Home > IT Blogs > IT Trenches >

IT Trenches:

honeypot

May 16 2008   6:40PM GMT

Did you see this? - Fear or doubt? New rootkit from researcher’s labs



Posted by: Troy Tate
anti-virus, Security, antivirus, forensics, honeypot, malware, Monitoring, research, tools

Do you fear or doubt these types of announcements? There are so many possibilities and weaknesses in systems and services.

According to: SoftPedia News

TechWorld reported today that a new type of malware that could be impossible to detect by the anti-virus technologies currently on the market has been developed by security researchers and will be demonstrated at the Black Hat security event scheduled for August in Las Vegas. The same source adds that the new rootkit could prove to be incredibly hard to detect first of all due to the fact that it stays in a “protected part of the computer memory”.

Just what I needed… another reason to tell my users to “just say no” to using computers.

Thanks for your time. Let’s be good network citizens together & practice safe networking!

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend

May 9 2008   6:20PM GMT

Did you see this? - a live honeynet



Posted by: Troy Tate
anti-virus, Data security, howto, CIO, DataManagement, Sandbox, Security, antivirus, forensics, malware, Monitoring, research, honeynet, honeypot, botnet, SQL Server

I just came across the Shadowserver Foundation. According to their mission:

The Shadowserver Foundation is an all volunteer watchdog group of security professionals that gather, track, and report on malware, botnet activity, and electronic fraud. It is the mission of the Shadowserver Foundation to improve the security of the Internet by raising awareness of the presence of compromised servers, malicious attackers, and the spread of malware.

This is a great resource to find out what’s happening “in the wild” and to help sell security protection to your organization. This is real stuff happening in the real world. For example, take a look at how detailed the blog entry is on the winzipices.cn SQL injection / malware attack. This gives you enough information to fight the threat and feel confident you understand it.  Well done to the Shadowserver Foundation!

Thanks for your time. Let’s be good network citizens together &
practice safe networking!

 

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend