Security Fix
Main
Security
Anti-MalwareMalware
MSNBC Security
Security Fix
Security World News
Random Feeds
Archives
| Jul 2011 | Jun 2011 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 |Wed, 29 Apr 09
Equifax Outage Halts Credit Freezes, Fraud Alerts
http://feeds.voices.washingtonpost.com/click.phdo?i=0ef2a5bebb4498879af4c6cf66caae66
If you've frozen your credit file as a protection against identity thieves, you may have to wait a while longer to get it thawed out. Equifax, one of the big three credit reporting bureaus, is still reeling from a system-wide computer outage that began this weekend. Equifax spokesman Tim Kline said the company experienced a power outage on Sunday as a result of an electric transformer failure, and that it is in the final steps of bringing its last remaining systems online. "We still have some platforms we're bringing up, including those that allow people to unfreeze and freeze their credit, and place fraud alerts," Kline said. "Service is operational for virtually all of our customers and this is last area we need to resolve." That is to say, the only systems still to be brought back online are ones that are required by law and do not earn the
Wed, 29 Apr 09
Adobe Warns of Potential Reader Flaw
http://feeds.voices.washingtonpost.com/click.phdo?i=8c12ea7c7b1acf6d89a4a78f6d5b184f
Adobe Systems Inc. is warning about a potential new security flaw in the latest versions of its Adobe Reader products. In its product security incident response team blog, Adobe issued a brief advisory on Monday, saying it is investigating reports of a security hole in Adobe Reader 9.1 and 8.1.4. The company says it will provide an update once it gets more information. The SecurityFocus submission on this vulnerability indicates that it is a Javascript flaw in Reader for versions designed to run on Linux operating systems, although that advisory suggests that other versions or operating systems may also be affected. This may turn out to be nothing, but my gut tells me that we may soon be rehashing an incident from February, when malware and hackers were discovered to be using a previously unknown Javascript vulnerability in Adobe Reader to break into machines running the software. This also reminds
Tue, 28 Apr 09
Proposal Would Shore Up Govt. Cyber Defenses
http://feeds.voices.washingtonpost.com/click.phdo?i=17d9684ee37852b27ebe84e5e9c3da1d
While cyber attacks have evolved dramatically since the beginning of this decade, the regulations governing how federal agencies defend against digital intruders haven't been updated since 2002. Legislation expected to be introduced Tuesday in the Senate would seek to correct that imbalance. The "U.S. Information and Communications Enhancement Act of 2009," which would update the Federal Information Security Management Act, or FISMA, calls for the creation of hacker squads to test the defenses of federal agency networks. In addition, agencies would be required to show that they can effectively detect and respond to the latest cyber attacks on their information systems. Critics of the current law say it merely requires agencies to show they have the proper cyber security policies in place, but not necessarily demonstrate that those policies are helping to block or mitigate real-world attacks. "Only about five federal agencies are testing to see whether they are actually
Tue, 28 Apr 09
Scammers, Spammers Embrace Swine Flu News
http://feeds.voices.washingtonpost.com/click.phdo?i=f4f5a537d3a5f615138069b09e77fa3e
There's something vaguely diabolical about a form of unwanted communication named after a brand of canned, chopped pork that piggybacks on a public health scare involving a flu strain derived from swine. Yes, you guessed it: Spammers have seized upon public awareness around the Swine Flu epidemic to hawk knockoff prescription drugs. And we're not talking about flu vaccines, either. According to McAfee Avert Labs, over the weekend spammers began pumping out junk e-mail with various Swine Flu subject lines to trick people into opening the missives. McAfee says the first of those spam campaigns amounted to about 2 percent of global spam volume. Meanwhile, it appears that dozens of new Web site names with the term "swineflu" included in them were registered during the last few days. Researchers at security software maker F-Secure Corp. warn that if similar activity surrounding previous national emergencies is any indicator, scam artists may
Sat, 25 Apr 09
Planting Your Flag at Social Networking Sites
http://feeds.voices.washingtonpost.com/click.phdo?i=d4cddf0a96786b57a8bf7a0b6adef610
On Thursday I shared a laugh with a source at the expense of a mutual acquaintance: a security expert who has for the most part eschewed social networking sites. We were howling because someone who obviously knew enough about this person to push his emotional buttons had registered a Twitter account in his name and was posting some amusing but slightly mocking Tweets. The impersonated person even had several "followers" from the security community. I mention this because it raises an interesting question for people who have embraced social media, but only to a certain point: That is, does it make sense to go ahead and plant your virtual flag at various social networking sites before someone else does it for you, and potentially uses it to make fun of you -- or worse -- abuse your good name to trick your acquaintances into doing something harms you both? Indeed,
