Found an interesting article at PC World about Thomas J. Holt, an assistant professor in the Department of Criminal Justice at UNC (go Heels!), where for the past year they’ve been gathering information on the burgeoning online black market for malware and cyberthieves.

To locate the sites where cybercriminals bought and sold their wares, Holt had no inside criminal contacts to assist him, so he started just like anybody would, with a search on Google. After finding several sites that had cut-and-pasted postings from other sites, also called rippers, this lead him to the real black market sites where malware gets reviewed and sellers get ranked.

Online reviews varied from “The best program in its class I have ever seen!" to "One of the most powerful products on the market." Still another reads, "Works well... to find a new attacker." As reported by UNC Research, a typical transaction can cost anywhere from $100 dollars to more than $3,000.

These underground forums also feature product-testing reports, which detail if an illicit application does what it says it can. Certain sites even offer tech support and product updates, and in some cases feature escrow services, meaning they’ll act as a third party and hold onto the transaction money until both sides are satisfied with the deal.

Much like eBay, these sites allow sellers to garner a reputation until they can establish themselves as a “verified seller.” To maintain their anonymity, sellers use handles like Corpse or Cr4sh, and when one site shuts down, the reputations can often transfer to a new site. Thus, buyers can distinguish between who are the good/bad guys versus the bad/bad guys.

The team from UNC found sites in Vietnamese, Spanish, English, and Chinese, but the most common language was Russian. The many different languages made it difficult to find and shut down the sites, and while Holt says he does share his results with law enforcement, and has led to some sites getting busted up, it hardly made a dent in the online black market.

Tag: malware, cybercrime, Online Criminal Networks

Posted by pschooff in Hackers | Permalink | Comments (0) | TrackBacks (0)

As almost every industry now seems to be doing mash-ups of different technology, you can now include spammers and cybercriminals in that group. A recent report by MessageLabs stated that recent email messages touting stocks have also come to include links to malicious code. The reasoning is, even if the stock mention fails to entice the recipient, maybe they'll still click on the link, thereby infecting their computer with malware.

In the past 10 days, MessageLabs has uncovered only 3,500 such messages, which has them wondering if the spammers are just at the testing stage of this new scam. Said Mark Sunner, chief technology officer for the company, "These activities are now much more under the radar because they are sending the messages out in discrete chunks. If you spam out (the malicious link), you have a lot of control over the resultant bot net -- you can control the size, (and) what time zone it is being sending to."

What is also interesting about the Storm Worm, also known as Zhelain and Peacomm, is that it does not spread on its own, but only by someone clicking on the link. This is another change in strategy, as by sending out worms and viruses in the form of spam, criminals can grow their bot nets at a more controllable pace (while, most importantly, remaining undetected). This is also an attempt to stymie the virus detectors by denying them the latest variations of the worm which they need to detect it elsewhere.

Tag: Malware, Spam, Storm Worm,botnet

Posted by pschooff in Hackers | Permalink | Comments (0) | TrackBacks (0)

According to an article at eweek.com, the new breed of cyberthieves know almost as much about how to track and trace a data breach or security slip as the experts do. And they are using this kind of knowledge to break-and-enter computers without leaving a trace: which means not just covering their tracks, but totally erasing them.

While companies have long believed that, as long as they keep up with patches and check logs and change passwords, that they would pretty much be safe. That may no longer be true. Bryan Sartin, a vice president of investigative response for Cybertrust, said the new breed of cyber thief will delete their tracks and often purposely soil the crime scene, perhaps by using their own encryption to make transaction logs unreadable.

One thief that Sartin tracked purposely set back the system clock back several months once he broke in (and which would reset itself once he left), knowing no one would look at logs a couple of months old, logs they had probably already gone over, to search for a break-in.

Also, banks have gotten so good at reacting to data breaches so the bad guys know they need to steal much more data. They realize that, because so few of the account will be active by the time they try to use them, the more credit card or bank accounts they have, the better the chance of finding a still active account the bank overlooked.

Finally, as cybercriminals have gotten so good at erasing their tracks, they no longer need to make their entrances quiet, and in general attempt to steal as much data in as quick a time as possible.

Tags: cybercriminal, data breach

Posted by pschooff in Hackers | Permalink | Comments (0) | TrackBacks (0)

The internet has become a major focus of criminal enterprises due to its hidden, anonymous nature, explains a recent report from McAfee. Criminals simply find it easier and more lucrative to steel from the comforts of a computer station than to jump old ladies in alleys. And that ease makes it that much easier to recruit others to engage in online crime as well.

