Home    News Archive    Translate Traducen
News May 2005
31 May 2005

Guides, Papers, etc
www.pcworld.com:
Security Tips: Identify Malware Hiding in Windows' System Folders. Read more

An Investigation of a Compromised Host on a Honeynet Being Used to Increase the Security of a Large Enterprise Network
by Timothy R. Jackson, John G. Levine, Julian B. Grizzard, Henry L. Owen. Read more

 

Vulnerabilities & Exploits
www.frsirt.com:
PeerCast Malformed URL Remote Format String Vulnerability. Read more

www.frsirt.com:
NPDS Multiple SQL Injection and Cross Site Scripting Vulnerabilities. Read more

www.frsirt.com:
Compuware SoftICE "DbgMsg.sys" Driver Local Denial of Service. Read more

www.frsirt.com:
WordPress "cat_ID" Remote SQL Injection Vulnerability. Read more

www.frsirt.com:
Clam Antivirus Mac OS X Local Command Execution Vulnerability. Read more

www.securiteam.com:
Meteor FTP Server Buffer Overflow (username). Read more

lists.grok.org.uk:
Spam exploiting MS05-016. Read more

pb.specialised.info:
Compuware Softice (DbgMsg driver) Local Denial Of Service. Read more

 

News
www.ctv.ca:
Many unaware of browser-security link: study. Read more

management.silicon.com:
Denial of service attack victim speaks out. Read more

www.haaretz.com:
Top-tier Israeli firms suspected of spying on competition. Read more

news.softpedia.com:
Firefox about to get IE on its knees. Read more

www.theinquirer.net:
Microsoft takes the ‘my’ out of computing. Read more

australianit.news.com.au:
Corby site under attack. Read more

www.newswireless.net:
Spyware, not wireless war-drivers, remains the real security threat. Read more

30 May 2005

Guides, Papers, etc
www.enterprisenetworkingplanet.com:
Botnets: Who Really "0wns" Your Computers. Read more

nwc.securitypipeline.com:
Four Ways To Secure Enterprise Instant Messaging. Read more

dot.kde.org:
Interview With KDE-PIM Hacker Till Adam. Read more

dot.kde.org:
Interview with KDE-PIM Hacker Daniel Molkentin. Read more

www.securityfocus.com:
Device drivers filled with flaws, threaten security. Read more

HONEYNETS: FOUNDATIONS FOR THE DEVELOPMENT OF EARLY WARNING INFORMATION SYSTEMS. Read more

 

Vulnerabilities & Exploits
www.securityfocus.com:
Microsoft Internet Explorer Object Embedding Denial of Service Vulnerability. Read more

www.securityfocus.com:
Microsoft Internet Explorer Restricted Sites Malformed URI Denial of Service Vulnerability. Read more

www.securitytracker.com:
ServersCheck Lets Remote Authenticated Users Traverse the Directory. Read more

www.securitytracker.com:
India Software Solution Shopping Cart Input Validation Hole in 'signin.asp' Permits SQL Injection. Read more

www.securitytracker.com:
NPDS Input Validation Holes in 'glossaire' Module and Links Search Script Permit SQL Injection. Read more

www.securitytracker.com:
Online Solutions for Educators Input Validation Hole Permits SQL Injection. Read more

www.frsirt.com:
PhpStat "check" Administrative Authentication Bypass Vulnerability. Read more

www.debian.org:
DSA-730-1 bzip2 -- race condition. Read more

www.cyber-army.org:
Yahoo!: Getting Yahoo Radio Full Acess ( Exploit. ). Read more

 

News
www.wired.com:
Israelis Nab Computer Spies. Read more

www.zdnet.com.au:
Windows GSM phones get 'unbreakable' encryption. Read more

www.chinadaily.com.cn:
New threats hit AOL, Yahoo IM. Read more

www.bankofamerica.com:
Bank of America announces industry-leading security feature for its 13.2 million online banking customers to help prevent fraud and identity theft. Rea more

weblogs.mozillazine.org:
GoDaddy's $1000 "Warranty". Read more

www.vnunet.com:
EU zombie army leads the world. Read more

www.theinquirer.net:
Earthlink releases hacked firmware for Linksys routers. Read more

www.wired.com:
Big Brother Tries to Muscle ISPs. Read more

29 May 2005

Guides, Papers, etc
www.cyber-army.org:
The Art of Rootkits. Read more

www.cyber-army.org:
The Art of Brute Force. Read more

Anti-Malware Tools: Intrusion Detection Systems by Martin Overton. Read more

 

Tools:
www.securityguidance.com:
The Microsoft Security Risk Self-Assessment Tool. Read more

 

Vulnerabilities & Exploits
www.frsirt.com:
Microsoft Internet Explorer Denial of Service Vulnerabilities. Read more

www.securityfocus.com:
Microsoft Windows XP Windows Management Instrumentation Denial of Service Vulnerability. Read more

www.securityfocus.com:
Microsoft Internet Explorer JavaScript OnLoad Handler Denial of Service Vulnerability. Read more

www.frsirt.com:
JAWS "term" Parameter Cross Site Scripting Vulnerability. Read more

securitytracker.com:
Hosting Controller 'resellerresources.asp' Lets Remote Authenticated Users View and Delete Reseller Plans. Read more

securitytracker.com:
Clam AntiVirus on Mac OS Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
PHPMailer Data() Function Infinite Loop Lets Remote Users Deny Service. Read more

securitytracker.com:
Nortel VPN Router Lets Remote Users Deny Service. Read more

securitytracker.com:
Halo: Combat Evolved Processing Error Lets Remote Users Deny Service. Read more

securitytracker.com:
PostNuke Input Validation Error in 'readpmsg.php' Permits SQL Injection and Cross-Site Scripting Attacks. Read more

www.osvdb.org:
Terminator 3: War of the Machines Client CD-key Overflow. Read more

www.osvdb.org:
Terminator 3: War of the Machines Nickname Overflow DoS. Read more

 

News
www.it-observer.com:
Microsoft Launched Anti-Spam Tools. Read more

www.mb.com.ph:
Anti-virus firm revives inter-school programming contest for students. Read more

www.theregister.co.uk:
Reformed UK fraud law to tackle phishing attacks. Read more

nwc.systemsmanagementpipeline.com:
Virus E-Mail To Increase. Read more

www.bayoubuzz.com:
Microsoft-Netscape Conflict Leaves Firefox. Read more

www.hindu.com:
US unveils new supercomputer. Read more

28 May 2005

Guides, Papers, etc
www.securityfocus.com:
Bluetooth Security Review, Part 2. Read more

Honeypot-based Forensics by F. Pouget, M. Dacier. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
phpStat 'setup.php' Lets Remote Users Modify the Administrative Password. Read more

securitytracker.com:
ZonGG Input Validation Hole in 'ad/login.asp' Permits SQL Injection. Read more

securitytracker.com:
Hosting Controller 'UserProfile.asp' Lets Remote Authenticated Users Modify Other User Profiles. Read more

securitytracker.com:
PHP Poll Creator Include File Error Lets Remote Users Execute Arbitrary Commands. Read more

 

News
apnews.myway.com:
CIA's Internet War Exercise Wraps Up Today. Read more

apnews.myway.com:
CIA Overseeing 3-Day War Game on Internet. Read more

www.theregister.co.uk:
Device drivers filled with flaws. Read more

www.eweek.com:
Windows Update Skimps on Wi-Fi Security Compliance. Read more

www.theregister.co.uk:
Fraud expert becomes victim of credit card crime. Read more

www.f-secure.com:
The Kid in the Lab
This is Otto Ebeling. He's 16 years old and he's been working in our viruslab for the past two weeks. Read more

cities.expressindia.com:
Meet the teen who’s teaching policemen how to be ethical hackers. Read more

news.com.com:
When a lawyer gets hit by spammers, expect a lawsuit. Read more

www.informationweek.com:
Montana Agencies Left Private Info On Discarded PCs. Read more

news.zdnet.co.uk:
Stealth virus warning sounded again. Read more

www.websensesecuritylabs.com:
Phishing Alert: Multiple French Banks. Read more

www.websensesecuritylabs.com:
Phishing Alert: University of Pennsylvania SFCU. Read more

www.websensesecuritylabs.com:
Phishing Alert: Finans Bank. Read more

www.websensesecuritylabs.com:
Phishing Alert: Multi-target: UofC FCU, Wings Financial, West Virginia FCU, Fiscal Connect, Fulton Bank. Read more

www.websensesecuritylabs.com:
Phishing Alert: Atlantic Regional Credit Union. Read more

www.websensesecuritylabs.com:
Phishing Alert: Tooele Federal Credit Union. Read more

www.websensesecuritylabs.com:
Phishing Alert: Banca Intesa. Read more

27 May 2005

Guides, Papers, etc
searchsecurity.techtarget.com:
Spyware vs. viruses: Two different fights. Read more

www.kristianhermansen.com:
Hack Your Credit Card Company. Read more

websearch.about.com:
Invisible Web Gateways. Read more

White Paper: Honeypots. Read more

 

