Common Malware Enumeration (CME) - Industry News Coverage (2006 Archive)

Industry News Coverage (2006 Archive)

Below is a comprehensive monthly review of the news and other media's coverage of CME. A brief summary of each news item is listed with its title, author (if identified), date, and media source.

June 2006

IEEE Distributed Systems Online, June 2006

CME was mentioned in an article about security standards efforts entitled "Functionality Meets Terminology to Address Network Security Vulnerabilities" in the June 2006 issue of IEEE Distributed Systems Online. The main focus of the article is the success of the Common Vulnerabilities and Exposures (CVE) standard and of the U.S. National Vulnerability Database (NVD), which is built upon CVE identifiers.

CME is mentioned in a section entitled "New efforts round out the landscape" as a follow-on standards effort that is attempting to "standardize virus nomenclature" by providing single, common identifiers to virus threats to reduce public confusions during malware outbreaks and to facilitate the adoption of a shared, neutral indexing capability for malware. The article concludes with a quote by CVE Compatibility Program Lead Robert A. Martin who comments on the purpose behind these other information security standards efforts: "People are so used to selecting the vendor and that's kind of the core they build out from. What we want them to do is get married to enabling standards and then build around that."

The article was written by Gary Goth. CME, CVE, and NVD are sponsored by the U.S Department of Homeland Security.

May 2006

Computer Knowledge, May 7, 2006

CME was mentioned in a May 7, 2006 article in the "Virus Tutorial" section of the Computer Knowledge Web site entitled "Virus Names." The main topic of the article is the assignment of virus names. CME is mentioned as follows: "A new site to try to correlate malware names: CME - Common Malware Enumeration CME provides single, common identifiers to new virus threats to reduce public confusion during malware outbreaks. CME is not an attempt to solve the challenges involved with naming schemes for viruses and other forms of malware, but instead aims to facilitate the adoption of a shared, neutral indexing capability for malware."

PC Magazine, May 3, 2006

CME was mentioned in a May 3, 2006 article in PC Magazine entitled "Name That Virus." The main topic of the article is the assignment of virus names. CME is mentioned when the author states: "A recent system aims to cut through the confusion. The Common Malware Enumeration (CME) Project assigns a random identifier to major threats to help responders unify on a name. Rather than Blackmal, Nyxem, or KamaSutra, responders used CME-24 to talk about that virus." The article was written by Robert Lemos.

SecurityFocus, May 2, 2006

CME was mentioned in a May 2, 2006 article entitled "Malware analysis reveals families of code" on SecurityFocus.com. The main focus of the article is a project by Sabre Security to automate the process of "classifying malicious software," which found that of the "two major [malware code] families, the most distant relatives were 75 percent and 58 percent similar. If the latter cluster were divided, it could form two families that were at least 90 percent similar . . . " The study further found that "several threats identified by different names among antivirus vendors are, in fact, very similar."

CME is mentioned in the conclusion of the article when the author states: "The plethora of names for some high-profile viruses and malicious code has caused confusion in the past, though the Common Malware Enumeration project aims to assign IDs to a small number of threats to aid responders." The article is written by Robert Lemos.

April 2006

InternetWeek, April 5, 2006

CME was mentioned in an April 5, 2006 article in InternetWeek entitled "Microsoft: Our Bugs Aren't The Only Problem." The main focus of the article is how "Attacks that rely on "social engineering" tricks to fool users into visiting malicious Web sites are just as dangerous as any that exploit software vulnerabilities." CME is mentioned as an alias in a quote by Matt Braverman, a program manager with Microsoft's Anti-Malware Technology Team, when discussing the affects of the "MyWife.e worm (aka CME-24), which [Microsoft] removed from approximately 40,000 computers in February." Details about CME-24 and all CME identifiers are available on the CME List. The article was written by Gregg Keizer.

March 2006

Arbor Networks Web Site, March 27, 2006

CME was the main topic of a March 27, 2006 news release from Arbor Networks entitled "Arbor Networks Joins MITRE's Common Malware Enumeration (CME) Editorial Board." The release describes what CME is, notes the main purpose of CME is to facilitate the adoption of a shared neutral indexing capability for malware, and describes the role of the CME Editorial Board.

The release includes a quote from senior security engineer and worm researcher at Arbor Networks, Jose Nazario, who states: "Arbor Networks is excited to work with the anti-virus community, MITRE and US-CERT to address the many challenges in fighting malware threats today. CME will become a vital component of any timely, complete anti-malware solution, and we're proud to offer a unique, network-centric perspective to the board to help better define malware that threatens enterprise networks daily."

