Past News - CIOInsight
Home arrow Past News arrow Security in 2007: Zero-Day World Puts Bull's-Eye on Vista
RECENT NEWS



CIO STRATEGY
The Perfect IT Book for the Business?

Parkinson needs a book that explains IT to the business. Got any suggestions?    

  Past News


Security in 2007: Zero-Day World Puts Bull's-Eye on Vista



By Ryan Naraine
2006-12-26
Article Views: 2193
Article Rating:starstarstarstarstar / 0


The big security questions that experts say will be answered in 2007: Who will find the first major Vista flaw? Is spam going to be canned? Will there be a month of Apple bugs?

Rate This Article:
Poor Best
Add This Article To:

Who will find the first major security flaw in Windows Vista? Will it be released as zero-day? Is there an end in sight to the botnet menace? Is spam close to being canned? Just who are these criminals phishing for your credit card data?

Those are just a handful of the hot-button topics that will dominate the security news headlines in 2007—right alongside the never-ending debates on responsible disclosure, more "month-of-(pick a vendor/product)-bugs" projects and new research into offensive/defensive rootkits.

A bold prediction on spam

One of the most unlikely predictions for 2007 comes from SecureWorks malware researcher Joe Stewart: spammers will have to evolve and find new attack techniques if they intend to maintain their level of profitability.

Roughly translated, Stewart believes the massive surge in spam e-mail will taper off in 2007, unless spammers find new tricks to bypass a hardened Windows Vista and improvements to existing anti-spam technology and techniques.

In an entry on the SecureWorks blog, Stewart argued that Vista will force spammers to deliver payloads through social engineering attacks and even that might become more difficult in the future, with Microsoft venturing into the anti-virus and trusted computing arenas.

"Another factor which will have a huge impact is the release of the SpamHaus PBL blocklist, scheduled for release in December 2006," Stewart added.

The PBL, or Policy Block List, is a database of IP address ranges that should not be sending mail "direct-to-mx" to other ISPs.

Stewart explained that spammers depend on these dial-up and DHCP-based broadband connections and, with the extensive reach of SpamHaus' blocklists, widespread adoption of the PBL "will be very detrimental to spammers, as entire IP blocks where their zombie spam bots live will be unable to send mail to a large part of the Internet."

He is quick to caution against declaring victory against spammers because, "there's simply too much money in the spam business."

"They [spammers] will be forced to take one of two routes—send mail through the user's ISP mail server or reach out to find static hosts that can be compromised for the purposes of sending mail," he predicts, noting that the first method usually fails when an ISP gets wise to the amount of mail clogging the outbound mail server queue.

Read the full story on eWEEK.com: Security in 2007: Zero-Day World Puts Bull's-Eye on Vista

test





 
 
>>> More Past News Articles          >>> More By Ryan Naraine
 



FEATURED SPONSORED VIDEOS
FEATURED SPONSORED ARTICLES

Erasable E-Paper Saves Trees, Cuts Costs

Why Smart Companies Should Adopt the Lessons of Gaming

Interest in Mobile WiFi Hotspots Fuels New Solutions

A Closer Look at Public Cloud Security

View More Articles

  Brought to You By
Click Here

Related Content

Articles Labs/How-To Multimedia

EDITORS' PICKS
LATEST STORIES
- Small DDoS Attacks Just as Damaging as Massi...
- IBM, Samsung to Show Next-Gen Chip Tech at M...
- VMware Issues vCloud Integration Manager
- Apple iPad 3 Unveiling Set for March: Report
- Certifications Key to Tech Contracting Jobs:...


Advertisement
FEEDBACK
Ziff Davis Enterprise RSS Feeds
XML Get CIO Insight news delivered to your desktop with RSS.

Sponsored Links
  • Get up and running in as quickly as 30 days with BI. Learn how today.

  • FREE Securing Smartphones & Tablets for Dummies Book from Sophos
  • 77% of the Fortune 500 Manage Content Securely with Box.
  • Leverage your virtual computing environment with Dell.
  • Build an IT Infrastructure That Delivers the Future
  • 5 New Technologies That Will Change Enterprise ITAdvertisement
    		•

    CIO Insight:  

    Issue Index | Contact Us | About | Advertise | Magazine Customer Service | Site Map

    Quick Links:  

    Enterprise Mobility Zone | Management Case Studies | Loyalty Programs | Term Sheet | Strategy Maps | Organizational Behavior | Net Present Value Calculator | Link to Us

    eWEEK Quick LInks

    Security:
    Network Security
    Entprise Networking
    Infrastructure Security
    How To: Data
    IT Security News
    Cheap Hack Blog
    Security Watch Blog
    Storage:
    Storage
    Cloud Storage
    Storage Virtualization
    Network Access Storage
    Storage Reviews
    Data Storage News
    How To: Storage
    Storage Station Blog
    Computing:
    Apple OSX
    Linux Systems
    Windows Vista
    Managed Print Services
    Cloud Computing
    PC Reviews
    Microsoft Watch Blog
    Apple Watch Blog
    Google Watch Blog
    Communications:
    VoIP Solutions
    Wireless Technology
    Messaging Software
    Web Services
    Mobile Applications
    Wireless News
    Mobile Reviews
    Apps & Development:
    Application Development
    SAAS
    Search Engines
    Database Software
    Web 2.0
    IT Project Management
    Emerging Tech Blog
    CIO Insight Blogs
    CIOs

    Vertical Markets:
    Federal Government IT
    Health Care IT
    Finance IT
    Mid-Market
    Channel Partners
    Careers Blog
    Value Added Resellers
    More eWeek Links:
    Green Computing
    Tech Knowledge Center
    Tech Newsletters
    Tech RSS Feeds
    White Papers
    Tech Podcasts
    Tech Videos
    Magazine Subscriptions
    Enterprise Websites:
    ZDE Home
    eWeek
    Baseline
    Channel Insider
    CIO Insight
    eSeminars
    eWeek Mid-Market
    Publish Online
    Web Buyers Guide
    Developer Websites:
    Dev Shed
    DeveloperShed
    ASP Free
    MS DevSource
    SEO Chat
    Codewalkers
    Tutorialized
    Scripts.com
    Dev Mechanic
    Dev Articles
    Web Hosters
    Dev Hardware
    Technology Websites:
    Device Forge
    Desktop Linux
    Linux Devices
    Windows for Devices
    TechDirect
    iGrep Search Engine
    PDF Zone
    Linux Watch

    Use of this site is governed by our Terms of Use and Privacy Policy
    Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
    eWeek is your best source for the latest Technology News.
    ZDE Cluster 5