Tools:
Virtual Privacy Machine
A 128MB USB memory stick that has a complete Linux OS on it. Also, it has been preconfigured to tunnel all traffic through Tor.
This means that any thing you do will not originate from your IP. It makes you completely anonymous. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
HP-UX Trusted Systems Grant Access to Remote Users. Read more

securitytracker.com:
shtool Temporary File May Let Local users gain Elevated Privileges. Read more

securitytracker.com:
BookReview Input Validation Holes Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Active News Manager Input Validation Hole in 'password' Parameter Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
FunkyASP AD Systems Input Validation Hole in 'password' Parameter Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
Apple Keynote 'keynote:' Lets Remote Users Access Local Files. Read more

securitytracker.com:
GNU Mailutils Buffer Overflow and Format String Bugs Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
L-Soft LISTSERV Has Multiple Unspecified Vulnerabilities That Permit Remote Code Execution and Denial of Service. Read more

www.securiteam.com:
Computer Associates Vet Antivirus Library Heap Overflow. Read more

www.securiteam.com:
Exim Buffer Overflow Exploit (Local, dns_build_reverse). Read more

www.securiteam.com:
Linux Cryptoloop Watermark Exploit. Read more

www.securiteam.com:
MaxWebPortal Administrator Password Retrieval (Exploit). Read more

www.debian.org:
DSA-729-1 php4 -- missing input sanitising. Read more

xforce.iss.net:
Apache htpasswd buffer overflow. Read more

 

News
news.zdnet.com:
ZombieMeter keeps track of hacked PCs. Read more

www.redherring.com:
Computer Zombies on the Rise. Read more

www.theregister.co.uk:
Netcraft launches anti-phishing toolbar. Read more

www.theregister.co.uk:
Netscape 8.0 disables Internet Explorer. Read more

www.theregister.co.uk:
Cisco warns over DNS glitch. Read more

www.smh.com.au:
'Lonely housewives' spam ring busted. Read more

www.theregister.co.uk:
Fearless Feds sink Star Wars pirate website. Read more

26 May 2005

Guides, Papers, etc
www.securityfocus.com:
Is Deleting Spyware A Crime? Read more

www.astalavista.com:
Analysis of Security Vulnerabilities in the Movie Production and Distribution Process. Read more

www.astalavista.com:
Monitoring Software on Your PC: Spyware, Adware, and Other Software. Read more

Superworms and Cryptovirology: a Deadly Combination. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Computer Associates eTrust Antivirus Integer Overflow in Processing Microsoft OLE Data Lets Remote Users Execute Arbitrary Code. Read more

www.finjan.com:
Finjan Identifies Security Vulnerability on Microsoft’s Xbox360™ Website. Read more

www.debian.org:
DSA-728-1 qpopper -- missing privilege release. Read more

www.zataz.net:
shtool insecure temporary file creation. Read more

securitytracker.com:
BEA WebLogic Server and WebLogic Portal Have Multiple Vulnerabilities. Read more

securitytracker.com:
MaxWebPortal Input Validation Hole in 'password.asp' Permits SQL Injection. Read more

securitytracker.com:
IPswitch IMail Bugs Let Remote Users View Files and Execute Arbitrary Code. Read more

 

News
news.com.com:
Experts: Zombies ousting viruses. Read more

www.theregister.co.uk:
Witty worm traced to 'Patient Zero'. Read more

www.pcworld.idg.com.au:
New worm and phishing scam hits AIM, Yahoo IM. Read more

www.theregister.co.uk:
PGP use ruled relevant in child abuse case. Read more

www.theregister.co.uk:
Trojan attack takes files hostage. Read more

www.microscope.co.uk:
US moves closer to punitive spyware law. Read more

www.theregister.co.uk:
Yahoo! phishing attack targets Star Wars fans. Read more

daily.stanford.edu:
Students' files hacked at career center. Read more

news.enquirer.com:
Authorities: Teen hacker used cop accounts to access data. Read more

www.computerweekly.com:
Hackers could crash Cisco IP phones. Read more

www.wired.com:
Database Hackers Reveal Tactics. Read more

www.thecouriermail.news.com.au:
Vigilante hackers mete cyber justice. Read more

news.zdnet.com:
FBI probes network breach at Stanford. Read more

www.eweek.com:
Report Says Military Computers Helped Spread Witty Worm. Read more

25 May 2005

Guides, Papers, etc
www.securityfocus.com:
Witty worm flaws reveal source, initial targets. Read more

www.icsi.berkeley.edu:
Reflections on Witty: Analyzing the Attacker. Read more

Exploiting Underlying Structure for Detailed Reconstruction of an Internet-scale Event by Abhishek Kumar, Vern Paxson, Nicholas Weaver. Read more

 

Tools:
www.infoworld.com:
AJAX breathes new life into Web apps. Read more

 

Vulnerabilities & Exploits
www.websensesecuritylabs.com:
Malicious Website / Malicious Code: Cyber Extortion Attack. Read more

secunia.com:
Zonelabs ZoneAlarm Vet Antivirus Engine Buffer Overflow. Read more

www.rem0te.com:
Computer Associates Vet Antivirus RemØte Heap Overflow Security Advisory. Read more

secway.org:
Yahoo! Mail Username Information Disclosure Vulnerability. Read more

securitytracker.com:
Cisco ACNS Can Be Crashed With Specially Crafted Compressed DNS Data. Read more

securitytracker.com:
Cisco Unity Express Can Be Crashed With Specially Crafted Compressed DNS Data. Read more

securitytracker.com:
Cisco ATA Can Be Crashed With Specially Crafted Compressed DNS Data. Read more

securitytracker.com:
Cisco IP Phones Can Be Crashed With Specially Crafted Compressed DNS Data. Read more

securitytracker.com:
Warrior Kings: Battles Game Bugs May Let Remote Users Execute Arbitrary Code or Deny Service. Read more

securitytracker.com:
Warrior Kings Game Format String Flaw May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
net-snmp 'fixproc' Unsafe Temporary File Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
NewsletterEz Input Validation Bug in 'password' Parameter Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
PortailPHP Input Validation Error in 'id' Parameter Permits SQL Injection. Read more

www.websensesecuritylabs.com:
Phishing Alert: Tooele Federal Credit Union. Read more

www.websensesecuritylabs.com:
Phishing Alert: Banca Intesa. Read more

 

News
news.com.com:
Worm, phishing scam hit IM services. Read more

news.com.com:
Miscreants encrypt files, hold them for ransom. Read more

www.zdnet.com.au:
Virus authors choosing to infect fewer people. Read more

news.com.com:
Minnesota court takes dim view of encryption. Read more

news.com.com:
Microsoft: SP2 makes Windows 15 times safer. Read more

news.com.com:
Cisco targets Net phone software flaw. Read more

www.theinquirer.net:
FTC wants virus infected PCs switched off. Read more

news.com.com:
Feds to fight the zombies. Read more

www.microscope.co.uk:
Hostile profiling launches new wave of online attacks. Read more

www.newsfactor.com:
Hackers Launch 'Ransom-Ware' Assault. Read more

news.com.com:
Microsoft security guru: Jot down your passwords. Read more

www.theregister.co.uk:
House passes anti-spyware bills. Read more

www.microscope.co.uk:
CA patches high-risk security hole. Read more

www.microscope.co.uk:
Memory cache vulnerability raises spectre of Intel chips being exploited by hackers. Read more

www.microscope.co.uk:
Microsoft tool lets pirates bypass validation check. Read more

24 May 2005

Guides, Papers, etc
Polygraph: Automatically Generating Signatures for Polymorphic Worms. Read more

 

Vulnerabilities & Exploits
www.hackingspirits.com:
Defeating WGA (Windows Genuine Advantage) Validation. Download

www.frsirt.com:
Computer Associates Multiple Products Vet Engine Heap Overflow. Read more

securitytracker.com:
bzip2 Infinite Decompression Loop Lets Remote Users Deny Service. Read more

securitytracker.com:
Gibraltar Firewall Anti-Virus Detection May Fail When Scanning Certain Viruses. Read more

securitytracker.com:
JiRo's Statistics System Input Validation Hole in Admin Panel Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
Blue Coat Reporter Multiple Flaws Permit Privilege Escalation and Cross-Site Scripting Attacks. Read more

securitytracker.com:
MailScanner May Fail to Report Viruses in Zip Files. Read more

www.securiteam.com:
GLD Remote Format String Vulnerability (client_address, Exploit). Read more

 

News
www.eweek.com:
Exploit Allows Windows XP Piracy. Read more

news.com.com:
Bypass found for Windows piracy check. Read more

www.smh.com.au:
Hackers take files 'hostage'. Read more

news.com.com:
Feds to fight the zombies. Read more

news.com.com:
CA fixes bug in antivirus products. Read more

www.theregister.co.uk:
Dutch hacker love-in faces the chop. Read more

www.zdnet.com.au:
Virus attacks prompt Optus server upgrade. Read more

23 May 2005

Guides, Papers, etc
www.benedelman.org:
Intermediaries' Role in the Spyware Mess. Read more

Adaptive and Resilient Computing Security Workshop (ARCS2005)
2nd & 3rd Nov. 2005
Santa Fe Institute, New Mexico. Read more

www.net-security.org:
Domain Footprinting for Web Applications and Web Services. Read more

www.oreillynet.com:
Phreaking Phones with a Voice Recorder. Read more

www.windowsdevcenter.com:
Book Excerpt: Go Wireless. Read more

Deworming the Internet. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Gentoo webapp-config Unsafe Temporary File Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Cookie Cart Discloses Authentication Data and Order Information to Remote Users. Read more

www.securiteam.com:
TCP Does Not Adequately Validate Segments Before Updating Timestamp Value (Exploit). Read more

www.securiteam.com:
Microsoft Windows IPv6 DoS. Read more

www.securiteam.com:
Procps Buffer Overflow (pwdx, Exploit). Read more

 

News
www.microscope.co.uk:
Student issues service pack 2 for Windows 98 SE. Read more

www.terra.net.lb:
Hiring a hacker? Think again, experts warn. Read more

www.businessweek.com:
Phishers Learn to Exploit VeriSign. Read more

www.microscope.co.uk:
FBI agent to be Microsoft UK security chief. Read more

www.zdnet.com.au:
Microsoft: Write down your passwords. Read more

news.zdnet.co.uk:
VeriSign spreads the DNS risk. Read more

www.zdnet.com.au:
ZoneAlarm upgrade causes havoc. Read more

www.zdnet.com.au:
Windows cheaper to patch than OSS: report. Read more

www.whatthehack.org:
Municipality wants to ban famous hacker gathering. Read more

22 May 2005

Shell_Me 0.6, Cmd-line Backdoor by Eb0La

Guides, Papers, etc
nwc.personaltechpipeline.com:
Laptop Setup Secrets. Read more

NoSEBrEaK - Defeating Honeynets. Read more

 

Tools:
www.cr0.net:
Recovering Windows Password Cache Entries. Read more

fileforum.betanews.com:
Internet Password Recovery Wizard 1.0 Beta. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
MailScanner May Fail to Report Viruses in Zip Files. Read more

www.milw0rm.com:
Mozilla Firefox view-source:javascript url Code Execution Exploit. Read more

www.frsirt.com:
Mozilla Firefox "view-source:" Protocol Cross Domain Scripting Exploit. Read more

www.frsirt.com:
Mozilla Suite and Firefox Script objects Command Execution Exploit. Read more

www.milw0rm.com:
WebAPP v0.9.9.2.1 Remote Command Execution Exploit. Read more

 

News
nwc.personaltechpipeline.com:
Aggressive Sober.p Worm To Strike Monday. Read more

www.microsoft-watch.com:
Has Microsoft Found the Secret Security Sauce in 'A1'? Read more

www.vnunet.com:
Microsoft calls in the FBI. Read more

www.vnunet.com:
Hack attack danger soars in 2005. Read more

bink.nu:
Sasser Worm Anniversary & MSRC Learnings. Read more

21 May 2005

Guides, Papers, etc
Hacker Hunters
An elite force takes on the dark side of computing. Read more

www.windowsdevcenter.com:
Windows Server Hacks: Remotely Enable Remote Desktop. Read more

www.securityfocus.com:
Underground showdown: Defacers take on phishers. Read more

Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Groove Virtual Office Lets Remote Users Execute Arbitrary Code and Discloses Information to Local Users. Read more

securitytracker.com:
Groove Workspace Input Validation Error in Processing SharePoint Lists Lets Remote Users Execute Scripting Code. Read more

securitytracker.com:
TOPo Input Validation Holes in 'index.php' Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Mac OS X Bluetooth Input Validation Hole Discloses Files to Remote Users. Read more

securitytracker.com:
Mac OS X Filesystem Search Access Error May Disclose Filenames to Local Users. Read more

securitytracker.com:
Mac OS X Dashboard Lets Remote Users Install Widgets Without a Warning Dialog. Read more

securitytracker.com:
Apple SecurityAgent Lets Local Users Bypass the Screensaver to Launch Applications. Read more

securitytracker.com:
PHP Advanced Transfer Manager Include File Error Lets Remote Users Execute Arbitrary Commands. Read more

 

News
www.theregister.co.uk:
Sober reloaded. Read more

www.eweek.com:
Can Microsoft Reshape the Anti-Virus Market? Read more

informationweek.com:
Microsoft Takes Aim At Viruses And Spyware. Read more

news.zdnet.com:
Netscape patches 1-day-old browser. Read more

www.chron.com:
Phony police accounts aided hacking efforts, authorities say. Read more

www.theregister.co.uk:
Open source search engine trawls free code. Read more

news.zdnet.com:
Cheaper to patch--Windows or open source? Read more

www.startribune.com:
Privacy of thousands breached. Read more

www.theregister.co.uk:
Cost of net phone calls may rise. Read more

www.vnunet.com:
Microsoft warns of TCP/IP flaw. Read more

20 May 2005


Guides, Papers, etc
Know Your Enemy: GenII Honeynets
Easier to deploy, harder to detect, safer to maintain. Read more

www.computerworld.com:
Book Excerpt. The Criminal Face of the Internet Age. Read more

Worms of the future. Trying to exorcise the worst. Read more

www.priestmaster.org:
How to circumvent keyloggers ? Read more

www.developer.com:
On the Security of PHP. Part 1  Part 2

www.securityfocus.com:
Sit Back and React. As the security industry moves more mainstream, it's becoming stagnant due to a lack of vision. Who will lead the charge? Read more

www.computerworld.com:
What you need to know before migrating procurement apps to the Web. Read more

 

Tools:
www.securiteam.com:
Exe2VBA - Tool for Converting Backdoors to VBA Macros. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Serendipity Bugs Let Remote Authenticated Users Upload Unauthorized Files and Also Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
ExtremeWare XOS Lets Remote Authenticated Administrators Gain Access to the Operating System on BlackDiamon Switches. Read more

securitytracker.com:
Novell ZENworks Remote Management Buffer Overflows in Authentication Protocol Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Cisco MGX WAN Switches TCP/IP Timestamp Option Error Lets Remote Users Deny Service. Read more

securitytracker.com:
Cisco AP35/AP1200 TCP/IP Timestamp Option Error Lets Remote Users Deny Service. Read more

securitytracker.com:
Cisco CSS11000 TCP/IP Timestamp Option Error Lets Remote Users Deny Service. Read more

securitytracker.com:
Cisco SN5400 TCP/IP Timestamp Option Error Lets Remote Users Deny Service. Read more

www.securiteam.com:
Bellmail Race Condition Vulnerability (Exploits). Read more

www.securiteam.com:
Invision Power Board SQL Injection Vulnerability (member_id, Exploit). Read more

www.cybertrion.com:
Security issue in Microsoft Outlook. Read more

www.securiteam.com:
BakBone NetVault Remote Heap Buffer Overflow (clientname). Read more

www.securiteam.com:
cdrdao Insecure File Handling (Exploit). Read more

www.debian.org:
DSA-725-1 ppxp -- missing privilege release. Read more

 

News
www.theregister.co.uk:
LAND attack threat 'not significant', says Microsoft. Read more

www.theregister.co.uk:
UK banks ignore security audit findings. Read more

www.washingtonpost.com:
Paris Hilton Hack Started With Old-Fashioned Con. Read more

www.eeproductcenter.com:
Feds Investigating LexisNexis Hacking. Read more

www.eweek.com:
Fake Microsoft Patch Triggers Virus Attack. Read more

www.computerworld.com:
Popular Japanese Web site hit by major hack. Read more

www.computerworld.com:
Data theft involving four banks could affect 500,000 customers. Read more

www.internetweek.com:
Vigilantes Mutilate Phishing Sites. Read more

www.startribune.com:
Hackers shifting from play to shadowy high-tech theft. Read more

news.zdnet.com:
VeriSign to put more backbone into the Net. Read more

news.zdnet.co.uk:
Software makers ignoring anti-piracy technology in favour of sales. Read more

19 May 2005

Guides, Papers, etc
www.wired.com:
What Search Sites Know About You. Read more

www.securityfocus.com:
Chrooted Snort on Solaris. Read more

Attack Processes found on the Internet by Marc Dacier, Fabien Pouget, Hervé Debar. Read more

Manipulating Microsoft SQL Server Using SQL Injection by Cesar Cerrudo. Read more

 

Tools:
www.gfi.com:
GFI Network Server Monitor is a network monitor that enables administrators to scan the network for failures or irregularities automatically.
With GFI Network Server Monitor, you can identify issues and fix unexpected conditions before your users (or managers) report them to you!
Provides automatic network monitoring and alerting for three servers. Read more

enterprisesecurity.symantec.com:
Symantec Research Labs Creates New Worm Simulator
When a new worm spreads around the world, people want to know if they are protected. How fast is it? How does it spread? A new simulation program developed by Symantec Research Labs not only has the answers, it also provides pictures. Read more

www.securitylab.ru:
MS SQL Server Passwords Bruteforce via SQL Injection. Download

www.red-cliff.com:
Web Historian assists users in reviewing websites (URLs) that are stored in the history files of the most commonly used browsers including: Microsoft’s Internet Explorer, Mozilla, Firefox, Netscape, Opera and Safari. Red Cliff’s Web Historian is designed primarily as a tool for computer forensic examiners. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
avast! antivirus May Fail to Detect Certain Viruses. Read more

www.cybertrion.com:
Security issue in Microsoft Outlook. Read more

www.securityfocus.com:
The newly-made available Yahoo! Messenger 7.0 beta build 224 also stores the same information in clear-text as 5.x - 6.0 versions do when the Logfile is enabled (tested on Windows only). Read more

www.securitytracker.com:
MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege. Read more

www.securitytracker.com:
MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges. Read more

www.securitytracker.com:
Core CMS Has Vulnerabilities With Unspecified Impact. Read more

www.securitytracker.com:
PROMS Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.debian.org:
DSA-724-1 phpsysinfo -- design flaw. Read more

 

News
informationweek.com:
Bogus Microsoft Security Update Circulates. Read more

www.betanews.com:
Spam and Malware Detections at 100,000 per Hour. Read more

www.itweb.co.za:
Hoax mail tries to crack FNB passwords. Read more

www.newsfactor.com:
Microsoft Plans To Debut Beta of Internet Explorer 7 This Summer. Read more

www.theregister.co.uk:
Home PCs launch phishing attacks. Read more

www.theinquirer.net:
Hackers mimic Microsoft security updates. Read more

www.newsfactor.com:
Microsoft Hints at Enterprise Antivirus. Read more

www.theregister.co.uk:
Microsoft hunts web nasties with honey monkeys. Read more

www.wired.com:
VOIP in Public-Safety Showdown. Read more

www.theinquirer.net:
Email costs business over £1 billion per year. Read more

www.newsfactor.com:
Software Piracy Will Get Worse, Study Says. Read more

18 May 2005

Guides, Papers, etc
Computer Security Mexico 2005
"11th Years celebrating Computer Security Mexico". Read more

Know your Enemy: Phishing
Behind the Scenes of Phishing Attacks. Read more

Permission to Simplify
Complexity in Microsoft's software does little but hinder people from using their good security features, and the current state of Windows file permissions is a perfect example. Read more

www.eweek.com:
Sasser: The Last Big Network Worm? Read more

The Effect of Infection Time on Internet Worm Propagation by Erika Rice. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Fastream NETFile Server PORT Command Address Validation Flaw Lets Remote Users Deny Service. Read more

securitytracker.com:
War Times Game Can Be Crashed By Remote Users. Read more

securitytracker.com:
Linux Kernel pktcdvd and rawdevice Errors Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Sigma ISP Manager Input Validation Flaw in 'sigmaweb.dll' Permits SQL Injection. Read more

securitytracker.com:
WoltLab Burning Board Input Validation Hole in verify_email() Permits SQL Injection. Read more

securitytracker.com:
pServ Discloses CGI Source to Remote Users, Lets Remote Users Execute Arbitrary Code, and Lets Local Users View Potentially Privileged Files. Read more

www.securiteam.com:
Mac OS X / Adobe Version Cue Local Root (Exploit). Read more

www.securiteam.com:
Fusion SBX Remote Command Execution (Exploit 2). Read more

 

News
www.securityfocus.com:
Microsoft looks to "monkeys" to find Web threats. Read more

www.theregister.co.uk:
Revenge motivates insider hacking attacks. Read more

www.networkworld.com:
Extortion via DDoS on the rise. Read more

www.smh.com.au:
Cuba to dump Windows for Linux. Read more

www.theregister.co.uk:
Phishing gets personal. Read more

www.theregister.co.uk:
Spyware wars. Read more

www.eweek.com:
Anti-Spyware Activists Seek to Recruit Advertisers. Read more

www.eweek.com:
Microsoft Tests Security Toolkit for Shared-Computer Users. Read more

17 May 2005

Guides, Papers, etc
www.webappsec.org:
Web Security Interview Questions [DOC]. Read more

How to Bypass Your Corporate Firewall Using SSH Tunneling by ~pingywon. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Gurgens Guest Book Discloses Database and Passwords to Remote Users. Read more

www.securitytracker.com:
MetaCart e-Shop Input Validation Holes in 'productsByCategory.asp' Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Ultimate Forum Discloses Database and Passwords to Remote Users. Read more

www.securitytracker.com:
NPDS Input Validation Holes in 'comments.php' and 'pollcomments.php' Permit SQL Injection. Read more

www.securitytracker.com:
Movable Type Cookie Authentication Flaw Lets Remote Users Gain Access. Read more

 

News
www.benedelman.org:
What's So Hot About Hotbar? Read more

sunbeltblog.blogspot.com:
Hotbar goes after Sunbelt. Read more

www.trinidadexpress.com:
Virus website launched to raise public awareness. Read more

www.pcworld.idg.com.au:
New IM worm infects AOL software. Read more

www.theregister.co.uk
: Sober infected PCs spew right-wing 'hate spam'. Read more

biz.yahoo.com:
Latest SOBER-P Worm Underscores Benefits of Infocrossing's MailWatch Boundary Email Security Service. Read more

www.net-security.org:
Messagelabs Predicts Rising Trend In Staged Deployment Of Malware Attacks. Read more

www.theregister.co.uk
: Test your own software code for infringement. Read more

www.sun-sentinel.com:
Virus floods inboxes with German spam. Read more

www.computerworld.com:
Study: Intel's hyperthreading could expose servers. Read more

www.pcworld.idg.com.au:
Spamming Sober-Q Trojan Horse Stopped Proactively by Sophos Genotype Technology. Read more

www.ravallinews.com:
'Computer virus' scam leaves locals with little recourse. Read more

16 May 2005

Guides, Papers, etc
Malicious Codes in Depth by Mohammad Heidari. Read more

Open Source Software in Schools
A study of the spectrum of use and related ICT infrastructure costs. Read more

Infosecurity Europe 2005 - First Issue of (IN)SECURE Magazine. Read more

 

Vulnerabilities & Exploits
www.securiteam.com:
Gaim Stack Overflow (PoC). Read more

www.securiteam.com:
Ethereal SIP Dissector Overflow (Exploit 2). Read more

www.securiteam.com:
Bakbone Netvault Heap Overflow (Exploit). Read more

www.securiteam.com:
Apache HTDigest Realm Command Overflow (Exploit). Read more

www.securiteam.com:
Linux Kernel ELF Core Dump Privilege Elevation. Read more

www.securiteam.com:
OllyDbg Format String Vulnerability ("INT3 AT"). Read more

 

News
www.zdnet.com.au:
German hate-spam spread by Sober virus. Read more

www.theinquirer.net:
Worm delivers Teutonic spam. Read more

www.zdnet.com.au:
New phishing attack uses real ID hooks. Read more

www.theregister.co.uk:
Microsoft Anti-Virus? Read more

www.zdnet.com.au:
Microsoft tries to breathe life into older PCs. Read more

15 May 2005

Guides, Papers, etc
www.itunderground.org:
IT Underground is an international conference dedicated to IT security issues. Read more

SPYWARE
Hearing before the Senate Committee on Commerce, Science and Transportation. Read more

www.securityfocus.com:
Bruce Schneier on Cryptography. Read more

Inoculating SSH Against Address-Harvesting Worms Read more

 

News
www.stuff.co.nz:
Fear of copycat voicemail hackers. Read more

www.zdnet.com.au:
Symbian success feeds mobile malware explosion. Read more

www.theregister.co.uk:
I know what you downloaded from Freenet. Read more

blog.searchenginewatch.com:
MSN Employee Who Hacked AltaVista Pleads Guilty. Read more

www.gcn.com:
Naval Academy knows its cybersecurity. Read more

www.cooltechzone.com:
Sun, Microsoft join hands on ID management. Read more

informationweek.com:
Microsoft, Toshiba Ink Cross-Licensing Deal. Read more

14 May 2005

Guides, Papers, etc
seattletimes.nwsource.com:
Better" firewalls require more-knowledgeable users. Read more

www.eeproductcenter.com:
7 Myths About Network Security. Read more

A Worst-Case Worm. Read more

 

Tools:
www.megaas.co.nz:
Mega AS CAT (Cellular Authentication Token) is a unique low cost Two Factor Authentication (TFA) One Time Password (OTP) solution for secured access to remote servers via Internet, WiFi, VPN, Intranet, Other customized access methods. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Movable Type Cookie Authentication Flaw Lets Remote Users Gain Access. Read more

securitytracker.com:
1Two Livre d'Or Input Validation Holes Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
ImageGallery Discloses Database to Remote Users. Read more

securitytracker.com:
ASPPortal Input Validation Hole in 'password' Parameter Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
FreeBSD Hyper-Threading Technology Support May Disclose Information to Local Users. Read more

securitytracker.com:
Firefox Input Validation Error in Content-Type and Filename Lets Remote Users Spoof Download Dialog Data. Read more

securitytracker.com:
Firefox Lets Remote Users Invoke eval and Script Objects With Elevated Privileges. Read more

securitytracker.com:
Mozilla Suite Lets Remote Users Invoke eval and Script Objects With Elevated Privileges. Read more

securitytracker.com:
Firefox Wrapped 'javascript:' URLs Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Suite Wrapped 'javascript:' URLs Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
QuickTime Flaw in Processing Quartz Composer Files Lets Remote Users Obtain System Information. Read more

securitytracker.com:
1Two News Lets Remote Users Delete Images, Upload Images, and Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Bug Report Input Validation Hole in 'bug_report.php' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Squid May Let Remote Users Spoof DNS Lookup Reponses. Read more

 

News
www.theregister.co.uk:
Firefox loses its shine. Read more

www.post-gazette.com:
Worry Watch: Firefox. Read more

www.cnn.com:
Group: Internet Explorer share slips below 90 percent. Read more

www.wired.com:
Spitzer Sets Sights on Spyware. Read more

www.computerworld.com:
Sober worm's success tied to antivirus weakness. Read more

news.zdnet.co.uk:
Sober worm goes into hibernation. Read more

www.xbitlabs.com:
Intel’s Hyper-Threading Technology May Compromise Security – Researcher. Read more

news.zdnet.co.uk:
Microsoft announces security system. Read more

news.com.com:
Microsoft about to debut antivirus tools? Read more

www.wired.com:
Microsoft: You're Safe With Us. Read more

news.zdnet.co.uk:
Software makers ignoring anti-piracy technology in favour of sales. Read more

13 May 2005

Guides, Papers, etc
www.dimva.org:
Conference on Detection of Intrusions and Malware & Vulnerability Assessment. Read more

www.securityfocus.com:
Firefox's security coming under scrutiny. Read more

www.gerv.net:
Improving Authentication On The Internet. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Cisco Firewall Services Module Filtering ACL Error May Let Remote Users Bypass the Filtering. Read more

securitytracker.com:
Tcpdump Bug in rsvp_print() Lets Remote Users Deny Service. Read more

securitytracker.com:
Tcpdump Bugs in Processing ISIS, BGP, and LDP Data Lets Remote Users Deny Service. Read more

isec.pl:
Linux kernel ELF core dump privilege elevation. Read more

remahl.se:
Quartz Composer / QuickTime 7 information leakage. Read more

 

News
news.com.com:
Flaw found in VPN crypto security. Read more

67.19.9.2:
Microsoft to charge for security service. Read more

www.theregister.co.uk:
Apple fixes critical iTunes bug. Read more

www.computerworld.com:
Serious holes in antivirus software. Read more

www.techspot.com:
Microsoft works to bring spammers to justice. Read more

www.stuff.co.nz:
Hacker targets voicemail. Read more

67.19.9.2:
Kiwi Hacker fights city hall. Read more

www.channelregister.co.uk:
Poachers turn over Microsoft Gatekeeper security test. Read more

www.net4nowt.com:
Medium Risk Alert for Worm spreading Spyware. Read more

itvibe.com:
Department of Defense hacker sent to jail. Read more

informationweek.com/:
Cisco Confirms Arrest In Theft Of Its Code. Read more

news.com.com:
Novell acquires Linux security company. Read more

www.theregister.co.uk:
Dutch anti-piracy unit targets ISPs. Read more

news.com.com:
900,000 ISP customers blacklisted. Read more

12 May 2005

Guides, Papers, etc
www.securityfocus.com:
Web Browser Forensics, Part 2. Read more

nms.csail.mit.edu:
Inoculating SSH Against Address-Harvesting Worms. Read more

www.astalavista.com:
How to Achieve Blocking Resistance for Existing Systems Enabling Anonymous Web Surfing. Read more

Detecting Honeypots and other suspicious environments. Read more

Reverse Engineering in Computer Applications. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Windows Media Player License Acquisition Feature May Let Remote Users Redirect Users to Arbitrary Web Pages. Read more

securitytracker.com:
LibTIFF TIFFOpen() 'BitsPerSample' Buffer Overflow Error May Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Sun Solaris automountd Lets Local Users Deny Service. Read more

securitytracker.com:
Gaim Bugs in Processing MSN Messages and Certain URLs Let Remote Users Deny Service. Read more

securitytracker.com:
WordPress Vulnerability Has Unspecified Impact. Read more

securitytracker.com:
Guestbook PRO for WebAPP Input Validation Holes in Content and Title Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Zoidcom Buffer Overflow in ZCom_BitStream::Deserialize() Lets Remote Users Crash the Application. Read more

securitytracker.com:
SSServer Input Validation Hole in 'Search for' Field Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Viewglob Local Connections May Allow Users to Access a Target User's Viewglob Display. Read more

securitytracker.com:
NukeET Input Validation Hole in 'catalog.php' Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
PwsPHP Bugs Let Remote Users Determine the Installation Path, Inject SQL Commands, and Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
bttlxeForum Discloses Installation Path to Remote Users. Read more

securitytracker.com:
ASP Virtual News Manager Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
MaxWebPortal Has Additional Input Validation Holes in Multiple Scripts That Permit SQL Injection and Grant Remote Administrative Access. Read more

securitytracker.com:
Macromedia ColdFusion MX Input Validation Flaw in JRun Error Page Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securiteam.com:
Microsoft Message Queuing Buffer Overflow (MS05-017, Exploit). Read more

www.securiteam.com:
MySQL MaxDB Webtool "GET" Buffer Overflow (Exploit). Read more

www.securiteam.com:
gzip Directory Traversal Vulnerability ("gunzip -N"). Read more

 

News
digital-lifestyles.info:
Windows Mobile 5.0 Unveiled By Microsoft. Read more

www.theregister.co.uk:
VXers make a monkey out of gullible surfers. Read more

informationweek.com:
Sober Worm Hides From Antivirus Scanners. Read more

www.theregister.co.uk:
No 'sorry' from Love Bug author. Read more

news.zdnet.co.uk:
Swedish teenager quizzed over NASA hack. Read more

www.theregister.co.uk:
DoD hacker jailed for 21 months. Read more

www.wired.com:
Dashboard Leaves Macs Vulnerable. Read more

www.computerworld.com.au:
News Release: W3C Launches Mobile Web Initiative. Read more

www.computerworld.com.au:
Wi-Fi phishing scam targets business travelers. Read more

www.computerworld.com.au:
Investigators link Cisco hack to other activities. Read more

www.computerworld.com.au:
It's the smaller disasters that matter. Read more

11 May 2005

Guides, Papers, etc
Lessons from Virus Developers: The Beagle Worm History Through April 24, 2004 by Jason Gordon . Read more

www.microsoft.com:
Online predators: What you can do to minimize the risk. Read more

www.oreilly.com:
Malicious ActiveX Controls. Read more

 

Tools:
TRIPP is a utility to rewrite outgoing IP packets.
It can be used to perform various tasks, such as passive os fingerprint spoofing, test firewall staeful inspection, test deep packet inspection software,
evade weak IDS/IPS via ip fragmentation (like fragroute), generate network anomaies, packet injection and more. Read more

