Businesses who may not have applied a Microsoft patch issued last year are now being attacked by a worm targeting the vulnerability.
Multiple security organizations have issued warnings about the worm, deemed Downadup, which attacks the vulnerability outlined in the Windows Server service flaw, MS09-067, that was patched last October, Zdnet.com reports. The worm uses a dictionary attack in an attempt to crack user passwords, as well as using "server-side polymorphism and modification to the Access Control Lists."
Once again, Major League Baseball's website has been caught serving ads designed to infect its considerable base of visitors with malware that trashes their machines.
The Storm Worm has been causing havoc for over two years now, transforming more than a billion computers into drones. Following a surprisingly unsuccessful mission by Microsoft’s Malicious Software Removal Tool around 100,000 drones still remain.
The attacks on Thursday took down the Web sites for The United States Army Military District of Washington and the NATO Parliamentary Assembly, according to Zone-H, a Web site that tracks defacement activity.
Auditor: IRS Still Vulnerable to Cyber Breaches
"These deficiencies represent a material weakness in IRS's internal controls over its financial and tax processing systems," the GAO report said. "Until IRS takes these steps, financial and taxpayer information are at increased risk of unauthorized disclosure, modification, or destruction, and the agency's management decisions may be based on unreliable or inaccurate financial information."
Cracking the bank