This week in security

The prospect of finding a safe haven on the Net continues to be remote. The latest Sober worm spread rapidly earlier this week, making up about two-thirds of virus traffic on the Internet.

As of Tuesday, Sober.P accounted for 77 percent of all viruses detected by Sophos' threat-monitoring stations worldwide, the British security company said. At the same time, Kaspersky Lab, a Russian maker of antivirus software designed to combat such threats, described the worm's spread in Western Europe as an "epidemic."

Variants of Sober have been circulated since 2003, hitting corporate and home systems. The mass-mailing worm has continued to spread because people still open attachments in infected e-mail, despite warnings not to do so.

Meanwhile, phishers are increasingly using new methods to steal sensitive information from Internet users, according to data from Websense Security Labs. In recent months, Websense researchers detected a rise in schemes involving malicious programs known as keyloggers, according to a report released this week.

		News.blog Security Get our reporters' take on what's happen- ing with malware and scam prevention.

The technology, which records the keystrokes of people using infected machines, could be designed to help phishers stay one step ahead of honest folk. In the past, attackers have relied mainly on e-mail messages that lure victims to malicious Web sites, where they are duped into disclosing the login information they use at banking sites and for other sensitive online accounts. The keylogger programs are built specifically to capture this login data and send them to the attackers.

Sensitive information can also be leaked by people you might think would know more about protecting it. Experts are warning people to be careful with electronic documents that contain sensitive data, after a breach in which classified U.S. military information thought to be blacked out in a PDF document was made visible.

The document in question was a report written after an investigation into the death of Italian citizen Nicola Calipari at a checkpoint in Iraq. It contains both classified and unclassified information about what happened at the traffic control points in Baghdad on March 4, the day of the incident.

Portions of the document had been blacked out by electronic means. But apparently it was possible for outsiders to copy and paste the blacked-out sections into another file--and see the text that had been hidden.