Some conspiracy minded souls accuse the antivirus companies of creating all the viruses to keep themselves in business. But imagine getting a worm via an antivirus company's mailing list?
That very thing happened last week when someone sent the Netsky-B worm to a mailing list in the United Kingdom maintained by Finland-based F-Secure.
"Because of a human error, you may have received an email infected with the Netsky-B virus that was relayed through our external email list server and was resent to our UK mailing list," wrote Jono Clarke-Storey, UK country manager for F-Secure, in a letter to customers. "The virus did not originate from our network - it was sent by an unknown party to the list address."
This isn't the first time, a worm was sent to an antivirus company's mailing list. In 2002, the Braid worm was sent to subscribers of an alert service by Russian antivirus software vendor Kaspersky Labs. In that case, malicious hackers were able to break into the company's computer system and steal the mailing list.
Nmap points SCO to the door
The creators of Nmap have terminated SCO's right to redistribute open source network mapping tool because the company has balked at the GNU GPL that governs the software.
"They[SCO officials] have also refused to accept the GPL, claiming that some preposterous theory of theirs makes it invalid (and even unconstitutional)!," said a press release from Insecure.org, the Web site for Nmap. The release announced the newest version of Nmap Security Scanner version 3.5.
Lindon, Utah-base SCO has distributed the software at least in its supplemental open source CD, the open source group said. It also said it will also no longer support SCO's OpenServer and UnixWare products.
It's hardly surprising that SCO would reject the GNU GPL as the company is suing IBM and other technology vendors over the source code for the Linux operating system. SCO accuses Big Blue of donating its proprietary code to the Linux kernel.
Times are getting worse
Last week, RSA released its second annual Internet Insecurity Index during the RSA conference in San Francisco. The index says the security landscape has gotten slightly worse over last year.
The index works on an increasing scale of insecurity from 1 to 10 with 10 being very insecure. The overall rating was 7, slightly worse then last year's rating of 6. The security industry and Internet crime and fraud both received higher insecurity ratings for the year while the government gained some ground.
A breakdown of the ratings is below:
- Hacks, attacks and flaws: 8 (same as last year)
- Threats: 8 (same as last year)
- Internet crime and fraud: 8 (up from 7 last year)
- Internet users and ISPs: 6 (same as last year)
- Information security industry: 6 (up from 4 last year)
- Government: 6 (was 4 last year)
Sophos gets a royal visit
So you think the Queen of England wouldn't know difference between a mass mailer worm and a remote access Trojan?
Well, she may now know after visiting Sophos' new headquarters in Abingdon, near Oxford in England on Feb. 20. She was on hand for the grand opening of the company's new 145,000 square foot building.
Click its here to see photos from the visit.