Home    News Archive    Translate Traducen
News March 2007
31 March 2007

Guides, Papers, etc
blogs.securiteam.com:
On-going Internet Emergency and Domain Names. Read more

blog.spywareguide.com:
NetBrowserPro: The Porn Browser. Read more

www.viruslist.com:
The more things change. Read more

www.f-secure.com:
Update on ANI Exploit. Read more

sunbeltblog.blogspot.com:
The ANI exploit and CounterSpy and Ninja. Read more

ha.ckers.org:
Information Theft via Domain Squatting. Read more

www.computerworld.com:
Pill spammers turn hackers to 'joe job' sites. Read more

www.eweek.com:
The Nightmare Scenario: What If TJX Did Everything Right? Read more

www.darkreading.com:
Cisco's NAC Gets Hacked. Read more

www.darkreading.com:
Mourning the Loss of the Safety Margin. Read more

www.gnucitizen.org:
Preventing CSRF. Read more

www.avertlabs.com:
2007 Q1 malware trends. Read more

www.sophos.com:
Spammers hack PHP websites to make money from online pharmacies. Read more

myappsecurity.blogspot.com:
Reflection on Jeff Williams. Read more

myappsecurity.blogspot.com:
Reflection on Robert Auger. Read more

www.invisiblethings.org:
Thoughts about Cross-View based Rootkit Detection. Read more

www.informationweek.com:
Review: Six Rootkit Detectors Protect Your System. Read more

podcasts.mcafee.com:
Audio: 'bots' and bot evolution with McAfee Avert's own Allysa Myers. Why does AV fail? Listen

aolradio.podcast.aol.com:
Audio: Security Now 85: Cross Site Scripting and Jikto. Listen

 

Vulnerabilities & Exploits
securitytracker.com:
NetBSD Buffer Overflow in iso(4) Lets Local Users Gain Root Privileges. Read more

securitytracker.com:
CA BrightStor Backup Buffer Overflow in Mediasvr.exe Lets Remote Users Execute Arbitrary Code. Read more

 

Tools:
www.sandboxie.com:
Sandboxie. Read more

www.vappware.com:
Browser Condom (Alpha). Read more

www.amustsoft.com:
AMUST 1-Defender is a free security utility that offers the first line of defense against malicious web sites and rogue emails which target user computers with spyware, keyloggers, rootkits, viruses and other malware. . Read more

 

News
www.infoworld.com:
EEye publishes fix for Windows zero-day vulnerability. Read more

news.zdnet.co.uk:
TK Maxx 'should disclose hacking details'. Read more

www.securityfocus.com/:
TJX theft tops 45.6 million card numbers. Read more

www.securityfocus.com/:
Chinese servers host malicious cursor attacks. Read more

www.vnunet.com:
Malware plague hits 40 per cent of firms. Read more

www.viruslist.com:
Saudi Arabia toughens stance on cybercrime. Read more

news.com.com:
Spam experts at MIT lift curtain on search. Read more

www.cbc.ca:
Windows security flaw linked to Super Bowl site attack. Read more

www.theregister.co.uk:
Grum worm poses as IE7 beta. Read more

www.canada.com:
Internet vigilantes go after online scam artists. Read more

www.usnews.com:
Most Dangerous Internet Sites. Read more

news.com.com:
At Kink.com, a live tool against piracy. Read more

30 March 2007

Guides, Papers, etc
blogs.securiteam.com:
Vista is affected to Windows .ANI 0-day too. Read more

www.symantec.com:
Fujacks fixtool fixes "jack". Read more

www.f-secure.com:
Always keep your softwares up to date... or not. Read more

sunbeltblog.blogspot.com:
Beware fake IE 7 downloads. Read more

www.avertlabs.com:
ANI File Exploit Has Connection With Hacked Super Bowl Site. Read more

www.omninerd.com:
2006 Operating System Vulnerability Summary. Read more

www.itnews.com.au:
You have zero privacy and a keylogger. Read more

www.viruslist.com:
Keyloggers: How they work and how to detect them (Part 1). Read more

www.darkreading.com:
Eight Faces of a Hacker. Read more

www.darkreading.com:
Killer Combo: XSS + CSRF. Read more

www.builderau.com.au:
10 things you should do to a new Linux PC before exposing it to the Internet. Read more

lifehacker.com:
Hack Attack: Safely install software in a virtual layer. Read more

www.smallnetbuilder.com:
They're Out to Get You-An Introduction to Internet Security. Read more

www.smallnetbuilder.com:
Ignorance is Bliss? An Introduction to Internet Security - Part 2. Read more

 

Vulnerabilities & Exploits
Microsoft Security Advisory (935423)
Vulnerability in Windows Animated Cursor Handling. Read more

securitytracker.com:
IBM Lotus Sametime Buffer Overflow in STJNILoader.ocx ActiveX Control Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Windows Animated Cursor Bug Lets Remote Users Execute Arbitrary Code. Read more

 

Tools:
fileforum.betanews.com:
RunScanner is a completely free windows system utility which scans your system for all configured running programs. You can use runscanner to detect autostart programs, spyware, adware, homepage hijackers, unverified drivers and other problems. Read more

 

News
www.theregister.co.uk:
Exploit for latest Windows vuln already animated. Read more

www.techworld.com:
Worm writer botches fix. Read more

www.eweek.com:
TJX Intruder Had Retailer's Encryption Key. Read more

software.silicon.com:
Revealed: World's largest security breach. Read more

www.reuters.com:
China cyberspace, outerspace war gains impress: U.S. Read more

ddanchev.blogspot.com:
Cyber Traps for Wannabe Jihadists. Read more

www.professionalsecurity.co.uk:
Sure domain. Read more

www.darkreading.com:
University Cleans Up Bots on Campus. Read more

management.silicon.com:
Sales people are 'demons' of tech security. Read more

news.bbc.co.uk:
Online fraud 'now major concern'. Read more

www.pcauthority.com.au:
Key-loggers become cyber-criminal tool of choice. Read more

blog.washingtonpost.com:
Fortune 500s Unwittingly Become Spammers. Read more

www.itnews.com.au:
Spammers hijacking legit sites. Read more

www.theregister.co.uk:
So who sent you that spam? HP or Oracle? Read more

www.itnews.com.au:
Pump-and-dump scam targets German investors. Read more

news.bbc.co.uk:
Wi-fi buses drive rural web use. Read more

www.newsobserver.com:
Students accused of cyberstalking. Read more

www.bitsofnews.com:
First Hardware to go through Evolution Developed. Read more

29 March 2007

Guides, Papers, etc
blogs.securiteam.com:
Pervasive Cluelessness. Read more

www.f-secure.com:
So, what does the enemy look like in real life? Read more

www.avertlabs.com:
Advertising malware…Read more

isc.sans.org:
Microsoft XP Change Analysis Diagnostic Tool. Read more

www.viruslist.com:
A Nigerian Easter egg. Read more

www.2-spyware.com:
SpyLocked == SpywareLocked. Read more

www.symantec.com:
Bills, Bills, Bills. Read more

www.securitycadets.com:
Windows Vista Microsoft Updates Available. Read more

www.eweek.com:
Government Agencies: Be Proactive. Read more

blogs.ittoolbox.com:
Your Security Presentation Stinks! Read more

blogs.authentium.com:
Criminals and the Internet. Read more

www.darkreading.com:
Hacking the Car Navigation System. Read more

www.darkreading.com:
Security's New School. Read more

www.darkreading.com:
The Hits Keep Coming. Read more

www.darkreading.com:
Now Playing: Metasploit 3.0. Read more

www.computerworld.com:
Startup aims to keep network security vendors honest. Read more

ha.ckers.org:
Splog Hubs. Read more

www.espcoalition.org:
ESPC / Ipsos Email Survey Summary. Read more

 

Vulnerabilities & Exploits
msmvps.com:
Iframes / objects can apparently bypass phishing protection in Firefox 2.0.0.3 and Opera 9.10 - IE7 is unaffected. Read more

securitytracker.com:
Cisco Unified CallManager SCCP, SCCPS, ICMP, and IPSec Processing Bugs Let Remote Users Deny Service. Read more

securitytracker.com:
IBM Lotus Domino LDAP Server Buffer Overflow Lets Remote Users Deny Service. Read more

securitytracker.com:
IBM Lotus Domino Web Access Input Validation Hole Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
IBM Lotus Domino IMAP Server CRAM-MD5 Username Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Network Audio System Bugs Let Remote Users Deny Service or Execute Arbitrary Code. Read more

securitytracker.com:
Secure Computing IronMail Multiple Input Validation Holes Permit Cross-Site Scripting Attacks. Read more

 

Tools:
support.microsoft.com:
The Change Analysis Diagnostic tool for Windows XP is available. Read more

 

