The latest variant of the Sober worm is aiming for the top virus of theyear spot, with a staggering one in 14 e-mails circulated on theInternet containing it as of Monday morning, according to the antivirusvendor Sophos PLC.Around 85 percent of all viruses reported to Sophos are what thecompany calls Sober-Z, up from around 60 percent last week, said GrahamCluley, senior technology consultant. Right now, Sober-Z ranks as thethird most prevalent virus for the year, behind Netsky-P in first andZafi-D as No. 2, he said.“It isn’t slowing down,” Cluley said. “At the moment, it’s getting worse.”It first appeared around Nov. 22 using several forms of socialengineering to trick users into executing the attachment. Messagespurporting to be from the U.S. Federal Bureau of Investigation warnrecipients that they have been visiting illegal Web sites and ask themto read a list of attached questions. Other versions pretend to be from the U.S. Central Intelligence Agencyor offer video clips of Paris Hilton and Nicole Richie from the TV show”The Simple Life.” While most antivirus vendors have updates that canremove the worm, the “clever” social engineering ploys are stilleffective, Cluley said.“I think the problem is there are some people who simply don’t haveprotected computers and are spewing this out to other people,” he said. The worm, which is believed to have originated in Germany, scans harddrives for e-mail addresses and also tries to shut off securitysoftware, according to Sophos.By Jeremy Kirk – IDG News Service (London Bureau) Related content news Okta launches Cybersecurity Workforce Development Initiative New philanthropic and educational grants aim to advance inclusive pathways into cybersecurity and technology careers. By Michael Hill Oct 04, 2023 3 mins IT Skills IT Skills IT Skills news New critical AI vulnerabilities in TorchServe put thousands of AI models at risk The vulnerabilities can completely compromise the AI infrastructure of the world’s biggest businesses, Oligo Security said. By Shweta Sharma Oct 04, 2023 4 mins Vulnerabilities news ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code NCC Group report claims machine learning models show strong promise in detecting novel zero-day attacks. By Michael Hill Oct 04, 2023 3 mins DevSecOps Generative AI Vulnerabilities news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe