Home    News Archive    Translate Traducen
News May 2006
31 May 2006

Guides, Papers, etc
company.drweb.com:
Igor Danilov: "The Anti-Virus Software Market Is A Big Bubble". Read more

wired.com:
18 Days of Reckless Computing. Read more

www.certmag.com:
Users Versus Hackers: Which Are Worse? Read more

blogs.zdnet.com:
It's time to toss out your antivirus software. Read more

news.ft.com:
Employees may be opening doors to criminals. Read more

news.com.com:
On the hunt for Vista bugs. Read more

www.infoworld.com:
Wrestling with Windows' hidden "features". Read more

www.wired.com:
Neutral Net? Who Are You Kidding? Read more

www.securityfocus.com:
Abandon e-mail! Read more

www.matousec.com:
Design of ideal personal firewall. Read more

blogs.ittoolbox.com:
Chief Hacks Around With Google. Read more

www.matousec.com:
Kerio Personal Firewall 4.3.246 - Review. Read more

www.deccanherald.com:
Making sense of Window’s Vista. Read more

ddanchev.blogspot.com:
The Global Security Challenge - Bring Your Know-How. Read more

blogs.securiteam.com:
Service@amazon.com. Read more

www.regdeveloper.co.uk:
Deconstructing databases with Jim Gray. Read more

www.usatoday.com:
Staying in touch while abroad takes thought. Read more

 

Tools:
fileforum.betanews.com:
F-Secure BlackLight 2.2.1037 Beta. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Rising Antivirus Stack Overflow in Scanning ACE Archives Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
ZipCentral Buffer Overflow in Processing ZIP Files Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
PHP libcurl Bug in Processing 'file://' URLs Containing NULL Characters Lets Users Bypass Safe Mode Restrictions. Read more

securitytracker.com:
DGNews 'Upload Photo' Lets Remote Authenticated Users Upload Arbitrary Files. Read more

securitytracker.com:
D-Link DSA-3100 Router Input Validation Hole in 'login_error.shtml' Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
tinyBB Bugs Permit Cross-Site Scripting and SQL Injection Attacks and Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Enigma Haber Multiple Input Validation Holes Let Remote Users Inject SQL Commands. Read more

securitytracker.com:
MiniNuke Missing Input Validation in 'Your_Account.asp' Permits SQL Injection Attacks. Read more

securitytracker.com:
ASPBB Input Validation Flaw in 'perform_search.asp' Permits Cross-Site Scripting Attacks. Read more

 

News
www.playfuls.com:
The Appocalipse for Antivirus producers: Windows OneCare launched. Read more

www.securityfocus.com:
Macro virus aims at OpenOffice, StarOffice. Read more

www.aberdeennews.com:
Hackers gain access to server hosting bank Web sites. Read more

www.startribune.com:
Hackers send Premier Bank users to fake website. Read more

www.theitshield.com:
Mail Written In Russian Spreads Scano Worm. Read more

www.securityfocus.com:
MPAA accused of hacking. Read more

www.theregister.co.uk:
Amnesty takes a strike against web censorship. Read more

www.it-observer.com:
State of Technology: Beating Back Hackers. Read more

www.prestontoday.ne:
Cult of video vandals (with example footage). Read more

news.com.com:
Vista revs up peer-to-peer engine. Read more

news.yahoo.com:
Japanese teen charged for phishing. Read more

30 May 2006

Guides, Papers, etc
www.computerworld.com.au:
Security Adviser: Schneier sensible. Read more

www.zdnet.com.au:
First mobile phone virus nears 2nd birthday. Read more

software.silicon.com:
Mobile malware: Two years on...Read more

www.eweek.com:
Vista Security Check: This Time Microsoft Means Business. Read more

vorm.net:
Defeating voice captchas. Read more

www.eweek.com:
Act as If You Care About Security. Read more

www.smh.com.au:
Hostage threat to home PCs. Read more

www.mightyseek.com:
Audio: Mighty Seek Podcast #15 - News and Misc Topics. Read more

www.amirtofangsazan.blogspot.com:
The broken laptop i sold on ebay. Read more

 

Tools:
www.lifehacker.com:
Geek to Live: Use your cell phone as a modem. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
jetty6 Input Validation Flaws Let Remote Users Traverse the Directory. Read more

securitytracker.com:
MDaemon Heap Overflow in IMAP Service Lets Remote Authenticated Users Execute Arbitrary Code. Read more

 

News
news.zdnet.co.uk:
Microsoft investigating fake security email. Read more

times.hankooki.com:
AnLab Posts Warning on 23 Variants of Remote-Controlled Hupigon Virus. Read more

www.mal-aware.org:
Top 10 Targeted Banks and Their Losses. Read more

www.suntimes.com:
Banks work on hooking 'phishers'. Read more

www.fcw.com:
DOD: China fielding cyberattack units. Read more

www.dailymail.co.uk:
Downloads of Net porn hit record high. Read more

29 May 2006

Guides, Papers, etc
www.consortiuminfo.org:
The Word Trojan: Anatomy of an Online Story. Read more

www.it-observer.com:
Rootkits -The new wave of invisible malware is here. Read more

www.techspot.com:
IE7 will be more secure, says Microsoft. Read more

news.taborcommunications.com:
Security is King. Read more

milwaukee.bizjournals.com:
Unsecure connection: Many wi-fi spots vulnerable to hackers. Read more

fraudwar.blogspot.com:
Is the Latest Congressional Scandal a Nigerian Fraud. Read more

www.f-secure.com:
Donate Your Time to Anti-Spam Research. Read more

ddanchev.blogspot.com:
Who's Who in Cyber Warfare? Read more

software.silicon.com:
Analysis: A globetrotter's guide to cyber crime. Read more

blogs.zdnet.com:
Welcome to Google Checkout, that will be $3.14. Read more

www.darkreading.com:
Legal Conundrum. Read more

www.redherring.com:
Beating the Spam Filters. Read more

 

Vulnerabilities & Exploits
www.checksum.org:
Proof of concept that PGP AUTHENTICATION CAN BE BYPASSED WITHOUT PATCHING. Read more

securitytracker.com:
IBM AIX lsmcode Bug Lets Local Users Gain Root Privileges. Read more

securitytracker.com:
Plume CMS Include File Bug in 'manager_path' Parameter Permits Remote Code Execution. Read more

 

News
www.usatoday.com:
Financial firms attack child porn. Read more

www.wane.com:
Amnesty International launches campaign against Internet censorship. Read more

www.itnews.com.au:
Windows 2000 bug alert false alarm. Read more

www.sci-tech-today.com:
Movie Industry Sued for Hacking. Read more

www.technewsworld.com:
Anti-Spyware Leader Unfazed by Microsoft. Read more

www.fin24.co.za:
Virus alert for Windows 98 PCs. Read more

ww1.mid-day.com:
Da Vinci virus hits mobile phone. Read more

news.com.com:
Software taps experts among your friends. Read more

27 May 2006

Guides, Papers, etc
www.linuxdevcenter.com:
How Shellcodes Work. Read more

fraudwar.blogspot.com:
Why Should We Allow Eastern Europe to Export Cyber Crime. Read more

i.i.com.com:
Podcast highlight: AT&T's lawsuit leak. Read more

isc.sans.org:
MS tool to help ensure that your application does not have administrator access as a dependency. Read more

www.informit.com:
SSH Issues: Does Installing SSH Enable More Exploits Than it Solves? Read more

reviews.cnet.com:
Microsoft's path of least user privilege. Read more

msdn.microsoft.com:
Windows XP: Kernel Improvements Create a More Robust, Powerful, and Scalable OS. Read more

www.windowsecurity.com:
Event Log/Monitoring Consolidation. Read more

www.networkworld.com:
Are rootkits really all bad? Read more

www.pbs.org:
The Rich Get Richer: Google Needs Some Ad Sense. Read more

www.businessweek.com:
Meet The Hackers. Read more

www.certmag.com:
Users Versus Hackers: Which Are Worse? Read more

 

Vulnerabilities & Exploits
securitytracker.com:
CosmicShoppingCart Input Validation Holes Permit Cross-Site Scripting and SQL Injection Attacks. Read more

securitytracker.com:
Dayfox Blog Discloses Hashed Passwords to Remote Users. Read more

securitytracker.com:
Symantec AntiVirus Unspecified Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Symantec Client Security Unspecified Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
V-webmail Include File Bug in 'pear_dir' Parameter Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Docebo Include File Bug in 'lang' Parameter Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.securityfocus.com:
Security firm warns of Symantec AV flaw. Read more

today.reuters.com:
Flaw found in Symantec business antivirus software. Read more

www.zdnet.com.au:
ISPs accused of ignoring botnet invasion. Read more

software.silicon.com:
CMA amendment "pure idiocy", says peer. Read more

management.silicon.com:
IT pros criminalised by CMA update? Read more

news.com.com:
Gonzales pressures ISPs on data retention. Read more

www.620ktar.com:
FBI Probes Hacking Incident at Us Weekly. Read more

news.com.com:
Microsoft bug-checking tools promise fewer crashes. Read more

www.itnews.com.au:
Exploit of Windows 2000 zero-day to hit in june. Read more

news.com.com:
Sacred Heart is latest university to be hacked. Read more

www.channelregister.co.uk:
Dating site hack suspect charged. Read more

www.technewsworld.com:
Study Shows Threatening Chat Messages More Common for Women. Read more

