Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Mid-Market CIO Panel: Tips and Techniques for Improving Vendor Relationships
July 15, 4:00 PM - 5:00 PM U.S./Eastern (GMT-4)
We'll highlight relationship priorities and best practices identified in a Council study, and we'll interact with a CIO panel on the approaches they've used to improve strategic vendor partnerships.
Secrets of Successful Vendor Contract Negotiations for the Mid-Market
Sept. 10, 2009, 11:00 AM - 12:00 PM U.S./Eastern (GMT-4)
On this free public Council teleconference, Matthew A. Karlyn, attorney at Foley & Lardner in Boston, will share tips on negotiating tactics and new, creative contract terms to help mid-market CIOs make better deals.
Executive Competencies Assessment Tool
Assess Your Business Leadership Skills with the Council's new benchmarking tool. Rate yourself in change leadership, strategy, customer focus and more.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
Firefox Users Targeted By Rare Piece of Malware
Researchers at BitDefender have discovered a new type of malicious software that collects passwords for banking sites but targets only Firefox users.
December 04, 2008 — IDG News Service —
Researchers at BitDefender have discovered a new type of malicious software that collects passwords for banking sites but targets only Firefox users.
The malware, which BitDefender dubbed "Trojan.PWS.ChromeInject.A" sits in Firefox's add-ons folder, said Viorel Canja, the head of BitDefender's lab. The malware runs when Firefox is started.
The malware uses JavaScript to identify more than 100 financial and money transfer Web sites, including Barclays, Wachovia, Bank of America, and PayPal along with two dozen or so Italian and Spanish banks. When it recognizes a Web site, it will collect logins and passwords, forwarding that information to a server in Russia.
Firefox has been continually gaining market share against main competitor Internet Explorer since its debut four years ago, which may be one reason why malware authors are looking for new avenues to infect computers, Canja said.
Users could be infected with the Trojan either from a drive-by download, which can infect a PC by exploiting a vulnerability in a browser, or by being duped into downloading it, Canja said.
When it runs on a PC, it registers itself in Firefox's system files as "Greasemonkey," a well-known collection of scripts that add extra functionality to Web pages rendered by Firefox.
BitDefender has updated its products to detect it, and other vendors will likely follow suit quickly, Canja said. Users could avoid it by only downloading signed, verified software, but that's a measure that restricts the usability of a PC, he said.
The malware is not present in Mozilla's repository of add-ons, Canja said. Mozilla had taken steps to ensure that its official site hosting add-ons -- also called extensions -- are free from malware.
In May, Mozilla acknowledged that the Vietnamese language pack for Firefox contained a bit of unwanted code. Although widely reported as a virus, the language actually contained a line of HTML code that would cause users to view unwanted advertisements.
Mozilla now scans new add-ons for malware. However, those scans will only detect known threats, and there was no signature in the security software Mozilla was using at the time that could detect the code.
Mozilla said the code probably ended up in the language pack after the PC of its developer became infected. More than 16,000 people downloaded the language pack, but only about 1,000 people regularly use it.
After the incident, Mozilla said it would scan add-ons in its repository when antivirus signatures were updated.
Global Change in the TV Industry
The Gartner Magic Quadrant for IT PPM Applications
A Bottleneck-free Infrastructure
Investing in Business Analytics Technology
Document-Sharing Solutions
How Can Your Organization Weather This Economic Storm?
Managing Client Systems in the Enterprise
Webcast with Dan Vesset: Investing in Business Analytics Technology
Enterprise Cloud Computing: Ready for Primetime?
Preparing Your Business Services for the Future
Enterprise System Management Challenges in Big Organizations with Eli Almog
A Down-to-Earth look at Cloud Computing
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Wall Street Beat: Tech Shares Need to Rally Friday
Korea DDOS Virus Mission Shifts to Destroying, Erasing Data
Cisco Charts New Paths with Eos Media Platform
Google Chrome OS Shows Limitations of Android
Microsoft Ties Dynamics CRM to Twitter
Facebook Attracting More Users with Gray Hair, Wrinkles
Microsoft Promises to Stymie Hackers Next Week with New Patches
Cloud Computing, Security to Drive US Gov't IT Spending
The Botnet World is a Booming World
NTIA Seeks Volunteers to Review Broadband Applications
