blind_html [Fwd: BAH Doing The Worm Tweak, But No Reason To Panic]

  • From: Nimer <nimerjaber1@xxxxxxxxx>
  • To: blind_html@xxxxxxxxxxxxx, Brandon Shuttleworth <shuttleworthb01@xxxxxxxxx>
  • Date: Tue, 31 Mar 2009 19:51:50 -0600

"every time I say something they find hard to hear
they chalk it up to my anger
and never to their own fear"
Ani Difranco: I'm Not A Pretty Girl 1995

Nimer M. Jaber

The information transmitted is intended only for the person or entity to which 
is addressed and may contain confidential and/or privileged material. Any 
retransmission, dissemination or other use of, or taking of any action in 
upon this information by persons or entities other than the intended recipient 
prohibited. If you received this in error, please contact the sender via reply 
e-mail, and delete the
material from any computer.

(720) (251-4530)

-------- Original Message --------
Subject:        BAH Doing The Worm Tweak, But No Reason To Panic
Date:   Tue, 31 Mar 2009 21:35:50 -0400
From:   Lisa <whitedove621@xxxxxxxxxxxxx>
Reply-To:       blindAccessHelp@xxxxxxxxxxxxxxx
To:     <blindAccessHelp@xxxxxxxxxxxxxxx>

We suggest reading this article and making sure that your updates and
AntiVirus definitions are current.
SAN FRANCISCO - Even if it's not an April Fools' joke, the latest moves by
the dreaded
Conficker worm are by no means an Internet Armageddon, either. The worm's
outbreak entered a new phase Wednesday as clocks around the world ticked
into the
first day of April, the day it was scheduled to change programing.
But security experts appeared correct in their predictions that the day was
to come and go without any major disruptions, even though the worm has
infected anywhere
from 3 million to 12 million PCs running Microsoft Corp.'s Windows operating
Computer infections now are all about making money by stealing people's
information. And Conficker's authors stand to make more money from renting
out parts
of their huge "botnet" to spammers or identity thieves than by destroying
parts of
the Internet.
"These guys have been pretty smart until now — the worm is unfortunately
very well
done," said Patrik Runald, chief security advisor for F-Secure Corp. "So far
haven't been stupid. So why should they start on April 1?"
But panic over the worm had reached a frenzy.
Lori Lynn Pavlovich, a mother of four from Racine, Wis., unplugged her PC
and vowed
to stay offline for a week after seeing a local TV news report about the
"I get scared real easy when it comes to stuff like that," she said.
Pavlovich, who
says she keeps her antivirus software and security patches up to date, got
back online
24 hours later after a relative assured her that her system was safe.
In the last six months, the worm has also caused sleepless nights for the
who maintain corporate and governmental computer systems. European media
that the French military grounded some of its fighter planes after the
Navy's network
was infected over the winter.
Companies were on high alert to any change in Conficker's behavior that
could affect
their systems. But a lot of the heavy lifting for big corporations has
already been
done. Most large organizations hurried to fix the vulnerability that
Conficker exploits
long ago — Microsoft released a software "patch" for it in October. Many
businesses and consumers started worrying about the problem later, making
them more
vulnerable to infection.
"Consumers are very, very, very aware of this — more so than I've seen in
said Alfred Huger, vice president of Symantec Security Response.
"Enterprises are
certainly aware of this, and they're treating this seriously, but no more so
other threats they're faced with."
Detecting a Conficker infection is actually very easy. One of the telltale
is if you're able to navigate the Internet freely but can't access
Microsoft's site
or the sites for the major antivirus software vendors. Conficker's authors
that feature to prevent infected machines from downloading programs that
remove the
That makes it harder to get the Conficker removal programs, but not
impossible. Security
experts recommend that people with infected machines find a friend whose
isn't infected, and have that person download the removal tool and e-mail it
to them.
Many companies that have already protected their networks from Conficker
have become
concerned again because of the publicity the worm generated in recent weeks
as the
April 1 change to Conficker's programming approached.
Michael La Pilla, manager of the malicious code operations team at VeriSign
iDefense division, said some of his company's customers were asking for
notification about changes to Conficker's behavior, instead of the hourly
that many receive.
The bad guys behind Conficker haven't been able to reliably communicate with
computers the worm has infected. That means they haven't been able to
program the
PCs to send spam, carry out identify-theft scams, or perform any other kind
of cybercrime.
That has likely started changing with the dawn of April 1. Now the
programming on
the latest version of Conficker tells those infected machines to generate
new Internet addresses each day that they can try and "phone home" for
Previously, they had been looking for commands from just 250 sites each day.
point of the change is to make it harder for the security community to
those addresses and keep them out of the bad guys' hands.
Microsoft has offered a $250,000 bounty for information leading to the
arrest and
conviction of the people responsible for Conficker.
The hoopla surrounding a very arcane change to Conficker's programming code
was reminiscent
of the doomsday fears about the Y2K bug, when the dawn of the millennium was
to threaten computer networks by interpreting the new year as 1900 rather
than 2000.
"There are a lot of people who are on standby waiting to see what happens,"
George Kurtz, senior vice president of McAfee Inc.'s risk and compliance
"Ultimately, it could be a big event or Y2009 — April 1 rolls around and
happens. But that doesn't mean it's the end of the story."


This list is owned by Jimmy Podsim.  Moderator Frank.  If you have any 
questions or complaints, please send them to
blindAccessHelp-owner@xxxxxxxxxxxxxxx .  I hope you find this list helpful.

Yahoo! Groups Links

<*>  To visit your group on the web, go to:

<*>  Your email settings:
    Individual Email | Traditional

<*>  To change settings online go to:
    (Yahoo! ID required)

<*>  To change settings via email:

<*>  To unsubscribe from this group, send an email to:

<*>  Your use of Yahoo! Groups is subject to:

To unsubscribe, please send a blank email to
with unsubscribe in the subject line.
To access the archives, please visit:


Other related posts:

  • » blind_html [Fwd: BAH Doing The Worm Tweak, But No Reason To Panic] - Nimer