Home    News Archive    Translate Traducen
News October 2008
23 October 2008

Guides, Papers, etc
isc.sans.org
Microsoft out-of-band patch - Severity Critical. Read more

isc.sans.org
Podcast Episode Eleven Posted. Read more

Project Grey Goose Phase I Report.
Project Grey Goose is, in technology terms, a pure play Open Source Intelligence (OSINT) initiative launched on August 22, 2008 to examine how the Russian cyber war was conducted against Georgian Web sites and if the Russian government was involved or if it was entirely a grass roots movement by patriotic Russian hackers. Read more

lasecwww.epfl.ch
COMPROMISING ELECTROMAGNETIC EMANATIONS OF WIRED KEYBOARDS. Read more

www.haaretz.com
Is Israel's booming high-tech industry a branch of the Mossad? Read more

resources.zdnet.co.uk
Rootkits: What you should know. Read more

www.f-secure.com
Virus.VBS.Confi. Read more

www.f-secure.com
Surge in Facebook Malware. Read more

www.f-secure.com
Exploit Predictions. Read more

www.usatoday.com
Hackers' mind-set: They've done nothing wrong. Read more

www.net-security.org

[I]SECURE Magazine Issue 18. Read more

www.instructables.com
Yellow Dots of Mystery: Is Your Printer Spying on You? Read more

www.avertlabs.com
French President a Victim of Identity Theft. Read more

www.thedarkvisitor.com
Stolen lawn mowers and Chinese rage against Microsoft. Read more

www.thedarkvisitor.com
Chinese hackers taking advantage of Microsoft “Black Screen of Death”. Read more

feeds.feedburner.co
The Dark Visitor » podcast. Read more

www.darkreading.com
'Block the Vote' Tactics Go Online This Election. Read more

www.darkreading.com
Microsoft Blue Hat: Researcher Demos No-Hack Attack. Read more

www.darkreading.com
The Root of Online Evils. Read more

ddanchev.blogspot.com
A Diverse Portfolio of Fake Security Software - Part Ten. Read more

ddanchev.blogspot.com
Massive SQL Injection Attacks - the Chinese Way. Read more

ddanchev.blogspot.com
Real-Time OSINT vs Historical OSINT in Russia/Georgia Cyberattacks. Read more

ddanchev.blogspot.com
A Diverse Portfolio of Fake Security Software - Part Nine. Read more

ddanchev.blogspot.com
TorrentReactor Compromised, 1.2M Users Database In the Wild. Read more

ddanchev.blogspot.com
DDoS Attack Graphs from Russia vs Georgia's Cyberattacks. Read more

ddanchev.blogspot.com
The Cost of Anonymizing a Cybercriminal's Internet Activities. Read more

ddanchev.blogspot.com
Quality Assurance in Malware Attacks - Part Two. Read more

thisweekintech.com
Security Now 166: Cross Site Request Forgery. Read more

sunbeltblog.blogspot.com
WinDefender 2008 with a sidebar. Read more

sunbeltblog.blogspot.com
New rogue: AntiSpyware XP 2009. Read more

sunbeltblog.blogspot.com
New rogue: Pro Antispyware 2009. Read more

blog.trendmicro.com
Start With Trust, End in Malware. Read more

blog.trendmicro.com
A Very Early London Olympics Scam. Read more

blog.trendmicro.com
‘Halloween Costumes’ Bring More Fright Than Expected. Read more

 

Vulnerabilities & Exploits
isc.sans.org
F-Secure and Trend Micro Release Critical Patches. Read more

 

News
www.securityfocus.com
Researchers find keyboards to be tattletales. Read more

www.securityfocus.com
Ohio searches for state-site attacker. Read more

www.cnn.com
Authorities shut down huge spam e-mail ring. Read more

www.theregister.co.uk
McAfee update classifies Vista component as a Trojan. Read more

www.channelregister.co.uk
Microsoft sued in China for black screen of death. Read more

www.washingtonpost.com
Al-Qaeda Web Forums Abruptly Taken Offline. Read more

www.itbusiness.ca
E-ticket scam crash lands victims into a load of malware. Read more

www.reuters.com
FBI catches up with Miley Cyrus hacker. Read more

11 October 2008

Guides, Papers, etc
www.benedelman.org
CPA Advertising Fraud: Forced Clicks and Invisible Windows. Read more

www.eecs.umich.edu
Towards an Understanding of Anti-virtualization and Anti-debugging Behavior in Modern Malware. Read more

honeyblog.org
As the Net Churns: Fast-Flux Botnet Observations. Read more

www.turbocrypt.com
Visualisation of potential weakness of existing cipher engine implementations in commercial on-the-fly disk encryption software. Read more

