Security Week In Review: Evercookies, SQL Slammer and a Flood of Patches

This week seemed to be all about the numbers as a handful of reports were released, disclosing new stats on phishing, information theft and spam. Evercookies, the inside story of SQL Slammer, and of course, the usual array of patches, rounded out the week. Read on for the full week in review.

This week seemed to be all about the numbers as a handful of reports were released, disclosing new stats on phishing, information theft and spam. Evercookies, the inside story of SQL Slammer, and of course, the usual array of patches, rounded out the week. Read on for the full week in review.

The week began with more news from Adobe regarding their new version of Reader, rebranded Adobe Reader X. As previously reported, the much ballyhooed revamp will include a Protected Mode and sandbox feature and should see a release in November.

David Litchfield wrote a riveting firsthand account of the SQL Slammer, the fastest-spreading worm of all time. If you weren’t around for Slammer, Litchfield is the researcher who discovered the bug that the worm exploited in SQL Server, and his proof-of-concept exploit code was later appropriated and used by the worm’s author. He lays out exactly why the worm was so successful and how it changed the way he did research, and on a larger scale, how Microsoft handled security.

In one of the more popular stories of the week, we took another look at Evercookie, a method where browser cookies are forcibly stored by saving data in multiple locations. Despite its persistence, researchers like Dominic White and Jeremiah Grossman have been able to script methods for removing the ‘tough cookie.’

In the analysis of a recently released report from Kroll Consulting, we discovered that information theft has surpassed physical theft among executives. While it was by a relatively slim margin, individuals in financial services, technology and professional services like media and telecommunications were primarily targeted.

In a report from Google pushed this week it was reported that viruses in spam spiked 10% in the third quarter from last year, despite spam’s volume decreasing by 24%. It’s only logical that the further proliferation of botnets is to blame. By getting new botnets off the ground, attackers can get an early jump on the holiday season when the number of consumers shopping online jumps drastically.

Yet another report was issued this week – this one by the Anti Phishing Working Group that pointed out that while phishing stats have gone down (38% in the first half of 2010 compared to the second half of 2009) it may not be reason to rejoice. The APWG cited phishing consortium The Avalanche and their recent shift to distributing the Zeus Trojan instead of phishing for the decrease. More Zeus leads to more credential/ID theft and bank fraud, making this a bittersweet stat.

Of course it wouldn’t be a week in security if some new vulnerabilities weren’t patched. Mozilla kicked things off midweek by releasing Firefox 3.6.11, patching a dozen holes, five critical. Apple hopped on the patch bandwagon on Thursday, pushing fixes for its Java platform, six in total. Aside from the patches, Apple also announced the version of Java ported with its product is “deprecated,” hinting it may no longer include the implementation in future versions of their OS. Favored by attackers as of late, Java was the even the subject of a warning Microsoft recently circulated to highlight its security issues.

What piqued your interest? Meanwhile, Dennis wrote about a new device invented to curb the uncertainty surrounding electronic banking as of late.

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.