News
www.securityfocus.com:
Amero sentencing delayed to April. Read more

www.internetnews.com:
Computer-Clueless In Connecticut. Read more

www.pcworld.com:
Study: Federal Wireless Network in Trouble. Read more

www.zdnet.com.au:
Phishing attack: Your keyloggers are in the mail. Read more

www.securityfocus.com:
Groups team to test secure-coding skill. Read more

www.theregister.co.uk:
Scammers target domain name owners. Read more

www.pcworld.com:
Hackers Build Private IM. Read more

news.zdnet.co.uk:
SOCA: We are tackling e-crime. Read more

www.vnunet.com:
Sentences for online criminals 'derisory'. Read more

www.theregister.co.uk:
Fortune 1000s host bots in the perimeter. Read more

www.darkreading.com:
MySpace Sues 'Spam King'. Read more

28 March 2007

Guides, Papers, etc
blogs.securiteam.com:
Targets of Allaple DoS-worm released. Read more

www.f-secure.com:
Weblog Q&A. Read more

isc.sans.org:
Dangerous document formats and social engineering. Read more

www.avertlabs.com:
Buying from spam sites can prove deadly. Read more

www.itnews.com.au:
Experts rubbish two-factor authentication. Read more

www.computerworld.com:
QuickStudy: Botnets. Read more

www.computerworld.com:
Four steps to battling botnets. Read more

ha.ckers.org:
Look for SSL, Stupid. Read more

www.darkreading.com:
Security's New School. Read more

www.theregister.co.uk
Vista's long goodbye. Read more

download.microsoft.com:
Video: Mark Russinovich: From Winternals to Microsoft, On Windows Security, Windows CoreArch. Watch

 

Vulnerabilities & Exploits
securitytracker.com:
Linux Kernel do_dccp_getsockopt() Bug Discloses Kernel Memory to Local Users. Read more

 

News
www.informationweek.com:
Hundreds Of Gmail, Yahoo, MSN Passwords Exposed By Entertainment Web Site. Read more

news.com.com:
Mozilla: Hackers control bug disclosure. Read more

ha.ckers.org:
80% of Malware Served By Ads. Read more

www.securityfocus.com:
Metasploit releases latest framework. Read more

www.infoworld.com:
Metasploit hacking tool now Windows friendly. Read more

27 March 2007

Guides, Papers, etc
blogs.securiteam.com:
The Future of Fuzzing (from Fuzzing and Code Coverage). Read more

www.symantec.com:
Internet Explorer: An Ideal Target for Attackers? Read more

www.avertlabs.com:
Tax Year Over.. Phishing Begins. Read more

www.viruslist.com:
The offline way to online safety. Read more

www.eweek.com:
Will ICANN Reform? Read more

windowssecrets.com:
Microsoft allows bypass of Vista activation. Read more

www.heraldnet.com:
Wireless connections can be a haven for hackers. Read more

news.com.com:
At PayPal, fending off phishers--and Google. Read more

www.darkreading.com:
RSnake, Unmasked. Read more

www.darkreading.com:
ID Theft Doubles in Two Months. Read more

www.readwriteweb.com:
Is Google a Semantic Search Engine? Read more

news.com.com:
Sneaks and peeks at hacker confab. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
HP OpenView Network Node Manager Lets Remote Users Gain Access to Certain Services. Read more

securitytracker.com:
Windows Mail URL Bug Lets Remote Users Cause Execute Existing Code on the Target User's System to Be Executed. Read more

 

News
www.theregister.com:
Spamhaus nemesis e360 Insight sued over junk mail. Read more

www.securityfocus.com:
Microsoft confirms Xbox Live pretexting issues. Read more

www.theregister.com:
Bulgarian 'stole $350k' from Americans in eBay scam. Read more

www.sophos.com:
PC users attacked by Pushu Trojan pushed by porno spam. Read more

www.theregister.com:
SANS to certify programmers for security nous. Read more

www.theregister.com:
Image spam fattens junk mail. Read more

www.techworld.com/:
Code posted for IE attack. Read more

www.technewsworld.com:
Trojan Horse Is Newest Windows Vulnerability. Read more

www.bbc.co.uk:
How a six-year-old beat the House of Commons computer system. Read more

www.pe.com:
Nude photos goal of Web scam. Read more

26 March 2007

Guides, Papers, etc
support.microsoft.com:
How to configure Microsoft DNS and WINS to reserve WPAD registration. Read more

www.f-secure.com:
Need an excuse to go to Dubai? Read more

isc.sans.org:
A Possible Data Breach at Romanian Finance Ministry? Maybe Not. Read more

taosecurity.blogspot.com:
ShmooCon 2007 Wrap-Up. Read more

ha.ckers.org:
IE Sends Local Addresses in Referer Header. Read more

ha.ckers.org:
JavaScript Spam. Read more

passivemode.net:
Real-ID: Costs And Benefits. Read more

didierstevens.wordpress.com:
Spamdexing “R” Us. Read more

didierstevens.wordpress.com:
Restoring Safe Mode with a .REG file. Read more

www.securitycadets.com:
AOL directs to WinFixer. Read more

www.bbc.co.uk:
Dear Bill Gates (again). Read more

blogs.ittoolbox.com:
Premium Podcast: Winning The War On Image Spam. Read more

www.csclub.uwaterloo.ca:
Audio: 1989 Bill Gates Talk on Microsoft. Read more

 

Vulnerabilities & Exploits
passivemode.net:
WindowsVista Mail Client Side Code Execution Vulnerability. Read more

securitytracker.com:
IDA Pro Authentication Bypass Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Sun Java System Directory Server Lets Remote Users Crash the ns-slapd Service. Read more

 

Tools:
tech.blorge.com:
New "paint" provides wireless network protection without encryption. Read more

 

News
uk.reuters.com:
Survey says one in 10 is victim of online fraud. Read more

news.com.com:
Windows weakness can lead to network traffic hijacks. Read more

www.downloadsquad.com:
"Things may change" for Porn Pop-up teacher. Read more

www.norwichbulletin.com:
Our view: Porn was Amero's burden. Read more

news.com.com:
JavaScript bug hunting tool demonstrated. Read more

news.zdnet.co.uk:
JavaScript bug-hunting tool revealed. Read more

news.zdnet.co.uk:
Mozilla: Vendors still at mercy of bug hunters. Read more

www.terra.net.lb:
Almost 70 percent of all email from Asia is spam, a study reveals. Read more

www.internetnews.com:
Russia's Latest Export To America: Malware. Read more

www.slashgear.com:
Hackers redeem themselves with their own blood. Read more

www.detnews.com:
Catholic school bans pupils from MySpace. Read more

24 March 2007

Guides, Papers, etc
blogs.securiteam.com:
I love my Motorola, but I think she’s cheating on me. Read more

www.viruslist.com:
More info on Banker.cmp. Read more

www.f-secure.com:
Nurech on the Run Again. Read more

www.symantec.com:
Future Watch – Predicting the Coming Trends of Internet Security Issues. Read more

www.websense.com:
New Warezov spreading via Skype. Read more

isc.sans.org:
Gozi Trojan Steals SSL Encrypted Data for Fun and Profit. Read more

www.darkreading.com:
New RFID Attack Opens the Door. Read more

www.darkreading.com:
What to Do When Your Security's Breached. Read more

www.darkreading.com:
The Stars of Security. Read more

www-128.ibm.com:
SSL on ISC, Part 1: What is SSL and why should I care? Read more

www.net-security.org:
(IN)SECURE Magazine ISSUE 1.10 (February 2007). Read more

www.networkworld.com:
Explaining WPA2. Read more

wantingseed.com:
Hacking Intranets. Read more

economictimes.indiatimes.com:
Code cracker hot. Bruce Schneier. Read more

www.podtrac.com:
Audio: Windows Weekly 18: Windows NoCare. Listen

aolradio.podcast.aol.com:
Audio: Security Now 84: Your Questions, Steve's Answers. Listen

www.youtube.com:
Video: Web Application Security with Jeremiah Grossman. Read more

 

Tools:
www.physics.ox.ac.uk:
The JPC Project. Read more

passivemode.net:
VMWare for Mac Beta 2. Read more

 

News
www.securityfocus.com:
Hacking contest takes aim at Apple. Read more

www.theregister.co.uk:
Vista feature helps VXers trick surfers. Read more

www.theregister.co.uk:
All hail the Java-based x86 emulator. Read more

www.washingtonpost.com:
My National Security Letter Gag Order. Read more

www.computerworld.com:
Hackers spend a Shmoo weekend in DC. Read more

www.betanews.com:
Russian Windows Trojan Discovered, May Point to Identity Theft Ring. Read more

www.platinax.co.uk:
McAfee conflicts with Zonealarm. Read more

www.itnews.com.au:
Trio of security holes found in OpenOffice. Read more

www.terra.net.lb:
Almost 70 percent of all email from Asia is spam, a study reveals. Read more

www.smh.com.au:
Broadband growth extends threats to non-PC devices. Read more

news.zdnet.co.uk:
EU official: Microsoft abuse continues. Read more

www.theregister.co.uk:
British man in webcam 'suicide'. Read more

www.theregister.co.uk:
Canadian killed by poison pills bought on the net. Read more

