As experts predicted the day that Hurricane Katrina roared ashore, there was growing evidence by Thursday that scammers and hackers are using the disaster to distribute phishing attacks and worms to the unwary and unsuspecting.
"[We knew] it would only be a amount of time before someone did this," said Ronnie Manning, a spokesperson for Web security firm Websense in an e-mail to TechWeb.
Websense was researching a malicious Web site posing as a Katrina news site, added Manning, saying that the site included encoded JavaScript that tries to exploit a pair of Internet Explorer vulnerabilities. If successful, a Trojan horse is surreptitiously installed on machines of people who surf to the site. By mid-day Websense had posted an official alert on the scam.
"[The code] is almost verbatim with what we saw in early August used in an Iraqi news scam," said Dan Hubbard, Websense's senior director of security and research.
Two Web sites were hosting the malicious code, one based in Mexico, another out of the U.S., and both, said Websense, were up and running as of noon PDT Thursday.
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.
