Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, June 25, 2004

Web site virus attack blunted—for now

Netizens are no longer playing Russian Roulette each time they visit a Web site, security researchers say, now that a far-reaching Internet attack has been defanged.

The attack, which had turned some Web sites into points of digital infection was nipped in the bud on Friday, when Internet engineers managed to shut down a Russian server that had been the source of malicious code for the attack.

Compromised Web sites are still attempting to infect Web surfers’ PCs by referring them to the server in Russia, but that computer can no longer be reached.

Still, Web surfers should still take care, as this type of attack is increasingly being used by the Internet underground as a way to get by network defenses and infect officer workers’ and home users’ computers.

A large financial client called in Symantec in late April after an employee used Internet Explorer to browse an infected Web site and his system became infected.

Last fall, a similar attack may have been facilitated through a mass intrusion at Interland, said sources familiar with that case.

The Internet Explorer flaws that allowed the Russian attack, however, affect every user of the Web browser, because Microsoft has not yet released a patch.  “We are not seeing that this threat is widespread, but we believe the threat to be real,” said Stephen Toulouse, security program manager for Microsoft’s security response center.

Posted on 06/25