Bookmark or link to: All other url`s could change!
News Archive    Translate Traducen
News August 2001
31 August 2001

New Trojan:
Lez Trojan
New worm masquerades as Microsoft message. Read more
Lotus Domino DoS (Message Loop). Read more
Outlook Express 6 Attachment Protection Bypassing. Read more
Outlook2000 Animated Assistant & Password Protected Screen Saver Vulnerability. Read more
Respondus Stores Passwords Using Weak Encryption Methods. Read more
Access Violation in Windows 2000 IRDA Driver Can Cause System to Restart. Read more
Remote Buffer Overflow Vulnerability in HP-UX Line Printer Daemon. Read more
Vulnerabilities in Several Apache Authentication Modules. Read more
Bugzilla v2.13 and older contains some serious security flaws. Read more
Kazaa and Morpheus reveal sensitive information. Read more
Programmer claims to crack MS Reader. Read more
Defense agency, Veridian to pinpoint foreign hackers. Read more
Report: Code Red Computer Worm Born in China. Read more
U.S. report: Code Red computer worm born in China. Read more
Design Flaw Stops InvalidSSL Worm. Read more
New virus targets and encrypts .exe files. Read more
Expert Hacks Hotmail in One Line of Code. Read more
Security expert hacks Microsoft's Hotmail easily. Read more
Hacker + three lines of code = Hotmail breach. Read more
The Blind Leading the Blind. Read more
Virus Flood Raises Scrutiny Of Govt Network Security. Read more
Country's first Cyber crime police station opens. Read more
Study: Many UK businesses prey to cybercrime. Read more
NSW Parliament hacking inquiry continuing. Read more
Police clear MP of hacking allegations. Read more
How do you fix a leaky Net? Read more
Researchers discover new method of stealth computing. Read more
Internet can be used for stealth computing. Read more
Is China's Guandong province ground zero for hackers? Read more
Web criminals dent business confidence. Read more
Elcomsoft to repeat controversial eBooks security talk in Amsterdam. Read more
Accused Russian Programmer Hopes for Justice. Read more
Sklyarov, Boss Plead Not Guilty. Read more
Supporters of Russian hacker protest outside U.S. embassy. Read more
US digital copyright review seeks changes. Read more
Copywrong? Read more
Chinese nationals held in attempted export of encryption devices. Read more
No Need to Alter DMCA -- Yet. Read more
U.S. bids to outwit 'Great Firewall of China' web censors. Read more

30 August 2001

New Trojan:
Phoenix II 1.43

Trojan.JS.Offensive Cleaner by nexzus. Read more
IDABlocker, CodeRed Log File Blocker. Read more
Taranis, Switch Specific Sniffer. Read more
WM97/Marker-GG is a Word 97 macro virus. Read more
@Home Network Subject to DHCP Hijacking. Read more

RUS-CERT Advisory
Vulnerabilities in several Apache authentication modules. Read more

Internet Security Systems Security Advisory
Remote Buffer Overflow Vulnerability in HP-UX Line Printer Daemon. Read more
Kazaa and Morpheus Expose Sensitive Information. Read more
AOLserver Vulnerable To Host Buffer Overflow. Read more
TrendMicro OfficeScan Corp Edition Remote File Reading Vulnerability. Read more
Russian hacker, company indicted. Read more
Sklyarov Plea-Bargain Bid Fails. Read more
Law Prof Cajoles Dmitry Allies. Read more
Win XP slays buffer overflow bugs. Read more
Internet Explorer 6 - one man's odyssey. Read more
Don't Get Mad At SirCam, Get Even. Read more
Researchers discover new method of stealth computing. Read more
Hackers-activists push their causes using technology. Read more
Hackers denounce Yasukuni visit. Read more
New Zealand expecting a wave of accidental hacking cases. Read more
Prosecutor urges jail for teen hacker Mafiaboy. Read more
Cybercrime hits two-thirds of British firms. Read more
CBI demands action on cybercrime. Read more
Computer viruses topic at S.J. hearing. Read more
How Vulnerable Are Your Medical Records? Read more

29 August 2001

New Trojans:
NoXcape 2.0

Snid X2 1.2c

Another example of the ksh "here document" vulnerability by Larry W. Cashdollar:

Except it is for Netscape 6.01a on Solaris 2.x.  This creates the same
symlink vulnerability as the previous patchadd post.  Except your more
likely to destroy user files rather than system files. creates a "here document" in function moz_usage().



  cat << EOF

Usage:  ${cmdname} [options] [program]



Temp dir listing:

pangea #ls -l /tmp
-rw-r--r--   1 lwc     user        399 Aug 28 08:38 sh10040

Truss output:

1004:   stat64("/tmp/sh10040", 0xFFBEEDD8)              Err#2 ENOENT
1004:   creat64("/tmp/sh10040", 0666)                   = 3
1004:   unlink("/tmp/sh10040")                          = 0

Solution? Use echo or another shell.

Some Java versions allow cookies to do nasty stuff. Read more
SCO Unixes found vulnerable to a buffer overflow. Read more
WM97/CopyMe-A is a Word macro virus. Read more's Denial-Of-Service Prevention Efforts Could Fall Short. Read more
Crimes bill targets hackers, DoS attacks. Read more
Red alert over virus variant. Read more
Vigilance called for on computer viruses. Read more
Offensive virus breaks Windows. Read more
Trojan horse goes on the offensive. Read more
'Offensive' Trojan horse can disable systems. Read more
Afraid of worms? Get a firewall. Read more
U.S. Department of Justice about Dmitry Sklyarov. Read more
Russian programmer indicted for cracking e-book security. Read more
Montreal teenage hacker known as Mafiaboy needs structure, not jail says parents. Read more
Hacker Breaches Payments Site Read more
Microsoft releases security tool to protect IIS. Read more
Cybercrooks on His Screen. Read more
Defaced site blames Slashdot geeks. Read more
How a software bug could land you 10 years in jail. Read more
Program May Allow Hackers to Gain Data from Internet in Miami Area. Read more