23 March 2007

Guides, Papers, etc
www.networkworld.com:
Issues with SSID cloaking. Read more

www.lambdacs.com:
Omniscient Debugging. Read more

www.csoonline.com:
WINDOWS VISTA 90 DAY VULNERABILITY REPORT. Read more

www.f-secure.com:
This Sucks. Read more

isc.sans.org:
From the Mailbag. Read more

www.darkreading.com:
Phishing, Crimeware Jump in '07. Read more

msmvps.com:
So would you have clicked? Read more

www.channelregister.co.uk:
Anatomy of an eBay scam. Read more

www.jpost.com:
Ethics @ Work: The institutionalization of Internet crime. Read more

msmvps.com:
The AOL advertisement network has DEFINITELY been infiltrated by winfixer. Read more

www.esecurityplanet.com:
One Flaw And a First For Latest Firefox Update. Read more

www.yourcreditadvisor.com:
Your Identity Has Been Stolen: a 24-Point Recovery Checklist. Read more

video.google.com:
Video: Debugging Backwards in Time. Watch

www.net-security.org:
Audio: HNS Podcast: Common Mistakes Made By IT Administrators. Listen

 

Vulnerabilities & Exploits
securitytracker.com:
Asterisk Can Be Crashed By Remote Users With an Unexpected SIP Response Code. Read more

securitytracker.com:
GNOME Evolution Shared Memo Format String Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
OpenAFS FetchStatus Spoofing Lets Remote Users Gain Elevated Privileges. Read more

securitytracker.com:
IBM WebSphere CRLF Validation Bug Permits HTTP Response Splitting Attacks. Read more

securitytracker.com:
Squid TRACE Method Bug Lets Remote Users Deny Service. Read more

 

News
www.cnn.com:
Source behind Internet attack on Clinton revealed. Read more

www.securityfocus.com:
Bots surge ahead in March. Read more

www.nytimes.com:
Federal Judge Blocks Online Pornography Law. Read more

www.viruslist.com:
Massive malware run against ABN-AMRO customers. Read more

www.informationweek.com:
Trojan Roaming Skype Network. Read more

www.websense.com:
New Warezov spreading via Skype. Read more

www.infoworld.com:
EU official: Microsoft's behavior 'unacceptable'. Read more

en.epochtimes.com:
Chinese Professor Cracks Fifth Data Security Algorithm. Read more

www.securityfocus.com:
Oracle sues rival for hacking, data theft. Read more

www.securityfocus.com:
Microsoft: Xbox Live 'issues' not our fault. Read more

www.eweek.com:
Microsoft Xbox Phone Staffers Giving Away Private Information. Read more

www.theregister.co.uk:
VoIP phreakers establish thriving black market. Read more

origin.dailynews.com:
Government site had ID-theft potential. Read more

www.infoworld.com:
Global malady: Virus writers worldwide team up. Read more

www.enterprisenetworkingplanet.com:
Anticipating Malware: Forecast Calls for Worms. Read more

seattletimes.nwsource.com:
Wi-Fi worry: Laptops at risk of attack. Read more

www.theregister.co.uk:
Dutch FOI disclosures reveal the odd business of evoting. Read more

www.vnunet.com:
Man commits suicide on webcam. Read more

22 March 2007

Guides, Papers, etc
www.securityfocus.com:
Account pretexters plague Xbox Live. Read more

www.crmbuyer.com:
Microsoft's Unix, Dell's Linux, and a Virus Warning: Get Infected, Get Fired. Read more

labnol.blogspot.com:
Quickly Filter Legitimate E-Mails from GMail Spam Folder. Read more

www.darkreading.com:
Phishing, Crimeware Jump in '07. Read more

www.darkreading.com:
Careful, The Boss Is Watching. Read more

www.darkreading.com:
Let's Get Physical. Read more

www.darkreading.com:
By Hook or By Crook. Read more

www.darkreading.com:
Post-Warhol Worms. Read more

isc.sans.org:
Quick intro to auditing web applications. Read more

www.sans.edu:
Web Application Auditing Over Lunch. Read more

www.sophos.com:
Fake website peddles killer pills. Read more

www.wired.com:
Human Brain a Poor Judge of Risk. Read more

ha.ckers.org:
Tracking Back The Trackback Spam. Read more

ha.ckers.org:
Jikto For Good or Jikto For Evil. Read more

news.com.com:
Explaining a Vista ban. Read more

www.microsoft.com:
Inside the Windows Vista Kernel. Part 3.Read more

www.microsoft.com:
Inside the Windows Vista Kernel: Part 2. Read more

www.microsoft.com:
Inside the Windows Vista Kernel: Part 1. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
BudgeTone 200 SIP Phones Can Be Crashed With a Specially Crafted 'WWW-Authenticate' 'Digest Domain' Value. Read more

securitytracker.com:
NETxEIB OPC Server Lets Remote Users Modify Memory to Execute Arbitrary Code. Read more

securitytracker.com:
Opera FTP PASV Implementation Permits Port Scanning. Read more

securitytracker.com:
KDE Konqueror FTP PASV Implementation Permits Port Scanning. Read more

securitytracker.com:
Mozilla Firefox FTP PASV Implementation Permits Port Scanning. Read more

 

Tools:
insecure.org:
New Nmap release: 4.21ALPHA4. Read more

www.microsoft.com:
Process Monitor v1.1. Read more

www.microsoft.com:
AccessChk v3.0. Read more

 

News
www.technewsworld.com:
ICANN May Strengthen Domain Privacy Rules. Read more

www.securityfocus.com:
TJX breach leads to Florida fraud. Read more

www.theregister.co.uk:
Man hijacks 90 eBay accounts. Read more

www.pcpro.co.uk:
Security experts puzzled by lack of OS X malware. Read more

www.itnews.com.au:
Firefox users urged to update. Read more

news.zdnet.co.uk:
Yahoo appoints click fraud tsar. Read more

plawiuk.blogspot.com:
Israel Hacker Heaven. Read more

www.internetnews.com:
Surprise, Microsoft Listed as Most Secure OS. Read more

www.pcadvisor.co.uk:
Confusion over Xbox Live 'hack'. Read more

21 March 2007

Guides, Papers, etc
blogs.securiteam.com:
The recent state of the Xbox Live accounts theft. Read more

blogs.securiteam.com:
Procrastinate another 2 minutes. Read more

sunbeltblog.blogspot.com:
More on the Windows Live pwnage in Italy. Read more

www.viruslist.com:
Cabir, the star of the show. Read more

www.darkreading.com:
Grab Fingerprint, Then Attack. Read more

www.darkreading.com:
Trolling in the Cyber Underground. Read more

www.darkreading.com:
Still In the Dark. Read more

www.darkreading.com:
NoScript Plugin Beta Attempts To Stop XSS. Read more

ha.ckers.org:
Live Italy Being Used Maliciously. Read more

www.2-spyware.com:
SpyLocked Removal Guide. Read more

blog.washingtonpost.com:
Stolen Identities Sold Cheap on the Black Market. Read more

taosecurity.blogspot.com:
Proactive vs Reactive Security. Read more

www.secureworks.com:
Gozi Trojan. Read more

blogs.msdn.com:
IE6 VPC Refresh Now Available. Read more

isc.sans.org:
Trust Relations, Defense in Depth, and Printers. Read more

wiki.noreply.org:
TheOnionRouter/SummerOfCode. Read more

ddanchev.blogspot.com:
Jihadists Using Kaspersky Anti Virus. Read more

ddanchev.blogspot.com:
Video on Analyzing and Removing Rootkits. Read more

www.symantec.com:
Windows Vista Network Attack Surface Analysis: A Broad Overview. Read more

www.avertlabs.com:
OSX Malware not taking off yet. Read more

www.esecurityplanet.com:
How Big A Crime is Invasion of Privacy? Read more

www.esecurityplanet.com:
What's a New Identity Cost? Less Than a CD. Read more

ecoraccm.blogs.com:
Video: VMware Security Tip of the Day - #7. Watch

 

Vulnerabilities & Exploits
securitytracker.com:
OpenOffice.org Office Suite Bugs Let Remote Users Execute Arbitrary Code or Shell Commands. Read more

securitytracker.com:
MERCUR Mailserver NTLM IMAP Command Integer Signedness Bug Permits Remote Code Execution. Read more

securitytracker.com:
Cisco 7940/7960 IP Phones Can Be Crashed With a SIP INVITE Message. Read more

securitytracker.com:
file Heap Overflow in file_printf() May Let Local Users Execute Arbitrary Code. Read more

securitytracker.com:
ZyXEL Router ZyNOS Can Be Crashed By Remote Users. Read more

securitytracker.com:
Asterisk Error in Processing INVITE Messages Lets Remote Users Deny Service. Read more

