Home    News Archive    Translate Traducen
News February 2007
28 February 2007

Guides, Papers, etc
www.f-secure.com:
Skypezov? Read more

www.f-secure.com:
New MySpace Nasty. Read more

asert.arbornetworks.com:
Solaris Telnet Scanning — Possible Worm? Read more

blogs.authentium.com:
Malware and liability. Read more

www.darkreading.com:
How to Cheat Hardware Memory Access. Read more

www.darkreading.com:
Lawyers, Guns & Money. Read more

www.darkreading.com:
A Hacker by Any Other Name. Read more

www.darkreading.com:
Security's Symbiosis. Read more

www.mcs.vuw.ac.nz:
Improving Detection Accuracy and Speed with Hybrid Client Honeypots. Read more

www.avertlabs.com:
Ding! Your phone is now your wallet. Read more

www.microsoft-watch.com:
Ray Ozzie Speaks Out. Read more

www.plagiarismtoday.com:
The Birth of a Spam Blog Network. Read more

arstechnica.com:
Windows Genuine Advantage's newest setting: "you might be a pirate". Read more

www.it-enquirer.com:
Windows Vista Hinders Creative Users’ Efficiency Even More than Windows XP Did. Read more

security.linux.com:
Note to new Linux users: No antivirus needed. Read more

www.net-security.org:
(IN)SECURE Magazine. ISSUE 1.10 (February 2007). Read more

 

Vulnerabilities & Exploits
ddanchev.blogspot.com:
XSS Vulnerabilities in E-banking Sites. Read more

securitytracker.com:
McAfee Virex 'VShieldExclude.txt' File Symlink Flaw Lets Local Users Obtain Root Privileges. Read more

securitytracker.com:
CA eTrust Intrusion Detection Administration Interface Lets Remote Users Deny Service. Read more

securitytracker.com:
Red Hat Linux Kernel Filesystem Auditing Bug Lets Local Users Deny Service. Read more

securitytracker.com:
ViewCVS Input Validation Hole Permits Cross-Site Scripting Attacks. Read more

 

News
www.eweek.com:
When Government Sides With The Crackers. Read more

www.dailydomainer.com:
Microsoft Quietly Making Untold Millions. Read more

www.norwichbulletin.com:
Amero sentencing postponed. Read more

www.betanews.com:
VMware: Microsoft is Rigging the Virtualization Market. Read more

www.darkreading.com:
Black Hat Cancels RFID Demo. Read more

www.itnews.com.au:
Hack attacks costing enterprises US$30m a year. Read more

www.itnews.com.au:
Smart malware injects spam into messages. Read more

www.theregister.co.uk:
SEC sues 'hacker' firm for insider trading. Read more

www.theregister.co.uk:
Security flap over support ActiveX controls bug. Read more

googlewebmastercentral.blogspot.com:
Better badware notifications for webmasters. Read more

software.silicon.com:
Warning over 'blog-posting' Trojan. Read more

www.theregister.co.uk:
MySpace hackers avoid extortion rap. Read more

www.latimes.com:
No jail for online dating hacker. Read more

news.com.com:
Is Windows getting more expensive? Read more

27 February 2007

Guides, Papers, etc
www.f-secure.com:
Video - Live Phishing Demo. Read more

isc.sans.org:
onUnload(). Read more

www.avertlabs.com:
The evolution of social engineering. Read more

blogs.zdnet.com:
Windows Vista - 19 months of usage and counting. Read more

www.technewsworld.com:
Online Merchants Can Block Phishing Attacks For Good. Really. Read more

www.redhat.com:
Goodbye, Fedora. Read more

www.2-spyware.com:
Spam sent by you. Read more

www.darkreading.com:
Five Myths About Black Hats. Read more

www.darkreading.com:
More of a Gray Area. Read more

www.darkreading.com:
Here Comes the (Web) Fuzz. Read more

youtube.com:
Video: How to activate Vista for a second time. Watch

www.phenoelit.de:
Default Password List. Read more

 

Tools:
www.callingid.com:
CallingID Link Advisor. Read more

www.snoopstick.com:
USB device lets you spy on other's PC activity. Read more

 

News
www.securityfocus.com:
Amero trial transcript goes online. Read more

www.norwichbulletin.com:
Inaction sank Amero; read the full trial transcript. Read more

www.theregister.co.uk:
Windows for Warships nears frontline service. Read more

news.bbc.co.uk:
Criminals 'may overwhelm the web'. Read more

www.theregister.co.uk:
Firefox fix lances memory corruption bug. Read more

www.theregister.co.uk:
VMware wallops Microsoft with white paper. Read more

software.silicon.com:
Security warning over tech support tools. Read more

www.smh.com.au:
NY Youths in Plea Deal in MySpace Case. Read more

news.zdnet.co.uk:
Vista bug report probed. Read more

www.telegram.com:
Malaysia Cracks Down on Internet Scam. Read more

www.vnu.co.uk:
Web-based recruitment scammer convicted. Read more

26 February 2007

Guides, Papers, etc
honeynet.org:
Know your Enemy: Web Application Threats. Read more

www.cs.colorado.edu:
Low-Resource Routing Attacks Against Anonymous Systems. Read more

www.technewsworld.com:
New Layers of Defense: ID Theft and Authentication, Part 2. Read more

csrc.nist.gov:
Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i. Read more

www.computerworld.com:
Five mistakes of data encryption. Read more

www.darkreading.com:
RSS Syndicates Malware, Too. Read more

isc.sans.org:
SupportSoft Active X fixed. Read more

www.darkreading.com:
VMs Create Potential Risks. Read more

wilshipley.com:
"Piracy reduction can be a source of Windows revenue growth". Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Mozilla Firefox Flaws Permit Cross-Site Scripting Attacks and Local File Access Read more

securitytracker.com:
Mozilla Firefox onUnload Event and document.write() Race Condition May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Firefox Custom Cursor May Let Remote Users Spoof Portions of the User Interface. Read more

securitytracker.com:
Mozilla Firefox Cache Collision May Let Remote Users Obtain Cached Web Page Contents. Read more

securitytracker.com:
Mozilla Firefox Memory Corruption in Layout Engine, SVG, and Javascript Engine May Let Remote Users Execute Arbitrary Code. Read more

 

