Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

7/13/2006
03:25 AM
50%
50%

Shock and Awe

Human tragedy casts any threat alert in a much different light

11:25 AM -- The real world pierces this bubble of IT security we inhabit in shocking ways sometimes.

I was on the phone Tuesday morning with MicroWorld Technologies' U.S. office, researching a new worm the company had discovered. (See New Windows Worm on the Loose.)

Agnelo Fernandes, technical head of MicroWorld there, had been patiently answering my questions about the inner workings of the worm but explained he couldn't field all of them. He had been unable that morning to reach the company's researchers in India who first detected the worm: Explosions were rocking Mumbai, he said, where the company's headquarters and labs are located. Phone service in the region was interrupted, and many of his emails had gone unanswered in the wake of bomb attacks that hit commuter trains there.

A new Windows worm threat clearly seemed insignificant. People were in serious physical danger and here we were, talking about a malware threat to an operating system. Fernandes promised he'd keep trying to reach the MicroWorld researchers to get the answers I needed for my story by my deadline. A little guiltily, I awaited the worm details while he frantically resumed trying to contact his co-workers.

Later it hit me. As unimportant as it had seemed for him to chase down my query while the fate of his colleagues in India was unknown, it may have actually been a way for Fernandes to help them. He was carrying on MicroWorld's IT security business.

Fernandes indeed took care of business. In the end, he was able to reach one of the researchers by email. (I was more relieved about that than receiving the additional worm info.) He also confirmed that most of MicroWorld's employees were forced to return to their offices after attempting to evacuate the area because the roads were jammed and public transportation had come to a standstill. Last I heard, all of MicroWorld's employees there were safe.

By the way, if anyone still cares, as of this writing the risk of a Win32.Detnat.a worm attack remains relatively low.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • MicroWorld Technologies Inc.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 6/5/2020
    Abandoned Apps May Pose Security Risk to Mobile Devices
    Robert Lemos, Contributing Writer,  5/29/2020
    How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
    Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win a Starbucks Card! Click Here
    Latest Comment: What? IT said I needed virus protection!
    Current Issue
    How Cybersecurity Incident Response Programs Work (and Why Some Don't)
    This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
    Flash Poll
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-13842
    PUBLISHED: 2020-06-05
    An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). A dangerous AT command was made available even though it is unused. The LG ID is LVE-SMP-200010 (June 2020).
    CVE-2020-13843
    PUBLISHED: 2020-06-05
    An issue was discovered on LG mobile devices with Android OS software before 2020-06-01. Local users can cause a denial of service because checking of the userdata partition is mishandled. The LG ID is LVE-SMP-200014 (June 2020).
    CVE-2020-13839
    PUBLISHED: 2020-06-05
    An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via a custom AT command handler buffer overflow. The LG ID is LVE-SMP-200007 (June 2020).
    CVE-2020-13840
    PUBLISHED: 2020-06-05
    An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 (June 2020).
    CVE-2020-13841
    PUBLISHED: 2020-06-05
    An issue was discovered on LG mobile devices with Android OS 9 and 10 (MTK chipsets). An AT command handler allows attackers to bypass intended access restrictions. The LG ID is LVE-SMP-200009 (June 2020).