Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
October 18, 2006 — CIO —
Hackers are developing new software that will help hide browser attack code from some types of security software.
The software, called eVade o’ Matic Module (VoMM), uses a variety of techniques to mix up known exploit code to make it unrecognizable to some types of antivirus software.
Using these techniques, VoMM "can create an endless number of variants of an exploit," said Aviv Raff, one of the developers behind the project.
"It aims to provide several techniques out of the box to make browser exploits (mostly) undetectable," according to a blog posting by one of the project’s founders, a hacker going by the name of "LMH." That posting can be found here.
The software uses server-side scripting technology to create new versions of the exploit code, which then get delivered to browser users when they visit the attacker’s website. By making a number of cosmetic changes to the code that do not affect its functionality, VoMM creates a new version of the malicious software that cannot be detected by "signature-based" techniques.
Signature-based antivirus products analyze known malware and then create a digital fingerprint that allows the antivirus software to identify malicious code. By adding extra components—tabs and spaces, and random comments and variable names—that are not included in known signatures, VoMM creates software that can evade detection.
The VoMM code is expected to be included in a new module for the upcoming 3.0 version of the widely used Metasploit hacking toolkit, Raff said. Metasploit developer HD Moore is also developing the VoMM software. Raff’s blog posting on the project can be found here.
-Robert McMillan, IDG News Service (San Francisco Bureau)
Related Links:
- Mozilla Duped by Hackers’ ‘Humorous’ Demo
- Some Apple iPods Infected With Windows Virus
- Worm Burrows into McDonald’s MP3 Player Promotion
Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.
© 2008 CXO Media Inc.
FORTUNE 100 insurance leaders rely on the Symantec Data Loss Prevention solution to protect sensitive customer data.
Do you know where your confidential data is, where it is going, and how to prevent it from leaving your organization.
Learn what the thought-leaders at PricewaterhouseCoopers have to say on the risks associated with data security.
Incorporate best practices from many companies using DLP solutions as you establish your organization's requirements and safeguard confidential data.
35 U.S. organizations that lost confidential information and had a regulatory requirement to publicly notify affected individuals are studied in this report.
Unlock the Power of Device ID to Combat Online Fraud and Abuse
The Business Case for Web Application Firewalls, by Ken Tyminski, former VP and CISO for the Prudential Insurance Company of America
Quest Authentication and IBM Tivoli Identity Management
Integrating ActiveRoles With IBM Tivoli Identity Manager 5.0
Check Point Endpoint Security - Unifying Essential Components
Turn your information management best efforts into best practices.
Protecting Sensitive and Confidential Information with Endpoint Security
Revolutionizing Endpoint Security with a Single Agent
How RFID Improves Data Center Efficiency
Building Competitive Advantage with Next-Generation Wireless Infrastructure
Gartner on Data Deduplication Cost Savings
Into the Wild: Managing Laptops Outside the Office
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Consolidation May Hit Worldwide PC Market, IDC Says
Networking Glitch Knocks Yahoo Offline for Some
Entellium Files Bankruptcy, Intuit Eyeing Assets
Forrester: How to Squeeze Your Vendors
Security, Civil Liberties Experts Question Data-Mining
Microsoft Tools Build Bridge Between OpenXML, Other Formats
Microsoft Market Share Slips: Pressure's On for Windows 7 and IE8
Shoppers Opened Their Wallets on Cyber Monday
Windows 7 Beta Slated for Mid-January Release
Entellium Files Bankruptcy, Intuit Eyeing Assets
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
