Beware Of Web-Mole Threat!

Following reports of ‘Web jacking’, a new type of crime sweeping the Internet, computer forensics experts are urging IT managers to investigate its use in industrial espionage.

National computer forensics firm, Zentek Forensics, claims that while Web-jacking is a new phenomena for home PC users, similar techniques are being widely-used in commercial environments.

Web-jacking involves planting a Trojan on a PC or server in order to gain access to or steal files, often with criminal intent. Trojan programs are so-called because they enter a system in a seemingly harmless way, but once activated release ‘malicious code’ which effectively unlocks a back-door to PCs and servers.

Whereas home PC users are being taken in by the use of ‘pop-ups’ to plant the Trojan, businesses face an even bigger potential threat – from their people. In today’s cut-throat business environment, there is a rise in cases of companies sending spies into competitors. The moles’ go ‘undercover’ as employees to plant the Trojan directly onto computer hard drives, usually via a portable storage device such as a memory stick.

Even those with seemingly robust IT security are at risk, as John McConnell, Forensics Analyst at Zentek Forensics, explains: “We had a case where a ‘keylogger’ had been installed by a cleaner, which captured the key strokes of the company and sent them to their competitor. They lost some major accounts, however we were able to discover the hidden Trojan on the system, which gave the company legal recourse.”

Businesses often investigate the possibility of industrial espionage by checking files themselves, however they inadvertently render the evidence inadmissible in Court. John says: “Computers, like any other crime scene, need to be treated carefully. The biggest issue in cases of industrial espionage is the preservation of evidence. For example, the simple act of opening an email or investigating file access by suspect employees could ruin your evidence.

“Businesses should call in computer forensic experts in cases of suspicion, at the earliest opportunity. The hardware can be then analysed in the proper manner, and any evidence recovered can be presented in Court.”

Advancements in the computer forensics industry over the past 10 years means it is playing an increasing role in prosecutions of all types of cases, ranging from fraud, terrorism, and industrial espionage to employment tribunal hearings and commercial contract breaches.
Source From Al & Mike News http://alandmike.wordpress.com

CBS offers downloads of TV shows on iTunes

CBS Corp., which already sells episodes of its hit television shows "Survivor" and "CSI" on Google Inc.'s online video store, is now offering the downloads on Apple Computer Inc.'s iTunes Music Store.

"We have all the top shows from all the major networks now," said Eddy Cue, Apple's vice president of applications.

Apple's online store already carries other popular shows from ABC, NBC and Fox. Until Thursday, it offered some CBS programming, such as
NCAA basketball, but not prime-time hits.

The Cupertino, Calif.-based company has sold more than 30 million videos since iTunes debuted TV shows and music videos in October.

Source From Al & Mike News http://alandmike.wordpress.com

Congress To Vote on Net Neutrality

The House of Representatives is due to debate a wide-ranging telecommunications reform bill as soon as Thursday, and lawmakers will have a chance to vote on a net neutrality amendment, House leaders said.

The telecom bill, sponsored by Representative Joe Barton (news, bio, voting record), is largely focused on allowing telecom carriers to bypass local government franchise requirements when they roll out television over Internet Protocol services in competition with cable TV.

The House Rules Committee, which decides what amendments will be allowed on the House floor, voted Wednesday to allow two major net neutrality amendments to be voted on when the House debates the telecom bill.
Amending Antitrust Law

One amendment, based on a bill sponsored by Representative James Sensenbrenner, a Wisconsin Republican, would change U.S. antitrust law by requiring broadband providers to give independent content providers the same speed and quality of service as they have.

The second amendment, sponsored by Representative Ed Markey, a Massachusetts Democrat, would require broadband providers that set aside faster connections for new services such as video over Internet Protocol to offer the same speeds to competing services.

Barton, chairman of the House Energy and Commerce Committee, said Wednesday he opposes a move to allow a net neutrality amendment prohibiting broadband providers from blocking or impairing competing Web content.

But Speaker
Dennis Hastert, the top-ranking Republican in the House, said Wednesday lawmakers would be able to vote on some form of a net neutrality amendment to Barton's bill. While Barton, a Texas Republican, opposes a net neutrality amendment, Sensenbrenner, chairman of the
House Judiciary Committee, has pushed for a net neutrality law.
Preserving Access

On Tuesday, the Christian Coalition, a group that has influence among many Republicans, sent a letter to the Rules Committee urging it to allow a net neutrality amendment.

"There is nothing to stop the cable and phone companies from not allowing consumers to have access to speech that [providers] do not support," said Roberta Combs, the Christian Coalition's president, in the letter.

Net neutrality advocates have been rejected when trying to push legislation forward in the House this year, Barton said. "I am not an advocate of giving them another bite at the apple," he said.

Barton has argued that a net neutrality provision isn't needed because there's little evidence of broadband providers blocking content.

Many consumer groups and Internet-based companies have criticized the Barton bill, saying it doesna??t provide broadband customers strong enough protections against giant broadband carriers blocking or restricting competing Web content.
Previous Debates

In recent months, broadband providers AT&T and BellSouth have said theya??ve considered business plans that would allow them to charge Internet companies an extra fee for faster speeds, with companies not paying the extra fee receiving slower connections.

Broadband providers need new business models to pay for next-generation networks, the providers argue.

The Barton bill says broadband providers should not block or impair competing content, but it would allow the
Federal Communications Commission to investigate blocking abuses only after the fact, and it would prohibit the FCC from creating new net neutrality rules.

The Senate is debating its own broadband bill. The Senate bill is broader than the Barton legislation, but it would also streamline video franchising for telecom providers.

Source From Al & Mike News http://alandmike.wordpress.com

BlackBerry addict? – Hotel offers detox

BlackBerry addicts have a crack at freedom when they check into one Chicago hotel: the manager will put the communications devices and others like them under lock and key for guests who want a break.

Rick Ueno, general manager of the Sheraton Chicago Hotel, said the program which began on Wednesday grew out of his own personal BlackBerry addiction. His one-step recovery was switching to a regular cell phone.

"I was really addicted to my BlackBerry. I had an obsession with e-mail," he told Reuters. "Morning and night. There came a time when I didn't think it was healthy … I quit cold turkey."

He believes guests might want to try the same thing for a day or two anyway, so they can concentrate on meetings, business and socializing while at the hotel.

Ueno said he would take personal charge of any BlackBerrys or related devices guests want to surrender and place them in his office locked up until their return is requested. There is no charge.

"I run a hotel with over 900 employees and thousands of guests. I think I'm more effective. I feel better. I sleep better. My family likes it," he said of his post-BlackBerry life.

The popular hand-held devices, sometimes called "CrackBerries" because users become so reliant on them, are made by Canadian-based Research In Motion Ltd..

Source From Al & Mike News http://alandmike.wordpress.com

Study finds companies snooping on employee e-mail

Big Brother is not only watching but he is also reading your e-mail.

According to a new study, about a third of big companies in the United States and Britain hire employees to read and analyze outbound e-mail as they seek to guard against legal, financial or regulatory risk.

More than a third of U.S. companies surveyed also said their business was hurt by the exposure of sensitive or embarrassing information in the past 12 months, according to the annual study from a company specializing in protecting corporate e-mail at large businesses.

"What folks are concerned about is confidential or sensitive information that is going out," said Gary Steele, chief executive of Cupertino, California-based Proofpoint Inc., which conducted the study along with Forrester Research.

The top concern was protecting the financial privacy and identity of customers followed by compliance issues and a bid to prevent confidential leaks. Businesses ranked monitoring for inappropriate content and attachments as less important.

Steele also said on Friday that more and more companies are employing staff to read outgoing e-mails of workers who typically have no idea their correspondence is being monitored.

"It is not something that is broadcast," Steele said. "There are organizations where employees think they can say whatever they want to say and nobody is going to read it."

The survey gathered responses concerning e-mail security from 406 companies in the United States and the United Kingdom with more than 1,000 employees.

In both regions, 38 percent of respondents said they employed staff to read or otherwise analyze outbound e-mail. In the United States, 44 percent of companies with more than 20,000 employees said they hire workers to snoop on workers' e-mail.

Nearly one in three U.S. companies also said they had fired an employee for violating e-mail policies in the past 12 months and estimated that about 20 percent of outgoing e-mails contain content that poses a legal, financial or regulatory risk.

Source From Al & Mike News http://alandmike.wordpress.com

Microsoft Drops PDF From Office

Microsoft has decided to delete from the next version of Office an option to save documents in PDF after Adobe Systems threatened to take legal action.

"We offered to them that we would do this, and now we've unilaterally made the decision to do it," Microsoft spokesperson Jack Evans said on Friday. The company also will remove a feature to save documents as XML Paper Specification (XPS) files in Office; XPS is Microsoft's rival file format to the PDF file format.

