were a hacker I would certainly target these kinds of exploits because the scope is so wide," Gatford said.
"Hackers are using the same spyware model but are distributing them with the next-level of rootkits."
Security firm Markets-Alert director Jeff McGeorge said rootkits are the frontline arsenal of hackers and are too sophisticated for rootkit revealers, and virus and spam protection software to combat.
"Rootkits are being dynamically inserted on-the-fly which means they can sit invisibly in a Web page's source code using a Windows cloaking function, and download on to your machine without raising any attention because they disable download warnings and spyware applications from flagging them," McGeorge said.
He said the rootkits use plug and play software drivers to gain access to the Windows kernel, where they generate dummy SSL session pages to capture user authentication details from packets, then completely uninstall and continue to monitor the victim's ports and IP address when the user leaves the infected Web page.
Computerworld Member Login
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
NetStar Networks Calls Brisbane Home 2008-10-13 12:01:00+10
New Verizon Business Managed Service Makes Collaboration Easier 2008-10-13 10:06:00+10
F-Secure achieves excellent results in Internet security suite comparison 2008-10-10 14:37:00+10
M2M Connectivity announces the new Sierra Wireless MC8792V embedded module for 900 MHz 3G/HSPA networks 2008-10-10 08:51:00+10
Pitney Bowes MapInfo Launches New Version of AnySite 2008-10-10 05:58:00+10
Realizing the Value of Unified Communications
Discover how the integration of disparate technologies in your company can lead to greater user productivity, improved management, lower costs, higher efficiency, and easier risk mitigation.