News
www.nytimes.com:
A Software Maker Goes Up Against Microsoft. Read more

www.betanews.com:
Microsoft Manager Says It Considered Banning Vista Virtualization. Read more

www.heise-security.co.uk:
Trojan forced PCs to take part in climate research project. Read more

mdn.mainichi-msn.co.jp:
Customers' account information leaked from Chiba Bank employee's computer. Read more

www.itnews.com.au:
Spyware hits three-quarters of UK firms. Read more

www.itnews.com.au:
Hacker faces jail for Trojan horse. Read more

www.eff.org:
RIAA to Parents: Pop-Ups + Viruses = Piracy! Read more

24 February 2007

Guides, Papers, etc
www.f-secure.com:
Credit Card Data Breaches. Read more

research.eeye.com:
Remote Windows Kernel Exploitation. Step into the Ring 0. Read more

www.securescience.net:
Banking On Phishing. Read more

www.securescience.net:
The Dark Side of the Web. Read more

myappsecurity.blogspot.com:
Reflection on Jeremiah Grossman. Read more

www.technewsworld.com:
Is That Really You? ID Theft and Authentication, Part 1. Read more

www.darkreading.com:
Black Hats Focus on Apps. Read more

www.darkreading.com:
Smart & Safe. Read more

www.internetnews.com:
Want a Contract With Your Key Logger? Read more

www.2-spyware.com:
Your router can be hijacked. Easily. Read more

aolradio.podcast.aol.com:
Security Now 80 - Your Questions, Steve's Answers #16. Listen

blog.zonelabs.com/:
Phishing for Dirty Money. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Mozilla Firefox Integer Underflow in Processing SSLv2 Server Messages Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
IBM DB2 Symlink Bug and Buffer Overflows Let Local Users Gain Root Privileges. Read more

securitytracker.com:
VeriSign Secure Messaging for Microsoft Exchange Stack Overflow in ConfigChk ActiveX Control Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
VeriSign Go Secure! Stack Overflow in ConfigChk ActiveX Control Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
VeriSign Managed PKI Stack Overflow in ConfigChk ActiveX Control Lets Remote Users Execute Arbitrary Code. Read more

 

Tools:
reviews.cnet.com:
Review SiteAdvisor Plus. Read more

 

News
www.securityfocus.com:
Mozilla plugs Firefox security holes. Read more

blog.washingtonpost.com:
Fraudsters Declare War on Anti-Scam Services. Read more

www.theregister.co.uk:
Trojan phishing attack claims multiple victims. Read more

www.worcesternews.co.uk:
Security alert as thousands told bank details have been stolen. Read more

www.stltoday.com:
Man admits releasing computer viruses. Read more

www.theregister.co.uk:
Reg reader trapped in Vista network folder hell. Read more

ha.ckers.org:
Latest Firefox Fixes a Number of Security Holes. Read more

23 February 2007

Guides, Papers, etc
blogs.securiteam.com:
OWASP Testing Guide released (and, what might be a fairy tale?). Read more

blogs.securiteam.com:
Solaris TTYPROMPT Vulnerability info (Update: report for old). Read more

blogs.securiteam.com:
Accidental backdoor by ISP. Read more

www.f-secure.com:
Video - Bagle Mashup. Read more

www.avertlabs.com:
On the trail of Downloader-AAP. Read more

www.viruslist.com:
Malicious hackers or careless users? Read more

www.infoworld.com:
Bots and DDoS attacks: a primer. Read more

www.pcworld.com:
Don't Fall Victim to the 'Free Wi-Fi' Scam. Read more

ha.ckers.org:
Google Desktop - The Saga Continues. Read more

www.eweek.com:
The Admin Rights Hall of Shame. Read more

www.darkreading.com:
When to Disclose a Data Breach. Read more

www.darkreading.com:
Top 10 Admin Passwords to Avoid. Read more

www.darkreading.com:
Black Hat: Botnets Go One-on-One. Read more

www.blackhat.com:
The Exponential Growth of Rootkit Techniques. Read more

www.microsoft.com:
Inside the Windows Vista Kernel: Part 1. Read more

www.microsoft.com:
Inside the Windows Vista Kernel: Part 2. Read more

www.symantec.com:
Drive-By Pharming. Read more

 

Vulnerabilities & Exploits
secunia.com:
Internet Explorer 7 "onunload" Event Spoofing Vulnerability. Read more

securitytracker.com:
Symantec Norton Internet Security Stack Overflow in 3rd Party ActiveX Controls Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Symantec Norton AntiVirus Stack Overflow in 3rd Party ActiveX Controls Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Symantec Norton System Works Stack Overflow in 3rd Party ActiveX Controls Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Symantec Automated Support Assistant Stack Overflow in 3rd Party ActiveX Controls Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Google Desktop Input Validation Hole in 'under' Parameter Permits Scripting Attacks. Read more

securitytracker.com:
Trend Micro ServerProtect 'splx_2376_info' Cookie Validation Bug Grants Access to Remote Users. Read more

 

Tools:
www.securiteam.com:
Rootkit Profiler LX. Read more

 

News
www.securityfocus.com:
Google Desktop flaw allows data theft. Read more

www.securityfocus.com:
TJX breach larger than previously thought. Read more

www.theregister.co.uk:
Mysterious 'Vladuz' again hacks eBay employee servers. Read more

www.theregister.co.uk:
Man pleads guilty to spreading Trojan via IRC. Read more

blogs.authentium.com:
Malware crosses 400,000 milestone. Read more

blog.washingtonpost.com:
Microsoft to Tighten Anti-Piracy Noose in Vista. Read more

www.microsoft-watch.com:
Why Google Matters to Microsoft. Read more

www.vnunet.com:
Kernel-level malware on the rise. Read more

www.wired.com:
Protect the Children From Porn. Read more

www.theregister.co.uk:
Ex-judge jailed for child abuse. Read more

22 February 2007

Guides, Papers, etc
www.watchfire.com:
Overtaking Google Desktop. Read more

www.f-secure.com:
Kernel Malware: The Attack from Within. Read more

csrc.nist.gov:
Guide to Intrusion Detection and Prevention Systems (IDPS). Read more

csrc.nist.gov:
Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i. Read more

csrc.nist.gov:
Guidelines on Electronic Mail Security. Read more

www.theregister.co.uk:
Vista security overview: too little too late. Read more

www.esecurityplanet.com:
Vista’s Faux Security. Read more

www.f-secure.com:
Kernel Malware. Read more

www.avertlabs.com:
Regional US banks are big targets for phishers. Read more

ha.ckers.org:
HideMyBrowsing Vulnerable to XSS and De-anonymization. Read more

www.2-spyware.com:
SpyDawn. Read more

www.eweek.com:
Black Hat, Back with the Hackers. Read more

www.darkreading.com:
VMs Create Potential Risks. Read more

www.darkreading.com:
Data That Haunts You. Read more

www.darkreading.com:
Careless Whispers. Read more

www.crime-research.org:
The secret life of a cyber hero. Read more

www.eagletribune.com:
Common sense is the best computer security. Read more

www.mcs.vuw.ac.nz:
Video demonstration of client exploitation. Watch

 

Vulnerabilities & Exploits
securitytracker.com:
Cisco Trust Agent Lets Local Users Gain System Privileges and Also View Passwords. Read more

securitytracker.com:
Cisco Secure Services Client Lets Local Users Gain System Privileges and Also View Passwords. Read more

securitytracker.com:
Cisco IP Phones Default Account Grants Remote Access and Subsequent Privilege Escalation. Read more

securitytracker.com:
Cisco Unified IP Conference Station Credential Caching Bug Grants Administrative Access to Remote Users. Read more

securitytracker.com:
Nortel Net Direct SSL VPN Client Race Condition Lets Local Users Gain Root Privileges. Read more

securitytracker.com:
JBoss Default Configuration Lets Remote Users Gain Administrative Access. Read more

securitytracker.com:
Trend Micro ServerProtect Stack Overflow in CMON_NetTestConnection() Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Ekiga Format String Flaw Lets Remote Users Execute Arbitrary Code. Read more

 

Tools:
lifehacker.com:
Learn everything about your PC with SIW. Read more

 

News
www.securityfocus.com:
Google Desktop flaw allows data theft. Read more

www.ocregister.com:
Ex-judge Kline gets prison. Read more

searchsecurity.techtarget.com:
Microsoft confirms new IE flaw. Read more

news.zdnet.co.uk:
Symantec: Vista is not a security solution. Read more

apcmag.com:
Microsoft apologises for serving malware. Read more

www.cio.in:
Flaw Allows Malicious Hackers to Take Control of Snort. Read more

www.contractoruk.com:
We trap worms in milliseconds, say IT boffins. Read more

www.betanews.com:
Only 104 Applications 'Vista Certified'. Read more

www.itnews.com.au:
PartyPoker under siege. Read more

21 February 2007

Guides, Papers, etc
blogs.securiteam.com:
How many bots? How many botnets? Read more

www.avertlabs.com:
Regional US banks are big targets for phishers. Read more

www.microsoft-watch.com:
Virtual PC and the Value of Free. Read more

www.it-observer.com:
Avoid Wasting Money on Penetration Testing. Read more

www.imediaconnection.com:
Why Google Will Lose Dominance. Read more

www.darkreading.com:
Die, Robot. Read more

www.darkreading.com:
Daylight Saving Switch Won't Help Hackers. Read more

www.jpost.com:
Digital World: Drive-by practical joking. Read more

www.oreillynet.com:
Hardware Versus Software Firewalls. Read more

sunbeltblog.blogspot.com:
Passwords: A Thing of the Past? Read more

www.eweek.com:
The OpenID Era Opens. Read more

podcast.dslextreme.com:
Audio: Leo Laporte - Your Tech Guy 328. Quantum Computing, the future of toys, and software vs hardware firewalls...Listen

 

Vulnerabilities & Exploits
securitytracker.com:
PHP Buffer Overflows and Format String Bugs Permit Code Execution and Denial of Service. Read more

securitytracker.com:
Sourcefire Intrusion Sensor Buffer Overflow in DCE/RPC Preprocessor Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Snort Buffer Overflow in DCE/RPC Preprocessor Lets Remote Users Execute Arbitrary Code. Read more

 

Tools:
www.metaeye.org:
Zombie scapper is an automated perl tool for detecting and stopping distributed denial of service programs. Read more

www.betanews.com:
Vista Hardware Assessment Tool Addresses Upgrade Dilemmas. Read more

 

News
networks.silicon.com:
Amnesty: ISPs must safeguard free speech. Read more

www.securityfocus.com:
Healthcare groups bleed patient data Read more

www.theregister.co.uk:
Windows Defender spyware-blocking under fire (again). Read more

www.itnews.com.au:
Australian cricket email attack. Read more

www.scmagazine.com:
Chinese hackers waging cyberwar on U.S. Read more

news.com.com:
U.S. cybersecurity czar has his marching orders. Read more

www.smh.com.au:
Man admits sending millions of spam e-mails that offered to steal passwords. Read more

www.vnunet.com:
Home wireless networks wide open. Read more

www.theregister.co.uk:
Phish fighters floored by DDoS assault. Read more

www.theregister.co.uk:
Hacked eBay accounts give rise to conspiracy theories. Read more

www.vnunet.com:
Windows Live Messenger ads serve up malware. Read more

www.computerworld.com:
Buying a new PC? 'Windows Vista Capable' barely hits the mark. Read more

20 February 2007

Guides, Papers, etc
www.f-secure.com:
Next up, IKEA customers! Read more

isc.sans.org:
Sourcefire addresses Snort vulnerability. Read more

www.avertlabs.com:
What Are MySpace Phishers Phishing For? Read more

www.websense.com:
Trojan Crimeware using Google Maps. Read more

ha.ckers.org:
Using DNS Pinning To Cookie Users. Read more

www.net-security.org
(IN)SECURE Magazine ISSUE 1.10 (February 2007). Read more

www.securityfocus.com:
Vista Review: Bugs and Confusion. Read more

www.technewsworld.com:
What Are You Doing to Stop Security Saboteurs? Read more

 

Vulnerabilities & Exploits
www.xdisclose.com:
Microsoft Internet Explorer Local File Accesses Vulnerability. Read more

securitytracker.com:
SpamAssassin Error in Processing Long URIs May Let Remote Users Deny Servce. Read more

securitytracker.com:
IBM DB2 DB2DIAG.LOG Symlink Flaw Lets Local Users Overwrite Files to Gain Elevated Privileges. Read more

 

Tools:
fileforum.betanews.com:
GFI LANguard Network Security Scanner 8.0 Beta. Read more

www.zhangduo.com:
Unknown Device Identifier 5.02. Reasd more

www.betanews.com:
Microsoft Issues Free Virtual PC 2007. Read more

www.dailytech.com/:
AnyDVD HD Defeats HD DVD Copy Protection. Read more

 

News
www.securityfocus.com:
Bill would require ISPs to track users. Read more

www.securityfocus.com:
China fingered as largest cyberthreat. Read more

www.zdnet.com.au:
Hackers pounce on Howard 'heart attack e-mail'. Read more

ipcommunications.tmcnet.com:
Korea Becomes Haven for Hackers. Read more

www.itnews.com.au:
Virus writers target Australian PM. Read more

www.smh.com.au:
Pining for the frauds: scammers act up. Read more

rconversation.blogs.com:
Chinese lawyers protest blog censorship by Sina.com. Read more

www.rsf.org:
Going online in Cuba - Internet under surveillance. Read more

www.nytimes.com:
Europe’s Plan to Track Phone and Net Use. Read more

www.thelocal.se:
Sweden to ban website attacks. Read more

www.theregister.co.uk:
Microsoft's dirty tricks archive vanishes. Read more

www.nytimes.com:
New Weapon in Web War Over Piracy. Read more

19 February 2007

Guides, Papers, etc
isc.sans.org:
Javascript decoding round-up. Read more

www.red-database-security.com:
Oracle Rootkits 2.0. Read more

www.macnewsworld.com:
Mac Malware: Slow but Steady Evolution. Read more

video.google.com:
Video: Badvertisements: Stealthy Click Fraud with Unwitting Accessories. Watch

www.cio.com:
Getting Clueful: Five Things You Should Know About Fighting Spam. Read more

www.washingtonpost.com:
Hackers Love to Vacuum. Read more

www.howtoforge.com:
Convert Physical Windows Systems Into Virtual Machines To Be Run On A Linux Desktop. Read more

www.itnews.com.au:
CA CEO: IPv6 will be insecure. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Trend Micro OfficeScan Buffer Overflow in ActiveX Control Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.computerworld.com:
PayPal Makes Drying Up Phishing Holes a Priority. Read more

times.hankooki.com:
Korea Becomes Haven for Hackers. Read more

seclists.or:
Firefox: about:blank is phisher's best friend. Read more

msmvps.com:
WARNING: Winfixer and Errorsafe being distributed via MSN Messenger banner advertisements. Read more

www.webuser.co.uk:
Anti-piracy tool to be upgraded. Read more

ha.ckers.org:
Google Click Fraud and Phishing Talk. Read more

www.technologyevangelist.com:
Microsoft dirty tricks that were never revealed. Read more

