Threats That Go 'Hack' in the Night

Some of these exploits are pretty scary in the daytime too

Dark Reading Staff, Dark Reading

November 2, 2007

2 Min Read

3:28 PM -- It's the end of Halloween week, and by now you've probably had enough vampires, ghouls, and Elvis ghosts. If you're like me, your worst scare probably came yesterday morning, staring at the bathroom scale after all that leftover candy.

Unfortunately for security pros, however, the scary stuff just keeps coming. And in most cases, it's very real.

The threats from botnets are perhaps the most serious and frightening. Earlier this week, we learned that botnets are not just harnessing the uneducated and unpatched consumer PC, but whole groups of enterprise machines as well. How many of your machines are currently zombies in a major botnet? It's worth checking into. (See Bots Rise in the Enterprise.)

Before you go too deep into your investigation, though, you should know that fighting botnets has a price. The Storm worm/Trojan, for example, can detect efforts to research its behavior -- and level researchers with a denial of service attack. (See Researchers Fear Reprisals From Storm.)

And of course, botnet operators and spammers are continually coming up with new ways to fool users and suck them into their scams. Just this week, we've seen spam and malware dressed up as dancing skeletons and popular music and video recordings. These exploits could be the winners at any costume contest. (See Industry Hears First 'Singing Spam' and Halloween Spam Storms Inboxes.)

But the threats don't stop at the PC. Earlier this week, a slew of vulnerabilities were discovered in voice over IP services, including the popular Vonage. These exploits could enable hackers to steal account information or even eavesdrop on conversations. (See Researcher: Vonage Vulnerable.)

Had enough scares? Okay, let's cut to the monster: An Israeli news organization claims to have translated a message from Al Qaeda leadership, ordering an all-out cyber jihad on western targets beginning on November 11. If there's any truth to it, there could be a whole lot of trouble in networks all over the world in less than two weeks. (See Report: Al Qaeda Schedules Cyber Jihad for Nov. 11.)

Unfortunately, these threats aren't part of a bad slasher movie, and they won't go away with the candy. If you're a security pro, these are issues you'll have to deal with today -- if you don't want them going "bump" in the night tomorrow.

— Tim Wilson, Site Editor, Dark Reading

About the Author(s)

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

CrowdStrike logo on a phone screen
Threat Intelligence
CrowdStrike 'Updates' Deliver Malware & More as Attacks SnowballCrowdStrike 'Updates' Deliver Malware & More as Attacks Snowball
byNate Nelson, Contributing Writer
Jul 25, 2024
3 Min Read
Hands of a person in a suit jacket holding a screen pointing to an image of a padlock and the words "insider threat"
Vulnerabilities & Threats
Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4
byElizabeth Montalbano, Contributing Writer
Jul 25, 2024
4 Min Read
A laptop showing the Microsoft WIndows 11 logo
Endpoint Security
Goodbye? Attackers Can Bypass 'Windows Hello' Strong AuthenticationGoodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication
byJeffrey Schwartz, Contributing Writer
Jul 23, 2024
4 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events