28 August 2001

New Trojans:
Alien Spy 1.0


Dangerous temp file creation during installation of Netscape 6 by Larry W. Cashdollar
During installation of Netscape 6.01a for Solaris 2.7/8 Sparc, I noticed the file /tmp/admin.3842 was created with mode 644. As you already know if this package is installed by root in multiuser mode a malicious user could use this to overwrite system files etc..
Here is the dangerous code:
# grep tmp ns6install
cat >/tmp/admin.$$ <<EOF
/usr/sbin/pkgrm -n -a /tmp/admin.$$ ${pkg}.* 2>&1
/usr/sbin/pkgadd -n -a /tmp/admin.$$ -d `pwd` $pkg 2>&1
# Trojan.JS.Cover is a Trojan that arrives as an .html file. When opened, it displays garbage characters in the Web browser window. Read more
'Offensive' worm spreading worldwide. Read more

Internet Security Systems Security Advisory.
Remote Buffer Overflow Vulnerability in HP-UX Line Printer Daemon. Read more
BSCW Symlink Vulnerability. Read more
An account of Sawmill web log analyzer vulnerability discovery. Read more
Ghost PortScan. Read more
Hardware Defenses against SYN Flooding. Read more
Defending against SYN-flood DoS attacks. Read more
Code Red the Dracula of worms? Read more
Sendmail Debugger Vulnerability Leads to Arbitrary Code Execution. Read more
IIS Lockdown Tool. Read more
Hacker controlled Microsoft for seven days. Read more
Wireless Weekly Weigh-In: Viruses, Trojans and Worms - Oh, My! Read more
Hackers' bonfire of the vanities. Read more
No Computer Worm is a Good Worm, Experts Warn. Read more
MS bugware blamed for 'inadvertent' hack. Read more
Zombies invading homes over cable. Read more
Chinese Ministry Reports Situation of Code Red II. Read more
Hotmail? More like hackmail. Read more
Cypherpunk Sentenced to 10 Years. Read more

27 August 2001

New Trojans:
Gift 2.0

RTB 666 1.63
WinWrapper Professional Remote File Disclosure Vulnerability. Read more
CBOS Web-based Configuration Utility Vulnerability. Read more
Waiting for the killer virus. Read more
High-speed Net users sitting ducks for hackers. Read more
Security firm discounts password threat. Read more
Judge: Cable ISP must give customer info to feds. Read more
Data-grab hackers steal credit card details in bulk. Read more
Is Wi-Fi Wearing No Clothes? Read more
Virus dangers need protection. Read more
Afghan Taliban website hacked as Internet outlawed. Read more
NZ anti-hacking legislation: What happens next? Read more
Researchers say PDAs prone to hacker attacks. Read more
WinXP professional hack starts. Read more
Microsoft releases XP to computer makers. Read more
14th Annual Computer Security Incident Handling Conference. Read more
McAfee Teams With Industry Leaders to Create End-to-End Solution For DDoS Attacks. Read more
Security-Enhanced Linux. Read more

26 August 2001

New Trojan:
NoXcape 1.1

Network Error
Hotmail LINK CSS Vulnerability (New Strain). Read more
Multiple Vulnerabilities in GroupWise Webaccess and NetWare Web Server. Read more
Security firm discounts password threat. Read more
Teaching job for hacker. Read more
Carnivore to add wireless to its menu? Read more
New worm poses as helpful program. Read more
Hacker cracks site, halts trade. Read more
Program now on Internet lets saavy hackers tap into wireless networks. Read more
Microsoft releases XP to computer makers. Read more

25 August 2001

TriRat 1.0

Phoenix II 1.42

Stealth Proxy
'Offensive' Trojan Can Disable PCs. Read more
VBS.Netlog.I. Read more
Forcing ICQ to Add Arbitrary Users to the Friends List. Read more
AVTronics InetServer DoS and Buffer Overflow Vulnerabilities. Read more
Adobe Acrobat Creates World Writable ~/AdobeFnt.lst Files. Read more
Sendmail Debugger Arbitrary Code Execution Vulnerability. Read more
Microsoft Outlook Web Access vulnerable to a DoS. Read more
Kevin Mitnick Interview Transcript, Part 1. Read more
When good 'worms' go bad. Read more
Weary alldas weathers more DDoS attacks. Read more
FBI's 'Carnivore' Might Target Wireless Text. Read more
FBI Could Tap Into Wireless E-Mail. Read more
Talks over fate of Russian programmer. Read more
Microsoft MCSE training faulted. Read more
Hacker Cracks Site, Forces Trade Halt. Read more
Hacker invades MuchMusic's Web site. Read more
Paintball Co. Smeared by Hoax. Read more
India Hackers Face More Charges. Read more
Inept would-be hacker gets three years in jail. Read more
E-mail snoopers 'risk legal action'. Read more

24 August 2001


Latinus 1.5 source
Trojan.Zeraf is a destructive Trojan horse that deletes critical system files. Read more
Trojan.JS.Clid.gen. Read more
VBS.Thea.A. Read more
The Perfect Read Receipt - Using HTML Tagging to Verify E-mail Reading ("Web Bugs"). Read more
BadBlue File Viewing Vulnerability. Read more
IrDA Semi-Remote Vulnerability. Read more
Badblue leaks your script-files. Read more
BSCW has a symlink-flaw that allows reading any file. Read more
IRIX Telnet vulnerable to remote root compromise. Read more
FreeBSD procfs file system under attack. Read more
Protocol used for 802.11b standard is not strong enough for information at ‘official use only’ security status, expert says . Read more
ACM and Linux Magazine hacked. Read more
The future of antivirus: computer programs that mimic white blood cells. Read more
HP to sell secure version of Linux. Read more
Banks face cybercrime threat: expert. Read more
Oklahoma paper distances itself from hacker flap. Read more
Hacker program threatens wireless security. Read more

