Home    News Archive    Translate Traducen
News March 2006
31 March 2006

Guides, Papers, etc
www.benedelman.org:
Advertisers Funding Direct Revenue. Read more

insecuremag.com:
(IN)SECURE Magazine ISSUE 1.6 (March 2006). Read more

people.deas.harvard.edu:
Why Phishing Works. Read more

www.windowsecurity.com:
Best Practices for Configuring Group Policy Objects. Read more

www.joystiq.com:
Sony trounces MSFT & Nintendo in brand trust survey. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Sun Cluster SunPlex Manager May Let Certain Local Users Access Restricted Files. Read more

securitytracker.com:
NetBSD elf_load_file() Validation Error Lets Local Users Crash the System. Read more

securitytracker.com:
NetBSD mail(1) May Set Insecure File Permissions on Record File. Read more

securitytracker.com:
NetBSD if_bridge() May Disclose Portions of Kernel Memory to Local Users. Read more

securitytracker.com:
TWiki Access Control Bugs in rdiff and preview May Let Remote Users Access Restricted Content. Read more

 

News
informationweek.com:
Justice Department Subpoenas Reach Far Beyond Google. Read more

www.theregister.co.uk:
VXers add rootkit tech to MyDoom and Bagle. Read more

www.businessweek.com:
This Worm Is Nasty, Brutish, And Sneaky. Read more

isc.sans.org:
Microsoft Altering ActiveX in Next Set of Patches (NEW). Read more

www.securityfocus.com:
Spat over cell-phone spy program. Read more

blogs.zdnet.com:
Spyware in you cell phone — what next? Read more

www.eweek.com:
Hackers Use BBC News as IE Attack Lure. Read more

blog.washingtonpost.com:
RealNetworks Fixes Critical Media-Player Flaws. Read more

news.zdnet.co.uk:
Systems should be sold secure, says Interpol. Read more

software.silicon.com:
Vendors failing to secure applications. Read more

news.zdnet.com:
Microsoft extends life of security scanner. Read more

news.zdnet.co.uk:
Microsoft: 'Harden your environment'. Read more

www.computerworld.com:
Hacker hits Georgia state database via hole in security software. Read more

www.firstcoastnews.com:
College Student Charged in Hacking. Read more

www.theregister.co.uk:
Judge quashes MS bid to subpoena Oracle and Sun. Read more

www.theregister.co.uk:
Packet-sniffing techie uncovers spousal infidelity. Read more

30 March 2006

Guides, Papers, etc
isc.sans.org:
Windows Command-Line Kung Fu with WMIC (NEW). Read more

news.com.com:
Gates scopes out the business landscape. Read more

blog.washingtonpost.com:
When Macs Attack. Read more

www.securityfocus.com:
Open source security testing methodology. Read more

www.itweek.co.uk:
Do virtual machines weaken security? Read more

www.techworld.com:
Let down by McAfee. Read more

www.technewsworld.com:
Thefts Prompt Products That Do More to Secure Laptops. Read more

 

Tools:
blogs.securiteam.com:
diStorm - very quick (open source) stream disassembler. Read more

tamspalm.tamoggemon.com:
Google page creator review. Read more

 

Vulnerabilities & Exploits
www.hardened-php.net:
Advisory 03/2006: KisMAC Cisco Vendor Tag Encapsulated SSID Overflow. Read more

securitytracker.com:
MPlayer Integer Overflows in Processing ASF and AVI Headers Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Horde Application Framework Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
ExplorerXP Input Validation Hole Permits Directory Traversal and Cross-Site Scripting Attacks. Read more

securitytracker.com:
Genius VideoCAM Snapshot Viewer Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Blazix Server Discloses JSP Source Code to Remote Users. Read more

securitytracker.com:
VSNS Lemon Input Validation Holes Let Remote Users Inject SQL Commands and Cross-Site Scripting. Read more

 

News
www.virus.org:
Symbian Commercial Spyware Released. Read more

software.silicon.com:
Mobile spy software is 'a Trojan', says F-Secure. Read more

www.securityfocus.com:
Patches released for zero-day IE threat. Read more

www.infoworld.com:
After IE attacks, Microsoft eyes security betas. Read more

blog.eweek.com:
Microsoft Cautions Again on 3rd-Party Patches. Read more

www.thedailywtf.com:
The Spider of Doom. Read more

www.theregister.co.uk:
DNS hackers target domain registrars. Read more

www.techworld.com:
Open-source guru creates new ID system. Read more

www.itweek.co.uk:
Rumours rife over Google stake in Chinese ISP. Read more

www.techworld.com:
Porn surfing blamed for security woes. Read more

www.theregister.co.uk:
Joe-job spammers shift tactics to evade filters. Read more

www.theregister.co.uk:
German downloaders face two years' prison. Read more

29 March 2006

Guides, Papers, etc
blogs.securiteam.com:
Counters say MSIE 0-day exploit is extremely popular. Read more

blogs.securiteam.com:
Two Unofficial createTextRange() IE Patches. Read more

hacks.oreilly.com:
Scan for Viruses with Knoppix. Read more

os.newsforge.com:
Interview: Theo de Raadt of OpenBSD. Read more

www.it-observer.com:
Stealth Malware: Interview with Joanna Rutkowska. Read more

www.nzherald.co.nz:
Creator's vision of open net. Read more

blogs.zdnet.com:
Day 3: Stein: "In 5-10 years, most of the software you use will be free". Read more

 

Vulnerabilities & Exploits
Sun Grid Engine 'rsh' Bug Lets Local Users Obtain Root Privileges. Read more

HP-UX Unspecified Bug in passwd Lets Local Users Deny Service. Read more

Sun Solaris '/usr/ucb/ps' May Disclose Sensitive Information to Local Users. Read more

Veritas NetBackup Buffer Overflows in vmd, bpdbm, and bpspsserver Daemons Let Remote Users Execute Arbitrary Code. Read more

 

News
www.techworld.com:
DNS servers hit by more denial-of-service attacks. Read more

www.terra.net.lb:
Yahoo co-founder defends support for 'Great Firewall of China'. Read more

searchsecurity.techtarget.com:
Fresh Bagels offer baked-in rootkits. Read more

www.technewsworld.com:
Microsoft's Slow Reflexes Prompt Outside Firms to Fix IE Flaw. Read more

news.com.com:
Gates on the speed of Windows updates. Read more

www.betanews.com:
Microsoft Opens Public IE Bug Database. Read more

www.eweek.com:
Anti-malware Vendors Stare Down Microsoft Threat. Read more

money.cnn.com:
The sleeping giant goes on the offensive. Read more

www.redherring.com:
Hello, It’s Jajah Calling. A new Luxembourg company may hang up the phone on Skype. Read more

www.vnunet.com:
Holographic breakthrough crams in 0.5TB per square inch. Read more

blogs.zdnet.com:
How about some Fried Phish? Read more

www.sophos.com:
Beware of increase in child-porn spam, Sophos warns. Read more

28 March 2006

Guides, Papers, etc
edition.cnn.com:
CHINA AND INTERNET CENSORSHIP. Read more

www.s-3con.com:
Software Security Summit™ 2006. Read more

domino.watson.ibm.com:
Billy Goat, an Accurate Worm-Detection System (Revised Version). Read more

www.eweek.com:
In Internet Security, How Critical Is Critical? Read more

www.linux-watch.com:
Why is anyone still using Internet Explorer? Read more

durangoherald.com:
In PC world, fight against evil never ends. Read more

ddanchev.blogspot.com:
Are cyber criminals or bureaucrats the industry's top performer? Read more

usa.visa.com:
Payment Card Industry Data Security Standard. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
G-Book Lack of Input Validation in Message Conents Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
phpAdsNew Input Validation Holes in Admin Scripts and Login Form Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
phpPgAds Input Validation Holes in Admin Scripts and Login Form Permit Cross-Site Scripting Attacks. Read more

www.securityfocus.com:
Microsoft Windows XP SP2 Firewall issue. Read more

 

