Read up on the latest ideas and technologies from companies that sell hardware, software and services. Revolutionising Back-up and Recovery
Web Security SaaS: The Next Generation of Web Security
Solve Exchange Storage Problems Once and For All: A New Approach without Stubs or Links
Solve Exchange Mailbox Storage Issues Once and for All
Taking On Demand CRM Integration to the Next Level
Email Archiving Implementation: Five Costly Mistakes to Avoid
Vendor Influence Curves And How You Can Get The Best Value Out Of Your Network
Cutting printer costs
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
A notorious online gang known for its prolific phishing operations has expanded its means of attack, potentially putting more PC users at risk of losing personal data.
The Rock Phish gang surfaced around 2004, becoming well-known for its expertise in setting up phishing sites, which seek to trick people into divulging sensitive data, as well as for selling phishing kits designed for less technical cybercriminals.
Now, the phishing sites linked with the Rock Phish gang are being rigged with a drive-by download, a type of attack that can infect a PC with malicious software without any interaction by the user, researchers from vendor RSA said Monday.
The one-two punch means that even people who go to the phishing site but aren't fooled into inputting their personal details could still be infected, wrote Uriel Maimon, a senior researcher, on RSA's blog.
The phishing Web site tries to exploit any software vulnerabilities, and if it finds one, will then load the Zeus Trojan onto the PC. Zeus is particularly dangerous: it can collect data on forms, take screen shots, pilfer passwords from browsers and remotely control the computer, Maimon wrote.
Zeus also comes in at least 150 flavors. One of the phishing kits being sold now for US$700 masks how Zeus appears to security programs. That kit uses a binary generator, which creates a new binary file for Zeus for every kit.
Antivirus programs uses signatures, or data files, that describe what malicious programs "look" like in order to be detected. But creating new binaries can render security programs blind. Most of the popular antivirus programs can't detect the variants.
"These files are radically different from each other, making them notoriously difficult for antivirus or security software to detect," Maimon wrote.
Computerworld Member Login
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
F-Secure achieves excellent results in Internet security suite comparison 2008-10-10 14:37:00+10
M2M Connectivity announces the new Sierra Wireless MC8792V embedded module for 900 MHz 3G/HSPA networks 2008-10-10 08:51:00+10
Pitney Bowes MapInfo Launches New Version of AnySite 2008-10-10 05:58:00+10
IOGEAR Gears Up in Australia 2008-10-09 20:18:00+10
Internet Service Providers offer new unlimited Online Backup from F-Secure 2008-10-09 19:42:00+10
Taking On Demand CRM Integration to the Next Level
Discover the current integration challenges facing businesses attempting to deploy on demand CRM systems. Learn how to create comprehensive integration of your data, user interface and business process levels and transform a portfolio of disparate applications into a unified, virtual application suite.
