Ken Dunham
Ken Dunham
dangerous site whether
There's no way for you to know whether a site is dangerous for a WMF exploit.
exactly growth predicted
In August, 2004, we predicted we'd see exponential growth, and that's exactly what we saw.
assets available small
It's such a small population. Other assets are available to attack.
afternoon anytime evening
The attack, if it comes, could come anytime after the afternoon and the evening of the 5th.
almost available data doubt evolving help impossible increased intelligence lead qualified research slowly threats worm
Slowly evolving threats like Grew.A often lead to increased fear, uncertainty and doubt without the help of an intelligence provider. It makes it almost impossible for some to get qualified research data on a worm when there is so much misinformation, aliases, and other data available on the Internet.
likely near past successful taken twelve
WMF exploitation has taken off in the past twelve hours. It's likely that WMF exploitation will be very successful in the near term.
code compared criminals expect financial fraud high might people profits types yield
This is not something I would expect to yield very high profits for criminals as compared to other types of financial fraud and extortion that might take place. Many people have backups of their files, and now the code has been cracked.
attacks concerned targeted threats trend
This is one of those big, under-the-radar threats that we've been concerned about. There has been a trend away from big-bang attacks to very targeted and sophisticated attacks that take place right under your nose. This is one of them.
attacks macintosh might serve
This could serve as a springboard for more attacks on the Macintosh because it might spawn copycats.
identified increases likelihood widespread
This increases the likelihood of exploitation, but widespread exploitation has not been identified to date.
exploit highly posted public today
A new, upgraded WMF exploit was posted to the public today and is highly functional.
act companies coordinate environment nice sample talk time
Anti-virus companies when they get a sample need to act on that quickly. They don't have time in their competitive environment to be able to go out and coordinate and have a nice little talk about naming.
boot clean cleaned viruses
You should boot from a clean disk before removing a virus. Some viruses can't be cleaned any other way.
proven social threat type worm written
This is a social engineering worm written in Russian. It is interesting when you look at it. This is a Java-based type of threat and it has been proven to be successful. We need to look at this and see what is going to be the threat down the road.