Complex code attacks to soar this year
Researchers claim hackers are directing users to malicious sites, with varying code based on random functions and parameter name changes, to infect computers with botnets and other spyware, reports SC Magazine.
"Dynamic code obfuscation techniques are the latest salvo from hackers in the ongoing battle of wits between security vendors and their criminal opponents," said Yuval Ben-Itzhak, CTO at Finjan. "With their creation of dynamic obfuscation utilities, which enable virtually anyone to obfuscate code in an automated manner, they have dramatically escalated the threat to Web security."
He added: "This threat is dynamic, not static, and the signature variations allow the code to infiltrate the company network and infect the machines. Hackers are moving to the next phase and this will be one of the biggest trends this year."
Vista exploit looking for Achilles heel
Security researchers claim the first flaw to hit Microsoft's new operating system is now for sale by malicious hackers.
The flaw, which was discovered in December, was dismissed as a limited threat. But Marc Maiffret, founder and CTO of eEye Digital Security, said virus writers and malware authors are still shopping it around as a way to deliver more destructive payloads to the operating system.
Unlike XP, which allows anyone to have complete control of the operating system as an administrator, Windows Vista is billed as limiting so-called "system" privileges as a way to reduce how effectively a virus or malicious code could wreak havoc on a user's computer. The first Vista exploit drives a truck through that claim, Maiffret said.
Prevx uncovers search engine vulnerability
Prevx has found new vulnerabilities affecting PC users trying to use Internet search engines to locate information about potential spyware.
Prevx researchers discovered certain malicious spyware programs prevent users, whose computers have become infected, from using popular search engines such as Yahoo, Google and MSN to locate a cure, enabling the spyware infections to proliferate more readily.
More information on spyware and other malware is available at www.prevx.com.
Share