News
news.zdnet.com:
Third party offers temporary IE fix. Read more

www.vnunet.com:
Panda roots out rootkits. Read more

www.techweb.com:
FTC Smacks Spammer With $900,000 Fine. Read more

www.theregister.co.uk:
Israel jails spyware-for-hire couple. Read more

www.zdnet.com.au:
No security silver bullet for Vista: Microsoft. Read more

www.theregister.co.uk:
S'kiddies get into spyware for just $15. Read more

www.theregister.co.uk:
Four 419 scammers indicted, 800 to go. Read more

www.theregister.co.uk:
'Critical' IE bug threatens PC users. Read more

www.informationweek.com:
IT Confidential: Hey, Google, Are You Paying Attention? Read more

auctionbytes.com:
PayPal Security Flaw Makes eBay and PayPal Users Vulnerable to Phishers. Read more

www.computerweekly.com:
McAfee anti-virus glitch leaves firms struggling to restore systems. Read more

www.computerweekly.com:
Banks tread warily over two-factor security. Read more

Microsoft Opens Public IE Bug Database. Read more

arstechnica.com:
Take a sneak peek at Google's new interface. Read more

news.xinhuanet.com:
Hotmail-targeted computer viruses could attack China. Read more

www.vnunet.com:
Phishers stick the boot into World Cup fans. Read more

bugzilla.mozilla.org:
Firefox Bug Causes Relationship to Break Up. Read more

27 March 2006

Guides, Papers, etc
isc.sans.org:
Modified Malware for the IE Expoit. Read more

www.iht.com:
Burden of the years weighs on Windows. Read more

youtube.com:
Video: Bill Gates being grilled by US anti-trust lawyers. Watch

www.linux.com:
Making the jump to Linux: Six frustrations. Read more

blogs.zdnet.com:
SpywareQuake - newest rogue, replacing SpyFalcon and SpyAxe. Read more

news.com.com:
Windows is so slow, but why? Read more

 

Vulnerabilities & Exploits
blogs.securiteam.com:
Internet Explorer createTextRange() 0day ITW Exploit. Read more

securitytracker.com:
@1 File Store Input Validation Flaws Permit Cross-Site Scripting and SQL Injection Attacks. Read more

securitytracker.com:
Microsoft ASP.NET Incorrect COM Component Reference Lets Remote Users Deny Service. Read more

securitytracker.com:
CoMoblog Lack of Input Validation in 'img.php' Permits Cross-Site Scripting. Read more

securitytracker.com:
Orion Application Server Discloses JSP Source Code to Remote Users. Read more

securitytracker.com:
IBM Tivoli Business Systems Manager Input Validation Flaw in 'apwc_win_main.jsp' Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
BlackICE Help System Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
RealSecure Desktop Help System Lets Local Users Gain Elevated Privileges. Read more

 

News
computerworld.co.nz:
Microsoft warns of nasty IE bug. Read more

edition.cnn.com:
A Primer on Chinese Censoring Technology. Read more

www.informationweek.com:
Google's Privacy Win Could Be Pyrrhic Victory. Read more

www.washingtonpost.com:
Terrorist 007, Exposed. Read more

www.techworld.com:
Hackers get IBM's goat. Read more

software.silicon.com:
Trojan nasties raid passwords. Read more

rrstar.com:
Man fined $250 in first area case of Internet piracy. Read more

www.thenation.com:
Google's Wi-Fi Privacy Ploy. Read more

news.netcraft.com:
Domain Registrar Joker Hit by DDoS. Read more

www.eetimes.com:
Some Microsoft workers call for heads to roll. Read more

andyabramson.blogs.com:
Skype, Zennstrom, Friis Et Al Sued for RICO Violations. Rea more

25 March 2006

Guides, Papers, etc
www.f-secure.com:
How Would You Like Your Bagle Done, with Rootkits on the Side? Read more

www.securitypronews.com:
Kazaa And Others Flunk ‘Badware’ Test. Read more

edition.cnn.com:
Is your boss spying on you? Read more

reviews.cnet.com:
Theft of trust. Read more

www.infectionvectors.com:
Phish Sticks: Email Crime Update. Read more

 

News
www.techweb.com:
IE Exploit Strikes, Installs Spyware. Read more

software.silicon.com:
IE exploit could unleash email virus. Read more

news.zdnet.com:
Fixes in for RealPlayer flaws. Read more

www.theregister.co.uk:
Trojan intercepts bank tokens. Read more

news.zdnet.com:
DNS servers do hackers' dirty work. Read more

www.pcpro.co.uk:
Spyware kits for sale online for a pittance. Read more

www.smh.com.au:
Police snare high profile hacker. Read more

news.zdnet.com:
Microsoft mulls rushing out IE patch. Read more

www.betanews.com:
Microsoft: No Vista Code Changes. Read more

www.spamdailynews.com:
Jailed spam king caught conspiring to kill witness. Read more

www.zone-h.org:
Web saboteurs wanted? Russian Duma praises hacker crew for defacing "Anti-russian" web sites. Read more

www.securityfocus.com:
Check Point calls off Sourcefire buy. Read more

mosnews.com:
Russian Software Developer Beats Pirate in Boxing Ring. Read more

24 March 2006

Guides, Papers, etc
www.eecs.umich.edu:
SubVirt: Implementing malware with virtual machines. Read more

www.cdt.org:
Following the Money: How Advertising Dollars Encourage Nuisance and Harmful Adware and What Can be Done to Reverse the Trend. Read more

www.cdt.org:
Major Companies Help Fund the Spread of Unwanted Adware, New Report Finds. Read more

www.itnews.com.au:
Massive botnet stealing banking info. Read more

www.logisticsit.com:
AIM RFID Experts Refute RFID Virus Claims. Read more

ddanchev.blogspot.com:
Privacy issues related to mobile and wireless Internet access. Read more

itmanagement.earthweb.com:
A War Driving Experience - Part I: The Results. Read more

itmanagement.earthweb.com:
A War Driving Experience - Part II: Comparing the Results. Read more

www.tomsnetworking.com:
They're Out to Get You - An Introduction to Internet Security. Read more

 

Tools:
searchwindowssecurity.techtarget.com:
Little known Microsoft security utilities. Read more

 

Vulnerabilities & Exploits
Microsoft Security Advisory (917077)
Vulnerability in the way HTML Objects Handle Unexpected Method Calls Could Allow Remote Code Execution. Read more

www.idefense.com:
RealNetworks RealPlayer and Helix Player Invalid Chunk Size Heap Overflow Vulnerability. Read more

securitytracker.com:
HP-UX swagentd Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
Maian Weblog Input Validation Bugs in 'print.php' and 'mail.php' Permit SQL Injection. Read more

securitytracker.com:
OPIE on FreeBSD May Let Local Users Modify the Configuration or Remote Users Gain Root Access. Read more

securitytracker.com:
VeriSign Managed PKI Input Validation Flaw in 'haydn.exe' Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Microsoft Internet Explorer createTextRange() Memory Error Lets Remote Users Execute Arbitrary Code. Read more

blogs.securiteam.com:
Sendmail Silently-Patched Memory Leak. Read more

blogs.securiteam.com:
Trusting SMTP (more on SenderGate: SMTP Multiple Vulnerabilities). Read more