23 August 2001

Phoenix II 1.41

HoneyPot 1.1

GoboWrap 1.0b
Code Red Worm Variant on the Loose. Read more
Hackers can kill processes through LPPlus Printing System. Read more
Linux Netfilter DoS-vulnerability. Read more
Dynu FTPD-server harbors a directory traversal flaw. Read more
Hackers can reboot Win2000 by infrared. Read more
IE's Security Hole Disables Windows Operation After Accessing Web Sites. Read more
Are Viruses, Trojans and Worms on Wireless Horizon? Read more
U.S., Aussie security centers sign pact. Read more
The trouble with Hotmail. Read more
New e-mail security danger follows spy file revelations. Read more
Microsoft plugs Hotmail security hole. Read more
Researchers develop SSH cracker. Read more
A white paper, entitled Timing Analysis of Keystrokes and Timing Attacks on SSH. (pdf)Download
Russian programmer thanks supporters. Read more
Hacker defaces World Cup site. Read more
Hackers attack Japan's World Cup Web site. Read more
Hacked auction site causes headaches. Read more
Hack insurer adds Microsoft surcharge. Read more
Learning to think like a hacker. Read more
Statement in response to an article about me by Thomas C. Greene. Read more
Warning over wiretaps. Read more

22 August 2001

Bless 0.01
Taranis is a tool to demonstrate the necessity of strong cryptography and authentication on local ethernet networks. Taranis will steal username / password pairs by redirecting traffic intended for the POP or IMAP server to the host running Taranis. Once this is achieved, the login information is saved to a file. Read more
GPS is a port scanner and a firewall rules disclosure (FWRD) tool, which uses IP spoofing, ARP poisoning and some other stratagems in order to perform a stealth and untraceble information collect. Read more

Microsoft Security Bulletin MS01-046
Access Violation in Windows 2000 IrDA Driver Can Cause System to Restart. Read more
Viewing Someone's Hotmail Account in Three Easy Steps. Read more
SlimFTPd Directory Traversal. Read more
Cerberus FTP Server Directory Traversal. Read more
Dynu FTP Server Directory Traversal Vulnerability. Read more
Trojan.Offensive is a Trojan horse that comes in the form of an .html file. (It could also be a Web page on the Internet). When opened, the page displays one button that contains the text "Start." Read more
Virus poses as antivirus utility. Read more
Microsoft Releases Two Security Tools. Read more
Hackers post code opening access to Hotmail content. Read more
Computer problems caused by hacked Internet site. Read more
Is prosecuting hackers worth the bother? Read more
Mitnick joins Vegas hack investigation. Read more
IT workers aren't the Net police. Read more
FIBA Bankers Bring Red Worm Specialist to South Florida. Read more
Security vendors ally to study denial-of-service attacks. Read more
Wireless Networks in Big Trouble. Read more
Copyright law chills IT security research. Read more

21 August 2001

How to make a Dropper in C, ASM, and Delphi. Read more

How to code sockets under windows using asm. Read more
Achilles is a tool designed for testing the security of web applications. Achilles is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Achilles will intercept an HTTP session’s data in either direction and give the user the ability to alter the data before transmission. For example, during a normal HTTP SSL connection a typical proxy will relay the session between the server and the client and allow the two end nodes to negotiate SSL. In contrast, when in intercept mode, Achilles will pretend to be the server and negotiate two SSL sessions, one with the client browser and another with the web server. As data is transmitted between the two nodes, Achilles decrypts the data and gives the user the ability to alter and/or log the data in clear text before transmission. Read more
twhttpd is developed in a scenes to help the protection web servers (and web browser clients) by checking the HTTP protocol header data. The design has already put most modern web base attacks into consideration and hence can protect most web servers without very in-depth knowledge about the attacking techniques. Read more
AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. Read more
The Bulgarian and Soviet Virus Factories. Read more
Pictures from HAL. Read more
Hackers hit Hotmail hole. Read more
` Hotmail Security Hole Too Tiny For E-mail Spies - MSN. Read more
30 seconds of virus hell that will change the web forever. Read more
Worm researchers foresee infection in a Flash. Read more
Will the Internet Ever Be Safe from Viruses? Read more
Is Windows XP's 'Product Activation' A Privacy Risk? Read more
Russian Man Indicted On ISP Hacking Charges. Read more
Alliance takes on DDoS. Read more
FBI blows Code Red all-clear. Read more
Copyright law chills IT security research. Read more

20 August 2001

NT RootKit 0.40
HTML Form Protocol Attack. Read more
Cross Site Scripting and Memory Leak Vulnerabilities in ISA Server. Read more
Microsoft IIS ssinc.dll Buffer Overflow Vulnerability. Read more
glFTPD Vulnerable To a DoS Attack (* Attack). Read more
Windows XP Home Edition Must be Made More Secure. Read more
Hacking Hotmail made easy. Read more
Microsoft: um, the XP firewall isn’t that great. Read more
Novell Tight-Lipped About Security Patch Details. Read more
We won't tell you what this patch does, but apply it NOW. Read more
Giving hackers a good name. Read more
Washington Post: Home Users Not Immune To Worms. Read more
O'Reilly Network: Apache::CodeRed. Read more
LinuxPR: Apache CodeRed Countermeasures with PHP: codeRedKiller! Read more
Inside the control room of a war on viruses. Read more
Positive results of Code Red. Read more
Virus scare downs ministry computer. Read more
White House fears another Code Red attack. Read more
Now it's drive-by hacking. Read more
Student 'soldiers' help feds fight cyberterrorism. Read more
Hacker squad get the go-ahead on MPs' files. Read more
Throwing The E-Book At Him;A programmer is prosecuted for enabling users to break the security in reader software. Read more