www.technologyevangelist.com:
Microsoft dirty tricks, part two. Read more

techdirt.com:
Microsoft Applies For Patent Telling You If A Website Is On A List Of Phishing Sites. Read more

it.slashdot.org:
Network Computing Editor Wins RSA Hacking Contest. Read more

www.pinktentacle.com:
Hitachi develops RFID powder. Read more

17 February 2007

Guides, Papers, etc
www.securityfocus.com:
Imperfect Storm aids spammers. Read more

reviews.cnet.com:
Hacking the Super Bowl. Read more

www.f-secure.com:
Poll Results - Should Police Hack? Read more

myappsecurity.blogspot.com:
Reflection on RSnake. Read more

windowssecrets.com:
Use Vista without activation for 120 days. Read more

www.itwire.com.au:
Let's cut the crap about Vista security. Read more

www.baselinemag.com:
Time to Get Tough on Security Threats. Read more

blogs.zdnet.com:
Another Malware protection engine becomes Malware enabler engine. Read more

news.zdnet.com:
Symantec's Thompson: No Vista for me. Read more

blogs.zdnet.com:
Schneier: Do not upgrade to Vista. Read more

www.darkreading.com:
Digging Into Motivation. Read more

lifehacker.com:
Encrypt your web browsing session (with an SSH SOCKS proxy). Read more

ha.ckers.org:
Embeding SVG That Contains XSS Using Base64 Encoding in Firefox. Read more

ha.ckers.org:
Firefox location.hostname Vulnerability. Read more

www.xnos.org:
WEF - Web Exploit Finder. Read more

www.infoworld.com:
DNS attack puts Web security in perspective. Read more

aolradio.podcast.aol.com:
Audio: Security Now 79: Spambots. Listen

 

Vulnerabilities & Exploits
securitytracker.com:
Mac OS X Finder Disk Image Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple iChat Format String Bug Lets Remote Users Execute Arbitrary Code and Null Pointer Dereference Lets Remote Users Deny Service. Read more

securitytracker.com:
Clam AntiVirus MIME Parameter Directory Traversal Bug Lets Remote Users Overwrite Certain Files. Read more

securitytracker.com:
Clam AntiVirus CAB File Descriptor Leak Lets Remote Users Deny Service. Read more

 

Tools:
www.microsoft.com:
Microsoft Baseline Security Analyzer 2.1. Read more

 

News
news.zdnet.co.uk:
Nasa hacker's fate hangs in balance. Read more

news.zdnet.co.uk:
Cyberattacks exploit Word flaw. Read more

www.irishdev.com/:
International Hacker gang nets 300,000 from bank robbery. Read more

english.sabah.com.tr:
Izmir Police captures gang of hackers. Read more

www.darkreading.com:
Insider Tries to Steal $400 Million at DuPont. Read more

www.darkreading.com:
Tool Uncovers Inadvertent 'Chatter'. Read more

www.technewsworld.com:
Router Hack Attack Could Expose Home Network Users. Read more

www.computerworld.com:
Some PayPal users plagued by security warnings, log-in woes. Read more

www.smh.com.au:
Spammers face new controls under Singapore bill. Read more

www.websense.com:
Data Breach Alert: Multiple Organization Data Breaches. Read more

16 February 2007

Guides, Papers, etc
www.symantec.com:
Drive-By Pharming: How Clicking on a Link Can Cost You Dearly. Read more

www.darkreading.com:
Elephant in the Home Office. Read more

honeyblog.org:
Web Exploit Finder. Read more

www.xnos.org:
WEF - Web Exploit Finder. Read more

www.securityfocus.com:
Laptop Losses and Phishing Fruit Salad. Read more

www.networkcomputing.com/:
Breaking DNS with Wildcard records. Read more

blogs.securiteam.com:
SunOS telnetd vs. uTorrent. Read more

blogs.securiteam.com:
Wireless “Drive-by Pharming Threat”. Read more

blogs.securiteam.com:
Apple fixed four issues of MoAB. Read more

dmiessler.com:
Vista Security A Joke? : Executables Install As Administrator Because It’s More Convenient. Read more

www.darkreading.com:
For Hackers, By a Hacker. Read more

www.darkreading.com:
Malware Attacks on Mobile Operators Soar – Is the Enterprise Next? Read more

www.darkreading.com:
3G Card Secures Laptops. Read more

 

Vulnerabilities & Exploits
www.f-secure.com:
Firefox Cookie Bug. Read more

securitytracker.com:
IBM AIX Buffer Overflow in 'swcons' Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
HP Serviceguard for Linux Unspecified Vulnerability Lets Remote Users Gain Access. Read more

securitytracker.com:
Mozilla Firefox 'location.hostname' Property Lets Remote Users Bypass Domain Security Restrictions. Read more

securitytracker.com:
Microsoft Word Unspecified Vulnerability Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.eweek.com:
AIM Rootkit Attack Traced to Middle East. Read more

news.mk.co.kr:
Citibank Customer Data Hacked, Purchases Made. Read more

www.msnbc.msn.co:
Teacher’s porn conviction sparks tech debate. Read more

www.securityfocus.com:
Another Microsoft Word zero-day appears. Read more

www.theregister.co.uk:
Microsoft probes new Office vulnerability. Read more

www.darkreading.com:
Microsoft Issues Warning on Daylight-Saving Time Software Flaw. Read more

www.itnews.com.au:
Hackers roll out Valentine's Day rootkit. Read more

www.itnews.com.au:
Latest identity theft scam targets business executives. Read more

www.pcpro.co.uk:
Security researchers probe Proactive Worm Containment. Read more

technology.timesonline.co.uk:
Speed could kill for internet worms. Read more

www.theregister.co.uk:
Infected PCs spew malware over 3G connections. Read more

news.com.com:
Hack lets intruders sneak into home routers. Read more

www.theregister.co.uk:
Turkish hacker strikes Down Under. Read more

www.theregister.co.uk:
'Pentagon hacker' plays joker on US authorities. Read more

www.theregister.co.uk:
Workplace smoke ban a 'gift' for hackers. Read more

www.darkreading.com:
Hacker Claims Progress in Decrypting High-Definition Movies. Read more

15 February 2007

Guides, Papers, etc
blogs.securiteam.com:
Solaris telnet vuln solutions digest and network risks. Read more

blogs.securiteam.com:
A 13 year old froot. Read more

blogs.securiteam.com:
Solaris telnetd Analysis. Read more

blogs.securiteam.com:
telnetd oops. Read more

www.f-secure.com:
Valentine's Day Flash. Read more

www.avertlabs.com:
Malware Marketing MalwareWipe. Read more

www.eweek.com:
The Last Great Security Crisis. Read more

isc.sans.org:
The missing Microsoft patches. Read more

www.eweek.com:
A 'Love' Note We'd Like to Forget. Read more

passivemode.net:
Caught in the Network. Read more

www.theregister.co.uk:
Vista first look: Bugs and confusion. Read more

news.bbc.co.uk:
Keeping secrets from web spies. Read more

www.computerworld.com:
Spam, viruses, botnets: Can the Internet be saved?. Read more

www.darkreading.com:
I Love You, Sucker. Read more

www.darkreading.com:
Fresh Meat for Hackers. Read more

www.websense.com:
It's good to be an information miser. Read more

www.baselinemag.com:
E-Mail Security: Filtering Garbage Out, Keeping Secrets In. Read more

www.securitycadets.com:
Spammers taking the wrong turn! Read more

blogs.msdn.com:
Zones and Default Settings. Read more

www.sift.com.au:
Log Injection Attack and Defence. Read more

www.websense.com:
Dolphin Stadium Malware Analysis. Read more

www.box.net:
Malware analysis: Nailuj sys file. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Cisco PIX Firewall Lets Remote Users Deny Service and Remote Authenticated Users Gain Elevated Privileges. Read more

securitytracker.com:
Cisco ASA Lets Remote Users Deny Service and Remote Authenticated Users Gain Elevated Privileges. Read more

securitytracker.com:
Cisco Firewall Service Module Lets Remote Users Deny Service and Potentially Bypass Intended ACLs. Read more

securitytracker.com:
Solaris TCP Subsystem Race Condition Lets Remote Users Deny Service. Read more

securitytracker.com:
uTorrent Buffer Overflow in Processing the 'announce' Key Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Adobe ColdFusion Input Validation Hole in JRun Administrative Console Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Adobe JRun Input Validation Hole in Administrative Console Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Adobe ColdFusion Input Validation Flaw in Default Error Page Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Adobe ColdFusion Input Validation Hole When Global Script Protection is Disabled Permits Cross-Site Scripting Attacks.Read more

 

Tools:
sqlservercode.blogspot.com:
The Sysinternals Troubleshooting Utilities have been rolled up into a single Suite of tools. Read more

 

News
www.theregister.co.uk:
Was Julie Amero wrongly convicted? Read more

news.bbc.co.uk:
British hacker fights extradition. Read more

www.securityfocus.com:
Music DRM to disappear? Read more

www.channelregister.co.uk:
Don't get infected on Valentine's Day. Read more

www.vnunet.com:
Valentine worm 'spreading fast'. Read more

www.techtree.com:
McAfee Reports Virus Vulnerability. Read more

www.fcw.com:
Cyber officials: Chinese hackers attack 'anything and everything'. Read more

www.betanews.com:
PSU Researchers Create Worm Speed Trap. Read more

www.vnunet.com:
Chinese cops crack Fujacks hacks. Read more

www.nctimes.com:
California Muslim organization's Web site hacked, defaced. Read more

14 February 2007

Guides, Papers, etc
theinvisiblethings.blogspot.com:
Vista Security Model – A Big Joke? Read more

www.it-observer.com:
Targeted cyber attacks. Read more

www.computerworld.com:
ID Theft: Where you live makes a difference, study finds. Read more

www.f-secure.com:
Valentine Patch. Read more

www.networkcomputing.com:
For Hackers, By a Hacker. Read more

www.esecurityplanet.com:
Great Security Blunders. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Microsoft Windows Defender Integer Overflow in Parsing PDF Files Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft HTML Help ActiveX Control Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Step-by-Step Interactive Training Buffer Overflow in Processing Bookmark Links Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Internet Explorer Multiple COM Objects Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Internet Explorer FTP Server Response Memory Corruption Error Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Windows RichEdit OLE Memory Corruption Error Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Office OLE Memory Corruption Error Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Word Macro Security Warning Bug and Drawing Object Memory Corrupution Error Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft MFC Memory Corruption Error Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft OLE Dialog RTF File Memory Corruption Error Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Windows Image Acquisition Service Buffer Overflow Lets Local Users Gain System Privileges. Read more

securitytracker.com:
Windows Shell Hardware Detection Service Parameter Validation Error Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Cisco IOS IPS Feature Set Lets Remote Users Deny Service or Evade Intrusion Detection. Read more

securitytracker.com:
HP-UX SLSd Bug Lets Remote Users Gain Root Access. Read more

securitytracker.com:
HP-UX ARPA Transport Bug Lets Local Users Deny Service. Read more

 

News
www.microsoft.com:
Microsoft Security Bulletin Summary for February, 2007. Read more

www.securityfocus.com:
Microsoft issues a dozen patches. Read more

www.securityfocus.com:
Old Firefox, IE flaw remains unfixed. Read more

blogs.zdnet.com:
Hacker, Microsoft duke it out over Vista design flaw. Read more

www.theregister.co.uk:
Hacker cracks HD copy protection. Read more

news.xinhuanet.com:
Police to release anti-virus program written by "panda" virus author. Read more

www.darkreading.com:
Study: Two Hacks a Minute. Read more

www.darkreading.com:
Vendors Push Virtual Security. Read more

computerworld.com:
'Storm Trojan' ignites worm war. Read more

www.reuters.com:
IBM says new technology can triple data storage-report. Read more

13 February 2007

Guides, Papers, etc
www.websense.com:
Defacing -> A Malicious Trifecta. Read more

blogs.securiteam.com:
Web Server Botnets and Server Farms as Attack Platforms. Read more

blogs.technet.com:
PsExec, User Account Control and Security Boundaries. Read more

www.eweek.com:
GoDaddy Steps in It. Read more

www.avertlabs.com:
W32/Fujacks: Panda Malware Breeders Arrested. Read more

isc.sans.org:
Another good reason to stop using telnet. Read more

www.data-storage-today.com:
Keeping Up with Polymorphic Worms and Botnets. Read more

www.darkreading.com:
New Method Traps 'Fast' Worms. Read more

www.gnucitizen.org:
Browser Focus RIP. Read more

www.schneier.com:
DRM in Windows Vista. Read more

www.businessintelligencelowdown.com:
Top 10 Hilarious Viruses, Trojans and Worms. Read more

www.technewsworld.com:
The New Front Line in Defending Against Online Threats. Read more

www.darkreading.com:
Don't Ask, Don't Telnet. Read more

www.darkreading.com:
Data Destruction, at Your Disposal. Read more

blog.wired.com:
Vista Month: Welcome To The DRM? Read more

 

Vulnerabilities & Exploits
securitytracker.com:
SAP Web Application Server Lets Remote Users Traverse the Directory and Deny Service. Read more

securitytracker.com:
Solaris in.telnetd Grants Access to Remote Users. Read more

securitytracker.com:
Sage Reader Extension Input Validation Hole Permits Script Injection Attacks. Read more

securitytracker.com:
IP3 NetAccess Missing Input Validation in 'getfile.cgi' Lets Remote Users Traverse the Directory. Read more

 

News
www.securityfocus.com:
PayPal offers security key. Read more

www.theregister.co.uk:
Mobile malware menace hits high - McAfee. Read more

news.xinhuanet.com:
Police catch top computer virus maker in C China. Read more

passivemode.net:
Mouse-Trapped. The case of Julie Amero. Read more

www.internetnews.com:
Google Turns Over User IDs. Read more

www.arabnews.com:
Latest Security Threat: Holding Data Hostage. Read more

www.informationweek.com:
A Security Researcher Gets Offered The Big Score. Read more

www.itnews.com.au:
Valentine's Day Attacks Not So Sweet. Read more

www.theregister.co.uk:
Mobile forensics turns up heat on suspects. Read more

12 February 2007

Guides, Papers, etc
isc.sans.org:
Encrypted malware and code reusability. Read more

blogs.securiteam.com:
Solaris Telnet 0day or Embarrassment. Read more

blogs.securiteam.com:
Colin Powell’s RSA Talk. Read more

www.informationweek.com:
How Does The Hacker Economy Work? Read more

www.cl.cam.ac.uk:
The Economics of Information Security: A Survey and Open Questions. Read more

portal.spidynamics.com:
Security zone shortcomings: why browsers and websites encourage phishing. Read more

www.securitypark.co.uk:
Dangerous web browsers. Read more

www.joreybump.com:
Poor Man's Greylisting. Read more

www.crankycustomer.com:
Punished by eNom for a Registration Placeholder. Read more

www.wired.com:
CSI: TCP/IP. Keep your friends close and your enemies closer. Why the Pentagon's toughest Internet crime fighter likes hanging out with blackhat hackers. Read more

www.cgisecurity.com:
Interview with Sullo the Author of Nikto. Read more

creditpro.wordpress.com:
8 Things You Must Do If Your Identity Is Stolen. Read more

www.antidrm.hpg.ig.com.br:
How to break DRM (iTunes, DVD, etc) for lawful purposes. Read more

 

News
blogs.zdnet.com:
Code posted for Solaris remote root exploit. Read more

english.chosun.com:
Hackers Attack 92,000 Korean Computers. Read more

www.mercurynews.com:
Tech Notebook: No safety, even at security gathering. Read more

news.zdnet.com:
Price of cybercrime tools shrinks. Read more

techdirt.com:
China Discovering The Futility Of Banning Internet Cafes. Read more

www.betanews.com:
Internet DNS to Receive 3-Year, $100mn Overhaul. Read more

www.washingtonpost.com:
WiFi Turns Internet Into Hideout for Criminals. Read more

www.firstcoastnews.com:
High School Hackers Cancel School With Fake Snow Day. Read more

10 February 2007

Guides, Papers, etc
blogs.securiteam.com:
Skype’s motherboard serial number spy 1.com - part of DRM technology. Read more

isc.sans.org:
Security Guard Script e-mail scam. Read more

www.avertlabs.com:
Exploit Targeting Unpatched Word Vulnerability Spotted. Read more

www.wired.com:
An American Idol for Crypto Geeks. Read more

www.securityfocus.com:
Introduction to Windows Integrity Control. Read more

www.informationweek.com:
How Does The Hacker Economy Work? Read more

www.informationweek.com:
A Security Researcher Gets Offered The Big Score. Read more

mathaba.net:
Study Provides Insight Into Hacks. Read more

www.viruslist.com:
Highly privileged malware. Read more

www.darkreading.com:
Are 'Sealed' Websites Any Safer? Read more

www.darkreading.com:
Encryption Set to Go Mainstream. Read more

www.computerworld.com:
Wait! Don't buy Windows Vista! Read more

www.technewsworld.com:
Vista, Hackers, Red Flags and Bulls. Read more

seattletimes.nwsource.com:
Password recovery may not be needed. Read more

www.baselinemag.com:
Security Case: How To Survive a Bot Attack. Read more

webservices.sys-con.com:
The Top 150 i-Technology Heroes of Today and Yesteryear: Final List. Read more

aolradio.podcast.aol.com:
Audio. Security Now 78: Hardware DEP. Listen

www.au-p2p.info:
Watch out for super hacker. Read more

 

Tools:
blogs.zdnet.com:
Wi-Fi hacking, with a handheld PDA. Read more

 

News
www.theregister.co.uk:
MS plans 'dirty dozen' patch release. Read more

www.vnunet.com:
Phishers slip through Firefox security net. Read more

www.darkreading.com:
VeriSign Ups the DNS Ante. Read more

www.usatoday.com:
Tech experts plot to catch identity thieves. Read more

www.terra.net.lb:
Computer experts warn of viruses in Valentine messages. Read more

www.theregister.co.uk:
Sophos changes tack with mobile anti-virus launch. Read more

news.zdnet.com:
Canadian nuclear safety site defaced by hacker. Read more

www.fcw.com:
Attack by Korean hacker prompts Defense Department cyber debate. Read more

www.wpsdtv.com:
Hackers Create Snow Day For School. Read more

09 February 2007

Guides, Papers, etc
www.secureworks.com:
Storm Worm DDoS Attack. Read more

www.f-secure.com:
Storm-Worm Gang Attacking the Warezov Gang. Read more

www.mcs.vuw.ac.nz:
Video Presentations on Client Honeypots. Read more

www.microsoft.com:
Microsoft Security Bulletin Advance Notification. Read more

www.2-spyware.com:
Nurech - Valentine’s day worm. Read more

blogs.securiteam.com:
Microsoft Live OneCare - May Need More Care. Read more

www.darkreading.com:
VeriSign Ups the DNS Ante. Read more

www.darkreading.com:
DNS Anxiety Attack. Read more

blogs.securiteam.com:
Chip & PIN relay attacks - Man in the middle style. Read more

www.securityfocus.com:
Nothing to Fear... ? Read more

www.it-observer.com:
Yapbrowser: Directing you to Illegal Content. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
HP OpenView Storage Data Protector Lets Local Users Execute Arbitrary Code. Read more

securitytracker.com:
HP Mercury LoadRunner Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
HP Mercury Performance Center Stack Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
HP Mercury Monitor Over Firewall Stack Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
D-Bus match_rule_equal() Bug Lets Local Users Deny Service. Read more

securitytracker.com:
HP OpenView Network Node Manager Unsafe Folder Permissions Lets Local Windows Users Gain Elevated Privileges. Read more

securitytracker.com:
IBM AIX Buffer Overflows in rsh, rcp, rlogin, and rdist Commands Let Local Users Gain Root Privileges. Read more

securitytracker.com:
Trend Micro Anti-Spyware Unsafe 'TmComm.sys' Driver Permissions Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Trend Micro Antivirus Unsafe 'TmComm.sys' Driver Permissions Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
PC-cillin Unsafe 'TmComm.sys' Driver Permissions Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Trend Micro PC-cillin UPX File Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Trend Micro OfficeScan UPX File Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

 

Tools:
www.virtualization.info:
VMware Workstation 6.0 hits beta 3. Read more

 

News
www.securityfocus.com:
U.S. calls for more organized cyber response. Read more

www.securityfocus.com:
Companies increasingly reporting attacks. Read more

news.zdnet.co.uk:
Kaspersky: Ransomware is key threat. Read more

www.theregister.co.uk:
US cyber chief talks tough on security. Read more

www.itnews.com.au:
Security experts beaten at their own game. Read more

www.theregister.co.uk:
US Disease Control website catches malware cold. Read more

www.msnbc.msn.com:
Hackers attack every 39 seconds. Read more

www.theregister.co.uk:
Anatomy sheds new light on Storm Worm. Read more

news.com.com:
Microsoft to expand security research teams. Read more

www.esecurityplanet.com:
Red Hat Rolls New Security Certificate System. Read more

08 February 2007

Guides, Papers, etc
www.sophos.com:
Did your PC try to bring down the internet last night? asks Sophos. Read more

www.darkreading.com:
DNS Attack: Only a Warning Shot? Read more

www.darkreading.com:
Microsoft Vision Raises Questions. Read more

www.darkreading.com:
Browsers Gone Bad. Read more

www.f-secure.com:
VirusTotal Online Scanner. Read more

www.avertlabs.com:
Bot Countermeasures. Read more

www.2-spyware.com:
AntiVermeans. Read more

blog.hispasec.com:
Welcome to 2007: the year of professional organized malware development. Read more

software.silicon.com:
Microsoft to expand its security footprint. Read more

blog.wired.com:
Web 2.0 As A Story To Be Destroyed by Hackers. Read more

www.it-observer.com:
Pen Testing vs. Vulnerability Analysis Tools, Which is Best? Read more

 

Vulnerabilities & Exploits
labs.idefense.com:
RARLabs Unrar Password Prompt Buffer Overflow Vulnerability. Read more

securitytracker.com:
Trend Micro Interscan VirusWall UPX File Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
PostgreSQL Data Type Check Bypass and Table Column Modification Bugs Let Remote Users Deny Service. Read more

 

Tools:
www.snortsam.net:
SnortSam is a plugin for Snort. Read more

 

News
www.reuters.com:
China shuts 205 Web sites in crackdown on piracy. Read more

www.msnbc.msn.com:
Singapore man jailed for tapping network. Read more

www.vnunet.com:
Lack of skills overwhelms e-crime police. Read more

www.theregister.co.uk:
Austrian police bust international child abuse ring. Read more

www.eweek.com:
Sentenced to the Intellectual Property Gulag. Read more

www.computerworld.com.au:
RSA - Hackers find a wealth of victims on corporate sites. Read more

news.com.com:
GOP revives ISP-tracking legislation. Read more

press-releases.techwhack.com:
Dell Adds Anti-Theft Security for Notebook Computers. Read more

www.avantnews.com:
Windows Vista Startup Music Designed on Macs. Read more

pressesc.com:
UK to jail privacy violators. Read more

www.informationweek.com:
Security Experts Aren't So Secure At RSA Conference. Read more

07 February 2007

Guides, Papers, etc
isc.sans.org:
Attack on DNS root servers. Read more

isc.sans.org:
more code injection sites 8.js. Read more

www.schneier.com/:
The Psychology of Security. Read more

www.microsoft.com:
I Know What You Did Last Logon - Monitoring Software, Spyware, and Privacy. Read more

www.microsoft.com:
Enabling Secure Anywhere Access in a Connected World. Read more

www.avertlabs.com:
Keeping Spam Out of the Network. Read more

www.eweek.com:
Credibility at the Forefront. Read more

atlas.arbor.net:
ATLAS, Active Threat Level Analysis System. Read more

www.computerworld.com:
Study: Weak passwords really do help hackers. Read more

www.pagetable.com:
Skype Reads Your BIOS and Motherboard Serial Number. Read more

www.viruslist.com:
Moscow piracy remains at stable level. Read more

www.darkreading.com:
On the Dark Side of ISP Nets. Read more

www.darkreading.com:
Color-Coding Web Searches. Read more

www.voip-news.com:
Hacking Skype: 25 Tips to Improve your Skype Experience. Read more

www.advicesource.org:
Run Existing Windows Installation on Ubuntu with Vmware Player. Read more

flickr.com:
Deleting a desktop shortcut in Windows Vista? Hey, it's only 7 clicks… Read more

 

Vulnerabilities & Exploits
www.securiteam.com:
Firefox Popup Blocker Allows Reading Arbitrary Local Files. Read more

securitytracker.com:
HP Tru64 UNIX ps Command Discloses Environment Variables to Local Users. Read more

securitytracker.com:
KDE Konqueror Input Validation Hole in Processing HTML Title Tags Permits Cross-Site Scripting Attacks. Read more

 

Tools:
linuxdevices.com:
A hacker's-eye view of Nokia's N800 Internet Tablet. Read more

 

News
www.securityfocus.com:
Attack seriously slows two root servers. Read more

www.theregister.co.uk:
DDoSers bombard Military root server (and more). Read more

www.theregister.co.uk:
Symantec: Microsoft conflict of interest is damaging internet. Read more

www.megasecurity.org:
Microsoft’s Vista anti-virus solution slammed. Read more

www.betanews.com:
Microsoft Acknowledges Vista Anti-Virus Failed VB100 Test. Read more

www.securityfocus.com:
Apple's Jobs calls for end of DRM. Read more

www.usatoday.com:
Pirated Vista dirt cheap on Latin American streets. Read more

www.computing.co.uk:
New phishing technique discovered. Read more

www.theregister.co.uk:
German police Trojan tactics verboten. Read more

www.theregister.co.uk:
Gorbachev tells Gates to leave the pirates alone. Read more

arstechnica.com:
NVIDIA responds to complaints about state of Vista drivers. Read more

www.darkreading.com:
Attackers Take Trojans to the Bank. Read more

www.darkreading.com:
PayPal CSO: Phishing Threat Overstated. Read more

www.theregister.co.uk:
Slacker or hacker? Read more

news.zdnet.co.uk:
Paris unlocks open source for kids. Read more

06 February 2007

Guides, Papers, etc
www.securityfocus.com:
PHP Security From The Inside. Read more

isc.sans.org:
More on dealing with image spam. Read more

www.theregister.co.uk:
Security watchers lambast Vista. Read more

www.darkreading.com:
VA Déjà Vu. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Samba Solaris winbindd Daemon Name Resolution Query Buffer Overflows May Let Remtoe Users Execute Arbitrary Code. Read more

securitytracker.com:
Samba Format String Bug in 'afsacl.so' VFS Plugin May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Samba smbd Deferred File Open Processing Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
Blue Coat WinProxy Heap Overflow in Processing HTTP CONNECT Requests May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Bugzilla Input Validation Flaw in Atom Feeds Permits Cross-Site Scripting Attacks and Access Control Bug May Disclose Database Password. Read more

 

News
www.theregister.co.uk:
Hackers target unpatched Office flaw. Read more

www.pcpro.co.uk:
Microsoft, McAfee fail to spot Vista viruses. Read more

www.networkworld.com:
Study: Users ignore bank security features. Read more

www.dw-world.de:
German Supreme Court Deems Police Hacking Illegal. Read more

www.technewsworld.com:
Google Earth Agrees to Blur Sensitive Images of India. Read more

www.betanews.com:
Gorbachev Asks Gates to Show 'Pirate' Mercy. Read more

www.smh.com.au:
Hacker to write autobiography. Read more

www.itnews.com.au
Bot claims to crack malware in minutes. Read more

05 February 2007

Guides, Papers, etc
namb.la:
Technical explanation of The MySpace Worm. Read more

theinvisiblethings.blogspot.com:
Running Vista Every Day! Read more

theinvisiblethings.blogspot.com:
Beyond The CPU: Cheating Hardware Based RAM Forensics. Read more

www.cio-today.com:
Malware Attacks Getting Much Worse. Read more

shampoo.antville.org:
Using Java in anti DNS-pinning attacks (Firefox and Opera). Read more

www-128.ibm.com:
XML for Perl developers, Part 1: XML plus Perl -- simply magic. Read more

grandstreamdreams.blogspot.com:
Online System Security Scanners. Read more

www.nydailynews.com:
Easy call: Phoning via Web. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Microsoft Office Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
AIX Buffer Overflow in RDIST Command May Let Local Users Gain Elevated Privileges. Read more