 

News
www.cdfreaks.com:
Starforce enforces DRM by instant reboot (without warning). Read more

www.theregister.co.uk:
Hackers put the futility back in Sun's grid utility. Read more

www.theregister.co.uk:
China breaks up illicit gaming and piracy networks. Read more

www.theregister.co.uk:
40,000 BP workers exposed in Ernst & Young laptop loss. Read more

software.silicon.com:
IE exploit could unleash email virus. Read more

www.theregister.co.uk:
Sendmail flaw poses critical hacker risk. Read more

www.scmagazine.com:
Double attack fires 650,000 trojan emails at U.K. firms. Read more

www.siliconrepublic.com:
Irish software company protests ‘trackware’ label. Read more

www.pcworld.com:
Largest U.S. Fine Ever Levied for Spam Violations. Read more

www.technewsworld.com:
Whistleblower Says FBI E-Mail Flap Overblown. Read more

news.com.com:
Four men charged in Nigeria e-mail scam. Read more

edition.cnn.com:
Vista delay potential boon for rivals. Read more

www.geekzone.co.nz:
Hard Disk Drive Organization Announces a New Sector Length Standard. Read more

news.bbc.co.uk:
Nano circuit offers big promise. Read more

edition.cnn.com:
Coming soon: Download-to-own films. Read more

23 March 2006

Guides, Papers, etc
Video: The Code Room: Breaking Into Vegas
The Code Room is a 1/2 hour internet TV show bases around information security. Episode 3 shows bad guys using a combination of SQL Injection and Session Hi-Jacking to steal 4.5 million dollars from a Vegas casino. Watch

www.businessweek.com:
Audio: Microsoft's Next Browser. Listen

www.washingtonpost.com:
Bringing Botnets Out of the Shadows. Read more

www.f-secure.com:
From Russia with Rootkit. Read more

www.pcmag.com:
Malware Grifters. Read more

www.windowsecurity.com:
Tools of the Trade (Part 2). Read more

ddanchev.blogspot.com:
The Practical Complexities of Adware Advertising. Read more

www.informationweek.com:
Vista Delays And Multiple Versions: Cut Through The Confusion. Read more

www.windowsecurity.com:
Hidden Backdoors, Trojan Horses and Rootkit Tools in a Windows Environment. Read more

www.ccianet.org:
CyberInsecurity: The Cost of Monopoly. Read more

www.techbuilder.org
Fight Spyware Like You Mean It! Read more

www.techbuilder.org:
The Ultimate Malware Fighter: System Restore. Read more

www.rit.edu:
Survey of Trends in Honeypot Technology Users. Read more

blogs.securiteam.com:
Copyright Gone Mad. Read more

www.securityfocus.com:
Security Czar. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
RealPlayer Buffer Overflow in Processing Mimio Broadcast Files May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
IPSec Bug in 'xform_esp.c' May Let Remote Users Bypass Anti-Replay Sequence Number Checking. Read more

securitytracker.com:
RealPlayer Heap Overflow in Embedded Player May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
RealPlayer Buffer Overflow in Processing SWF Flash Files Lets Remote Cause Arbitrary Code to Be Executed. Read more

securitytracker.com:
Sendmail Race Condition in Signal Handler May Let Remote Users Trigger a Buffer Overflow to Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Internet Explorer (IE) Lets Remote Users Cause HTA Files to Be Executed. Read more

securitytracker.com:
NetWare NILE.NLM May Use a Weak Encryption Algorithm or Cleartext via the SSL Port. Read more

securitytracker.com:
F5 FirePass Input Validation Hole in 'my.support.php3' Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
MailEnable POP Authentication Bug Has Unspecified Impact. Read more

securitytracker.com:
FreeRADIUS Input Validation Error in EAP-MSCHAPv2 Module May Let Remote Users Bypass Authentication. Read more

securitytracker.com:
Microsoft Internet Explorer 'mshtml.dll' Bug in Processing Multiple Action Handlers Lets Remote Users Deny Service. Read more

securitytracker.com:
X.Org Server '-modulepath' and '-logfile' Parameter Privilege Validation Error Lets Local Users Gain Root Privileges. Read more

securitytracker.com:
WebLogic Server Default Internal Servlet May Let Remote Users Access the Local File System. Read more

securitytracker.com:
WebLogic Portal May Disclose a User's JSR-168 Portlet Contents. Read more

 

News
www.securityfocus.com:
Interpol: Politicians failing to tackle phishing. Read more

www.securityfocus.com:
As Japanese Bring Work Home, Virus Hitches a Ride. Read more

www.wired.com:
Probes Scrutinize Caller ID Hacks. Read more

www.theregister.co.uk:
Gates admits Internet Explorer error. Read more

www.telecompaper.com:
Consumer Wi-Fi needs user-friendly security - study. Read more

www.usatoday.com:
Yahoo calls on customers to try its new phone service. Read more

22 March 2006

Guides, Papers, etc
Following the Money:
How Advertising Dollars Encourage Nuisance and Harmful Adware and What Can be Done to Reverse the Trend. Read more

www.washingtonpost.com:
Bringing Botnets Out of the Shadows. Read more

www.stopbadware.org:
Badware Report. Read more

www.pcmag.com:
Malware Grifters. Read more

www.securityfocus.com:
Encryption for the masses. Read more

www.cato.org:
Circumventing Competition. The Perverse Consequences of the Digital Millennium Copyright Act. Read more

 

Tools:
www.tgdaily.com:
Samsung launches 32 GB Flash disk for mobile computers. Read more

 

Vulnerabilities & Exploits
jeffrey.vanderstad.net:
The grasshopper vulnerability. Read more

www.securiteam.com:
Internet Explorer Script Action Handlers (mshtml.dll) Buffer Overflow. Read more

securitytracker.com:
WebLogic XML Document Parsing Memory Error Lets Remote Users Deny Service. Read more

securitytracker.com:
Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks. Read more

 

News
www.theregister.co.uk:
Windows Vista slips to 2007. Read more

www.microsoft-watch.com:
What's Really Behind the Windows Vista Delay? Read more

searchsecurity.techtarget.com:
New Trojan, kernel-level rootkit have 'frightening capabilities'. Read more

www.nthworld.org:
In-the-wild rootkit and Trojan. Read more

techdirt.com:
Security Through Begging. Read more

www.theregister.co.uk:
Adware backers named and shamed. Read more

www.eweek.com:
Spyware Trail Leads to Kazaa, Big Advertisers. Read more

spamkings.oreilly.com:
Spammers hitch a free ride on car site. Read more

www.abc.net.au:
Porn block plan 'would slow Internet'. Read more

money.cnn.com:
Microsoft's big Internet bet -- will it pay? Read more

www.informationweek.com:
Microsoft Refreshes Internet Explorer 7 Beta 2 Preview. Read more

campus.acm.org:
DEBUGGING EXPERT WINS ACM DOCTORAL DISSERTATION AWARD. Read more

today.reuters.co.uk:
China forced to rethink online gaming limit - FT. Read more

21 March 2006

Guides, Papers, etc
www.benedelman.org:
Advertisers Funding 180solutions. Read more

www.securityfocus.com:
Debit-card fraud underscores legal loopholes. Read more

www.courant.com:
How To Fight E-Invaders. Read more

www.channelregister.co.uk:
Forgotten password clues create hacker risk. Read more

www.computerweekly.com:
The effective response to computer crime. Read more

www.lurhq.com:
DNS Cache Poisoning – The Next Generation. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
betaparticle blog Input Validation Bugs in 'id' and 'fldGalleryID' Parameters Permit SQL Injection. Read more

