Signs of new worm on the way

Share this article:

VeriSign said it's alerting customers that a big Internet worm may be coming, based on traffic anomalies and other data gleaned at its SOCs (Secure Operations Centers).

Engineers said they have noticed increased traffic on port 443 and port 1025 traffic, indicating possible attacks in the works. Also, there is evidence of two vulnerabilites being exploited, one involving SSL and the other RPC, and reports of a working exploit for the ASN.1 Windows vulnerability announced by Microsoft earlier this year, according to VeriSign.

"While we can never predict with true certainty the next big Slammer or Blaster, our statistical traffic modeling surrounding the past weeks traffic has all the telltale markers of a big worm coming," a spokesperson for VeriSign's managed security services said Friday.

www.verisign.com

 

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

VBA malware on rise, templates make it easier to write code

VBA malware on rise, templates make it easier ...

Researchers at SophosLabs found an uptick in VBA samples in July.

Analysts spot 'Critolock,' ransomware claims to be CryptoLocker

Trend Micro noted several differences between Critolock and CryptoLocker, however.

Citadel used in APT attacks against petrochemical firms

Citadel used in APT attacks against petrochemical firms

In an interesting twist, financial malware Citadel was used to infect firms outside of the finance sector via APT attacks, Trusteer found.