Home    News Archive    Translate Traducen
News June 2008
28 June 2008

Guides, Papers, etc
www.wired.com
So Long, Bill Gates, and Thanks for the Monopoly. Read more

www.f-secure.com
F-Secure reports malware growth at a higher level than ever before. Read more

www.benedelman.org
PPC Platform Competition and Google's "May Not Copy" Restriction. Read more

www.securityfocus.com
Breach-notification laws not working? Read more

www.f-secure.com
Internet Explorer 6 Cross-Domain Scripting Vulnerability. Read more

www.f-secure.com
Data Security Summary - January to June 2008. Read more

www.f-secure.com
Two New Mac OSX Trojans. Read more

ddanchev.blogspot.com
ICANN and IANA's Domain Names Hijacked by the NetDevilz Hacking Group. Read more

ddanchev.blogspot.com
Right Wing Israeli Hackers Deface Hamas's Site. Read more

ddanchev.blogspot.com
Backdoording Cyber Jihadist Ebooks for Surveillance Purposes. Read more

ddanchev.blogspot.com
Fake Porn Sites Serving Malware . Read more

ddanchev.blogspot.com
An Update to Photobucket's DNS Hijacking. Read more

sunbeltblog.blogspot.com
Hijacking Google. Read more

sunbeltblog.blogspot.com
Facebook targeted by phishers. Read more

sunbeltblog.blogspot.com
Kid hacker in big trouble for allegedly hacking school. Read more

blogs.paretologic.com
Caught in the web of AntiSpySpider. Read more

http://bharath-m-narayan.blogspot.com
Antivirus 2009. Read more

www.avertlabs.com
New PDF exploits: “Old wine in a new bottle!”. Read more

www.avertlabs.com
Potential Zero Day in IE6 disclosed in Chinese security E-Zine. Read more

travisaltman.com
Widespread SQL injection & Javascript malware. Read more

isc.sans.org
The 10.000 web sites infection mystery solved. Read more

isc.sans.org
Automatic wireless connections. Read more

isc.sans.org
Podcast Episode Seven Posted. Read more

isc.sans.org
Report of Coreflood.dr Infection. Read more

isc.sans.org
Microsoft SQL Injection Prevention Strategy. Read more

blog.spywareguide.com
Haven't Seen This Before...Read more

blog.spywareguide.com
What Happens When You Mix A Real Infection With A Mass Mail Hoax? Read more

blog.spywareguide.com
Another Site Asking For MSN Login Credentials....Read more

blog.spywareguide.com
Cash On Collection? Not Anymore, Perhaps...Read more

www.darkreading.com
Where the Bad Things Are. Read more

www.viruslist.com
IE feature exploited ITW. Read more

www.viruslist.com
Another way of restoring files after a Gpcode attack. Read more

www.eweek.com
The Era of .Whatever. Read more

www.eweek.com
Microsoft Responds to the SQL Injection Problem. Read more

www.takethepandachallenge.com
Herd Intelligence Will Reshape the Anti-Malware Landscape. Read more

www.theedgedaily.com
Interview with Schneier. Read more

www.podtrac.com
Audio. Security Now 150: Listener Feedback 44. Listen

www.honeynor.no
Video. Malware unpacking in OllyDbg. Watch

ba-con.com.ar
BA-Con 2008 CALL FOR PAPERS. The first annual BA-Con conference will be held September 30 / October 1 2008, in downtown Buenos Aires, Argentina. Read more

conference.hackinthebox.org
Call for Papers for HITBSecConf2008. Read more

 

Tools:
portal.erratasec.com
AxBan blocks known bad ActiveX Controls from running on your computer. Read more

code.google.com
Google Safe Browsing API. Read more

www.security-projects.com
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique. Read more

sourceforge.net
Protowalk is a generic protocol fuzzing tool which allows a developer, QA tester, security engineer to identify vulnerabilities in high level protocols which use TCP or UDP for transport. Read more

www.communities.hp.com
Finding SQL Injection with Scrawlr. Read more

learn.iis.net
UrlScan v3.0 Beta is a security tool that restricts the types of HTTP requests that Internet Information Services (IIS) will process. Read more

support.microsoft.com
The Microsoft Source Code Analyzer for SQL Injection tool is available to find SQL injection vulnerabilities in ASP code. Read more

