Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

10/29/2007
04:12 AM
50%
50%

Akonix: 22 IM Attacks This Month

Company predicts upcoming spike in malicious activity as companies prepare unified communications rollouts

SAN DIEGO -- Akonix Systems, Inc., a provider of policy and risk management products for real-time communications, today announced its IM Security Center researchers tracked 22 malicious code attacks over instant messaging (IM) networks and a 50% increase in threats on P2P networks during the month of October. Although the number of monthly IM threats decreased from September, Akonix forecasts this is the calm before the storm as businesses implement unified communications (UC) platforms in 2008.

New IM worms identified include AttachMsngr, Botsie, Destructor, Orcu, QQDragon, Weapbot and Yahack. Sdbot was the most common with three variants, followed by Destructor and Yahack with one each. In addition, attacks on P2P networks, such as Kazaa and eDonkey, increased 50% this month over last, with 24 attacks.

During October, Akonix security analysts issued three new policy updates to protect customers against new malware, using the industry's only dynamic IM malware, spim and protocol update system. Akonix Security Update Services automatically push updates to customers to block spyware, worms and viruses. Akonix customers were secure on day zero from each new threat with the in-depth protection and containment features of Akonix's 360° Security for Real-Time Communications(tm).

"Despite this month's slowdown, the ongoing implementation of UC will introduce new corporate vulnerabilities and liabilities, including the number of entry points for hackers to attack," said Don Montgomery, VP of marketing at Akonix. "As companies continue to multiply the number of real-time applications deployed, they need to protect themselves from new threat vectors. IM will be a key point of contention, as Akonix anticipates it will become the foundation for electronic messaging on corporate desktops."

Akonix Systems Inc.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21392
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addre...
CVE-2021-21393
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identif...
CVE-2021-29429
PUBLISHED: 2021-04-12
In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded in...
CVE-2021-21394
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identif...
CVE-2021-22497
PUBLISHED: 2021-04-12
Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.