width= WEBCAST—NAC? NAP? IPSEC? SSL-VPN? Whats your best bet for maintaining endpoint security on your network?

Storage News
Security News
Networking News 

Be a Commerce Partner
Online Booking Hotels
Corporate Gifts
Plasma Televisions
Phone Systems
Inbound Calls
Budget Web Hosting
Cheap Airline Tickets
Prepaid Calling Cards
Compare Prices
Auto Insurance
Auto Insurance Quote
Mp3 Player Reviews
Cheap Plane Tickets
Prepaid Phone Card

Internet Lists
Internet News
Internet Resources
Linux/Open Source
Personal Technology
Small Business
Windows Technology
xSP Resources
Search internet.com
Corporate Info
Tech Jobs
E-mail Offers

Get FREE Resources on Data Archiving
and Storage Management!

Addressing IT Compliance Challenges with Backup and Archiving Technologies

Information Lifecycle Management--Vision or Myth?
Unlocking the True Potential of Enterprise Message Management

Ensure Availability Through E-mail Archiving--Reduce the Cost of E-mail and Control the Risk

Security Products
 AdvestiCHECK / AdvestiGUARD (Advestigo S.A.)
 Cenzic Hailstorm (Cenzic Inc)
 SpamTitan (Copperfasten Technologies)
 Transparency Vision (Transparency Software, Inc)
 GreenBorder (GreenBorder Technologies, Inc)
 WebInspect / DevInspect (S.P.I. Dynamics, Inc)

Security features

Whitepaper: Economics in the On Demand World. Find out how you can keep your competitive edge in the On Demand World. Learn which changes will result in new enterprise structures & new supply chains.

Your Money or Your Data
March 17, 2006

We've seen something like this a couple of years ago. Then, scoundrels were threatening businesses with denial of service attacks if they didn't pony up some protection money.

Now the easy money crowd has branched out in a disturbing new direction.

stock photography
Like the sight of money? So do malware coders nowadays.
Reports of a new Trojan have started to hit the web, and it doesn't bode well for those that take the security of their PC's lightly. Targeting individuals, the new bug takes an exceptionally cruel bite out of its victims by encrypting their files. The only way to free them again is to pay up.

Users whose systems are infected Zippo-A (or CryZip) will find that their files have been packed into an encrypted archive. To release the data, the Trojan's coders were kind enough to leave instructions on where to "wire the money."

But accompanying those instructions are words that delivers bit of sting because they carry an element of truth. According to this internetnews.com report, users are treated to this little admonishment:

"Your computer catched our software while browsing illigal porn pages, all your documents, text files, databases was archived with long enought password."

Of course, their spelling and grammar could use some help, but there you have it, avoid those dark recesses of the Internet! Even if you don't visit online peepshows, always be wary of unknown sites and take special care of the files you download and the e-mail attachments you launch.

Note: Any opinions expressed below are solely those of the individual posters on the AntiOnline forums.

Spotlight Thread:
This Is New... Ransom Trojans

A word of warning from user Sm0kinP0t:

One could think the usual Trojan would always have the same purpose (z0mbies, credit and other data theft, DoS and so on...), but the folks at Sophos have found a new sort of Trojan, one that focuses malicious actions on password-encrypting documents, spreadsheets and database files only to later ask the victim for a $300 payment to an E-Gold account...

nihil reminds the group about the only reliable protection against data loss:

These first started to show up at the beginning of last year. They didn't seem to catch on, probably because it is difficult to actually collect the money without getting caught.

If you think about it, this is no big deal. If you got a virus that wiped out your data, you would be in the same position.

The answer is to have backups.

thehorse13 warns not to overlook other methods that may not sound as exciting but are still intended to cause financial harm nonetheless.

...truly new attack vectors focus on primitive tools. Why use a keylogger when the person throws the sought-after data into the garbage without shredding it?

I'd concentrate on low-tech vectors such as dumpster diving. These classic attack vectors are beginning to see an increase in use. Same for war dialing.

When we shift focus as a security community, the bad guys always look for the path of least resistance.

On the tech side of things, leveraging services such as DNS to sneak data in and out of environments is on the rise. Encrypted throttled sessions is another fabulous vector. Hiding in the white noise of network traffic is next to impossible to detect.

How do you handle hostage takers? Discuss it here.

Security Features Archives

Learn How to Develop a Security Policy for Your Organization to Keep Threats at Bay
Whitepaper: Converging System and Data Protection--Get it now!
NAC? NAP? IPSEC? SSL-VPN? What�s the best bet for maintaining endpoint security on your network?
Whitepaper: Securing Your Enterprise Applications with the BIG-IP--Get it now!
Whitepaper: Continuous Data Protection for Better Backup--Get it now!

JupiterWeb networks:


Search JupiterWeb:

Jupitermedia Corporation has two divisions:
Jupiterimages and JupiterWeb

Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Jupitermedia Corporate Info | Newsletters | Tech Jobs | Shopping | E-mail Offers