Welcome to BroadbanterBanter. |
You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.
|uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.|
| ||Thread Tools||Display Modes|
"Modular malware to avoid detection "
Firefox and Mac security sanctuaries 'under attack'
Symantec attacks sacred cows
By John Leyden
Published Monday 19th September 2005 12:19 GMT
Get breaking Security news straight to your desktop - click here to
find out how
Symantec has attacked the perceived security advantages of Firefox and
Apple Macs by drawing unfavourable comparisons with Microsoft's
software and describing Mac fans as living in a "false paradise".
According to the latest edition of Symantec's Internet Security Threat
Report, 25 vulnerabilities were disclosed for Mozilla browsers and 13
for Microsoft Internet Explorer in the first half of 2005.
Graham Pinkney, head of threat intelligence EMEA at Symantec, said that
switching from IE to Firefox as a way of minimising security risks was
no longer valid advice. "Cross-site scripting attacks have been used to
attack more vulnerabilities in Mozilla browsers over the last six
months than IE," Pinkney told an IDC security conference last week
ahead of the publication of Symantec's threat report today. John
Cheney, chief executive of email filtering firm BlackSpider, replied
that the release of Firefox had "helped Microsoft to raise its game" in
terms of browser security.
As well as making comments that will doubtless irk Firefox fans,
Symantec has renewed its assault of the perceived security advantages
of Apple Macs. "Mac users may be operating under a false sense of
security as a noteworthy number of vulnerabilities and attacks were
detected against Apple Mac's operating system, OS X," Symantec said,
reflecting comments in the previous edition of its threat report that
OS X was an emerging target for attack.
"While the number of vendor-confirmed vulnerabilities in OS X has
remained relatively constant during the last two reporting periods [12
months], Symantec predicts this could change in the future.
Symantec's analysis on a rootkit (OSX/Weapox) reveals it is designed
to take advantage of OS X. This particular trojan demonstrates that as
OS X increases in popularity, so too will the scrutiny it receives from
Away from the desktop, Microsoft enterprise applications remain the top
hacker target. For the fourth consecutive reporting period, the
Microsoft SQL Server Resolution Service Stack Overflow Attack was the
most common attack, accounting for 33 per cent of all attacks monitored
Malware authors go modular
Malicious code threats to privacy and confidentiality increased rapidly
in the first six months of 2005 - up 48 per cent on the back half of
2004. Virus writers upped their production lines to release 10,866 new
Windows virus and worm variants in the first six months of this year,
For the second period in succession, NetSky-P was the most reported
malicious code sample. Gaobot and Spybot - both linked to the creation
of zombie networks of compromised Windows PCs - were the second and
third most reported.
Malware that exposes confidential user information represented
three-quarters (74 per cent) of the top 50 malicious code samples
received by Symantec. Seven of the top 50 were linked to the creation
of botnets. Websites that specialise in distributing source code and
tools for malicious bots and botnets helped fuel the creation of
multiple copies of Spybot with 6,361 new variants of the malware
created in the first half of 2005, a 48 per cent increase over the
4,288 new variants documented in the second half of 2004.
Instead of releasing a wide range of functions in one program or file,
virus writers are beginning to create modular code to avoid detection.
Once installed, modular malware first tries to disable antivirus
software and firewall protection and then trieas to download other
pieces (or modules) of code from compromised computers across the
A patch in time...
Symantec chronicled 1,862 new vulnerabilities during 1H2005 - an
average of 10 new flaws a day - 73 per cent of which it categorises
as easily exploitable. The time between the disclosure of a
vulnerability and the release of an associated exploit was just six
days. Half (59 per cent) of vulnerabilities were associated with web
Along with computer viruses and vulnerabilities, spam remains a leading
security concern. Spam accounted for 61 per cent of all email traffic
in the first half of 2005, according to Symantec, with over half (51
per cent) of all junk mail received worldwide originated in the US. ®
|Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)|
|Thread||Thread Starter||Forum||Replies||Last Post|
|Dlink : "Access Point" or "Wireless Client" mode?||Alfie||uk.telecom.broadband (UK broadband)||2||January 7th 05 08:41 PM|
|BB checker says "YES" but Virgin.net says "NO" -- why?||Simon Langford||uk.telecom.broadband (UK broadband)||5||December 10th 04 11:13 PM|
|Bulldog - DSL is crap - and numbers for support/cust service "are not recognised" Can they do anything right?||Dave||uk.telecom.broadband (UK broadband)||0||October 29th 04 10:47 PM|
|BT announces "end" of PSTN & move to "21st century network" IP network||Sunil Sood||uk.telecom.broadband (UK broadband)||0||June 9th 04 10:34 AM|