Home    News Archive    Translate Traducen
News January 2007
31 January 2007

Guides, Papers, etc
www.f-secure.com:
Take Your Virtual Gold Somewhere Else. Read more

www.viruslist.com:
Ticket site infected by Trojan-Downloader. Read more

isc.sans.org:
New? Microsoft word vulnerability used as vector in targeted attacks. Read more

honeyblog.org:
German Stock Spam. Read more

www.avertlabs.com:
Offers from the Bot Economy. Read more

www.cs.auckland.ac.nz:
A Cost Analysis of Windows Vista Content Protection. Read more

www.thestar.com:
Vista's legal fine print raises red flags. Read more

blogs.securiteam.com:
Coca-Cola Singapore, Nokia Canada defaced. Read more

www.securityfocus.com:
The New Vista Waiting Game. Read more

www.theregister.co.uk:
Firefox 2.0: happier browsing, but secure? Read more

www.2-spyware.com:
Don’t get into a panic when you see this. Read more

www.microsoft-watch.com:
The Saga of HTML Message Rendering in Outlook. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
phpGraphy Zend_Hash_Del_Key_Or_Index Underlying PHP Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Sun Java System Access Manager Input Validation Holes in 'goto' and 'gx-charset' Parameters Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
GuppY Error Handling Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Cisco Catalyst Switch Lets Remote Users Deny Service With Specially Crafted VTP Packets. Read more

 

News
news.zdnet.co.uk:
Phishing overtakes viruses and Trojans. Read more

www.vnunet.com:
Adware funders fined for malware contributions. Read more

www.technewsworld.com:
Sony Settles Secret Spyware Suit. Read more

www.wired.com:
Tracking the Russian Scammers. Read more

www.betanews.com:
IBM Also Reinvents the Transistor. Read more

news.bbc.co.uk:
Vista is 'more secure' says Gates. Read more

opinion.zdnet.co.uk:
Tracking e-crime. Read more

www.darkreading.com:
US Military Roadmap: 'Fight the Net'. Read more

www.itnews.com.au:
Sophos takes the fun out of work. Read more

30 January 2007

Guides, Papers, etc
www.alex-ionescu.com:
Update on Driver Signing Bypass. Read more

www.avertlabs.com:
The frustration of bot fighters. Read more

kb.iu.edu:
Known problems with Windows Vista at IU. Read more

arstechnica.com:
Microsoft files for patent on "modular operating system". Read more

www.viruslist.com:
Is your SatNav device backdoored? Read more

www.darkreading.com:
Seven Ways to Be Mistaken For a Spammer. Read more

www.darkreading.com:
Farewell, Mr. 'Don't Need No Antivirus'. Read more

www.darkreading.com:
A Free Database Scanner. Read more

www.twit.tv:
KFI Tech Guy 322. Read more

 

News
www.securityfocus.com:
Vista raises the bar for flaw finders. Read more

www.securityfocus.com:
Microsoft warns over fourth Word flaw. Read more

www.wcax.com:
State computer hacked, thousands at risk. Read more

www.computerworld.com:
Trojan code more common than Windows flaws. Read more

www.itweb.co.za:
Evasive Trojan spreads fast. Read more

blog.wired.com:
GoDaddy, Meet NoDaddy. Read more

pressesc.com:
Priceline, Travelocity, and Cingular fined for using adware. Read more

www.itwire.com.au:
Online banking users want more security. Read more

www.wired.com:
Was a Cybercrook for the FBI. Read more

today.reuters.co.uk:
South Korean duo arrested for 1.6 bln spam e-mails. Read more

www.itnews.com.au:
Spam made up 94 percent of all email in December. Read more

www.theregister.co.uk:
TomTom includes Trojans with satnav device. Read more

29 January 2007

Guides, Papers, etc
www.f-secure.com:
Virus in your car? Read more

isc.sans.org:
DNS security & new BIND releases. Read more

www.eweek.com:
Virtual Servers and Security. Read more

arstechnica.com:
Vista "upgrade" drops compliance checking, requires old OS to install. Read more

blog.wired.com:
Vista Anti-Virus Blues. Read more

www.usenix.org:
The Underground Economy: Priceless. Read more

www.cgisecurity.com:
The Cross-Site Request Forgery (CSRF/XSRF) FAQ. Read more

www.playingwithwire.com:
Why Gentoo Shouldn’t be on Your Server. Read more

blog.rightbrainnetworks.com:
Who Killed the Webmaster? Read more

www.our-picks.com:
Pro guide to Google searches. Part I. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
chmlib Page Block Length Validation Flaw Lets Remote Users Execute Arbitrary Code. Read more

 

News
today.reuters.com:
Internet to revolutionize TV in 5 years: Gates. Read more

www.betanews.com:
Intel Reinvents the Transistor. Read more

www.itnews.com.au:
ActiveX flaw could affect up to 70 apps. Read more

www.norwichbulletin.com:
Column: Teacher in porn case victim of own ignorance. Read more

www.norwichbulletin.com:
Norwich porn a fluke, expert says. Read more

passivemode.net:
Fraud Linked to TJX Data Heist Spreads. Read more

www.technewsworld.com:
A Long Year of Hackers Disrupting the Web. Read more

www.terra.net.lb:
Vista for home computers to make overdue debut. Read more

www.itnews.com.au:
Vista crack programs hiding malware. Read more

27 January 2007

Guides, Papers, etc
www.viruslist.com:
Vista vs. Viruses. Read more

www3.ca.com:
CA 2007 Internet Threat Outlook. Read more

www.internetnews.com:
Tracking The Malware Battle. Read more

blogs.securiteam.com:
Canada, UK etc. seeking tax cheats with special Web crawler. Read more

security.itworld.com:
Honeynets: Trapping attackers and naming names. Read more

googlewebmastercentral.blogspot.com:
A quick word about Googlebombs. Read more

www.darkreading.com:
Making Cents of Security. Read more

www.darkreading.com:
Microsoft's 'Secret' Security Summit. Read more

www.newsfactor.com:
Windows Vista: More Features, Better Defenses? Read more

www.itworldcanada.com:
The 10 all-time biggest scandals on the Internet. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Microsoft Word Unspecified Vulnerability Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
PGP Desktop Input Validation Flaw in PGPServ.exe/PGPsdkServ.exe Services Lets Local Users Gain LocalSystem Privileges. Read more

securitytracker.com:
InterScan VirusWall Buffer Overflow in 'libvsapi.so' May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
BIND Memory Deference Bug Lets Remote Users Crash the Name Server. Read more

securitytracker.com:
Check Point Connectra Integrity Clientless Security Lets Users Bypass the Scanning Function. Read more

securitytracker.com:
Check Point VPN-1 Integrity Clientless Security Lets Users Bypass the Scanning Function. Read more

 

News
www.theregister.co.uk:
Botnet 'pandemic' threatens to strangle the net. Read more

computersweden.idg.se:
Meeting the Swedish bank hacker. Read more

www.nytimes.com:
Online Nordic Banking Theft Stirs Talk of Russian Hacker. Read more

www.washingtonpost.com:
Hack, Pump And Dump. Read more

www.securityfocus.com:
MySpace tactics raise researcher's ire. Read more

www.securityfocus.com:
Fraud linked to TJX data heist spreads. Read more

www.theregister.co.uk:
Silence and 'scareware' epidemic at MySpace. Read more

www.itnews.com.au:
Muslix64 cracks Blu-ray copy protection. Read more

arstechnica.com:
European committee chair accuses Microsoft of hijacking the web. Read more

today.reuters.co.uk:
Rivals attack Vista as illegal under EU rules. Read more

26 January 2007

Guides, Papers, etc
blogs.securiteam.com:
Fyodor only gets 60 seconds warning? Read more

www.microsoft.com:
Fundamental Computer Investigation Guide for Windows. Read more

www.avertlabs.com:
The Google blacklist. Read more

silverstr.ufies.org:
Stolenidsearch.com ... are you crazy? Read more

www.eweek.com:
Our Printer Got Hacked?!?! Read more

ddanchev.blogspot.com:
Testing Anti Virus Software Against Packed Malware. Read more

www.technewsworld.com:
Secure Computing CEO McNulty: What Drives the Malware Industry? Read more

www.2-spyware.com:
Why updates are so important. Read more

windowsvistablog.com:
Security Features vs. Convenience. Read more

www.infoworld.com:
Security no matter what the OS. Read more

www.reconstructer.org:
Video: Manual unpacking and Auto-IAT fixing UPX and Aspack. Watch

www.reconstructer.org:
A Journey to the Center of the Rustock.B Rootkit. Read more

aolradio.podcast.aol.com:
Audio: Security Now 76: Your Questions, Steve’s Answers #15. Listen

 

Vulnerabilities & Exploits
securitytracker.com:
Symantec Web Security Input Validation Hole Permits Cross-Site Scripting and Denial of Service Attacks. Read more

securitytracker.com:
Cisco IOS ICMP, PIMv2, PGM, and URD IP Option Bug May Let Remote Users Execute Arbitrary Code. Read more

 

News
www.securityfocus.com:
Webroot disses Microsoft on spyware defense. Read more

news.com.com:
GoDaddy pulls security site after MySpace complaints. Read more

blog.wired.com:
GoDaddy Defends SecLists Takedown. Read more

www.nytimes.com:
Online Nordic Banking Theft Stirs Talk of Russian Hacker. Read more

news.bbc.co.uk:
Criminals 'may overwhelm the web'. Read more

www.networkperformancedaily.com:
The Strange Case of Ms. Julie Amero: Commentary by Mr. Herb Horner. Read more

blogs.pcworld.com:
Beware: Half of Pirated Vista Is Malware. Read more

www.newsfactor.com:
U.S. and China Top Malware Charts. Read more

www.theregister.co.uk:
Feds charge pump and dump hacker. Read more

www.theregister.co.uk:
UK police 'not prioritising cybercrime', Microsoft says. Read more

www.wired.com:
Tax Takers Send in the Spiders. Read more

www.darkreading.com:
Service Providers Team to Fight Spam. Read more

www.kanai.net:
The cost of monoculture. Read more

25 January 2007

Guides, Papers, etc
www.symantec.com:
Trojan.Peacomm: Building a Peer-to-Peer Botnet. Read more

www.symantec.com:
Trojan.Peacomm Part 2 – The Botnet Evolves. Read more

blogs.securiteam.com:
Apple: We have a fix for MOAB-01-01-2007! Read more

www.f-secure.com:
Of Love and Bills. Read more

www.2-spyware.com:
Figure it out first. Then take a decision. Not vice versa! Read more

sunbeltblog.blogspot.com:
Sunbelt Weekly TechTips #29. Read more

www.securitycadets.com:
VCodec2007, the “Wannabe a Zlob-installer”-fake codec. Read more

www.darkreading.com:
Even Terrorists Hack for Cash. Read more

www.darkreading.com:
How Security Helps HR. Read more

www.darkreading.com:
Q&A: 'Weld Pond' Talks Secure Software. Read more

news.zdnet.co.uk:
The Big Interview: Jerry Fishenden. Read more

resources.zdnet.co.uk:
Video: Torvalds on DRM and GPLv3. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Citrix MetaFrame Presentation Server Buffer Overflow in 'cpprov.dll' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
GTK2 Input Validation Error in GdkPixbufLoader() Lets Remote Users Deny Service. Read more

securitytracker.com:
Cisco IOS TCP Listener Memory Leak Lets Remote Users Deny Service. Read more

securitytracker.com:
Cisco IOS IPv6 Type 0 Routing Header Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
FreeWebshop Include File Bug in '/includes/login.php' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
BrightStor ARCserve Backup for Laptops & Desktops Buffer Overflows Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Sun Ray May Disclose the Administrator's Password to Local Users. Read more

securitytracker.com:
Sun Solaris tip(1) Unsafe File Access Methods Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
CenterICQ Buffer Overflow in Processing LiveJournal Data Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mac OS X CFUserNotification() Function Lets Local Users Gain Root Privileges. Read more

securitytracker.com:
Kodak Color Management System kcms_calibrate(1) Command Lets Local Users Gain Root Privileges. Read more

 

Tools:
www.reghardware.co.uk:
The Ultimate Windows Vista laptop. Read more

 

News
www.securityfocus.com:
Bug brokers offering higher bounties. Read more

www.theregister.co.uk:
Texas court bans deep linking. Read more

www.computerworld.com:
Microsoft's Wikipedia PR blunder (and clean keys). Read more

www.businessweek.com:
China: Spam and Virus Superpower. Read more

www.arnnet.com.au:
The future of Internet banking is under a cloud as consumers face picking up the $25 million annual bill for inadvertently falling victim to online scams. Read more

www.securityfocus.com:
Apple patches first MOAB vulnerability. Read more

www.computerworld.com:
Pump'n'Dump spam botnets: new rootkit-enabled malware. Read more

www.securityfocus.com:
Free check offered for stolen information. Read more

www.theregister.co.uk:
One in five fail Windows validation checks. Read more

www.norwichbulletin.com:
Norwich porn a fluke, expert says. Read more

www.siliconvalley.com:
Customer data stolen in TJX hack used in frauds, banks report. Read more

www.theregister.co.uk:
MySpace slams ad networks over 'scareware'. Read more

today.reuters.com:
Hacker attacks Chilean football association site. Read more

www.towergroup.com:
INCREASES IN MOBILE FRAUD AND ID THEFT COULD HAMPER MOBILE PAYMENT / BANKING INITIATIVES. Read more

www.cjnews.com:
Hackers bring down neo-Nazi website. Read more

www.techcrunch.com:
Google Blacklist Contained Confidential Information. Read more

video.google.com:
Video: Laptop thief gets owned. Read more

23 January 2007

Guides, Papers, etc
www.securityfocus.com:
Stock spammers gain while followers lose. Read more

www.f-secure.com:
Rechnung After the Storm. Read more

isc.sans.org:
Remove old JRE! Read more

www.eweek.com:
The Month of Selfish Publicity Hogging. Read more

www.darkreading.com:
Microsoft, Hacker Attack XSS. Read more

www.itsecurity.com:
10 Steps to Make Your Personal Firewall More Secure. Read more

www.esecurityplanet.com:
DIY Tips for a Spam-Free Inbox. Read more

www.computerworld.com.au:
The best practices for network security in 2007. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Mac OS X shared_region_map_file_np() Memory Corruption Bug Lets Local Users Deny Service. Read more

 

News
www.itpro.co.uk:
Malware more compatible with Vista than anti-malware products. Read more

www.theregister.co.uk:
Storm Trojan gang declare start of World War III. Read more

www.techworld.com:
Google anti-phishing site exposes user data. Read more

www.eweek.com:
Monthly Microsoft Patch Hides Tricky IE 7 Download. Read more

www.esj.com:
Symantec Issues Warning on Fast-Spreading Trojan. Read more

www.theregister.com:
Father of internet warns against Net Neutrality. Read more

www.vnunet.com:
US wins spam and malware crown. Read more

news.bbc.co.uk:
Vista copy protection is defended. Read more

en.epochtimes.com:
Chinese Professor Cracks Fifth Data Security Algorithm. Read more

news.com.com:
Cyberthreat experts to meet at secretive conference. Read more

www.theregister.co.uk:
MySpace sues Spam King. Read more

22 January 2007

Guides, Papers, etc
www.f-secure.com:
Storm Worm starts to use Rootkit techniques. Read more

www.f-secure.com:
Another trojan run by the Storm Worm gang. Read more

blogs.securiteam.com:
Distributing malware over ed2k network. Read more

blogs.securiteam.com:
Google, Service Providers and the Future of P2P. Read more

www.viruslist.com:
The Virtual Conflict - Who Will Triumph? Read more

www.youtube.com:
The consequences of going to goggle.com. Read more

taosecurity.blogspot.com:
Black Hat Federal 2006 Wrap-Up, Part 4. Read more

redtape.msnbc.com:
Spam is back, and worse than ever. Read more

www.itnews.com.au:
Antivirus 2.0: The bouncer approach. Read more

 

News
news.bbc.co.uk:
Bank loses $1.1m to online fraud. Read more

www.smh.com.au:
Police hack into PM's computers. Read more

news.zdnet.co.uk:
'Storm Worm' sweeps the globe. Read more

www.redorbit.com:
RSA Discovers New Online Phishing Kit. Read more

20 January 2007

Guides, Papers, etc
www.f-secure.com:
Storm-Worm Small.DAM Spread Quickly. Read more

www.f-secure.com:
Another trojan run by the Storm Worm gang. Read more

www.avertlabs.com:
Downloader-BAI seeding. Read more

isc.sans.org:
European Storm Video E-Mail. Read more

www.technewsworld.com:
Encrypted Virus Code: New Spin on Old Trick? Read more

www.businessweek.com:
Computer Security: The New Wave. Read more

www.darkreading.com:
Company Cuts Privileges to Cut Malware. Read more

www.darkreading.com:
Commoditizing Malware. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
wzdftpd Unspecified Bug Lets Remote Users Cause Denial of Service Conditions. Read more

 

Tools:
www.informationweek.com:
Six Rootkit Detectors Protect Your System. Read more

www.microsoft.com:
Internet Explorer Administration Kit. Read more

 

News
www.securityfocus.com:
HP spy probe offers plea bargains, first conviction. Read more

www.theregister.co.uk:
Hacked to the TK Maxx. Read more

www.cbc.ca:
European storm provides cover for e-mail worm attack. Read more

news.zdnet.co.uk:
Swedish bank hit by 'biggest ever' online heist. Read more

www.mercurynews.com:
Effort to secure Internet freedom. Read more

tomshardware.co.uk:
Security software alone not enough to beat Internet threats, says CA. Read more

www.theregister.co.uk:
Phishers haul in money from Nordic bank. Read more

www.theregister.co.uk:
Inboxes battered by Trojan spam deluge. Read more

www.vnunet.com:
Social sites help streamline attacks. Read more

www.computerworld.com:
New secure VPN tunneling protocol in the works at Microsoft. Read more

www.informationweek.com:
Credit Card Data, A Hack, And A Rush To Contain The Damage. Read more

www.theregister.co.uk:
US court withdraws 'legal child porn' opinion. Read more

19 January 2007

Guides, Papers, etc
www.eweek.com:
The New Threats Are on the Server. Read more

www.microsoft-watch.com:
The Anti-Virus Question Answered. Read more

www.avertlabs.com:
Russians attempting the $1 scam. Read more

blogs.authentium.com:
A rather significant outbreak. Read more

www.infoworld.com:
A tale of two Internets. Read more

www.darkreading.com:
ActiveX Bugs Plague IE. Read more

www.darkreading.com:
Five Unsolved Mysteries of Security. Read more

www.our-picks.com:
The 7 hidden pages within your Firefox browser. Read more

www.linuxworld.com.au:
Windows Vista "over-hyped": Torvalds. Read more

www.windowsecurity.com:
Reverse Engineering Malware (Part 1). Read more

www.technewsworld.com:
Encrypted Virus Code: New Spin on Old Trick? Read more

tech.monstersandcritics.com:
Is Yahoo hijacking browsers? Read more

aolradio.podcast.aol.com:
Audio: Security Now 75: Vista DRM. Listen

 