As David Marcus, security research and communications manager for McAfee, said, For organized crime, the Internet is the best thing to come along since bootlegging and moonshine," Marcus said. "And it's a lot safer to run a botnet than it is to go to the street and break someone's kneecaps.”

The report also says that organized crime is targeting some of the top talent at high-tech schools, sponsoring their high-end education and then getting them placed in a companies to give them inside access. The sense of immunity in cyberspace helps a lot, making people more willing to engage in high-tech crime. It’s much easier to sit at Starbucks and commit wire fraud then it is to hang out in dank basements planning the next bank heist.

Considering this, McAfee says that IT departments should be prepared for a nasty escalation of threats in the future. Also, IT should start on a plan to secure hand-held devices, as those are going to become the focus of the future. The fact that hand-helds are quickly supplanting the PC for people on the road means they will soon be in the net-burglars bulls eye.

The report also reaches the following conclusions:

Cybercriminals are increasingly using phishing schemes to trick unsuspecting computer users out of their money.

Cybercriminals are focusing more on social networking and community sites to find targets. By loading fake profiles and pages with adware, spyware, and Trojans, criminal code writers are cashing in on the popularity of MySpace , FaceBook, and other places people gather.

Password proliferation means that simple guesswork often is all it takes to uncover people’s data.

With an estimated 12 million computers conscripted for botnets, botnets have clearly become the preferred method for e-thieves to launch attacks.

Tags: Security Trends, Botnets, Hand-held Vulnerability

Posted by pschooff in Better Protection • Hackers • McAfee | Permalink | Comments (0) | TrackBacks (0)

These last couple of months, in the cat and mouse game of computer security, I have to admit some days it really feels like the rodents are winning. Or, to paraphrase a certain holiday tale, Not a creature was stirring, but the mice were running wild.

And as the holidays approach, I just wanted to relay a quick tale where a bad guy gets what he deserves. The worst thing about the story that follows is the fellow was once one of us, but is now an IT professional gone bad.

According to eWeek, it seems one Roger Duronio, an employee of PaineWebber, was constantly complaining about his pay and bonuses with the company. And instead of simply quitting and seeking better pay elsewhere, Duronio hatched a plan to infect 1,000 of PaineWebber’s 1,500 networked computers in various branch offices with a “logic bomb.”

So Duronio quit his systems administrator job with PaineWebber in February 2002. On March 4, 2002, the bomb detonated and started deleting files. Duronio bet that, when the news of the attack hit, PaineWebber's stock would plummet. Only problem, PaineWebber’s stock stayed exactly the same, and the bet that Duronio made by selling the stock short actually ended up costing him $23,000 dollars.

And, as you can clearly tell in my telling this tale, Duronio was busted. A New Jersey judge ordered him to pay $3.1 million in restitution and sentenced him to 97 months in prison.

Thus ends the holiday tale. So remember, keep current with your updates and patches, and please, only use your IT powers for good.

Tags: Hacker, Logic Bomb, PaineWebber

Posted by pschooff in Hackers | Permalink | Comments (0) | TrackBacks (0)

Microsoft is looking into a vulnerability in MS Word that could allow a hacker to gain control of a PC or Mac just from opening a malicious Word file attached to an email.

According to this Microsoft advisory, so far this previously unknown flaw has only been used in limited attacks and affects Word 2000, Word 2002, Word 2003, Microsoft Word Viewer 2003, Word 2004 for Mac, Word 2004 version X for Mac, and Works 2004, 2005, and 2006.

"In order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker," the advisory stated.

Microsoft may release a patch for the issue on its regularly monthly patch schedule, which would fall on December 12, or could issue an emergency update before or after that date.

Until then, and even after than, it's a good idea never to open an attachment from a sender you don't directly know. And even if you do get an attachment from someone you know, it's probably a good idea to approach attachments cautiously, and if anything about the email seems even a little bit off (I once got an email from a lawyer friend that started off with "Yo," and my friend would never say that), check with the sender directly.

Tags: Microsoft Word, Email Virus

Posted by pschooff in Hackers • Microsoft • Patches | Permalink | Comments (0) | TrackBacks (0)

When a bank robber is getting ready to rob a bank, you can bet the successful ones case out the bank beforehand and try to learn every possible thing they can about the bank’s strengths and weaknesses. Well, when a cybercriminal is zeroing in on a company to attack on the internet, there are three main Google searches they use to do just about the same thing.