 

News
www.securityfocus.com:
Web site takes exploits private. Read more

www.theregister.co.uk:
MS lawsuits aim to reel in phishers. Read more

online.wsj.com:
Former Hacker Irks Microsoft In EU Dispute. Read more

www.informationweek.com:
Gates Vows A New Internet Explorer Every Year--Or More. Read more

www.theinquirer.net:
Why Bill Gates is right, for once. Read more

news.com.com:
Gates looks to expand view beyond Windows. Read more

www.informationweek.com:
Bot Herders Ready Attack Against Message Forums. Read more

www.betanews.com:
MSN Silently Opens Up Live Messenger. Read more

www.esecurityplanet.com:
Google: Creating a World Without Privacy. Read more

today.reuters.co.uk:
Internet phone services to shake up Latam telecoms. Read more

20 March 2006

Guides, Papers, etc
www.iht.com:
Innovation may lower Net users' privacy. Read more

csrc.nist.gov:
SECURE HASH STANDARD. Read more

gtresearchnews.gatech.edu:
Optical-Wireless Convergence: New Network Architecture Delivers Super-Broadband Wired and Wireless Service Simultaneously. Read more

redtape.msnbc.com:
HOW CAN SOMEONE IN MOSCOW TAKE YOUR MONEY? Read more

www.betanews.com:
UMPC: Why Microsoft Thinks You Need It. Read more

news.com.com:
Spyware-killing Vista could take out rivals. Read more

j-walk.com:
The 3rd Annual Nigerian EMail Conference "Write better emails. Make more moneys. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
BorderWare MXtreme Vulnerability in Web Administration Interface Has Unspecified Impact. Read more

securitytracker.com:
AIX Bug in 'bos.rte.lvm' Has Unspecified Impact. Read more

securitytracker.com:
Veritas Backup Exec for Windows Servers Media Server Format String Bug in BENGINE May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Symantec Veritas Backup Exec Memory Errors Let Remote Users Deny Service. Read more

securitytracker.com:
HP-UX usermod Lets Local Users Modify File and Directory Permissions. Read more

securitytracker.com:
Novell FTP Server (NWFTPD) MDTM Command Buffer Overflow Lets Remote Authenticated Users Deny Service. Read more

 

News
www.computerworld.com:
Google must give index data, not queries, to gov't. Read more

www.redherring.com:
Judge Limits US Data Hunt. Read more

www.computerworld.com:
Tough week ahead for malware companies. Read more

www.techweb.com:
Brazen Botnets Steal From E-Shopping Carts. Read more

www.theinquirer.net:
Milosevic causes Trojan problems. Read more

isc.sans.org:
Potential phpBB Hack Coming? Read more

www.facetime.com:
FaceTime Identifies New Botnets Utilizing Instant Messaging to Steal Personal Information from Online Shoppers and PayPal Customers. Read more

news.zdnet.com:
Visa warns software may store customer data. Read more

www.theinquirer.net:
Microsoft sues firm for re-selling Spyware beta. Read more

economictimes.indiatimes.com:
Internet to get dot xxx porno line. Read more

www.techworld.com:
You can't lock up a Trojan. Read more

www.securitypark.co.uk:
1 in 5 emails is pharmaceutical spam. Read more

www.gcn.com:
NIST says agencies should begin move to stronger hashing tools. Read more

today.reuters.com:
Kinderstart sues Google over lower page ranking. Rea more

18 March 2006

Guides, Papers, etc
www.isotf.org:
DNS Amplification Attacks. Read more

members.lycos.co.uk:
Detecting Botnets Using a Low Interaction Honeypot. Read more

www.phrack.org:
Raising The Bar For Windows Rootkit Detection. Read more

ddanchev.blogspot.com:
Getting paid for getting hacked. Read more

www.microsoft-watch.com:
Internet Explorer Has a Future. Read more

 

Vulnerabilities & Exploits
www.ush.it:
Milkeyway Captive Portal Multiple Vulnerabilities. Read more

securitytracker.com:
unalz Directory Traversal Bug Lets Users Write Files to Arbitrary Locations. Read more

securitytracker.com:
Dwarf HTTP Server Discloses JSP Source Code and Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Milkeyway Input Validation Bugs Permit SQL Injection and Cross-Site Scripting Attacks. Read more

securitytracker.com:
phpMyAdmin Input Validation Flaw in 'set_theme' Permits Cross-Site Scripting Attacks. Read more

 

News
www.msnbc.msn.com:
Judge lets Google preserve some privacy. Read more

www.mercurynews.com:
Google avoids surrendering search requests to government. Read more

www.msnbc.msn.com:
Web site sues over Google 'blacklist'. Read more

today.reuters.co.uk:
U.S. judge dismisses Google copyright case. Read more

today.reuters.co.uk:
China jails Internet writer. Read more

reviews.cnet.com:
Psst. Your shiny new passport has a computer virus. Read more

isc.sans.org:
Phishing Messages May Include Highly-Personalized Information. Read more

www.scmagazine.com:
Experts expose botnets controlling 150K PCs. Read more

www.internetnews.com:
Botnets on The Run? Read more

www.technewsworld.com:
Data Mining Easy as Using Credit Card. Read more

news.com.com:
Week in review: Can Google keep a secret? Read more

www.scmagazine.com:
More clever hackers emerging. Read more

www.computerworld.com:
New Spycar software will test antispyware. Read more

www.betanews.com:
Gates Pokes Fun at $100 Laptop. Read more

17 March 2006

Guides, Papers, etc
www.lurhq.com:
Cryzip Ransomware Trojan Analysis. Read more

blogs.securiteam.com:
Skype - The new NMAP? Read more

blogs.securiteam.com:
Free QA and Light-bulb Disclosure. Read more

blogs.securiteam.com:
Thinking Different IV. Read more

techrepublic.com.com:
Look at your network through a hacker's eyes. Read more

www.pcworld.com:
Stop Others From Altering Your Security Settings. Read more

 

Tools:
fire.dmzs.com:
FIRE is a portable bootable cdrom based distribution with the goal of providing an immediate environment to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment. Read more

 

News
www.eweek.com:
Cryzip Trojan Encrypts Files, Demands Ransom. Read more

www.technewsworld.com:
Security Researchers Crack Zippo Password. Read more

www.theregister.co.uk:
Say Hi to the mouse click capturing Trojan. Read more

www.eweek.com:
RAIDE Rootkit Elimination Tool Hits Beta. Read more

www.infoworld.com:
Microsoft goes public with Blue Hat hacker conference. Read more

www.betanews.com:
VeriSign Warns of New DoS Attacks. Read more

www.eweek.com:
FrSIRT Puts Exploits up for Sale. Read more

www.vnunet.com:
Bank strikes back at ID cheats. Read more

www.washingtonpost.com:
Hacking Made Easy. Read more

www.securityfocus.com:
Police break online child porn ring. Read more

16 March 2006

Guides, Papers, etc
www.rfidvirus.org:
Is your pet infected with a computer virus? Read more

www.rfidvirus.org:
How to Write an RFID Worm. Read more

www.schneier.com:
The Future of Privacy. Read more

www.themanufacturer.com:
The price of Windows. Read more

www.eweek.com:
Credit Card Security Issues Rise to a Boil. Read more

ddanchev.blogspot.com:
Security vs Privacy or what's left from it. Read more

www.windowsecurity.com:
Deploying Auditing Settings and Reporting What is Configured. Read more

www.egr.msu.edu:
A Topologically-AwareWorm Propagation Model forWireless Sensor Networks. Read more

www.it-observer.com:
What E-Mail Hackers Know That You Don’t. Read more

www.blackhat.com:
Attacks on uninitialized local variables. Read more

 

Tools:
www.microsoft.com:
SyncToy v1.1 helps you copy, move, rename, and delete files between folders and computers quickly and easily. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
ASP Portal Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

securitytracker.com:
Horde Input Validation Hole in '/services/go.php' Lets Remote Users Traverse the Directory. Read more

securitytracker.com:
Macromedia Flash Player SWF File Processing Flaw Permits Remote Code Execution. Read more

 

News
www.techtree.com:
Feds Slacken Leash on Google. Read more

www.theregister.co.uk:
Plug pulled on Mac hacking challenge. Read more

www.vnunet.com:
Macabre Milosevic malware mounts. Read more

www.terra.net.lb:
Microsoft sues against alleged eBay software bootlegging. Read more

www.terra.net.lb:
Qatar conference urges combat of cyber crime. Read more

www.terra.net.lb:
New virus seeks 'ransom' for computer files. Read more

news.zdnet.co.uk:
Trojan 'kidnaps' data. Read more

www.vnunet.com:
Hackers cash in on financial sector attacks. Read mor

blogs.zdnet.com:
Botnet drama: database theft, IM attacks, financial fraud. Read more

www.msnbc.msn.com:
Radio chip barcodes can carry a virus. Read more

today.reuters.com:
Bill Gates mocks MIT's $100 laptop project. Read more

www.vnunet.com:
Global project cracks second Enigma code. Read more

www.usdoj.gov:
Former Officer of Internet Company Sentenced in Case of Massive Data Theft from Acxiom Corporation. Read more

15 March 2006

Guides, Papers, etc
www.securityfocus.com:
Social engineering reloaded. Read more

www.esj.com:
Bot Networks Hurl More Trojan Code. Read more

www.javareport.com:
Rapidly evolving security attack trends. Read more

www.microsoft.com:
7 ways to protect your laptop on the road. Read more

www.microsoft.com:
Help keep your data safe. Encrypt your data with Windows XP Professional. Read more

www.rootkit.com:
VMBR's a threat? Not really. Read more

www.argeniss.com:
WLSI - Windows Local Shellcode Injection. Download

www.securitypark.co.uk:
How Hackers and Virus Writers Attack E-mail Systems. Read more

blogs.securiteam.com:
SPAMers are smart people. Read more

blog.searchenginewatch.com:
25 Things I Hate About Google. Read more

www.counterpane.com:
CYBER ATTACKS TO SIGNIFICANTLY IMPACT FINANCIAL, HEALTHCARE AND UTILITIES SECTORS. Read more

www.darksideprogramming.net:
Creating Malware using MD5. Read more

 

Vulnerabilities & Exploits
www.zerodayinitiative.com:
Microsoft Excel File Format Parsing Vulnerability. Read more

securitytracker.com:
Adobe Graphics Server Interactive Login Configuration Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Adobe Document Server Interactive Login Configuration Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
ENet Packet Processing Bugs Let Remote Users Deny Service. Read more

securitytracker.com:
Microsoft Windows Services Have Unsafe Default ACLs That Let Remote Authenticated Users Gain Elevated Privileges. Read more

securitytracker.com:
mod_python FileSession Directory Traversal Bug May Let Local Users Gain Additional Privileges. Read more

securitytracker.com:
Apple Mac OS X CoreTypes Bug in Archive Processing Lets Remote Users Conduct Cross-Domain Scripting Attacks. Read more

securitytracker.com:
Apple Mail Buffer Overflow in Processing Attachments With Specially Crafted Real Names May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Ubuntu Installer Leaves Passwords in Plain Text on the System. Read more

securitytracker.com:
Apple Safari 'Safe' File Type Processing Flaw May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Ipswitch Collaboration Suite Buffer Overflow in IMAP FETCH Command Lets Remote Authenticated Users Execute Arbitrary Code. Read more

securitytracker.com:
DSPoll Input Validation Hole in Processing 'pollid' Parameter Let Remote Users Inject SQL Commands. Read more

securitytracker.com:
DSNewsletter 'email' Parameter Input Validation Flaw Permits SQL Injection. Read more

 

News
Microsoft Security Bulletin MS06-012
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413). Read more

news.com.com:
Judge to help feds against Google. Read more

news.com.com:
Video: Google, ACLU respond as judge backs feds. Watch

english.chosun.com:
Hackers Stole 1 Million IDs for Online Game. Read more

www.theregister.co.uk:
Google cuts data deal with DoJ. Read more

www.theregister.co.uk:
McAfee ate my system. Read more

www.theregister.co.uk:
Phishing fraudsters offer cash reward. Read more

www.sophos.com:
Husband and wife face jail for Trojan horse that spied on businesses. Read more

news.com.com:
Study says RFID tags are vulnerable to viruses. Read more

www.vnunet.com:
Web search blows CIA spooks' cover. Read more

www.scmagazine.com:
Gartner warns of 'PIN block' hacking scams. Read more

www.securitypark.co.uk:
50% of computers are wide open for online attacks and malware. Read more

www.sfgate.com:
SONY BMG ANNOUNCES ROOTKIT SETTLEMENT DETAILS. Read more

news.com.com:
OfficeMax: No evidence of security breach. Read more

14 March 2006

Guides, Papers, etc
www.securityfocus.com:
Human rights and wrongs online. Read more

www.esj.com:
Bot Networks Hurl More Trojan Code. Read more

www.cs.wisc.edu:
An Inside Look at Botnets. Read more

sunbeltblog.blogspot.com:
Behold the power of botnets. Read more

www.securitypark.co.uk:
Two-Factor Authentication for clients of banks and financial institutions. Read more

blogs.securiteam.com:
Full-Disclosure to be rated PG-13. Read more

www.lurhq.com:
Cryzip Ransomware Trojan Analysis. Read more

isc.sans.org:
A TCP/IP mystery (solved) (NEW). Read more

decision.csl.uiuc.edu:
How to do Business Safer Online in 6 Easy Steps. Read more

 

Tools:
searchsecurity.techtarget.com:
New freeware takes some mystery out of rogue files. Read more

 

Vulnerabilities & Exploits
www.securityfocus.com:
Ubuntnu stores clear text root password. Read more

securitytracker.com:
DSCounter 'X-Forwarded-For' Input Validation Flaw Permits SQL Injection Attacks. Read more

securitytracker.com:
DSDownload Input Validation Flaws in 'search.php' and 'downloads.php' Permit SQL Injection. Read more

securitytracker.com:
DSLogin Input Validation Bug in 'log_userid' Parameter Permits SQL Injection Attacks. Read more