Sat, 25 Apr 09
Hack Against ISP Hijacks Bank, Google Adsense
http://feeds.voices.washingtonpost.com/click.phdo?i=f370454398498abbaf2620b20e0f2e8e
Hackers hijacked a major Brazilian ISP this month in a sophisticated attack that silently served up malicious software and phishing scams to more than a million customers. According to Brazilian news outlet Globo.com, unknown attackers hijacked the domain name system (DNS) records for NET Virtua, a broadband provider that serves at least 1.4 million customers in the region. NET Virtua's DNS records reportedly were hijacked on April 11, so that customers who visited any site that ran Google Adsense content were redirected to a site that tried to install and run a Java applet that in turn installed a Trojan horse program. Globo.com said the attackers also took aim at Bradesco, one of Brazil's largest financial institutions. NET Virtua customers who tried to visit Bradesco.com.br during the four hours the DNS records were hijacked were redirected to a counterfeit version of the site designed to steal customer credentials, the story
Fri, 24 Apr 09
Earthlink Outage Blamed on Earth Day Power Failure
http://feeds.voices.washingtonpost.com/click.phdo?i=c607246cd6f6dd19d496e928356e0f63
Atlanta based Internet service provider Earthlink had an outage for several hours on Wednesday, temporarily interrupting e-mail service. It also knocked offline many of the 87,000 Web sites it hosts, including the company's own homepage. Several readers have written Security Fix asking what's up, and some have speculated that the fact that Earthlink was felled on Earth Day was just too perfect to be caused by anything but an attack on the company. The reality is far more ironic: A spokeswoman for Earthlink blamed the incident on a power outage in Pasadena, California.
Fri, 24 Apr 09
IRS Awards Tax Payment Contract to RBS Worldpay
http://feeds.voices.washingtonpost.com/click.phdo?i=e894a30533bcef73055d59e702dfa329
The Internal Revenue Service has awarded a contract to process tax return payments for the coming filing season to RBS Worldpay, a company that recently disclosed that a hacker break-in jeopardized financial data on 1.5 million payroll card holders and at least 1.1 million Social Security numbers. The contract award comes a month after credit card giant Visa said RBS was no longer in compliance with the Payment Card Industry (PCI) security standards, a set of guidelines designed to protect cardholder data. RBS spokesman Josh Passman said the company expects to be re-certified as PCI compliant "within the next few weeks." The contract awarded to RBS is a what's known as a "zero dollar" contract, meaning the government doesn't award a specific dollar amount. Rather, the approved vendor takes a convenience fee for each transaction it processes. According to a copy of the contract listed at fedbizopps.gov, RBS's base convenience
Thu, 23 Apr 09
Obama's Cyber Czar Offers Few Details on Govt. Strategy
http://feeds.voices.washingtonpost.com/click.phdo?i=4da5c018cc5261555f6cb75c00c0e113
Those who were hoping to hear details today about how the Obama administration plans to revamp the government's approach to cyber security threats may have to wait a little while longer. In a much-anticipated speech at the RSA security conference in San Francisco today, Melissa Hathaway, the White House's top cyber official, instead highlighted all of the meetings, studies, and recommendations that have informed the administration's 60-day cyberspace policy review, which was completed last week. But details about how the administration might seek to organize and streamline the government's cyber efforts were lacking. Much of the coverage of the administration's cyber review has focused on the power struggle on cyber underway between the Department of Homeland Security and the National Security Agency. The Obama administration also is finalizing plans for a new Pentagon command to coordinate the security of military computer networks and to develop new offensive cyber weapons. Meanwhile,
Thu, 23 Apr 09
Congress Investigating P2P Data Breaches
http://feeds.voices.washingtonpost.com/click.phdo?i=9021aaa35cdef6e75864158a9844ab23
A key oversight panel in the House of Representatives said this week that it is re-opening an investigation into the "indavertent sharing" of sensitive government and consumer data through popular peer-to-peer file swapping programs such as BearShare and Limewire. The inquiry from the House Committee on Oversight and Government Reform comes just weeks after revelations that blueprints for Marine One -- President Barack Obama's helicopter -- were being traded on P2P networks. Committee Chairman Edolphus Towns (D-N.Y.) and ranking Republican Darrell E. Issa (Calif.) sent a letter (PDF) to Attorney General Eric Holder, asking the Justice Department to detail what it is doing to protect Americans from the dangers of data breaches via P2P networks. The committee also asked (PDF) Federal Trade Commission Chairman Jonathan Leibowitz what his agency was doing to investigate P2P networks, and whether the makers of P2P software were adequately disclosing to consumers the risks associated
Thu, 23 Apr 09
Time for an Internet A-Team?
http://feeds.voices.washingtonpost.com/click.phdo?i=36aa943f2f0f8ed6fe92c617059ba477
Last week, I spoke to Joe Stewart, a senior security researcher at Atlanta based SecureWorks who probably has done more than any other researcher to make life more difficult and expensive for cyber crooks. Stewart is speaking at the RSA Security conference in San Francisco on Thursday about what he thinks can be done to institutionalize some of these efforts. Stewart says the world needs a more concerted effort to identify -- if not apprehend -- top cyber criminal actors. He also said that ISPs need to be held more accountable when they ignore overt signs of persistent criminal activity on their networks. What follows are some excerpts from our discussion: Stewart: We've had some small victories here and there, but overall the Internet security community hasn't been terribly effective. We're not really stopping them. BK: Why do you think that is? Stewart: One of the conclusions we came to
Wed, 22 Apr 09
Cyber Spies Breach Pentagon's Fighter Jet Project
http://feeds.voices.washingtonpost.com/click.phdo?i=061839f06d12790fe53974459e7c09c9
Cyber spies have broken into the Pentagon's $300 billion Joint Strike Fighter project - the defense department's costliest weapons program ever, according to the lead item in today's Wall Street Journal. From the story: Similar incidents have also breached the Air Force's air-traffic-control system in recent months, these people say. In the case of the fighter-jet program, the intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft. Attacks like these -- or U.S. awareness of them -- appear to have escalated in the past six months, said one former official briefed on the matter. "There's never been anything like it," this person said, adding that other military and civilian agencies as well as private companies are affected. "It's everything that keeps this country going. The disclosure is the latest tale
Sat, 18 Apr 09
World's First Mac Botnet? Not Quite.
http://feeds.voices.washingtonpost.com/click.phdo?i=cb4ee72a57023906ad7424d5fd3dd6f1
This morning, as I scrolled down the list of security Web sites I normally check via my RSS reader, I noticed several items referencing news about the "world's first Mac botnet." As I read on, it became clear this was neither news nor a first. Ryan Naraine from ZDNet.com writes about a paper released via Virus Bulletin (subscription required) by a pair of Symantec researchers who found what was described as "the first Mac OS X botnet launching denial-of-service attacks." The story goes on to describe how the researchers traced the botnet back to Mac users who had installed pirated copies of Apple's iWork 2009 software. Back in January, many tech outlets wrote about a Trojan that was being distributed with copies of iWork 2009, that was available on Bittorrent and other file-sharing services. In my own coverage of that Trojan, I interviewed Pete Yandell, a software developer from Australia
Fri, 17 Apr 09
Creating a Public Nuisance with Insecure Web Sites
http://feeds.voices.washingtonpost.com/click.phdo?i=a4381a7f6d6a62c6e3a18b93a0af446b
Thousands of Web sites that were cited last year for harboring security flaws that could be used to attack others online remain a hazard and an eyesore along the information superhighway. At issue are sites that harbor so-called cross-site scripting (XSS) vulnerabilities, which occur when Web sites accept input from a user -- usually from something like a search box or e-mail form -- but do not prevent users from entering malicious code or other instructions. Once the code is entered, the URL that the Web site spits back can then be used for phishing scams. Unlike other scams, the URLs used in these cases look more legitimate. A typical XSS attack usually goes like this: The bad guys send out e-mails designed to look like they were sent by a trusted e-commerce company. The e-mails instruct recipients to click on a link and update their account information. Instead of
Fri, 17 Apr 09
Hackers Test Limits of Credit Card Security Standards
http://feeds.voices.washingtonpost.com/click.phdo?i=ee32a4e29ae5a259dd7ede439f20cc57
The number, scale and sophistication of data breaches fueled by hackers last year is rekindling the debate over the efficacy of the credit card industry's security standards for safeguarding customer data. All merchants that handle credit and debit card data are required to show that they have met the payment card industry data security standards (PCI DSS), a set of technical and operational requirements designed to safeguard cardholder information from theft or unauthorized access. Yet, some of the most notable data breach incidents last year targeted companies that had recently been certified as compliant with those standards, raising the question of whether the standards go far enough, or if entities that experienced a breach are falling out of compliance with the practices that led to their certification. In a recent hearing on PCI standards at a House Homeland Security Committee panel, experts from the retail sector charged that the entire
Thu, 16 Apr 09
Glut of Stolen Banking Data Trims Profits for Thieves
http://feeds.voices.washingtonpost.com/click.phdo?i=6aa641bcfae035b7e31fdb45441512f6
A massive glut in the number of credit and debit cards stolen in data breaches at financial institutions last year has flooded criminal underground markets that trade in this material, driving prices for the illicit goods to the lowest levels seen in years, experts have found. For a glimpse of just how many financial records were lost to hackers last year, consider the stats released this week by Verizon Business. The company said it responded to at least 90 confirmed data breaches last year involving roughly 285 million consumer records, a number that exceeded the combined total number of breached records from cases the company investigated from 2004 to 2007. Breaches at banks and financial institutions were responsible for 93 percent of all such records compromised last year, Verizon found. As a result, the stolen identities and credit and debit cards for sale in the underground markets is outpacing demand
Thu, 16 Apr 09
Microsoft Fixes 23 Software Security Flaws
http://feeds.voices.washingtonpost.com/click.phdo?i=d47d8c55dcf8d1820c29c167254816ad
Microsoft on Tuesday issued eight security updates to plug at least 23 security holes in its Windows operating systems and other software. The patches are available through Windows Update or via Automatic Updates. One patch fixes six flaws in Internet Explorer 6 & 7 (the flaws are not present in IE8), including the carpetbombing issue. Microsoft addressed that vulnerability with this IE update, as well as with a stand-alone fix for Windows XP and newer Windows versions. Microsoft has rated this update critical, meaning attackers could exploit these IE flaws merely by convincing a user to visit a hacked or booby-trapped Web site. Redmond also issued updates to fix at least two zero-day threats, vulnerabilities that hackers have been exploiting in targeted attacks to break into Windows systems. These updates include a fix for an Microsoft Excel vulnerability, and an update for a hole in most supported versions of Wordpad/Microsoft
Wed, 15 Apr 09
Report: China, Russia Top Sources of Power Grid Probes
http://feeds.voices.washingtonpost.com/click.phdo?i=0df7572f2c8c7d6b9a8182f146f2d12e
Last week, blogs and the mainstream press alike were abuzz with reports that Chinese and Russian hackers had penetrated the U.S. power grid and left behind secret back doors. The original story, a piece in the Wall Street Journal, was light on details, and many readers have asked me if I uncovered additional nuggets of knowledge about the existence of these back doors. I have not. But I have discovered some interesting data published recently, which seems to support the notion that China and Russia are quite interested in locating digital control systems connected to our nation's power grid and other complex critical infrastructures. The data comes from a white paper released late last month by Team Cymru, a group of researchers who try to discover who is behind Internet crime and why. That document sought to provide empirical evidence to show which nations were most active in probing our
Sat, 11 Apr 09
Conficker Worm Awakens, Downloads Rogue Anti-virus Software
http://feeds.voices.washingtonpost.com/click.phdo?i=58571342063667f4d6c07f6b33cd430d
Security experts nervously watching computers infested with the prolific Conficker computer worm say they have begun seeing infected hosts downloading additional software, including a new rogue anti-virus product. Since its debut late last year, the collection of hundreds of thousands - if not millions - of systems sick with Conficker has somewhat baffled security researchers, who are accustomed to seeing such massive networks being used for money-making criminal activities, such as relaying junk e-mail. Today, however, that mystery evaporated, as anti-virus companies reported seeing Conficker systems being updated with SpywareProtect2009, a so-called "scareware" product that uses fake security alerts to frighten consumers into paying for bogus computer security software. According to Kaspersky Labs, once the scareware is downloaded, the victim will see the usual warnings, "which naturally asks if you want to remove the threats it's 'detected'. Of course, this service comes at a price - $49.95." Kaspersky reports that
Fri, 10 Apr 09
Digital Pearl Harbor, Cyber 9/11, and E-Qaeda
