Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Patchlink comment on vulnerability

Lumension Security : 22 August, 2007  (Technical Article) Trojan horse attack which claimed user's private information highlights requirement for wider use fo proactive security policy enforcement.
A Trojan horse attack on has left 1.6 million users vulnerable. Victims' names, email addresses, phone numbers and home addresses have been stolen by cyber-criminals according to media reports:

Andrew Clarke, Senior Vice President International, PatchLink, a global leader in security and vulnerability management commented:

"The recent explosion of cyber-space has provided criminals with another dimension to 'play' in. It is concerning that millions of people post their sensitive data on websites for all to see without any assurances it will be kept safe. The massive uptake of social networking sites like Facebook is a case in point. Sites like are inherently trusted by their users leaving many consumers exposed. Data security needs to step up to combat the 'ethically compromised' e-criminals.

"It is not just consumers that need to be concerned about this latest Trojan. Putting aside's reputation, HR managers everywhere will be using Monster to find their new employees, giving the e-criminal a backdoor to the business.

"Government and businesses worldwide are faced with chaotic security environments and it's important to get the upper hand of the increasingly clued up e-criminals. To prevent future cases we need to turn security on its head and, instead of working on our back foot, adopt a positive security model. By adopting the 'known good' strategy the breach would not be able to affect business; the malware used in this case, ntos.exe, would simply be denied access onto a network.

"Cyber-crime is a reality and a reactive security policy can no longer be relied upon. Proactive enforcement combined with reactive management of risks allows businesses to gain control."
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo