Don't miss our upcoming Network Computing virtual event on Connectivity Solutions - Secure Your Complementary Seat Now!
Just five days after Microsoft divulged a critical vulnerability in Windows 2000, several bot worms began attacking unpatched systems using exploit code released by the same group responsible for the code used to construct the Sasser worm.
Although some analysts said that the sophisticated nature of the bots could cause problems, most didn't expect this attack to reach the "meta-event" level of Sasser or 2003's MSBlast.
"We reverse engineered one of the bots yesterday, found the IRC channel used by the bot masters to communicate with their bots, and idled there for a while," said David Maynor, a researcher with X-force, the research arm of Internet Security Systems and the group credited with the original discovery of the Plug and Play vulnerability. "The count of infections wasn't all that high. A new system was infected about every 30 seconds. Sasser, in comparison, infected about 10 PCs every second."
Two of the bot worms, dubbed Zotob.a and Zotob.b by most anti-virus firms, are the most prominent, and were widely publicized by security vendors starting Sunday, August 14.
Zotob is technically a bot, which in simplistic terms is a combination of a self-propagating worm and a Trojan horse. The former spreads the malicious code, while the latter typically installs a backdoor through which additional code can be loaded onto the compromised PC by the attacker. Such infected and controlled machines are often used to send spam, conduct denial-of-service (DoS) attacks (or extort money on the threat of a DoS attack), and host phishing Web sites.
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.