26 May 2006

Guides, Papers, etc
blogs.securiteam.com:
My IRC chat with okopipi (a.k.a. Black Frog). Read more

www.windley.com:
China, the Internet's Broken Link. Read more

www.eweek.com:
The Secret Anti-Spammer Death Squads. Read more

blog.washingtonpost.com:
How Many Spams Can a Scammer Scam If a Spammer Can Scam Spams? Read more

www.varbusiness.com:
State of Technology: Beating Back Hackers. Read more

www.technewsworld.com:
Battling E-Commerce Credit Card Fraud. Read more

www.darkreading.com:
When Good Intentions Fail. Read more

blogs.securiteam.com:
Ginwui/Oscor/Gusi… - working CME is needed. Read more

www.awprofessional.com:
Mitigating the WASC Web Security Threat Classification with Apache. Read more

www.physorg.com:
Invention IDs Computer Users By Typing Patterns. Read more

chkpt.zdnet.com:
Audio: Has Microsoft reached a turning point? Another file format makes its debut. How the RIAA resolved its digital dilemma. Listen

www.pcworld.com:
The 25 Worst Tech Products of All Time. Read more

blogs.zdnet.com:
Vista Beta 2, up close and personal. Read more

www.esecurityplanet.com:
Poking Holes in Public HotSpots. Read more

www.arson-network.org:
A Simple Guide to Nmap. Read more

www.arson-network.org:
The Art Of Stealthy Viruses. Read more

www.businessweek.com:
Identity theft gets personal. Read more

 

Tools:
sourceforge.net:
Camera/Shy is the only steganographic tool that automatically scans for and delivers decrypted content straight from the Web. It is a stand-alone, Internet Explorer-based browser that leaves no trace on the user's system and has enhanced security. Read more

tool.motoricerca.info:
Search engine SPAM detector. Read more

 

Vulnerabilities & Exploits
eeye.com:
Symantec. Severity: High (Remote Code Execution). Read more

securitytracker.com:
OpenCms Input Validation Hole in Xml Content Demo Search Query Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
PunBB Lack of Input Validation in 'Admin note' Feature Permits Limited Cross-Site Scripting Attacks. Read more

securitytracker.com:
Cisco VPN Client for Windows Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
PunkBuster Buffer Overflow in WebTool Interface Lets Remote Users Deny Service. Read more

securitytracker.com:
Linux Kernel Netfilter SNMP NAT Memory Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
Chatty :) 'username' Input Validation Hole Cross-Site Scripting. Read more

securitytracker.com:
XScreenSaver rdesktop May Display the Screensaver Password in Another Window. Read more

securitytracker.com:
NetPanzer 'frameNum' Error Lets Remote Users Deny Service. Read more

securitytracker.com:
DSChat Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
tjthedj's ipLogger Input Validation Holes Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Nucleus Include File Bug in 'PLUGINADMIN.php' Lets Remote Users Execute Arbitrary Code. Read more

 

News
us.cnn.com:
Company: Hackers can crack top antivirus program. Read more

www.eweek.com:
Symantec AntiVirus Worm Hole Puts Millions at Risk. Read more

www.usatoday.com:
Researchers: Anti-virus software has flaw. Read more

smeit.com.sg:
Email worm variants using blank subjects spread throughout Asia. Read more

www.computerworld.com:
Red Cross warns blood donors of possible ID thefts in Midwest. Read more

www.usdoj.gov:
Former Michigan School Official and Wife Arrested for Role in $7.3 Million Fraud Scheme. Read more

blogs.securiteam.com:
Hoosmi - a new Word Trojan again? Read more

www.securityfocus.com:
Anti-spam technology resurrected as FrogNet. Read more

www.theregister.co.uk:
Teen hack suspects charged over MySpace extortion bid. Read more

www.theregister.co.uk:
Dating site hack suspect charged. Read more

www.latimes.com:
Firm Says MPAA Hired a Hacker. Read more

www.stuff.co.nz:
Hackers use Google to get private information. Read more

www.vnunet.com:
HSBC steps up fight against fraudsters. Read more

news.bbc.co.uk:
Google and Dell in software deal. Read more

25 May 2006

Guides, Papers, etc
www.trendmicro.com:
Rootkits The new wave of invisible malware is here. Read more

blogs.securiteam.com:
Black Frog: next generation botnet. No generation spam fighting. Read more

www.pcworld.com:
Interview: Microsoft Executive Defends Monthly Patch Cycle. Read more

www.microsoft.com:
Video: Remarks by Bill Gates, Chairman and Chief Software Architect, Microsoft Corporation WinHEC "Advancing the Platform". Read more

i.a.cnn.net:
Audio: "The Digital Life". CNN Headline News anchor Renay San Miguel speaks with Howard Schmidt, former Bush Administration cybersecurity adviser, about the NSA's phone call database, corporate responsibility of your personal information and identity theft "high-risk" groups. Listen

i.a.cnn.net:
Audio: How to Rob a Bank. CNN's Michelle Wright and CNN's Drew Griffin discuss the 21st Century way of bank robbery and its link to identity theft. Listen

www.pcworld.com:
All-in-One Security. Read more

www.security.nl:
Protecting Against Complex Internet Threats. Read more

www.eweek.com:
Is the VOIP Privacy Genie Already out of the Bottle? Read more

www.darkreading.com:
Metro-Mesh: A Hacker's Paradise? Read more

 

Tools:
www.philzimmermann.com:
Secure Voice over IP: Zfone. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Apple Xcode Tools Grants Remote Access to WebObjects Projects. Read more

securitytracker.com:
PostgreSQL Encoding Processes May Let Remote Users Inject SQL Commands. Read more

securitytracker.com:
HP Software Distributor Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
HP OpenView Storage Data Protector Lets Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
HP OpenView Network Node Manager Lets Remote Users Execute Arbitrary Commands, Create Arbitrary Files, and Access the System. Read more

 

News
www.theregister.co.uk:
Report security vulns at your peril. Read more

www.theregister.co.uk:
Skype bug lets 'buddies' swipe files. Read more

www.theregister.co.uk:
Gates rolls out the Beta 2s. Read more

www.vnunet.com:
StopBadware.org names and shames malware. Read more

news.com.com:
MPAA accused of hiring a hacker. Read more

www.vnunet.com:
Botnet floods UK firms with 250 million spams. Read more

cbs4boston.com:
Hacker Leaves Norton Man WIth $26,000 Phone Bill. Read more

www.hardwarezone.com:
26 Email Worm Variants Use Blank Subjects to Spread All Over Asia. Read more

www.theregister.co.uk:
Carders scam spammers. Read more

news.zdnet.co.uk:
Microsoft advises 'safe mode' for Word. Read more

money.cnn.com:
Online scams create "Yahoo! millionaires". Read more

24 May 2006

Guides, Papers, etc
www.viruslist.com:
War-driving in England. Read more

news.com.com:
Video: Gates releases the betas. Watch

news.com.com:
Video: Vista beta goes public. Watch

www.infoworld.com:
Wrestling with Windows' hidden "features". Read more

weblog.infoworld.com:
Where Windows Malware Hides. A table listing over a 180 places where Windows malware can hide. Read more

www.auscert.org.au:
2006 Australian Computer Crime and Security Survey. Read more

searchsecurity.techtarget.com:
Skype: Its dangers and how to protect against them. Read more

www.gutterman.net:
Protecting Our Keystrokes. Read more

www.gutterman.net:
Analysis of the Linux Random Number Generator. Read more

www.fr33d0m.net:
Five Ways to Screw Up SSL. Read more

www.pandasecurity.com:
10 Tips to Combat Phishing. Read more

www.internetnews.com:
WinFX Adds New Security Method. Read more

www.viruslist.com:
A malware matrioshka. Read more

www.infoworld.com:
Imagining a day without Microsoft. Read more

www.technewsworld.com:
Arming Kids Against Sexual Predators on the Net. Read more

www.windowsfordevices.com:
Introducing the June 2006 Windows CE Shared Source Contest. Read more

www.itconversations.com:
Audio: In this interview, Sondra Schneider of Security University speaks with Ron Gula, President and Chief Technical Officer of Tenable Security. Sondra and Ron discuss the convergence of security services and security products in large vulnerable enterprises, the history of network security and other hot topics in IT security. Listen

zdpub.vo.llnwd.net:
Audio: Eye on Spyware. Listen

chkpt.zdnet.com:
Audio: Schwartz vs. Gartner, Dell goes AMD, Symantec, the NSA and more… Listen

www.youtube.com:
Audio: Rap about Hackers and Crackers. Listen

 