 

Vulnerabilities & Exploits
greyhatsecurity.org:
Firefox Remote Compromise Technical Details. Read more

securitytracker.com:
Gzip zgrep Implementation May Let Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
Apple iTunes MPEG4 Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
IPSec ESP Lets Inline Users Modify Packets to Cause the Plaintext to Be Rerouted and Recovered. Read more

securitytracker.com:
CodeThatShoppingCart Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

www.securiteam.com:
Ethereal DistCC Buffer Overflow (Exploit). Read more

www.securiteam.com:
Mozilla Firefox Arbitrary Code Execution (Exploit). Read more

www.securiteam.com:
Hosting Controller Unauthenticated User Registration (exploit). Read more

 

News
www.microsoft.com:
Microsoft Security Bulletin Summary for May, 2005. Read more

www.microsoft.com:
Microsoft Security Advisories. Read more

www.securityfocus.com:
Microsoft fortifies monthly patches with interim advisories. Read more

www.theregister.co.uk:
Microsoft unveils details of software security process. Read more

www.zdnet.com.au:
Exploit code chases two Firefox flaws. Read more

www.zdnet.com.au:
Sober worm hits new heights. Read more

www.pcworld.idg.com.au:
Hackers Resort to Gorilla Tactics with Wurmark-K Worm, Sophos Reports. Read more

www.zdnet.com.au:
Mobile phone virus hits New Zealand. Read more

www.scmagazine.com/:
Test shows cars virus-proof. Read more

www.theregister.co.uk:
Trend Micro boosts anti-spyware defences with Intermute buy. Read more

www.zdnet.com.au:
A Microsoft-Red Hat warming trend? Read more

www.zdnet.com.au:
Microsoft enterprise AV tool unlikely: Sophos. Read more

www.zdnet.com.au:
Mac malware door creaks open. Read more

www.pcworld.idg.com.au:
SP2 fixed two new classes of Windows security flaw. Read more

10 May 2005

Guides, Papers, etc
NoSEBrEaK – Attacking Honeynets by Maximillian Dornseif, Thorsten Holz, Christian N. Klein. Read more

www.eweek.com:
Defining Spyware: A Solution. Read more

 

Tools:
www.openhids.com:
open hids is a free, near-real time host intrusion detection system. the agent supports windows clients and servers, with other operating systems planned. Read more

www.wi-foo.com:
AirJack - Wireless Man-in-the-Middle Driver.
AirJack is a device driver (or suit of device drivers) for 802.11(a/b/g) raw frame injection and reception. Download

sourceforge.net:
WEPWedgie is a toolkit for determining 802.11 WEP keystreams and injecting traffic with known keystreams. The toolkit also includes logic for firewall rule mapping, pingscanning, and portscanning via the injection channel and a cellular modem. Read more

 

Vulnerabilities & Exploits
www.securityfocus.com:
Viruses can evade Sophos Anti-Virus. Read more

securitytracker.com:
Solaris NIS+ Service Endless Loop Lets Remote Users Deny Service. Read more

securitytracker.com:
Sun StorEdge Arrays May Let Remote Users Gain Access. Read more

securitytracker.com:
Easy Message Board Input Validation Hole Discloses Files to Remote Users and Lets Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
NPDS Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks and Also Disclose the Installation Path to Remote Users. Read more

securitytracker.com:
phpBB 'bbcode.php' Input Validation Flaw May Let Remote Users Execute Arbitrary Scripting Code. Read more

securitytracker.com:
PHP Advanced Transfer Manager Lets Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
CJUltra Plus Input Validation Vulnerability in 'out.php' Permits SQL Injection. Read more

securitytracker.com:
Apple Mail New Account Wizard May Disclose Passwords Via the Network. Read more

securitytracker.com:
Firefox onload() History Access Bug and Install Function Scripting Execution Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
Fusion SBX Password Bypass and Remote Command Execution. Read more

www.securiteam.com:
Ethereal SIP Dissector Overflow (Exploit). Read more

www.debian.org:
DSA-723-1 xfree86 -- buffer overflow. Read more

www.debian.org:
DSA-722-1 smail -- buffer overflow. Read more

www.osvdb.org:
Rootkit Hunter rkhunter Symlink Arbitrary File Overwrite. Read more

 

News
www.theregister.co.uk:
Firefox exploit targets zero day vulns. Read more

www.securityfocus.com:
Microsoft unveils details of software security process. Read more

www.nctimes.com:
Google shuts down for 15 minutes. Read more

Phising Alert:
CharterOne Banking Fake CharterOne Banking Site

news.zdnet.co.uk:
Sober worm hits new heights. Read more

www.eweek.com:
School Studies Effects of Internet Attacks. Read more

www.eweek.com:
High-Risk Flaw Found in VPN Security Protocol. Read more

www.theregister.co.uk:
PGP goes the whole hog of encryption. Read more

www.infoanarchy.org:
Anonymous I2P Network Developing Nicely. Read more

news.zdnet.co.uk:
Car virus rumours crushed. Read more

09 May 2005

Guides, Papers, etc
www.computerworld.com:
Book (Excerpt). Chapter 10: The Criminal Face of the Internet Age. Read more

A System to Support the Analysis of Antivirus Products' Virus Detection Capabilities by Marko Helenius. Read more

Using Predators to Combat Worms and Viruses: A Simulation-Based Study by Ajay Gupta, Daniel C. DuVarney. Read more

www.pcworld.com:
How to Keep Your Web Browser Secure. Read more

 

Vulnerabilities & Exploits
secunia.com:
Mozilla Firefox Two Vulnerabilities. Read more

www.securitylab.net:
Ethereal 0.10.10 SIP Dissector Overflow. Read more

www.frsirt.com:
Mozilla Firefox "Extensions" Remote Code Execution Vulnerability. Read more

secunia.com:
Multiple Browsers IDN Spoofing Test. Read more

securitytracker.com:
HTMLJunction EZGuestbook Discloses Database to Remote Users. Read more

www.securiteam.com:
Ethereal SIP Dissector Overflow (Exploit). Read more

www.securiteam.com:
Ethereal Protocol Dissectors Buffer Overflow Vulnerabilities (Exploit, Shellcode). Read more

www.securiteam.com:
4D WebStar Tomcat Plugin Remote Buffer Overflow (Exploit). Read more

 

News
www.taipeitimes.com:
British member of global hacker syndicate sent to jail. Read more

www.computerworld.com.au:
Phishers turn DNS against authorities. Read more

www.financialexpress.com:
Beware of mobile Trojan! Read more

itvibe.com:
Tony Blair's email account hacked! Read more

www.crn.com:
Where'd Google Go? Read more

www.computerworld.com.au:
Microsoft revamps security hole approach. Read more

www.computerworld.com.au:
VoIP service the next big target for hackers? Read more

nwc.securitypipeline.com:
StealthWatch Sneaks Out With New Features. Read more

08 May 2005

Guides, Papers, etc
packetstormsecurity.org:
Astalavista Group Security Newsletter Issue 15 - 30 March 2005. Read more

www.ncasia.com:
Foiling Criminals with Secure Hosts. Read more

www.geek.com:
Feature: Strengthening family ties through malware. Read more

www.ncasia.com:
Outsmarting the New Malware. Read more

 

Tools:
www.lantricks.com:
LanSpy — network security scanner.
If you want to know who works on a remote computer, what kind of OS is installed on a remote computer or you are just interested when this computer was startup, then you should use LanSpy. This program in few seconds will explore a remote computer and display the information that it was able to collect about it. Read more

www.hackerscenter.com:
FPipe is a TCP source port forwarder/redirector that can be used to force a TCP stream to always connect using a specific source port. This tool can be used to get around firewalls that only accept traffic originating from common source ports. Read more

 

Vulnerabilities & Exploits
www.frsirt.com:
Mozilla Firefox "Web Features" Remote Code Execution Vulnerability. Read more

www.milw0rm.com:
Mozilla Firefox Install Method Remote Arbitrary Code Execution Exploit. Read more

www.milw0rm.com:
Hosting Controller <= 0.6.1 Unauthenticated User Registeration (2nd). Read more

www.milw0rm.com:
4D WebStar Tomcat Plugin Remote Buffer Overflow Exploit. Read more

 

News
www.gigaom.com:
Google (NOT) Hacked? Just A DNS Glitch says Google. Read more

www.informationweek.com:
Google Releases Web Accelerator. Read more

news.zdnet.co.uk:
Virus writers claim Blair's email account was hacked. Read more

