Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

IM Logic withholds details of Santa Claus IM worm, unless youre a custom

from [Mo3b3tta] Network Security [Permanent Link]
Subject: IM Logic withholds details of Santa Claus IM worm, unless youre a customer
Date: 21 Dec 2005 21:15:50 -0000 
On Dec. 19th IM Logic released an advisory about a worm spreading through all 
major IM clients.  See advisory for details, or lack thereof. 
http://www.imlogic.com/im_threat_center/index.asp

If you are not an IM Logic customer you may be hard pressed to find any details 
of what this threat would look like in your environment.  IM Logic did not 
publicly release any actionable information as to how a non IM Logic customer 
could detect if this worm was already in their network.  But according to Tim 
Johnson, the Director of IM Logic?s threat center, he doesn?t see what all the 
fuss is about.  All you have to do is buy the company?s product and you will be 
protected.  He did mention that they have a process they follow.  They first 
tell AOL, MSN or whoever is affected in an effort to minimize the current 
activity.  Then they tell the antivirus vendors about what they know.  
Hopefully they can detect and stop any current infections, if not?dang, your 
screwed. Then IM Logic customers get the heads up.  Then you as a non-customer 
have the opportunity to wait for a signature to come out by your antivirus 
vendor so that you can tell if a hacker has a rootkit loaded in you
 r environment.  Oh, darn it, I forgot, according to the official advisory, 
antivirus vendors can?t detect Santa Claus; apparently Santa can put your 
antivirus to sleep.  I always thought Santa knew if you were asleep, not put 
you to sleep, but I digress.    

So what is the world and security community supposed to do?  Well according to 
IM Logic, pay them the money and they will take care of it for you.  Hmm, I 
wonder where else we find this type of behavior.  Hold on guys, Toni the Bull 
is at my back door, brb, need 2 make my ?insurance payment? AFK?.

Back, sorry it took so long.  My left knee is a little sore; I was short on my 
?insurance payment? this month.  Anyway, haven?t we been down this road before? 
 Do you remember the big antivirus company that tried this stunt and then felt 
the backlash from the security community?  Security companies should follow the 
same procedures that ethical and responsible researchers follow when disclosing 
vulns.  Most companies do, those that don?t? should we reward them by purchase 
orders?  Not this guy.

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • IM Logic withholds details of Santa Claus IM worm, unless youre a customer, Mo3b3tta <=
Previous by Date:  Re: IIS on windows 2003, John Doe
Next by Date:  sha-1 cryptography, Enquiries
Previous by Thread:  pwdump3e and windows 2003, Hodgson, Charles
Next by Thread:  sha-1 cryptography, Enquiries
Indexes:  [Date] [Thread] [Top] [All Lists]