19 August 2001

Theef 1.31
Four Simple Cryptographic Attacks on HDCP. Read more

Code Red II disassembly
Multiple Vulnerabilities in Microsoft IIS 5.0 and 4.0. Read more
Multiple Vulnerabilities in Microsoft ISA Server 2000. Read more
Denial of Service Condition in Microsoft NNTP Service for Windows 2000/NT. Read more
Exploit Code Released For the Apache Server Address Disclosure Vulnerability. Read more
Caldera Security Advisory: security issues in ucd-snmp. Read more
Microsoft patches ActiveX hole in Outlook. Read more
The Code Red worm can cause minor Mac problems. Read more
Persistent viruses sound industry alarm. Read more
Joseph Burton is lead attorney for Dmitry Sklyarov. Read more
Messenger is vulnerable to newer viruses. Read more
Ahnlab Wins Malaysian Online Security Education Contract. Read more
High-tech snoops. Read more

18 August 2001

Black Angel 1.3
Backdoor.Kaitex is a backdoor Trojan that connects to an IRC server using port 6667. Read more
remotely exploitable memory overwrite vulnerability in the fetchmail-ssl package.. Read more
Viruses in the Information Age. Read more
How Computer Viruses and Worms Work. Read more
Code Red Worm Crawls Again. Read more
Microsoft bundles patches to fix holes old, new in Internet Information Server. Read more
Does XP Have Firewall or Not? Read more
Microsoft withdraws Windows XP security claim. Read more
Microsoft withdraws claim about new product's protection against viruses, hackers. Read more
Newsbytes hack seeks to embarrass EL Reg. Read more
Surveillance by Design
Netscape Sees Red As FBI Warns Of New Attack. Read more
FBI: Early efforts nip Code Red worm. Read more
SecurityPortal flounders on atoll. Read more
Security Software Spies On Workers. Read more

17 August 2001

Phoenix II 1.28

Microsoft Security Bulletin MS01-038
Outlook View Control Exposes Unsafe Functionality. Read more

Microsoft Security Bulletin MS01-045
ISA Server H.323 Gatekeeper Service Contains Memory Leak. Read more
NetCode NC Book Remote Command Execution Vulnerability. Read more
EnGarde Secure Linux Security Advisory: fetchmail-ssl memory overwrite vulnerability. Read more
New worm likes NetBIOS. Read more
The Generic Virus Writer. Read more
The Generic Virus Writer II. Read more
Silence of a code cracker. Read more
Researchers Reveal How They Bypassed Digital Watermarks. Read more
50 hackers to take part in server-cracking contest. Read more
Dutch Cryptographer Cries Foul. Read more
Verizon Hit by Virus. Read more
SirCam: The Worm That Won't Die. Read more
Barry Fox promotes virus abuse on radio. Read more
Hacker sneaks into Visa credit-card site; might have compromised data. Read more
Student spotted 'Trojan horse' hacker. Read more

16 August 2001

MoonPie 2.5 beta
Paper: HTML Form Protocol Attack.
This paper describes how some HTML browsers can be tricked through the use of HTML forms into sending more or less arbitrary data to any TCP port. This can be used to send commands to servers using ASCII based protocols like SMTP, NNTP, POP3, IMAP, IRC, and others. By sending HTML email to unsuspecting users or using a trojan HTML page, an attacker might be able to send mail or post Usenet News through servers normally not accessible to him. Read more
Censorship in action: why I don't publish my HDCP results. Read more

Microsoft Security Bulletin MS01-044
Cumulative Patch for IIS. Read more

CERT Advisory CA-2001-24
Vulnerability in OpenView and NetView. Read more
HTTPort allows you to bypass an HTTP proxy, which is blocking you from the Internet. With HTTPort you may use the following software (just a sample list, not limited to !) from behind an HTTP proxy: e-mail, IRC, ICQ, news, FTP, AIM, any SOCKS capable software, etc. etc. Read more
Frequently Asked Questions on Virus-L/comp.virus. Read more
Cisco Systems Advises Industry On Security Against Possible Hacker Attacks. Read more
Various Problems in Baltimore's WEBsweeper Script Filtering. Read more
pcAnywhere Vulnerable to a DoS (Multiple Connections). Read more
NNTP Service in Windows Contains Memory Leak. Read more
TrollFTPD Security Vulnerability Leads to Root Compromise. Read more
Solaris Xlock Heap Overflow Vulnerability (Exploit, XUSERFILESEARCHPATH). Read more
SIX-Web board "Show Files" Vulnerability. Read more
Long URLs incite overflow in IE6. Read more
CyberCash Server Hit By Code Red II. Read more
MS patch-scanner for Win-NT, 2K, IIS, SQL. Read more
Microsoft Fields New Complaints on Server, XP Security. Read more
Microsoft Releases New Security Tools. Read more
Privacy group attacks Windows XP, Passport. Read more
Hackers' convention gathers to goggle at bits and PCs. Read more
Digital Copyright Act Muffles Dutch Crypto Scientist. Read more
Man arrested in Britain in hacking case. Read more
Brit to be charged with worm abuse. Read more
Viruses wiggle into IM chats. Read more
Hacker Highway. Read more
Mystery of crashing HP printers solved? Read more
Recall Parliament for hackergate, Carr told. Read more
Going underground to fight cyber crime;Viruses are one thing but how do you fight weapons that 'fry' computers? Read more
Web firms could be bugging you. Read more

15 August 2001

Moses 1.1.0d

Microsoft Security Bulletin MS01-043
NNTP Service in Windows NT 4.0 and Windows 2000 Contains Memory Leak. Read more
W32.HLLW.Hai is a worm written in C++. Read more
Code Red Analysis pages. Read more
Video crypto standard allegedly cracked. Read more
MS patch-scanner for Win-NT, 2K, IIS, SQL. Read more
Lack of focus on security in professional training seen as factor in spread of viruses. Read more
Worms find fertile ground in IM. Read more
Briton charged over computer worm. Read more
FBI Announces Arrest of 24-Year-Old British Hacker. Read more
Microsoft: Code Red brings XP security fears. Read more
New Code Red Worm Slows Systems With Scans. Read more
Qwest gaining on Code Red worm. Read more
IT giants whacked by Code Red. Read more
Code Red II virus attacks HK government servers. Read more
Code Red Worm Withers But Warnings Remain. Read more
Hackers break into court records site. Read more
1,000 web sites sabotaged in one of the biggest ever acts of defacement. Read more
As Ethicists, They Don't Hack It. Read more
The Matrix Screen Saver for Windows Lets Physically Local Users Bypass the Password Mechanism and Access the System. Read more
MPs' House rules frustrate police hunt for hackers. Read more
McAfee's Web services patent raises questions. Read more
So much for secure e-mail. Read more
Big Brother is watching you surf. Read more