Adobe had threatened legal action against Microsoft in Europe over its use of Adobe's Portable Document Format (PDF), which lets users create electronic documents. It's unclear whether that action would be in the form of a complaint to the
European Union or a formal antitrust suit, sources close to Microsoft said Friday. Adobe spokesperson Jodi Warner said Friday that Adobe "has made no determination" whether it will take action.
Negotiations Stalled

The dispute between the companies began in February when Adobe raised concerns over Microsoft's plans to offer a "Save as PDF" feature in its Office 2007 suite. Beta versions of the software with this feature are already available.

Now, with Microsoft's decision to remove the function, users who purchase the final Office 2007, due out later this year, must separately download free software to save documents created in Office applications as PDF or XPS files, according to Microsoft.

Microsoft representatives say Adobe wants its software to be removed from Office and offered separately for a fee, and the companies had been trying to work out a compromise.

"We have taken a number of significant steps to accommodate Adobe and offered many proposals in an effort to avoid a dispute," Evans said. "But we have now reached a point where we feel what they are asking for is not in the best interest of our customers."
Adobe Wary

Adobe's Warner has said Microsoft is an important partner for Adobe but that the company remains concerned about monopolistic practices.

"As our CEO Bruce Chizen has stated publicly numerous times in the past, Microsoft has a monopoly and we are always concerned about the possibility that they might abuse that monopoly," she said.

Evans said Microsoft has offered to make changes to its software and even to ship Adobe products with Windows in an effort to resolve the disagreement.

In addition, Microsoft has offered to ship Adobe's Flash and Shockwave software with every copy of Windows Vista and give hardware vendors the option to remove XPS from Windows, Evans said. Still, Adobe wants Microsoft to take even stronger moves to "charge customers a price for using what everyone else in the world can use for free," he said.

News of possible legal action by Adobe in the E.U. was first reported Friday in The Wall Street Journal.

Source From Al & Mike News http://alandmike.wordpress.com

Phishers use Microsoft Word hole as bait

Microsoft last week said it would rush to deliver a patch for a recently discovered hole in Microsoft Word that was being used in sophisticated online attacks.
The company plans to release a fix for the hole in Word XP and Word 2003 on or before its scheduled June 13 patch release. Customers were advised to run Word in Safe Mode in the meantime to prevent exploitation.

The warning came after anti-virus firms reported focused “spear phishing” attacks against companies and government agencies in the
European Union and the United States that used the Word flaw to plant Trojan horse programs on vulnerable machines.

The attacks are rated “low” for most companies. However, that could change if the Word exploit is circulated widely, said Johannes Ullrich, CTO of the SANS Internet Storm Center.

Source From Al & Mike News http://alandmike.wordpress.com

IM: Friend or foe?

Anyone reading this article has probably heard of IM, or instant messaging. In short, IM is communication over a network by using a program (client).

Programs such as ICQ, MSN Messenger, and AOL Instant Messenger all facilitate in IM communications across the Internet.

This technology has evolved over the past several years to include more collaborative tools such as desktop sharing, file transfer, and video.

With the introduction of such tools, various security concerns have been raised. How do you monitor file transfers in and out of your network? Is there a risk for virus intrusion?

From the business standpoint, will productivity slip if staff members are using IM all day?

These are valid concerns for any business, large or small. But there is good news for those businesses that value IM communications for increased team collaboration.

Several services offer IM filtering and file transfer blocking. How does this help?

First off, businesses can enforce rules for IM sessions. One option included is whether or not files can be transferred. By implementing such a rule, companies can mitigate the risk of unauthorized file transfer.

Companies like Websense and SurfControl offer these web filtering tools along with other Internet filtering and reporting capabilities.

In many industries, IM hasn’t been seen as an immediate threat to security or productivity. But as the client software evolves and end-users become more accustomed to communications over the Internet, small and large business owners alike will have to address the IM technology.

For the small business, establish a clearly defined policy on IM. If you find that using a client such as MSN Messenger is vital to your constant communications with staff members, customers, or vendors, then make sure everyone involved understands the proper use of the systems.

For easier evaluation of corporate policy, IM can be thought of as a similar technology as email. Although electronic mail is not as real-time as IM, it is a similar idea (communications across a network). You may find it useful to adopt the same policies that govern employee usage of email for IM communications.

Talk with your local technology vendor about the right solution for your network. You may find that IM is your friend, not your foe.

Source From Al & Mike News http://alandmike.wordpress.com

Microsoft beats JPEG with new photo format for Vista (WMP Vs JPEG)

Microsoft Corp. unveiled a new photo format it claims will provide better quality at half the size of a JPEG image. Windows Media Photo (WMP) will be built into the next-generation of Windows, called Vista.

"One of the biggest drivers for upgrading computers is digital photography, so anything we do to make digital photography better is good for Windows," said Bill Crow, senior program manager for WMP. Crow presented the technology publicly for the first time at the Windows Hardware Engineering Conference here Wednesday (May 24).

Microsoft has been working on the photo format with unnamed partners, including camera makers, for nearly four years. "It’s been very much driven by their feedback," said Crow.

Windows Media Photo takes a significantly new approach to the same basic discrete cosine transform technology used in JPEG. Crow described the algorithm as a bi-orthoginal lapped transform based on published work from Microsoft Research. The format also includes a fresh approach to areas such as color space and color conversion.

Source From Al & Mike News http://alandmike.wordpress.com

How to write a good e-mail

Over at the Blue Flavored Blog, Matt May has some good advice on how to write an e-mail that'll get you results. His advice on structuring your e-mail for action is key.

    Make your requests clear. You should set them apart from the rest of the message by paring them down to one sentence, with white space before and after. Make lists with dashes, asterisks, or bullets if you use HTML email. Closed-ended (yes or no, this or that) questions are preferred; open-ended questions can get long and involved, reducing their overall relevancy and the likelihood that you'll get the response you desire.

Source From Al & Mike News http://alandmike.wordpress.com

Mergers may be next trend for big Internet companies

Speculation is rife on Wall Street that a big Internet deal or alliance is in the works, with Google, Yahoo, eBay or Microsoft as possible partners — and a Yahoo-eBay partnership seen as most likely.

"A partnership or merger between eBay and Yahoo! is the most strategically feasible," a report authored by analyst Imran Khan and the JP Morgan Internet team said on Monday.

"A combined company would have the leading position in auctions, communications, payments, graphical advertising, audience reach, and geographic breadth," the report said.

Silicon Valley insiders, high-tech bankers and financial analysts are giving new credence to potential merger deals, which fly in the face of common wisdom that the Internet's rapid growth has always outweighed the logic of consolidation.

But Internet growth is slowing and competition among the biggest companies — Google Inc., Yahoo Inc. (Nasdaq:YHOO – news), eBay Inc. and Microsoft Corp. — is intensifying.

EBay stock is down 30 percent on the year. Yahoo is off 20 percent and Google down 10 percent.

Google, which nearly doubled its revenues last year, is expected to grow 62 percent this year. EBay is seen growing 30 percent, down from 50 percent two years ago, and Yahoo's growth is slowing at a similar pace.

EBay spokesman Hani Durzy said the company works very closely with all the major Web search providers — Google, Yahoo and Microsoft, but he declined to comment on any potential Yahoo tie-up.

EBay is one of the world's biggest buyers of Web search terms. It manages a portfolio of 15 million keywords on different search sites aimed at wooing bidders.

"We don't comment on rumors and speculation," Durzy said. "We are talking to Yahoo and other companies all the time as part of our normal course of business."

Yahoo was not immediately available to comment.

The 56-page JP Morgan report weighs other scenarios, including the possibility that Microsoft Corp.'s MSN Internet unit would strike a partnership with Yahoo. Google is viewed as likely to sit out big mergers and continue to go it alone, Imran argues, a view that many Wall Street analysts share.

Investors worry that gains by these companies are likely to come at the expense of one another, rather than through Internet expansion, driving shares down this year.

Microsoft shares are off 12 percent so far in 2006, hit by product delays as well as a recent move by the company to step up investment to better compete with Google and Yahoo.

GOOGLE'S SPECTER DRIVES MERGER TALK

Market share gains by Google are most frequently said to be driving the talk of partnerships or mergers.

On May 3, the Wall Street Journal newspaper carried a story that Microsoft's MSN unit was planning a stop-Google strategy by seeking to buy a stake in Yahoo.

Last week, Yahoo Chief Executive Terry Semel confirmed that his company had been approached by Microsoft to buy a piece of Yahoo's search business. He ruled out a deal for what he viewed as a centerpiece of Yahoo's strategy to sell Web advertising.

"I will not sell a piece of search — it is like selling your right arm while keeping your left; it does not make any sense," Semel said in a public forum in New York last week where he was interviewed by The New Yorker magazine writer Ken Auletta.

He dismissed an outright merger between Microsoft and Yahoo, saying, "That conversation has never come up."

"For me the most interesting alignment would be putting together Yahoo and eBay," said analyst Scott Devitt of brokerage Stifel Nicolaus, but he cautioned: "These things tend to be discussed often and rarely occur."

The strengths of Yahoo and eBay are seen as complementary, with Yahoo in media and eBay in e-commerce. Yahoo's foreign strength is in Asia and eBay's is in Europe.

The most compelling scenario is an alliance where eBay uses Yahoo search to drive consumers to eBay auctions, Devitt said.

In return, Yahoo could take advantage of assets such as eBay's PayPal online payments franchise and the vast Skype Web telephone audience that eBay has acquired, he said.

EBay must tread carefully, however, so that it does not cut off ties to Google. As the world leader in Web search, eBay depends on Google search referrals for an increasing amount of its audience.

"I don't particularly find eBay in a position of power," Devitt said. "EBay needs its relationship with Google."

Source From Al & Mike News http://alandmike.wordpress.com

New Yahoo Messenger Worm Hijacks Internet Explorer

There is a new worm making the rounds, targeting the popular Yahoo Messenger application with the purpose of hijacking PCs and installing malicious software on them.

Experts at FaceTime Security Labs discovered the worm two weeks ago using a "honeypot" trap set up to monitor the activity of viruses, Trojans, and other malicious software.

The worm, dubbed Yh032.explr, marks the first time that researchers have encountered malicious software that installs its own Web browser on a PC without the user's permission.

"This is one of [the] oddest and more insidious pieces of malware we have encountered in years," said Tyler Wells, senior director of research at FaceTime. "This is the first instance of a complete Web browser hijack without the user's awareness. Rogue browsers seem to be the hot new thing among hackers."

Taking the Bait

Security experts have said that the worm is particularly dangerous because the browser it installs uses the same icon as authentic versions of Internet Explorer. When users click on the faux icon, they are taken to a site that installs spyware on their computers. The phony browser has no uninstaller.

In addition to hijacking Internet Explorer's home-page setting, the worm plays a music loop that cannot be stopped when infected computers are rebooted.

That it looks like Internet Explorer definitely makes it more dangerous, said Rob Ayoub, an analyst at Frost & Sullivan. "If users are not technically savvy, there is a good chance that they will not recognize very quickly that it is not Internet Explorer."

Once installed, the worm accesses the Yahoo Messenger contact list on the infected PC and sends itself to every address on the list.

Caution: Malware Ahead

Natalie Lambert, an analyst at Forrester Research, said that the worm underscores the fact that malicious software is no longer distributed primarily through e-mail.

"People have to treat instant messaging as they have been taught to treat e-mail — with suspicion — and not open suspicious attachments," she said. "We have to start applying what we have learned with e-mail to these other applications."

Lambert said that, while the worm currently only threatens users of Yahoo Messenger, computer users should expect to see similar worms targeting other instant-messaging software.

"We have all been taught not to open suspicious attachments in e-mail," she said. "Even if the [links or attachments] come from someone we know, pick up the phone and say, 'I wasn't expecting this attachment. Did you mean to send it to me?'"

Source From Al & Mike News http://alandmike.wordpress.com

AP Unveils Deal to Tie Stories to Blogs

The Associated Press announced two agreements Tuesday — one that will tie its news stories to the rapidly growing world of blogs and another that will help guide readers to newspaper Web sites. Under the first, Technorati Inc., the leading search engine for blog postings, will provide links to blogs that cite AP stories. The AP also will assist search engine Topix.net, controlled by three major newspaper companies, in sending readers directly to the sites of newspapers when stories in the AP report are based primarily on material from those members. The deals highlight efforts by AP, a not-for-profit cooperative owned by U.S. news organizations, to help member newspapers and broadcasters in a world where many people get their news from the free-wheeling and chaotic Web. Technorati will search blogs for postings that include links to AP stories. Links to those postings will be available along with the original AP stories on 440 member Web sites served by AP Hosted News, a service that uses AP servers to display AP content on member sites. There also will be a box featuring the "Top Five Most Blogged About" AP stories. Clicking on the links takes the reader to a Technorati page listing the relevant blogs. Revenue from ads on the page will be shared by Technorati and the AP, but the revenue is not expected to cover more than the cost of the project, said Kristie Bouryal, AP's deputy director of online for U.S. newspapers. Web sites that keep AP content on their own servers are not part of the program. Sites with AP hosted content also may opt out if they wish. Bouryal said the AP hopes members will apply the Technorati service to their own stories, not just AP material. The Washington Post and Newsweek, both owned by Washington Post Co., already have similar arrangements with Technorati. Privately owned Technorati says it tracks 40.7 million blogs, with a new blog created every second. Most of AP's stories are written by its own journalists, and not based on stories in member newspapers. But the second deal with Topix, a Palo Alto-based company 75 percent controlled by Gannett Co., Knight Ridder Inc. and Tribune Co., is an attempt to address a common complaint among newspapers when AP stories are based on material from their stories. Most search engines display many copies of these AP stories, each from a different Web site served by AP. Topix.net will display a link to the original story on which the AP dispatch was based — as it appears on the Web site of the newspaper that contributed it to begin with. Right now search engines send users "somewhat randomly" to various sites, said Jane Seagrave, AP's vice president of new media. "The truth is there are not that many of us who are breaking news anymore, that have people on the ground … the whole notion here is to spotlight those who are real content creators and not make news such a generic commodity on the Web," Seagrave said. AP's arrangement will run for 15 months with Topix, which also agreed to license AP online content for its site, Seagrave said. S.W. "Sammy" Papert, head of newspaper consulting firm Belden Associates in Dallas, said the major papers would likely be quite interested in Topix's ability to steer a national audience to their Web sites. However, local newspapers derive most of their revenue from local advertising, and may be less interested in increasing exposure to Web surfers outside their coverage area. Despite its large media company owners, Topix lags well behind the Internet's most popular news sources. Yahoo Inc. (Nasdaq:YHOO – news)'s site, which links to news stories from the AP and other news organizations, is the top news destination, attracting 25.7 million unique U.S. visitors in April, followed by Time Warner Inc.'s CNN at 23.7 million visitors and MSNBC at 23.2 million, according to research firm Nielsen/NetRatings Inc. Topix ranked 29th at 2.7 million visitors, Nielsen/NetRatings said.

Source From Al & Mike News http://alandmike.wordpress.com

New Trojan targets Word

Microsoft Word users should be extra careful about the files they download because hackers are exploiting an unpatched vulnerability in the popular word-processing software.

On Thursday, security vendor McAfee warned users of a new Trojan program, called BackDoor-CKB!cfaae1e6, that secretly installs software on a computer. For the Trojan to work, however, hackers must first trick users into opening a malicious Word document. Once that has been done, though, the results can be nasty.

Unlike viruses and worms,Trojan programs do not make copies of themselves that keep spreading throughout the Internet. Hackers directly distribute the programs, which are often disguised as useful or interesting downloads.

Once installed, the malware lets hackers "execute any external commands, download additional Trojans, capture desktop screen shots, monitor and record keystrokes or passwords," McAfee said in a statement on its Web site.

Symantec has confirmed that hackers are circulating the malware via malicious Word document e-mail attachments. But at present its use is "limited to attacks against select targets," Symantec said in a note on its DeepSight threat analysis service.

The attack originated in Asia and targets "specific large organizations," Symantec said, adding that it has seen similar targeted attacks in the past which also took advantage of flaws in Microsoft Office applications.

The attackers behind the Trojan may be operating from China or Taiwan, according to Johannes Ullrich,CTO of the SANS Internet Storm Center. Servers associated with the attack have been traced back to those countries, and researchers have found Chinese characters in the malicious Word document, Ullrich said.

One company — an unnamed government contractor that reported details of its attack to SANS — said that the malicious e-mail had been sent to only one person in its organization, and had been written to resemble a normal inter-office message, Ullrich said.
"The exploit was quite sophisticated," he said. "None of the anti-virus systems that they used caught it."

Ullrich said he did not know what the attackers' ultimate goal may be, but they can snoop on data or install unauthorized software once the Trojan gets installed. "It opened up a remote connection to a Web site in China that would have allowed it to remotely control [the infected computer]," he said.

SANS has published a number of tips on how to avoid this type of attack. The security training organization recommends that companies limit users' privileges and monitor outbound traffic. It also suggests that companies think about quarantining all attachments for six to 12 hours in order to give the anti-virus vendors time to catch up with new threats.

Because users must download the malicious software in order to become infected, McAfee rates the risk of the Trojan as "low."

The vulnerability affects Microsoft Word XP and Word 2003, but does not work on computers that use the Word Viewer to view documents, according to Microsoft. Word Viewer is software that lets users read Word documents without installing the Word software.

Microsoft is testing a fix for the Word vulnerability and expects to release this as part of its next round of monthly security patches, which are scheduled to be released on June 13.