 

News
blog.wired.com
ICANN and IANA Sites Hacked, Redirected. Read more

www.computerworld.com
Hackers hijack critical Internet organization sites. Read more

www.zone-h.org
ICANN and IANA domains hijacked by Turkish crackers. Read more

www.securityfocus.com
Malware morphs to greater numbers. Read more

www.theregister.co.uk
19-year-old 'fast flux' botnet pioneer agrees to plead guilty. Read more

blog.wired.com
Hacker Launches Botnet Attack via P2P Software. Read more

www.theregister.co.uk
Singapore forum 'scammer' faces caning and prison. Read more

www.courthousenews.com
Wyoming Teen Accused Of Stealing Financial Data By Herding Zombie Computers. Read more

www.securityfocus.com
Game Trojans outscore Storm worm. Read more

www.securityfocus.com
EU advisors: Secure ISPs, form "cyber-NATO". Read more

www.theregister.co.uk
Microsoft and HP tackle SQL-injection scourge. Read more

www.darkreading.com
Malicious Spam Traffic Triples in One Week. Read more

www.darkreading.com
Report: China Hosts Most Malware-Infected Sites. Read more

blog.wired.com
Hackers Crack London Tube's Ticketing System. Read more

www.smh.com.au
Marshall Islands hit by 'zombie' attack. Read more

community.zdnet.co.uk
Caught in the GoDaddy red tape. Read more

www.vnunet.com
Dell scolded for laptop ads. Read more

23 June 2008

Guides, Papers, etc
www.securityfocus.com
Firing Up Browser Security. Read more

www.winsupersite.com
Mozilla Firefox 3 Review. Read more

enews.penton.com
Firefox 3: A Long Time Coming and Worth the Wait. Read more

www.msnbc.msn.com
Why global hackers are hard to catch. Read more

www.thedarkvisitor.com
Vampires, Chinese hackers, Treachery and Smoking Hacker Babe…Let’s face it, this post has it all! Read more

www.f-secure.com
Lots of subjects and one video. Read more

www.f-secure.com
Storm Rumbles Beijing. Read more

ddanchev.blogspot.com
Underground Multitasking in Action. Read more

ddanchev.blogspot.com
Phishing Campaign Spreading Across Facebook. Read more

ddanchev.blogspot.com
Fake Celebrity Video Sites Serving Malware. Read more

ddanchev.blogspot.com
The Zeus Crimeware Kit Vulnerable to Remotely Exploitable Flaw. Read more

pandalabs.pandasecurity.com
Another trojan creator...Read more

isc.sans.org
SQL Injection mitigation in ASP. Read more

isc.sans.org
Apple Remote Desktop Root Privilege Escalation Vulnerability. Read more

www.avertlabs.com
Breaking News… NOT! Read more

www.avertlabs.com
Phishing & Vishing takedown best practices. Read more

www.avertlabs.com
Scary screensavers, take two. Read more

sunbeltblog.blogspot.com
Raft of fake CareerBuilder jobs hit mailboxes. Read more

sunbeltblog.blogspot.com
Casualties: Zango's recent layoffs includes senior execs. Read more

blog.trendmicro.com
Spam Now Hiring. Read more

blogs.paretologic.com
A sick-looking bug demands money. Read more

bharath-m-narayan.blogspot.com
More Scam Sites. Read more

bharath-m-narayan.blogspot.com
Zlob sites update. Read more

bharath-m-narayan.blogspot.com
Advanced Antivirus. Read more

www.prevx.com
Infected PCs: Just a bad day at the office, identity theft, or 5 years in prison for a crime you didn't commit! Read more

erratasec.blogspot.com
Why isn't Satan invited to Oreilly conferences? Read more

www.eweek.com
Quantity vs. Quality in Security Software Testing. Read more

duartes.org
How Computers Boot Up. Read more

www.podtrac.com
Security Now 149: ISP Privacy. Listen

 

Tools:
www.scytale.nl
MyBee browser for children. Read more

isc.sans.org
BackTrack 3 Released. Read more

www.vnunet.com
Sega builds 'kissing' robo-girlfriend. Read more

 

