Over a week ago, several security experts noticed that exploit code for a recently-disclosed vulnerability in Microsoft Windows was circulating throughout the hacker underground, and said that another MSBlaster-style worm was only “days away.” No such worm appeared. What gives? “We saw a highly functional binary that exploited Microsoft 2000 and evidence of tools that would allow an attack on Windows XP,” said Ken Dunham, an analyst with security firm iDefense, and one of those who claimed that a so-called MSBlaster II worm was imminent. On further analysis, it turned out that the code was buggy, and didn’t always work. “It’s hard to predict what’s out there,” Dunham said in defending the announcement of an imminent MSBlaster II worm. “But [security firms] do understand trends. We have a good understanding of the hacker underground, and we were seeing a ton of activity on the 039 vulnerability. We really thought that something was going to happen.” Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.