 

News
www.itnews.com.au:
Microsoft's OneCare fails Vista AV tests. Read more

news.com.com:
Study suggests flaw in bank sites' security. Read more

blogs.zdnet.com:
Zero-day #5: Beware of (unexpected) Excel files. Read more

www.usatoday.com:
Websites host wealth of crime-solving clues. Read more

www.technewsworld.com:
Wiping Out Cell Phone Zombies, Chicago-Style. Read more

03 February 2007

Guides, Papers, etc
reviews.cnet.com:
Windows Vista's half-cocked firewall. Read more

www.myantispyware.com:
Found new rogue antispyware apps - SpyMarshal, AntiVermins (AntiVerminser). Read more

www.myantispyware.com:
Mirar Toolbar - Unwanted Tool ? YES. Read more

isc.sans.org:
Solution for: The Twelve Days of Christmas Packet Challenge. Read more

www.eweek.com:
Goodmail, One Year Later. Read more

www.technewsworld.com:
Are Hackers Gaining Ground in Malware Wars? Read more

leaptag.typepad.com:
Google the Spy? Read more

www.darkreading.com:
Managed Email: Who's Watching? Read more

www.newsfactor.com:
Microsoft Downplays Vista Speech-Recognition Hack. Read more

www.microsoft-watch.com:
I Was Carded by Windows Vista. Read more

www.playfuls.com:
Windows Vista's Nasty Surprises. Read more

aolradio.podcast.aol.com:
Audio. Security Now 77: Microsoft Responds - Sponsored by Astaro Corp. Listen

 

Vulnerabilities & Exploits
securitytracker.com:
Solaris Loopback FileSystem Lets Local Users Move or Rename Read-only Files. Read more

 

News
www.securityfocus.com:
Security pros work to undo teacher's conviction. Read more

www.vnunet.com:
Dorf rockets to top of malware chart. Read more

www.theregister.co.uk:
Dutch botnet herder fined €75K for sending 9bn spams. Read more

www.itnews.com.au:
Microsoft challenges Symantec on newest Word Zero-day bug. Read more

news.com.com:
IE 7 gives secure Web sites the green light. Read more

www.playfuls.com:
Super Bowl's Dolphin Stadium's Website Hacked. Read more

02 February 2007

Guides, Papers, etc
news.com.com:
Survey: Are domain registrars free-speech friendly? Read more

www.securityfocus.com:
Study: ID fraud in decline. Read more

www.infoworld.com:
Vulnerability counts do matter. Read more

www.theregister.co.uk:
Vista encryption 'no threat' to computer forensics. Read more

www.eweek.com:
Goodmail, One Year Later. Read more

www.technewsworld.com:
Vista: A False Sense of Security? Read more

www.microsoft-watch.com:
I've Been Carded by Windows Vista. Read more

www.darkreading.com:
EV SSL: Dead on Arrival? Read more

technology.guardian.co.uk:
Googlebombs. Read more

www.thesamet.com:,br> Prepare for Attack!—Making Your Web Applications More Secure. Read more

lowendmac.com:
How to Infect a Mac with a Virus or Other Malware. Read more

www.websense.com:
Malicious Code / Malicious Website: Vivio Lure Spreading Crimeware. Read more

www.osweekly.com:
Spyware: Is Any OS Really Safe? Read more

blog.wired.com:
I Was a Cybercrook for the FBI. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Microsoft Word Unspecified Vulnerability Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Wireshark Bugs in TCP, HTTP, IEEE 802.11, and LLT Dissectors Let Remote Users Deny Service. Read more

securitytracker.com:
Comodo Firewall Pro 'cmdmon.sys' Driver Lets Local Users Deny Service and Potentially Gain Elevated Privileges.

 

News
www.scmagazine.com:
MySpace superworm creator sentenced to probation, community service. Read more

www.theregister.co.uk:
Yorkshire takes schools web filtering open source. Read more

www.theregister.co.uk:
Romania: Software piracy made us what we are today. Read more

www.theregister.co.uk:
California man busted for software piracy. Read more

www.theregister.co.uk:
'Contact us' attack takes out mail servers. Read more

www.tmcnet.com:
PC Tools Cracks Hacker Code in Seconds With New Secret Weapon -- Threat Expert(TM). Read more

www.itweb.co.za:
Worm bypasses gatekeepers. Read more

www.esecurityplanet.com:
Fraudsters Update Pump-And-Dump. Read more

01 February 2007

Guides, Papers, etc
blogs.securiteam.com:
No Daddy, please stop! Fyodor’s words. Read more

blogs.zdnet.com:
Vista Speech Command exposes remote exploit. Read more

www.beskerming.com:
PROFESSIONAL NETWORKING SITES & PHISHING. Read more

www.securityfocus.com:
Vista pranks possible via voice commands. Read more

www.theregister.co.uk:
Why Vista will take a back seat for a few years. Read more

www.dailytech.com:
Workaround Discovered For "Clean Install" With Vista Upgrade DVDs. Read more

www.technewsworld.com:
Will Bounty Hunters Cash In on Vista Bugs? Read more

blogs.msdn.com:
IE7 Phishing Filter Performance Update is Now Available. Read more

www.f-secure.com:
Video - Haxdoor Demo. Read more

www.symantec.com:
Watch the Exploit: A Targeted Attack Video. Read more

www.avertlabs.com:
Vista Speech Command ’says’ hello to malicous usage. Read more

www.avertlabs.com:
MS Zero-Day Flurry. Read more

www.sunbelt-software.com:
Sunbelt Software Distribution, Inc. (“Sunbelt”); Classification of NetNucleus.com’s The Mirar Toolbar. Read more

isc.sans.org:
Simon says: download backdoor.exe (or using Vista Speech Command for fun and profit). Read more

isc.sans.org:
Blocking .exe attachments. Read more

sunbeltblog.blogspot.com:
Seen in the wild: Incredibly misleading advertising by Evidence Eliminator. Read more

www.esecurityplanet.com:
Fraud and Hacks: Prevention and Recovery. Read more

resources.zdnet.co.uk:
Video: Torvalds on the difficulties of planning ahead. Watch

 

Vulnerabilities & Exploits
securitytracker.com:
Cisco IOS Can Be Crashed in Certain Cases By Remote Users Sending SIP Packets. Read more

securitytracker.com:
Solaris ICMP Echo Packet Processing Error Lets Remote Users Deny Service. Read more

securitytracker.com:
BIND DNSSEC Validation Bug Lets Remote Users Deny Service. Read more

 

News
www.virusbtn.com:
Koreans arrested for 1.6 billion spam blitz. Read more

www.theregister.co.uk:
IE ripe for attack, despite Microsoft claims. Read more

www.scmagazine.com:
Dutch hacker duo jailed for spreading trojan, stealing credit card information. Read more

www.itbsecurity.com:
Comment: Virus worms Its Way Into Tom Tom GPS Unit. Read more

news.com.com:
Skype to partner for security in the workplace. Read more

www.vnunet.com:
Charity hits back at malware. Read more


Copyright© MegaSecurity.org