IM Logic withholds details of Santa Claus IM worm, unless youre a customer
- From: Mo3b3tta@xxxxxxxxxxx
- Date: 21 Dec 2005 21:15:50 -0000
On Dec. 19th IM Logic released an advisory about a worm spreading through all major IM clients. See advisory for details, or lack thereof. http://www.imlogic.com/im_threat_center/index.asp
If you are not an IM Logic customer you may be hard pressed to find any details of what this threat would look like in your environment. IM Logic did not publicly release any actionable information as to how a non IM Logic customer could detect if this worm was already in their network. But according to Tim Johnson, the Director of IM Logic?s threat center, he doesn?t see what all the fuss is about. All you have to do is buy the company?s product and you will be protected. He did mention that they have a process they follow. They first tell AOL, MSN or whoever is affected in an effort to minimize the current activity. Then they tell the antivirus vendors about what they know. Hopefully they can detect and stop any current infections, if not?dang, your screwed. Then IM Logic customers get the heads up. Then you as a non-customer have the opportunity to wait for a signature to come out by your antivirus vendor so that you can tell if a hacker has a rootkit loaded in you
r environment. Oh, darn it, I forgot, according to the official advisory, antivirus vendors can?t detect Santa Claus; apparently Santa can put your antivirus to sleep. I always thought Santa knew if you were asleep, not put you to sleep, but I digress.
So what is the world and security community supposed to do? Well according to IM Logic, pay them the money and they will take care of it for you. Hmm, I wonder where else we find this type of behavior. Hold on guys, Toni the Bull is at my back door, brb, need 2 make my ?insurance payment? AFK?.
Back, sorry it took so long. My left knee is a little sore; I was short on my ?insurance payment? this month. Anyway, haven?t we been down this road before? Do you remember the big antivirus company that tried this stunt and then felt the backlash from the security community? Security companies should follow the same procedures that ethical and responsible researchers follow when disclosing vulns. Most companies do, those that don?t? should we reward them by purchase orders? Not this guy.
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------
- Prev by Date: Re: IIS on windows 2003
- Next by Date: Error while logging snort output to mysql
- Previous by thread: pwdump3e and windows 2003
- Next by thread: Error while logging snort output to mysql
- Index(es):
Relevant Pages
|
