The new database of startup programs has been published. Each entry in the database is classified according to security risk. (Malware, Suspicious, Infected, Trusted, etc.)
US president Barak Obama has made the instruction to spend wide area studying of systems of computer security of the country.
Two-month check should answer on a question as affairs with protection against hackers, the malicious software and foreign secret services are. State counteraction to electronic attacks was one of pre-election pledges of 44th president. George Bush’s administration was criticised often by independent auditors for insufficient attention to this problem, therefore it should get to the list of urgent matters of the successor automatically.
Recently, users of Mac-computers were in safety concerning harmful programs, now this situation starts to change. And not in the best direction. Recently founders of harmful codes are involved more and more with Apple computers, and experts on safety even more often declare the next dangerous program. So, the new Trojan horse working under OS X Tiger and Leopard, can steal the password, avoid definition, bring in a broad gull everything that users have typed and even to make their photo.
Bloomberg informs that two largest world defensive contractors, American Lockheed Martin and Boeing, allocate resources and prepare for expansion of forces for work in a new direction - cybersafety. In the companies say that the market large corporate and state orders in the field of cybersafety by 2013 will reach 11 billion dollars and as the most part of these expenses will have on the American networks two companies start to prepare for pie section in advance.
Microsoft company has confirmed existence of new potentially serious threat of security for users of its databases SQL Server. Vulnerability is detected in one of procedures of duplicating of tables of subscription which under certain conditions can lead to remote performance of a code. However while Microsoft did not hear, that someone used this hole in protection or that someone from users has suffered from it.
The company has told about presence of vulnerability last Monday. The hole in protection is linked to “incorrect check of parametres” in procedure “sp_replwritetovarbin”, used for duplicating of tables of subscription for users. According to Microsoft vulnerability can lead to remote performance of a code for users of various versions of Microsoft SQL Server into which list have not entered only Microsoft SQL Server 7.0 Service Pack 4, Microsoft SQL Server 2005 Service Pack 3 and Microsoft SQL Server 2008 which, according to the company, are not subject to this danger. Besides, for usage of this vulnerability attacking it is necessary or authentificate, or to use advantages of vulnerability “SQL injections” which leads to authentification. Also, MSDE 2000 and SQL Server 2005 Express by default do not resolve ras connections. Therefore for usage of this vulnerability on these systems attacking it is required to initiate locally explot.
Now the question still is researched by the company by results of what she has promised to accept “suitable operation”, to protect the users. However while Microsoft has only offered a solution technique, allowing to lock attack, but, however, not eliminating a problem absolutely. The method consists in prohibition of performance of procedure “sp_replwritetovarbin” that as a result will pour out for lack of upgrades of tables for “refreshed subscriptions” (updatable subscriptions).
The government of China has offered the new law, according to which persons plead guilty of illegal access to computer systems, will be punished in the form of imprisonment for a period of seven years.
On Monday in Standing committee of China meeting of national representatives (it is the highest legislative body of China) the second reading of the bill has taken place. As the Chinese mass-media informs, the correction to the operating Criminal code provides almost identical degree of responsibility and similar punishments for cybercriminals and those who provides them with equipment and software.
Correction acceptance will provide law enforcement bodies and judicial authority of China with the first lawful resource of opposition to the wave which has overflowed the country of thefts of the personal data. Now the Criminal code of the Peoples Republic of China provides punishment only for the persons making illegal penetration into the state computer systems. According to official figures, in one only provinces Hunan criminals daily steal passwords to twenty thousand accounts of on-line games, whose common market cost is estimated in 200 thousand yuans (almost $30 thousand). The authorities of the Peoples Republic of China see serious threat of informational safety in these operations and intend to regard them as criminal offences.
Experts from PandaLabs predict further increase of amount of malware programs.
From January till August 2008 Panda Security laboratory has found out the same quantity of new kinds of malware that for previous seventeen years together taken. In 2009 this tendency, according to experts, will remain or even progress.
