Internet Threats Out in Force

It's always just a bit dangerous out on the information superhighway, but this week seems to be a bit more so than usual, with news of several particularly nasty bugs popping up in short order.

First out of the gate was news of so-called "on the fly" Trojans besieging the UK. The malware was initially linked to hundreds if not thousands of websites hosted in the United Kingdom. Reports are now indicating that the source may have been stolen server passwords on Linux webservers. Apparently, many of the affected hosts were "cleansed" by having fresh copies of Linux re-installed, and were re-infected shortly thereafter, leading security experts to believe the machines were compromised through stolen passwords rather than system vulnerabilities.

Then came the news that popular VOIP service Skype was cutting off it's video-sharing application due to the spread of a worm attack. According to reports, a mix of vulnerabilities caused the feature to be pulled, after researchers demonstrated how an attacker could use the video service to gain control of a user's computer and self-perpetuate the worm. The vulnerability utilized cross-site scripting flaws on popular video-sharing sites in conjunction with Skype's reliance on Internet Explorer to render HTML. Skype officials are refusing to comment, but issued a statement saying the feature should be available again this week.

Read more.

______________________

Justin Ryan is a Contributing Editor for Linux Journal.