News
www.securityfocus.com
Researchers disclose Firefox 3 flaws. Read more

www.theregister.co.uk
Rare Mac Trojan exploits Apple vuln. Read more

www.timesonline.co.uk
Schoolboy hacker Omar Khan who upped his grades faces 38 years in jail. Read more

www.theregister.co.uk
Threat remains despite Safari carpet bombing fix. Read more

www.technewsworld.com
eBay Puffs Up PayPal With Fraud Protection Upgrade. Read more

www.slyck.com
SSL Encrpytion Coming to The Pirate Bay. Read more

timesofindia.indiatimes.com
Teen hacker goes home, may be picked up by Chennai cops. Read more

www.smh.com.au
Wanted by the Pentagon: UFO fanatic appeals. Read more

www.theregister.co.uk
Dutch boffins clone Oyster card. Read more

16 June 2008

Guides, Papers, etc
timesofindia.indiatimes.com
Big bucks drew kid hacker into cyber crime. Read more

ddanchev.blogspot.com
Malicious Doorways Redirecting to Malware. Read more

ddanchev.blogspot.com
Monetizing Web Site Defacements. Read more

ddanchev.blogspot.com
Fake YouTube Site Serving Flash Exploits. Read more

blog.washingtonpost.com
Malware Silently Alters Wireless Router Settings. Read more

blog.washingtonpost.com
Opera 9.5 Offers Anti-Malware Protection. Read more

msmvps.com
Circulating malvertizements: driveway and dreammates. Read more

msmvps.com
ALERT: Malvertizements at disney.fr. Read more

anti-virus-rants.blogspot.co
no such thing as trusted sites anymore. Read more

blog.trendmicro.com
Clinton Web Site Directs Visitors To McCain’s. Read more

blog.trendmicro.com
New ZLOB Rigs Routers. Read more

blog.trendmicro.com
Spam Features Akihabara Shooting. Read more

bharath-m-narayan.blogspot.com
An Absolute Scam. Read more

www.technologyreview.com
Containing Internet Worms. Read more

www.computerweekly.com
Hacker Gary McKinnon: Computer Weekly Essential Guide. Read more

www.viruslist.com
Restoring files attacked by Gpcode.ak. Read more

www.itwire.com
Recruitment sites, the new malware playground. Read more

isc.sans.org
Malware Detection - Take the Blinders Off. Read more

sunbeltblog.blogspot.com
Outdated AV software leads to a nightmare. Read more

www.iht.com
Not always returned to sender. Read more

www.podtrac.com
Security Now 148: Listener Feedback 43. Listen

www.sciam.com
Digital Forensics: 5 Ways to Spot a Fake Photo. Read more

 

Vulnerabilities & Exploits
www.f-secure.com
Skype File URI Code Execution Vulnerability. Read more

 

News
www.securityfocus.com
Ransomware resisting crypto cracking efforts. Read more

www.securityfocus.com
Opera adds security, Firefox coming. Read more

www.securityfocus.com
Lawmaker claims Chinese infiltrated computers. Read more

www.theregister.co.uk
Day dawns for Pentagon hacker Lords appeal. Read more

www.pcadvisor.co.uk
Botnet builder gets 41 months in prison. Read more

www.theregister.co.uk
Ransomware Trojan code break 'impractical'. Read more

www.thestar.com
Hacker blamed for child porn. Read more

www.theregister.co.uk
AVG scanner blasts internet with fake traffic. Read more

www.latimes.com
Alex Kozinski suspends L.A. obscenity trial after conceding his website had sexual images. Read more

11 June 2008

Guides, Papers, etc
www.usdoj.gov
DATA BREACHES: WHAT THE UNDERGROUND WORLD OF “CARDING” REVEALS. Read more

www.benedelman.org
Benjamin Edelman: Running Out of Numbers: The Impending Scarcity of IP Addresses and What To Do About It. Read more

www.ciac.org
CIACTech08-003: Understanding Cross-Site Scripting (XSS). Read more

www.securityfocus.com
Boycott spotlights antivirus testing issues. Read more

sunbeltblog.blogspot.com
The Wildlist battles. Read more

sunbeltblog.blogspot.com
Malware distributors move to Dogpile for redirects. Read more

sunbeltblog.blogspot.com
Playing with search terms in Google to get infected. Read more