Arbor Networks is a member of the CME Editorial Board and the CME Sample Redistribution Group.

eWeek, March 10, 2006

CME was the main topic of a March 10, 2006 opinion column in eWeek entitled "CME Malware Naming System Never Had a Chance." The article discusses some of the challenges CME has faced in the first six months of its launch, notes the main purpose of CME is to facilitate the adoption of a shared neutral indexing capability for malware, and mentions the extensive media coverage that used CME-24 as a shared index point for that threat. Details about CME-24 and all CME identifiers are available on the CME List. The article was written by Larry Seltzer.

eWeek, March 10, 2006

SecurityFocus, March 9, 2006

CME was the main topic of a March 9, 2006 article in SecurityFocus entitled "Virus names likely a lost cause." The article notes the main purpose of CME as a shared neutral indexing capability for malware and discusses some of the challenges CME has faced since its launch in October 2005. The article also references CME-24 in a quote by CME Technical Lead Desiree Beck, who states: "In general, CME-24 was implemented very successfully--the majority of the antivirus companies were using it right away and it was picked up by various advisory organizations." Details about CME-24 and all CME identifiers are available on the CME List. Symantec is the owner of SecurityFocus and is a founding member of the CME Editorial Board and the CME Sample Redistribution Group and is listed on the Products and Services Including CME Identifiers page. The article was written by Robert Lemos.

SCMagazine, March 3, 2006

CME-24 was mentioned in a March 3, 2006 article in SCMagazine entitled "Worms turn to top malware threat list." The article describes the threat and the potential damage it could cause and mentions CME-24 as one of the aliases. Details about CME-24 and all CME identifiers are available on the CME List. The article was written by William Eazel.

CAIDA Web Site, March 2, 2006

CME-24 was the main topic of a March 2, 2006 article on the Cooperative Association for Internet Data Analysis (CAIDA) Web site entitled "The Nyxem Email Virus: Analysis and Inferences." The article describes the threat, analyzes how it spread and where, and states that because of the coverage the issue received "Nyxem provided a relatively rare opportunity to get an in-depth look at the global spread of an otherwise mundane email virus." CME-24 is included as an alias for the threat. The CME List is also used a source for aliases when the authors provide background information on the threat under discussion: "Virus Name: This virus has at least 17 names in active use." The article was written by David Moore and Colleen Shannon.

Secure Enterprise Magazine, March 1, 2006

CME-24 was the main topic of a March 1, 2006 article in Secure Enterprise Magazine entitled "All the Rage: Kama Sutra: More Hype Than Heat." The article describes the threat and the potential damage it could cause and mentions CME-24 as one of the aliases. Details about CME-24 and all CME identifiers are available on the CME List. The article was written by Joanne VanAuken.

February 2006

WABC-AM Web Site, February 8, 2006

CME-24 was the main topic of a February 8, 2006 article on WABC-AM Web site entitled "Security Researchers Worry That Variations on Computer Worm Moniker May Confuse Consumers." The article describes the threat using CME-24 as its name and calling it the "official name" for the threat. The article also describes what CME is and isn't and includes a link to the CME Web site. Details about CME-24 and all CME identifiers are available on the CME List.

PC Magazine, February 7, 2006

CME-24 was the main topic of a February 7, 2006 article on PC Magazine entitled "Security Watch: Blackworm Blows Up On Friday." The article rates anti-virus vendor response times to the threat and mentions CME-24 as one of the aliases. Details about CME-24 and all CME identifiers are available on the CME List.

Fox News, February 6, 2006

CME-24 was the main topic of a February 6, 2006 article on FoxNews.com entitled "File-Destroying Computer Worm Fizzles Out." The article describes the threat using CME-24 as its name and discusses the amount of damage it caused. Details about CME-24 and all CME identifiers are available on the CME List.

ZDNet Asia, February 6, 2006

CME-24 was the main topic of a February 6, 2006 article on ZDNet Asia entitled "Kama Sutra worm hype may bite back." The article describes the threat using CME-24 as its name and discusses the amount of damage it caused. The article was written by Joris Evers. Details about CME-24 and all CME identifiers are available on the CME List.

'24-Hour Technology News' Section of Sacramento Bee Web Site, February 4, 2006

CME-24 was the main topic of a February 4, 2006 article on the '24-Hour Technology News' section of the Sacramento Bee newspaper Web site entitled "Computer worm causes little damage." The article describes the threat using CME-24 as its name and calling it the "official name" for the threat. The article also discusses the amount of damage it caused. Details about CME-24 and all CME identifiers are available on the CME List. The article was written by Anick Jesdanun.