14 August 2001

NetDevil 1.0
A Warhol Worm: An Internet plague in 15 minutes! Read more
Sambar Telnet Proxy Multiple Vulnerabilities (DoS, Buffer Overflow). Read more
Abusing Poor Programming Techniques in Web Server Scripts (SQL Statements). Read more
Various problems in Baltimore's WEBSweeper Script filtering. Read more
Various problems in Trend Micro AppletTrap Script filtering. Read more
Caldera Security Advisory: Linux - Telnet AYT remote exploit. Read more
Conectiva Linux Security Announcement: windowmaker. Read more
Code Red Reveals New Security Hole in IIS. Read more
Crack the code. Read more
Hackers at Large 'on best behaviour'. Read more
Hackers hit Los Alamos public information site. Read more
Did Japan attack New Zealand research institute's computers? Read more
Hackers Break Into Court Records Site. Read more
Microsoft retracts assurance over Hotmail's virus defense. Read more
Russian hacker case to test US cyber law enforcement. Read more
High-tech credit card scam spreads. Read more
Claims of stonewalling in hacking investigations denied. Read more
MPs' House rules frustrate police hunt for hackers. Read more
Hackers: Wake Up and Be Useful. Read more
Hackers make house calls. Read more
Hacker remembered as computer age hero Wau Holland fought to free information. Read more
Report: Ukrainian parliamentary mail may contain Sircam virus. Read more
Emprise, Summa And FBI to Hold Computer Security Seminar 'Threat from Within' Addresses Internal Security Concerns. Read more
Privacy Ontheline
Every click you make Every file you take I'll be watching you. Read more

13 August 2001

Denial of service on FreeBSD using fragmented IPv4 packets. Read more
GetAccess Authentication Program Gives Access to All. Read more
phpBB Bulletin Board bb_profile.php Bug Lets Remote Users Obtain Administrative Access to the Bulletin Board. Read more
Vulnerability in 'otrcrep' in Oracle ('a' Parameter). Read more
Solaris Xlock harbors buffer overflow. Read more
Smarter Worms Are On Their Way. Read more
Chris Gulker: What if we could get the Code Red worm to turn? Read more
Persistent viruses sound industry alarm. Read more
US doesn't buy Korean Code Red III claim. Read more
No 'Code Red III' - experts. Read more
For home users, Code Red isn't worth a panic attack. Read more
Power Grid Vulnerable to Hackers. Read more
Security Experts Warn on Wireless. Read more
NSW pollies stonewalling hacking probe: report Hacking. Read more
National plan for e-mail protection. Read more
Hacker's arrest incites copyright debate. Read more
Privacy dispute threatens XP launch. Read more

12 August 2001

Algus 6.0
Analysis Console for Intrusion Databases. Read more
Security experts question release of Code Red worm's exploit data. Read more
Security Firm Blamed For Code Red Costs. Read more

Full details of the IIS buffer overflow by eEye Digital Security. -CodeRedII Worm Analysis
SurgeFTP Administrative Account Can be Easily Brute Forced. Read more
Security Vulnerability found in /usr/bin/locate (Exploit Code). Read more
Vulnerabilities in Cisco SN 5420 Storage Routers. Read more
Local Security Vulnerability in 'dbsnmp' Binary (ORACLE_HOME). Read more
SNMPd Log Files Buffer Overflow Problem. Read more
Debian Security Advisory: 3 security problems in imp. Read more
Buffer overflow affects Netkit in.telnetd 0.17 and lower, too. Read more
Jail warning to visitors at hackers' conference. Read more
Global Hacker Event Not Safe For Code Red Creator. Read more
HAL 2001. Read more
Special coverage: Hackers At Large 2001. Read more
How to anonymously get root access on a quarter million machines overnight. Read more
Hacking IIS -- how sweet it is. Read more
MachineOfTheMonth: Hacking the hacker. Read more
Learn about SSL encryption on your Apache Server! Read more
Two on PGP: August keyanalyze Report Released, FBI ordered to reveal PC snooping technique. Read more
New FBI chief accused of lying over claims he knew nothing of key-logging. Read more
Experts Cast Doubt on 3rd Version of Code Red Virus. Read more
Code Red III alert in Korea may be false alarm - expert. Read more
Japan arrests woman for email snooping. Read more
Houdini of the hackers lets on about how he duped the hi-tech world. Read more

11 August 2001

Dark FTP 1.5 Linux
Special coverage: Hackers At Large 2001. Read more
Nmap 2.54BETA29 released. Download
Trojan.VirtualRoot is a Trojan horse program that is dropped by the CodeRed II worm. Read more
Internet Security Systems Security Alert Summary. Read more
Solaris holds xlock heap overflow. Read more
Prestige ADSL Router suffers less-than-prestigious security. Read more
Researchers break wireless LAN encryption algorithm. Read more
Data guardians swamped by hacking blitz. Read more
FBI says Code Red has hallmarks of a professional job. Read more
Code Red II worst virus ever to hit China. Read more
South Korea Hit by New Code Red Worm. Read more
Korea estimates 43,000 Code Red II attacks. Read more
Associated Press joins list of Code Red II victims. Read more
Centre detects 2,503 computer hacking cases since 1997. Read more
Net worm picks up speed in China but infections low. Read more
World of Hell advertises world of harmony. Read more
Web site hacker is sentenced to 6-month term. Read more
IE 6 central to Passport privacy boost. Read more
The Code Red hype Hall of Shame. Read more
Deface Road Runner, Save the Whales? Read more
Studios hire Brit to solve Hollywood horror hacking. Read more
Remembering a Hacker's Hacker. Read more

10 August 2001

MoonPie 4.0 beta
VBS.AutoExec.Trojan is a simple Visual Basic script that modifies the C:\Autoexec.bat file. Read more
VBS.Millennium is a simple Visual Basic script worm that spreads using mIRC. Read more
W32.Annoying.Worm. Read more
Microsoft Passport Account Hijacking (Hacking Hotmail and more). Read more
Windows Media Player susceptible to crash. Read more
IIS patch + URL redirection = crashing. Read more
EARLY BIRD -- A realtime Code Red attempt reporting utility. Read more
Microsoft Sees Red: Worm Infects Its Own Servers. Read more
Microsoft fails to patch servers, hit by Code Red. Read more
Microsoft's Hotmail Is Red Hot From Worm. Read more
Hotmail hit as MSN on Red alert. Read more
Microsoft Hotmail servers invaded by Code Red worm. Read more
Code Red II computer worm spreads in nation. Read more
Worm Sneaks Up on Firms Urging the Public to Download Fix. Read more
Code Red Virus 'Most Expensive in History of Internet'. Read more
'Code Red' impact felt at major companies. Read more

DJ Code Red Worm Spreads, Affects AP, Qwest, Microsoft. Read more
Code Red worm to cost US $2bn. Read more
WORM OFFERS VALUABLE LESSON -- 'Code Red' attack could help heighten security awareness. Read more
Code Red II worm disrupts AP services. Read more
AT&T blocks residential Web sites. Read more
New virus spreads using Acrobat files. Read more
Virus help a click away. Read more
Not Everything Is Peachy With PDFs. Read more
The Hunt for the Worm Writers. Read more
Virus Detectives Face Daunting Challenge. Read more
FBI doubts amateurs are behind Code Red. Read more
Hunt reveals hacking tools in MP's computer. Read more
Troubled Dot-Coms May Expose Confidential Client Data. Read more
Staff kept suspicious software under wraps. Read more
Web site hacker is sentenced to 6-month term. Read more
New wireless LAN vulnerabilities uncovered. Read more
RSA Security Unveils Cryptographic Software for Secure Cable Broadband Internet Access. Read more
2,503 Cases Of Breach Of Computer Systems Reported. Read more
Hollywood hits back at hackers. Read more
US judges to force cyber snooping issue. Read more

09 August 2001

Simple Trojan 1.0
VBS.Natas is a Visual Basic Script (VBS) virus that overwrites all files that are in the same folder as the virus. Read more
VBS.Noon. Read more
Trojan.Bat.Live4 is a Trojan horse. It attempts to delete system files, files on drive A, and .doc files that are in the C:\My Documents folder. Read more
Multiple Vulnerabilities in Avaya Argent Office. Read more
Remote Vulnerabilities in Macromedia ColdFusion Example Applications. Read more
phpNuke Vulnerable to Multiple Security Holes (Administrative Privileges, DoS). Read more
'Red Code II' Lands in China, Dutch Hackers Claim Bug Intriguer. Read more
Net Worm Picks Up Speed in China but Infections Low. Read more
Code Red II worms through Japanese systems. Read more
Worm hits Qwest, Microsoft Hotmail, AP. Read more
Microsoft's Hotmail is victim of Code Red worm. Read more
Brazilian Govt computers attacked by 'Code Red' worm. Read more
Worms prompt AT&T to unplug customer sites. Read more
Mutated Code Red II Worm. Read more
Damage from Code Red worms continuing to add up. Read more
How the Worm turned with hype from anti-virus software companies. Read more
Hacking worm has ability to cause havoc. Read more
Hackers dig in for Euro festival. Read more
Thought Crimes, Databases, Kernel Hacking and Other News from the O'Reilly Open Source Conference. Read more
New virus developed that spreads using Acrobat files. Read more
Microsoft appeals case it once said was a victory. Read more
FBI ordered to reveal bugging trick. Read more
Judge wants explanation of computer bug system. Read more
Hackers not so funny off the silver screen. Read more
Schoolboy's book on ethical hacking an online hit. Read more
Judges: Don't Monitor Our PCs. Read more

08 August 2001

Moses 1.1.0 c by Psyon
Tcptraceroute is a traceroute implementation using TCP packets. Read more
Dutch hackers claim authorship of Code Red II. Read more
Chasing the Wind, Part Nine: Smoke and Mirrors. Read more
Code Red virus version claimed by Dutch hackers. Read more
Trojan in Aide Distribution at Read more
New virus travels in PDF files. Read more
OUTLOOK.PDFWorm. Read more
New VBS worm can be smuggled inside PDF file. Read more
VBS.PeachyPDF@mm. Read more
CodeRed.v3. Read more
Code Red II Puts The Crunch on Cable Modems. Read more
Code Red II worms its way deeper into the Net. Read more
Code Red Copycat Worm Packs A Malicious Punch. Read more
Code Red Cuts Off Qwest DSL Service. Read more
'Code Red II' crashes dinner for Net experts. Read more
More virulent worm infects global servers. Read more
Meaner Code Red Internet Worm Surfaces in China. Read more
Virulent Code Red II Reportedly Hits China. Read more
F*** you, Code Red. Read more
Hackers ready for a HAL of a party. Read more
Dutch festival debugs hacker image. Read more
Detection of a File Virus. Read more
Tips for fighting virus at home. Read more
SirCam Is the Real Red Scare. Read more
Sircam Computer Virus on the Rise, Japan's IPA Reports. Read more
AT&T WorldNet Offers to Trap Viruses at Entry. Read more
Russian programmer gets bail. Read more
Government to patrol cyber-beat. Read more
FBI Defends Surveillance Operation. Read more
Privacy and technology. Read more
Paranoia is The Bunker mentality. Read more
Hacker Deletes All Data on Tallahassee, Fla., Jewelry Retailer's Web Site. Read more

