Home    News Archive    Translate Traducen
News November 2004
30 November 2004

Tools
ircdefender.sourceforge.net:
IRC Defender is a program designed for IRC networks, written in perl. It is a modular security service which amongst other things will keep virus and trojan drones from your network, allow you to set akills using regular expressions, and will prevent abuse of CGI:IRC proxies. Read more

www.openwall.com:
Linux kernel patch from the Openwall Project.
This patch is a collection of security-related features for the Linux kernel, all configurable via the new 'Security options' configuration section. In addition to the new features, some versions of the patch contain various security fixes. Read more

 

Guides, Papers, etc
www.securityfocus.com:
Seeds of Disaster. Read more

www.lurhq.com:
Managing the Vulnerability Landscape. Read more

This Month's Threat Overview:
* The Future of Exploitation
* JPEG Virus -- Looking Past the Hype
Read more

antivirus.about.com:
The secrets to MyDoom's success. Read more

www.spectrum.ieee.org:
The Dawn of the E-Bomb. Read more

 

Vulnerabilities & Exploits
www.securiteam.com:
PHP memory_limit Exploit Code. Read more

www.securiteam.com:
Remote Buffer Overflow in Prozilla. Read more

www.securitytracker.com:
WS_FTP Buffer Overflow in Processing Certain FTP Commands Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
WS_FTP Server MKD Buffer Overflow (Exploit). Read more

www.securiteam.com:
CMailServer WebMail Multiple Vulnerabilities. Read more

www.securiteam.com:
MailEnable IMAP Service Remote Buffer Overflow. Read more

www.securiteam.com:
Limited Buffer Overflow and Arbitrary Memory Access in Star Wars Battlefront. Read more

www.securitytracker.com:
MDaemon System Tray Icon Lets Local Users Gain System Privileges. Read more

www.securitytracker.com:
Orbz Buffer Overflow in JOIN Packet Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Games Using the Serious Engine Can Be Crashed By Remote Users. Read more

www.securiteam.com:
phpCMS Cross Site Scripting and Information Disclosure Issues. Read more

www.securiteam.com:
phpBB SQL Injection and Attachmodule Add-On Directory Traversal. Read more

www.securiteam.com:
phpBB admin_cash.php File Include Vulnerability (Exploit). Read more

xforce.iss.net:
Microsoft WINS Server Vulnerability. Read more

www.debian.org:
DSA-602-1 libgd2 -- integer overflow. Read more

www.debian.org:
DSA-601-1 libgd -- integer overflow. Read more

 

News:
www.theregister.co.uk:
Is Microsoft creating tomorrow's IE security holes today? Read more

news.zdnet.co.uk:
Skulls Trojan teams up with Cabir worm. Read more

www.sophos.com:
Police question notorious ex-virus writer and confiscate computers, Sophos reports. Read more

www.techworld.com:
Windows SP2 security compromised. Read more

news.zdnet.co.uk:
Ex-virus writer questioned over Slammer. Read more

www.arabnews.com:
Hacker Extraordinaire Turns Security Expert. Read more

www.it-observer.com:
SCO Website Defaced Again. Read more

news.zdnet.co.uk:
Microsoft: No SP5 for Windows 2000. Read more

www.pcworld.com:
The Cost of Virus Protection Rises. Read more

wave3.com:
Email 'Phishing' Can Fool Even Savvy Consumers. Read more

www.theregister.co.uk:
SCO hacked in apparent IP protest. Read more

29 November 2004

Tools
www.nu2.nu:
Bart's Preinstalled Environment (BartPE) bootable live windows CD/DVD. Read more

 

Guides, Papers, etc
www.rootkit.com:
Windows File Protection: How To Disable It On The Fly. Read more

 

Vulnerabilities & Exploits
www.immunitysec.com:
Wins.exe remote vulnerability. Read more

www.k-otik.com:
php 4.3.7 and 5.0.0RC3 memory_limit Remote Exploit. Read more

 

News:
www.eweek.com:
Study: Tools Let Spyware Slip Through Cracks. Read more

www.newsforge.com:
SCO hacked over Thanksgiving Holiday. Read more

www.mosnews.com:
Hackers Put Stolen Tax Police Database Up for Sale in Moscow. Read more

www.microscope.co.uk:
Virus protection is easier than you think. Read more

www.eweek.com:
Symbian Says Skulls May Not Be Malware. Read more

www.linuxinsider.com:
Lies, Damn Lies and Computer Security. Read more

www.thisislondon.com:
Huge computer failure cripples benefits system. Read more

times.hankooki.com:
Hackers Pocket W16 Billion in Cyber Cash. Read more

computerworld.co.nz:
Hacker evidence could be accepted in court. Read more

www.pcworld.com:
Online Identity Theft: Many Medicines, No Cure. Read more

28 November 2004

Tools
Microsoft Baseline Security Analyzer V1.2.1.
Use this tool to identify common security misconfigurations and missing security updates. MBSA runs on the Windows Server™ 2003, Windows® 2000, and Windows XP operating systems and will scan for vulnerabilities in multiple products and technologies. Read more

support.microsoft.com:
Mydoom, Zindos, and Doomjuice Worm Removal Tool. Read more

www.microsoft.com:
Blaster Worm Removal Tool for Windows XP and Windows 2000 (KB833330). Read more

support.microsoft.com:
Sasser (A-F) Worm Removal Tool. Read more

 

Guides, Papers, etc
www.trapkit.de:
Virtual Machine Monitors. Read more

www.cfp2005.org:
The 15th annual conference on Computers, Freedom & Privacy takes place from Tuesday, April 12th, to Friday, April 15th, 2005, in Seattle, Washington. Read more

 

Vulnerabilities & Exploits
freehost07.websamba.com/greyhats
Help ActiveX Control Related Topics Local Content Accessing Vulnerability. Read more

www.securitytracker.com:
Microsoft WINS Memory Overwrite Lets Remote Users Execute Arbitary Code. Read more

insecure.hopto.org
Here are two IE flaws. Read more

www.nobodix.org
How to reset the Domain Admin Password under Windows 2003 Server. Read more

www.jms1.net:
Unlocking Windows NT/2000/2003 Domain Controllers. Read more

 

News:
www.winnetmag.com:
Anti-Spam Vigilante Redux. Read more

www.theinquirer.net:
Fresh but old Internet Explorer flaw found. Read more

www.technewsworld.com:
Moral Dilemma: Hackers for Hire. Read more

www.benedelman.org:
Who Profits from Security Holes? Read more

castlecops.com:
Did you actually win the lottery, or is it just a Phishing scam? Read more

www.computerweekly.com:
Phishing spreads net wider. Read more

www.infoworld.com:
Microsoft offers to replace fake copies of Windows XP. Read more

times.hankooki.com:
Hackers Pocket W16 Billion in Cyber Cash. Read more

27 November 2004

Guides, Papers, etc
books.slashdot.org:
Malware - Fighting Malicious Code. Read more

www.419eater.com:
THE 419 EATER SCAM BAITING SECTION. Read more

 

Vulnerabilities & Exploits
www.edup.tudelft.nl:
FIREFOX flaws: nested array sort() loop Stack overflow exception. Read more

www.felinemenace.org:
Remote exploit for the php memory_limit vulnerability. Read more

www.immunitysec.com:
Wins.exe remote vulnerability. Read more

www.securitytracker.com:
phpCMS Input Validation Bug in 'parser.php' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Atari800 Buffer Overflow in Atari800_Initialise() May Let Local Users Gain Root Privileges. Read more

www.zone-h.org:
Image Download Spoofing in Microsoft Internet Explorer. Read more

www.zone-h.org:
Remote buffer overflow in MailEnable IMAP service. Read more

 

News:
www.theregister.co.uk:
Phishers tapping botnets to automate attacks. Read more

www.vnunet.com:
Hackers exploit critical Winamp flaw. Read more

www.techworld.com:
WinAmp security hole deepens. Read more

www.securityfocus.com:
Profitware. Read more

www.secretservice.gov:
PUBLIC AWARENESS ADVISORY REGARDING "4-1-9" OR "ADVANCE FEE FRAUD" SCHEMES. Read more

www.theregister.co.uk:
Lycos screensaver to blitz spam servers. Read more

news.zdnet.co.uk:
Government says Finnish with IE 6. Read more

www.vnunet.com:
Sun moves to eclipse Java hackers. Read more

www.theregister.co.uk:
Social engineering - where the user is the weakest link. Read more

www.vnunet.com:
Bugwatch: The hidden hazards of passwords. Read more

www.techworld.com:
Hacker evidence admissible in court? Read more

www.nowtoronto.com:
Phish scams make waves. Read more

26 November 2004

Tools
www.edup.tudelft.nl:
Beta v1.0: Multi-format shellcode encoding tool. Read more

 

Guides, Papers, etc
msdn.microsoft.com:
Browsing the Web and Reading E-mail Safely as an Administrator. Read more

bcheck.scanit.be:
Browser Security test. Read more

 

Vulnerabilities & Exploits
www.k-otik.com:
Winamp <= 5.06 "IN_CDDA.dll" Remote Buffer Overflow Exploit. Read more

www.edup.tudelft.nl:
MSIE flaws: nested array sort() loop Stack overflow exception. Read more

www.securitytracker.com:
Cyrus IMAP 'imap magic plus' Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
MailEnable Stack Overflow and Pointer Overwrite in IMAP Service Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
YardRadius Buffer Overflow in process_menu() Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
SecureCRT Remote Command Execution. Read more

www.securiteam.com:
Atari800 Local Privileges Escalation. Read more

www.securiteam.com:
Jabberd Remote Buffer Overflows. Read more

www.securiteam.com:
KorWeblog Directory Traversal Vulnerability. Read more

www.securiteam.com:
Winamp IN_CDDA.dll Remote Buffer Overflow Exploit. Read more

www.securityfocus.com:
FIREFOX flaws: nested array sort() loop Stack overflow exception. Read more

www.debian.org:
DSA-599-1 tetex-bin -- integer overflows. Read more

www.debian.org:
DSA-598-1 yardradius -- buffer overflow. Read more

www.debian.org:
DSA-597-1 cyrus-imapd -- buffer overflow. Read more

 

News:
www.theregister.co.uk:
Warning: critical Winamp vuln. Read more

www.virusbtn.com:
Standardised malware naming for the new year. Read more

news.zdnet.co.uk:
CIA funds chatroom surveillance. Read more

news.zdnet.co.uk:
Gartner: Beware of Bofra exploit. Read more

www.chron.com:
Cell phones getting hackers' attention. Read more

www.globetechnology.com:
Hacker puts obscene message on traffic sign. Read more

nwc.linuxpipeline.com:
Ad Firm Describes Hacker Attack, Cites Internet Explorer As Security Risk. Read more

www.biosmagazine.co.uk:
Preparing for 'day zero' security attacks. Read more

www.it-observer.com:
Phishing Scams Increase Dramatically. Read more

news.zdnet.co.uk:
Phishers set to hook festive haul. Read more

www.microscope.co.uk:
Thought for the day: Web of deceit. Read more

news.zdnet.co.uk:
Kazaa creates worst spyware threat, says CA. Read more

www.theregister.co.uk:
Hacking tool 'draws FBI subpoenas'. Read more

25 November 2004

Tools
download.boson.com:
Cisco Routers can encypt passwords. One way to do this is through "SERVICE PASSWORD-ENCRYPTION".
GetPass (networking tool) decrypt those passwords. Read more

www.openwall.com:
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits.
The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing.
Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction. Read more

www.deepnetexplorer.com:
DeepNet Technologies will release its DeepNet 3.1 browser on 1 December, and says it will contain functionality to combat the ever-growing threat of phishing. Read more

 

Guides, Papers, etc
spywarewarrior.com:
Anti-Spyware Test (Guide). Read more

www.rootkit.com:
Windows File Protection: How To Disable It On The Fly. Read more

www.linklings.net:
Models of Active Worm Defenses (pdf). Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
CMailServer Buffer Overflow 'CMailCOM.dll' Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
DC Open Hub Buffer Overflow in RedirectAll Lets Remote Authenticated Administrators Execute Arbitrary Code. Read more

www.securitytracker.com:
DeSofto MyProxy Lets Remote Authenticated Users Connect to Arbitrary Ports and Hosts. Read more

www.securitytracker.com:
Win FTP Server Discloses Passwords to Local Users. Read more

www.securitytracker.com:
Soldier of Fortune II Buffer Overflow Lets Remote Users Deny Service. Read more

www.securiteam.com:
Sun Java Plugin Arbitrary Package Access Vulnerability. Read more

www.securiteam.com:
Citrix Server Allows Key Logging Functionality. Read more

www.securiteam.com:
Winamp IN_CDDA.dll Buffer Overflow. Read more

www.securiteam.com:
phpBB Remote Command Execution (Viewtopic.php Highlight). Read more

www.debian.org:
DSA-596-1 sudo -- missing input sanitising. Read more

 

News:
www.securityfocus.com:
Defendant: Microsoft source code sale was a setup. Read more

nwc.linuxpipeline.com:
Hackers Get Creative With Unpatched IE Bug. Read more

www.securityfocus.com:
Hacking tool reportedly draws FBI subpoenas. Read more

timesofindia.indiatimes.com:
Hackers strike sites at will, govt helpless. Read more

www.techny.com:
Hidden Trojan In ‘Click Here to Remove’ Turns PCs Into Spammers’ Dream. Read more

www.crn.com:
Bot Networks Behind Big Boost In Phishing Attacks. Read more

www.theregister.co.uk:
Career database 'wide open' to hijacking. Read more

itvibe.com:
Virus author stalks Asian pop idol. Read more

news.bbc.co.uk:
Hi-tech tools fuel phishing boom. Read more

www.theregister.co.uk:
Italian Senate in gay porn worm attack outrage. Read more

24 November 2004

Guides, Papers, etc
www.securityfocus.com:
SSH and ssh-agent. Read more

 

Vulnerabilities & Exploits
www.securiteam.com:
WeOnlyDo! COM FTP DELUXE ActiveX Control Overflow Exploit. Read more

www.securiteam.com:
CoffeeCup FTP Clients Buffer Overflow Vulnerability Exploit. Read more

www.securiteam.com:
Prevx Home Intrusion Prevention Features can be Disabled by Direct Service Table Restoration. Read more

www.securiteam.com:
Halo Broadcast Client Crash. Read more

www.securiteam.com:
PHPKit SQL Injection and XSS Vulnerabilities. Read more

www.securiteam.com:
Cyrus IMAP Server Multiple Remote Vulnerabilities. Read more

www.securitytracker.com:
Prevx Home Protection Mechanisms Can Be Disabled By Local Adminsitrative Users. Read more

www.securitytracker.com:
Van Dyke SecureCRT May Let Remote Users Execute Arbitrary Scripting Commands. Read more

www.securitytracker.com:
Winamp Buffer Overflow in IN_CDDA.dll Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
S-Mart Shopping Cart Script Discloses Configuration File to Remote Users. Read more

www.securitytracker.com:
NuKed-KlaN Input Validation Hole in Web Site Links Permits Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
SecretSanta Lets Remote Users Gain Elevated Privileges Within the Application. Read more

www.debian.org:
DSA-595-1 bnc -- buffer overflow. Read more

aluigi.altervista.org:
Broadcast memory corruption in Soldier of Fortune II 1.03. Read more

aluigi.altervista.org:
An introduction to the Fake players bug and DoS 0.1.1. Read more

 

News:
Ill News for Illwill
**By Roberta Bragg
Last week William Genovese, a.k.a. "illwill," was arrested and charged with selling Windows 2000 and Windows NT 4.0 source code.
The source code was purportedly stolen from the drives of a computer owned by longtime Microsoft partner Mainsoft Corp.
The arrest was the result of the work of an online security investigator hired by Microsoft, the U.S. Attorney's office and the FBI.
Genovese has a previous conviction, in March of 2003, for eavesdropping when he wrote a virus used to hack into computers.
Genovese, 27, of Meriden, Connecticut, faces a maximum sentence of 10 years in prison and a fine of $250,000 if convicted.

Criminal Complaint against illwill (pdf): Read more

By Fyodor
With increasing regularity this year, FBI agents from all over the country have contacted me demanding webserver log data from Insecure.Org.
They don't give me reasons, but they generally seem to be investigating a specific attacker who they think may have visited the Nmap page at a certain time.
If they see that an attacker ran the command "wget http://download.insecure.org/nmap/dist/nmap-3.77.tgz" from a compromised host,
they assume that she might have obtained that URL by visiting the Nmap download page from her home computer. So far, I have never given them anything.
In some cases, they asked too late and data had already been purged through our data retention policy. In other cases, they failed to serve the subpoena properly.
Sometimes they try asking without a subpoena and give up when I demand one.
One can argue whether helping the FBI is good or bad. Remember that they might be going after spammers, cyber-extortionists, DDOS kiddies,etc.
In this, I wish them the best. Nmap was designed to help security -- the criminals and spammers put my work to shame!
But the desirability of helping the FBI is immaterial -- I may be forced by law to comply with legal, properly served subpoenas.
At the same time, I'll try to fight anything too broad (like if they ask for weblogs for a whole month). Protecting your privacy is important to me,
but Nmap users should be savvy enough to know that all of your network activity leave traces.
I'm not the only one who gets these subpoenas -- large ISPs and webmail providers receive them daily. Most other major security sites probably do too.
Most of you probably don't care if someone finds out that you downloaded Nmap, Nessus, Hping2, John the Ripper, etc. Nothing on Insecure.Org is illegal.
But for those of you who do care, there are plenty of mechanisms available to preserve your anonymity.
Remember this security mantra: defense in depth.
Cheers,
Fyodor

www.vnunet.com:
Tasin worms ate my Windows files. Read more

www.webuser.co.uk:
Five new worms target surfers. Read more

www.theregister.co.uk:
Mozilla Firefox, Microsoft's 'enemy within'? Read more

www.theregister.co.uk:
Fraudsters recruit phishing middlemen. Read more

news.com.com:
Automated phishing on the rise. Read more

news.com.com:
Phishing--who's taking the bait now? Read more

www.timesonline.co.uk:
Bank fraud phishers move to China as the fightback begins. Read more

www.washtimes.com:
Phishers use more sites to reel in data on accounts. Read more

www.theregister.co.uk:
Google sued by smut peddler. Read more

www.newsfactor.com:
Hacker Exploit Spreads Virus Through Banner Ads. Read more

23 November 2004

Guides, Papers, etc
www.astalavista.com:
Video tutorial on APR-DNS Poisoning, Redirecting the flow of traffic. Download

www.pcworld.com:
Keep Your PC Hidden From the Bad Guys. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
DynaZip Buffer Overflow in Processing Long Filenames May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Apple iCal Calendar Import May Let Remote Users Add Unauthorized Alarm Actions. Read more

www.securitytracker.com:
Sun Java Plug-in Java-to-Javascript Bug Lets Remote Applets Execute Arbitrary Code. Read more

www.securitytracker.com:
Prevx Home Protection Mechanisms Can Be Disabled By Local Adminsitrative Users. Read more

www.securiteam.com:
Windows Compressed Zip File Exploit Code (MS04-034). Read more

www.securiteam.com:
TWiki Search Function Arbitrary Command Execution (Exploit). Read more

www.securiteam.com:
Circumvent Windows XP SP2 Security Features using execCommand 'SaveAs' Function. Read more

www.securiteam.com:
DMS POP3 Server USER Buffer Overflow (Exploit). Read more

www.securiteam.com:
Privilege Escalation in Mailtraq. Read more

www.securiteam.com:
Privilege Escalation Flaw in AClient Service for Windows. Read more

www.securiteam.com:
Danware NetOp Host Multiple Information Disclosure Issues. Read more

www.securiteam.com:
Privilege Escalation Vulnerabilities in W-Channel Embedded Linux. Read more

www.securiteam.com:
Netopia Timbuktu Remote Buffer Overflow. Read more

unsecure.altervista.org:
CoffeeCup FTP Clients Buffer Overflow Vulnerability. Read more

unsecure.altervista.org:
WeOnlyDo! COM Ftp DELUXE ActiveX Control Buffer Overflow Vulnerability. Read more

 

News:
www.theregister.co.uk:
Falk statement on Bofra attack. Read more

www.theregister.co.uk:
Bofra exploit tied to 'massive botnet'. Read more

www.computerworld.com:
Euro Web sites spread Bofra worm via banner ads. Read more

www.timesonline.co.uk:
Bank fraud phishers move to China as the fightback begins. Read more

news.com.com:
Microsoft to fix 'download warning' flaw. Read more

news.com.com:
Attackers strike using Web ads. Read more

news.com.com:
Browser promises to fend off phishers. Read more

www.theregister.co.uk:
Stunned pundit agrees with Gates over passwords. Read more

www.microscope.co.uk:
Hackers could target printers for network attacks, users are warned. Read more

australianit.news.com.au:
Porn site sues Google. Read more

www.theregister.co.uk:
Skulls Trojan keelhauls Symbian phones. Read more

22 November 2004

Vulnerabilities & Exploits
www.lurhq.com
IFRAME Vulnerability Being Exploited Through Banner Ads. Read more

www.securitytracker.com:
TC-IDE Embedded Linux Input Validation Holes Let Local Users Grab Root Privileges. Read more

www.securitytracker.com:
ibProArcade Input Validation Hole in 'category' Lets Remote Users Inject SQL Commands. Read more

 

News:
www.theinquirer.net:
Register gives readers worm. Read more

www.theregister.co.uk:
Bofra exploit hits our ad serving supplier. Read more

news.zdnet.co.uk:
Seductive virus has Sobering consequence. Read more

star-techcentral.com:
A Sober worm alert. Read more

nwc.securitypipeline.com:
Fast-Spreading Sober Worm Up In Europe, Heading To U.S. Read more

www.pcworld.com:
What You Should Know About Firewalls. Read more

news.zdnet.co.uk:
Mystery 'researchers' are revealing IE flaws. Read more

seattlepi.nwsource.com:
Gates has millions ... of spam messages every day. Read more

21 November 2004

Vulnerabilities & Exploits
www.securitytracker.com:
Gmail 'zx' Variable Input Validation Bug Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Microsoft IE Custom 404 Error Message and execCommand SaveAs Lets Remote Users Bypass XP SP2 Download Warning Mechanisms. Read more

www.securitytracker.com:
phpBB Input Validation Bug in username Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
eTrust EZ Antivirus Password Protection Can Be Bypassed By Local Users. Read more

www.securitytracker.com:
ClickandBuild Input Validation Flaw in 'listPos' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
phpMyAdmin Input Validation Holes in PmaAbsoluteUri, zero_rows, and Confirm Page Fields Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Citrix ICA Client Lets Local Users Monitor Keystrokes. Read more

www.securitytracker.com:
Opera Java Sandbox Flaws Let Malicious Applets Access System Information and Crash the Browser. Read more

www.securitytracker.com:
Danware NetOp Host Discloses System Information to Remote Users. Read more

www.securitytracker.com:
Mailtraq Windows Tray Icon Lets Local Users Gain System Privileges. Read more

www.securitytracker.com:
Altiris AClient Service Windows Tray Icon Lets Local Users Gain System Privileges. Read more

www.securitytracker.com:
Netopia Timbuktu Buffer Overflow Lets Remote Users Crash the Service. Read more

www.securitytracker.com:
Fastream NETFile Server HEAD Connection Errors Let Remote Users Consume All Available Connections. Read more

 

News:
isc.sans.org:
Bofra/IFrame Exploits on More Web Sites (updated); IFRAME vulnerability summary; Two more IE Exploits. Read more

news.netcraft.com:
IFRAME Exploit Spreading Through Banner Ads. Read more

www.viruslist.com:
Third party patches. Read more

www.vnunet.com:
End of NT 4 support good news for hackers. Read more

news.bbc.co.uk:
Lazarus-like virus hits computers. Read more

www.eweek.com:
Linux Phishing Attack Circulates on Net. Read more

linuxmafia.com:
Should I get anti-virus software for my Linux box? Read more

20 November 2004

Tools
www.roseslabs.com:
Web Audit Library (Wal) is a python module that provides a powerful and easy API for writing web applications assessment tools, similar to what Libwhisker does for Perl. Wal comes from the need of such a library for python. Writing web security tools using Wal is very straightforward. Wal provides the following features send/receive/analyze HTTP 0.9/1.0/1.1, HTML parser, cookie support, anti-IDS, decoders/encoders and much more... Needs python 2.3 or later. Read more

miscname.com:
Quick msn messenger sniffer in perl. Read more

 

Guides, Papers, etc
www.securityfocus.com:
Detecting Kernel-level Compromises With gdb. Read more

lowkeysoft.com:
Quicky Analysis of a Proxy/Zombie Network. Read more

www.lurhq.com:
Win32.Grams E-Gold Account Siphoner Analysis. Read more

 

Vulnerabilities & Exploits
www.securityfocus.com:
Microsoft Internet Explorer 6 SP2 Vulnerabilities / Full disclosure Vs. Security by Obscurity...Read more

www.securitytracker.com:
Netopia Timbuktu Buffer Overflow Lets Remote Users Crash the Service. Read more

www.securitytracker.com:
Fastream NETFile Server HEAD Connection Errors Let Remote Users Consume All Available Connections. Read more

www.securitytracker.com:
ZoneAlarm Pro and ZoneAlarm Security Suite Ad-Blocking Error Lets Remote Users Deny Service. Read more

www.securitytracker.com:
DMS POP3 Server Buffer Overflow in Processing Username Lets Remote Users Deny Service. Read more

 

News:
www.theregister.co.uk:
Sober worm speaks with forked tongue. Read more

nwc.bizintelligencepipeline.com:
New Sober Worm Spreads In Europe, Heads To U.S. Read more

www.securityfocus.com:
Judge dismisses keylogger case. Read more

wireless.newsfactor.com:
Skulls Trojan Infects Symbian Phones. Read more

www.timesonline.co.uk:
Banks battle phishing threats masterminded on £10 websites. Read more

www.itfacts.biz:
At any day roughly 1000 sites are phishing Web sites. Read more

www.channelnewsasia.com/:
Hackers use Stefanie Sun video as bait to spread computer virus. Read more

www.internetnews.com:
Spam Spikes This Holiday Season. Read more

www.technewsworld.com:
New eBay Fraud Case Highlights Growing Problem. Read more

19 November 2004

Guides, Papers, etc
www.securityfocus.com:
Detecting Kernel-level Compromises With gdb. Read more

www.verisign.com
Internet Security Intelligence Briefing
November 2004 / Vol. 2, Issue II (pdf). Read more

www.cercs.gatech.edu:
High-Fidelity Modeling of Computer Network Worms (pdf). Read more

www.pcworld.com:
Poor Defenders.
Some anti-spyware companies use confusing ads, and our tests show their $20-$60 products are less effective than free competitors. Read more

 

Vulnerabilities & Exploits
secunia.com:
Microsoft Internet Explorer Two Vulnerabilities. Read more

www.securiteam.com:
DUGallery Database Disclosure. Read more

www.securiteam.com:
Apache Multiple Space Header DoS (Multi-Threaded Exploit). Read more

www.securiteam.com:
SLMail PASS Buffer Overflow. Read more

www.securiteam.com:
CScope - Race Condition on Temporary File. Read more

www.securitytracker.com:
FreeBSD Integer Overflow in fetch() Lets Remote Servers Execute Arbitrary Code. Read more

www.securitytracker.com:
phpBB Cash Mod Include File Error Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Cscope Unsafe Temporary Files May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
libXpm Memory Leaks, Overflows, and Input Validation Errors May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Linux Kernel smbfs Filesystem Memory Errors Let Remote Users Crash the System. Read more

 

News:
www.theregister.co.uk:
IE in fresh security drama. Read more

www.theregister.co.uk:
Russian fined for virus-writing exploits. Read more

www.pcwelt.de:
Microsoft created files using a cracked version of the SoundForce program. Read more

www.itweek.co.uk:
Bugwatch: The dual firewall approach. Read more

www.techweb.com:
Under Phishing Attack, British Bank Shuts Down Some Services. Read more

www.omakchronicle.com:
Hotmail/MSN and AOL phishing spam sent out. Read more

18 November 2004

Guides, Papers, etc
invisiblethings.org:
Red Pill... Or How To Detect VMM Using (Almost) One CPU Instruction. Read more

www.windowsecurity.com:
Darwinism Meets the Virus and Worm. Read more

www.petefinnigan.com:
Oracle Default Password List. Read more

 

Vulnerabilities & Exploits
www.debian.org:
DSA-594-1 apache -- buffer overflows. Read more

www.securitytracker.com:
phpScheduleIt Flaw in 'Reservation.class.php' Lets Remote Users Modify or Delete Reservations. Read more

www.securitytracker.com:
Event Calendar Input Validation Holes Let Remote Users Inject SQL Commands. Read more

www.securiteam.com:
Java JNI/DNS Queries DoS. Read more

www.securiteam.com:
Insecure FTP Access in HP PSC 2510 Printers. Read more

www.securiteam.com:
Icewarp Web Mail Multiple Vulnerabilities. Read more

www.securiteam.com:
Multiple Vulnerabilities in Web Forums Server. Read more

www.securiteam.com:
Symantec LiveUpdate Decompression and Directory Names Vulnerabilities. Read more

www.securiteam.com:
Hotfoon Automatic Browser Launch. Read more

www.securiteam.com:
Norton Anti-Virus VB Scripting Vulnerability. Read more

www.securiteam.com:
Defeating Non Executable Stack Protection With TEB Buffer. Read more

www.securiteam.com:
Kerio Personal Firewall Multiple IP Options DoS PoC. Read more

www.securiteam.com:
Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability (Exploit). Read more

www.securiteam.com:
Linux 2.x smbfs Multiple Remote Vulnerabilities. Read more

www.securiteam.com:
InetUtils TFTP Client DNS Resolving Buffer Overflows. Read more

www.securiteam.com:
Multiple up-imapproxy DoS Vulnerabilities. Read more

www.securiteam.com:
SquirrelMail Cross Site Scripting in Encoded Text. Read more

www.sudo.ws:
Bash scripts run via Sudo can be subverted. Read more

security.e-matters.d:
Linux 2.x smbfs multiple remote vulnerabilities. Read more

 

News:
www.theregister.co.uk:
Arafat worm exploits new MS vuln. Read more

news.zdnet.com:
More security hiccups for IE. Read more

news.com.com:
Microsoft says IE updates possible. Read more

www.biosmagazine.co.uk:
Aladdin Identifies Potential Mega Virus Related to JPEG Vulnerability. Read more

news.zdnet.com:
Caught in a phishing trap. Read more

www.guardian.co.uk:
Phishing phobia. Read more

news.zdnet.com:
Microsoft's answer to phishing: Two IDs. Read more

17 November 2004

Guides, Papers, etc
www.developer.com:
Term of the Week: Zombies and Phishing. Read more

www.edup.tudelft.nl:
"Writing IA32 Restricted Instruction Set Shellcode Decoder Loops" by SkyLined. Read more

 

Vulnerabilities & Exploits
www.heise.de:
Flaws in SP2 security features, part II. Read more

www.debian.org:
DSA-593-1 imagemagick -- buffer overflow. Read more

www.securitytracker.com:
miniBB Input Validation Hole in 'user' Parameter Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
fcron 'fcronsighup' Bugs Let Local Users View and Delete Files. Read more

www.securitytracker.com:
Hired Team: Trial Format String Flaw Lets Remote Users Execute Arbitrary Code. Read more

www.securiteam.com:
User Account Enumeration in Nortel Contivity VPN. Read more

www.securiteam.com:
Crafted Timed Attack Evades Cisco Security Agent Protections. Read more

www.securiteam.com:
Zone Labs IMsecure Active Link Filter Bypassing. Read more

www.securiteam.com:
Skype "callto:" URI Handler Buffer Overflow. Read more

www.securiteam.com:
Army Men RTS Format String. Read more

www.securiteam.com:
Multiple vulnerabilities in Hired Team: Trial. Read more

www.securiteam.com:
MiniShare Remote Buffer Overflow. Read more

www.securiteam.com:
phpBugTracker bug.php SQL Injection. Read more

www.securiteam.com:
Linux Kernel binfmt_elf ELF Loader Privilege Escalation. Read more

www.securiteam.com:
Fcron Multiple Vulnerabilities. Read more

 

News:
Microsoft Security Bulletin MS04-039
re-release: Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258). Read more

news.zdnet.com:
Gates announces new Windows update tool. Read more

news.zdnet.co.uk:
Passwords are facing redundancy, says Gates. Read more

www.theregister.co.uk:
Security incidents and cybercrime on the up. Read more

news.zdnet.co.uk:
Securepoint's hacker hire costs partnership. Read more

news.zdnet.com:
Report: Crooks behind more Net attacks. Read more

www.securitypronews.com:
A Safer Way To Browse The Internet. Read more

16 November 2004

Guides, Papers, etc
REVERSE CODE ENGINEERING: AN IN-DEPTH ANALYSIS OF THE BAGLE VIRUS (pdf). Read more

www.bellua.com:
Bellua Cyber Security Asia 2005. Call for Papers. Read more

www.astalavista.com:
Small paper describing how to add a quick backdoor into the setuid code for the Linux 2.4 kernel series. Download

 

Vulnerabilities & Exploits
www.securitytracker.com:
Microsoft Internet Explorer on XP SP2 Has Unspecified Flaws That Let Remote Users Bypass File Download Restrictions. Read more

www.securitytracker.com:
NuKed-KlaN Input Validation Hole in Image Source URL Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Samba QFILEPATHINFO Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Army Men RTS Format String Error Lets Remote Users Crash the Game. Read more

www.securitytracker.com:
PowerPortal Input Validation Hole in 'index_page' Lets Remote Users Inject SQL Commands. Read more

www.securiteam.com:
Secure Network Messenger Denial of Service. Read more

www.securiteam.com:
NetNote Crafted String DoS. Read more

www.securiteam.com:
04WebServer Multiple Vulnerabilities (CSS, Log File Injection, AUX DoS). Read more

www.securiteam.com:
Samba 3.x QFILEPATHINFO Unicode Filename Buffer Overflow. Read more

www.securiteam.com:
ez-ipupdate show_message() Format String. Read more

www.securiteam.com:
TWiki Search Function Arbitrary Command Execution. Read more

www.securiteam.com:
Secure Network Messenger DoS. Read more

www.securiteam.com:
IPSwitch IMail Stack Overflow in DELETE Command. Read more

security.e-matters.de:
Samba 3.x QFILEPATHINFO unicode filename buffer overflow. Read more

 

News:
www.microscope.co.uk:
New breed of virus beats AV gateways. Read more

www.theregister.co.uk:
Lexmark denies spyware allegations. Read more

www.ebcvg.com:
FireFox Cures the Web? Read more

www.koaa.com:
News First Investigates "phishing". Read more

www.net4nowt.com:
DomainKeys the answer to e-mail forgery and phishing? Read more

15 November 2004

Tools
sourceforge.net:
tcpreplay is a tool to replay captured network traffic. Read more

 

Guides, Papers, etc
www.microsoft.com:
The Antivirus. Defense-in-Depth Guide. Read more

www.underground-book.com:
Underground. Tales of hacking, madness and obsession on the electronic frontier. Read more

 

Vulnerabilities & Exploits
www.cherryware.de:
Unofficial IE FRAME/IFRAME fix. Read more

www.securitytracker.com:
Webroot Spy Sweeper Enterprise Discloses Administrative Password to Local Users. Read more

www.securitytracker.com:
NetNote Server Can Be Crashed By Remote Users. Read more

 

News:
news.com.com:
Yahoo takes on spam, boosts e-mail storage. Read more

www.theinquirer.net:
Website claims XP used pirated software. Read more

www.computerworld.com:
Security Review Uncovers Rampant Virus Infections. Read more

www.computerworld.com:
Security pros bemoan need for tactical focus. Read more

story.news.yahoo.com:
Sneakier Trojan Targets UK Banks. Read more

14 November 2004

Tools
www.gpstm.com:
GPS Trackmaker Allows to access maps on the Internet. Read more

www.netstumbler.com:
NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. Read more

www.vanille.de:
Wellenreiter is a wireless network discovery and auditing tool. Read more

airsnort.shmoo.com:
AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. Read more

www.robota.net:
AIRE is an 802.11 network discovery utility for Microsoft Windows XP. Read more

sourceforge.net:
Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Read more

www.remote-exploit.org:
Hotspotter passively monitors the network for probe request frames to identify the preferred networks of Windows XP clients. Download

www.kismetwireless.net:
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Read more

users.skynet.be:
Wdriver is a little tool that can help during the process of war drive, It can get you a DHCP Adress, it can browse the web directly, it gives you some information, it can do a ping, it can send a message like a “net send“ in the early years of dos but without a sender notice so people can not see who has send it. Wdriver also allows to check connectivity and allows you to quickly change the hostname of your computer. Read more

 

Guides, Papers, etc
www.computerworld.com:
Five Steps To WLAN Security -- A Layered Approach. Read more

users.skynet.be:
WARDRIVING MANUAL. Read more

Wireless LAN Security
802.11b and Corporate Networks. Read more

www.wardriving.ch:
WLAN War Driving. Read more

www.blackthornsystems.com:
WarDriving: Drive, Detect, Defend. Read more

www.remote-exploit.org:
Generic security problems with online games and applications. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Sudo Environment Variable Validation Error May Let Local Users Run Arbitrary Commands. Read more

www.securitytracker.com:
TWiki Input Validation Hole in Search Function Lets Remote Users Execute Shell Commands. Read more

www.securitytracker.com:
Thomson Speed Touch Pro ADSL Lets Remote Users Modify the DNS via DHCP. Read more

www.securitytracker.com:
Private Messaging System (PMS) Discloses Messages to Remote Users and Permits Cross-Site Scripting Attacks. Read more

 

News:
www.computerworld.com:
My summer of war driving. Read more

www.eweek.com:
XP SP2 Flaw Warning Sparks Debate on Disclosure. Read more

www.theage.com.au:
Researcher issues own patch for IE flaw. Read more

cnews.canoe.ca:
Hackers sharpening their byte: Expert. Read more

baraboo.scwn.com:
Scammers use Web to 'phish'. Read more

www.microscope.co.uk:
Shooting phish. Read more

13 November 2004

Tools
www.cherryware.de:
Unofficial IE FRAME/IFRAME fix. Read more

home19.inet.tele.dk:
wINJECT is a packet injector for Win9x dialup users (and Win2k + any connection). It lets you send customized packets with real or spoofed source ip. Read more

 

Guides, Papers, etc
www.broadbandreports.com:
Simple way to verify the current page in IE. Read more

www.io.com:
An extended explanation on why Internet Explorer is insecure. Read more

 

Vulnerabilities & Exploits
www.sans.org:
The Twenty Most Critical Internet Security Vulnerabilities (Updated) ~ The Experts Consensus. Read more

aluigi.altervista.org:
Secure Network Messenger crash. Read more

www.securitytracker.com:
Secure Network Messenger Can Be Crashed By Remote Users. Read more

www.securitytracker.com:
Aztek Forum Input Validation Holes Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
StarForce Professional May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
DUgallery Discloses Database to Remote Users. Read more

www.securitytracker.com:
phpWebSite Input Validation Flaws Let Remote Users Conduct HTTP Response Splitting Attacks. Read more

www.securitytracker.com:
vBulletin Input Validation Error in 'last.php' Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
Phorum Input Validation Hole in 'follow.php' Lets Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
GD Library Buffer Overflows in gdMalloc() May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
unarj Buffer Overflow in Processing Long File Names May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Cisco Security Agent May Fail to Attack Specially Timed Buffer Overflow Attacks. Read more

www.securitytracker.com:
Okena StormWatch May Fail to Attack Specially Timed Buffer Overflow Attacks. Read more

 

News:
news.zdnet.co.uk:
FSA: Cybercriminals are infiltrating companies. Read more

www.theregister.co.uk:
Anti-virus outfit defends job for VXer. Read more

www.theregister.co.uk:
Say hello to the 'time bomb' exploit. Read more

news.com.com:
Dutch charge teenage hacker suspects. Read more

www.theregister.co.uk:
Trojan targets UK online bank accounts. Read more

www.timesonline.co.uk:
Victims of internet bank fraud will have to pay up. Read more

news.com.com:
Finjan: Warning users or scaring up business? Read more

news.zdnet.co.uk:
'10 new XP SP2 flaws' revealed. Read more

www.computerworld.com:
Microsoft probing reported flaws in Windows XP SP2. Read more

news.zdnet.co.uk:
Lexmark accused of installing spyware. Read more

news.com.com:
Is Microsoft using 'Halo 2' to thwart Xbox hackers? Read more

12 November 2004

Tools
www.guerradigital.com.br:
VTrace 0.1, tool for visual tracert, exhibiting the geographical location of each it plans that the package travels ties to arrive to the specified domain. Read more

 

Guides, Papers, etc
www.pcworld.com:
Biography of a Worm. Read more

 

Vulnerabilities & Exploits
packetstormsecurity.nl:
SlimFTPd <= 3.15, Remote Buffer Overflow Exploit v0.1. Read more

www.debian.org:
DSA-592-1 ez-ipupdate -- format string. Read more

www.securitytracker.com:
Zone Labs IMsecure Active Link Filtering Function Can Be Bypassed. Read more

www.securitytracker.com:
CCProxy Buffer Overflow in Logging Function Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Hotfoon Dialer Chat Feature Lets Remote Users Cause the Target User to Open Arbitrary URLs. Read more

www.securitytracker.com:
OpenSkat VTMF CheckGroup() Randomization Error May Let Remote Users Determine Private Keys. Read more

www.securitytracker.com:
ez-ipupdate Format String Error in show_message() May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
HP PSC 2510 Printer FTP Server Lets Remote Users Submit Print Jobs. Read more

www.securitytracker.com:
04WebServer Input Validation Holes Let Remote Users Inject Log Entries and Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
BNC Buffer Overflow in getnickuserhost() Function Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
SquirrelMail Input Validation Hole in 'mime.php' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
WebCalendar Grants Administrative Access and Permits Cross-Site Scripting and HTTP Response Splitting Attacks. Read more

www.securitytracker.com:
SlimFTPd FTP Command Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Cisco IOS Interfaces Can Be Blocked With Specially Crafted DHCP Packets. Read more

www.securiteam.com:
Multiple Buffer Overflow in SlimFTPd. Read more

www.securiteam.com:
Kerio Personal Firewall Multiple IP Options DoS. Read more

www.securiteam.com:
Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (MS04-039). Read more

 

News:
www.securityfocus.com:
Defendant: Microsoft source code sale was a setup. Read more

www.networkcomputing.com:
IE Becomes Hacker Favorite. Read more

www.pcworld.com:
New MyDoom Attacks May Signal 'Zero Day'. Read more

news.com.com:
Trojan horse spies on Web banking. Read more

itvibe.com:
UK bank accounts at risk from new Trojan. Read more

www.theinquirer.net:
HSBC phishing mail warns against phishing. Read more

www.computerworld.com:
My summer of war driving. Read more

news.com.com:
Microsoft says Firefox not a threat to IE. Read more

www.theregister.co.uk:
Gadzooks! My PC has the pox. Read more

11 November 2004

Tools
winfingerprint.sourceforge.net:
Winfingerprint is a Win32 MFC VC++ .NET based security tool that is able to Determine OS, enumerate users, groups, shares, SIDs, transports, sessions, services, service pack and hotfix level, date and time, disks, and open tcp and udp ports. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Linux Kernel binfmt_elf Loader Lets Local Users Obtain Root Access. Read more

 

News:
www.theregister.co.uk:
Bofra worm sets trap for unwary. Read more

www.ciol.com:
Worm breaks speed record. Read more

news.zdnet.co.uk:
Microsoft complains about 'irresponsible' security revelation. Read more

www.winnetmag.com:
Ten New Security Holes in Windows XP SP2. Read more

www.newsfactor.com:
MyDoom Uses Money, Sex To Snare Users. Read more

news.zdnet.com:
FBI: Hidden threat inside cybercrime. Read more

www.securityfocus.com:
Banks prepare for ATM cyber crime. Read more

www.theregister.co.uk:
MS source code fence busted. Read more

www.theregister.co.uk:
MS search engine rumours abound. Read more

www.pcworld.idg.com.au:
Bored Computer Virus Offers to Play a Musical Tune, Sophos Reports. Read more

www.infoworld.com:
Antivirus subscription prices climb. Read more

searchenterpriselinux.techtarget.com:
Security basics: Beating hackers, pirates and thieves. Read more

www.internetnews.com:
A New Breed of Phish. Read more

10 November 2004

Tools
neil.slampt.net:
A kernel land rootkit for osx, roughly based on adore. Download

 

Vulnerabilities & Exploits
www.securitytracker.com:
Sun ONE Messaging Server Lets Remote Users Hijack Webmail Accounts. Read more

www.securitytracker.com:
NETGEAR DG834 Management Interface Can Be Blocked With Many Simultaneous Sessions. Read more

www.securitytracker.com:
Axis Network Camera DNS Loopback Error Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Microsoft Internet Security and Acceleration Server Reverse DNS Caching Bug Lets Remote Users Spoof Web Sites. Read more

www.securitytracker.com:
Microsoft Proxy Server Reverse DNS Caching Bug Lets Remote Users Spoof Web Sites. Read more

www.securitytracker.com:
AudienceConnect RemoteEditor May Grant Access in Certain Cases. Read more

www.securitytracker.com:
AudienceConnect RemoteEditor Oversized Submission Has Unspecified Impact. Read more

www.securitytracker.com:
samhain sh_hash_compdata() Buffer Overflow May Let Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
up-imapproxy Various Integer Overflows Let Remote Users Deny Service. Read more

www.securitytracker.com:
Nucleus Input Validation Flaws Let Remote Users Inject SQL Commands and Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Infuseum Input Validation Flaws Let Remote Users Inject SQL Commands and Conduct Cross-Site Scripting Attacks. Read more

www.securiteam.com:
qwik-smtpd Format String. Read more

www.securiteam.com:
MiniShare GET Buffer Overflow. Read more

www.securiteam.com:
CCProxy Log Stack Overflow. Read more

www.securiteam.com:
TRUSTe.org Cross Site Scripting and Phishing Opportunities. Read more

www.securiteam.com:
Samba 3.x.x Wildcard Characters DoS. Read more

www.securiteam.com:
Zip Long Path Buffer Overflow. Read more

www.debian.org:
DSA-591-1 libgd2 -- integer overflows. Read more

www.debian.org:
DSA-590-1 gnats -- format string vulnerability. Read more

www.debian.org:
DSA-589-1 libgd1 -- integer overflows. Read more

 

News:
by Aphex
Guilty Until Proven Innocent
Well I just thought I would inform everyone about some legal problems I have been having recently.
It all started about a month ago when a couple of agents from the U.S. Army CID showed up at my girlfriend’s workplace.
They told her that a connection from her IP address gained unauthorized access to a military computer...... Read more

PivX Labs have discovered several new worms spreading in the wild that are exploiting a 0day unpatched Internet Explorer vulnerability, a buffer overflow in the NAME attribute on FRAME, IFRAME and EMBED elements.
This worm spreads through both web pages and HTML emails. The email vector is disguised as a Paypal spoof with the following as one of many body texts:
"Congratulations! PayPal has successfully charged $175 to your credit card. Your order tracking number is A866DEC0, and your item will be shipped within three business days. To see details please click this link."
When the user clicks the link they visit a webpage served from an already infected machine which is serving HTML pages from port 1639.
Users of Windows XP Service Pack 2 are not affected by these worms as this vulnerability has already been fixed before the service pack release. Users of prior Windows versions will become automatically infected with this Trojan worm when they visit the webpage.
PivX Labs have captured samples of these worms in the wild. So far, there are 3 new Mydoom worm variants and 2 Bofra worm variants exploiting this vulnerability to forcefully install themselves, namely Mydoom.AG, Mydoom.AH, Mydoom.AI, Bofra.a and Bofra.b.
(Thor Larholm)

www.microsoft.com:
Internet Security and Acceleration Server and Proxy Server Update for November 2004. Read more

news.zdnet.co.uk:
'Swiss Army knife' virus appears in a weekend. Read more

www.theinquirer.net:
One click worms don't catch early birds. Read more

www.pcworld.com:
New Mydoom Worm Exploits IE Flaw. Read more

www.chron.com:
Worm breaks speed record from discovery to life. Read more

www.theregister.co.uk:
Trojan infects PCs to generate SMS spam. Read more

www.theinquirer.net:
Hacker flogged Microsoft source code. Read more

news.zdnet.co.uk:
Norton AV flaw may put PCs at risk of virus attack. Read more

news.com.com:
Microsoft getting nervous about Firefox? Read more

www.computerworld.com:
Military powers use the Internet to spy, Clarke says. Read more

09 November 2004

Tools
news.zdnet.co.uk:
Mozilla releases Firefox 1.0. Read more

 

Guides, Papers, etc
SIG SIDAR Conference on Detection of Intrusions and Malware & Vulnerability Assessment.
July 7-8, 2005. Call for Papers. Read more

www.windowsecurity.com:
Do You Leave Sensitive Data Lying Around? Read more

www.4law.co.il:
The Virus Undergroud. Read more

 

Vulnerabilities & Exploits
www.debian.org:
DSA-588-1 gzip -- insecure temporary files. Read more

www.debian.org:
DSA-587-1 freeamp -- buffer overflow. Read more

www.debian.org:
DSA-586-1 ruby -- infinite loop. Read more

www.securitytracker.com:
Microsoft IE Discloses Whether Specified Files Exist to Remote Users. Read more

www.securitytracker.com:
Sun JRE Integer Wraparound Bug in InitialDirContext() Lets Remote Users Deny Service. Read more

www.securitytracker.com:
Samba Input Validation Error in ms_fnmatch() Lets Remote Authenticated Users Deny Service. Read more

www.securitytracker.com:
Pavuk Remote Buffer Overflows May Let Remote Authticated Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Nortel Contivity VPN Client Lets Remote Users Determine Valid User Account Names. Read more

www.securitytracker.com:
Ruby Infinite Loop Bug Lets Remote Users Deny Service. Read more

www.securitytracker.com:
PvPGN Buffer Overflow in Processing Game Report Packets Has Unspecified Impact. Read more

www.securitytracker.com:
eGroupWare JiNN Input Validation Error May Let Remote Users Traverse the Directory. Read more

www.securitytracker.com:
Technote 'main.cgi' Input Validation Hole Lets Remote Users Execute Arbitrary Commands. Read more

www.securitytracker.com:
Kerio Personal Firewall Unspecified Packet Processing Bug May Let Remote Users Deny Service. Read more

www.securitytracker.com:
Sophos MailMonitor for SMTP Has Unspecified Malformed E-mail Flaw. Read more

www.securitytracker.com:
Moodle Glosary Module Input Validation Holes May Let Remote Users Inject SQL Commands. Read more

www.securitytracker.com:
GFHost Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
ISC DHCP DNS Logging Format String Flaw May Let Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
Gentoo Gentoolkit 'qpkg' Uses Unsafe Temporary File That Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
Gentoo Portage 'dispatch-conf' Uses Unsafe Temporary File That Lets Local Users Gain Elevated Privileges. Read more

www.securitytracker.com:
MiniShare Buffer Overlow in Processing Long URLs Lets Remote Users Execute Arbitrary Code. Read more

 

News:
www.theregister.co.uk:
Czech virus writer joins anti-virus firm. Read more

Finding your weakest link
www.fcw.com:
The Interceptors find public- and private-sector wireless vulnerabilities. Read more

www.securityfocus.com:
Online fraud tutorials... from the Secret Service? Read more

itvibe.com:
Bofra worm spreads via Internet Explorer. Read more

www.cellular-news.com:
Virus sends SMS spam. Read more

news.zdnet.co.uk:
'Project Endurance' tries to tackle online crime. Read more

www.abc.net.au:
Email scammer jailed for 5 years. Read more

news.bostonherald.com:
Man in a jam for `phishing' fraud on Net. Read more

www.ljworld.com:
E-mail scams snare unaware. Read more

www.northfulton.com:
Scams target Internet users. Read more

08 November 2004

Guides, Papers, etc
zine.dal.net:
Just What Is a Botnet? Read more

www.nanog.org:
Botnets (pdf). Read more

www.technologyreview.com:
When Bot Nets Attack. Read more

www.prolexic.com:
Distributed Denial of Service Attacks (pdf). Read more

 

Vulnerabilities & Exploits
www.securiteam.com:
SCO OpenServer MMDF Deliver Buffer Overflow. Read more

www.securiteam.com:
Ability Server FTP STOR Buffer Overflow (Unix Exploit). Read more

www.securiteam.com:
Solaris Real World Exploit Examples. Read more

www.securiteam.com:
XDICT Buffer Overrun Vulnerability. Read more

www.securiteam.com:
Lithtech Engine Format String Bug May Crash In-Game Server. Read more

www.securiteam.com:
Resources Consumption in 602LAN SUITE. Read more

www.securitytracker.com:
MiniShare Buffer Overlow in Processing Long URLs Lets Remote Users Execute Arbitrary Code. Read more

www.securitytracker.com:
602LAN SUITE Lets Remote Users Deny Service With Large Content-Length Requests and Via Telnet Proxy Loopback Attacks. Read more

 

News:
www.bizjournals.com:
Small businesses tackle security risks as bad guys go 'phishing'. Read more

portal.telegraph.co.uk:
Software to target net criminals. Read more

news.netcraft.com:
Akamai Attack Highlights Threat From Bot Networks. Read more

07 November 2004

Guides, Papers, etc
honeynet.org:
This month's challenge: Analyse heavily armored binaries and to explain various Anti Reverse Engineering Techniques. Read more

www.nextgenss.com:
Passive Information Gathering
The Analysis of Leaked Network Security Information. (pdf) Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Merak Mail Server (with IceWarp Web Mail) Lets Remote Authenticated Users Move, Delete, and Rename Files. Read more

www.securitytracker.com:
LithTech Engine Format String Bug Lets Remote Users Crash the Game Server. Read more

aluigi.altervista.org:
602 Lan Suite resources consumption through webmail. Read more

aluigi.altervista.org:
The Lithtech engine is affected by some format string. Read more bugs.

 

News:
www.pcadvisor.co.uk:
Dangerous new ways to try to steal your money are in progress
Phishers adopt scam tricks from virus writers. Read more

www.informationweek.com:
Warnings On New Phishing Threat
New, "more insidious" phishing scam is triggered when unsuspecting users open an E-mail. Read more

www.finextra.com:
Majority of financial Web sites contain security flaws. Read more

www.pcworld.com:
Poor Defenders
Some anti-spyware companies use confusing ads, and our tests show their $20-$60 products are less effective than free competitors. Read more

www.crime-research.org:
Security breach at Cahoot bank. Read more

06 November 2004

Tools
www.tinypeap.com:
WPA Weak Key Cracker Posted. Read more

 

Guides, Papers, etc
www.tinypeap.com:
WPA Passive Dictionary Attack Overview (pdf). Read more

www.tinypeap.com:
TinyPEAP is a wireless security system designed to integrate the components of today’s best security solutions into one secure and easy to use system. (pdf)
Read more

www.windowsecurity.com:
How Spyware And The Weapons Against It Are Evolving. Read more

www.windowsecurity.com:
Understanding E-mail Spoofing. Read more

packetstormsecurity.nl:
People Hacking: The Psychology of Social Engineering. Read more

 

Vulnerabilities & Exploits
www.securitytracker.com:
Symantec LiveUpdate Zip Decompression Routine May Let Users Deny Service. Read more

www.debian.org:
DSA-585-1 shadow -- programming error. Read more

 

News:
news.zdnet.co.uk:
IE flaw danger increases as exploit code released. Read more

news.zdnet.co.uk:
30,000 botnets march across the Internet. Read more

www.securityfocus.com:
Alleged DDoS kingpin joins most wanted list. Read more

news.zdnet.co.uk:
Bin Laden video spreads a worm for 'The Hobbit'. Read more

www.theregister.co.uk:
Email worm poses as Osama videogram. Read more

www.theregister.co.uk:
Windows for Warships safe for Royal Navy, says MoD. Read more

news.com.com:
Bank accounts in online security scare. Read more

software.silicon.com:
Security flaw exposed in Cahoot bank accounts. Read more

www.techweb.com:
New Wave Hackers Chase Bucks, Not Bragging Rights. Read more

news.zdnet.com:
Virus writers elude Microsoft's bounty hunt. Read more

www.eweek.com:
New Phishing Attack Uses Old IE Exploit. Read more

software.silicon.com:
Covert phishing scam lies in wait for its victim. Read more

www.techny.com:
Identity thieves’ Phishing attacks could soon get a lot nastier. Read more

www.linuxpipeline.com:
Linux experts slam a report naming the OS as a favorite hacker target, citing methodology flaws and "suspicious" conclusions. Read more

news.zdnet.com:
16 candles for first Internet worm. Read more

news.com.com:
Ex-Austin student indicted for data theft. Read more

www.crime-research.org:
New kind of the Internet fraud represented by Russians. Read more

www.theregister.co.uk:
Counting the cost of security training. Read more

05 November 2004

Guides, Papers, etc
www.securityfocus.com:
SSH User Identities. Read more

 

Vulnerabilities & Exploits
www.kb.cert.org:
Microsoft Internet Explorer vulnerable to buffer overflow via FRAME and IFRAME elements. Read more

www.zone-h.org:
Enumeration vulnerability in Mozilla and Thunderbird. Read more

www.securitytracker.com:
Apache Web Server Error in Processing Requests With Many Space Characters Lets Remote Users Deny Service. Read more

www.securitytracker.com:
ScanMail Discloses Sensitive Files to Remote Users. Read more

www.securitytracker.com:
Google Local Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

www.securitytracker.com:
Zile Security Flaws Have Unspecified Impact. Read more

www.securitytracker.com:
Norton Anti-Virus Script Blocking Can Be Bypassed. Read more

www.securitytracker.com:
Zip Buffer Overflow in Recursive Directory Compression Lets Local Users Execute Arbitrary Code. Read more

www.debian.org:
DSA-584-1 dhcp -- format string vulnerability. Read more

www.debian.org:
DSA-583-1 lvm10 -- insecure temporary directory. Read more

www.hexview.com:
Symantec LiveUpdate issues may cause DoS. Read more

 

News:
www.theregister.co.uk:
Watch out there's an IE bug about. Read more

www.infoworld.com:
Microsoft checks out new IE security flaw reports. Read more

news.zdnet.co.uk:
Suspected hacking mastermind on 'most wanted' list. Read more

www.computerworld.com:
Big picture security. Read more

www.computerworld.com:
Avoiding downstream liability. Read more

www.computerworld.com:
Microsoft to help users prep for patching. Read more

www.detnews.com:
Former University of Texas student indicted for allegedly hacking into computers, stealing info. Read more

www.theregister.co.uk:
Phishers develop sophisticated lure. Read more

www.vnunet.com:
Latest phishing scam silent but violent. Read more

www.guardian.co.uk:
Internet bankers face new phishing scam. Read more

news.zdnet.co.uk:
The Internet worm comes of age. Read more

www.pcworld.idg.com.au:
Bin Laden Terrorist Video Email is Really a Virus, Warns Sophos. Read more

www.crime-research.org:
Haven for Hackers. Read more

news.zdnet.co.uk:
Security guru demands two-factor authentication. Read more

www.theregister.co.uk:
Sibling spammers convicted. Read more

04 November 2004

Guides, Papers, etc
www.securityfocus.com:
Phishing For Savvy Users. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
(Exploit Code Has Been Released) Microsoft Internet Explorer Buffer Overflow in IFRAME Tag Processing Lets Remote Users Execute Arbitrary Code. Read more

fri-adgang.dk:
Exploit for \"Vulnerability in RPC Runtime Library\". Read more

securitytracker.com:
AudienceConnect SecureEditor May Grant Access in Certain Cases. Read more

securitytracker.com:
Astaro Security Linux Discloses System Information to Remote Users. Read more

securitytracker.com:
Gallery Input Validation Error in 'include' Variable Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
FsPHPGallery Input Validation Error May Let Remote Users Obtain Directory Listings. Read more

securitytracker.com:
Goollery Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Sun Java System Application Server Various Certificate and ASN.1 Bugs Let Remote Users Crash the Service. Read more

securitytracker.com:
Sun Java System Web Server Various Certificate and ASN.1 Bugs Let Remote Users Crash the Service. Read more

securitytracker.com:
F-Secure Anti-Virus for Microsoft Exchange Lets Remote Users Bypass Anti-Virus Detection With a ZIP Archive. Read more

securitytracker.com:
WinRAR May Crash When Repairing Malformed Archives. Read more

securitytracker.com:
ArGoSoft FTP Server Lets Remote Users Upload '.lnk' File. Read more

securitytracker.com:
Forum Web Server Still Discloses Files on the System, Including Clear Text Passwords, to Remote Users. Read more

securitytracker.com:
HELM Input Validation Holes Let Remote Authenticated Users Inject SQL Commands and Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Cisco Secure Access Control Server EAP-TLS Bug Lets Remote Users Be Authenticated Without Proper Credentials. Read more

securitytracker.com:
yChat HTTP Errors Let Remote Users Deny Service. Read more

securitytracker.com:
Cherokee Format String Flaw in cherokee_logger_ncsa_write_string() Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
iptables May Fail to Automatically Load Some Modules. Read more

www.securiteam.com:
HELM Management and Control System SQL Injection and XSS Vulnerabilities. Read more

www.securiteam.com:
Chesapeake TFTP Server Directory Traversal and DoS Vulnerabilities. Read more

www.securiteam.com:
bogofilter/bogolexer Malformed Input DoS. Read more

www.securiteam.com:
qwik-smtpd Format String Vulnerability. Read more

www.securiteam.com:
Zgv Image Viewing Multiple Heap Overflows. Read more

www.hexview.com:
Zip/Linux long path buffer overflow. Read more

 

News:
Phishing Alert:
SunTrust Bank Phishing Mail does link to http://148.244.213.131:4907/st/index.htm

news.netcraft.com:
Phishers Manipulate SunTrust Site to Steal Data. Read more

www.oreillynet.com:
Russian Denies Authoring "SoBig" Worm. Read more

www.hindustantimes.com:
Net bank fraudsters design potent phishing tool. Read more

news.zdnet.co.uk:
Hackers: Show me the money. Read more

www.theinquirer.net:
Bulgarian 'hackers' arrested on terror charges. Read more

www.theregister.co.uk:
Chinese puzzle hampers banks' phishing fight. Read more

story.news.yahoo.com:
MessageLabs Sniffs Out New Phishing Technique. Read more

www.spamfo.co.uk:
Phishing without even clicking a link. Read more

www.theinquirer.net:
Hackers reopen stolen code store. Read more

03 November 2004

Guides, Papers, etc
www.dimva.org:
SIG SIDAR Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 7-8, 2005, Call for Papers. Read more

www.technicalinfo.ne:
URL Encoded Attacks. Read more

 

Vulnerabilities & Exploits
www.edup.tudelft.nl:
PoC exploit for the FRAME src&name property bufferoverflow. Download

www.nextgenss.com:
Medium risk vulnerability within the 'Repair Archive' feature in WinRAR. