"Somewhere--perhaps in the United States, but more likely, somewhere in China--a man walks out of a nondescript building, casts his eyes upon the urban landscape around him after spending an eight-hour day staring at a computer screen, and lights a cigarette.
He does not know his bosses by name or by face; he knows only that he is paid, and paid pretty well, for his research. Like a legitimate computer-security researcher, he uses automated testing tools against Microsoft Office software, probing for buffer overflows, pointer errors or negative integers in Word, Excel and PowerPoint. Unlike a legitimate security professional, he does not report what he finds to Microsoft.
Instead, either he or his bosses will use this information for corporate espionage, to create what's called a zero-day attack, using targeted Trojan horses that exploit an unpublished flaw."
Click on the link below for the full article:
http://news.zdnet.com/2100-1009_22-6098229.html
No comments:
Post a Comment