 

News
www.theregister.co.uk:
Citibank ATM fraud 'just tip of iceberg' - analyst. Read more

www.newsfactor.com:
McAfee Update Kills More Than Viruses. Read more

www.javareport.com:
Rapidly evolving security attack trends. Read more

www.businessweek.com:
Speak Softly And Carry A Thick Brief. Read more

www.vnunet.com:
Sony BMG rootkit victims urged to claim free money. Read more

www.apacs.org.uk:
UK card fraud losses in 2005 fall by £65m - to £439.4m from £504.8m in 2004. Read more

news.com.com:
Google, feds face off over search records. Read more

today.reuters.com:
Google, US to face off over data. Read more

www.computerworld.com:
Hacked bank server hosts phishing sites. Read more

www.theinquirer.net:
McAfee sends 'bad pattern' to punters. Read more

news.com.com:
Windows Live offers Microsoft a quicker turnaround. Read more

www.theregister.co.uk:
Virtual rootkits create stealth risk. Read more

www.betanews.com:
Microsoft Updates Vista Design Tools. Read more

13 March 2006

Guides, Papers, etc
blogs.msdn.com:
Why you shouldn't run as admin...Read more

www.microsoft.com:
SafeDisc Windows XP Fix for Microsoft Games. Read more

www.cs.princeton.edu:
Windows Access Control Demystified. Read more

blog.siteadvisor.com:
The Ghosts of Downloads Past. Read more

www.netsato.com:
Malware Report - Rouge Anti-Spyware Software called “Bravesentry”. Read more

isc.sans.org:
Phishing arms race. Read more

www.microsoft.com:
Leetspeak: A parent's primer to computer slang. Read more

news.com.com:
Video: Google can't stay out of the news. Watch

 

Vulnerabilities & Exploits
securitytracker.com:
GuppY Input Validation Flaw in 'error.php' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Linux Kernel Comparison Error in get_nodes() Lets Local Users Deny Service. Read more

securitytracker.com:
KDE kpdf/xpdf Incorrect Patch for Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
GnuPG May Fail to Detect the Injection of Unsigned Data. Read more

securitytracker.com:
Kerio MailServer IMAP Command Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
Nodez Input Validation Flaw in 'op' Parameter Lets Remote Users Inject PHP Code and Also Conduct Cross-Site Scripting Attacks. Read more

 

News
www.microsoft.com:
Virus Information Alliance (VIA). Read more

www.vnunet.com:
Single Windows security patch for March. Read more

www.spamdailynews.com:
Spammer Brendan Battles denies he is Spam King Brendan Battles. Read more

www.nzherald.co.nz:
Viruses programmed to steal data proliferate. Read more

www.computerworld.com:
Security vendors: Windows OneCare won't cut it. Read more

11 March 2006

Guides, Papers, etc
www.eweek.com:
VM Rootkits: The Next Big Threat? Read more

reviews.cnet.com:
This time it's personal. Read more

www.wired.com:
Can Microsoft Save the Net? Read more

www.windowsecurity.com:
More on Running Windows Under Non-Admin Accounts. Read more

ftp.research.microsoft.com:
Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities. Read more

www.thevirtualhandshake.com:
I’ve Been Joe Jobbed - Need Your Help. Read more

blog.siteadvisor.com:
The Ghosts of Downloads Past. Read more

 

Tools:
www.seagate.com:
New Momentus Drive Slams Door Shut on Data Thieves. Read more

www.windowsecurity.com:
Tools of the Trade (Part 1). Read more

www.few.vu.nl:
Argos: an Emulator for Capturing Zero-Day Attacks. Read more

tech.monstersandcritics.com:
New ultra mobile PC points to future of computing. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
TextfileBB Input Validation Flaw in 'messanger.php' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
ZoneAlarm Use of Relative Path to Load DLLs Lets Local Users Gain Elevated Privileges Read more

securitytracker.com:
Dropbear SSH Server Authorization-Pending Limit Lets Remote Users Deny Service. Read more

securitytracker.com:
Linux Kernel dm-crypt Fails to Clear Key Storage. Read more

securitytracker.com:
RevilloC MailServer POP3 USER Command Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Xerox WorkCentre Pro Multiple PostScript Processing Errors Let Remote Users Deny Service. Read more

securitytracker.com:
GNU Mailman 'Scrubber.py' Decoding Error May Let Remote Users Deny Service. Read more

 

News
news.com.com:
Feds suggest 21-day deadline for Google subpoena. Read more

www.theregister.co.uk:
Virus names likely a lost cause. Read more

news.com.com:
Open-source bugs undermine digital signatures. Read more

www.tmcnet.com:
Invasion of privacy versus hacking: Internet cafe owners fear losing customers. Read more

www.vnunet.com:
Analyst firm savages Skype. Read more

voyage.typepad.com:
Google.cn "Very Likely" Replace Uncensored Google.com: Beijing News. Read more

today.reuters.co.uk:
EU Commission sends new warning to Microsoft. Read more

www.redherring.com:
Google Site in Hot Water. Read more

www.nytimes.com:
Popular Web Site Falls Victim to a Content Filter. Read more

10 March 2006

Guides, Papers, etc
blog.washingtonpost.com:
Shadowboxing With a Bot Herder. Read more

www.securityfocus.com:
Virus names likely a lost cause. Read more

www.techworld.com:
Test shows how vulnerable unpatched Windows is. Read more

www.registerguard.com:
Identity theft rooted in documents; shred them. Read more

www.cio-today.com:
Protecting Your Most Vulnerable Corporate Data. Read more

www.informit.com:
Analyzing the Crossover Virus: The First PC to Windows Handheld Cross-infector. Read more

www.wired.com:
Why Data Mining Won't Stop Terror. Read more

 

News
www.usatoday.com:
Click fraud's bound to continue, experts say. Read more

www.theregister.co.uk:
ISPs must take lead in fighting spam. Read more

www.it-observer.com:
Microsoft Plans Two Patches Next Week. Read more

www.scmagazine.com:
From Russia, bots and personal information for sale. Read more

news.bbc.co.uk:
Denial-of-service hacking soars. Read more

www.scmagazine.com:
No Citibank withdrawls north of the border. Read more

www.informationweek.com:
PIN Scandal 'Worst Hack Ever'; Citibank Only The Start. Read more

www.crn.com:
Famed 'Computer Terrorist' Teaches Anti-hacking. Read more

www.it-observer.com:
DeepNines and Kaspersky Lab Unite to Provide Leading Anti-Virus and Anti-Spyware Protection in DeepNines Integrated Solution. Read more

www.theinquirer.net:
Vista set to swallow 800MB of RAM. Read more

www.vnunet.com:
Microsoft warns of pirate software security risks. Read more

www.vnunet.com:
Intel beefs up desktop security. Read more

www.bbspot.com:
Typo Prompts RIAA to Prosecute Fire Sharers. Read more

09 March 2006

Guides, Papers, etc
www.dfrws.org:
Call for Papers. Digital Forensic Research Workshop (DFRWS). Read more

ddanchev.blogspot.com:
Where's my 0day, please? Read more

ddanchev.blogspot.com:
The Future of Privacy = don't over-empower the watchers!. Read more

www.informationweek.com:
Firefox Whips Internet Explorer In Vulnerability Tally. Read more

blogs.zdnet.com:
Windows Defender Beta 2 vs. spyware. Read more

blogs.securiteam.com:
Message-Rendering Vulnerabilities in E-mail Readers. Read more

