What is Code Red Worm?

| November 14, 2018

article image
Code red is a computer worm that was identified in July 2001, when computers running on Internet Information Services (IIS) web server of Microsoft were found compromised. The after effect of the attack caused a damage of billions of dollars in the summer of 2001. Marc Maiffret and Ryan Permeh employees of eEye Digital Security discovered this worm when it exploited an existing vulnerability discovered by Riley Hassell. The named the computer worm, “Code Red” is because they were drinking Code Red Mountain Dew when they confirmed it as a threat. It displays a text string “Welcome to worm.com Hacked by Chinese!” and it runs on the memory erasing all files present in the hard drive. It infected close to 359,000 hosts on July 19, 2001.

Spotlight

NSHC

As one of the leading cybersecurity company of South Korea, NSHC is now the no.1 mobile security solution provider in Far East Asia, no.1 ICS/SCADA Offensive Security Service Provider in the whole of Asia, and striving further to be the top cybersecurity company in the world.

OTHER ARTICLES

Delivering on the promise of security AI to help defenders protect today’s hybrid environments

Article | February 20, 2020

Technology is reshaping society – artificial intelligence (AI) is enabling us to increase crop yields, protect endangered animals and improve access to healthcare. Technology is also transforming criminal enterprises, which are developing increasingly targeted attacks against a growing range of devices and services. Using the cloud to harness the largest and most diverse set of signals – with the right mix of AI and human defenders – we can turn the tide in cybersecurity. Microsoft is announcing new capabilities in AI and automation available today to accelerate that change. Cybersecurity always comes down to people – good and bad. Our optimism is grounded in our belief in the potential for good people and technology to work in harmony to accomplish amazing things. After years of investment and engineering work, the data now shows that Microsoft is delivering on the potential of AI to enable defenders to protect data and manage risk across the full breadth of their digital estates.

Read More

Guest Blog: Cyber security guidance for remote working

Article | March 20, 2020

In these challenging times, it’s sad to learn that cyber criminals are only increasing their activity as they look to capitalise on the Covid-19 crisis. With the NCSC (National Cyber Security Centre) issuing warnings of such activity on a daily basis, it’s important that we all work to protect our businesses from the damage of cybercrime. As many of us move to working from home, the opportunity for cyber attacks only increases, so it’s vital that we work together with our IT colleagues to adopt good cyber health practices. If you are working from home, you should only be using a VPN (Virtual Private Network) or a secure home network with strong end-to-end encryption; e.g. Office 365 SSL session. Don’t be tempted to use public wifi, as hackers can position themselves between you and the access point.

Read More

Cybersecurity Must Be Embedded in Every Aspect of Government Technology

Article | March 17, 2020

Cybersecurity has never been more important for every level of our government. The hacking attempts at major federal agencies have raised the profile of nefarious actors who use their highly advanced cyber skills to exploit both security and the vulnerabilities created by human error. Just last month, the Department of Defense confirmed that computer systems controlled by the Defense Information Systems Agency had been hacked, exposing the personal data of about 200,000 people. Additionally, the Department of Justice recently charged four members of the Chinese military for their roles in the 2017 Equifax breach that exposed the information of 145 million Americans. The hackers were accused of exploiting software vulnerability to gain access to Equifax’s computers. They are charged with obtaining log-in credentials that they used to navigate databases and review records.

Read More

NCSC makes ransomware attack guidance more accessible

Article | February 28, 2020

The UK’s National Cyber Security Centre (NCSC) has updated its guidance to organisations on how to mitigate the impact of malware and ransomware attacks, retiring its standalone ransomware guidance and amalgamating the two in a bid to improve clarity and ease confusion among business and consumer users alike. The NCSC said that having two different pieces of guidance had caused some issues as a lot of the content relating to ransomware was essentially identical, while the malware guidance was a little more up-to-date and relevant. The service said the changes reflect to some extent how members of the public understand cyber security. For example, it implies a distinction between malware and ransomware even though technically speaking, ransomware is merely a type of malware. “Not everyone who visits our website knows that. Furthermore, they might well search for the term ‘ransomware’ (rather than ‘malware’) when they’re in the grip of a live ransomware incident,” said a spokesperson.

Read More

Spotlight

NSHC

As one of the leading cybersecurity company of South Korea, NSHC is now the no.1 mobile security solution provider in Far East Asia, no.1 ICS/SCADA Offensive Security Service Provider in the whole of Asia, and striving further to be the top cybersecurity company in the world.

Events