07 May 2005

Guides, Papers, etc
reviews.cnet.com:
Why virus writers still do what they do. Read more

new.remote-exploit.org:
Router Sniffing by William M. Hidalgo. Read more

www.securityfocus.com:
Live CD Paradise. Read more

seattletimes.nwsource.com:
Evidence of spammer indicates it's time for a firewall. Read more

www.giac.org:
Quarantining DHCP clients to reduce worm infection risk. Read more

 

Tools:
www.openhids.com:
open hids is a free, near-real time host intrusion detection system. the agent supports windows clients and servers, with other operating systems planned. Read more

nzeka-labs.com/:
KSpynix is the first Unix open source spyware available on the net. Read more

www.eweek.com:
Tools at Interop Help Secure Wireless Networks. read more

 

Vulnerabilities & Exploits
www.guninski.com:
64 bit qmail fun by Georgi Guninski. Read more

new.remote-exploit.org:
Wireless default settings and related vulnerability list. Read more

securitytracker.com:
qmail Integer Errors Let Remote Users Deny Service. Read more

securitytracker.com:
Squid http_access Results May Be Unexpected Due to Configuration Errors. Read more

securitytracker.com:
FreeBSD 'rlm_sql.c' Contains SQL Injection and Buffer Overflow Bugs. Read more

securitytracker.com:
AutoTheme for PostNuke Blocks Module May Let Remote Users Gain Access. Read more

securitytracker.com:
Invision Power Board Input Validation Hole in 'login.php' Permits SQL Injection and in 'topics.php' Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
FreeBSD Kernel Buffer Initialization Flaw May Disclose Memory to Local Users. Read more

securitytracker.com:
FreeBSD i386_get_ldt(2) Discloses Kernel Memory to Remote Users. Read more

securitytracker.com:
FreeBSD iir(4) Driver Access Permissions May Let Local Users Access and Delete Data. Read more

securitytracker.com:
Remote Cart Input Validation Bugs Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Jeuce Personal Web Server Can Be Crashed By Remote Users. Read more

 

News
www.pcworld.com:
Microsoft Revamps Security Hole Approach. Read more

www.vnunet.com:
Spammers launch Tony Blair Trojan. Read more

msnbc.msn.com:
Spyware firms targeting children. Read more

www.theregister.co.uk:
PC-dumping ex-prosecutor mired in teen porn scandal. Read more

www.pcworld.com:
Is VoIP Service the Next Big Target for Hackers? Read more

money.cnn.com:
Time Warner employee data missing. Read more

www.vnunet.com:
Key-loggers the new phisherman's friend. Read more

www.pcworld.com:
Experts Say Business Network Attack May Be a Distraction. Read more

www.vnunet.com:
UK crackers jailed for piracy. Read more

www.vnunet.com:
Hackers crack Sony PSP discs. Read more

06 May 2005

Trojan News April

 

Guides, Papers, etc
www.csoonline.com:
How a Bookmaker and a Whiz Kid Took On an Extortionist — and Won. Read more

Spying on the spyware makers.
Ben Edelman may be spyware's most dangerous enemy. Read more

www.securityfocus.com:
Software Firewalls versus Wormhole Tunnels. Read more

news.com.com:
You're ice cold at a hot spot: 7 reasons why. Read more

 

Tools:
www.cirt.dk:
WebRoot is a bruteforce directory/file scanner, which looks for files and directories on a website which might contain interesting data, but which are not referenced anywhere on the site (for example, include-files and database files located under the webroot). Read more

 

Vulnerabilities & Exploits
securitytracker.com:
RealPlayer Flaw in Processing an Unspecified File Type Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
ArticleLive Bugs Let Remote Users Gain Administrative Access, Inject SQL Commands, and Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Invision Gallery Input Validation Bugs in 'cmd' and 'show' Parameters Permit SQL Injection and Cross-Site Scripting Attacks. Read more

securitytracker.com:
Hosting Controller 'addsubsite.asp' Lets Remote Users Create User and Host Accounts. Read more

securitytracker.com:
PHPCart Authentication Flaw Lets Remote Users Modify Prices During Purchase. Read more

securitytracker.com:
Gossamer Links SQL Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Adobe SVG Viewer 'NPSVG3.dll' 'src' Property Lets Remote Users Determine if Files Exist on the Target System. Read more

securitytracker.com:
Ethereal +50 Dissector Bugs Let Remote Users Deny Service or Execute Arbitrary Code. Read more

securitytracker.com:
SimpleCam Directory Traversal Flaw Discloses Files to Remote Users. Read more

securitytracker.com:
Apple Mac OS X vpnd Buffer Overflow in 'Server_id' Yields Root Privileges to Local Users. Read more

www.securiteam.com:
NetWin DMail Format String (xtellmail, Exploit). Read more

www.securiteam.com:
Avoiding Stack Protections Shellcode Example. Read more

www.securiteam.com:
ZeroBoard Worm Source Code. Read more

 

News
www.theregister.co.uk:
Users untouched by mobile viruses despite hype. Read more

informationweek.com:
Sober Hasn't Slowed, Still Accounts For Four Of Five Worms And Viruses. Read more

informationweek.com:
How To Stop The Sober Worm. Read more

news.com.com:
Hackers figure out file extraction from Sony UMD. Read more

www.newsfactor.com:
Panda Software Claims Zero-Day Virus Defense. Read more

news.zdnet.co.uk:
Google Web Accelerator sparks privacy fears. Read more

informationweek.com:
Database Aids Fight Against Crime. Read more

05 May 2005

Trojan News April

 

Guides, Papers, etc
Reverse-Engineering Malware by Lenny Zeltser. Read more

Poison Ivy Farmers: Virus Collections. Read more

The Decompilation Wiki.
Decompilation techniques were initially used in the 1960s to aid in the migration of programs from one platform to another.
Since then, decompilation techniques have been used to aid in the recovery of lost source code, debugging of programs, locating of viruses,
comprehending programs, recovery of high-level views of programs, and more. Read more

www.technologyreview.com:
The 'Nature' of Net Viruses. Read more

www.pcworld.com:
Rootkits: Invisible Assault on Windows. Read more

cyber.law.harvard.edu:
Illegal Internet Networks in the Developing World. Read more

cyber.law.harvard.edu:
Computer Hacking: Making the Case for a National Reporting Requirement. Read more

cyber.law.harvard.edu:
Information Cannot be Owned. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
FishCart Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

securitytracker.com:
NetWin DMail Bugs Let Remote Users Bypass Authentication and Potentially Execute. Read more

securitytracker.com:
ASP Inline Corporate Calendar Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
Apple Terminal Window Title Input Validation Error May Let Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
Mac OS X Xterm Configuration Window Title Input Validation Error May Let Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
Apple Terminal 'x-man-path:' Input Validation Flaw May Let Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
Apple Help Viewer May Let Remote Javascript Access Files on the Target System. Read more

securitytracker.com:
NetInfo Setup Tool '-target' Command Line Buffer Overflow Yields Root Privileges to Local Users. Read more

securitytracker.com:
Mac OS X Foundation Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Mac OS X chfn/chpass/chsh Code Paths May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
AppleScript Editor URL Protocol Messaging Machanism Lets Remote Users Obfuscate Scripting Code. Read more

securitytracker.com:
AppKit TIFF File NXSeek() Exception Lets Remote Users Crash the Application. Read more

www.securiteam.com:
I-Mall Commerce i-mall.cgi Arbitrary Command Execution (Exploit). Read more

aluigi.altervista.org:
Gamespy cd-key validation system. Read more

 

News
www.theregister.co.uk:
Spyware scumbags make $2bn a year. Read more

www.theinquirer.net:
Sites trying to save Aussie woman hacked. Read more

www.vnunet.com:
Bugwatch: Next-generation 'zero-day' attacks. Read more

www.benedelman.org:
Ask Jeeves Toolbar Installs via Banner Ads at Kids Sites. Read more

www.sans.org:
The Most Critical New Vulnerabilities Discovered or Patched During the First Quarter of 2005. Read more

www.computerworld.com.au:
Sober-N Virus - Big Bark, Small Bite in Oz. Read more

www.linuxworld.com.au:
Apple issues monster security patch. Read more

news.com.com:
Phishing attacks take a new twist. Read more

www.arnnet.com.au:
Mobile viruses yet to travel Down Under. Read more

news.com.com:
U.S. military security defeated by copy and paste. Read more

news.com.com:
Security fears put wrench in VoIP networks. Read more

news.zdnet.co.uk:
eBay sends out mixed messages on security. Read more

04 May 2005

Trojan News April

 