Washington Post, February 4, 2006

CME was the main topic of a February 4, 2006 "Security Fix" column on WashingtonPost.com entitled "Virus Naming Still a Mess." The article mentions CME-24 and describes the threat and the potential damage it could cause, and notes many of its aliases. The article also describes what CME is and isn't, mentions the problems that use of CME's common identifiers will solve, discusses the challenges the initiative faces as a community initiative in assigning identifiers, and provides a link to the CME Web site. The article was written by Brian Krebs. Details about CME-24 and all CME identifiers are available on the CME List.

Comcast.net, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article on the 'Technology News' section Comcast.net entitled "Researchers Fear Confusion on Worm Name." The article describes the threat using CME-24 as its name and calling it the "official name" for the threat. The article also describes what CME is and isn't, notes that the effort is sponsored by the U.S. Department of Homeland Security, and provides a link to the CME Web site. Details about CME-24 and all CME identifiers are available on the CME List. The article was written by Anick Jesdanun.

BBC News, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article on BBCNews.com Web site entitled "'Limited' damage from Nyxem virus." The article describes the threat using CME-24 as its name and discusses the amount of damage it caused. Details about CME-24 and all CME identifiers are available on the CME List.

NEWSxPC.com, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article on NEWSxPC.com entitled "As Promised, Blackworm Strikes." The article describes the threat using CME-24 as its name and discusses the amount of damage it caused. Details about CME-24 and all CME identifiers are available on the CME List.

News 14 Carolina Web Site, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article on News 14 Carolina Web site entitled "Computer worm causes little damage." The article describes the threat using CME-24 as its name and discusses the amount of damage it caused. Details about CME-24 and all CME identifiers are available on the CME List. The article was written by Glenn Belin.

AOL News, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article on AOL News Web site entitled "Worm May Damage Files on Feb. 3rd." The article describes the threat and mentions CME-24 as one of the aliases. Details about CME-24 and all CME identifiers are available on the CME List. The article was written by Anick Jesdanun.

Castle Cops Web Site, February 3, 2006

CME-24 was the main topic of a brief February 3, 2006 article on the Castle Cops Web site entitled "Beware!: CME-24 targets Feb 3rd Strike Date." The article describes the threat and mentions CME-24 as one of the aliases. Details about CME-24 and all CME identifiers are available on the CME List.

Lexington Herald-Leader, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article in Kentucky's Lexington-Herald Leader newspaper entitled "Worms' many aliases can confuse consumers." The article describes the threat using CME-24 as its name and calling it the "official name" for the threat. The article also describes what CME is and isn't and notes that the effort includes a link to the CME Web site. Details about CME-24 and all CME identifiers are available on the CME List.

CIO Today, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article on CIO Today entitled "Kama Sutra Worm Not as Damaging as Expected." The article describes the threat and mentions CME-24 as one of the aliases. Details about CME-24 and all CME identifiers are available on the CME List.

ZDNet Asia, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article on ZDNet Asia entitled "Kama Sutra to be a painless affair?" The article describes the threat and mentions CME-24 as one of the aliases. The article was written by Vivian Yeo. Details about CME-24 and all CME identifiers are available on the CME List.

InternetNews.com, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article in a "Security" column on InternetNews.com entitled "As Promised, Blackworm Strikes." Throughout the article the author uses CME-24 to reference the threat and when discussing the potential damage it could cause. The article was written by Sean Michael Kerner. Details about CME-24 and all CME identifiers are available on the CME List.

MSNBC, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article on MSNBC entitled "What's in a virus name? A lot of confusion." The article describes the threat using CME-24 as its name and calling it the "official name" for the threat. The article also describes what CME is and isn't, mentions that the CME Web site was launched in October, and notes that the effort is sponsored by the U.S. Department of Homeland Security. Details about CME-24 and all CME identifiers are available on the CME List.

Yahoo News, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article on Yahoo News entitled "Researchers Fear Confusion on Worm Name." The article describes the threat using CME-24 as its name and calling it the "official name" for the threat. The article also describes what CME is and isn't, and notes that the effort is sponsored by the U.S. Department of Homeland Security. The article was written by Anick Jesdanun. Details about CME-24 and all CME identifiers are available on the CME List.

Turk.Internet.com, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article on Turk.Internet.com entitled "ve.. Nyxem Vurdu.. Toplam 600.00 PC'yi." The article describes the threat and mentions CME-24 as one of the aliases. The article was written by Sean Michael Kerner. Details about CME-24 and all CME identifiers are available on the CME List.

WCCO TV Web Site, February 3, 2006

CME-24 was the main topic of a February 3, 2006 article on WCCO TV Web site entitled "Hong Kong Resists New Data Worm." The article describes the threat and the potential damage it could cause to Asian financial markets and mentions CME-24 as one of the aliases. Details about CME-24 and all CME identifiers are available on the CME List.

