Targeted Trojan Attacks Causing Concern 77
Bill Andad writes to point out a surprise trend emerging from the Virus Bulletin Conference 2006 in Montreal this week. From the article on Daniweb: "It is the smallest of Trojan attacks that are causing the biggest headache in the world of corporate security right now. By targeting individuals within individual companies with individually constructed infected messages, the new-age industrial spy is slipping under the security radar." News.com has more in-depth coverage.
Any trojans cause concern (Score:3, Informative)
About time? (Score:3, Informative)
Ask a legitimate question and get a response. You're now whitelisted. Send them a document related to your question that happens to carry your trojan. You can now, at least, impersonate them on the network/read their mail/send mail on their behalf.
It's a crappy way to develop a bot net but it's a good way to get very specific espionage capabilites.
Why hasn't this been exposed in the past, I'm sure it's been going on for quite some time.
Re:The biggest danger are working business models (Score:3, Informative)
http://www.bit9.com/ [bit9.com]
lets you lock down PCs and stops anything new/unknown (from a network-wide perspective) from running without taking away admin rights.
so if someone gets snuck an evil email attachment, it would be identified by the software as new to the network and blocked at the kernel level before the OS executes it. no signatures or AV needed.
[full disclosure: yeah, i work at bit9, and the product rocks
-fren
Re:Not all that surprising (Score:2, Informative)
Re:Not all that surprising (Score:2, Informative)
http://www.microsoft.com/technet/security/prodtec
LULZ (Score:3, Informative)
oh, indeed. The main reason your anti-virus software is pointless.
If a piece of malicious software is well known enough for your anti-virus company to know about it, then a patch for the issue will be out very soon. Anti-virus software will only protect you from script kiddies and not someone that actually would have a good reason to steal your data. i.e your competition.