Vulnerabilities & Exploits
securitytracker.com:
EMC Retrospect Client Buffer Overflow Lets Remote Users Deny Service. Read more

securitytracker.com:
HP-UX Kernel Bug Lets Local Users Deny Service. Read more

securitytracker.com:
Linksys WRT54GS UPnP Bug Lets Remote Internal Users Cause Packets to Be Forwarded to External Systems. Read more

securitytracker.com:
Fujitsu MyWeb Product Line Input Validation Flaw Permits SQL Injection Attacks. Read more

 

News
www.securityfocus.com:
Veterans Affairs warns of massive privacy breach. Read more

www.securityfocus.com:
Sony BMG rootkit settlement finalized. Read more

www.theregister.co.uk:
MSN Billing Phisher jailed for 21 months. Read more

www.biosmagazine.co.uk:
Hackers Targeting Web Conferencing Software. Read more

www.zdnet.com.au:
Antivirus software 'is being defeated'. Read more

www.computerworld.com.au:
AusCert: Rootkits wreak havoc. Read more

www.law.com:
Preparing for the Malware Epidemic. Read more

www.terra.net.lb:
500-plus nabbed in global Internet scams: US. Read more

www.betanews.com:
Report: 1 in 3 Software Installs Pirated. Read more

www.zdnet.com.au:
Microsoft considers taking admin rights from employees. Read more

today.reuters.co.uk:
Microsoft starts Windows test, launch on target. Read more

blogs.zdnet.com:
The real reason we shouldn't depend on Microsoft for security. Read more

www.abc.net.au:
Viruses a greater problem than hacking: report. Read more

www.training-news.co.uk:
Cyber crime fighters counter ‘licensed penetration’. Read more

www.eweek.com:
Theft of Veterans' Data Shows Security Policy Gap. Read more

www.washingtonpost.com:
In the Fight Against Spam E-Mail, Goliath Wins Again. Read more

www.wired.com:
Security vs. Privacy: The Rematch. Read more

news.com.com:
Common code base for Vista, Longhorn Server. Read more

www.reghardware.co.uk:
AMD Socket AM2, Athlon 64 FX-62. Read more

23 May 2006

Guides, Papers, etc
www.cerias.purdue.edu:
Reporting Vulnerabilities is for the Brave. Read more

www.baselinemag.com:
Computer Security: Your 5-Step Survival Guide. Read more

www.newsfactor.com:
Security Feature Could Irk Vista Users. Read more

www.linuxinsider.com:
Richard Stallman Sets the Free Software Record Straight. Read more

www.informationweek.com:
Analysis: Microsoft's Security Ambitions. Read more

www.eweek.com:
Is the VOIP Privacy Genie Already out of the Bottle? Read more

conference.auscert.org.au:
AusCERT Asia Pacific Information Technology Security Conference. Read more

 

Tools:
www.epic.org:
EPIC Online Guide to Practical Privacy Tools. Read more

www.pando.com:
Pando is free software that lets you send and receive files and folders of any size* with your existing email account. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
BitZipper Directory Traversal in Processing RAR/TAR/ZIP/GZ/JAR Archives Lets Remote Users Write Files to Arbitrary Locations. Read more

securitytracker.com:
Cyrus IMAP Server POP3 Server 'popsubfolders' Buffer Overflow in USER Command Lets Remote Users Execute Arbitrary Code. Read more

 

News
news.zdnet.co.uk:
Government to force handover of encryption keys. Read more

www.usatoday.com:
VA computer disk stolen. Read more

www.vnunet.com:
Commercial software opens cyber-terror backdoor. Read more

masseynews.massey.ac.nz:
‘Google hacking’ attacks rising. Read more

www.techtree.com:
Symantec Suit Might Delay Vista. Read more

www.theregister.co.uk:
Microsoft promises bright, complex virtualization future. Read more

news.zdnet.co.uk
Microsoft pushes pay-as-you-go computing. Read more

www.technewsworld.com:
Code Pioneer Develops Encryption Method for Windows-Based VoIP. Read more

www.technewsworld.com:
State Department Wary of Lenovo Computers. Read more

www.darkreading.com:
New Vulnerabilities Flare in Sun Solaris. Read more

edition.cnn.com:
Africans pay $1,800 for 1GB of data. Read more

www.theregister.co.uk:
IM worm installs rogue browser. Read more

www.theregister.co.uk:
Trojan exploits unpatched Word vulnerability. Read more

www.redorbit.com:
When You Take Work Home, Make Sure Security Goes With It. Read more

www.nytimes.com:
New Fears of Security Risks in Electronic Voting Systems. Read more

computerworld.co.nz:
Gartner sees declining need for tech skills as commodity apps become more prevalent. Read more

22 May 2006

Guides, Papers, etc
blogs.securiteam.com:
New Word 0-day - reminding about the benefits of non-DOC file formats. Read more

blogs.securiteam.com:
Mitigating Newly-Reported Word Vulnerability. Read more

www.theregister.co.uk:
Whatever happened to PGP? Read more

www.reconnex.net:
Reconnex Insider Threat Index Reveals Use of Remote Access and Rogue VOIP Protocols, Exposure of Confidential Information. Read more

www.zone-h.org:
The biggest hacking incident in the web-hosting history. Read more

www.eecs.umich.edu:
The 4th Workshop on Recurring Malcode (WORM). Read more

blog.spywareguide.com:
The (un)Safety Browser: Latest IM Hijack. Read more

www.informit.com:
Instant Messaging and Security. Read more

 

News
www.zdnet.com.au:
Trojan attacks spur Microsoft security UI changes. Read more

www.vnunet.com:
Yahoo Messenger worm turns on IE. Read more

www.theinquirer.net:
Sausage factory workers sacked after porn probe. Read more

www.theinquirer.net:
Trojan brings its own version of IE. Read more

news.zdnet.com:
University server in hackers' hands for a year. Read more

www.computerworld.com.au:
Research paper shows holes in security approaches. Read more

www.techworld.com:
'IT nightmare' Skype burrows into networks. Read more

news.com.com:
The fight against V1@gra (and other spam). Read more

www.topix.net:
Hackers foul ugliest dog competition. Read more

techdirt.com:
When Domain Names Sell For $7.5 Million... Watch Out. Read more

money.cnn.com:
Creator of 'Doom' has a 'sneaky little plan'. Read more

20 May 2006

Guides, Papers, etc
www.technologyreview.com:
Inside the Spyware Scandal -- Part 3. Read more

www.darkreading.com:
Custom Trojans: The Next Big Thing. Read more

www.f-secure.com:
Word gets exploited. Read more

news.com.com:
Video: Microsoft, Symantec and insecurity. Watch

news.com.com:
Video: Symantec takes on Microsoft. Watch

news.com.com:
Video: Symantec vs. Microsoft. Watch

news.com.com:
Video: Symantec's relevance in a Microsoft world. Watch

www.podtrac.com:
Audio: Steve Gibson with Leo Laporte. Security Now 40: Listener Q&A 7. Listen

blogs.zdnet.com:
What if Microsoft was truly evil. Read more

blogs.zdnet.com:
Bank's defense of bad security: Everyone else does it. Read more

blogs.zdnet.com:
Google Web Toolkit released - rumors of Morfik alliance? Read more

www.businessweek.com:
Meet The Hackers. Read more

www.press-citizen.com:
'White hat hackers' compete. Read more

www.darkreading.com:
If You Know, Tell. Read more

www.darkreading.com:
Hold Their Feet to the Fire. Read more

www.darkreading.com:
Hack My Dog? Read more

www.darkreading.com:
'Free' Skype Could Be Costly. Read more

searchsecurity.techtarget.com:
Treating email as potential evidence. Read more

blog.siteadvisor.com:
Are Smileys Safe? Read more

www.consumerist.com:
HOW TO: Get Through Having Your Identity Stolen. Read more

 

Tools:
www.klcconsulting.net:
SMAC 2.0 is RELEASED. Read more

blogs.ittoolbox.com:
Resource: Computer Forensics Toolkit. Read more

www.baselinemag.com:
Intrusion Prevention Systems. Read more

 

Vulnerabilities & Exploits
www.skype.com:
SKYPE-SB/2006-001: Improper handling of URI arguments. Read more

securitytracker.com:
Microsoft Word XP and Word 2003 Lets Remote Users Cause Arbitrary Code to Be Executed. Read more

securitytracker.com:
MOBOTIX IP Network Camera Input Validation Bugs Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Sun Java Application Server Default Error Page Input Validation Hole Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Sun Java System Web Server Default Error Page Input Validation Hole PermitsCross-Site Scripting Attacks. Read more

securitytracker.com:
FrontRange Solutions iHEAT Active-X Component Lets Remote Authenticated Users Execute Arbitrary Code. Read more

securitytracker.com:
PHPLib Input Validation Flaws Let Remote Users Inject SQL Commands and Execute Arbitrary PHP Code. Read more

securitytracker.com:
SAP sapdba Command for Informix Environment Variable Bug Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Bitrix Site Manager Discloses Information to Remote Users and Permits Cross-Site Scripting Attacks. Read more

www.myantispyware.com:
Found exploit using new Microsoft Word vulnerability. Read more

 

News
today.reuters.com:
Web inventor says brainchild is ready for big leap. Read more

www.securityfocus.com:
Mass defacement puts Turkey on the map. Read more

today.reuters.com:
Symantec sues Microsoft in contract dispute. Read more

www.theregister.co.uk:
Symantec moves to slap Redmond with Vista injunction. Read more

www.securitypronews.com:
South Korean Zombie Master Apprehended. Read more

www.informationweek.com:
MSN Phisher Sentenced to 21 Months. Read more

www.prnewswire.com:
Self-Propagating Worm Installs Unsafe 'Safety Browser'. Read more

www.redherring.com:
Microsoft Buys Security Firm. Read more

www.emailbattles.com:
How Article 57 Quietly Perverts China's New Anti-Spam Regs. Read more

www.reghardware.co.uk:
MS posts PC Vista-viability tool. Read more

news.zdnet.com:
Skype bug may expose user data. Read more

trends.newsforge.com:
US military is blocking Slashdot and SourceForge.net. Read more

www.crn.com.au:
Bizarre phishing scam. Read more

blogs.ittoolbox.com:
Thief Turns Over Stolen Property To Nab Child Molester. Read more

www.itnews.com.au:
Symantec warns of bot sniffing for Veritas vulnerability. Read more

www.trimmail.com:
Spamming Trick: Don't overwork your zombies. Read more

19 May 2006

Guides, Papers, etc
www.eweek.com:
Search Engines Need to Take Responsibility for Sponsored Links. Read more

isc.sans.org:
Targeted attack: experience from the trenches (NEW). Read more

www.pcflank.com:
New PCFlank Leak Test Reveals Firewalls' Weakness. Read more

www.pcflank.com:
Webroot Desktop Firewall Review. Read more

www.isedb.com:
When and Why Should you Secure Multiple Domains. Read more

 

Vulnerabilities & Exploits
isc.sans.org:
RealVNC exploits in the wild (NEW). Read more

securitytracker.com:
Novell eDirectory iMonitor Buffer Overflow Has Unspecified Impact. Read more

securitytracker.com:
Sun N1 System Manager Shell Scripts Let Local Users Access System Manager Passwords. Read more

securitytracker.com:
libextractor Buffer Overflow in Processing ASF and QT Files Permit Arbitrary Code Execution. Read more

securitytracker.com:
IntelliTamper '*.map' File Processing Flaw Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Spymac Web OS Multiple Input Validation Holes Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
IZArc Buffer Overflow in 'unacev2.dll' in Processing ACE Archives Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Eazel Buffer Overflow in 'ztvunacev2.dll' in Processing ACE Archives Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
LiveData ICCP Server Heap Overflow May Let Remote Users Execute Arbitrary Code. Read more

 

News
news.com.com:
ISP snooping plans take backseat. Read more

news.xinhuanet.com:
U.S.anti-virus firm accuses Microsoft of misusing technologies. Read more

news.com.com:
Symantec sues Microsoft over storage tech. Read more

www.zone-h.or:
The biggest hacking incident in the web-hosting history. Read more

www.informationweek.com:
Judges And Prosecutors Throw The Book At Hackers. Read more

18 May 2006

Guides, Papers, etc
Inside the Spyware Scandal -- Part 1
When Sony BMG hid a "rootkit" on their CDs last year, they spied on you and let hackers in. What were they thinking? Read more

Inside the Spyware Scandal -- Part 2.
The "rootkit" on Sony BMG CDs was meant to prevent consumers from disabling anti-piracy software. It didn't stop one group. Read more

condor.depaul.edu:
Video: Computer Security Threats by Mikko Hyppönen. Watch

media.grc.com:
Audio: Buffer Overruns. Listen

isc.sans.org:
Do we Know our enemy? Read more

www.baselinemag.com:
3 Key Computer Security Tools for 2006. Read more

www.networkworld.com:
Big bank goes phishing. Read more

linuxgazette.net:
Preventing DDoS attacks. Read more

www.wired.com:
The Ultimate Net Monitoring Tool. Read more

www.websense.com:
Protecting Against Complex Internet Threats. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Sun Java System Directory Server May Grant Console Access to Remote Users. Read more

securitytracker.com:
PHP-Fusion Input Validation Bug in 'messages.php' Permits SQL Injection Attacks. Read more

securitytracker.com:
Resin Input Validation Flaw in Documentation Viewer Lets Remote Users Traverse the Web Root Directory. Read more

securitytracker.com:
Resin Input Validation Flaw in the Built-in Web Server Lets Remote Users Traverse the Directory By Specifying an Absolute Path. Read more

 

News
wired.com:
Under Attack, Spam Fighter Folds. Read more

www.securityfocus.com:
Blue Security folds under spammer's wrath. Read more

economictimes.indiatimes.com:
Cell-shock: Hackers call up. Read more

www.theregister.co.uk:
Japanese power plant secrets leaked by virus. Read more

www.theregister.co.uk:
Killjoy Trojan deletes warez and smut. Read more

www.itnews.com.au:
Sophos: Pokie virus still causing havoc. Read more

news.zdnet.co.uk:
Corporate keylogger infections up 50 percent. Read more

www.computerworld.com:
FBI special agent recounts outsourcing horror story. Read more

www.vnunet.com:
Cyber-crooks take aim at online gamers. Read more

www.eweek.com:
When Will Microsoft Be 'Trusted'? Read more

www.fox43tv.com:
Public-private coalition unveils new computer security resource. Read more

www.biosmagazine.co.uk:
UK Hosts World's Largest Security Exhibition. Read more

www.technewsworld.com:
Spyware Menacing Workplace Computers. Read more

17 May 2006

Guides, Papers, etc
www.securityfocus.com:
Malicious cryptography, part two. Read more

www.microsoft.com:
Security Management - May 2006. Ten Principles of Microsoft Patch Management. Read more

www.techweb.com:
Keyloggers, Spyware Continue To Strike Enterprises. Read more

searchsecurity.techtarget.com:
Survey: Women more likely to download spyware. Read more

www.csoonline.com:
5 Ways Google is Shaking the Security World. Read more

www.prweb.com:
Is SITEKEY and One Time Passwords Really 2 Factor Security. Read more

ddanchev.blogspot.com:
Techno Imperialism and the Effect of Cyberterrorism. Read more

 

Tools:
www.windowsitpro.com:
Nmap 4.0 Does Windows. Read more

 