In forthcoming year dominating types of harmful programs, according to PandaLabs forecast, will become bank trojans and fake antiviruses. Cybercriminals will rely even more often on social networks and quite legal resources cracked through vulnerability in server platforms. Besides, experts mark, next year the technics of packing of a harmful code by means of special custom-made tools for the purpose of difficulty of its detection becomes especially popular.
Panda Security Laboratory also predicts substantial growth of quantity of the harmful software aimed at platforms of increasing popularity, such as Mac OS X, Linux or iPhone. Besides, in the conditions of financial crisis it is necessary to expect growth of popularity of false offers on the work which purpose consists in attraction of monetary actives.
For 2009 experts predict revival of classical harmful codes, such as viruses. These programs will be used not to violate correct work of systems or block access to files, but for the purpose of masking of trojans, used for theft of the bank information.
The two-day excercices which have passed in the USA last week, have proved inability of the country to protect it’s key computer networks from encroachments from the outside.
In the exersices organised by consulting company Booz Allen Hamilton, 230 representatives of government agencies, the private companies and public organisations have taken part. Experts should stop conditional intrusion, using real skills and receptions. Experiment has shown that in case of the massed cyberattack Americans can have complexities in distribution of duties, planning, communication and other aspects. As vice-president Booz Allen Hamilton Mark Gerencser has declared, now the United States do not have any strategy, applicable to a similar situation. He also has noted absence of the official which could incur a management in case of threat.
James Langevin, the head of subcommittee of the Congress of the USA of cybersecurity, also has expressed concern concerning a condition of information security of the country. Successful attack to key computer networks can lead to refusal of an electrical supply and crash of bank system.
On termination of experiment before its participants the head of the Ministry of internal security of the USA Michael Chertoff has acted. In his opinion, in not so long-term future the cyberattack will become the standard actions previous to army operations. In this connection the minister has specified in necessity of updating of the international legislation and military doctrines. Now to the USA there is an active discussion of a question on establishment of a post of the adviser of the president on cybersafety.
Microsoft has released an unplanned patch for Internet Explorer.
The security hole about which there is a speech, has been found out about a week ago. The vulnerability can be used by malefactors for the purpose of unapproved penetration on the remote computer and executing of any program code on it. For the organisation of the attack it is necessary to entice the user on the web site generated in special way. The problem relates to all versions Internet Explorer, and malefactors worldwide are already actively maintaining the vulnerability. According to some information, for today by the amount computers, cracked with use of this vulnerability, is over 2 millions. The harmful code is already atached to thousands of web pages.
Users with activated Windows Update will receive the patch automatically. Besides, “patch” for a browser can be loaded manually from Microsoft web site.
The Microsoft Corp. warns about appearance of the new harmful program maintaining vulnerability in operating systems of Windows the patch for which has been released last month. About Microsoft building all is quiet.
The worm who has received name Conficker extends mainly in corporate networks so far, also hundreds cases of infection of computers of ordinary Internet users however are already reported. Conficker uses a hole which description contains in the bulletin of safety of Microsoft MS08-067. The problem is linked by that at processing of the inquiries of the remote call of procedures generated in special way (Remote Procedure Call) in Server service of program platforms of Microsoft there is an error allowing malefactors to capture a complete control over the computer of a victim.
Harmful program Conficker opens a random port between 1024 and 10000 and works as a web server. When the worm penetrates the computer, it masks itself as a JPG-file, and then writes itself to a disk under the pretext of library DLL. It is remarkable that, having got on the computer of a victim, Conficker installs a patch for vulnerability MS08-067. However in this case the worm cares at all of the owner of the computer — simply thus Conficker closes an opening for other harmful programs which can prevent its operation. The majority of messages on infection of computers with program Conficker while arrives from territory of the United States. Besides, the worm is noticed and in a number of other countries, including in Germany, Spain, France, Italy, Japan, Brazil and China.