http://feeds.voices.washingtonpost.com/click.phdo?i=5596803f2c1acb8801ecd1963a33b2a3
From today's print edition of The Washington Post come a pair of alarming stories about how Chinese hackers and terrorist groups have infiltrated our electric power grid and are using our own digital infrastructure against us. A piece on page A4 talks about cyber spies having left behind software backdoors on networks connected to the U.S. power grid. A story on the front page warns that terrorist groups who have sworn to destroy the United States are taking full advantage of Web site hosting and registration services here in our backyard. The stories each are a fascinating read, but both have been told before. Hackers motivated by financial gain have been both infiltrating power networks and using our Internet infrastructure against us for years. The main differences these stories highlight are in attribution -- that is, who's responsible -- and intent, or their implied goals. For example, most malicious software,
Thu, 9 Apr 09
Microsoft: Dramatic Rise in 'Scareware' Infections
http://feeds.voices.washingtonpost.com/click.phdo?i=9c92c3fc539e65ce88e0fa211bee8282
"Scareware," or programs that masquerade as legitimate security and anti-virus software and then frighten and bully users into paying for them, have emerged as the most prolific and fastest-growing threats facing PC users, according to a biannual security report released this week by Microsoft Corp. George Stathakopoulos, general manager of Microsoft's trustworthy computing group, said these rogue security products can snare even experienced computer users. "Some of these sites and products look really professional and well-done, with trademarks and copyrighted material," Stathakopoulos said. "If you're in a situation where you don't already have security software and you have not yet figured out the state of the machine, you will look for a solution, and these are solutions that come to you." Microsoft found that in the second half of last year, seven of the top 25 malicious software families removed from Windows computers were scareware titles such as Antivirus2008, XPAntivirus,
Wed, 8 Apr 09
Time to Update Java
http://feeds.voices.washingtonpost.com/click.phdo?i=63acd0bd3b8c20bb583a15c06f7ea02b
Sun Microsystems has shipped an update to its widely deployed Java platform that fixes multiple security flaws present in older versions. The latest Java software, Java Version 6 Update 13, is available from this link here. Not sure what version of Java you have? Check out this page, and click the "Do I Have Java?" link. Users of more recent Java versions may already have received a prompt from the built-in auto-update client to grab this version. After updating, you may find older versions of Java still present in the Windows "Add/Remove Programs" listing. If you spot any older versions, go ahead and remove those. Be advised that Sun's installer may by default install some browser add-on, such as Microsoft's MSN Toolbar (this is the plug-in the Update 13 installer offered me when I ran it on a Windows 7 Beta machine using IE 8). If you want the Java
Mon, 6 Apr 09
Web Sites Disrupted By Attack on Register.com
http://feeds.voices.washingtonpost.com/click.phdo?i=b0743ee811c317379e33ff131c41a048
Web site host and domain name registrar Register.com has been the target of a sustained attack this week, disrupting service for thousands of customers. The attacks began on Wednesday, causing a three-hour outage for many Web sites that rely on the company for hosting and/or use the company's domain name system (DNS) servers, said Roni Jacobson, executive vice president at Register.com. The outage was the result of what's known as a distributed denial of service (DDoS) attack, in which attackers cause hundreds or thousands of compromised PCs to flood a target with so much junk traffic that the Web site can no longer accommodate legitimate visitors. Typically, DDoS attacks are waged as a way for criminals to extort money from the targets, who are told the attack will cease when a ransom demand is paid. Jacobson declined to say whether Register.com had received any extortion demands. "We did have a
Sat, 4 Apr 09
Conficker's April Fools Fizzled, But Threat Remains
http://feeds.voices.washingtonpost.com/click.phdo?i=7d24bb3181fa452deb081679959c2cad
Security experts selling weapons to ward off the dreaded Conficker warned anyone who would listen that April 1 could be a day of destruction, as millions of infected machines started phoning home for malicious software updates. Of course, not only was April Fool's Day a non-event for Conficker, but now comes news that there are far fewer than millions of systems infected with this version of the worm. Earlier in the week Security Fix reported that only six percent of the world's Conficker-infected systems are in North America, let alone the United States. On Thursday, the researchers who brought us that news - from Atlanta based Internet Security Systems - published their best guess of how many Windows systems are infected wtih Conficker.C, the only version of the worm that instructs computers to search the Internet and private P2P networks for updates after April 1. ISS's Holly Stewart writes that