 

Tools:
www.truecrypt.org:
TrueCrypt 4.3 released. Read more

 

News
blogs.zdnet.com:
How Apple orchestrated web attack on researchers. Read more

www.newsfactor.com:
Symantec: U.S. Leads as Hacker Home. Read more

www.securityfocus.com:
China becomes bot-net epicenter Read more

www.securityfocus.com:
Researcher uncovers data thief's cache. Read more

www.theregister.co.uk:
MySpace to be co-opted into Month of Bugs. Read more

news.bbc.co.uk:
'Surge' in hijacked PC networks. Read more

www.pcadvisor.co.uk:
New stats show Firefox is more secure than IE. Read more

news.zdnet.com:
Tool turns unsuspecting surfers into hacking help. Read more

www.darkreading.com:
Speech Stirs Clickstream Controversy. Read more

www.darkreading.com:
Internet Explorer flaw leads to phishing attack. Read more

www.itnews.com.au:
Men are the biggest victims of Internet fraud. Read more

www.itnews.com.au:
Spam scam can swamp blogs with porn links. Read more

www.itnews.com.au:
KeyGhost launches corporate key-logger. Read more

today.reuters.co.uk:
Moore's Law hits physics in memory chips. Read more

today.reuters.co.uk:
N.Y. doctor pleads guilty in Internet steroid ring. Read more

www.terra.net.lb:
Eyes on the Internet, Dell launches low-priced computer in China. Read more

20 March 2007

Guides, Papers, etc
blogs.securiteam.com:
Firefox 3 to support HttpOnly cookies. Read more

isc.sans.org:
IE adoption rate. Read more

www.symantec.com:
Symantec Reports Rise in Data Theft, Data Leakage, and Targeted Attacks Leading to Hackers’ Financial Gain. Read more

www.pandasoftware.com:
New fraudulent adware uses rootkit techniques. Read more

ha.ckers.org:
VBScript Malware (XST and CSS History Hacking). Read more

ha.ckers.org:
Samy Worm Analysis. Read more

ha.ckers.org:
Detecting Default Browser in IE. Read more

www.darkreading.com:
Tools Fight Forensics. Read more

www.darkreading.com:
Soccer, Gaming & 'Exotic' Threats. Read more

www.darkreading.com:
Risk Factors. Read more

www.cs.ucdavis.edu:
Spam Double-Funnel: Connecting Web Spammers with Advertisers. Read more

www.securecomputing.com:
Eliminating Your SSL Blind Spot: The solution to managing—and securing—HTTPS traffic. Read more

www.eweek.com:
High Noon Coming For ICANN and Registrars. Read more

blogs.zdnet.com:
Video: Should Apple be making fun of Vista UAC? Read more

www.f-secure.com:
Video - Targeted Attacks. Watch

passivemode.net:
Video: 128 Bit Wifi Cracking in 60 Secs? Watch

 

Vulnerabilities & Exploits
securitytracker.com:
Takebishi DeviceXPlorer OPC Server Lets Remote Users Modify Memory to Execute Arbitrary Code. Read more

securitytracker.com:
Lookup Symlink Bug Lets Local Users Overwrite Arbitrary Files. Read more

securitytracker.com:
McAfee VirusScan Lets Local Users Bypass the Password Protection Feature. Read more

 

News
www.securityfocus.com:
Month of MySpace bugs coming? Read more

www.theregister.co.uk:
FBI: Internet crime pays. Read more

www.theregister.co.uk:
IE7 phishing bug nets concern. Read more

english.peopledaily.com.cn:
More professional Internet hackers fueling thriving underground economy. Read more

reviews.cnet.com:
Phishers attack the green zones. Read more

www.smh.com.au:
Pacific atolls host world's most dangerous websites. Read more

news.bbc.co.uk:
'Surge' in hijacked PC networks. Read more

www.technewsworld.com:
Report: Money Makes Malware World Go Round. Read more

www.theregister.co.uk:
China takes top spot in zombie PCs. Read more

ia.rediff.com:
US biggest source of cyber crime. Read more

www.eweek.com:
We're Number One! ... For Malicious Internet Activity. Read more

www.informationweek.com:
Spyware Puts Ads on Google.com. Read more

voipforsmb.tmcnet.com:
Hackers selling IDs for $14, Symantec says. Read more

www.thekansascitychannel.com:
Universities Try To Stifle Phony Diploma Sites. Read more

www.terra.net.lb:
Hackers sell fake credit cards for one dollar: study. Read more

www.nytimes.com:
Researchers Track Down a Plague of Fake Web Pages. Read more

www.computerworld.com:
Swedish Internet surveillance law stalled. Read more

uk.reuters.com:
Singapore woman jailed for online dating scam. Read more

19 March 2007

Guides, Papers, etc
blogs.securiteam.com:
OWASP Spring of Code. Read more

www.f-secure.com:
QuickSpace: MySpace Tracker launch by Quicktime. Read more

www.ic3.gov:
Internet Crime Rapport. Read more

www.physorg.com:
Can a Rootkit Be Certified for Vista? Read more

isc.sans.org:
Assessing websites for malicious content. Read more

www.cio.in:
5 Ways Google Is Shaking the Security World. Read more

www.computerworld.com:
Microsoft security guru wants Vista bugs rated less serious. Read more

www.networkcomputing.com:
No cookie for you! Read more

www.symantec.com:
Making Money in China Through Malware. Read more

www.noh.ro:
Cryptovirology. Read more

podcasts.mcafee.com:
Audio: McAfee AudioParasitics - Episode 2. Listen

www.youtube.com:
Video: The FB Hacker Discovered. Watch

 

Vulnerabilities & Exploits
securitytracker.com:
libwpd Buffer Overflows Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Sun Java System Web Server Sample Application Lets Remote Users Obtain Data. Read more

securitytracker.com:
Rational ClearQuest Input Validation Bugs in Attachments and in the Summary Page Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Horde Application Framework Cleanup Script Lets Local Users Delete Files. Read more

securitytracker.com:
Horde IMP Cleanup Script Lets Local Users Delete Files. Read more

securitytracker.com:
CA BrightStor ARCserve RPC Processing Bugs Let Remote Users Deny Service and Execute Arbitrary Code. Read more

 

Tools:
www.nanoscan.com:
NanoScan is a rapid, light and very effective online malware scanner: in less than a minute it can detect a huge number of viruses, spyware, Trojans and other threats that could be active on your PC. Read mor

 

News
www.redorbit.com:
Symantec Reports Rise in Data Theft, Data Leakage, and Targeted Attacks Leading to Hackers' Financial Gain. Read more

news.zdnet.co.uk:
Microsoft partner: Vista less secure than XP. Read more

seclists.org:
Xbox live accounts are being stolen. Read more

www.cio-today.com:
Will Data Storage Costs Increase Privacy? Read more

blogs.zdnet.com:
Video spam. Who would have guessed? Read more

17 March 2007

Guides, Papers, etc
www.antiphishing.org:
The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond. Read more

www.antispywarecoalition.org:
Best Practices: Guidelines to Consider in the Evaluation of Potentially Unwanted Technologies. Read more

www.darkreading.com:
Black Hat Woman. Read more

www.informationweek.com:
Virtualization's Next Frontier: Security. Read more

www.uspto.gov:
Filesharing Programs and “Technological Features to Induce Users to Share”. Read more

isc.sans.org:
Ongoing interest in Javascript issues. Read more

www.avertlabs.com:
Stock Scammers Phish, Pump and Dump. Read more

www.avertlabs.com:
Did the SEC frag a stock spammer? Read more

www.avertlabs.com:
MySpace Woes: Trojan targets French rock band fans. Read more

www.esecurityplanet.com:
Mozilla Security: More Than Meets The 'Aye'. Read more

www.eweek.com:
Focus on Forensics. Read more

reviews.cnet.com:
Phishers attack the green zones. Read more

www.itnews.com.au:
Fighting security ghosts in the virtual machine. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Cisco Online Help System Input Validation Hole Permits Cross-Site Scripting Attacks Against Several Cisco Products. Read more

 

Tools:
fileforum.betanews.com:
Wine is a project to allow a PC running a Unix-like operating system and the X Window System to run x86 programs for Microsoft Windows. Read more

 