Vulnerabilities & Exploits
securitytracker.com:
Cisco Security Monitoring, Analysis and Response System Does Not Properly Validate Remote Device Certificates and Keys. Read more

securitytracker.com:
Cisco Adaptive Security Device Manager Does Not Properly Validate Remote Device Certificates and Keys. Read more

securitytracker.com:
SAP Internet Graphics Server Buffer Overflow in Processing ADM:GETLOGFILE Command Errors Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple Service Location Protocol Daemon (slpd) Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
JetDirect FTP Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
MyBloggie Input Validation Flaws in 'index.php' and 'login.php' Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Microsoft Help Workshop Buffer Overflow in Processing '.CNT' Files Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.alternet.org:
Connecticut Teacher Convicted of Endangering Kids With Pop-Up Porn. Read more

news.com.com:
Feds out for hacker's blood. Read more

www.computerworld.com:
Dutch prosecutors seek jail time for botnet duo. Read more

www.theregister.co.uk:
Myspace sued for failing to protect minors. Read more

18 January 2007

Guides, Papers, etc
blogs.securiteam.com:
What’s the deal? Read more

blog.washingtonpost.com:
Great Strides in Phishing. Read more

www.securityfocus.com:
Vulnerability tallies surged in 2006. Read more

www.symantec.com:
A Sudden Rise in ActiveX Vulnerabilities – Part 1. Read more

www.darkreading.com:
How to Catch Computer Criminals. Read more

blog.outer-court.com:
On Google Security. Read more

myappsecurity.blogspot.com:
Ajax Sniffer - Prrof of concept. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Linux Kernel ATM clip_mkip() Function Lets Remote Users Deny Service. Read more

securitytracker.com:
HP-UX IPFilter Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
WebLogic Bugs Let Remote Users Gain Access, Obtain Information, and Deny Service. Read more

securitytracker.com:
BEA AquaLogic Enterprise Security Lets Disabled User Accounts Access the System. Read more

securitytracker.com:
BEA AquaLogic Service Bus Lets Remote Users Bypass Security Checks in Certain Cases. Read more

securitytracker.com:
Oracle Database and Other Products Have 52 Unspecified Vulnerabilities With Unspecified Impact. Read more

securitytracker.com:
WebLogic Portal Policy Modification Errors May Let Remote Users Access Resources. Read more

securitytracker.com:
Java Runtime Environment GIF Image Buffer Overflow Lets Remote Applets Gain Elevated Privileges. Read more

securitytracker.com:
WebLogic Certificate Validation Error May Let Remote Users Access the System in Certain Cases. Read more

securitytracker.com:
OpenBSD ICMP6 Echo Request Bug Lets Remote Users Deny Service. Read more

 

News
www.theregister.co.uk:
Google erases British bases in Iraq. Read more

www.securityfocus.com:
Oracle patches 51 security holes. Read more

www.theregister.co.uk:
AOL phishing fraudster found guilty. Read more

www.securityfocus.com:
MySpace offers parents a peek. Read more

www.theregister.co.uk:
Lottery fraudsters exploit 070 personal numbers. Read more

www.vnunet.com:
Singapore judge sentences teen for Wi-Fi hack. Read more

17 January 2007

Guides, Papers, etc
www.avertlabs.com:
Could you face prison time for not cleaning your Spyware-infected PC? Read more

www.viruslist.com:
Just for fun. Read more

www.informationweek.com:
Review: Six Rootkit Detectors Protect Your System. Read more

www.zdnet.com.au:
Kernel developers are 'unfriendly': Torvalds. Read more

www.informationweek.com:
'White Listing' Repairs Broken Anti-Malware Model. Read more

www.csoonline.com:
The Chilling Effect. Read more

www.mb.com.ph:
Hacking with PDF Files. Read more

i.i.com.com:
from viruses to spyware: in the malware trenches with small and medium-sized businesses. Read more

www.eweek.com:
Vista Aims to Stop Hackers' Social Engineering Ploys. Read more

www.cgisecurity.com:
The Cross-Site Request Forgery (CSRF/XSRF) FAQ. Read more

www.cc.gatech.edu:
Large-Scale Network Simulation: How Big? How Fast? Read more

www.cc.gatech.edu:
High-Fidelity Modeling of Computer Network Worms. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
oftpd LPRT/LPASV Command Exception Lets Remote Users Deny Service. Read more

securitytracker.com:
Remedy Action Request System Discloses Username Validity to Remote Users. Read more

 

News
www.securityfocus.com:
Security pros question teacher's conviction. Read more

norwichbulletin.com:
Letter to the editor: Pornographers are to blame for crime. Read more

www.theregister.co.uk:
Worms pwn Symantec users. Read more

www.techworld.com:
Symantec to launch behaviour-based tool. Read more

www.computerworld.com:
Symantec to use SONAR to find zero-day attacks. Read more

www.securitypark.co.uk:
The majority of malware now comes from organizations involved in criminal activity. Read more

www.theregister.co.uk:
Trojans fuel ID theft boom. Read more

www.abc.net.au:
Banking sector wants consumers to pay for online fraud. Read more

news.zdnet.co.uk:
Windows attack code made public. Read more

www.echannelline.com:
Keylogging up 250 per cent in two years. Read more

www.darkreading.com:
Spam Hidden in Email Newsletters. Read more

www.vnunet.com:
Botnet herders face jailtime. Read more

www.usdoj.gov:
'PHISHER' GUILTY OF POSING AS AOL BILLING DEPARTMENT AND OBTAINING PERSONAL AND CREDIT CARD INFORMATION. Read more

16 January 2007

Guides, Papers, etc
blogs.securiteam.com:
Myspace phishing site discloses countless usernames and passwords. Read more

www.securityfocus.com:
Rainbow table targets Word, Excel crypto. Read more

www2.csoonline.com:
The Vulnerability Disclosure Game: Are We More Secure? Read more

isc.sans.org:
Dealing with images in your spam. Read more

sunbeltblog.blogspot.com:
And this is why you see so much spam. Read more

radar.oreilly.com:
Spamonomics 101. Read more

grutztopia.jingojango.net:
Your Free MacWorld Expo Platinum Pass (valued at $1,695). Read more

www.securityfocus.com:
Interview with Bill Cheswick. Read more

www.mcafee.com:
Identity Theft. Read more

www.securitypark.co.uk:
The most common hacker is probably sitting in the cubicle next to you. Read more

www.uninformed.org:
Subverting PatchGuard Version 2. Read more

www.uninformed.org:
Locreate: An Anagram for Relocate. Read more

www.uninformed.org:
Exploiting 802.11 Wireless Driver Vulnerabilities on Windows. Read more

www.eweek.com:
Symantec: Vista UAC Is Still Too Chatty. Read more

www.esecurityplanet.com:
Medical Identity Theft: Enough to Make You Sick. Read more

toolbar.netcraft.com:
Phishiest Countries. Read more

news.com.com:
Can HP fool Moore's Law? Read more

 

Vulnerabilities & Exploits
securitytracker.com:
KDE kpdf Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
Mac OS X Heap Overflow in AppleTalk _ATPsndrsp() Lets Remote Users Deny Service. Read more

securitytracker.com:
[Not a Vulnerability] Trevorchan Include File Bug in tc_config[rootdir] Parameter Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
PHP-Nuke Input Validation Flaw in 'block-Old_Articles.php' Lets Remote Users Inject SQL Commands. Read more

 

News
www.networkworld.com:
Fighting child porn vs. ruining innocent lives. Read more

abcnews.go.com:
Prison Time For Viewing Porn? Read more

www.theregister.co.uk:
FBI warns of assassin spam scam twist. Read more

arstechnica.com:
Privately, Hollywood admits DRM isn't about piracy. Read more

www.websense.com:
Malicious Websites / Malicious Code: Brazilian and Russian Blackhats working together. Read more

news.softpedia.com:
Hackers Update Windows Vista Activation Crack. Read more

www.technewsworld.com:
Private Investigator Pleads Guilty in HP Spy Case. Read more

www.technewsworld.com:
PayPal to Offer Members Increased Security Option. Read more

www.mercurynews.com:
PayPal acknowledges account glitches. Read more

15 January 2007

Guides, Papers, etc
blogs.securiteam.com:
Two infosec veterans weigh in on Full Disclosure. Read more

blogs.securiteam.com:
Disclosure of the week (2): Excel opcode vuln. Read more

blogs.securiteam.com:
Disclosure of the week (1): Opera 9.10. Read more

www.f-secure.com:
Do you have a TV permit? Read more

www.eweek.com:
Taking Least Privilege to the Max. Read more

www.philippinehoneynet.org:
The Philippine Honeynet Project. Read more

www.technewsworld.com:
The Fear of Wandering E-Mails. Read more

taosecurity.blogspot.com:
Certified Malware Removal Expert. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
LunarPoll Include File Bug in 'show.php' Lets Remote Users Execute Arbitrary Code. Read more

 

Tools:
www.beyondtrust.com:
BeyondTrust™ Privilege Manager gives organizations the ability to implement the fundamental security principle of least privilege using native Windows security constructs. Read more

 

News
sunbeltblog.blogspot.com:
Computerworld: Julie Amero is guilty, guilty, guilty! Justice prevails! Read more

www.itnews.com.au:
New Java exploits brewing. Read more

www.theage.com.au:
Report: Belgian government site hacked by Turkish nationalists. Read more

www.pcadvisor.co.uk:
Hackers look for iPhone vulnerabilities. Read more

www.playfuls.com:
Are Viruses, Malware Winning The Security Battle? Read more

www.infoworld.com:
Customers lose when vendors refuse to patch. Read more

www.theinquirer.net:
Flash will kill Blu-ray and HD DVD. Read more

13 January 2007

Guides, Papers, etc
blogs.securiteam.com:
Oracle started MS-style advance notification. Read more

www.securityfocus.com:
Spammers get bullish on stocks. Read more

www.securityfocus.com:
Spam gussies up its image. Read more

www.f-secure.com:
PayPal Key Fob. Read more

www.darkreading.com:
The Sting. Read more

www.darkreading.com:
10 Ways to Get Users to Follow Security Policy. Read more

www.microsoft-watch.com:
Office Live: Better Off Dead? Read more

www.avertlabs.com:
Data for Ransom - Petty Theft or Organized Crime ? Read more

www.regdeveloper.co.uk:
Malware: Windows is only part of the problem. Read more

blogs.securiteam.com:
Web Honeynet Project: announcement, exploit URLs this Wednesday. Read more

www.milw0rm.com:
Anatomy of a Malware. Read more

ryanlrussell.blogspot.com:
Unpacking I. Read more

aolradio.podcast.aol.com:
Audio: Security Now 74: Peter Gutmann On Vista Content Protection. Listen

 

Vulnerabilities & Exploits
securitytracker.com:
PaX expand_stack() Lets Local Users Gain Root Privileges. Read more

securitytracker.com:
Snort Rule Matching Complexity Lets Remote Users Deny Service via Backtracking Attacks. Read more

securitytracker.com:
Snort Integer Underflow in Processing the GRE Protocol May Let Remote Users Corrupt Log Files. Read more

securitytracker.com:
BrightStor ARCserve Backup Bugs in Tape Engine, Mediasvr, and ASCORE.DLL Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
FreeBSD Kernel jail(2) Call Lets Local Users Gain Elevated Privileges in Certain Cases. Read more

securitytracker.com:
HP OpenView Network Node Manager Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
HP OpenView Network Node Manager Lets Remote Users View Files. Read more

 

News
www.telegraph.co.uk:
Terrorists 'use Google maps to hit UK troops'. Read more

today.reuters.co.uk:
Internet should be run by key players: new ITU boss. Read more

www.pcworld.com:
Is Google Falsely Flagging Harmless Sites? Read more

news.com.com:
FBI warns of twist in extortion phishing scam. Read more

www.theregister.co.uk:
Man-in-the-Middle phishing kit netted. Read more

www.norwichbulletin.com:
Teacher guilty in Norwich porn case. Read more

www.norwichbulletin.com:
Substitute teacher takes the stand in Norwich school porn trial. Read more

www.computerworld.com:
PayPal hopes it's got the key to thwart phishing. Read more

12 January 2007

Guides, Papers, etc
www.f-secure.com:
Update Your Apps. Read more

www.eweek.com:
Last Call for Whois Comments. Read more

www.itsecurity.com:
Understanding the Enemy: The Top 10 Nastiest Malware Trends. Read more

www.pbs.org:
Google Search Snafu Can Have Huge Impact on Niche Blogs. Read more

arstechnica.com:
$60 to keep crapware off of a Windows PC? Read more

www.it-observer.com:
Preventing a Brute Force or Dictionary Attack. Read more

 

News
www.securityfocus.com:
Bounty offered for Vista, IE flaws. Read more

www.techworld.com:
Malware now hiding in search results. Read more

www.pcauthority.com.au:
Saddam spam hides Trojan malware. Read more

www.darkreading.com:
Fake VPN Purposely Tempts Fate. Read more

www.theregister.co.uk
Teens charged with breaking into school computer. Read more

news.zdnet.co.uk:
Government agency tells schools to shun Vista. Read more

www.vnunet.com:
IT security experts warn of phishing kit peril. Read more

www.asiamedia.ucla.edu:
KOREA: Busy websites need real name registration. Read more

www.sophos.com:
Scam contract killer email blackmails recipients with death threat. Read more

torrentfreak.com:
MPAA Caught Uploading Fake Torrents. Read more

wirelesstoronto.ca:
wifi »January hacknight: Wifi Roach Coach. Read more

www.theregister.co.uk:
German child porn ring busted. Read more

11 January 2007

Guides, Papers, etc
blogs.securiteam.com:
The Bank of America: Please lower your defenses, we’re coming through. Read more

www.regdeveloper.co.uk:
Malware: Windows is only part of the problem. Read more

www.csoonline.com:
The Chilling Effect. Read more

www.sap.info:
A Positive Impact on Web Application Security. Read more

www.f-secure.com:
Further Information on the Pocket PC MMS Exploit. Read more

www.itbusiness.ca:
Malware creators turn code protection technique to their advantage. Read more

www.darkreading.com:
Untying the Bot Knot. Read more

www.securityfocus.com:
Wishes For 2007. Read more

isc.sans.org:
Port 2968 big rise - related to Symantec AV? Read more

www.avertlabs.com:
Give me your bookmarks! Read more

honeyblog.org:
AIM Spreading. Read more

www.darkreading.com:
Big, Fat Bot-Ache. Read more

reviews.cnet.com:
The subtle art of JavaScript misdirection. Read more

www.darkreading.com:
Bluetooth Security Worse Than WiFi. Read more

sunbeltblog.blogspot.com:
Is this a miscarriage of justice? Read more

www.wired.com:
Secure Passwords Keep You Safer. Read more

www.securityfocus.com:
Firms see drop in spam, fraud. Read more

www.securityfocus.com:
Acer ships laptops with security hole. Read more

www.ex-parrot.com:
My neighbours are stealing my wireless internet access. I could encrypt it or alternately I could have fun. Read more

www.microsoft.com:
Services Hardening in Windows Vista. Read more

www.nsa.gov:
The 60 Minute Network Security Guide. Read more

community.linux.com:
How to get a Windows tax refund. Read more

 

Vulnerabilities & Exploits
www.security.nnov.ru:
Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability. Read more

securitytracker.com:
Cisco Unified Contact Center JTapi Gateway Can Be Restarted By Remote Users. Read more

securitytracker.com:
Cisco IOS DLSw Capabilities Exchange Lets Remote Users Cause the Device to Reload. Read more

securitytracker.com:
X Memory Corruption Errors in Render and DBE Extensions Let Local Users Gain Root Privileges. Read more

securitytracker.com:
Kerberos kadmind GSS-API 'mechglue' Memory Error Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Kerberos kadmind SVCAUTH_DESTROY() Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Sun Solaris libnsl __inet_taddr2uaddr() Error Lets Remote Users Deny Service. Read more

securitytracker.com:
Adobe Acrobat and Adobe Reader Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Macromedia ColdFusion Double-Encoded URL Processing Discloses Files to Remote Users. Read more

 

Tools:
plash.beasts.org:
Plash is a system for sandboxing GNU/Linux programs. Read more

 

News
www.rsasecurity.com:
RSA Alert: New Universal Man-in-the-Middle Phishing Kit Discovered. Read more

www.theregister.co.uk:
Duo deny LA traffic hack charges. Read more

news.techwhack.com:
PayPal to offer security key to user worried about phishing scams. Read more

ipcommunications.tmcnet.com:
Hackers hound U. Arizona hard drives. Read more

www.eweek.com:
VeriSign Offers Hackers $8,000 Bounty on Vista, IE 7 Flaws. Read more

www.deadspin.com:
Paypal Doesn't Want Slain Soldiers' Families To Receive Aid. Read more

www.theglobeandmail.com:
Beijing's censors unleash a monster. Read more

10 January 2007

Guides, Papers, etc
www.f-secure.com:
First Monthly Patch of 2007. Read more

www.darkreading.com:
Premature Patching, Microsoft's Way. Read more

www.eweek.com:
Security: Next Steps. Read more

www.securitypark.co.uk:
Tips and Tricks for Reducing Spam and Blocking Unwanted E-mails. Read more

news.zdnet.co.uk:
Gates on geekery and gadgets. Read more

www.networksecurityjournal.com:
The Fight Against Phishing: 44 Ways to Protect Yourself. Read more

honeyblog.org:
Stock Spam. Read more

blogs.authentium.com:
The Mobile Virus Threat: Part 1 1/2. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Windows Vector Markup Language Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Outlook '.iCal', '.oss', and SMTP Header Bugs Let Remote Users Execute Arbitrary Code or Deny Service. Read more

securitytracker.com:
Microsoft Excel Buffer Overflows in Processing Various Records and Strings Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Office Brazilian Portuguese Grammar Checker Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Excel Memory Access Error Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Novell Access Manager Input Validation Hole Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
GForge Input Validation Hole in 'advanced_search.php' Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
TIS Firewall Toolkit Buffer Overflow in ftp-gw May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
IBM AIX ftpd Discloses Passwords to Certain Local Users and Lets Remote Users Deny Service. Read more

 

News
www.microsoft.com:
Microsoft Security Bulletin Summary for January, 2007. Read more

security.itworld.com:
Germany checks 22 million cards for child porn payments. Read more

www.infoworld.com:
Microsoft fixes Office, Outlook, Windows flaws. Read more

news.com.com:
Symantec wants to lend a hand with Vista security. Read more

09 January 2007

Guides, Papers, etc
www.f-secure.com:
Preloaded Vulnerability in Acer notebook. Read more

www.f-secure.com:
Don't click on Saddam attachments. Read more

www.avertlabs.com:
The PDF Flaws are coming!! The PDF Flaws are coming!! Read more

blogs.securiteam.com:
Trackback SQL injection workaround. Read more

www.securityfocus.com:
PHP apps: Security's Low-Hanging Fruit. Read more

www.securityfocus.com:
Wireless Forensics: Tapping the Air - Part Two. Read more

www.eweek.com:
Who's Inflating Vista Security Expectations? Read more

www.darkreading.com:
Making & Re-Making the Grade. Read more

www.esecurityplanet.com:
Security 2007: Issues to Be Aware Of. Read more

honeyblog.org:
Botnet Monitoring And New Malware Samples. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Fetchmail MDA Option Message Refusal Bugs Let Remote Users Deny Service. Read more

securitytracker.com:
Fetchmail TLS Security Bugs May Let Eavesdroppers Obtain Passwords. Read more

securitytracker.com:
BinGoPHP NEWS Include File Bug in 'bn_smrep1.php' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Kaspersky Anti-Virus Scanning Engine PE File Infinite Loop Lets Remote Users Deny Service. Read more

 

Tools:
www.theregister.co.uk:
Nokia updates tablet, adds Skype support. Read more

 

News
www.itnews.com.au:
Microsoft postpones half of Tuesday's patches. Read more

www.theregister.co.uk:
Mystery drop in fraud and spam. Read more

www.washingtonpost.com:
For Windows Vista Security, Microsoft Called in Pros. Read more

www.vnunet.com:
Acer laptops in ActiveX security scare. Read more

www.theregister.co.uk:
Security vendors talk up VoIP threats. Read more

www.internetnews.com:
Hospitals Becoming Popular ID Theft Target. Read more

www.computerworld.com:
Researchers: Hack will help kill HD DVD copy protection. Read more

www.vnunet.com:
Image spam is growing problem. Read more

www.networkworld.com:
Dangers of unprotected Wi-Fi prompt new security laws. Read more

www.timesdispatch.com:
VCU grad sentenced for fraud. Read more

us.cnn.com:
Teen hacks Venezuelan government Web sites. Read more

08 January 2007

Guides, Papers, etc
www.qasec.com:
Writing Software Security Test Cases. Read more

www.spidynamics.com:
Malicious Code Injection: It’s Not Just for SQL Anymore. Read more

blogs.securiteam.com:
Hiding code inside perl. Read more

blogs.securiteam.com:
When the defacement archive is the target of defacement. Read more

www.avertlabs.com:
“Media object? No it’s Malware Object!” Read more

isc.sans.org:
Who needs sophisticated malware? Read more

www.f-secure.com:
Weekend activity. Read more

it-gears.blogspot.com:
IE7 Web Developers Nightmare. Read more

dheera.net:
Why blurring sensitive information is a bad idea. Read more

www.pcworld.com:
Just Cancel the @#%$* Account! Read more

pogue.blogs.nytimes.com:
How Secure Is Your Wi-Fi Connection? Read more

www.nytimes.com:
Tips for Protecting the Home Computer. Read more

aolradio.podcast.aol.com:
Audio: Security Now 73: Next Generation Copy Protection. Listen

twit.cachefly.net:
Audio: Windows Weekly 9: Let the Battle Begin. Listen

 

Vulnerabilities & Exploits
labs.idefense.com:
Opera Software Opera Web Browser JPG Image DHT Marker Heap Corruption Vulnerability. Read more

labs.idefense.com:
Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability. Read more

labs.idefense.com:
Kaspersky Antivirus Scan Engine PE File Denial of Service Vulnerability. Read more

fetchmail.berlios.de:
fetchmail crashes when refusing a message bound for an MDA. Read more

www.cisco.com:
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control Server. Read more

securitytracker.com:
Cisco Secure Access Control Server CSAdmin and CSRadius Stack Overflows Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Eudora WorldMail Mail Management Server Heap Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Opera JPEG DHT Marker Buffer Overflow and createSVGTransformFromMatrix Request Validation Flaw Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.nytimes.com:
Attack of the Zombie Computers Is Growing Threat. Read more

www.informationweek.com:
Anti-Piracy Company Issues $40,000 Hacker Challenge. Read more

www.heraldextra.com:
Four-month sentence for U of U hacker. Read more

www.theregister.co.uk:
Web stalkers to get face search plug-in. Read more

www.pcadvisor.co.uk:
Wi-Fi gets new security spec. Read more

05 January 2007

Guides, Papers, etc
events.ccc.de:
Bluetooth Hacking revisited. Read more

isc.sans.org:
Good ol' Web Defacements (NEW). Read more

www.microsoft-watch.com:
The Anti-Virus Question. Read more

www.microsoft-watch.com:
Bad Security Habits. Read more

blogs.ittoolbox.com:
Help Me Monkey! My Firefox Has Been Hacked! Read more

www.internetnews.com:
Vista Exploit Looking For Achilles' Heel. Read more

www.infoworld.com:
Getting a grip on better password hashes. Read more

ip.securescience.net:
[Prg] Malware Case Study. Read more

www.podtrac.com:
Audio: Windows Weekly 9: Let the Battle Begin. Listen

 

Vulnerabilities & Exploits
labs.idefense.com:
Kaspersky Antivirus Scan Engine PE File Denial of Service Vulnerability. Read more

securitytracker.com:
OpenVMS SESSION_CONTROL.EXE Bug May Disclose Passwords to Local Users in Certain Cases. Read more

securitytracker.com:
Novell Client NWGINA Bug May Prevent User Profiles from Being Deleted. Read more

securitytracker.com:
Serene Bach Input Validation Hole Permits Cross-Site Scripting Attacks. Read more

 

News
www.theregister.co.uk:
Google blacklist sheds light on phishing tactics. Read more

www.theregister.co.uk:
Taiwan quakes cost Chinese 10,000 domain names. Read more

hosted.ap.org:
Venezuelan Teen Detained in Hacking Case. Read more

www.technewsworld.com:
Identity Theft: 100 Million Americans and Counting. Read more

04 January 2007

Guides, Papers, etc
www.symantec.com:
When PDFs Attack. Read more

blogs.securiteam.com:
XSS Worm strikes GaiaOnline. Read more

isc.sans.org:
Concurrency strikes MSIE (potentially exploitable msxml3 flaws) (NEW). Read more

isc.sans.org:
The missing Microsoft patches (NEW). Read more

blog.washingtonpost.com:
Not Your Average Phishing Scam. Read more

www.darkreading.com:
Botnets Don Invisibility Cloaks. Read more

www.eweek.com:
What Scares Me About Security in 2007. Read more

portal.spidynamics.com:
A Tour of the Google Blacklist. Read more

yuiblog.com:
Performance Research, Part 2: Browser Cache Usage - Exposed! Read more

pogue.blogs.nytimes.com:
How Secure Is Your Wi-Fi Connection? Read more

msmvps.com:
For those who installed IE7 before installing R2 - a challenge. Read more

www.microsoft.com:
Microsoft Security Bulletin Advance Notification. Read more

www.podtrac.com:
Audio: Security Now 73: Next Generation Copy Protection. Listen

 

Vulnerabilities & Exploits
securitytracker.com:
Adobe Acrobat Reader Plugin Bugs Let Remote Users Deny Service, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code. Read more

securitytracker.com:
OpenBSD Kernel Input Validation Flaw in vga() Lets Local Users Gain Root Privileges. Read more

securitytracker.com:
OpenOffice.org Office Suite Integer Overflow in Processing WMF/EMF Files Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Cisco Clean Access Lets Remote Users Access the Administrative Interface and Download Backup File. Read more

 

Tools:
news.zdnet.co.uk:
SanDisk releases flash hard drives for laptops. Read more

news.com.com:
Here comes the terabyte hard drive. Read more

 

News
www.securityfocus.com:
IE users at risk for 284 days in 2006. Read more

desmoinesregister.com:
Computer at UNI hacked to stash music files. Read more

www.theregister.co.u:
Phishing fraudsters get flashy. Read more

www.securityfocus.com:
Acrobat Reader suffers major XSS flaw. Read more

news.zdnet.co.uk:
PDF threat worse than first thought. Read more

www.theregister.co.u:
Adobe scripting flaw unearthed. Read more

www.theregister.co.u:
European network will target email and internet scams. Read more

www.vnunet.com:
Targeted security attacks will rise in 2007. Read more

03 January 2007

Guides, Papers, etc
blogs.securiteam.com:
OpenOffice issued a WMF code execution fix. Read more

blogs.securiteam.com:
AV Marketing and Babes. Read more

invisiblethings.org:
Introducing Stealth Malware Taxonomy. Read more

invisiblethings.org:
Fighting Stealth Malware - Towards Verifiable OSes - December 2006. Read more

sunbeltblog.blogspot.com:
Evolving the antimalware technology model. Read more

news.com.com:
What threats does Skype face? Read more

www.smh.com.au:
Taunting the scammers. Read more

www.f-secure.com:
How to locate new phishing sites. Read more

www.2-spyware.com:
Flash phishing. Read more

blogs.authentium.com:
Amazing SPAM issue. Read more

events.ccc.de:
Subverting Ajax. Read more

www.zdnetindia.com:
What threats does Skype face? Read more

ddanchev.blogspot.com:
Technical Analysis of the Skype Trojan. Read more

www.avertlabs.com:
MoAB is Upon Us! Read more

www.darkreading.com:
New Hacking Tools Bite Bluetooth. Read more

www.darkreading.com:
DNS Ratting You Out? Read more

www.darkreading.com:
Rift Widens Over Bug Disclosure. Read more

 

Vulnerabilities & Exploits
www.frsirt.com:
Adobe Acrobat Reader Plugin Cross Site Scripting and Command Execution Vulnerabilities. Read more

securitytracker.com:
VLC Media Player udp:// URL Handler Format String Bug Lets Remote Users Execute Arbitrary Code. Read more

www.cisco.com:
isco Security Advisory: Multiple Vulnerabilities in Cisco Clean Access. Read more

 

News
news.zdnet.co.uk:
Acrobat flaw opens door to attack. Read more

www.redherring.com:
Hackers Target U.S. Defenses. Read more

02 January 2007

Guides, Papers, etc
www.gnucitizen.org:
DANGER, DANGER, DANGER. Read more

www.disenchant.ch:
Hacking with Browser Plugins. Read more

www.eweek.com:
Five Hackers Who Left a Mark on 2006. Read more

www.eweek.com:
Research: IM Malware Attacks on the Rise. Read more

blogs.securiteam.com:
Getting out of the box : The problem of Babel. Read more

blogs.securiteam.com:
PDF = Potential Death File? Read more

www.betanews.com:
More Mysteries of the Win32 MessageBox Bug Revealed. Read more

blogs.securiteam.com:
Take this silt. Read more

www.securityfocus.com:
Wireless Forensics: Part One - Tapping the Air. Read more

www-128.ibm.com:
An overview of virtualization methods, architectures, and implementations. Read more

www.eweek.com:
Survey: Consumers Not Confident About Internet Security. Read more

www.readwriteweb.com:
The Race to Beat Google. Read more

aolradio.podcast.aol.com:
Audio: TWiT 82: The Year In Review. Listen

 

Vulnerabilities & Exploits
isc.sans.org:
Apple QuickTime RTSP URL Handler Vulnerability (NEW). Read more

isc.sans.org:
VLC Media Player udp URL handler Format String Vulnerability (NEW). Read more

securitytracker.com:
FreeRADIUS Buffer Overflow in SMB_Connect_Server() Function Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
LBlog Discloses Database to Remote Users. Read more

securitytracker.com:
Apple QuickTime rtsp:// URL Handler Stack Overflow Lets Remote Users Execute Arbitrary Code. Read more

 

Tools:
fileforum.betanews.com:
Comodo Firewall Pro 2.4.10.131 Beta beta. Read more

www.yorkspace.com:
Introducing the Dell De-Crapifier…Read more

 

News
www.theregister.co.uk:
Microsoft accused of trying to buy bloggers. Read more

www.theregister.co.uk:
How to crash a Windows mobile using MMS. Read more

www.theregister.co.uk:
Wireless not worth hacking? Read more

www.eweek.com:
McAfee Amends Options Amid Backdating Scandal. Read more

www.theregister.co.uk:
Google plugs GMail exploit. Read more

www.theregister.co.uk:
Europe plans crackdown on email scams. Read more

www.esecurityplanet.com:
It's That Time: 'Happy New Year' Worms. Read more

www.smh.com.au:
Computer security firm warns of NY virus. Read more

www.mercurynews.com:
Microsoft adds behavioral targeting. Read more

www.channelregister.co.uk:
Munich buys Windows 2000 used licenses. Read more

01 January 2007

Guides, Papers, etc
www.f-secure.com:
Fun Filled New Year May Your Dreams Come True Sparkling Happiness And Good Times etc. Read more

blogs.securiteam.com:
23C3 (CCC) lectures on Google Video. Read more

www.net-security.org:
Real World XSS. Read more

www.pcmag.com:
The Art of Spam. Read more

blogs.authentium.com:
Amazing SPAM issue. Read more

www.mulliner.org:
Advanced Attacks Against PocketPC Phones. Read more

 

Vulnerabilities & Exploits
www.jungsonnstudios.com:
XSS In 7 major Dutch Online Banks. Read more

www.symantec.com:
MMS Exploit Released for Windows Mobile – No Patch Available. Read more

www.matousec.com:
Kerio Fake 'iphlpapi' DLL injection Vulnerability. Read more

cyber-knowledge.net:
GMail Vulnerable To Contact List Hijacking. Read more

cyber-knowledge.net:
GMail’s Flaw Is Now Fixed. Read more

securitytracker.com:
MythControl Buffer Overflow in sendToMythTV() Lets Remote Bluetooth Users Execute Arbitrary Code. Read more

securitytracker.com:
Enigma Include File Bug in Coppermine and WordPress Bridges Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.securityfocus.com:
Month of Apple Bugs kicks off. Read more

www.theregister.co.uk:
Security firm erects threat-level aggregator. Read more

www.computing.co.uk:
First worm of New Year strikes. Read more

news.softpedia.com:
Gmail Hacked! Your Contact List Can Be Stolen! Read more

www.theinquirer.net:
Wii, HD-DVD and PSP hacks emerge. Read more

www.delawareonline.com:
The Web's dark side grows darker. Read more

www.informationweek.com:
Brief: Personal Information Showing Up On Google Notebook Search. Read more

www.darkreading.com:
The Six Dirtiest Tricks of 2006. Read more


Copyright© MegaSecurity.org