2003 viruses caused $55B damage, antivirus firm says

Story by Jennifer Tan

JANUARY 16, 2004 ( REUTERS ) - Computer virus attacks cost global businesses an estimated $55 billion in damages in 2003, a sum that would rise this year, said Trend Micro Inc., the world's third-largest antivirus software maker. Companies lost roughly $20 billion to $30 billion in 2002 from the virus attacks, up from about $13 billion in 2001, according to various industry estimates. 
"The economic and financial impact of virus attacks will continue to climb in 2004," Lionel Phang, Trend Micro's Managing Director told Reuters in an interview. He did not have a forecast for the year. 
Spam threats and network viruses will likely become more prevalent in 2004, he said. "The spam threat will increase exponentially, and will become the hideouts for viruses and hacking programs trying to gain an entry into the network," he added. More.... 

PayPal scam tries to jumpstart new Mimail worm

Virus authors are using spam to spread a new version of the Mimail worm 
Story by Paul Roberts
JANUARY 15, 2004 ( IDG NEWS SERVICE ) - After releasing a new version of the Mimail e-mail worm last week, virus authors are using a new tool this week to help it spread: spam e-mail containing a Trojan horse program that, once installed, retrieves and installs the worm. The new threat, which targets customers of eBay Inc.'s PayPal online payment service, highlights a growing trend in which online criminals combine computer viruses, spam distribution techniques, Trojan horse programs and "phishing" scams to circumvent security technology and fool Internet users, said Carole Theriault, security consultant at Sophos PLC in Abingdon, England. More.... 

Virus alert: Beware of dodgy Bagle
Andrew Colley
ZDNet Australia
January 19, 2004 Computer security experts fear a new worm - Bagle-A - which began spreading rapidly across Australian email overnight could be a rehearsal for a more concerted worldwide attack in coming weeks. 
According to Daniel Zatz, security director for Computer Associates Australia, Bagle-A carries an expiry date, possibly indicating more robust versions of the worm could be slated for release soon - drawing comparison to the Sobig worm. 
According to Zatz, while Bagle-A is already successful, responsible for an alarming 80 per cent jump in queries to CA's help desk and in virus submissions to rival computer security company Sophos, the current version of the worm contains bugs. More.... 

HP patches critical security holes in Tru64 Unix 
By Munir Kotadia, Special to CNETAsia
Monday, January 19 2004 10:18 AM 

Vulnerabilities have been found in HP's high-end Unix operating system that could allow attackers to take over a server or knock it offline. 
Critical security vulnerabilities in HP's Tru64 Unix operating system were patched last Friday after it was discovered that implementations of IPsec and SSH programs, which carry VPN and secure system command traffic, were vulnerable to attackers.
The vulnerabilities are an embarrassment to HP because both were found in vital components of the operating system and both could enable malicious users to either take control of a machine or launch a denial of service attack. SSH, a secure Telnet program, is used to securely send commands to a server, while IPSec is used to create virtual private networks to carry encrypted information over the Internet between two computers. More.... 

Standardizing on Security
The Linux standards group publishes 565 pages of data describing a standards-compliant Linux package. So why aren't any of them about security? 
By Hal Flynn Security Focus 

Things that are created in an open fashion tend to be the best of breed. They benefit from the entire world seeing them at their most basic level, and parties collaborating to enhance them and make them better. Open technology is an example of this. 
The Internet would be very different today had it not been built on the open model. Through Requests For Comments (RFCs), Internet Engineering Task Force drafts, and other open forums, the development and discussion of ideas and technologies has flourished into standards that, despite their age, are as good now as when they were conceived. In most cases, open is best, because it produces the best results. More.... 

Is SSL security over-hyped?

NetworkIT week

At the start of the year I wrote about the benefits of web-based alternatives to the traditional virtual private network (VPN), and how they would use the Secure Sockets Layer (SSL) protocol to handle the necessary encryption. Since then, it seems, the world has gone SSL mad, and many analysts predict exponential growth, the like of which we've not seen since before the dot-com crash.
In its World SSL VPN Products Market report, analyst firm Frost & Sullivan forecasts sales of just under $90m (£52m) this year, rising to $1bn (£660m) by the end of 2008. More....

Agriculture epidemics may hold clues to Net viruses 

By Robert Lemos
Staff Writer, CNET News.com

 
In studying the effects of last summer's MSBlast worm, some security experts turned to an unlikely source in search of clues to the prevention of computer epidemics: plants.

Their idea was inspired by parallels that scientists are drawing between the proliferation of computer viruses and the spread of agricultural catastrophes such as Dutch Elm Disease, which has devastated a small variety of American elms since crossing the Atlantic decades ago. Like Dutch Elm, MSBlast was a single foreign entity that infected extremely susceptible hosts of an entire population--in this case, of Windows computers. More....

Flaws threaten VoIP networks

A technical review conducted by the British government has found several security flaws in products that use VoIP and text messaging, including those from Microsoft and Cisco Systems. 
The flaws affect software and hardware that support the real-time multimedia communications and processing standard, known as the International Telecommunications Union (ITU) H.323 standard. 

The security problems can cause a product that supports H.323 to crash. For example, in Cisco telecommunications products running its IOS operating system, the vulnerability could be used to cause the devices to freeze or reboot. However, on Microsoft's Internet Security and Acceleration Server 2000, which is included with Small Business Server 2000 and 2003 editions, the vulnerability could allow an attacker to take control of the system. More....

Vulnerabilities

 

16 January 2004 RapidCache Multiple Vulnerabilities

15 January 2004 Symantec LiveUpdate Privilege Escalation Vulnerability Phpdig 1.6.X Remote Command Execution Vulnerability WWW Fileshare Pro Multiple Vulnerabilities

13 January 2004 Windows FTP Server Format String Vulnerability PHP Manpage Lookup Multiple Vulnerabilities ezContents Remote Code Execution Vulnerability Accipiter Direct Server 6.0 Directory Traversal Vulnerability

Advisories