On Friday, the latest variant of the pernicious Netsky worm, dubbed Netsky.w, was let loose on the Internet. Earlier this week, Netsky.v, a more dangerous variation, appeared.
Wednesday's Netsky.v takes a page out of Bagle's playbook by not loading its payload in a file attachment that users must open to become infected. Instead, it exploits a long-known vulnerability in Internet Explorer -- called the Object Data Remote Execution vulnerability -- that was first disclosed, and patched, back in October 2003.
Users of Outlook and Outlook Express who haven't applied the patch and who only read or preview the message can be infected by Netsky.v, warned numerous anti-virus firms.
The no-attachment tactic was last used by a March blitz of Bagle worms -- Bagle.q, Bagle.r, Bagle.s, and Bagle.t -- that one security analysts characterized as kicking the war of worms up a notch.
Netsky.v also shares characteristics with other recent variants, including opening a backdoor component that leaves the infected system at risk for additional attacks (in Netsky.v's case, TCP ports 5556 and 5557 are opened), and scheduling a denial-of-service (DoS) attack against peer-to-peer file-sharing Web sites such as kazaa.com, emule.de, and freemule.net. The DoS attacks are to start on April 22 and run through April 29.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
