I am kicking off a monthly blog post that will wrap up some of the previous month’s top stories in endpoint security. This idea originally occurred to me when I thought about the life of an IT/security professional today. Teams that are not using application whitelisting need to respond to every single attack and vulnerability uniquely. This is the proverbial case of treating the symptoms instead of the disease. This monthly post will highlight many of the major “symptoms” that teams are struggling to deal with. Our take: deal with the disease.
Last month featured a number of interesting, if troubling stories, ranging from the largest credit card theft indictment in history, to using Twitter to control botnets. So without further ado, here are a selection of some of the top endpoint security stories for August 2009: Continue reading this post…
I came across a good article today from internetnews.com detailing the latest stats for the Conficker botnet. Over 5.5 million PCs are actively infected and a part of this botnet according to the Conficker Working Group. Clearly Conficker continues to be a threat despite approaching its first year anniversary this October. Continue reading this post…
Another kind of fireworks display may take place on the Internet this weekend. There is a large malware campaign targeted for this 4th of July weekend, 2009. CNET reports that computers infected by the Waledac worm are a part of a botnet that will begin distributing spam this weekend intending to get users to click on videos that will infect the PC with the malware and add it to the botnet.
The prevalence of this type of problem is more indicative than ever that blacklisting antivirus simply isn’t up to the task of preventing infection of PCs.
There was a lot of FUD flying around prior to April Fool’s Day this year regarding Conficker. Researchers had finally been able to discover that on April 1st, 2009 Conficker would update itself and potentially do something devastating. Instead, only a small percentage are updated and those endpoints… serve up scareware? Of all the nefarious activity it could do (e.g., make a Balkan state go dark, DoS US critical infrastructure, etc.) it does something as pedestrian as serve up scareware? Continue reading this post…