07 August 2001

23 v0.3 by WOW.
XProbe, Active Operating System Fingerprinting. Read more
The Unoffical Guide To Ethical Hacking. Read more
Internet Security Systems Security Alert
Resurgence of "Code Red" Worm Derivatives. Read more
Multiple Buffer Overflow Vulnerabilities in Raytheon SilentRunner. Read more
ARPNuke, Windows Network Nuker. Read more
Security Flaw in Indentix BioLogon Client for Windows. Read more
Outlook 2000 Rich Text Information Disclosure. Read more
phpBB Security Hole Leads to Root Compromise. Read more
Tivoli Management Framework Security Compromise. Read more
Roxen Vulnerable to URL Decoding Attack. Read more
NT4ALL exploit runs roughshod over Windows SP6a. Read more
Internet Security: a difficult balance between hype and paranoia. Read more
Code Red II includes dangerous 'backdoor' Trojan. Read more
Code Red honeypot + SMTP logger/alerter. Read more
Code Red 'was never a threat'. Read more
Security Statistics. Read more
Code Red variants strike more terror. Read more
Net security experts carve up Code Red II worm over dinner. Read more
After Code Red, its Code Red C now. Read more
New 'Code Red' worm entices Web hijackers. Read more
New Code Red: Worse than the first? Read more
Code Red wriggles into version two. Read more
Now it's a can of worms as Code Red II slides in back door. Read more
Korea Government Computers Hit by Code Red Worm. Read more
Why the "Code Red" worm is a red herring. Read more
Why Worms Like Code Red Are Good For You. Read more
Russian programmer released on bail in copyright case. Read more
DefCon hacker free as a bird. Read more
Russian programmer arrested at hacker convention is freed on $50,000 bail. Read more
FedCIRC plans patch-release system. Read more
Companies Hacked on Average Six or More Times Per Year. Read more
Washington Is Unprepared to Fight Cybercrime. Read more

06 August 2001

Mini Oblivion 0.1 by Stan
Code Red II - New Non-variant Code Red Worm - Analysis. Read more
Denial of Service Vulnerability in SHOUTcast Server (User Agent, Host). Read more
Code Red Foreshadows Evolution of Cyber Threats. Read more
More dangerous worm than Code Red detected. Read more
Code Red Author Cuts Wide Swath, Leaves No Fingerprints. Read more
Code Red: New variant detected. Read more
Mutant versions of Code Red worm detected. Read more
Son of Code Red is born. Read more
Britain issues alert over new computer worm. Read more
New strain of 'Code Red' worm leaves computers vulnerable to hacks. Read more
Nastier new worm threatens internet. Read more
Code Red Returns. Read more
New Code Red threat. Read more
Code Red a grim omen. Read more
It's a Dread to Patch Code Red. Read more
SirCam worm determined to stick around. Read more
Sircam worm still spreading files. Read more
Ukrainian Agents Quiz Site On Sircam Breach . Read more
Hackers hiding behind home PCs. Read more
Hackers ready for a HAL of a party. Read more
Free Dmitry Sklyarov! Read more
eBook hacker supporters to petition US embassy. Read more
Politicians' secret files raided by hacker. Read more
Hacker could bring down Carr Govt: Greens. Read more
Carr calls for hacker to be sacked, charged. Read more
Inquiries begin into hacking of NSW Opposition's files. Read more
Police to question MP over hacking. Read more
How to Fend Off Internet Viruses. Read more
Cuban Communist Party's Web site back up after hacker attack. Read more
Severe computer security holes reported at Commerce Department. Read more
Commerce computer security lacking. Read more
Rights group claims China restricting freedom on the Web. Read more

05 August 2001

NeuroticKitten 0.1 by aka_katnhat
SSH Secure Shell 3.0.0 Vulnerability Scanner. Read more
Poor Security on Default Windows 2000 Server Installation Could Lead to Unauthorized Database Access. Read more
Netaddress Security Issue Solved (Passwordless Logon). Read more
Vulnerability Found In 'oracle' Binary. Read more
SuSE Security Announcement: xmcd (SuSE-SA:2001:025) . Read more
Security flaw makes wireless networks vulnerable Widely used system hacked with ease. Read more
Cipher attack delivers heavy blow to WLAN security. Read more
Internet Brings Dangers New and Old. Read more
SirCam's worm cocktails pack a wallup. Read more
Viruses Cause Traffic Spike at Anti-Virus Sites. Read more
Hackers beware: Honeynet is on to you and recording every move. Read more
Hacking by sacked staff costs US firms billions. Read more

04 August 2001

Remote Hak 0.0.5 Alpha by HaKKa & _Jedi_
The Linksys "EtherFast 4-Port Cable/DSL Router" is subject to a security flaw in its design. Read more
Linksys EtherFast Security Vulnerability (Username and Password Disclosure). Read more
Mathematica License Manager Hostname Spoofing. Read more
Building Anna Kournikova: An Analysis of the VBSWG Worm Kit. Read more
W32/Parrot-A is an email-aware worm and companion virus. Read more
Sex starved virus writers go for revenge. Read more
Heard the one about the worm…Read more
Techies sing to free jailbird hacker. Read more
Hackers under attack over copyrights. Read more
Top corporate wireless system vulnerable to hackers. Read more
Early birds who catch the email worms. Read more
Stealth Fighters. Read more
Internet at risk as virus attacks grow. Read more
Hotmail fails to block SirCam worm. Read more
SirCam troubles some TrendMicro ISVW users. Read more
Dangerous 'Sircam' virus keeps spreading. Read more
Virus leaks Ukraine President's documents to press. Read more
Experts: Most Code Red attacks coming from Asia. Read more
Code Red puts Microsoft in hot seat. Read more
Code Red impact may spread beyond US. Read more
Code Red worm 'an ugly thing:' U.S. Army. Read more
CodeRed begins to hit UAE computers; worst still ahead. Read more
Code Red Worm Containment Costs Exploding. Read more
COMPUTER SECURITY Companies Bracing For Code Red, But Is It Tip Of Iceberg? Read more
Déjà vu: Pentagon takes down Web sites. Read more
Up and Down on the Worm Beat. Read more
Don't depend on luck for virus evasion. Read more
China's digerati proud, boastful. Read more
Virus top ten: SirCam leads the charge. Read more
Virus leaks Ukraine President's documents to press. Read more
SirCam Virus Blamed in Leak of Secret Documents. Read more
Internet Brings Dangers New and Old. Read more
Hats Off to the Hackers. Read more
6,000 attempted hacks a week gets home user a bit annoyed. Read more
South Africa plans hardline Internet snooping legislation. Read more
Encryption foils Internet child porn prosecutions. Read more
Commerce Computer Security Lacking. Read more
Haxploitation: the complete Reg guide to hackers in film. Read more
Microsoft enlists Psycho Killer to promote WinXP. Read more

03 August 2001
Subseven for Macintosh. Read more
PromiScan Ver 0.23 searches for promiscuous nodes on the local net. Read more
Winfingerprint v0.2.0 - Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controller), BDC (Backup Domain Controller), NT member server, NT Workstation, SQLServer, Novell Netware Server, Windows for Workgroups, Windows 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, Enumerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes). Read more
SSH 3.0.0 vulnerability scanner - Scans for BugtraqID. Read more
InterScan VirusWall Standard and CVP Edition are Unable to Detect SIRCAM (Patch Available). Read more
Multiple Windows-Based FTP Servers Vulnerable to DoS under Windows 98. Read more
Linux Kernel IP Masquerading Vulnerability. Read more
SuSE sdbsearch.cgi Security Weakness. Read more
KRB5 TelnetD Buffer Overflows. Read more
Quake 3 Arena Security Vulnerability (CHAR 255, Exploit). Read more
Code Red worm attack blunted. Read more
Code Red worm meets its match. Read more
Code Red infections growing. Read more
Code Red worm gathers pace. Read more
FAQ: The Code Red threat. Read more
Code Red crawls back into action. Read more
SirCam Worm Determined To Stick Around. Read more
Sircam Virus Exports Documents, Still Spreading. Read more
SirCam worm still spreading documents. Read more
Report: Worm nabs secret Ukrainian files. Read more
Code Red seen moving beyond U.S. Read more
Commerce Department vulnerable to hackers. Read more
FBI to play ’I spy’. Read more
Appeals court rejects Microsoft, DOJ requests. Read more
Commerce Department vulnerable to hackers. Read more

02 August 2001

Metal Trojan 2.7
Mathematica License Manager DoS. Read more
Multiple Remote DoS Vulnerabilities in Microsoft DCE/RPC Daemons. Read more
1st Choice FTPPro Stores Passwords Insecurely. Read more
Command Execution Vulnerability in phpMyAdmin. Read more
'Code Red' worm soils Internet. Read more
Enemy at the keyboard. Read more
'Code Red' Internet Bug Not Chinese, Expert Says. Read more
'Malicious' computer bug works on a monthly cycle. Read more
FBI accused over Code Red virus confusion. Read more
Code Red cost tops $1.2bn. Read more
Code Red Hits Servers, Seen Remaining a Menace. Read more
Code Red virus re-emerges. Read more
'Code Red' Alert May Have Averted Disaster. Read more
Microsoft takes heat for Code Red. Read more
Worm carries larger warning. Read more
‘Code Red’ Continues Spread, Pentagon Shuts Web Sites. Read more
Code Red Aug. 1 relaunch fizzles, for now. Read more
Net security fends off worm attack. Read more
Update: Code Red gaining ground, officials say. Read more
Code Red infections growing. Read more
Govt. Experts Rally ISPs To Fight Code Red Worm. Read more
Russian hacker supporters ask Adobe to aid in defense. Read more
'Free Dmitri' campaign takes case of hacker to US embassy. Read more
Revenge of the Downsized Nerds. Read more
Senator Targets School Hackers. Read more
Senator's Net-legislation would jail school-kids. Read more
Europe fights cybercrime. Read more

01 August 2001

RTB 666 1.6
ZoneAlarm Pro's MailSafe Insecurity. Read more
Security Hole Lets Lycos Run Arbitrary JavaScript. Read more
Cold Fusion CFRETHROW Exploit. Read more
Security Hole Found in PHPLib prepend.php3. Read more
Hacking tool comes back for the Mac.
The infamous Sub7 Trojan horse has made another comeback, this time on the Mac. Read more
FBI Using High-Tech Gadgets. Read more
World too dependent on Microsoft. Read more
Cisco Security Advisory: "Code Red" Worm - Customer Impact. Read more
Code Red Tribulation is nigh, Steve Gibson warns. Read more
Code Red: Is This the Apocalypse? Read more
'Worm' infection threatens Net. Read more

Code Red computer virus hits Switzerland. Read more
Government and Industry Groups Warn "Code Red" Internet Worm Ready for Serious Strike; Urge Preventative Measures. Read more
Code Red a no-show so far. Read more
FBI warns world on latest virus threat. Read more
Experts say Code Red computer worm won't lead to widespread economic chaos. Read more
Experts still wait for full fury of 'Code Red'. Read more
5 minute briefing: hackers. Read more
Tribute to Hippie Hacker Holland. Read more
EU group denounces U.S. spying E-mail, faxes being monitored. Read more
Hack attack targets Verizon, AT&T wireless users. Read more
Hackers to the honey. Read more
Security Experts Catch Hackers with Honey. Read more
Crackers deface Samsung's Australian website again. Read more
Hackers using colleges to steal files. Read more