The following three searches should give you a good hacker’s eye-view of your company's web presence and exactly where the most obvious weaknesses lie.

The three searches, taken from IT World, are (note that the xxx.com should be replaced with your URL):

Site:xxx.com – This displays the systems under that domain name known to Google and is used by attackers to quickly identify potential targets on the internet. This also shows pages that exist under that domain, the structures and technologies (HTML, Notes, ASP, PHP, etc) in use and helps the attacker focus their attack.

Filetype:yyy site:xxx.com – This quick search allows hackers to uncover possible confidential data accessible on your site. The yyy should be replaced with common file names like doc, xls, txt, rtf, ppt, and the search commonly reveals data that can range from customer lists to marketing lists to phone books to email addresses and more.

Link:xxx.com – This reveals sites that link to your site and can help attackers discover business partners and others who might have special access through partner networks, firewall rules, VPNs, etc. This is also a good search to possibly reveal phishing and scam sites that may be linked to you in order to steal content and graphics.

While these three searches barely just scratch the surface of the ever-morphing world of Google hacks, these should quickly reveal the most obvious, and easily correctable, problems with your company’s internet presence.

Tags: Google Hacks

Posted by pschooff in Better Protection • Google • Hackers | Permalink | Comments (0) | TrackBacks (0)

In a disturbing trend for the future of computer security, gone are the days of the lone hacker sitting in their basement looking to write the killer code that would one day make them famous, or better yet, infamous. Instead, they have been replaced by whole networks of organized hackers who quality test their efforts for maximum damage and also offer software updates and tips to other hackers using their programs. Why, you ask?

The answer is simple: money. No longer do hackers dream of making their name simply by hacking, but instead want to make their name the old fashion way: steal your money. And to do that requires a high level of expertise and professionalism, and as reported by Eweek, it represents the central threat against the future of computer security.

That means malware will become increasingly sophisticated as it searches for ever newer ways to hide inside seemingly legitimate applications and steal your vital information. Phishing schemes, or fake emails connected to fake sites that often look incredibly legitimate and try to trick you into giving out financial or password information, are also expected to proliferate.

As reported by McAfee Labs, another threat expected to rise in 2007 is the use of potentially unwanted programs to put adware on users’ PCs. These usually advertise themselves as simple games or helpful applications, but serve as a backdoor for all sorts of nasty software.

Botnets are expected to continue proliferating. Their success in spreading spam means they will probably be enlisted to carry out much worse crimes, as the fact that they comprise an entire network of computers makes it difficult to track down the source of the cyber-crime.

And with the explosive growth of video sharing and peer-to-peer sites, we can certainly expect malware writers to start focusing more of their efforts on them as well. MPEG files, which play video, are considered to become one of the major system for malware delivery to your computer. The recent discovery of the W32.Realor worm virus, hidden in media files, only confirms that.

Also, file-sharing sites continue to prove the adage that free is rarely if ever free. Nearly one third of all files on LimeWire and BitTorrent held hidden website redirects, although few of the files were found to be malicious. But I think the lesson to learn is, with Hacker Inc. now in business, don’t expect the era of harmless hacks to last long.

Tags: Security Trends, Hackers, Malware

Posted by pschooff in Hackers • Small Medium Enterprise | Permalink | Comments (0) | TrackBacks (0)

It’s been a long year for computer viruses, as malware and spam bots continue to increase at alarming rates. And, as my blog pointed out in the 5 Most Common Security Mistakes, it pays to, in so many words, know thine enemy.

With that said, anti-virus specialists Sophos recently announced the top two viruses of the year. And the top two are: Klez.h and Bugbear, the former accounting for 24.1% of reports to the firm, and the latter behind with 17.5%.

Hopefully, all of your computer’s have had their antivirus shots this year, and it includes defenses against those two different strains. Now if I could just convince the virus writers to come pick up their Virus-of-the-Year awards at the local prison.

This is my last blog for the week, and I hope everyone has a happy and healthy Thanksgiving.