www.internetnews.com
Metasploit 3.2 Offers More 'Evil Deeds'. Read more

www.theregister.co.uk
New Google bugs empower phishermen. Read more

blogs.paretologic.com
Web crawling for malware with a Honeypot. Read more

blogs.paretologic.com
Rogue makers ahead of time? Read more

www.internetevolution.com
Cracking the Internet's Axis of Evil. Read more

www.sudosecure.net
Storm Worm - Go away, we’re not home. Read more

www.webmonkey.com
Hackers Are Watching You: Flash Clickjacking Vulnerability Exposes Webcams and Mics. Read more

www.youtube.com
Webcam ClickJacking. Watch

ha.ckers.org
Clickjacking Details. Read more

www.technewsworld.com
Blacklisting and Whitelisting: Color-Coding Security. Read more

www.eweek.com
Challenging the Immutable Laws Of Security. Read more

www.smh.com.au
No names: inside the fake identity racket. Read more

www.darkreading.com
Hacker in Your Pocket. Read more

www.darkreading.com
Disclosure's Slippery Middle Ground. Read more

www.darkreading.com
How EMC/RSA Scared Me Half to Death. Read more

www.avertlabs.com
Cracking CAPTCHA: Another Russian Business. Read more

ddanchev.blogspot.com
Cybercriminals Abusing Lycos Spain To Serve Malware. Read more

ddanchev.blogspot.com
Commoditization of Anti Debugging Features in RATs - Part Two. Read more

ddanchev.blogspot.com
A Diverse Portfolio of Fake Security Software - Part Eight. Read more

ddanchev.blogspot.com
Web Based Malware Emphasizes on Anti-Debugging Features. Read more

ddanchev.blogspot.com
Fake Windows XP Activation Trojan Wants Your CVV2 Code. Read more

isc.sans.org
When the Hackers Hack Back. Read more

www.f-secure.com
The Art of the Hidden File. Read more

www.f-secure.com
"Latest security Update Standard 128-bit Upgrade Certificate". Read more

sunbeltblog.blogspot.com
New rogue: Rapid Antivirus. Read more

sunbeltblog.blogspot.com
SSH Scam sites update. Read more

msmvps.com
ALERT: Treat all content from the ad agency called Adshaven with extreme caution. Read more

msmvps.com
New malvertizement trickery affecting surfline.com and careerbuilder.com. Read more

blog.spywareguide.com
Google AdWords Phish. Read more

blog.trendmicro.com
Fake SSL Certificates Seen Again. Read more

blog.trendmicro.com
A New YouTube Malware Tool. Read more

arstechnica.com
Osama bin Fragged: a review of terrorist propaganda games. Read more

 

Vulnerabilities & Exploits
www.adobe.com
Flash Player workaround available for "Clickjacking" issue. Read more

News
www.securityfocus.com
Lawmaker's son indicted for Palin e-mail hack. Read more

news.cnet.com
World Bank under cyberattack? Read more

blog.wired.com
Palin Hacker Allegedly Involved in Another Computer Intrusion. Read more

www.khou.com
Student faces porn charge over text message sent by classmate. Read more

www.newarkadvocate.com
Hottinger: Law didn't anticipate cell phone photo case (video). Read more

www.theregister.co.uk
Turbo-charged wireless hacks threaten networks. Read more

www.nypost.com
HOTEL HACK ATTACK. Read more

www.smh.com.au
Fake YouTube pages used to spread viruses. Read more

www.ctv.ca
Canadian teen hacker reveals secrets in tell-all book. Read more

www.scmagazineuk.com
WiFi is no longer a viable secure connection. Read more

uk.gizmodo.com
'Unbreakable' Encryption System Launched. Read more

05 October 2008

Guides, Papers, etc
www.benedelman.org
Auditing Spyware Advertising Fraud: Wasted Spending at VistaPrint. Read more

insecure.org
Explaining the “New” TCP Resource Exhaustion Denial of Service (DoS) Attack by Fyodor. Read more

taosecurity.blogspot.com
DoS Me Like It's 1996. Read more

media.grc.com
Audio. Security now. SockStress. Listen

www.grc.com
SockStress. Read more

erratasec.blogspot.com
TCP Selective ACK considered evil. Read more

www.securecomputing.net.au
Eugene Kaspersky on the cybercrime arms race. Read more

honeyblog.org
Reconstructing People’s Lives: A Case Study in Teaching Forensic Computing. Read more.

