Several anti-virus firms debuted updates that sniff out worms embedded in password-protected Zip files, a technique used by a number of this week's Bagle worms to sneak through corporate gateways.
Four of the Bagle variants released this week -- including Bagle.h, Bagle.i, Bagle.j, and Bagle.k -- can deliver their payloads within encrypted Zip archives. Passwords to the files are included in the message text of the malicious e-mail, tempting users to use the password to open the file.
The encrypted files are almost impossible to stop with earlier anti-virus software at the gateway, since the programs can't open the archive to detect possible worms or viruses. (Most anti-virus software, however, detects viruses as soon as a Zip file is opened, but it's preferable to stop such threats at the enterprise edge.)
Now, however, updates by several anti-virus firms, including Sophos and Kaspersky Labs, as well as network security provider Network Box, can seek out and stop encrypted archive attachments.
All work using the same technique of first detecting encrypted Zip files, then scanning the accompanying e-mail text for a password, which is used to unpack the file. Finally, its contents are checked for known viruses and worms.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