Sysinternals Tools Now Available On The Fly. Read more

ddanchev.blogspot.com
ImageShack Typosquatted to Serve Malware. Read more

ddanchev.blogspot.com
Who's Behind the GPcode Ransomware? Read more

ddanchev.blogspot.com
Using Market Forces to Disrupt Botnets. Read more

www.avertlabs.com
This is not a phishing site. Now, be a good victim and enter your login credentials in the form! Read more

www.darkreading.com
Researchers Link Storm Botnet to Illegal Pharmaceutical Sales. Read more

www.darkreading.com
Major Security Vendors' Sites Could Be Launchpads for Phishing Attacks. Read more

www.darkreading.com
Phishing & Cocktails Don't Mix. Read more

hackademix.net
Block Rick! Read more

zeroq.kulando.de
Malware Extracts CD Keys. Read more

www.prevx.com
Scam's of 2008, Ready when you are. Read more

www.eweek.com
The Big Bullseye On Adobe. Read more

www.technewsworld.com
The Storm Worm's Elaborate Con Game. Read more

blog.scansafe.com
Registrars Release Suspended Domains to Attackers. Read more

 

News
www.securityfocus.com
Apple, Microsoft fix software flaws. Read more

www.theregister.co.uk
Cyber-fraudsters strike gold at South African government. Read more

www.cio-today.com
Researchers Ask for Help Cracking Ransom Virus Code. Read more

www.theregister.co.uk
Hacker cops to $70k botnet rampage. Read more

www.securityfocus.com
ISPs to block access to suspected child porn. Read more

www.theregister.co.uk
Another police website hacked. Read more

www.vnunet.com
Top cops warn on rising international e-crime. Read more

www.pcworld.com
Safari 'carpet Bomb' Attack Code Released. Read more

blog.wired.com
No Chinese Hackers Found in Florida Outage Either. Read more

www.reuters.com
Lost cameras "phone home" to catch thieves. Read more

06 June 2008

Guides, Papers, etc
blogs.technet.com
The Case of the Random IE and WMP Crashes. Read more

www.securityfocus.com
Racing Against Reversers. Read more

www.eweek.com
The Anti-Malware Certification Problem. Read more

www.securityfocus.com
Rootkits Are Top Of Mind, Bottom Of Pile, Only They Really Aren't. Read more

www.aavar.org
AVAR 2008 Conference . Call For Papers. Read more

www.darkreading.com
Kaspersky Lab warns of new variant of dangerous blackmailing virus, Gpcode. Read more

www.f-secure.com
Storm Still Alive. Read more

www.f-secure.com
Creating Malicious PDF Files. Read more

sunbeltblog.blogspot.com
Metasploit hacked. Read more

ddanchev.blogspot.com
Blackhat SEO Redirects to Malware and Rogue Software. Read more

ddanchev.blogspot.com
Price Discrimination in the Market for Stolen Credit Cards. Read more

ddanchev.blogspot.com
U.K's Crime Reduction Portal Hosting Phishing Pages. Read more

www.avertlabs.com
Detecting Malware With Vulnerability Scanners. Read more

isc.sans.org
Elevator pitch for explaining security risks to executives. Read more

isc.sans.org
Investigating fraudulent email and another Nigerian scam twist. Read more

www.darkreading.com
P2P Strikes Again. Read more

www.secforce.co.uk
Abusing PHP Sockets For Fun And Profit (pdf). Read more

www.oecd.org
Malicious Software (Malware)A Security Threat to the Internet Economy (pdf). Read more

dvlabs.tippingpoint.com
Weekly Reverse Engineering Tips and Tricks - Public Toolkits. Read more

swatrant.blogspot.com
Zlob fake codecs in Google Notebook. Read more

bharath-m-narayan.blogspot.com
MalwareProtector2008. Read more

bharath-m-narayan.blogspot.com
Vista Antivirus 2008. Read more

blogs.paretologic.com
Fake Microsoft, real malware. Read more

blog.trendmicro.com
Ticking Time Bombs in Forum File Uploads. Read more

www.teamfurry.com
Unpacking the MaskPE packer. Read more

www.smh.com.au
Wi-fi wrong'uns on rise. Read more

www.usenix.org
Freezing More Than Bits: Chilling Effects of the OLPC XO Security Model. Read more

www.redorbit.com
Faster Recognition Of Invasive Internet Worms. Read more

blogs.securiteam.com
What is your blackberry doing without telling you? Read more

blogs.securiteam.com
Is your API exposed or are you just happy to see me? Read more

www.vitalsecurity.org
How to make Rapidshare more secure: don't let anybody use it. Read more

blog.spywareguide.com
Build-Your-Own-Bot Tool Makes Everything Nice And Easy. Read more

blogs.technet.com
SQL Injection Attack. Read more

www.thedarkvisitor.com
Chinese hacker instructional video of the Gray Pigeon trojan. Read more

thisweekintech.com
Security Now 147: Microsoft Baseline Security Analyzer. Read more

www.eset.com
Audio. Preventing Website Infection. Listen

 

Vulnerabilities & Exploits
isc.sans.org
5 News Cisco Vulnerabilities for PIX and ASA. Read more

www.skype.com
SKYPE-SB/2008-003: Skype File URI Security Bypass Code Execution Vulnerability. Read more

torrentfreak.com
BitTorrent DNA Vulnerable to Remote Hijack. Read more

 

Tools:
www.secforce.co.uk
Windows PHP Socket Hijack Toolset. Read more

 

News
www.theregister.co.uk
German government approves plod-spyware law. Read more

blog.wired.com
Leaked Report: ISP Secretly Added Spy Code To Web Sessions, Crashing Browsers. Read more

www.securityfocus.com
Hong Kong hosts most risky sites, says McAfee. Read more

www.darkreading.com
Army Hospital Breach May Be Result of P2P Leak. Read more

www.scmagazineuk.com
Trend Micro to boycott security tests. Read more

news.zdnet.co.uk
Web-based malware on legit sites soars. Read more

www.vnunet.com
Ransomware virus uses 1,024-bit key. Read more

www.vnunet.com
Experts warn of security-dodging Trojans. Read more

www.thestar.com
Hacker blamed for child porn. Read more

01 June 2008

Guides, Papers, etc
www.benedelman.org
Debunking Zango's "Content Economy". Read more

www.nationaljournal.com
China’s Cyber-Militia. Chinese hackers pose a clear and present danger to U.S. government and private-sector computer networks and may be responsible for two major U.S. power blackouts. Read more

www.eset.com/
The AV Industry from the Outside In and the Inside Out. Read more

www.microsoft.com
Five Misunderstood Features in Windows Vista. Read more

blogs.zdnet.com
Dear Microsoft: Please get UAC right this time. Read more

blog.wired.com
Comcast Hijackers Say They Warned the Company First. Read more

ddanchev.blogspot.com
Storm Worm Hosting Pharmaceutical Scams. Read more

ddanchev.blogspot.com
Comcast.net not Hacked, DNS Records Hijacked. Read more

ddanchev.blogspot.com
Malware Attack Exploiting Flash Zero Day Vulnerability. Read more

ddanchev.blogspot.com
Asprox Phishing Campaigns Dominated in April. Read more

ddanchev.blogspot.com
Yet Another Massive SQL Injection Spotted in the Wild. Read more

www.f-secure.com
Inside a Malicious Flash File. Read more

www.f-secure.com
Motorola Razr Vulnerability. Read more

www.f-secure.com
"Dear Google AdWords Customer". Read more

www.f-secure.com
Romanian Whack-A-Mole and Linux Bots. Read more

isc.sans.org
Where did my domain go? Read more

isc.sans.org
Reminder: Proper use of DShield data. Read more

isc.sans.org
So, how do you monitor your website? Read more

isc.sans.org
Another example of malicious SWF. Read more

isc.sans.org
Followup to Flash/swf stories. Read more

isc.sans.org
Malicious swf files? Read more

www.darkreading.com
Comcast Outage Traced to Teenage Hackers. Read more

www.darkreading.com
Stanford Medical School's Rx: Anomaly Detection. Read more

www.darkreading.com
Gartner Forecasts the Next Big Threats. Read more

sunbeltblog.blogspot.com
Evolution of phishing -- embedded forms. Read more

sunbeltblog.blogspot.com
Ed Bott weighs in on UAC. Read more

sunbeltblog.blogspot.com
Some recent oddball spams. Read more

sunbeltblog.blogspot.com
Misc. malware pictures. Read more

sunbeltblog.blogspot.com
Microsoft: What we got here is a failure to communicate. Read more