Tags: Virus of the Year

Posted by pschooff in Hackers | Permalink | Comments (0) | TrackBacks (0)

Found the following list at TaoSecurity and found it insightful. The 5 most common security mistakes follow:

1. Failure to maintain a complete physical asset inventory.
2. Failure to maintain a complete logical connectivity and data flow diagram.
3. Failure to maintain a complete digital asset/intellectual property inventory.
4. Failure to maintain digital situational awareness.
5. Failure to prepare for incidents.

The first three concern knowing your environment. If you don’t know where you data is, how it is transported, and what data you are actually trying to protect, this makes it difficult to protect and just about impossible to recover if the system ever gets breached.

Once you know the ins and outs of your environment, the next step, which is harder and more open ended, is to try and understand who as trying to exploit your vulnerabilities and how.

Finally, once an incident occurs, a company should have clear policies, techniques, and trained personnel ready to respond and recover.

And as I recently read a report from Symantec that found that for-profit hacking is here to stay for the foreseeable future, a data breach is no longer a matter of if, but when.

Tags: Security Mistakes, Symantec

Posted by pschooff in Better Protection • Hackers • Small Medium Enterprise | Permalink | Comments (0) | TrackBacks (0)

While zero day attacks have grabbed many of the recent headlines, it seems a newer and much more insidious type of attack stands to become a much bigger problem. As I've blogged here before, zero day attacks are attacks that seek to exploit the most recent software weakness on or before the day users are alerted to the problem.

As this article from Computer Weekly reports, the new malware is actually much more dangerous, as it’s never meant to be detected. This new type of hack is no longer just some kid trying to show off their hacking skills to the world, but is instead created entirely with criminal intent. The new malware is meant to sit on a computer and disrupt nothing so as to stay deeply undercover, and this allows it to slowly leak out the user's vital information.

Mikko Hyppönen, chief research officer at security firm F-Secure, said “They send the malware as an attachment in an e-mail spoofed to look like an internal e-mail coming from a real colleague with an address that actually exists within the company. The e-mail message is even written in the local language, and the attachment, which is actually malware, is disguised as something innocent, like a Word document. When opened, it even looks like an internal document with company headers and footers.”

The extent of these stealth attacks are hard to measure as so few have been uncovered. Once installed on a machine, these Trojans can catch passwords, scan networks, export information and serve as a base for further attacks.

One reason there is scant protection against these type of attacks is that they are precision targeted, meaning only a few victims are chosen, and the malware is so specific to the target that they never even show up on Microsoft’s or some other software company’s radar as something that needs to be patched.

Jay Heiser, research vice-president at Gartner, said, “Security is still down to good hygiene and carefully managed information security that is effective against entire classes of threats. Various forms of host attack prevention systems still have a lot of potential for protecting code that is not addressed by anti-virus software. But the main message remains: if you don’t recognise it, don’t let it run.”

Also, rather than concentrating on stopping incoming threats, companies need to look for inconsistencies on their network – high levels of e-mail activity, large movements of data, and packet inspection to see if data is being bled in small broadcasts to unknown IP addresses.

Others say that this simply reveals that the life-span of our current virus software has just about run out, and the next generation of malware protection will have to be more comprehensive and much more closely tied to a computer’s operating system.

Tags: Malware, Zero Day Attacks, Stealth Attacks

Posted by pschooff in Better Protection • Hackers | Permalink | Comments (0) | TrackBacks (0)

With study after study reporting that spam is growing out of control, including this one at Search Security, one wonders that if trying to find an email ever becomes akin to trying to find a needle in a haystack, will there ever come a time when some companies simply decide to chuck out the whole email haystack.

Studies have reported an increase in spam from 60 to 120 percent in the past year. Kaye Vivian recently blogged about this recent surge, writing “My spam level is up to about 60 per day that get through my ISP, which blocks about twice that many more, and that doesn't include the 50-60 spams I get on the blog here and manually delete.”

The explosion of spam can be directly linked to outbreaks in malware, meaning that as certain viruses spread around the internet and start infecting computers, those infected computers quickly join other infected computers, typically without the owner’s knowledge, to form a vast and effective spam network.

And where spam was once the providence of fairly harmless internet marketers trying to sell you something, spam has now become one of the main focuses of organized crime, and their motives are much more disreputable. Also, the economics of spam heavily favors the spammers, as while it still costs next-to-nothing to flood email accounts with spam, for the other side, in terms of system resources and time wasted, businesses bear most of the cost.

While I believe that email is far too important a tool ever to be rendered irrelevant, I do think companies need to be especially selective about which spam engines they utilize. At Message Partners, we have found that the only way to fight back against this growing bot threat is by copying them. By that I mean as this new type of spam continuously recruits a growing army of computers to serve as spam bots, Message Partners’ believes you need to use a growing army of spam filters to thwart them. That’s why we have built a powerful email policy engine that allows you to employ any number of spam filters (from commercial to open source), and in that way utilize their different methods of finding and destroying spam.

And with spam showing no signs of slowing down, I don’t see how the war can be won any other way.

Tags: Spam, Spam Bots

Posted by pschooff in Better Protection • Hackers • Spam | Permalink | Comments (0) | TrackBacks (0)

The Macintosh has become a tantalizing challenge for hackers precisely because it is seen as somewhat unimpenetrable. A report from TechNewsWorld also indicates that, although the virus free image of the Mac is a big feature in Apple’s advertising, that perception may not be altogether accurate.

This past May Internet Security Systems, a security vendor, found that there were three times as many vulnerabilities for the Macintosh then there were for Windows. Some have referred to this trend as Mac becoming the Apple of hackers’ eyes.

As you would expect, this growing interest has translated into the discovery of even more Mac vulnerabilities. McAfee found that vulnerabilities for Mac went up 228 percent, while for Windows they only increased 78 percent. Of course some of this percentage can be explained by the fact that Mac also starts with a much lower number of vulnerabilities (there are 2,000 known viruses for the Mac, compared to 70,000 for the PC).

It was in February 2006 that the first worm created for Mac OS X was discovered, named OSX/Leap.A, which is an instant messaging worm capable of infecting the Mac.

This increase is party due to the Mac’s success, as the Mac has seen double digit growth, as well as the growth in iPod and iTunes. The increase can also be attributed to sheer boredom, as hackers have been focusing on Windows for so long, Apple simply presents a new challenge.

There is good news in all this, for both platforms. The fact is, the number of serious problems resulting form virus attacks have dropped considerably. In 2004, McAfee counted 48 virus outbreaks of at least moderate severity, and in 2005 that number dropped to 12, and this year stands at zero. Let’s hope it stays that way.

Tags: Macintosh, Hackers

Posted by pschooff in Apple • Hackers • McAfee • Microsoft | Permalink | Comments (0) | TrackBacks (0)

This list comes from CNN Money.

1. Patch early and often. With zero day attacks growing along with the number of patches being issued, test and install security patches ASAP.

2. Enforce password policies. While it’s well established that passwords should mix letters and numbers, uppercase as well as lowercase, do not let the desire for perfect passwords get in the way of good security – as the more employees are required to change their passwords, the more they are apt to write them on Post-Its.

3. Mind your VPN. Telecommuters can collect nasty viruses and malware which can then migrate to the corporate network, therefore limit virtual private network access only to company issued laptops configured to your security policies.

4. Watch your wireless. Securing Wi-Fi is only the beginning. The newest trick is the “evil twin” attack, which creates a similarly named fake wireless network in the hopes that an employee will log on and not notice the discrepancy, thereby revealing user name and password.

5. Only make promises you can keep. When the FTC investigates a company, it’s usually because the company exaggerated their claims, as in falsely claiming that customer data is only stored in encrypted form. Therefore, make sure you walk the talk.

6. Hack yourself. Hire an outside auditor to breach your network just to get a hackers eye-view of your weaknesses.

7. Sequester sensitive data. Treat customer credit card and Social Security data as top secret and keep it on compartmentalized servers and limit accessibility.

8. Encrypt it. Use strong cryptography to protect sensitive data. An encrypted database left on a city street is more secure than an unencrypted one hidden in a bank vault.

9. Collect only what you need. Delete what you don’t. More than a few companies have been embarrassed after being successfully hacked for credit card numbers years past the actual transactions. Evaluate the inherent risk, and not the potential value, of the data you collect.

10. Phear phishers. Phishing has become so profitable it is no longer just a problem for Fortune 500 companies. Set up a responsive e-mail contact for customers who’ve received messages pretending to come from you, issue website warnings about fresh attacks, and train customers not to click e-mailed login links - by not sending any yourself.