Yahoo News, February 2, 2006

CME-24 was the main topic of a February 2, 2006 article on Yahoo News entitled "Researchers Warn of File-Destroying Worm." The article describes the threat using CME-24 as its name, notes the potential damage it could cause, and mentions some other aliases. The article was written by Anick Jesdanun. Details about CME-24 and all CME identifiers are available on the CME List.

Fox News, February 2, 2006

CME-24 was the main topic of a February 2, 2006 article on FoxNews.com entitled "Computer Worm Threatens Major Destruction Friday." The article describes the threat using CME-24 as its name, notes the potential damage it could cause, and mentions some other aliases. Details about CME-24 and all CME identifiers are available on the CME List.

CNET News.com, February 2, 2006

CME-24 was the main topic of a February 2, 2006 article on CNET News.com entitled "A CNET FAQ on the Kama Sutra worm." The article describes the threat and the potential damage it could cause and mentions CME-24 as one of the aliases. The article was written by Robert Vamosi. Details about CME-24 and all CME identifiers are available on the CME List.

Le Monde, February 1, 2006

CME-24 was the main topic of a February 1, 2006 article in Le Monde entitled "Le virus CME-24 menace des centaines de milliers d'ordinateurs." The article, written in French, describes the threat and the potential damage it could cause, and mentions several aliases. The author also uses CME-24 throughout the article to reference the threat. The article was written by Stéphane Foucart. A fee may be required to read this article. Details about CME-24 and all CME identifiers are available on the CME List.

Microsoft Certified Professional Magazine Online, February 2006

CME was the main topic of a February 2006 "Security Watch" column on Microsoft Certified Professional Magazine Online entitled "Opinion: Overblown Malware Threats: The New Reality?" Throughout the article the uses CME-24 to reference the threat, public reaction to it, and when discussing the potential damage it could cause. The article was written by Russ Cooper. Details about CME-24 and all CME identifiers are available on the CME List.

January 2006

Boston Globe, January 31, 2006

CME was mentioned in a January 31, 2006 article in the Boston Globe entitled "Researchers warn of file-destroying worm." CME is mentioned in a quote by Mikko Hypponen, chief research officer for F-Secure Corporation, who states: The worm, known as "CME-24," "BlackWorm," "Mywife.E" or a number of other monikers, even tries to disable anti-virus software that is out of date." F-Secure is a member of the CME Editorial Board and the CME Sample Redistribution Group. The article was written by Anick Jesdanun. Details about CME-24 and all CME identifiers are available on the CME List.

SANS News Bites, January 31, 2006

CME-24 was mentioned at the first topic in the January 31, 2006 edition of the SANS News Bites e-newsletter in a statement by SANS Institute director, and OVAL Board member, Alan Paller: "The CME-24 worm is really as bad as the news stories make it out to be. SANS Internet Storm Center has records of more than 300,000 victims. If their ISPs don't let them know about the problem they will lose most of their key files. This may be a good chance to see whether the courts will find ISPs and other network owners liable for not protecting their customers when they knew in advance that the customers' data was at risk." CME-24 was also the main topic of a brief article in the issue entitled "UK ISP Notifying Users Who May be Infected by CME 24." Details about CME-24 and all CME identifiers are available on the CME List.

BBC News, January 30, 2006

CME-24 was mentioned in a January 30, 2006 article on BBCNews.com entitled "Countdown for Windows virus." The article describes the threat and the potential damage it could cause and mentions CME-24 as one of the aliases. Details about CME-24 and all CME identifiers are available on the CME List.

ZDNet.com, January 26, 2006

CME-24 was mentioned in a January 26, 2006 article on ZDNET.com entitled "Kama Sutra prevention and cure." The article describes the threat and the potential damage it could cause and mentions CME-24 as one of the aliases. The article was written by Robert Vamosi. Details about CME-24 and all CME identifiers are available on the CME List.

Virus Bulletin, January 1, 2006

CME was mentioned in an article abstract entitled "Ally in our defences" on Virus Bulletin. CME is mentioned when the author states: "Two details we find valuable that are often missing from virus information are alias names and timestamps that reflect data changes. Providing alias names on all threats would allow the group that provides our monitoring service to correlate the information amongst vendors more easily. We are not suggesting that vendors provide every single alias name available, but provide at least a fair sampling. Of course having a Common Malware Enumeration (CME-ID) identifier for all threats would be the optimum situation. When vendors use a timestamp to reflect changes to their write-ups, we can peruse their sites more easily. Because we seek so much information, we need to be able to find new information quickly, without having to re-read the original details." This January 1, 2006 opinion article was written by Jeannette Jarvis of Boeing Company.