sunbeltblog.blogspot.com
Zango responds to Ben Edelman. Read more

www.channelregister.co.uk
Old Windows exploits dominate hack attack traffic. Read more

blogs.securiteam.com
Another hack-a-hack attack. Read more

blogs.securiteam.com
Got phished? We’ll take responsibility. Read more

www.cisco.com
Cisco Security Response: Rootkits on Cisco IOS Devices. Revision 2.0. Read more

www.securityfocus.com
Hired gun blamed for business outage. Read more

www.eweek.com
How Does Your Enterprise Manage Digital Certificates? Read more

www.wired.com
From the Eye of a Legal Storm, Murdoch's Satellite-TV Hacker Tells All. Read more

blogs.authentium.com
Department of Useless Statistics. Read more

blog.trendmicro.com
XSS Methods Also Seen Being Used in Mass Compromises. Read more

blog.trendmicro.com
Bogus Microsoft Update Delivers Nasty File Infector. Read more

blog.trendmicro.com
Info Stealer Trojan Arrives With News of Nardoni Case. Read more

blog.trendmicro.com
Total Recall: The Month of Mass Compromises. Read more

blog.trendmicro.com
National Bank of Kuwait Phished. Read more

bharath-m-narayan.blogspot.com
MalwarePatrolPro. Read more

bharath-m-narayan.blogspot.com
Malicious sites pushing Malwares. Read more

bharath-m-narayan.blogspot.com
Recent Rogue Applications advertised by MediaTubeCodec Trojans. Read more

www.prevx.com
CISOs and Security Breach Management - The Challenges of Failing End-Point Security! Read more

hackademix.net
Ronald, Stop Scaring Poor AVG! Read more

hackademix.net
Unpatched Flash Vulnerability Widely Exploited in the Wild. Read more

blogs.paretologic.com
Up close with a Bot. Read more

holisticinfosec.blogspot.com
SaaS Snake Oil Top Ten, with video. Read more

zeroq.kulando.de
First Hit IBM Lotus Sametime. Read more

zeroq.kulando.de
More on Black Energy Bot. Read more

www.ncjrs.gov
Electronic Crime Scene Investigation: A Guide for First Responders, Second Edition. (pdf) Read more

www.podtrac.com
Audio. Security Now 146: Listener Feedback 42. Listen

 

Vulnerabilities & Exploits
www.microsoft.com
Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform. Read more

isc.sans.org
Adobe flash player vuln. Read more

 

Tools:
www.darkreading.com
Fresh New Face for Forensics Tool. Read more

www.nnsquad.org
"NNSquad Network Measurement Agent" Beta Now Available. Read more

www.pcadvisor.co.uk
The web's 10 best free security downloads. Read more

 

News
www.securityfocus.com
Apple releases a peck of patches. Read more

www.securityfocus.com
Adobe investigates Flash Player attacks. Read more

www.theregister.co.uk
Daily Mail cites video game as proof of terrorist doomsday plot. Read more

www.theregister.co.uk
Download al Qaeda manuals from the DoJ, go to prison? Read more

www.theregister.co.uk
Potty-mouthed hackers steal comcast.net keys, go for a spin. Read more

www.telegraph.co.uk
Chinese spies stole US trade secretary data. Read more

blog.wired.com
China Cybarmageddon. Read more

blog.wired.com
MediaDefender Defends Revision3 SYN Attack. Read more

blog.wired.com
Did Hackers Cause the 2003 Northeast Blackout? Umm, No. Read more

www.cnn.com
U.S. won't confirm report of Chinese hacking. Read more

en.rian.ru
Russian nuclear power websites attacked amid accident rumors. Read more

blogs.pcworld.com
Hackers Shutdown Comcast.net for Hours. Read more

www.courant.com
25 Firms With Data On Lost Tape Identified. Read more


Copyright© MegaSecurity.org