 

Tools:
sourceforge.net:
HLBR is an IPS (Intrusion Prevention System) that can filter packets in the OSI layer 2. Detection of malicious traffic is done by rules. It can even be used as bridge to honeypots. The HLBR is a firewall element and can use regular expressions. Read more

www.newscientist.com:
Create your favourite website, automatically. Read more

 

Vulnerabilities & Exploits
reedarvin.thearvins.com:
18 ways to escalate privileges in Zone Labs ZoneAlarm Security Suite build 6.1.744.000. Read more

securitytracker.com:
Symantec Ghost Underlying Database Bugs May Let Local Users Access the Database. Read more

securitytracker.com:
Red Hat initscripts Environment Variable Processing May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Grisoft AVG Anti-Virus Update File Permissions Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
HP Tru64 UNIX IPSec IKE Processing Lets Remote Users Deny Service. Read more

 

News
isc.sans.org:
Bargain: 10'000 infected PC's for only 25$ Read more

spamkings.oreilly.com:
Mortgage spamming kit up for auction. Read more

www.theregister.co.uk:
Microsoft releases beta search. Read more

www.wired.com:
Porn Billing Leak Exposes Buyers. Read more

www.theregister.co.uk:
Phishing fraudsters aim to outpace site shutdowns. Read more

business.scotsman.com:
Privacy fear as Google plans 'super database'. Read more

www.usatoday.com:
U.S. Web giants cower at great firewall of China. Read more

www.redherring.com:
Acting as China's Web Cops. Read more

www.computing.co.uk:
Two charged with creating Trojan spyware. Read more

www.techweb.com:
Researchers Terminate Sites Selling Trojans. Read more

deseretnews.com:
Victim solves his ID theft. Read more

netrn.net:
Newest rogue anti-spyware installs adware from BestOffersNetwork. Read more

today.reuters.co.uk:
S.Korea aims to cool Internet rage attacks. Read more

www.usatoday.com:
Osama bin Laden fan clubs build online communities. Read more

dsc.discovery.com:
Photos as Passwords Foil Hackers. Read more

08 March 2006

Guides, Papers, etc
www.securityfocus.com:
The value of vulnerabilities. Read more

news.bbc.co.uk:
Hanging on the internet telephone. Read more

www.computerworld.com.au:
Attack of the Mutants. Read more

msn.pcworld.com:
Spam Mutates. Junk ads are migrating to blogs, instant messages, and cell phones. Read more

www.eweek.com:
Is 'American' Software More Secure? Read more

www.securityfocus.com:
Contests challenge Mac OS X security. Read more

ddanchev.blogspot.com:
5 things Microsoft can do to secure the Internet, and why it wouldn't? Read more

ddanchev.blogspot.com:
Anti Phishing toolbars - can you trust them? Read more

www.informationweek.com:
Firefox Whips Internet Explorer In Vulnerability Tally. Read more

public.gnucitizen.org:
Purple paper on discovery and exploitative vhost hacking techniques. Read more

blogs.securiteam.com:
PHP-based CMS mass-exploitation. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
CuteNews Input Validation Hole in 'index.php' Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
FTPoed Blog Engine Comment Section Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Linux Kernel 'binfmt_elf.c' ELF Entry Point Error Lets Local Users Deny Service. Read more

securitytracker.com:
Sun Solaris Memory Leak in Proc Pagedata Subsystem Lets Local Users Deny Service. Read more

 

News
www.theregister.co.uk:
MS denies helping Beijing nail cyberdissident. Read more

www.channelregister.co.uk:
Zombie PCs menace mankind. Read more

www.redherring.com:
China Zombie Machines Up 37%. Read more

news.bbc.co.uk:
China and the break-up of the net. Read more

news.bbc.co.uk:
Tougher hacking laws get support. Read more

www.channelregister.co.uk:
Citibank reissues cards after fraudulent withdrawals. Read more

www.sophos.com:
Police secrets leaked by computer virus. Read more

www.it-observer.com:
Hacking for Financial Gain. Read more

www.vnunet.com:
Apple OS X security withstands hacking contest. Read more

www.theregister.co.uk:
Firms 'invisible' to online shoppers. Read more

news.bbc.co.uk:
Google 'planning total storage'. Read more

thescotsman.scotsman.com:
Man jailed over cybergirl 'sex'. Read more

07 March 2006

Guides, Papers, etc
blogs.securiteam.com:
Oracle Secure Search: The World’s Greatest Paradox? Read more

www.informationweek.com:
Microsoft's IE7 Ignores Windows Setting. Read more

www.philippinehoneynet.org:
Honeynet Activity Monitor Report Archive 2006-02-16. Read more

 

News
Citibank under fraud attack, customers locked out of accounts. Read more

www.zdnet.com.au:
Mac OS X hacked under 30 minutes. Read more

www.securityfocus.com:
Citibank issues ATM fraud statement. Read more

www.mytelus.com:
Internet security experts bracing for new wave of criminal 'bot-net' attacks. Read more

www.securityfocus.com:
Risky sites account for 5 percent of traffic. Read more

www.channelregister.co.uk:
Cybercrooks spur anti-virus market growth. Read more

www.theregister.co.uk:
US man faces IRC Trojan charges. Read more

www.spamdailynews.com:
Woman faces 5 years in jail over porn spam. Read more

www.belfasttelegraph.co.uk:
Protection is the name of the game. Read more

arstechnica.com:
Secret back doors? Microsoft says no, China says maybe. Read more

news.zdnet.co.uk:
Security standoff over PC-PDA malware code. Read more

www.informationweek.com:
Microsoft Backtracks On Timetable To Beat Google. Read more

www.ameinfo.com:
Expect hackers to shift targets in 2006. Read more

06 March 2006

Guides, Papers, etc
chuvakin.blogspot.com:
Will security ever "get done"? Read more

www.nytimes.com:
Hey Neighbor, Stop Piggybacking on My Wireless. Read more

moneycentral.msn.com:
6 tips for shopping safely online. Read more

www.wired.com:
Are Spam Blockers Too Strict? Read more

www.post-gazette.com:
Today: The Internet, Tomorrow: The World. Read more

www.fp6-noah.or:
NoAH Honeynet Project. Read more

www.fp6-noah.or:
NoAH. Survey on the state-of-the-Art. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
LISTSERV Web Archive Interface Unspecified Bugs Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Visual Studio Buffer Overflow in '.dbp' and '.sln' Files Let Remote Users Cause Arbitrary Code to Be Executed. Read more

securitytracker.com:
Gallery Input Validation Holes Let Remote Users Delete Files and Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
IBM WebSphere Application Server May Disclose JavaServer Pages Source to Remote Users. Read more

securitytracker.com:
PluggedOut Nexus Input Validation Flaw in 'forgotten_password.php' Permits SQL Injection. Read more

securitytracker.com:
EMC Dantz Retrospect Client Lets Remote Users Disable Backup Services. Read more

securitytracker.com:
Apple Safari JavaScript Buffer Overflow Lets Remote Users Execute Arbitrary Code and HTTP Redirect Bug Lets Remote Users Access Files. Read more

securitytracker.com:
Mac OS X automount Lets Remote Users Execute Arbitrary Code on Systems on the Local Network. Read more

securitytracker.com:
OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service. Read more

securitytracker.com:
Tar Buffer Overflow in Processing PAX Extended Headers May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
lighttpd Discloses Script Source Code to Remote Users. Read more

securitytracker.com:
SAP Web Application Server Lets Remote Users Inject Data into HTTP Responses. Read more

