Bladewatch.com

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9025198&source=NLT_VVR&nlid=37

June 18, 2007 (Computerworld) — Attackers armed with an exploit tool kit have launched massive attacks in Europe from a network of at least 10,000 hacked Web sites, with infections spreading worldwide, several security companies warned today.

As early as last Friday, analysts reported the opening salvos of a large-scale attack based on the multiexploit hacker kit dubbed “Mpack.” The mechanics of the attacks are complex, but essentially attackers taint each compromised site with code that then redirects visitors to a server hosting the Mpack kit — a professional, Russian-made collection of exploits that comes complete with a management console to detail which exploits are working and against what countries’ domains.

Infected computers are fed a diet of malicious code, largely keyloggers that spy out usernames and passwords for valuable accounts such as online banking sites.

This is where keeping the IT infrastructure patched and up to date with the vendors support recommendations is key, that you’ve applied the relevant hot fixes to the operating system and layered applications is the cost of doing business.

Let’s step back for a minute though, you need to remember as with anything else, its a cost vs liability scenario, I’ll lock my systems down to limit my public and private liability, but there are limits to me doing this, IT security is part of my due diligence process, but this has to be offset in relation to being a business enabler, to delivering service, how you deal with this is up to you, check it out, though, an interesting read.

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.