Category: Warnings

The worm has infected some 300,000 systems, according to a Lurhq analysis of logs from a Web site statistic counter that the worm uses to keep track of its spread.

http://news.zdnet.com/2100-1009_22-6031881.html

But the ISF believes that one of the most virulent problems posed by VoIP will come about as a direct result of the low cost of sending voice messages over the Internet. SPIT — spam over internet telephony — could become a huge problem for companies.

In surveying ISF members to research the report, concerns were also expressed that as VoIP becomes more popular, organised criminals will turn their attention to sabotaging businesses by disabling phone systems through DoS attacks or spreading malicious viruses or worms.

The problems of poor quality transmission and loss of service are gradually being overcome, which is expected to lead to more widespread adoption and reliance on VoIP in the future. “We take it for granted but it is extremely resilient, something that VoIP can not currently deliver.

http://security-protocols.com/modules.php?name=News&file=article&sid=3116

Analyst firm Gartner has advised its clients to halt all mission critical deployments of RIM’s BlackBerry email devices because of a legal battle that could see a judge effectively shut down the company’s US operations.

Patent-holding firm NTP contends that it owns the patents for the technology that powers the BlackBerry.

The research note advises enterprises to “stop or delay all mission-critical BlackBerry deployments and investments in the platform until RIM’s legal position is clarified” because “US BlackBerry users would lose messaging services…and international users would lose message service while travelling in the US”.

However, Gartner expects the two companies to reach a settlement within three weeks, because an agreement would be “in both companies’ interests”.

There is a possibility RIM could bypass the patent dispute by deploying a workaround but Gartner said this path could be “highly problematic”.

According to Gartner, enterprises should “not sign any agreements that could involve them in the RIM/NTP dispute” and “demand that RIM discloses its workaround plans”.

http://hardware.silicon.com/pdas/0,39024643,39154879,00.htm

The move to pint-size botnets helps malicious attackers have more success in delaying detection of their illicit zombie networks, Sunner said.

“When a larger botnet is spreading a virus, it lights up the switchboard of (antivirus) vendors, and they’ll respond in a few hours with a signature to contain the outbreak,” Sunner said. First, an increase in the numbers of hackers hoping to put together networks has made the task of securing zombie computers more competitive, so it is harder for the “bot herder” to amass a larger number of drone computers. Second, home users with high-bandwith connections, the primary targets of hackers, are taking more steps to secure their computers.

“As botnets get used up, they are blacklisted and less useful for spamming or phishing attacks,” Sunner said. Last year, Sunner said his company began noticing old, wornout spambots were being resold as potential DOS bots on various sites and forums used by malicious attackers.

http://www.zdnetindia.com/print.html?iElementId=130532

The vulnerabilities make it possible for an attacker to trigger a heap overflow within a critical Call Manager process, causing both a denial of service condition and enabling an attacker to completely compromise the Call Manager server, ISS said.

“Like many of the applications that are driving today’s businesses, VoIP travels over a variety of networks and the public Internet and is therefore susceptible to the same security perils as other staple network components like e-mail, databases and servers,” Chris Rouland, chief technology officer at ISS, said in a statement. “We are aware of several vulnerabilities that potentially affect the Cisco Call Manager software.”

To date, Cisco is not aware of any active exploitation of these vulnerabilities and Cisco has made free software fix available,” the company said.

“An attacker may be able to redirect calls or perform eavesdropping as a result of this compromise. Successful exploitation of this vulnerability could be used to gain unauthorized access to networks and machines with Cisco VoIP products,” the company said. No authentication is required for an attacker to exploit the vulnerability and compromise a network, according to ISS.

“Voice over Internet Protocol is increasingly being adopted by corporations that wish to save money on telecommunications costs and streamline their communication infrastructure, providing employees with advanced features while simplifying administration processes,” Rouland said.

http://siliconvalley.internet.com/news/article.php/3520351

“Attackers are already using the JView Profiler flaw to download and install Trojan horses on victims’ machines,” said Dan Hubbard, senior director at Websense Security Labs. The Trojan horses would let the miscreants remotely control the hijacked PCs and make it part of a network of such computers known as a botnet, an increasing cyberthreat.

The other vulnerabilty affects the Microsoft Color Management Module, a component of Windows that handles colors.

The Windows vulnerabilities are described in two bulletins issued as part of Microsoft’s monthly patch cycle.

A third alert deals with a bug affecting Word 2000 and Word 2002. The Word flaw could allow an attacker to take control of a vulnerable PC, the software maker said.

http://news.zdnet.co.uk/0,39020330,39208852,00.htm