 

News
www.eweek.com:
Hunt Intensifies for Botnet Command & Controls. Read more

www.spamdailynews.com:
Israeli Trojan horse developers indicted. Read more

www.zdnet.com.au:
Mac OS X hacked under 30 minutes. Read more

www.linuxelectrons.com:
Man Arrested for Placing Trojan in IRC Channel. Read more

www.eweek.com:
SiteAdvisor Finds Billions of Unsafe Web Visits. Read more

www.financialexpress.com:
China carves out its own Net domains. Read more

www.betanews.com:
ICANN: China Not Forming New Internet. Read more

04 March 2006

Guides, Papers, etc
www.sysinternals.com:
Running as Limited User - the Easy Way. Read more

www.infoworld.com:
An SSL trojan unmasked. Read more

ka0s.peak.at:
Ma First Steps in Reversing on a PPC/WinCE-Platform. Read more

www.ethicalhacker.net:
Hacking Online Banking and Credit Card Transactions – And How to Prevent It. Read more

www.tik.ee.ethz.ch:
Entropy Based Worm and Anomaly Detection in Fast IP Networks. Read more

 

News
news.com.com:
Microsoft: Vista won't get a backdoor. Read more

www.securityfocus.com:
Antivirus groups fight over Crossover sharing. Read more

www.securityfocus.com:
Report: Computer problems plague NSA. Readv more

www.theregister.co.uk:
'Keylogger text' spooks Symantec. Read more

redmondmag.com:
U.S. Objects to Snort Purchase by Israel-Based Check Point. Read more

www.vnunet.com:
Virus promises nude Paris Hilton pics. Read more

news.zdnet.co.uk:
UK users gaining confidence in online banking. Read more

www.technologyreview.com:
Political CD: Does It Go Too Far? Read more

news.bbc.co.uk:
Origami gadget to debut at Cebit. Read more

news.com.com:
Porn, Google and the courts. Read more

03 March 2006

Guides, Papers, etc
blogs.securiteam.com:
It is the second day of BlackWorm. Read more

blogs.securiteam.com:
Interview with Luigi Auriemma. Read more

blog.washingtonpost.com:
Malware-Speak Spooks Symantec. Read more

blogs.securiteam.com:
Old XMLHTTP HTTP Request flaw in MSIE raising interest. Read more

searchsecurity.techtarget.com:
Protect your business from a Google hack. Read more

www.informationweek.com:
How To Punch Through Spam Filters. Read more

www.windowsecurity.com:
Setting up your Lab. Read more

 

News
www.redherring.com:
Google Moves Files from China. Read more

software.silicon.com:
Microsoft virus 'bounty hunter' warns of never-ending battle. Read more

news.bbc.co.uk:
Big push for Chinese net domains. Read more

news.com.com:
Live: Google faces off with analysts. Read more

www.theregister.co.uk:
US man faces five years for hacking supervisor's PC. Read more

www.spamdailynews.com:
''Robin Hood'' escapes prison term. Read more

www.securitypronews.com:
Psyciatrist Suckered By 419 Scam. Read more

www.theinquirer.net:
14 year-old finds critical hole in Gmail. Read more

www.msnbc.msn.com:
Two arrested on sex charges linked to MySpace. Read more

02 March 2006

New Trojans February. Read more

 

Guides, Papers, etc
blogs.securiteam.com:
More DDoS trouble in DNS land? Read more

www.zdnet.com.au:
Change of tactics in war on viruses. Read more

www.combobulate.com:
Defeating DIY Hardware Keyloggers. Read more

searchwindowssecurity.techtarget.com:
Windows features you can live without. Read more

www.technewsworld.com:
Identity Theft Demystified. Read more

www.trapkit.de:
scoopy doo - VMware Fingerprint Suite. Read more

online.wsj.com:
Our Columnist Creates Web 'Original Content' But Is in for a Surprise. Read more

 

News
www.emailbattles.com:
Hacker Defender Rootkit Guru Kills Stealth Project. Read more

news.netcraft.com:
DDoS Attacks Target Prominent Blogs. Read more

www.eweek.com:
Hacker Outsmarts Kinko's ExpressPay Cards. Read more

www.computerworld.com:
Former government IT worker guilty of hacking. Read more

www.securityfocus.com:
Professor criticized for online-attack test. Read more

www.theregister.co.uk:
Sting nets two spam scam suspects. Read more

www.securityfocus.com:
The big DRM mistake. Read more

www.vnunet.com:
Identity theft victims to sue NCsoft. Read more

www.linuxelectrons.com:
College Student Uses Brute Force PASSWD on School Computer to Change Grade. Read more

news.bbc.co.uk:
Online amateurs crack Nazi codes. Read more

today.reuters.co.uk:
Microsoft says better than Google soon. Read more

www.businessweek.com:
Microsoft seeking ways to help illiterate. Read more

news.bbc.co.uk:
Microsoft plans iPod media rival. Read more

01 March 2006

Guides, Papers, etc
www.securityfocus.com:
recursive DNS servers DDoS as a growing DDoS problem. Read more

www.pcworld.com:
Outsmarting the Online Privacy Snoops. Read more

www.circleid.com:
China's New Domain Names: Lost in Translation. Read more

www.deccanherald.com:
Beware, you are being ‘shadow’ed. Read more

www.techworld.com:
The ten-minute guide to wireless security. Read more

news.com.com:
Video: A greener path for dead chips. Read more

 

Vulnerabilities & Exploits
www.securityfocus.com:
Report: ExpressPay can be exploited for cash. Read more

securitytracker.com:
MySQL Query Bug Lets Remote Users Bypass Query Loggin. Read more

securitytracker.com:
HP System Management Homepage Unspecified Bug Lets Remote Users Traverse the Directory. Read more

securitytracker.com:
phpRPC decode() Input Validaiton Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Compex NetPassage WPE54G Router Lets Remote Users Crash the UConfig Agent Service. Read more

securitytracker.com:
Archangel Weblog Authentication Weakness Lets Remote Users Gain Administrator Privileges. Read more

securitytracker.com:
Thomson Speed Touch 500 Series Web Interface Input Validation Hole Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
D3Jeeb Input Validation Hole in 'fastlinks.php' and 'catogary.php' Permits SQL Injection. Read more

securitytracker.com:
DirectContact Input Validation Error Lets Remote Users Traverse the Directory. Read more

 

News
www.channelregister.co.uk:
Trojan targets basic Java phones. Read more

www.dailytech.com:
Proof-of-Concept PC to Mobile "Crossover" Virus Shown. Read more

www.techweb.com:
Microsoft Unveils "Non-Security" Update For IE. Read more

news.zdnet.co.uk:
Viruses cause most security breaches. Read more

www.vnunet.com:
Clagger Trojan sparks AV industry war of words. Read more

www.infoanarchy.org:
CanadianRecord Company helps Texas teen battle RIAA. Read more

news.zdnet.co.uk:
Two-factor authentication imminent from Alliance & Leicester. Read more

www.circleid.com:
Chinese Alternate Root as a New Beginning and Real Internet Governance. Read more

www.washingtonpost.com:
AOL Sues Groups Under Anti-Phishing Law. Read more


Copyright© MegaSecurity.org