News
www.securityfocus.com:
Anti-spyware bill could mean tougher fines. Read more

news.com.com:
Fortinet: Beware of Google's Blogger. Read more

news.zdnet.co.uk:
Microsoft: OneCare should not have been rolled out. Read more

opinion.zdnet.co.uk:
The slow poison of OneCare. Read more

www.betanews.com:
Microsoft Calls Reports of Missing Outlook Files 'Not Accurate'. Read more

www.betanews.com:
Microsoft Engineer Attempts Daring OneCare PR Rescue. Read more

www.theregister.co.uk:
Researchers take internet back to the drawing board. Read more

www.washingtonpost.com:
Hackers promise month of MySpace bugs. Read more

www.insurancejournal.com:
FBI: Internet Crimes Range from Auction Fraud to Murder Threats. Read more

www.apacs.org.uk:
Card fraud losses continue to fall. Read more

www.securityfocus.com:
RSA pledges to chase Trojans. Read more

today.reuters.co.uk:
Tycoon sentenced to jail in Livedoor fraud. Read more

www.itnews.com.au:
Spam hits records levels in February. Read more

www.smh.com.au:
Cracking Hollywood's code. Read more

news.zdnet.co.uk:
Top five PC manufacturers fail naked PC test. Read more

16 March 2007

Guides, Papers, etc
www.fortiguardcenter.com:
Malicious Code Appears on Blogger.com. Read more

www.2-spyware.com:
Interesting example of file sharing malware. Read more

www.websense.com:
Large Chinese Sites hosting Trojan Exploits. Read more

www.expresscomputeronline.com:
Top 10 Security Threats in 2007. Read more

arstechnica.com:
Your ISP may be selling your web clicks. Read more

isc.sans.org:
Javascript hiding everywhere. Read more

adblockplus.org:
Blacklists, whitelists, and security. Read more

www.symantec.com:
Gromozon Is “Live” - Update. Read more

www.symantec.com:
The Dread Pirate Roberts. Read more

techdirt.com:
Would An Anti-Spyware Law Do More Harm Than Good? Read more

www.darkreading.com:
Hacking the Real TJX Story. Read more

www.infoworld.com:
Real-world IT security challenges: Doing away with passwords. Read more

computerworld.com:
Cracking Google's 'secret sauce' algorithm. Read more

aolradio.podcast.aol.com:
Audio: Security Now 83: Vista's UAC. Listen

www.networked.bt.com:
Video: [Duration:1 hour] Bruce Schneier, Risto Siilasmaa, Michael Barrett, Security: not just a technical problem. Watch

news.zdnet.co.uk:
Video: Red Hat's big Linux update. Watch

 

Vulnerabilities & Exploits
mybeni.rootzilla.de:
GMail Information Disclosure. Read more

securitytracker.com:
Sun Java System Web Server May Let a Remote User With a Revoked Client Certificate Access the System. Read more

securitytracker.com:
Horde Application Framework Input Validation Flaw in 'NLS.php' Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Horde IMP Input Validation Holes in 'thread.php' and 'search.php' Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
PHP Nested Array Processing Lets Remote Users Deny Service. Read more

securitytracker.com:
Trend Micro Antivirus UPX File Divide By Zero Error Lets Remote Users Deny Service. Read more

securitytracker.com:
Xen QEMU Monitor Mode Lets Local Users Read Arbitrary Files. Read more

 

Tools:
imakeprojects.com:
GIVING YOURSELF A SIXTH SENSE for wireless networks. Read more

 

News
www.securityfocus.com:
Flaw finder warns of IE 7 phishing hole. Read more

www.ft.com:
Web censorship spreading globally. Read more

www.scmagazine.com:
Experts: Be aware of new Microsoft exploits despite patch-less Patch Tuesday. Read more

www.networkworld.com:
Stanford researchers scheming to rebuild Internet from scratch. Read more

www.vnunet.com:
Chinese hackers wake up to malware riches. Read more

www.viruslist.com:
Panda strikes China again. Read more

www.theregister.co.uk:
Old adware habits hard to break for AT&T and Travelocity. Read more

www.theregister.co.uk:
Blogger.com 'riddled' with malware. Read more

www.theregister.co.uk:
MySpace-hosted malware exploits QuickTime flaw. Read more

www.eweek.com:
Romanian Hacker Broadcasts eBay Customer Accounts. Read more

www.washingtonpost.com:
Cyber-Criminals and Their Tools Getting Bolder, More Sophisticated. Read more

www.infonetics.com:
Network security market to pass $5 billion mark in 2007. Read more

www.technewsworld.com:
Google Will Forget You Asked. Read more

www.wired.com:
'Yahoo Betrayed My Husband'. Read more

www.cio.in:
RSA to Offer Trojan Take-down Service. Read more

www.trendmicro.com:
Trend Micro Boosts TrendSecure Web-services with Acquisition of HijackThis Utility and Develops New Web Reputation Plug-in, TrendProtect. Read more

15 March 2007

Guides, Papers, etc
www.websense.com:
Norwegian Bank Malware Analysis. Read more

blogs.securiteam.com:
No MS advisories? Apple to the rescue. Read more

isc.sans.org:
Allaple worm. read more

www.darkreading.com:
Seven Steps to Safer WiFi. Read more

www.darkreading.com:
Shoes of a Phisherman. Read more

aviv.raffon.net:
Video: Phishing using IE7 local resource vulnerability. Watch

zdpub.vo.llnwd.ne:
Audio: Live From RSA: Core Puts Vista to Security Test. Listen

aolradio.podcast.aol.com:
Audio: TWiT 90: Idiocracy. Microsoft's OneCare fails the av test, the Microsoft way, and Sony Home...Listen

blip.tv:
Video: Former DMCA abuser Michael Crook, "Dear Internet, I'm Sorry". Watch

 

Vulnerabilities & Exploits
aviv.raffon.net:
Phishing using IE7 local resource vulnerability. read more

www.coresecurity.com:
OpenBSD's IPv6 mbufs remote kernel buffer overflow. Read more

securitytracker.com:
Apple QuickDraw Manager PICT Image Processing Heap Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mac OS X HFS+ File System Lets Local Users Deny Service. Read more

securitytracker.com:
Mac OS X ImageIO GIF and RAW Image Processing Bugs Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
McAfee ePolicy Orchestrator Buffer Overflow in 'SiteManager.Dll' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple OpenSSH Key Generation Process Lets Remote Users Deny Service. Read more

securitytracker.com:
Apple Software Update Format String Flaw Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple SMB File Server.Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code. Read more

securitytracker.com:
Adobe JRun IIS Connector Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
Mac OS X Lets Remote Users Execute Arbitrary Code and Local Users Obtain Elevated Privileges and Deny Service. Read more

securitytracker.com:
Mac OS X CUPS SSL Negotiation Lets Remote Users Deny Service. Read more

securitytracker.com:
Apple Mac OS X CoreGraphics PDF File Processing Bug Lets Remote Users Deny Service. Read more

 

News
news.zdnet.co.uk:
IE7 linked to possible phishing scam. Read more

www.securityfocus.com:
Phisher 'Vladuz' dodges eBay's defenses. Read more

www.theregister.co.uk:
Google to anonymize user data. Read more

news.zdnet.co.uk:
US agencies shun Windows Vista. Read more

www.dailyrecord.com:
Cop: Wife googled 'How to commit murder'. Read more

www.esecurityplanet.com:
Vikings Best, Polynesians Worst In Domain Safety. Read more

software.silicon.com:
Spam storm needs ISP action, urges security chief. Read more

today.reuters.co.uk:
Campaigner vows to "Make Spammers Pay!". Read more

www.wired.com:
Rise of the Netflix Hackers. Read more

arstechnica.com:
Racing games promote risky driving behavior: study. Read more

www.bath.ac.uk:
Research project could help create computers that run on light. Read more

14 March 2007

Guides, Papers, etc
www.benedelman.org:
Advertising Through Spyware -- After Promising To Stop. Reda more

blogs.securiteam.com:
Al-Qaeda’s planned attack in London - that’s why we need CPNI. Read more

blogs.securiteam.com:
e360 Sues Yet Again. Read more

www.avertlabs.com:
Psst! You’ve Got Porn! Read more

www.siteadvisor.com:
Mapping the Mal Web. Read more

www.f-secure.com:
Secure logins? Read more

www.f-secure.com:
Apple Updates. Read more

isc.sans.org:
OpenBSD IPv6 remote vulnerability. Read more

www.darkreading.com:
Smart USBs Gone Bad. Read more

www.computerworld.com:
How to surf anonymously without a trace. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Blackberry OS WML Link Processing Lets Remote Users Temporarily Deny Service. Read more

securitytracker.com:
KTorrent Bugs Let Remote Users Overwrite Files and Deny Service. Read more

securitytracker.com:
MySQL Single Row Subselect Statements Let Remote Users Deny Service. Read more

 

Tools:
www.microsoft.com:
Hotfix Scan Tool for Windows Server 2003 Service Pack 2 Deployment - English. Read more

www.technewsworld.com:
Norton 360: Is Hands-Off Security a Good Thing? Read more

www.polyglot3000.com:
Polyglot 3000 is an automatic language identifier. Read more

 

