Tuesday, October 25, 2005
extortion by virus
A story in Computerworld caught my eye today. It's about a virus that is spreading in Russia that encrypts files on the infected computer and then displays a message with an email address where you can negotiate a fee for the decoding of the files. Apparently this type of virus has been around for awhile but it's new to me.
The story also mentions that the virus is picked up when visiting a web site but doesn't specify what type of site in this case.
The story also mentions that the virus is picked up when visiting a web site but doesn't specify what type of site in this case.
Monday, October 10, 2005
I found this in the Edupage newsletter from EDUCAUSE. So why is it so hard to come up with a standard?
MALWARE NAMING SCHEME PROMPTS DISAGREEMENT Security experts are of two minds concerning the release of a scheme to provide common names for malicious software. The Common Malware Enumeration (CME) system is designed to eliminate the confusion that often arises when a new piece of malware begins circulating the Internet. As different security companies identify the code, they typically assign different names, causing confusion among computer users as to whether there are multiple threats that need to be addressed or simply one new threat with several names. Starting with the most common and damaging pieces of malware, CME will assign a unique number to each. Trend Micro's David Perry criticized the program for not covering all malware, however. He also said the scheme won't provide any benefit for consumers. His comments were echoed by IBM's Martin Overton, who said CME will make matters worse, and by Boeing's Jeanette Jarvis. Graham Cluley of Sophos, on the other hand, applauded the new system. Larry Bridwell, content security programs manager for security watchdog ICSA, also supports the naming scheme, calling it a good first step and pointing out that it was "never designed to solve the naming problem" but rather to serve "as an index."
CNET, 6 October 2005
http://news.com.com/2100-7348_3-5890038.html
MALWARE NAMING SCHEME PROMPTS DISAGREEMENT Security experts are of two minds concerning the release of a scheme to provide common names for malicious software. The Common Malware Enumeration (CME) system is designed to eliminate the confusion that often arises when a new piece of malware begins circulating the Internet. As different security companies identify the code, they typically assign different names, causing confusion among computer users as to whether there are multiple threats that need to be addressed or simply one new threat with several names. Starting with the most common and damaging pieces of malware, CME will assign a unique number to each. Trend Micro's David Perry criticized the program for not covering all malware, however. He also said the scheme won't provide any benefit for consumers. His comments were echoed by IBM's Martin Overton, who said CME will make matters worse, and by Boeing's Jeanette Jarvis. Graham Cluley of Sophos, on the other hand, applauded the new system. Larry Bridwell, content security programs manager for security watchdog ICSA, also supports the naming scheme, calling it a good first step and pointing out that it was "never designed to solve the naming problem" but rather to serve "as an index."
CNET, 6 October 2005
http://news.com.com/2100-7348_3-5890038.html