Vulnerabilities & Exploits
www.48bits.com:
Path conversion design flaw in NTDLL. Read more

securitytracker.com:
Abakt Buffer Overflow in Processing Zip Files Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
MP3Info Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
NetWare 'PORTAL.NLM' Crash May Cause the Target User's Password to Be Written to the Log File. Read more

securitytracker.com:
easyEvent Input Validation Hole in 'curr_year' Parameter Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
FlexChat Input Validation Holes Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
WebLogic Server JTA Transactions May Be Sent Unencrypted. Read more

securitytracker.com:
WebLogic Server Quality of Service Error Causes Transaction Coordinator Messages to Be Sent Unencrypted. Read more

securitytracker.com:
WebLogic Server Admin Password Reset Mechanism May Disclose the Password to Local Users. Read more

securitytracker.com:
Maxx Schedule Input Validation Flaw in 'logon.asp' Lets Remote Users Injection SQL Commands and Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
PopPhoto Include File Bug in 'popphoto_base_path' Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.techweb.com:
Microsoft Seen Overtaking Consumer Security Software Market. Read more

www.theregister.co.uk:
Search results lead to malicious sites. Read more

www.boston.com:
Cyber attacks could be devastating, expert says. Read more

www.itnews.com.au:
INTERVIEW - Cyber threats to US business grow more dangerous. Read more

www.darkreading.com:
A Helpful Trojan Horse? Read more

www.wired.com:
Under Attack, Spam Fighter Folds. Read more

djtechnocrat.blogspot.com:
Myspace Phishing Attacks on the Rise. Read more

www.securityfocus.com:
PC leaks data from Japanese power plant. Read more

www.techworld.com:
Skype 2.5's new stealth mode "cracked. Read more

www.tgdaily.com:
Panda Software warns that malware increasingly targets MMOs. Read more

software.silicon.com:
Spyware thrives in the corporate space. Read more

www.prweb.com:
Antirootkit.com - Rooting Out Rootkits. Read more

www.channelregister.co.uk:
eBay anti-virus pirates sued. Read more

www.darkreading.com:
Phishing Gets Phancy. Read more

www.nzherald.co.n:
Internet banking hacker fleeces couple. Read more

www.itnews.com.au:
Security worries slow online banking growth. Read more

www.newsfactor.com:
Banks Get Wise to Phishing Fraud. Read more

www.newsfactor.com:
Chat Rooms Help FBI Hunt for Pedophiles. Read more

16 May 2006

Guides, Papers, etc
www.usatoday.com:
Security feature in Microsoft's new Windows could drive users nuts. Read more

www.f-secure.com:
How's your poker face? Read more

www.silicon.com:
Password Hell (Part 1): The IT chief's nightmare. Read more

www.silicon.com:
Password Hell (Part 2): Companies must get it right... now. Read more

www.computerworld.com.au:
Determina beats intruders to application hacking. Read more

blogs.zdnet.com:
New anatomy of a hack. Read more

www.networkworld.com:
Are Microsoft's cookies super? Read more

 

Vulnerabilities & Exploits
isc.sans.org:
RealVNC Exploits, Bleeding Snort Signature (NEW). Read more

secdev.zoller.lu:
Zango Adware - Insecure Auto-Update and File Execution. Read more

www.cybsec.com:
Phishing Vector in SAP BC (Business Connector). Read more

securitytracker.com:
SAP Business Connector Lets Remote Authenticated Users View and Delete Files. Read more

securitytracker.com:
Dokeos Include File Bug in 'authldap.php' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
FilZip Buffer Overflow in 'unacev2.dll' in Processing ACE Archives Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Sugar Suite 'sugarEntry' Globals Entry Lets Remote Users Include and Execute Arbitrary Code. Read more

securitytracker.com:
Clam AntiVirus 'freshclam' May Let Local Users Access Files With Elevated Privileges. Read more

securitytracker.com:
SelectaPix May Disclose the Installation Path to Remote Users. Read more

securitytracker.com:
Apple FTPServer Buffer Overflow Lets Remote Authenticated Users. Read more

 

News
www.securityfocus.com:
Telecos under fire for helping NSA wiretaps. Read more

www.securityfocus.com:
Protection from prying NSA eyes. Read more

www.theregister.co.uk:
Botnet implicated in click fraud scam. Read more

www.baselinemag.com:
Highly Critical RealVNC Flaw Fixed. Read more

www.theregister.co.uk:
US man jailed for hacking supervisor's PC. Read more

news.com.com:
Congress may make ISPs snoop on you. Read more

www.dailytech.com:
Pirate Windows? Buy The Retail Version at a $100 Discount. Read more

15 May 2006

Guides, Papers, etc
blogs.securiteam.com:
Some thoughts about delay in Bugtraq moderating. Read more

www.cs.cornell.edu:
A Survey of DNS Security: Most Vulnerable and Valuable Assets. Read more

www.eweek.com:
Wield the Shield: How Trustworthy Is Your OS? Read more

isc.sans.org:
CLICKbot. Read

www.securityabsurdity.com:
Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security. Read more

www.rsasecurity.com:
Phishing Supply Chain--Part 1 of 2. Read more

www.rsasecurity.com:
Phishing Supply Chain--Part 2 of 2. Read more

www.audioblog.com:
Video: Online safety help for parents. Watch

edition.cnn.com:
Video: Egyptian blogger jailed. Watch

www.rsasecurity.com:
Speaking of Security Podcast #15. Listen

sunbeltblog.blogspot.com:
When hackers try to con hackers. Read more

spywarewarrior.com:
Anti-Spyware Programs: Feature Comparison. Read more

www.windowsecurity.com:
Wireless Security Attacks and Defenses. Read more

 

News
publications.mediapost.com:
Accused Of Deception, Adware Firm Tries 'Deception' -- A Warner Bros. Soap. Read more

www.techworld.com:
Apple patch fails to hit all flaws. Read more

www.securitypark.co.uk:
Dramatic rise in adware, malicious Trojans and spyware. Read more

www.pcworld.idg.com.au:
Vigilante Trojan attacks other malware. Read more

www.pcworld.idg.com.au:
Owl worm puts printers in a flap. Read more

www.techweb.com:
U.S. Dismisses Google Complaint, Says IE 7 Plays Fair. Read more

blogs.zdnet.com:
Anti-spyware program installs WhenU adware. Read more

www.theinquirer.net:
Killer phrase will fill your PC with spam. Read more

today.reuters.co.uk:
Cyber threats to US business grow more dangerous. Read more

13 May 2006

Guides, Papers, etc
news.com.com:
Video: Microsoft warns about Flash flaw. Watch

weblog.infoworld.com:
Professional Windows Desktop and Server Hardening by Roger Grimes. Read more

weblog.infoworld.com:
Potentially Malicious Windows Files by Roger Grimes. Read more

weblog.infoworld.com:
Where Windows Malware Hides by Roger Grimes. Read more

www.enre.umd.edu:
Assessing the Attack Threat due to IRC Channels. Read more

www.infoworld.com:
Blasting away security myths. Read more

www.emailbattles.com:
How To Override "Access Denied" and "Sharing Violation" Roadblocks. Read more

volokh.com:
More Thoughts on the Legality of the NSA Call Records Program. Read more

www2.itcinstitute.com:
Encryption Isn’t Enough: Five Vital Protection Steps. Read more

www.watchyourend.com:
Security/Hacking applications that run on a USB flash drive. Read more

arachnid.homeip.net:
Spyware: Risks and Prevention. Read more

home.dataparty.no:
Winning the War on spam: Comparison of Bayesian spam filters. Read more

www.2-spyware.com:
Cease and desist. Read more

www.podtrac.com:
FLOSS Weekly 5: Miguel de Icaza. This week, the most controversial developer in language design...Listen

www.mightyseek.com:
Video: Privilage Escalation Attacks. Watch

www.netaddiction.com:
Internet Addiction Test (IAT). Read more

 

Vulnerabilities & Exploits
securitytracker.com:
RealVNC May Let Remote Users Connect Without Authenticating. Read more

securitytracker.com:
Anti-Trojan Buffer Overflow in 'unacev2.dll' in Processing ACE Archives Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple Mac OS X Kernel Components Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple LaunchServices Lets Remote Users Bypass Download Validation in Certain Cases. Read more

securitytracker.com:
Apple Mac OS X CoreFoundation Untrusted Bundles or the CFStringGetFileSystemRepresentation() API May Let Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple Mac OS X CoreGraphics May Let Local Users Obtain Secure Text Field Inputs. Read more

securitytracker.com:
Apple Mail MacMIME and Enriched Text Bugs Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database. Read more

securitytracker.com:
Mac OS X Preview Buffer Overflow in Navigating Deep Directory Hierarchies May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Apple QuickDraw Buffer Overflows in Processing PICT Images Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple Keychain May Let Applications Access Locked Items. Read more

securitytracker.com:
Apple QuickTime Streaming Server Buffer Overflow in RTSP Request Processing Lets Remote Users Execute Arbitrary Code. Read more

secway.org:
Apple QuickTime udta ATOM Heap Overflow. Read more

securitytracker.com:
Apple Safari Archive Symbolic Link Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
NetWare Integer Overflow in NDPS/iPrint May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Apple QuickTime Buffer Overflows in Processing JPEG/BMP/FlashPix/PICT Images and QuickTime/AVI/MPEG4/Flash Movies Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
UltimateZIP Buffer Overflow in Extracting ACE Archives Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
TZipBuilder Buffer Overflow in Processing ZIP Archives Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
EMC Retrospect Client Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

 

News
news.com.com:
Bounty for Vista coders who squish bugs at home. Read more

www.theregister.co.uk:
Wells Fargo fesses up to data loss. Read more

news.com.com:
Ohio University suffers security breaches. Read more

www.vnunet.com:
Ballmer talks up bullet-proof Vista security. Read more

www.emailbattles.com:
Comodo Anti-Virus: Savior or Devil In Disguise? Read more

money.cnn.com:
The Net's not-so-secret economy of crime. Read more

news.zdnet.co.uk:
Nasa hacker: Whistleblower or menace? Read more

news.com.com:
Ex-government employee sentenced for hacking. Read more

security.ithub.com:
Experts: Cyber-Criminals Still Running Amok. Read more

www.itnews.com.au:
Rootkit-spreading spyware shop shuts down. Read more

news.com.com:
Internet freedom for some Chinese students. Read more

www.newsfactor.com:
Gates Announces Online Gaming Service. Read more

today.reuters.co.uk:
U.S. rejects concerns over Microsoft browser. Read more

12 May 2006

Guides, Papers, etc
www.siteadvisor.com:
The Safety of Internet Search Engines. Read more

www.benedelman.org:
Search Engine Safety, Revisited. Read more

www.newyorker.com:
THE PERFECT MARK. How a Massachusetts psychotherapist fell for a Nigerian e-mail scam. Read more

www.microsoft.com:
Behavioral Classification. Read more

secdev.zoller.lu:
Zango Adware - Insecure Auto-Update and File execution. Read more

blogs.zdnet.com:
Rebery, a remarkable new Trojan. Read more

blogs.securiteam.com:
A Review of Headlines in Security. Read more

blogs.securiteam.com:
New MSIE 0-day is related to CSS attribute. Read more

catless.ncl.ac.uk:
Open Letter to Google on Privacy. Read more

security.ithub.com:
The Evils that Lurk in Idle Web Surf. Read more

 

Tools:
dev.inversepath.com:
FTester -- Firewall and IDS Testing tool. Read more

 

Vulnerabilities & Exploits
www.intelliadmin.com:
Security flaw in RealVNC 4.1.1. Read more

securitytracker.com:
evoTopsites Input Validation Flaw in 'cat_id' and 'id' Parameters Permit SQL Injection Attacks. Read more

securitytracker.com:
Jetbox CMS Include File Bug in 'relative_script_path' Parameter Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
phpListPro Include File Bugs Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
VeriSign i-Nav ActiveX Plugin CAB Validation Flaw Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Symantec Gateway Security HTTP Proxy May Disclose Internal NAT Addresses. Read more

securitytracker.com:
Symantec Enterprise Firewall HTTP Proxy May Disclose Internal NAT Addresses. Read more

securitytracker.com:
Cisco Application Velocity System Lets Remote Users Relay TCP Connections. Read more

securitytracker.com:
OzzyWork Galeri Input Validation Hole in 'admin_default.asp' Permits SQL Injection. Read more

 

News
informationweek.com:
USC Hacker Case Pivotal To Future Web Security. Read more

www.theregister.co.uk:
Vista bad news for anti-spyware market? Read more

www.itnews.com.au:
Exploit out for Exchange bug. Read more

www.eweek.com:
MS Researchers Tackle Automated Malware Classification. Read more

www.crn.com:
Microsoft To Provide Patches For Some Third-Party Apps. Read more

www.theregister.co.uk:
Microsoft playing waiting game against Google. Read more

www.theregister.co.uk:
Poll: 55% break copyright law. Read more

www.theinquirer.net:
Hacker refuses DNA sample. Read more

www.mirror.co.uk:
EXCLUSIVE: HACKER PLEADS HE'S NERD.. NOT TERRORIST. Read more

security.ithub.com:
Spyware, Rootkit Maker Stops Distribution. Read more

www.infoworld.com:
Laws won't stop cybercriminals, say experts. Read more

news.zdnet.co.uk:
Ballmer: Google wants special treatment in IE. Read more

internetweek.cmp.com:
Worm Could Wreck Havoc On Exchange. Read more

news.zdnet.co.uk:
Email bomber faces retrial. Read more

news.zdnet.co.uk:
Charities a soft target for hackers. Read more

news.zdnet.co.uk:
Ohio University suffers massive security breach. Read more

www.biosmagazine.co.uk:
BitDefender Downplays Risk Of World Cup Virus. Read more

www.insidebayarea.com:
New security glitch found in Diebold system. Read more

news.zdnet.co.uk:
T-Mobile bans VoIP from super-3G service. Read more

11 May 2006

Guides, Papers, etc
www.securityfocus.com:
The quest for ring 0. Read more

www.webroot.com:
State of Spyware. Read more

www.learningfountain.com:
How Spammers Get Your Email Address. Read more

www.linuxpip.org:
Audio: In this podcast, Jeremy Allison explains why *all* software is going free and why it's all due to the GPL. You also get to listen in as a special guest drops by to visit. Listen

www.dfrws.org:
File Carving Challenge. Read more

blog.siteadvisor.com:
10 eCard Sites To Stay Away From This Mother’s Day. Read more

www.clarionledger.com:
Who's lurking on teen Web sites? Read more

blog.spywareguide.com:
Interview with a Botnet Host. Read more

jeffmol.audioblog.com:
Audio: Spyware Warriors and the Digital UnderGround: Part 1. Listen

jeffmol.audioblog.com:
Audio: Spyware Warriors and the Digital UnderGround: Part 2. Listen

www.facetime.com:
Audio: Spyware Warriors and the Digital Underground Teaser. Listen

tllts.org:
Interviewed: SecurityMonkey On Techshow! Listen

 

Vulnerabilities & Exploits
isc.sans.org:
Critical vulnerability in Sophos Anti-Virus products. Read more

www.frsirt.com:
Symantec Enterprise Firewall NAT/HTTP Proxy Internal IP Disclosure Vulnerability. Read more

securitytracker.com:
Novell Client Buffer Overflow in 'DPRPCW32.DLL' Has Unspecified Impact. Read more

securitytracker.com:
TippingPoint SMS Server May Disclose Potentially Sensitive Information to Remote Users. Read more

 

News
www.wired.com:
Spot a Bug, Go to Jail. Read more

arstechnica.com:
Hacker faces wrath after pointing out security flaw. Read more

informationweek.com:
USC Hacker Case Pivotal To Future Web Security. Read more

www.wired.com:
Feds Want Hacker's Genetic Code. Read more

www.securityfocus.com:
British hacker faces extradition to U.S. Read more

freegary.org.uk:
Judge rules to extradite Gary McKinnon to the USA. Read more

www.securityfocus.com:
Microsoft patches Windows, Exchange flaws. Read more

www.itwire.com.au:
Hackers targeting non-Microsoft vulnerabilities. Read more

www.internetnews.com:
Security, The Microsoft Way. Read more

www.newsfactor.com:
Expert: McAfee Mac Security Report Is 'Scaremongering'. Read more

publications.mediapost.com:
Warner Bros. Online Partners With Adware Company. Read more

www.physorg.com:
Bush creates task force to fight 'horror' of identity theft. Read more

www.securitypronews.com:
IT Security Pros Unhappy. Read more

www.vnunet.com:
New crackdown on cyber crime. Read more

www.kingcountyjournal.com:
Would-be grade hackers caught. Read more

www.prweb.com:
MailFoundry Declares 2006 : “The Year Of The False Positive”. Read more

www.technewsworld.com:
Developers Struggle to Defend Macs From 'Zero Day' Attacks. Read more

www.theregister.co.uk:
The worse Google gets, the more money it makes? Read more

10 May 2006

Guides, Papers, etc
www.rootkit.com:
Kick the Heuristic Anti-virus out of the Rootkit. Read more

www.kanenas.net:
How to scan your Linux-Distro for Root Kits. Read more

www.broadbandreports.com:
[Phishing] ALERT!! New Vicious PAYPAL phishing. Read more

www.emailbattles.com:
Why Phishers Don't Fear SSL Toolbars. Read more

www.infoworld.com:
Vista set to alienate business users. Read more

www.pcworld.com:
VoIP on Cell Phones: Read the Fine Print. Read more

 

Vulnerabilities & Exploits
isc.sans.org:
Critical vulnerability in Sophos Anti-Virus products (NEW). Read more

securitytracker.com:
Adobe Dreamweaver May Let Remote Users Inject SQL Code. Read more

securitytracker.com:
Microsoft Exchange Error in Processing iCAL/vCAL Properties Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Distributed Transaction Coordinator Bugs Let Remote Users Deny Service. Read more

securitytracker.com:
ICQ Bug May Let Remote Users Inject and Execute Scripting Code. Read more

securitytracker.com:
Sun Solaris libike IPSec IKE Processing Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
Cisco Secure ACS May Disclose Administrator Passwords to Local or Remote Authenticated Users. Read more

securitytracker.com:
Sophos Anti-Virus Buffer Overflow in Parsing CAB Headers Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Cisco PIX Firewall Lets Remote Users Bypass Websense Content Filtering With Fragmented Requests. Read more

securitytracker.com:
Cisco Firewall Service Module (FWSM) Lets Remote Users Bypass Websense Content Filtering With Fragmented Requests. Read more

securitytracker.com:
D-Link DSL-G604T Wireless Router Bug in 'webcm' Script in 'getpage' Parameter Lets Remote Users Traverse the Directory. Read more

securitytracker.com:
HB-NS Input Validation Bugs Permit Cross-Site Scripting and SQL Injection Attacks. Read more

securitytracker.com:
AZNEWS Input Validation Hole in 'news.php' Permits SQL Injection. Read more

 

News
www.microsoft.com:
Microsoft Security Bulletin Summary for May, 2006. Read more

www.eweek.com:
Microsoft Warns of Two "Critical" Security Flaws. Read more

blog.washingtonpost.co:
Botmaster Sentenced to 57 Months in Prison. Read more

www.usdoj.gov:
‘Botherder’ Dealt Record Prison Sentence for Selling and Spreading Malicious Computer Code. Read more

www.infoworld.com:
Webroot uncovers thousands of stolen identities. Read more

news.zdnet.co.uk:
Symantec: Our security savvy will beat Microsoft. Read more

news.bbc.co.uk:
UK hackers condemn McKinnon trial. Read more

www.physorg.com:
Hong Kong court orders ISPs to name movie downloaders. Read more

news.com.com:
Fantasy soccer league virus kicks off. Read more

www.technewsworld.com:
Report: Vista May Eliminate Need for Some Security Software. Read more

www.usatoday.com:
Microsoft preps new version of the other Windows. Read more

www.int.iol.co.za:
Gates gives fans a sneak peek at Halo sequel. Read more

www.vnunet.com:
Teachers clueless on internet safety. Read more

techdirt.com:
Want Attention In Chat Rooms? Change Your Name To Jennychick1997. Read more

www.guardian.co.uk:
Q. What could a boarding pass tell an identity fraudster about you? A. Way too much. Read more

www.redherring.com:
Gates’ Xbox Dream Come True. Read more

09 May 2006

Guides, Papers, etc
www.securityfocus.com:
Malicious cryptography, part 1. Read more

www.jeffersonwells.com:
Microsoft Phishing Filter Feature in Internet Explorer 7 and MSN Toolbar Privacy Audit Report. Read more

www.itnews.com.au:
Thompson outlines Symantec's 2006 strategy. Read more

isc.sans.org:
Typo-Squatting and Password Best Practices. Read more

www.networkworld.com:
Change in Microsoft Vista security system promises Windows migration headaches. Read more

www.eweek.com:
There's Still Life in the Post-Vista Security Aftermarket. Read more

 

Tools:
business.newsforge.com:
TorPark: A secure, anonymous, and portable Web browser Read more

 

News
www.theregister.co.uk:
McAfee warns over Apple virus risk. Read more

www.fbi.gov:
THE CASE OF THE “ZOMBIE KING”. Read more

news.com.com:
Report: Vista to hit anti-spyware, firewall markets. Read more

www.sophos.com:
Two years after author's arrest, Netsky worm still tops virus chart. Read more

mosnews.com:
Russian Author of Chernobyl Virus Gets 2 Years Suspended. Read more

www.theregister.co.uk:
Trojans are the New Model Army. Read more

www.thestar.com:
Hoodwinking the censors. Read more

www.redorbit.com:
Cyber Security Interests Increase. Read more

www.wired.com:
A True eBay Crime Story. Read more

www.channeloklahoma.com:
$90M Click-Fraud Settlement Not Enough, Some Say. Read more

www.dfw.com:
Man gets prison for Katrina Internet scam. Read more

www.betanews.com:
Apple Computer Beats Beatles in Court. Read more

08 May 2006

Guides, Papers, etc
www.thestar.com:
Hoodwinking the censors. Read more

www.eweek.com:
Report Casts Doubt on Vista's Security Impact. Read more

www.lurhq.com:
Arhiveus Ransomware Trojan Analysis. Read more

blogs.securiteam.com:
We have new ransomware Archiveus in the wild. Read more

news.bbc.co.uk:
Video: Hacker fears 'UFO cover-up'. Watch

www.schneier.com:
Microsoft's BitLocker. Read more

www.itconversations.com:
Audio: Bruce Schneier. Beyond Fear. Listen

www.itconversations.com:
Audio: Alan Cox. Computer Security - The Next 50 Years. Listen

www.itconversations.com:
Audio: Paul Graham. Great Hackers. Listen

www.postchronicle.com:
The Web: Mobsters Extinguish Firewalls. Read more

www.biosmagazine.co.uk:
Combating Identity Theft. Read more

www.mcpmag.com:
Malware: Is Cleaning Enough? Read more

www-128.ibm.com:
Use RFID for people tracking. Read more

www.devsource.com:
Video: Guru Jakob Nielsen gives his advice on best practices for programmers. Watch

 

Tools:
www.securiteam.com:
SinFP - A New Approach to OS Fingerprinting. Read more

www.securiteam.com:
SWCS - Silent CGI Web Shell. Read more

rfidiot.org:
RFIDIOt is a python library for exploring RFID devices. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Cryptomathic PrimeInk Buffer Overflow in ActiveX Object Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
zawhttpd Can Be Crashed By Remote Users. Read more

 

News
www.itnews.com.au:
Yahoo hit with second spyware click fraud suit. Read more

news.com.com:
Absurdity in child porn suit against Google. Read more

searchsecurity.techtarget.com:
Wacky Web misuses highlight internal risks. Read more

www.theinquirer.net:
INQ Hack hacks iTunes. Read more

business.newsforge.co:
Kid's Programming Language going open source? Read more

news.com.com:
Gone in 60 seconds--the high-tech version. Read more

06 May 2006

Guides, Papers, etc
scheinsicherheit.pytalhost.de:
Decompression Delay Blinds On-Access Memory Scanners & Generic Unpacking Engines. Read more

www.infoworld.com:
An SSL trojan unmasked. Read more

www.tomsnetworking.com:
How You Are About To Become Responsible For Credit Card Fraud. Read more

www.f-secure.com:
Psst... Come hither, Check out my profile. Read more

www.it-observer.com:
Trojan Horse Delivered In Automatic Update. Read more

news.com.com:
School filters vs. home proxies. Read more

www.opennetinitiative.net:
Is there a way to circumvent Google’s censorship in China? Read more

drunkmenworkhere.org:
Search Bot Behavior. Read more

 

Tools:
www.pgpi.org:
PGPfone - Pretty Good Privacy Phone. Read more

blogs.msdn.com:
IE7 Beta 2 now available in multiple languages. Read more

www.spycar.org:
The Spycar Project. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Kerio WinRoute Firewall SMTP and POP3 Protocol Inspector Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
Sami FTP Server Bug in Processing Username/Password Data Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.securityfocus.com:
Yahoo sued for role in spyware click fraud. Read more

news.bbc.co.uk:
Hacker fears 'UFO cover-up'. Read more

weblog.infoworld.com:
Google a child porn profiteer? Read more

www.wired.com:
I'm the Blue Security Spammer. Read more

www.vnunet.com:
World Cup wall chart hides Trojan. Read more

www.securityfocus.com:
Three sites recover from DOS attacks. Read more

www.theregister.co.uk:
Zombies attack Seattle hospital. Read more

weblog.infoworld.com:
Botmaster pleads guilty to govt., hospital hacks. Read more

www.theregister.co.uk:
Hackers spamvertise World Cup wallchart Trojan. Read more

www.theregister.co.uk:
The Register » Security » Spyware » 'Spamford' Wallace fined $4m over spyware biz. Read more

www.theregister.co.uk:
Full-up Google choking on web spam? Read more

www.regdeveloper.co.uk:
MySQL patches security vulns. Read more

www.channelregister.co.uk:
HP laptop crypto 'backdoor' lawsuit fails. Read more

www.theregister.co.uk:
Trojan uses smut to filch bank details. Read more

www.techworld.com:
Skype 2.5 proves harder to block. Read more

www.computing.co.uk:
Skype claims 13 million users in China. Read more

news.com.com:
Week in review: Microsoft to bulk up. Read more

www.technewsworld.com:
The Mac Malware Threat: Keeping It Real. Read more

www.pcworld.com:
Web Sites Sued for Selling Phone Records. Read more

05 May 2006

Guides, Papers, etc
www.securityfocus.com:
Innovative ways to fool people. Read more

www.informationweek.com:
Billion-Dollar Love Bug Worm Marks Sixth Anniversary. Read more

ddanchev.blogspot.com:
The Current State of Web Application Worms. Read more

appft1.uspto.gov:
Automatic censorship of audio data for broadcast. Read more

blogs.zdnet.com:
A fresh look at Vista's User Account Control. Read more

blogs.zdnet.com:
A fresh look at Vista's User Account Control, Part 2. Read more

money.cnn.com:
Bill Gates wishes he weren't so rich. Read more

blogs.ittoolbox.com:
Live! From CEIC 2006 in Las Vegas. Read more

blogs.ittoolbox.com:
Day 2: Live! From CEIC 2006 in Las Vegas. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
CA Resource Initialization Manager LMP SVC Bug May Let Local Users Gain Supervisor State. Read more

securitytracker.com:
Web4Future News Portal Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more

 

News
news.bbc.co.uk:
Net censorship spreads worldwide. Read more

www.itnews.com.au:
Windows anti-counterfeit tool requires loosening PC security. Read more

www.computerworld.com:
Survey: China becomes target of cyberthreats. Read more

www.msnbc.msn.com:
Google accused of profiting from child porn. Read more

www.bleepingcomputer.com:
SpywareSheriff, a new rogue antispyware application. Read more

blog.washingtonpost.com:
Microsoft to Issue Three Security Updates Next Week. Read more

www.securityfocus.com:
More protections urged for medical records. Read more

www.betanews.com:
NetRatings Sues 2 Adware Companies. Read more

04 May 2006

Guides, Papers, etc
www.wired.com:
Everyone Wants to 'Own' Your PC. Read more

www.marketwatch.com:
The Microsoft malaise. Read more

news.ft.com:
Patti Waldmeir: Winning the spyware wars. Read more

www.windowsecurity.com:
Understanding Windows NTFS Permissions. Read more

blogs.securiteam.com:
The difficulties of (reading) vulnerability severity meters. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
CMScout Input Validation Holes in Forum and Private Messages Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Fast Click SQL Lite Include File Bug in 'show.php' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Fast Click Include File Bugs in 'show.php' and 'top.php' Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Invision Gallery Input Validation Hole in 'post.php' 'album' Parameter Permtis SQL Injection. Read more

securitytracker.com:
X Server Buffer Overflow Render Extension Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users. Read more

securitytracker.com:
MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information. Read more

 

News
www.theregister.co.uk:
Bot software looks to improve peerage. Read more

www.vnunet.com:
'Swiss army knife' worm spreads. Read more

www.wired.com:
Google: Don't Pee on My Tree. Read more

news.com.com:
Gates: Microsoft will keep Google honest. Read more

www.khaleejtimes.com:
Fight for future. Read more

today.reuters.co.uk:
Microsoft switches to own online ad broker service. Read more

news.zdnet.com:
Cyberattack knocks millions of blogs offline. Read more

news.com.com:
FCC approves Net-wiretapping taxes. Read more

www.computing.co.uk:
Russian virus distributor convicted. Read more

www.itweek.co.uk:
Security risk with VoIP, say experts. Read more

news.com.com:
Korean Apple online store hacked. Read more

www.vnunet.com:
Citibank introduces anti-phishing tokens. Read more

www.wired.com:
Microsoft Is Pushing for Privacy? Read more

news.zdnet.com:
The anxious new dawn of cybersnooping. Read more

news.zdnet.com:
Antispam list gets spammed. Read more

03 May 2006

Guides, Papers, etc
www.securityfocus.com:
Bot software looks to improve peerage. Read more

www.securityfocus.com:
Malware analysis reveals families of code. Read more

www.sysinternals.com:
The Power in Power Users. Read more

www.emailbattles.com:
Researcher: Digital Signatures Can Lie To Linux, OSX and Windows Users. Read more

www.newsfactor.com:
Cracking the Cult of Hackers. Read more

www.eweek.com:
Computer Literacy Isn't Kid Stuff. Read more

www.eweek.com:
Microsoft Should Give BitLocker Encryption to All. Read more

www.itnews.com.au:
Smarter spam could mimic friends' mail. Read more

www.microsoft-watch.com:
Would Another Vista Delay Matter? Read more

addxorrol.blogspot.com:
More on automated malware classification and naming. Read more

www.informationweek.com:
Security--Beyond The Firewall. Read more

computerworld.co.nz:
The best person to hack your system is you. Read more

lists.sans.org:
[unisog] Apparent "encrypted" P2P botnet using port 8/tcp. Read more

isc.sans.org:
What's a super.proxy.scanner and why is it in my logs? (NEW). Read more

today.reuters.com:
I was just hunting UFOs, says Pentagon's UK hacker. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Cisco Unity Express Lets Remote Authenticated Users Gain Administrative Privileges. Read more

securitytracker.com:
DMCounter Include File Bug in 'kopf.php' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
textfileBB Input Validation Holes in BBCode Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
WinHKI Buffer Overflow in 'ztvunacev2.dll' Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.theregister.co.uk:
Hackers control bot client over P2P. Read more

www.newsfactor.com:
Microsoft Exec Warns of Rootkits. Read more

news.zdnet.co.uk:
Double trouble for Internet Explorer. Read more

news.zdnet.co.uk:
AOL IM bot hides behind encryption. Read more

news.zdnet.co.uk:
Schneier on security's 'people problems'. Read more

www.theregister.co.uk:
Gartner: More Windows Vista delays. Read more

www.businessweek.com:
Gates touts 'onscreen reader' software. Read more

www.theregister.co.uk:
Google accuses Microsoft on IE7 search. Read more

blog.washingtonpost.com:
Suit Levels Spyware, Typosquatting Allegations at Yahoo. Read more

www.theregister.co.uk:
Ancient worm runs riot at Infosec. Read more

www.theregister.co.uk:
Netsky-P tops virus charts - again. Read more

www.theregister.co.uk:
'Smart' phishing attack targets BoI. Read more

www.theregister.co.uk:
Bounced spam messages hammer corporate networks. Read more

arstechnica.com:
Spam gets personal. Read more

www.it-observer.com:
WOW Virus Targets Online Gamers. Read more

news.zdnet.co.uk:
NASA hacker ready for a long battle. Read more

blog.washingtonpost.com:
Hired Internet Gun Sentenced to Two Years. Read more

www.sophos.com:
Vietnamese denial of service hacking suspect arrested. Read more

news.bbc.co.uk:
Big holes in net's heart revealed. Read more

www.msnbc.msn.com:
Hacker hijacks Toronto trains’ LED signs. Read more

02 May 2006

Guides, Papers, etc
www.computerworld.com.au:
How SSL-evading Trojans work. Read more

www.sci-tech-today.com:
Cracking the Cult of Hackers. Read more

news.com.com:
Video: Who gets caught phishing? Watch

reviews.cnet.com:
One phish, two phish. Read more

www.businessweek.com:
The Counterattack On Google. Read more

blogs.securiteam.com:
Kmail, spam, and spoofing. Read more

online.wsj.com:
Video: The Web On Film. Watch

www.mightyseek.com:
Audio: Privilage Escalation Attacks. Listen

www.determina.com:
Reverse Engineering Microsoft Binaries. Read more

 

News
www.eweek.com:
Internet Explorer Security Problems Multiply. Read more

weblog.infoworld.com:
Hackers quaking over reported Spam King's arrest. Read more

news.com.com:
AOL IM bot cloaked in encryption. Read more

www.it-observer.com:
47 Million Computers Are Transformed Into Bots. Read more

today.reuters.co.uk:
Amazon switches to Microsoft from Google. Read more

01 May 2006

The Trojans of April. Read more

 

Guides, Papers, etc
www.securitypipeline.com:
Top 10 Windows XP Tips Of All Time. Read more

isc.incidents.org:
As the Bot Turns (NEW). Read more

castlecops.com:
How to spy on your kids. Read more

searchwindowssecurity.techtarget.com:
Step-by-step guide: Elevating privileges for an administrator. Read more

www.linuxjournal.com:
Theoretical Hacking for IT Managers. Read more

www.securityfocus.com:
Five common Web application vulnerabilities. Read more

www.zdnet.com.au:
Six different Vistas, same old view. Read more

www.informationweek.com:
Security--Beyond The Firewall. Read more

www.zdnet.com.au:
ActiveSync: why is it so awful? Read more

www.informationweek.com:
Connected To Nowhere. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Servant Salamander Buffer Overflow in 'unacev2.dll' Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.theregister.co.uk:
'Pentagon hacker' prepares for verdict. Read more

www.computeractive.co.uk:
People are blind to Spyware. Read more

www.slyck.com:
66,000 Names and Personal Details Leaked On P2P. Read more

today.reuters.co.uk:
Microsoft puts money behind Web strategy talk. Read more

news.com.com:
New Microsoft browser raises Google's hackles. Read more

www.itnews.com.au:
China ready to swipe spam crown from US. Read more


Copyright© MegaSecurity.org