News
www.allheadlinenews.com:
China To Tighten Internet Control. Read more

www.sec.gov:
SEC and U.S. Attorney Charge Three Offshore Hackers with Hijacking Online Brokerage Accounts, Manipulating Market. Read more

today.reuters.co.uk:
Microsoft pursues UK "cybersquatters". Read more

www.usatoday.com:
Chinese hackers seek U.S. access. Read more

www.securityfocus.com:
DHS opens first cyber-forensics center. Read more

www.theregister.co.uk:
If you must pirate, use counterfeit Windows. Read more

www.computerworld.com:
Mozilla wrestles with Firefox 3.0 security moves. Read more

passivemode.net:
Arrest in 911 SWATing Case. Read more

www.sophos.com:
Sophos kills Second Life on corporate networks. Read more

www.reuters.com:
Viacom in $1 billion copyright suit versus Google, YouTube. Read more

13 March 2007

Guides, Papers, etc
www.avertlabs.com:
Windows Vista Vulnerable to StickyKeys Backdoor. Read more

www.avertlabs.com:
Spam Tools Exposed (Again). Read more

blogs.securiteam.com:
Generating Test Cases. Read more

www.securityfocus.com:
Blanket Discovery for Stolen Laptops. Read more

ha.ckers.org:
Bypassing Port Blocking Using Malicious FTP Server. Read more

ha.ckers.org:
Yahoo Mail XSS 0-Day. Read more

www.darkreading.com:
New Tool: Virtual Tip of the Iceberg. Read more

www.darkreading.com:
Die Hard: Metasploit. Read more

www.eweek.com:
Security Is in the Process. Read more

www.esecurityplanet.com:
What's Driving Cyber Crime? Read more

www.eweek.com:
Welcome to the Spam Economy. Read more

 

News
www.theregister.co.uk:
McAfee maps malware risk domains. Read more

www.theregister.co.uk:
Nigerians launch fake Met Police site. Read more

www.pcadvisor.co.uk:
Windows Trojan targets eBay users. Read more

www.belleville.com:
Hackers from India indicted in brokerage scheme. Read more

securitywatch.eweek.com:
Go Daddy Hit with DoS, Not DST. Read more

cities.expressindia.com:
Mumbai Police can now nail web offenders. Read more

today.reuters.co.uk:
Internet name system in growing danger. Read more

www.internetnews.com:
Feds Hit 3 Hackers in Stock 'Pump and Dump'. Read more

www.miamiherald.com:
Ethical hackers have fun, earn oodles. Read more

www.timesonline.co.uk:
Al-Qaeda plot to bring down UK internet. Read more

www.securityfocus.com:
Microsoft OneCare deleted Outlook e-mails. Read more

12 March 2007

Guides, Papers, etc
blogs.securiteam.com:
When size doesn’t matter. Read more

msdn2.microsoft.com:
Security Development Lifecycle (SDL) Banned Function Calls. Read more

isc.sans.org:
New malware spreading through compromised sites. Read more

ha.ckers.org:
My Lunch With Samy. Read more

www.microsoft-watch.com:
No Saving Time in Microsoft DST Patches? Read more

msmvps.com:
Jetlag and DST = what the heck is the time anyway? Read more

www.net-security.org:
(IN)SECURE Magazine ISSUE 1.10 (February 2007). Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Sun Java Dynamic Management Kit Lets Certain Local Users Access Restricted Data. Read more

securitytracker.com:
OpenBSD ICMP6 mbuf Vulnerability Has Unspecified Impact. Read more

 

News
www.usatoday.com:
Chinese hackers seek U.S. access. Read more

australianit.news.com.au:
China's great firewall. Read more

passivemode.net:
Int’l Hacking Ring Busted in Metro. Read more

www.computerworld.com.au:
Hosting company hit by hack attack. Read more

today.reuters.com:
Game over for China's net addicts. Read more

www.itnews.com.au:
Bagle still the malware boss. Read more

10 March 2007

Guides, Papers, etc
blogs.securiteam.com:
Coming with the bling. Read more

blogs.securiteam.com:
Operation spamalot. Read more

isc.sans.org:
Malformed OLE and Windows Explorer. Read more

isc.sans.org:
Brazilian Tax Season. Read more

blogs.authentium.com:
Security does not mean generating malware. Read more

www.securitycadets.com:
Watch out for SpyAway, PerfectCleaner & more! Read more

www.darkreading.com:
A New Spin on Honeynets. Read more

www.darkreading.com:
One Bite Is Not Enough. Read more

ha.ckers.org:
Firefox Header Redirection JavaScript Execution. Read more

reviews.cnet.com:
Beware your evil twin (hot spot, that is). Read more

bindshell.net:
Manipulating FTP Clients Using The PASV Command. Read more

passivemode.net:
Spying Raises Academic Questions. Read more

blog.washingtonpost.com:
Vishing: Dialing for Dollars, Part II. Read more

blog.state-v-amero.com:
State V. Amero. Read more

aolradio.podcast.aol.com:
Audio: Security Now 82: Cyberwarfare. Listen

passivemode.net:
Video: Crime: The Real Internet Security Problem. Watch

 

Vulnerabilities & Exploits
www.kb.cert.org:
Microsoft Windows Explorer fails to properly handle malformed OLE documents. Read more

securitytracker.com:
CA eTrust Admin GINA Password Reset Interface Lets Users Gain Privileged Access. Read more

 

News
www.securityfocus.com:
SEC halts trading in spam-touted stocks. Read more

www.theregister.co.uk:
Microsoft admits WGA update phones home. Read more

opinion.zdnet.co.uk:
Microsoft's meltdown. Read more

www.darkreading.com:
DNS Attack: Possible Botnet Sales Pitch. Read more

www.betanews.com:
OneCare Deletes Users' Outlook Files. Read more

www.infoworld.com:
Symantec: Image spam climbs. Read more

www.infoworld.com:
'Winfixer' mystery slowly unravels. Read more

news.com.com:
New shield foiled Internet backbone attack. Read more

www.norwichbulletin.com:
Experts rebuke Amero ruling. Read more

www.theregister.co.uk:
How many VMs are on your LAN – and how sure are you? Read more

www.theregister.co.uk:
Wife of Chinese cyber-dissident sues Yahoo! Read more

www.itnews.com.au:
Poor passwords open web bank users to ID theft. Read more

www.wired.com:
Judge Allows Reiser Murder Charge. Read more

securitywatch.eweek.com:
Don't Trust GnuPG Encrypted and Signed E-Mail. Read more

www.consumerist.com:
Hacker Taunts Americans For Letting Him Steal Their Identities. Read more

www.pcworld.com:
The 50 Most Important People on the Web. Read more

09 March 2007

Guides, Papers, etc
www.icann.org:
Root server attack on 6 February 2007. Read more

www.securityfocus.com:
Tor hack proposed to catch criminals. Read more

isc.sans.org:
The Grammar of WMIC. Read more

www.securitycadets.com:
Lawsuit against WinFixer…Read more

www.darkreading.com:
A New Spin on Honeynets. Read more

ha.ckers.org:
Practical Anti-DNS Pinning Writeup. Read more

ha.ckers.org:
Charset Vulnerability Map. Read more

computerworld.co.nz:
Browser vulnerabilities and attacks will heat up. Read more

www.eweek.com:
A Cheap and Easy Proposal for File Distribution Safety. Read more

reviews.cnet.com:
Hacking with smart phones. Read more

www.slate.com:
How Do You Intercept a Text Message? Read more

 

Vulnerabilities & Exploits
securitytracker.com:
MailEnable Buffer Overflow in IMAP APPEND Command Lets Remote Authenticated Users Execute Arbitrary Code. Read more

securitytracker.com:
Sun Fire Server 'ipmitool' Lets Authenticated Users Gain Administrative Privileges. Read more

securitytracker.com:
Ipswitch IMail Server Buffer Overflows in ActiveX Controls Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Windows Explorer OLE Parsing Bug Lets Users Deny Service. Read more

 

Tools:
lifehacker.com:
Download of the Day: Microsoft Office Remove Hidden Data Add-in. Read more

www.geekzone.co.nz:
Thought powered game controller - Emotiv releases a "mindreader". Read more

 

News
news.com.com:
SEC goes after stock spammers, hackers. Read more

googleblog.blogspot.com:
Hitting spammers where it hurts. Read more

www.theregister.co.uk:
LexisNexis hacker jailed and fined. Read more

www.vnunet.com:
Microsoft skips March Patch Tuesday. Read more

www.heise-security.co.uk:
All Microsoft updates phone home. Read more

www.ohio.com:
Military base busy fending off computer hackers. Read more

today.reuters.com:
Google Earth patent infringement suit dismissed. Read more

08 March 2007

Guides, Papers, etc
www.f-secure.com:
Case Singel.de. Read more

www.symantec.com:
30 Second Backdoor. Read more

isc.sans.org:
Building a remote buffer overflow for the Snort 2.6.1 DCE/RPC flaw. Read more

www.securitypark.co.uk:
Many Web application security vulnerabilities are not as serious as they seem. Read more

www.darkreading.com:
A Breach a Month – Or More. Read more

www.darkreading.com:
Startup Launches Breakout Testing Tool. Read more

www.darkreading.com:
Sexless Spam. Read more

ha.ckers.org:
Wall Street Journal Article on Google Desktop. Read more

www.computerworld.com:
Seven ways to keep your search history private. Read more

computerworld.co.nz:
Study: World needs more data storage space. Read more

 

Vulnerabilities & Exploits
sf-freedom.blogspot.com:
Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow: Part 1 - Denial Of Service. Read more

sf-freedom.blogspot.com:
Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow: Part 2 - Command Execution. Read more

securitytracker.com:
OpenBSD Kernel mbuf Handling Bug Lets Local Users Deny Service. Read more

securitytracker.com:
Novell NetMail Buffer Overflow in WebAdmin Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
IBM DB2 Local Fenced Processes Can Access Restricted Directories. Read more

securitytracker.com:
util-linux 'umount' NULL Dereference Lets Local Users Obtain Memory Contents. Read more

 

Tools:
e-axe.mytty.org:
kisgearth is a small perl script that gives you the possibility to convert your kismet xml logfiles to google earth kml files. Read more

sourceforge.net:
sshguard protects hosts from the plague of brute force attacks against ssh. Read more

 

News
www.theregister.co.uk:
eBay goes hacker hunting in Romania. Read more

www.securityfocus.com:
McAfee takes on new CEO. Read more

www.computerworld.com:
Microsoft confirms OneCare zaps Outlook, Outlook Express e-mail. Read more

www.theregister.co.uk:
Stormy weather for malware defenses. Read more

www.pcadvisor.co.uk:
Bagle worm still a threat 3 years on. Read more

www.viruslist.com:
Revenge hacker charged in Belarus. Read more

07 March 2007

Guides, Papers, etc
www.net-security.org:
Modifications for Stopping phpBB Forum Spambots. Read more

ddanchev.blogspot.com:
Botnet Communication Platforms. Read more

www.computerworld.com:
How dangerous is Skype? Read more

isc.sans.org:
Time for an Xb0t 360? Read more

www.avertlabs.com:
Michelangelo Turns 15. Read more

sunbeltblog.blogspot.com:
Malware authors take over Live searches in Italy. Read more

www.itnews.com.au:
Frustrated Symantec partners seek antivirus alternatives. Read more

marketplace.publicradio.org:
Computer crime gets organized. Read more

www.newsfactor.com:
Passwords and the Limitations of People. Read more

www.washingtonpost.com:
Stopping Spyware at the Source. Read more

s3g-mirror.malware-dmz.org:
Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure. Read more

www.f-secure.com:
Video - Aloha Phishing Demo. Read more

tazforum.thetazzone.com:
2007 A Hacking Odyssey: Part Two – Network Scanning & Nmap Part 1. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Mozilla Firefox JavaScript URI in IMG SRC Attribute Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
GnuPG and Several E-mail Clients Let Remote Users Inject Unsigned Data into Signed Messages. Read more

 

News
www.ccianet.org:
CCIA President Ed Black Comments on Microsoft Attacks on Google. Read more

blogs.abcnews.com:
Whistle-blower Had to Fight NSA, LA Times to Tell Story. Read more

today.reuters.com:
Yahoo! China sued for alleged copyright breach. Read more

blogs.zdnet.com:
Why Google will never pay for content. Read more

thetyee.ca:
Digital Child Porn Watchdog: Too Big a Bite? Read more

technology.timesonline.co.uk:
Wikipedia chief promises change after 'expert' exposed as fraud. Read more

today.reuters.com:
Microsoft explores camera phones for map searches. Read more

06 March 2007

Guides, Papers, etc
blogs.securiteam.com:
MS OneCare last in anti-virus tests - what’s the future. Read more

isc.sans.org:
Comparing Anti-Virus Solutions. Read more

www.securityfocus.com:
Stormy weather for malware defenses. Read more

www.securityfocus.com:
Report: Java coders should secure samples. Read more

invisiblethings.org:
Beyond The CPU: Defeating Hardware Based RAM Acquisition Tools (Part I: AMD case) - February 2007.
Black Hat DC 2007 Presentation (updated) (PPT, 1MB). Read more
Demo movies (RAR, 33MB). Download

s3g-mirror.malware-dmz.org:
Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure. Read more

s3g-mirror.malware-dmz.org:
Detecting Targeted Attacks Using Shadow Honeypots. Read more

www.symantec.com:
Rinbot and Bots in General. Read more

www.darkreading.com:
Battling Bots, Doing No Harm. Read more

www.darkreading.com:
Deep Threat. Read more

www.darkreading.com:
Joke's on Me. Read more

www.darkreading.com:
Identifying With DHS. Read more

blogs.zdnet.com:
The facts on VMware vs. Microsoft. Read more

phishtrails.blogspot.com:
Mining Web Server logs. Read more

www.networkworld.com:
Issues with SSID cloaking. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
QuickTime Buffer Overflows and Integer Overflows in Processing 3GP, MIDI, Quicktime movie, PICT , and QTIF Files Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
EMC NetWorker Weak Authentication Lets Remote Users Gain Root Privileges. Read more

securitytracker.com:
Asterisk SIP Channel Driver Bug Lets Remote Users Deny Service. Read more

 

Tools:
www.betanews.com:
VMware ACE Beta to Ease Management. Read more

 

News
blogs.zdnet.com:
U.S. government’s NOAA site hacked by pill pushing spammers. Read more

blogs.zdnet.com:
Serious QuickTime bugs bite Windows Vista, Mac OS X. Read more

news.zdnet.co.uk:
Apple fixes QuickTime flaws. Read more

www.theregister.co.uk:
Microsoft's OneCare flunks anti-virus test. Read more

news.com.com:
Microsoft to blast Google over copyrights. Read more

www.macworld.co.uk:
Mac Office users were Microsoft 'guinea pigs'. Read more

today.reuters.com:
China bans new Internet cafes for a year. Read more

www.theregister.co.uk:
eBay users targeted by advanced Trojan. Read more

www.theregister.co.uk:
Hackers plant backdoor in blogging software. Read more

www.theregister.co.uk:
Hacker steals crucial data from French Prez candidate. Read more

www.vnunet.com:
Man sues Microsoft over porn surfing history. Read more

www.theregister.co.uk:
Intel 'hacker' clears his name. Read more

www.computerworld.com:
Vista activation crack a 'joke,' says hacker. Read more

05 March 2007

Guides, Papers, etc
blogs.securiteam.com:
WordPress 2.1.1 backdoored. Read more

www.symantec.com:
The Impact of Malicious Code on Windows Vista. Read more

www.symantec.com:
Hit or Miss? Vista and Current Threat Survivability. Read more

www.f-secure.com:
WordPress Remote PHP Execution. Read more

www.f-secure.com:
Email-Worm.Win32.Warezov.Email-Worm.Win32.Email-Worm.Win32.Warezov.jx. Read more

isc.sans.org:
JavaScript traps for analysts. Read more

isc.sans.org:
New tool in the fight against malware distribution. Read more

www.securitycadets.com:
Neospace Internet Security - Another Rogue! Read more

ha.ckers.org:
Yahoo Login Redirect Information Leakage. Read more

www.sophos.com:
Spam can be bad for your health. Read more

blogs.securiteam.com:
Month of PHP Bugs - Secondary Message? Read more

news.softpedia.com:
Free Encryption in Windows XP Professional. Read more

blog.fabriceroux.com:
Hardware DEP has a backdoor. Read more

i.i.com.com:
Beyond The CPU: Defeating Hardware Based RAM Acquisition. Read more

 

Vulnerabilities & Exploits
elsenot.com:
Windows ElseNot List. Read more

securitytracker.com:
Novell Access Manager SSL VPN 'policy.txt' File Can By Modified By Remote Authenticated Users to Bypass VPN Network Access Controls. Read more

 