Guides, Papers, etc
www.cs.berkeley.edu:
How many ways to 0wn the Internet? Towards Viable Worm Defenses. Read more

www.windowsecurity.com:
How to Audit your Network via Packet Analysis. Read more

www.itee.uq.edu.au:
Using a Decompiler for Real-World Source Recovery. Read more

engr.smu.edu:
ELECTRONIC ATTACKS. Read more

blackhat.com:
WLAN and Stealth Issues. Read more

engr.smu.edu:
Viruses and Worms by Tom Chen. Read more

engr.smu.edu:
Research in Computer Viruses and Worms by Tom Chen. Read more

engr.smu.edu:
Malware Research at SMU by Tom Chen. Read more

engr.smu.edu:
Parallels Between Biological and Computer Epidemics by Tom Chen. Read more

Phishing to Steal Your PC,Money, and Identity by Tom Chen. Read more

www.g-con.org:
WarDriving in Mexico City. Read more

 

Tools:
nzeka-labs.com:
tHork FrameWork is an exploit framework that allows you to put all the exploits you want in a repertory in order to access them (with a search engine) whenever you want. Read more

www.rstack.org:
WKnock is a GPL tool that allows you to hide your Access Point against opportunistic attackers (wardrivers, etc). Read more

prdownloads.sourceforge.net:
Yersinia implements several attacks for the following protocols: Spanning Tree (STP), Cisco Discovery (CDP), Dynamic Host Configuration (DHCP), Hot Standby Router (HSRP), Dynamic Trunking (DTP), 802.1q and VLAN Trunking (VTP), helping the pen-tester in different tasks, e.g. Download

 

Vulnerabilities & Exploits
securitytracker.com:
Symantec Gateway Security ICMP Processing Error Lets Remote Users Deny Service. Read more

securitytracker.com:
SitePanel 2 Validation Bugs Let Remote Users Execute Arbitrary Commands, View Arbitrary Files, and Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
osTicket Bugs Let Remote Users Execute Arbitrary Commands and Permit Directory Traversal, SQL Injection, and Cross-Site Scripting Attacks. Read more

securitytracker.com:
PostgreSQL Character Conversion and tsearch2 Bugs Let Remote Users Deny Service or Execute Commands. Read more

securitytracker.com:
RaidenFTPD SITE 'urlget' Command Allows Remote Users to Access Arbitrary Files on the Server. Read more

securitytracker.com:
JGS-Portal 'id' Parameter Input Validation Hole Lets Remote Users Inject SQL Commands. Read more

securitytracker.com:
Oops! auth() Format String Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
Privilege Escalation in BulletProof FTP Server (Exploit). Read more

www.securiteam.com:
WINS Vulnerability/OS Scanner. Read more

www.debian.org:
DSA-720-1 smartlist -- wrong input processing. Read more

 

News
www.theregister.co.uk:
World Cup worm gives Windows users the willies. Read more

news.com.com:
Sober worm spreads like wildfire. Read more

reviews.cnet.com:
Sober.p prevention and cure. Read more

Fake PayPal in Spain. Warning!

news.com.com:
Free security scan raises questions. Read more

www.newsfactor.com:
Hackers Widen Their Attacks. Read more

news.com.com:
More hacking targets iTunes, antivirus wares. Read more

news.com.com:
Hackers try to take down U.K. cops. Read more

www.nzherald.co.nz:
Internet fraud hits bank customer. Read more

news.com.com:
Research: Spyware industry worth billions. Read more

www.theregister.co.uk:
Brits fall prey to phishing. Read more

www.vnunet.com:
China's largest bank switches to Linux. Read more

03 May 2005

Trojan News April

Guides, Papers, etc
Book Description
Reversing: Secrets of Reverse Engineering. Beginning with a basic primer on reverse engineering-including computer internals, operating systems, and assembly language-and then discussing the various. Read more

Tracking the Attacker
Conquering the Bastion of Internet Anonymity. Read more

www.securityfocus.com:
Sarbanes Oxley for IT Security? Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Invision Power Board URL Parameter Input Validation Error Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Linux Kernel sysfs File Permissions Set By it87 and via686a Drivers Allow Local Users to Deny Service. Read more

www.securitytracker.com:
GnuTLS Padding Validation Error Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Video Cam Server Lets Remote Users Traverse the Directory, Determine the Installation Path, and Deny Service. Read more

www.securitytracker.com:
Open WebMail Input Validation Hole Prior to open() Call Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
HP OpenView Event Correlation Services Unspecified Flaws Let Remote Users Execute Arbitrary Code or Deny Service. Read more

www.securitytracker.com:
HP OpenView Network Node Manager Unspecified Flaws Let Remote Users Execute Arbitrary Code or Deny Service. Read more

www.securitytracker.com:
Mtp Target Format String and Integer Overflow Bugs Let Remote Users Deny Service. Read more

www.securitytracker.com:
ARPUS/Ce Buffer Overflow Lets Local Users Obtain Root Privileges. Read more

www.securitytracker.com:
GlobalSCAPE Secure FTP Server Malformed Request Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.billingsgazette.com:
Internet virus hunters live for chase. Read more

www.zdnet.com.au:
Virus preys on World Cup ticket rush. Read more

news.zdnet.co.uk:
Another Sobering thought for PC users. Read more

www.chinatechnews.com:
Chinese Hacker Captured After Taunting Law Enforcement. Read more

www.newsfactor.com:
SANS Updates Critical Internet Vulnerabilities List. Read more

news.ft.com:
Pope's death sparks glut of religious junk e-mails. Read more

www.insanely-great.com:
Are Hackers starting to look at Apple? Read more

www.securitypipeline.com:
Gabby IM Worm Muzzled. Read more

02 May 2005

Trojan News April

Guides, Papers, etc
Tracking the Attacker
Conquering the Bastion of Internet Anonymity.

www.securitypipeline.com:
Hotspot Hacking And How To Fight It. Read more

www.securitypipeline.com:
7 Ways To Secure Yourself At Wi-Fi Hotspots. Read more

www.osnews.com:
My Days with Longhorn. Read more

 

Vulnerabilities & Exploits
www.securiteam.com:
SNMPPd Format String Vulnerability (Exploit). Read more

www.securiteam.com:
AJ Web Server Buffer Overflow DoS. Read more

www.securiteam.com:
Ashley's Web Server DoS (Exploit). Read more

www.securiteam.com:
ARPUS/Ce's Privilege Escalation (Setuid Exploit). Read more

www.securiteam.com:
ArcGIS Local Format String Exploit. Read more

www.securitytracker.com:
ViArt Shop Input Validation Holes Permit Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
MaxWebPortal Has Input Validation Holes in Multiple Scripts That Permit SQL Injection and Grant Remote Administrative Access. Read more

www.securitytracker.com:
ArcGIS Buffer Overflows and Format String Errors Let Local Users Gain Root Privileges. Read more

 

News
nwc.securitypipeline.com:
Bagle Worm Is Evidence Of Underground Class Of Professional Criminal Programmers. Read more

australianit.news.com.au:
Mobile virus spreads. Read more

www.zdnet.com.au:
Older viruses wage war against Windows. Read more

www.linuxworld.com.au:
Sony Ericsson hacker appeals imprisonment. Read more

www.securitypipeline.com:
New York Attorney General Files Spyware Lawsuit Against Internet Marketer. Read more

01 May 2005

Guides, Papers, etc
Raw Sockets. The Warning by Steve Gibson some Years ago:
Why Windows XP will be the Exploitation Tool of Choice for Internet Hackers Everywhere. Read more

Raw Sockets. The Result:
seclists.org:
Fyodor: Microsoft Tightens the Noose on Raw Sockets. Read more

www.zdnet.com.au:
Microsoft tries to quell TCP/IP 'danger'. Read more

www.zdnet.com.au:
Microsoft plays tag with 'raw sockets'. Read more

www.interact-sw.co.uk:
Raw Sockets Gone in XP SP2. Read more

 

www.eweek.com:
The State of New York vs. The Adware Mob. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Kerio MailServer Administration Port Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Kerio Personal Firewall Administration Port Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Kerio WinRoute Firewall Administration Port Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Kerio MailServer Permits Remote Brute Force Password Determination. Read more

www.securitytracker.com:
Kerio Personal Firewall Permits Remote Brute Force Password Determination. Read more

 

News
www.sci-tech-today.com:
Gates: Next Decade Will Bring 'New Wave of Innovation'. Read more

www.newsfactor.com:
Report: Zafi-D Continues Reign at Top of Virus List. Read more

www.thenewstribune.com:
Nasty worm gives state computers indigestion. Read more

www.eweek.com:
Hushmail DNS Attack Blamed on Network Solutions. Read more

www.eweek.com:
Spitzer Sues Intermix over Adware, Spyware Downloads. Read more

news.zdnet.co.uk:
Infosecurity conference sees Russian invasion. Read more

www.zdnet.com.au:
Smart phone owners are savvy about viruses. Read more


Copyright© MegaSecurity.org