Dennis Fisher

While it was snarling corporate networks and causing headaches for IT staffs, the Blaster worm that tore through the Internet last week also appears to have burned up much of the goodwill Microsoft Corp. was beginning to accumulate in the security community. Widespread problems with the Blaster patch, issues with the Microsoft-supplied workaround, and a […]

Microsoft Corp.s Windows Update site on Friday was functioning just fine despite being the target of a denial-of-service attack from machines infected with the Blaster worm. The company used a clever feint to outsmart the worm and simply stopped using the windowsupdate.com domain for the time being. The worm is coded with instructions that direct […]

The system that houses the main FTP servers for the GNU Project has been compromised by a cracker who was apparently bent on harvesting passwords for a future attack. The intrusion apparently occurred in March, although officials at the Free Software Foundation Inc., which operates the GNU Project, didnt discover the compromise until about two […]

Security experts are now tracking a new variant of the Blaster worm that was first spotted Wednesday morning. The new version is nearly identical to the original, except for a new name on the executable file and a different registry key. The variants file name is “teekids.exe,” and the key it adds to the registry […]

Computer users were scrambling Wednesday for alternate fixes for the havoc wreaked by the Blaster worm as many people were unable to reach Microsoft Corp.’s main patch download site. The Windows Update Web site, through which users can automatically download security patches and other software fixes, was extremely sluggish most of Tuesday afternoon and Wednesday […]

The Blaster worm continued to tear through the Internet Tuesday morning as security experts struggled to find and fix infected systems. The worm is presenting a unique problem for security specialists because it is infecting a large number of PCs owned by home users, many of whom may be unaware that their machines are compromised. […]

A security researcher who recently identified some vulnerabilities in Lotus Softwares Sametime instant messaging client says the company is being disingenuous about the extent of the flaws and whether theyre fixed in the latest version. The researcher, who goes by the name Mycelium, says that despite Lotus claims, the vulnerabilities in Sametimes encryption scheme have […]

As the Department of Homeland Security prepares to name a leader for its National Cyber Security Division, observers in Washington and the private sector say DHS hiring process has set up the new NCSD head to fail. “Its been the most closed process Ive ever seen,” said Harris Miller, president of the Information Technology Association […]

The numbers are staggering: 4,129 in 2002, up from 2,437 in 2001. And in the first quarter alone this year, there have been 1,993 new vulnerabilities found. The volume of flaws found has been rising at an alarming rate for as long as people have kept statistics. As the crushing pace of software development marches […]

A worm that exploits the recently discovered RPC DCOM vulnerability in Windows began spreading rapidly on the Internet Monday afternoon. The worm is targeting TCP port 135 and is causing some large spikes in traffic, but has yet to cause any real latency or network outages, experts said. The name of the binary containing the […]