News
wordpress.org:
WordPress 2.1.1 dangerous, Upgrade to 2.1.2. Read more

www.pcadvisor.co.uk:
Vista's firewall slammed by Symantec. Read more

news.zdnet.co.uk:
Researcher kicks off 'Month of PHP Bugs'. Read more

blogs.zdnet.com:
Hardware-based rootkit detection proven unreliable. Read more

www.boston.com:
Online search for Registry ends in a wrong turn. Read more

03 March 2007

Guides, Papers, etc
www.theregister.co.uk:
The rise of zero-day patches. Read more

isc.sans.org:
Weekend grab bag. Read more

hexblog.com:
On batch analysis. Read more

www.darkreading.com:
Tool IDs Hidden Malware. Read more

www.darkreading.com:
Accountability vs. Responsibility. Read more

www.computerworld.com:
Black Hat: We're all terribly leaky. Read more

www.av-comparatives.org:
Anti-Virus Comparative February 2007. Read more

ddanchev.blogspot.com:
Real Time Censored URL Check in China. Read more

news.bbc.co.uk:
Falling into the Vista trap. Read more

www.internetnews.com:
Microsoft OneCare Bombs Out In Antivirus Test. Read more

adwords.blogspot.com:
Invalid Clicks – Google’s Overall Numbers. Read more

wiki.castlecops.com:
Castlecops went through five hells and back, but they're still standing. Read more

ha.ckers.org:
PortScanning Without JavaScript Part 2. Read more

www.infoworld.com:
Reflections of a 20-year IT security veteran. Read more

www.eweek.com:
NAC Is Whack? Read more

blogs.zdnet.com:
The Vista brute force keygen - It works, but …Read more

www.computerworld.com:
Disk drive failures 15 times what vendors say, study says. Read more

computer.howstuffworks.com:
How does a 'logic bomb' work? Read more

twit.cachefly.net:
Audio: Windows Weekly 16: The Red Ring of Death. Vista, five years and out, a new `activation crack, and the problem with online calendars. Listen

 

Vulnerabilities & Exploits
securitytracker.com:
Apache Tomcat JK Web Server Connector Buffer Overflow in map_uri_to_worker() Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Kaspersky Anti-Virus Error in Processing UPX Files Lets Remote Users Deny Service. Read more

securitytracker.com:
Tcpdump Off-by-One Heap Overflow Lets Remote Users Deny Service. Read more

securitytracker.com:
Symantec Mail Security for SMTP Message Processing Bug May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
SQL-Ledger Directory Traversal Bug Lets Remote Users View or Write Files and Execute Arbitrary Code. Read more

 

News
www.securityfocus.com:
Ferret underscores pesky privacy problems. Read more

www.informationweek.com:
Brief: Black Hat Spat Shows Security Researchers Walking A Fine Line. Read more

www.pcpro.co.uk:
Antivirus firms charge loyal customers more. Read more

www.technewsworld.com:
Rinbot Worm Threatens Big Business Networks. Read more

www.theregister.co.uk:
Vista product activation unpicked. Read more

www.theregister.co.uk:
eBay plugs hole in sign-on page. Read more

redtape.msnbc.com:
How far has 'Vladuz' hacked into eBay? Read more

02 March 2007

Guides, Papers, etc
www.securiteam.com:
Evading the Norman SandBox Analyzer. Read more

www.joewein.net:
Botnets meet “Nigerian” spam. Read more

www.symantec.com:
Here's One that Speaks for Itself. Read more

www.symantec.com:
The Impact of Malicious Code on Windows Vista. Read more

www.networkcomputing.com:
Analysis: Browser Security. Read more

www.sophos.com:
Malware adopts disguises in attempt to dupe IT defenses. Read more

www.darkreading.com:
Getting to Know the Enemy Better. Read more

www.darkreading.com:
DOD Wants Hackers' Help. Read more

www.zdnetindia.com:
PC hardware can pose rootkit threat. Read more

neosmart.net:
We Love You, Rinbot! Read more

www.eweek.com:
Marketing By Security Research. Read more

www.eweek.com:
ACLU, Outrage Fill in the Silence at Black Hat RFID Session. Read more

www.technewsworld.com:
Developing Best Practices to Combat ID Theft, Part 1. Read more

www.technewsworld.com:
Gates' Mac Attack: Fact vs. Fiction. Read more

searchengineland.com:
Google: Click Fraud Is 0.02% Of Clicks. Read more

news.com.com:
Your Wi-Fi can tell people a lot about you. Read more

podcasts.mcafee.com:
Audio: AudioParasitics Episode 1. The Nordea Bank phishing incident. Listen

aolradio.podcast.aol.com:
Audio: Security Now 81: Hard Drive Reliability. Listen

 

Vulnerabilities & Exploits
ha.ckers.org:
Embed Allowscriptaccess “Never” Subversion. Read more

securitytracker.com:
Blender 'kmz_ImportWithMesh.py' Script Lets Remote Users Execute Arbitrary Python Commands. Read more

securitytracker.com:
Citrix Presentation Server Client for Windows Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Webmin Input Validation Hole in 'chooser.cgi' Permits Cross-Site Scripting Attacks. Read more

 

Tools:
fileforum.betanews.com:
Tor for Windows 0.1.2.8 Beta. Read more

 

News
money.cnn.com:
New computer virus threatens biz nets. Read more

www.securityfocus.com:
Maynor reveals missing Apple flaw. Read more

www.darkreading.com:
10 Oracle Bugs in 10 Minutes. Read more

www.securityfocus.com:
Month of PHP bugs kicks off. Read more

www.theregister.co.uk:
Botnets punt Russian dog-barking translation spam. Read more

www.informationweek.com:
Worm Attack: A Grudge Match With Symantec? Read more

www.itnews.com.au:
Update: New MySpace Trojan discovered. Read more

www.informationweek.com:
Hackers' Latest Attack: Malware In Disguise. Read more

news.com.com:
CNN parent hit by bot worm. Read more

news.softpedia.com:
Microsoft OneCare – a Last and Least Anti-Virus. Read more

www.slashgear.com:
Vista product activation hacked already. Read more

www.2-spyware.com:
Microsoft is going to buy Claria? Read more

www.threadwatch.org:
Godaddy grabs a valuable domain name from their customer because of invalid email and profits from it.. Read more

ha.ckers.org:
Google Announces Invalid Domain Through Blacklisting. Read more

news.zdnet.co.uk:
Software bug dictionary aims to cut confusion. Read more

news.zdnet.co.uk:
Berners-Lee promotes 'nondiscriminatory internet'. Read more

www.vnunet.com:
Security firms laugh at 'unstoppable Trojan' claims. Read more

01 March 2007

Guides, Papers, etc
support.microsoft.com:
Separation of Internet Explorer 7 from the Windows shell. Read more

www.symantec.com:
Security Implications of Windows Vista (PDF). Read more

www.viruslist.com:
Kaspersky Security Bulletin 2006: Malware Evolution. Read more

ha.ckers.org:
Steal Browser History Without JavaScript. Read more

www.sophos.com:
Child abuse suspicion no excuse for hacking, says Sophos poll. Read more

isc.sans.org:
Super Bowl Infection - Analysis of One Break-in. Read more

www.sophos.com:
Malware adopts disguises in attempt to dupe IT defenses. Read more

www.darkreading.com:
HID, IOActive Butt Heads Again. Read more

www.securityfocus.com:
Zero Day Patches. Read more

www.darkreading.com:
Like a Sieve. Read more

www.banktechnews.com:
Anti-Malware: Calling Off the Watchdogs. Read more

www.hardwaresecrets.com:
How to Enable Processor-Based Security. Read more

www.greatfirewallofchina.org:
Great Firewall of China. Read more

www.eweek.com:
The Dissection of a Rootkit. Read more

www.businessweek.com:
The Bottom Line on Bots. Read more

www.av-comparatives.org:
Anti-Virus Comparative February 2007. Read more

 

Vulnerabilities & Exploits
www.gnucitizen.org:
PDF Strikes Back. Read more

securitytracker.com:
Cisco Catalyst 6000 and 6500 and Cisco 7600 Network Analysis Module SNMP Spoofing Lets Remote Users Gain Access. Read more

securitytracker.com:
Cisco Catalyst 6000 and 6500 and Cisco 7600 MPLS Bug Lets Remote Users Deny Service. Read more

 

News
www.securityfocus.com:
Researcher sees ROM as rootkit home. Read more

www.theregister.co.uk:
Warezov worm fiends target Skype. Read more

www.wired.com:
Castrated RFID Talk at Black Hat. Read more

www.securityfocus.com:
Digital forensics plagued by expanding storage. Read more

www.virusbtn.com:
Cartoon trojan threatens P2P users. Read more

www.networkworld.com:
New version of Storm virus infects blogs and other Web postings. Read more

www.digitmag.co.uk:
Vista security full of holes says Symantec. Read more

www.betanews.com:
Symantec Vista White Paper Links to PatchGuard Crack. Read more

blogs.pcworld.com:
A Note to the Amero Case Juror. Read more

www.pcworld.com:
Take Action: Julie Amero Porn Case. Read more

www.theregister.co.uk:
Solaris offers fix for zero-day vuln. Read more

news.softpedia.com:
Yahoo Mail a Virus? Definitely Not! Read more

www.techworld.com:
User-privilege flaw hits Vista. Read more

www.cio.in:
Black Hat Dispute Stirs RFID Security Awareness. Read more

www.informationweek.com:
Kaspersky Report: Targeted Trojans Will Plague 2007. Read more

www.cio.in:
Researchers: Worms not Heading Underground. Read more

arstechnica.com:
New "watermark" system scours the net for infringement, notifies owners. Read more


Copyright© MegaSecurity.org