Fri, 3 Apr 09
FBI: Internet Fraud Rates Rose 33% Last Year
http://feeds.voices.washingtonpost.com/click.phdo?i=e9f7ebf3f56b16b56d2e928f096d075d
Internet fraud complaints to the FBI by consumers increased more than 33 percent in 2008 over the previous year, according to figures released this week. Some 275,284 complaints were filed last year with the Internet Crime Complaint Center (IC3), a partnership between the FBI and the National White Collar Crime Center. In 2007, the IC3 received 206,844 complaints. The report shows that the nation's capital appears to be home to the largest concentration of online con artists in the country. The District of Columbia ranks #1, just ahead of Nevada and Washington State, in terms of online fraud perpetrators per 100,000 residents, the IC3 found. The non-delivery of merchandise and/or payment was by far the most reported offense, accounting for nearly one-third of all referred cases, the IC3 reports. Internet auction fraud made up 25.5 percent of referred complaints, while credit/debit card fraud comprised 9 percent. The total dollar loss
Thu, 2 Apr 09
Google: Spam Levels Back to Pre-McColo Levels
http://feeds.voices.washingtonpost.com/click.phdo?i=02757f8e12aacbd3982d44af26e35ede
Spam levels have finally bounced back to levels seen prior to the shutdown of notorious Web hosting provider McColo in November of last year, at least from the vantage point of Postini, Google's e-mail security provider. Postini said its measure of the seven-day average spam volume didn't return to pre-McColo measurements until March 23. "What we have seen in Q1 is a slow but steady return to before-McColo" spam levels, said Adam Swidler, Postini's product marketing manager. Still, just as some anti-spam hardware and software vendors saw anywhere from a 50 percent to 75 percent drop in spam after McColo was shuttered, depending on their view, I should note that some e-mail security providers cited a resumption of pre-McColo spam levels as early as December. As far as spam trends in first quarter 2009, the spammers appear to be dusting off tried-and-true infection and distribution methods, Postini reports. Virus-laden e-mail
Thu, 2 Apr 09
Conficker Worm Strike Reports Start Rolling In
http://feeds.voices.washingtonpost.com/click.phdo?i=61ac084177255e64a4567b3ff4eb5f8b
Editor's Note: The following was written in the spirit of April Fool's Day. Brian is following the story and if there are real reports of outbreak, he'll report them in a separate post. Reports are trickling in about the impact from the Conficker worm, as infected systems passed zero hour at midnight and began downloading additional malicious components. Here's a quick roundup of some of the more notable incidents caused by Conficker so far, according to published reports: - A nuclear missile installation near Elmendorf Air force Base outside of Anchorage, Alaska briefly went on a full-scale military alert after technicians manning the bunker suspected that several of their control systems were infected with Conficker. According to wire reports, the remote facility temporarily moved to Defense Condition (Defcon) 3 in the pre-dawn hours, but quickly backed down from that posture. An airman at the installation who asked not to be
Wed, 1 Apr 09
Asia, Europe, S. America Biggest Conficker Targets
http://feeds.voices.washingtonpost.com/click.phdo?i=0155c194c4912fe789c3ed5ff5d333be
It's still not clear what, if anything, millions of Microsoft Windows systems infected with the much-hyped Conficker worm will do in the next 12 hours, when the systems are expected to seek out new instructions from the worm's author(s). If anything significant does happen, however, it will disproportionately affect PCs and networks in Asia, Europe and South America, and comparatively few systems in North America, new research suggests. Researchers at IBM's Internet Security Systems say they found a way to decode the encryption that masks the data shared by peer-to-peer communications software planted on all systems infected by Conficker.C. As a result, ISS has been able to begin charting the location of infected systems across the globe. According to ISS, only 6 percent of the known infections are located in North America, let alone the United States. In contrast, nearly 45 percent of infections are in Asia, while Europe accounts