Tags: Computer Security, Phishing, Patches

Posted by pschooff in Better Protection • Hackers • Phishing | Permalink | Comments (0) | TrackBacks (0)

In what is starting to resemble nothing less than the gunfight at the OK Corral, the white hat firm of Authentium announced that they have created a new version of their product that circumvents PatchGaurd’s kernel protection technology. In an article at EWeek, The Palm Beach Gardens based company said that they have a new version of Authentium ESP Enterprise Platform that can bypass Patchguard without setting off desktop alarms. Expect the black hat hackers and internet nare-do-wells to soon follow.

In an attempt to stop hackers from attacking computers with rootkits, PatchGuard blocks any application from “hooking” Vista's kernel commands, a method also used by vendors for anti-tampering and behavior monitoring tools. But unlike McAfee and Symantec, which have demanded access to the kernel, Authentium has simply circumvented the feature. Whereas any program that attempts to modify the kernel will result in a blue screen computer stoppage, Authentium said they have been able to access the kernel without incurring a shut-down.

The loophole used to bypass PatchGuard is simply the result of Vista’s need to support older hardware. As Mike Rothman said on his Daily Incite blog, "This is the fundamental truth of Microsoft's problem. As long as they are constrained by requiring backwards compatibility, the problem is NOT going to get better and we are not going to make much progress."

Because hackers will quickly copy this method of defeating Patchguard, Corey O’Donnell, vice president of marketing at Authentium, said that was why his company is not waiting to see what Microsoft’s APIs will allow for. Said O’Donnell, "Good and bad guys have the same job, to identify holes in whatever software is delivered and beat it."

Tags: Microsoft Vista, Authentium, PatchGuard

Posted by pschooff in Better Protection • Hackers • McAfee • Microsoft | Permalink | Comments (0) | TrackBacks (0)

As if any more evidence was needed that hacking has grown from a juvenile delinquent’s quest for attention to big-time crime, a report in EWeek has found that high-tech criminals using spyware have been victimizing discount brokerages on the order of tens of millions of dollars.

Earlier this month the SEC warned that hackers were taking over online brokerage accounts using remote locations. TD Ameritrade Holding Corp. revealed on Tuesday that they had become the latest brokerage to be scammed, costing them $4 million in the third quarter to restore customer accounts.

Even harder hit was E*Trade Financial Corp, which announced third quarter fraud losses of $18 million, which came from swindlers stealing clients’ identities and then manipulating their accounts.

Both brokerages guaranteed that their client fraud loses would be repaid, and both are ratcheting up their defenses.

"We've seen that level of fraud in the last three weeks or so reduced to almost zero as a result of the changes we're making," E*Trade CEO Mitchell Caplan said in last week's conference call. But Gwenn Bezard, an analyst with Boston-based consultant Aite Group, said E*Trade had previously made big efforts to bolster security and the $18 million increase was a sign of hackers' resiliency in flouting fraud prevention efforts.

Around 25 percent of U.S. retail stocks are traded online through roughly 10 million accounts, according to NASD. The identity theft usually occurs when a victim’s computer or public PC is loaded with a spy program that is able to capture vital keystroke information.

Said Gwenn Bezard, “It’s a reminder that though you may have stronger authentication it may not protect you from other types of scams.”

Tags: Online Brokers, Identity Theft

Posted by pschooff in Hackers | Permalink | Comments (0) | TrackBacks (0)

To most people, patch Tuesday means a chance to shore up their Microsoft programs and hopefully make their desktops more secure. For hackers, it means Microsoft is pretty much finished fixing their vulnerabilities for a month, so why not maximize the time they have for the next series of exploits. So, according to Brian Krebs Security Fix, as regular as patch Tuesday has become, the day after has become known as exploit Wednesday.

The day or two after, the hacker bulletin boards light up with the newest found flaws. Just yesterday hackers revealed a serious flaw in the Powerpoint files of Office 2003, which means someone up-to-no-good can install malicious software on your computer just by having you open a document. For it's part, Microsoft has acknowledged reports of a possible vulnerability.

To me, it seems like it's time to stop this too predictable cycle. While I know it's not practical to have IT administrators updating their systems daily, and it is good to have a deadline for patches, it's not like we're ever likely to see the following announcement from our IT Admins: Employees, please turn off your computers between 3 and 4 PM today because cyber criminals have told us they're going to be launching an attack. Microsoft needs to adopt an approach that is as dynamic and unpredictable as those of the hackers.

Tags:Brian Krebs Security Fix, Microsoft

Posted by pschooff in Hackers • Microsoft • Patches | Permalink | Comments (0) | TrackBacks (0)