Longtime computer security rivals are joining forces to battle increasingly sophisticated online attacks by cyber criminals.
“The attacks are getting more complex, and if we want to get ahead of attackers the call is to work together in a community approach,” Microsoft Security Response Center director Mike Reavey said.
“One of the things becoming clear is that customers want vendors to work together, and they want information and protection out faster,” he said.
Microsoft used a premier Black Hat security conference taking place this week in Las Vegas as a stage to unveil enhancements to the software giant’s computer defense collaboration efforts.
NEW TOOL
Microsoft released a new tool designed to make it easier for software security firms to model hacker threats and craft defenses.
The Redmond, Washington-based technology firm also unveiled a guidebook to demystify the realm of software security updates and vulnerability patches.
“There is a sea of information out there and we want to help customers navigate those waters,” Reavey said. “The guide walks them through what we do.”
A Microsoft Active Protections Program launched at Black Hat last year has grown to 47 members that share information to minimize time hackers have to craft and launch attacks on newly discovered software weaknesses, Reavey said.
“By working together, the security vendors get free vulnerability information, Microsoft knows their products will be protected from widespread exploitation when the disclosure goes out, and customers win by remaining protected,” TippingPoint security researcher Jason Avery said in a release.
“Everyone wins,” he said.
Microsoft provides computer security allies with an “exploitability index” that gauges the likelihood hackers will target various vulnerabilities to help security companies prioritize responses.
Microsoft also shares lessons learned while analyzing software for flaws.
“What we are seeing is they are working well with us and we are working well together,” Reavey said of allies in the software security world.
VIRUS
Security industry teamwork was crucial in countering a Conficker virus that plagued the Internet early this year.
Microsoft rallied a task force to stamp out Conficker, also referred to as DownAdUp, and the software colossus has placed a bounty of US$250,000 on the heads of those responsible for the threat.
The worm, a self-replicating program, takes advantage of networks or computers that haven’t kept up to date with security patches for Windows.
It can infect machines from the Internet or by hiding on USB memory sticks carrying data from one computer to another.
Conficker could be triggered to steal data or turn control of infected computers over to hackers amassing “zombie” machines into “botnet” armies.
Tools to remove Conficker virus and prevent its spread have been released, but computers without properly updated software could still be vulnerable.
Super Typhoon Kong-rey is the largest cyclone to impact Taiwan in 27 years, the Central Weather Administration (CWA) said today. Kong-rey’s radius of maximum wind (RMW) — the distance between the center of a cyclone and its band of strongest winds — has expanded to 320km, CWA forecaster Chang Chun-yao (張竣堯) said. The last time a typhoon of comparable strength with an RMW larger than 300km made landfall in Taiwan was Typhoon Herb in 1996, he said. Herb made landfall between Keelung and Suao (蘇澳) in Yilan County with an RMW of 350km, Chang said. The weather station in Alishan (阿里山) recorded 1.09m of
NO WORK, CLASS: President William Lai urged people in the eastern, southern and northern parts of the country to be on alert, with Typhoon Kong-rey approaching Typhoon Kong-rey is expected to make landfall on Taiwan’s east coast today, with work and classes canceled nationwide. Packing gusts of nearly 300kph, the storm yesterday intensified into a typhoon and was expected to gain even more strength before hitting Taitung County, the US Navy’s Joint Typhoon Warning Center said. The storm is forecast to cross Taiwan’s south, enter the Taiwan Strait and head toward China, the Central Weather Administration (CWA) said. The CWA labeled the storm a “strong typhoon,” the most powerful on its scale. Up to 1.2m of rainfall was expected in mountainous areas of eastern Taiwan and destructive winds are likely
The Central Weather Administration (CWA) yesterday at 5:30pm issued a sea warning for Typhoon Kong-rey as the storm drew closer to the east coast. As of 8pm yesterday, the storm was 670km southeast of Oluanpi (鵝鑾鼻) and traveling northwest at 12kph to 16kph. It was packing maximum sustained winds of 162kph and gusts of up to 198kph, the CWA said. A land warning might be issued this morning for the storm, which is expected to have the strongest impact on Taiwan from tonight to early Friday morning, the agency said. Orchid Island (Lanyu, 蘭嶼) and Green Island (綠島) canceled classes and work
KONG-REY: A woman was killed in a vehicle hit by a tree, while 205 people were injured as the storm moved across the nation and entered the Taiwan Strait Typhoon Kong-rey slammed into Taiwan yesterday as one of the biggest storms to hit the nation in decades, whipping up 10m waves, triggering floods and claiming at least one life. Kong-rey made landfall in Taitung County’s Chenggong Township (成功) at 1:40pm, the Central Weather Administration (CWA) said. The typhoon — the first in Taiwan’s history to make landfall after mid-October — was moving north-northwest at 21kph when it hit land, CWA data showed. The fast-moving storm was packing maximum sustained winds of 184kph, with gusts of up to 227kph, CWA data showed. It was the same strength as Typhoon Gaemi, which was the most