Category: News

Antivirus experts, who are calling the Trojan “Bankash-A,” say it is the first piece of malicious software to attack Windows AntiSpyware, which is still in beta.

“This appears to be the first attempt yet by any piece of malware to disable Microsoft AntiSpyware,” Graham Cluley, a senior technology consultant at Sophos, said in a statement. “As Microsoft’s product creeps out of beta and is adopted more by the home user market, we can expect to see more attempts by Trojan horses, viruses and worms to undermine its effectiveness.”

Windows AntiSpyware, built using technology from Microsoft’s acquisition of Giant Company Software, is designed to protect Windows PCs from spyware–software that is installed on computers without their owners’ knowledge. Typically, spyware generates pop-up ads or keeps track of people’s Web surfing.

Like many other Trojans, Bankash attempts to steal passwords and online banking details from Windows users, Sophos said in an advisory. The program targets users of U.K. online banks such as Barclays, Cahoot, Halifax, HSBC, Lloyds TSB, Nationwide, NatWest and Smile. Sophos called the Trojan “Bankash” because it attacks banking customers and installs a file called ASH.DLL onto a victim’s hard drive.

Microsoft’s British press office was awaiting comment from the company’s U.S. headquarters at the time of writing.

http://news.zdnet.com/2100-1009_22-5569429.html

The providers of voice-over-Internet Protocol (VoIP), as Net phone services are generally known, are bracing for abuses nonetheless.

Using VoIP, virus writers could conceivably commandeer someone’s phone, or telemarketers could send messages to thousands more phones at a time than they can now.

With little evidence to suggest a problem, however, the 22 member companies of the VoIP Security Alliance run the risk of provoking the digital world’s black hats.

But the outlaws’ attention is inevitable, alliance members say, because VoIP technology is teetering on the mainstream, becoming an increasingly interesting target. There are about 5 million customers worldwide, with almost a third in the United States. Vonage, with 500,000 customers, is the world’s largest VoIP supplier and has recently started offering its services in the UK. VoIP services have begun winning converts, thanks to cheap rates and a slew of features that traditional phone companies can’t match.

The alliance includes business telephone maker Alcatel, network security specialists Symantec and several schools, including New York’s Columbia University, and the 20 other companies.

“The technology has finally arrived, and vulnerabilities need to be discovered and mitigated,” Ron Gula, chief technology officer of alliance member Tenable Network Security, said in prepared remarks.

http://news.zdnet.co.uk/communications/0,39020336,39187096,00.htm

The growth of compliance regulations, the need to integrate business networks securely and the emergence of security as a business driver rather than a cost centre are driving demands to give security professionals the same status as engineers and accountants.

The body aims to become an organisation for IT security professionals, akin to the IEE for electrical engineers or the IMechE for mechanical engineers. It will accredit security qualifications, lay down minimum standards of knowledge and experience for and create formal continuing professional development programmes.

“The year is designed to highlight, evangelise and promote professionalism in the industry,” said Berlich. The first stage is to raise awareness of information security as a distinct profession.

The programme has won backing from a range of government organisations, users such as General Motors, and universities and IT suppliers.

Berlich said there was no conflict between (ISC)2’s work and the work being done by prominent IT security professionals, including some of (ISC)2’s own members, to develop a new body for security professionals.

“Anyone who promotes specialisation is an ally,” he said.

http://www.computerweekly.com/articles/article.asp?liArticleID=136577&liArticleTypeID=1&liCategoryID=6&liChannelID=22&liFlavourID=1&sSearch=&nPage=1

Viviane Reding, the EU commissioner in charge of new media and information society, also announced that “anti-spam enforcement authorities” in 13 EU countries agreed to cooperate in investigating complaints against spammers. “Enforcement authorities in member states must be able to deal effectively with spam from other EU countries,” Reding said in a statement.

The deal reached among the 13 national agencies in charge of combatting unsolicited e-mails is voluntary but “establishes a common procedure for handling cross-border complaints on spam” and closes loopholes “exploited by spammers and data thieves,” the Commission said.

EU laws requiring companies to get consent before sending e-mail, tracking personal data on Web sites or pinpointing callers’ locations via satellite-linked mobile phones have been in place since 2003, though some in the 25-nation bloc were slow to enact legislation against spammers.

The majority of unsolicited e-mails to Europeans originates from outside the EU. About 80 percent of all e-mails sent last year were unsolicited commercial bulk e-mail, according to U.S.-based e-mail filtering company MessageLabs, and the vast majority of those e-mails originated in the United States, where for a year national anti-spam laws have been in effect.

http://www.messagingpipeline.com/showArticle.jhtml?articleID=59301595

The contract, which has a three-year base period and four three-year options, has an estimated value of $762 million if all options are exercised.

The contract was awarded to CSC’s DynCorp Technical Services, a unit that is not being divested under a previously announced Dec. 12, 2004 agreement to sell selected DynCorp business units.

Under the contract, CSC’s Federal Sector business unit will support AUTEC through services that include the scheduling and conduct of test programs; operation of range instrumentation and test support systems; and performance of all base operations functions. Work will be performed at locations including Andros Island, the Bahamas, West Palm Beach and Cape Canaveral, Fla., and Yorktown, Va.

AUTEC is a major range and test facility base that provides both deep and shallow water test and training environments for the US Navy.

CSC will subcontract portions of the contract to KIRA, Inc. for Bahamian base operations support, and Gulfstream International Airlines for airline service.

http://news.zdnet.com/2110-9589_22-5563616.html?part=rss&tag=feed&subj=zdnet

Under the Security Cooperation Program, Microsoft will advise participating government agencies on network security issues in an effort to try to anticipate or mitigate security lapses, said Gerri Elliott, corporate vice president of Microsoft’s worldwide public-sector unit. Giving a government agency advance notice of security problems for free derives from the role government agencies play, Elliot said.

Government agencies, however, have also been some of the most active in promoting open source software, both as a way to cut costs and promote local companies. In Europe, the local government of Vienna is moving forward with a voluntary open source program aimed at cutting software acquisition costs. Although announcements by governments to embrace open source software have grabbed headlines and have given the open source movement momentum, some have stalled.

http://www.zdnetindia.com/news/international/stories/116434.html