Domain: intrinsicsecurity.com
Stories and comments across the archive that link to intrinsicsecurity.com.
Stories · 3
-
Schneier on Attack Trends: More Complex Worms
Gary W. Longsine writes "Bruce Schneier has posted an interesting entry on expected attack trends to his blog. Of particular interest is the increasing sophistication of automated worm-based attacks. He cites the developing W32.spybot.KEG worm -- once inside a network it scans for several vulnerabilities and reports its findings via IRC. Trend Micro also has information on a scanning-capable version of this worm, which they call: WORM_SPYBOT.ID" -
Device Drivers Filled with Flaws, Pose Risk
Gary W. Longsine writes "Security Focus describes device drivers as an untapped source of buffer overflows, posing substantial risk not typically considered as part of a standard risk assessment. The security risks of device drivers on both Windows and Linux, including network (remotely exploitable) and hardware drivers (typically only locally exploitable) are discussed in the article. I've noticed that software you wouldn't expect sometimes installs a device driver component. I can understand this as a component of an antivirus or host based firewall, but it seems to be an oddly common design pattern on Windows, which clearly poses substantial risk." -
Witty Worm Kick-Start Methods Revealed
voixderaison writes "Security Focus reveals more details about the methods used to seed the Witty worm last year. You might want to read the analysis at CAIDA for background and refresher on this groundbreaking worm, which spread very rapidly through a small population of systems, and then waxed their hard drives. A flaw in its random number generator seems to have protected 10% of the internet from the Witty worm."