It was a kind of chaos in the security space Wednesday and Thursday as Microsoft announced a bug in a patch for a critical vulnerability, and Symantec both retracted a claim that automated code was compromising one Windows vulnerability and warned that a bot network was on the loose and taking advantage of another.
All the scrambling revolved around a pair of vulnerabilities that Microsoft first disclosed April 13 as part of its monthly release of bugs and patches for Windows.
Early Thursday morning, Symantec saw several of the honeypots -- servers purposefully left unprotected in the hope of attracting attacks -- on its DeepSight Threat network compromised via the LSASS vulnerability within Windows 2000, Windows XP, and Windows Server 2003.
LSASS (Local Security Authority Subsystem Service) is a component of Windows that provides an interface for managing local security, domain authentication, and Active Directory processes.
The exploit of LSASS is not a worm, said Alfred Huger, the senior director of engineering with Symantec's security response team, but is malicious code based on Gaobot, an automated Trojan that uses Internet Relay Channel (IRC) to communicate with its creator. The Gaobot code has been modified, he said, to spread through the LSASS vulnerability.
Bob Friday, Chief AI Officer for Juniper Networks, explains how the advanced technology is transforming operations.
Contact center leaders from 8x8, Awaken Intelligence, and 360insight discuss the importance of agent experience.
AI may force enterprises to rewire parts of their data centers so they are fully optimized to run such workloads. The question is do you use Ethernet or InfiniBand?