chuvakin.blogspot.com
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008. Read more

www.darkreading.com
How to Root Out Bots in Your Network. Read more

www.sophos.com
VB2008: Lipstick, pigs, anti-virus and ponytails. Read more

www.f-secure.com
Your computer is now stoned (…again). Read more

www.f-secure.com
John Doe is a Criminal Mastermind. Read more

blog.trendmicro.com
Rogue AV Tactics Continue to Threaten. Read more

blog.trendmicro.com
Spam Using Email Delivery Notifications To Verify Valid Addresses. Read more

www.avertlabs.com
Artemis Backstage #1: Malware Mapping. Read more

ddanchev.blogspot.com
Inside a Managed Spam Service. Read more

ddanchev.blogspot.com
Syndicating Google Trends Keywords for Blackhat SE... Read more

ddanchev.blogspot.com
Managed Fast Flux Provider - Part Two. Read more

ddanchev.blogspot.com
Monetizing Infected Hosts by Hijacking Search Results. Read more

ddanchev.blogspot.com
Copycat Web Malware Exploitation Kit Comes with Disclaimer. Read more

ddanchev.blogspot.com
Web Based Malware Eradicates Rootkits and Competing Malware. Read more

ddanchev.blogspot.com
Identifying the Gpcode Ransomware Author. Read more

www.darkreading.com
Clickjacking Defense Will Require Browser Overhaul. Read more

www.darkreading.com
The Encryption That Wasn't There. Read more

blog.wired.com
Online Posse Assembles, to Unmask Russia's Hackers. Read more

www.nationalpost.com
'Mafiaboy' writes book about the day he shut down the Internet. Read more

www.sophos.com
VB2008: Lipstick, pigs, anti-virus and pony-tails. Read more

share.skype.co
Skype President Addresses Chinese Privacy Breach. Read more

blogs.wsj.com
Skype Responds to China Surveillance Report. Read more

www.securityfocus.com
Blaming the Good Samaritan. Read more

www.securityfocus.com
It's All About Reputation. Read more

www.thedarkvisitor.com
China’s Cyber Police Map (with links). Read more

hphosts.blogspot.com
Directi and HostFresh still supporting criminals! Read more

dvlabs.tippingpoint.com
ThreatLinQ: Spyware and Executable Packers Revisited. Read more

www.technewsworld.com
Identity Fraud, Part 1: A $45 Billion Snowball. Read more

www.technewsworld.com
Identity Fraud, Part 2: Digging Yourself Out of the Wreckage. Read more

www.technewsworld.com
Identity Fraud, Part 3: Taking the Target Off Your Back. Read more

www.telegraph.co.uk
People 'more likely to lie in emails' Read more

theecakescraps.wordpress.com
Pure Profit: A Look at Swoop. Read more

voices.washingtonpost.com
EstDomains: A Sordid History and a Storied CEO. Read more

www.businessweek.com
Dangerous Fakes
How counterfeit, defective computer components from China are getting into U.S. warplanes and ships. Read more

blog.spywareguide.com
The Strange World of EBay Auctions. Read more

www.eweek.com
Passports: Another Bad Use of Self-Signed Certificates. Read more

www.chayden.net
Eliza Test. Read more

 

Vulnerabilities & Exploits
www.securiteam.com
VMware Emulation Flaw x64 Guest Privilege Escalation. Read more

 

News
edition.cnn.com
Homeland Security seeks cyber counterattack system. Read more

www.dw-world.de
Telekom Says Data From 17 Million Customers Was Stolen. Read more

www.computerworld.com
Researcher finds evidence of massive site compromise. Read more

www.securityfocus.com
Report claims surveillance of Chinese messaging. Read more

www.securityfocus.com
TCP flaws allow deadly DoS attacks, finders say. Read more

www.theregister.co.uk
Hackers exploit Neosploit to booby trap BBC, US postal service. Read more

blog.wired.com
Supremes Mull Whether Bad Databases Make for Illegal Searches. Read more

voices.washingtonpost.com
New State Laws Target Data Encryption, RFID Tracking. Read more

voices.washingtonpost.com
New Federal Law Targets ID Theft, Cybercrime. Read more

www.pcpro.co.uk
Asus ships software cracker on recovery DVD. Read more

www.pcworld.com
Two Europeans Charged in US Over DDOS Attacks. Read more

www.theregister.co.uk
Brit, German indicted for stateside satellite TV attacks. Read more

www.securecomputing.net.au
South Korean defence suppliers uncover malicious code. Read more

www.yomiuri.co.jp
China to make foreign firms reveal secret info. Read more


Copyright© MegaSecurity.org