Sober worm goes into hibernation

Posted on by admini

The worm, which spread rapidly last week, included code to make it respond to instructions posted on a number of Web sites.

Antivirus companies now believe that the virus writers responsible for Sober.P made changes to these Web sites to temporarily stop the worm spreading.

Antivirus company F-Secure saw the worm drop to one percent of virus activity on Tuesday morning from 40 percent of virus activity on Monday — although rival antivirus company Sophos had reported that Sober.P was 84 percent of virus activity on Monday. “Sober monitors certain URLs,” said Mikko Hyppönen, director of antivirus research for F-Secure. “What the worm does depends on the content of the Web site. Someone has changed the content of the Web site and taken remote control of the infected machines.”

Hyppönen said the worm did not have an in-built mechanism to stop spreading it on Tuesday.

Antivirus company Sophos confirmed it had also seen the worm stop spreading, but expects more activity from it.

“The Sober worm is programmed to ‘poll’ out to the Internet to see if a new component update is available,” said Graham Cluley, senior technology consultant for Sophos. “What that update does is entirely up to the virus author — it could mean all of those infected machines could launch a new virus outbreak, begin a DDoS attack, or initiate a spam campaign.”

Last week, Sober.P was reported to be circulating the Internet in massive quantities.

Sophos said the mass-mailing worm accounted for 5.4 percent of all email and 84 percent of virus activity that the company saw over the weekend.

Sober.P — which security companies have variously tagged as Sober.N, Sober.O or Sober.S — travels as an attachment in emails written in English and German. One of the most widely reported emails contains an alluring message stating that the recipient has won free tickets to the 2006 World Cup in Germany, but many other types have also been spotted. Once opened, the virus sends itself to email addresses harvested from the newly infected machine.

http://news.zdnet.co.uk/internet/security/0,39020375,39198261,00.htm

Read more

Microsoft slams UK open-source study

Posted on by admini

The report involved 15 schools which used open source software and 33 that didn’t. It concluded that the cost of a primary school computer running open source software was half that of one running proprietary software, while in secondary schools an open source PC was 20 percent cheaper.

Stephen Uden, Microsoft’s education relations manager, claimed that this sample size was too small to draw firm conclusions from. Uden also defended Microsoft against the charge that schools that choose its software are getting worse value than those that take the open source path.

“Obviously costs are an important part of this. But most head teachers are interested in quality. We spend more time looking at better learning for kids,” said Uden. He pointed out that three of the primary schools involved were supported by a secondary school, giving them access to valuable support–something he claimed distorted the findings.

The 24-page report looked at three areas–technical infrastructure, administration and management, and curriculum software–and overall delivered a mixed verdict about what open source software offers today. The report found that open source software was generally superior as an operating system on both servers and PCs. But the schools involved were split as to whether open source applications were better than their proprietary counterparts. One teacher reported that some colleagues welcomed StarOffice, but others refused to use it and stuck with Word. At another school, open source software had been installed on laptops alongside proprietary alternatives, but appeared to be never used.

Becta described the position on content-specific open source software as “weaker”, as the schools involved in the study were only using a very small range of open source teaching applications.

Despite this, OpenForum Europe–which supports the use of open source software in business–has hailed Becta’s report. “This report underlines the massive opportunity that exists for all schools to get the best value for money from their IT budgets,” said Mike Banahan, director of OpenForum Europe. “The advent of Open Source Software solutions in education opens up the whole UK education market for the first time in a decade to competitive choice, removing the inevitability of lock-in.”

http://news.zdnet.com/2100-9593_22-5706457.html?part=rss&tag=feed&subj=zdnet

Read more

Government warns of IPsec VPN flaw

Posted on by admini

On its Web site, NISCC said a flaw in the IPsec VPN protocol could allow hackers to obtain a text version of encrypted communications with only “moderate effort”.

The flaw, which NISCC rated as ‘high risk’, makes it possible for an attacker to intercept IP packets travelling between two IPsec devices and modify the encapsulation security payload — a sub-protocol that encrypts the data being transported. This could ultimately expose this data to an unauthorised third party.

On its Web site, NISCC wrote: “By making careful modifications to selected portions of the payload of the outer packet, an attacker can effect controlled changes to the header of the inner (encrypted) packet…If these messages can be intercepted by an attacker, then plaintext data is revealed.”

NISCC has published a number of solutions to this issue.

http://news.zdnet.co.uk/internet/security/0,39020375,39198102,00.htm

Read more

Trend Micro to Provide Integrated Protection for Mobile Devices Running on Microsoft Windows Mobile

Posted on by admini

“Today’s smart phones and wireless handhelds are becoming mini computers that potentially have security risks similar to other computers,” said Raimund Genes, president of European Operations for Trend Micro, who is also responsible for mobile security products globally. “As the network perimeter expands to encompass such devices, organizations and operators should consider appropriate security measures for protecting their users’ devices.

“Trend Micro Mobile Security brings added value to the Windows Mobile software by providing additional security for our mobile device users,” said Chris Hill, group product manager for the Mobile and Embedded Devices Division at Microsoft Corp. “The market for mobile devices is growing, and with it the need for security is increasing.

According to a 2003 study by IDC, the mobile security market will grow from $161 million in 2005 to more than $992 million in 2008.

http://www.zdnetindia.com/news/pr/stories/121846.html

Read more

Security gripes? Microsoft feels your pain

Posted on by admini

Dubbed Windows OneCare, the service will draw in part on existing tools like the company’s anti-spyware software, as well as on basic PC management functions inside Windows. But it will add a more powerful firewall, ongoing antivirus protection, and the right to get a live support person on the phone without paying extra, the company said.

“We’re trying to address a consumer need we see being unmet today,” said Dennis Bonsall, group product manager for the company’s technology care and safety group, noting that most people don’t run even a basic antivirus scan on their computers at home. “Our target is those consumers who aren’t protected by this kind of PC health solution today.”

The service, which won’t be available for ordinary consumers even in beta until much later this year, represents the latest stage in Microsoft’s move against the security problems that have plagued its software over the past few years.

The service should provide the company with recurring revenue, as opposed to the one-time sales of software releases like Windows or Microsoft Office.

The OneCare service marks the first time that Microsoft has offered antivirus software directly to consumers, even though it has spent several years buying companies that offer the technology. Executives said they did not plan on offering the virus-fighting technology outside the OneCare bundle of services. The package will also include the Microsoft’s spyware-fighting tools and a firewall that blocks unauthorized outbound traffic, such as spyware data, as well as the inbound traffic blocked by XP.

Analysts said a Microsoft antivirus product would be likely to appeal to the large percentage of consumers–close to 75 percent, by some estimates–who have no virus protection loaded on their computers. “I don’t think that Microsoft is going to take market share away from (security providers like Symantec), but instead it’s more likely (Microsoft) will be able to attract a lot of people who haven’t had antivirus on their desktops before,” said Gartner analyst Peter Firstbrook.

The OneCare package also will offer automatic computer care tools such as disk defragging and file repair, and scheduled data backup features that will save critical data such as photos and financial information to CDs or DVDs.

Microsoft critics often point out that many of the worst PC problems, ranging from viruses to spyware, take advantage of security vulnerabilities in Microsoft’s own Windows, Internet Explorer and other software. But company executives said there was nothing untoward about charging consumers in part to block these problems. “I think that at this point, a fair number of the kind of threats we see on the security front are not just attacking vulnerabilities,” said Amy Roberts, director of product management in Microsoft’s Security, Business and Technology unit. “Security is a key component, but OneCare goes beyond that to help customers have a broader sense of PC health.”

The service will be launched in beta form to Microsoft employees, and will be released to consumers in late summer or fall, the software giant said.

The company did not provide any details on projected pricing.

http://news.zdnet.com/2100-1009_22-5705430.html

Read more

Spyware threat takes pole position

Posted on by admini

The poll of over 100 US IT managers found that four out of five were more concerned about spyware compared to this time last year, and 45 per cent were less worried about spam than they were last year.

Overall nearly three quarters of those questioned were spending more time on security than last year.

“Spam is understood and there are solutions in place to control it,” one respondent said. But the sharp increase in the volume and sophistication of spyware was deemed especially worrying for many companies. “We have seen some new forms of spyware within the past two to three weeks,” said another respondent. We are looking at it differently now, rather than just a nuisance.”

Spyware was the chief concern for IT managers, but 59 per cent also identified phishing attacks as a growing threat.

Concern over hacking was viewed as less of an issue, with only one in five IT managers rating it as a growing problem.

The survey was conducted for information security firm Secure Computing by TheInfoPro.

http://www.vnunet.com/news/1162952

Read more