Vulnerabilities / Threats
3/29/2007
03:35 AM
Connect Directly
RSS
E-Mail
50%
50%

Akonix: 200% Increase in IM Attacks

Akonix announced its IM Security Center researchers tracked 31 new malicious code attacks over IM networks during the month of March

SAN DIEGO -- Akonix Systems, the provider of the most deployed instant messaging (IM) security and compliance products in the world, today announced its IM Security Center researchers tracked 31 new malicious code attacks over IM networks during the month of March - three times more than the same month last year.

New IM worms identified include IMspam, QQPass and TrigXF. Maniccum and Hotmatom were the most common, with one variant each. Attacks on P2P networks such as Kazaa and eDonkey increased 32 percent this month over last, with 25 attacks.

During March, Akonix security analysts issued three new policy updates to protect customers against new malware, using the industry's only dynamic IM malware, spim and protocol update system. This automatically pushes updates to customers to block spyware, worms and viruses. Akonix customers were secure on day zero from each new threat with the in-depth protection and containment features of Akonix's 360° Security for Real-Time Communications(tm).

"So far this year, IM networks are being attacked much more frequently when compared with the same period in 2006," said Don Montgomery, VP of marketing at Akonix. "The upsurge of threats is indicative of the greater adoption of IM within corporate networks, which increases its appeal as a vector for viruses and worms."

Akonix Systems Inc.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0103
Published: 2014-07-29
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.

CVE-2014-0475
Published: 2014-07-29
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.

CVE-2014-0889
Published: 2014-07-29
Multiple cross-site scripting (XSS) vulnerabilities in IBM Atlas Suite (aka Atlas Policy Suite), as used in Atlas eDiscovery Process Management through 6.0.3, Disposal and Governance Management for IT through 6.0.3, and Global Retention Policy and Schedule Management through 6.0.3, allow remote atta...

CVE-2014-2226
Published: 2014-07-29
Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtains sensitive information via unspecified vectors.

CVE-2014-3020
Published: 2014-07-29
install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program.

Best of the Web
Dark Reading Radio