Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

03:25 AM

Shock and Awe

Human tragedy casts any threat alert in a much different light

11:25 AM -- The real world pierces this bubble of IT security we inhabit in shocking ways sometimes.

I was on the phone Tuesday morning with MicroWorld Technologies' U.S. office, researching a new worm the company had discovered. (See New Windows Worm on the Loose.)

Agnelo Fernandes, technical head of MicroWorld there, had been patiently answering my questions about the inner workings of the worm but explained he couldn't field all of them. He had been unable that morning to reach the company's researchers in India who first detected the worm: Explosions were rocking Mumbai, he said, where the company's headquarters and labs are located. Phone service in the region was interrupted, and many of his emails had gone unanswered in the wake of bomb attacks that hit commuter trains there.

A new Windows worm threat clearly seemed insignificant. People were in serious physical danger and here we were, talking about a malware threat to an operating system. Fernandes promised he'd keep trying to reach the MicroWorld researchers to get the answers I needed for my story by my deadline. A little guiltily, I awaited the worm details while he frantically resumed trying to contact his co-workers.

Later it hit me. As unimportant as it had seemed for him to chase down my query while the fate of his colleagues in India was unknown, it may have actually been a way for Fernandes to help them. He was carrying on MicroWorld's IT security business.

Fernandes indeed took care of business. In the end, he was able to reach one of the researchers by email. (I was more relieved about that than receiving the additional worm info.) He also confirmed that most of MicroWorld's employees were forced to return to their offices after attempting to evacuate the area because the roads were jammed and public transportation had come to a standstill. Last I heard, all of MicroWorld's employees there were safe.

By the way, if anyone still cares, as of this writing the risk of a Win32.Detnat.a worm attack remains relatively low.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • MicroWorld Technologies Inc.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Sodinokibi Ransomware: Where Attackers' Money Goes
    Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
    How to Think Like a Hacker
    Dr. Giovanni Vigna, Chief Technology Officer at Lastline,  10/10/2019
    7 SMB Security Tips That Will Keep Your Company Safe
    Steve Zurier, Contributing Writer,  10/11/2019
    Register for Dark Reading Newsletters
    White Papers
    Cartoon Contest
    Write a Caption, Win a Starbucks Card! Click Here
    Latest Comment: The old using of sock puppets for Shoulder Surfing technique. 
    Current Issue
    7 Threats & Disruptive Forces Changing the Face of Cybersecurity
    This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
    Flash Poll
    2019 Online Malware and Threats
    2019 Online Malware and Threats
    As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2019-10-17
    WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements.
    PUBLISHED: 2019-10-17
    WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header.
    PUBLISHED: 2019-10-17
    WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripting) via the Customizer.
    PUBLISHED: 2019-10-17
    WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.
    PUBLISHED: 2019-10-17
    app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI.