Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
Gozi Trojan Resurfaces Briefly, Security Researcher Finds
The malware worm behind an identity theft service returns to exploit vulnerability in Adobe Acrobat 8.x, then disappears.
October 25, 2007 — CSO — The Gozi Trojan, a bot that fronted a sophisticated hacking subscription service earlier last year, was found again in the wild today infecting PCs at a healthy clip through the use of PDF spam, according to SecureWorks security researcher Don Jackson.
It appeared the servers that hosted the malware started to clog their own network and pull down performance, causing the service provider hosting the servers to shut them down voluntarily, Jackson said.
In January, Jackson accidentally discovered the Gozi Trojan and the service it connected to, called 76service. He said the latest distribution of the Gozi bot is the first in-the-wild exploit of a vulnerability in Adobe Acrobat version 8.x. The Acrobat vulnerability is based on the fact that in certain PDF pages will automatically execute a "mailto:" command when the file is opened. Hackers manipulate this such that the command gets passed off to the operating system instead of an e-mail client. The command tells the machine to download a small file called a downloader, which is simply another command that in turn tells the machine to download the Gozi bot.
You can read more about this development at CIO's sister publication, CSOonline.com.
Other stories by Scott Berinato 2002-2007 CXO Media Inc. All rights reserved. Reproduction in whole or in part without permission is prohibited.
- Who's Stealing Your Passwords? Global Hackers Create a New Online Crime Economy
- Gozi and the Subscription Hacking Model
- Hacker Economics 2: The Conspiracy of Apathy
- Hacker Economics 3: MPACK and the Next Wave of Malware
- A Layman's Glossary of Malware Terms
- How Gozi's First Second Unfolds
- Death by iFrame
- Death by iFrame
FORTUNE 100 insurance leaders rely on the Symantec Data Loss Prevention solution to protect sensitive customer data.
Do you know where your confidential data is, where it is going, and how to prevent it from leaving your organization.
Learn what the thought-leaders at PricewaterhouseCoopers have to say on the risks associated with data security.
Incorporate best practices from many companies using DLP solutions as you establish your organization's requirements and safeguard confidential data.
35 U.S. organizations that lost confidential information and had a regulatory requirement to publicly notify affected individuals are studied in this report.
Network Security Services: Outsourcing considerations for maximizing network protection
Turn your information management best efforts into best practices.
Top 10 Ways to Protect Against Web Threats
Protecting Data in a Highly Networked World
Laptop Security: Where Do CIOs See Weaknesses?
Data Protection Options Explained
How RFID Improves Data Center Efficiency
Building Competitive Advantage with Next-Generation Wireless Infrastructure
Gartner on Data Deduplication Cost Savings
Into the Wild: Managing Laptops Outside the Office
Revolutionizing Endpoint Security with a Single Agent
War Gaming: How Intel Turned Its Workforce Into a Security Force
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Judgment Favors Novell in Ongoing SCO Case
Spyware Case Finally Closed for Teacher Julie Amero
SAP to Bring Unified Interface Across Apps Suite
Symantec Sees Spike in Dangerous Microsoft Attacks
Palm Lays Off Workers
U.S. Needs More Broadband Competition, Expert Says
Microsoft to Launch IE8 in First Half of '09
VMware Security Chief Leaves to Run OpenDNS
Confidential Customer Details Exposed on Qantas Site
'Vista Capable' Lawyers Want Ballmer to Testify
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
