Longtime computer security rivals are joining forces to battle increasingly sophisticated online attacks by cyber criminals.
“The attacks are getting more complex, and if we want to get ahead of attackers the call is to work together in a community approach,” Microsoft Security Response Center director Mike Reavey said.
“One of the things becoming clear is that customers want vendors to work together, and they want information and protection out faster,” he said.
Microsoft used a premier Black Hat security conference taking place this week in Las Vegas as a stage to unveil enhancements to the software giant’s computer defense collaboration efforts.
NEW TOOL
Microsoft released a new tool designed to make it easier for software security firms to model hacker threats and craft defenses.
The Redmond, Washington-based technology firm also unveiled a guidebook to demystify the realm of software security updates and vulnerability patches.
“There is a sea of information out there and we want to help customers navigate those waters,” Reavey said. “The guide walks them through what we do.”
A Microsoft Active Protections Program launched at Black Hat last year has grown to 47 members that share information to minimize time hackers have to craft and launch attacks on newly discovered software weaknesses, Reavey said.
“By working together, the security vendors get free vulnerability information, Microsoft knows their products will be protected from widespread exploitation when the disclosure goes out, and customers win by remaining protected,” TippingPoint security researcher Jason Avery said in a release.
“Everyone wins,” he said.
Microsoft provides computer security allies with an “exploitability index” that gauges the likelihood hackers will target various vulnerabilities to help security companies prioritize responses.
Microsoft also shares lessons learned while analyzing software for flaws.
“What we are seeing is they are working well with us and we are working well together,” Reavey said of allies in the software security world.
VIRUS
Security industry teamwork was crucial in countering a Conficker virus that plagued the Internet early this year.
Microsoft rallied a task force to stamp out Conficker, also referred to as DownAdUp, and the software colossus has placed a bounty of US$250,000 on the heads of those responsible for the threat.
The worm, a self-replicating program, takes advantage of networks or computers that haven’t kept up to date with security patches for Windows.
It can infect machines from the Internet or by hiding on USB memory sticks carrying data from one computer to another.
Conficker could be triggered to steal data or turn control of infected computers over to hackers amassing “zombie” machines into “botnet” armies.
Tools to remove Conficker virus and prevent its spread have been released, but computers without properly updated software could still be vulnerable.
Super Typhoon Kong-rey is the largest cyclone to impact Taiwan in 27 years, the Central Weather Administration (CWA) said today. Kong-rey’s radius of maximum wind (RMW) — the distance between the center of a cyclone and its band of strongest winds — has expanded to 320km, CWA forecaster Chang Chun-yao (張竣堯) said. The last time a typhoon of comparable strength with an RMW larger than 300km made landfall in Taiwan was Typhoon Herb in 1996, he said. Herb made landfall between Keelung and Suao (蘇澳) in Yilan County with an RMW of 350km, Chang said. The weather station in Alishan (阿里山) recorded 1.09m of
STORM’S PATH: Kong-Rey could be the first typhoon to make landfall in Taiwan in November since Gilda in 1967. Taitung-Green Island ferry services have been halted Tropical Storm Kong-rey is forecast to strengthen into a typhoon early today and could make landfall in Taitung County between late Thursday and early Friday, the Central Weather Administration (CWA) said yesterday. As of 2pm yesterday, Kong-Rey was 1,030km east-southeast of Oluanpi (鵝鑾鼻), the nation’s southernmost point, and was moving west at 7kph. The tropical storm was packing maximum sustained winds of 101kph, with gusts of up to 126 kph, CWA data showed. After landing in Taitung, the eye of the storm is forecast to move into the Taiwan Strait through central Taiwan on Friday morning, the agency said. With the storm moving
NO WORK, CLASS: President William Lai urged people in the eastern, southern and northern parts of the country to be on alert, with Typhoon Kong-rey approaching Typhoon Kong-rey is expected to make landfall on Taiwan’s east coast today, with work and classes canceled nationwide. Packing gusts of nearly 300kph, the storm yesterday intensified into a typhoon and was expected to gain even more strength before hitting Taitung County, the US Navy’s Joint Typhoon Warning Center said. The storm is forecast to cross Taiwan’s south, enter the Taiwan Strait and head toward China, the Central Weather Administration (CWA) said. The CWA labeled the storm a “strong typhoon,” the most powerful on its scale. Up to 1.2m of rainfall was expected in mountainous areas of eastern Taiwan and destructive winds are likely
The Central Weather Administration (CWA) yesterday at 5:30pm issued a sea warning for Typhoon Kong-rey as the storm drew closer to the east coast. As of 8pm yesterday, the storm was 670km southeast of Oluanpi (鵝鑾鼻) and traveling northwest at 12kph to 16kph. It was packing maximum sustained winds of 162kph and gusts of up to 198kph, the CWA said. A land warning might be issued this morning for the storm, which is expected to have the strongest impact on Taiwan from tonight to early Friday morning, the agency said. Orchid Island (Lanyu, 蘭嶼) and Green Island (綠島) canceled classes and work