Ken Dunham
Ken Dunham
exploit highly posted public today
A new, upgraded WMF exploit was posted to the public today and is highly functional.
appears design good
It actually appears to be a pretty good design.
fraud involve next personal profit telling terms week
We don't know if it's fraud-related or whatever. Clearly, they're being silently and illegally installed, at a minimum, for personal profit and they may also involve fraud or exploitation. I think the next week is going be the most telling and the most significant in terms of risk.
greatest hands higher impact likelihood major operating risk systems windows
Historically, risk is much higher with Windows operating systems than Unix/Linux. How can I say that, look at all the major attacks. Which ones had the greatest likelihood and impact for 2005? Windows hands down.
crossover global increased premature starts talk
If someone starts capitalizing on the crossover worm, and we start to see increased activity, then we can talk about a global threat. It's a little premature at this time.
likely near past successful taken twelve
WMF exploitation has taken off in the past twelve hours. It's likely that WMF exploitation will be very successful in the near term.
dangerous site whether
There's no way for you to know whether a site is dangerous for a WMF exploit.
attacks attempt automated codes file found hackers impact increased level leverage methods sinister threat
The threat level for this vulnerability may be dramatically increased if more automated methods of distribution are found to be successful, such as e-mail or IM or file shares. The impact of attacks may also increase, with more sinister codes being installed as new hackers attempt to leverage the vulnerability to their advantage.
identified increases likelihood widespread
This increases the likelihood of exploitation, but widespread exploitation has not been identified to date.
boot clean cleaned viruses
You should boot from a clean disk before removing a virus. Some viruses can't be cleaned any other way.
proven social threat type worm written
This is a social engineering worm written in Russian. It is interesting when you look at it. This is a Java-based type of threat and it has been proven to be successful. We need to look at this and see what is going to be the threat down the road.
code compared criminals expect financial fraud high might people profits types yield
This is not something I would expect to yield very high profits for criminals as compared to other types of financial fraud and extortion that might take place. Many people have backups of their files, and now the code has been cracked.
attacks concerned targeted threats trend
This is one of those big, under-the-radar threats that we've been concerned about. There has been a trend away from big-bang attacks to very targeted and sophisticated attacks that take place right under your nose. This is one of them.
act companies coordinate environment nice sample talk time
Anti-virus companies when they get a sample need to act on that quickly. They don't have time in their competitive environment to be able to go out and coordinate and have a nice little talk about naming.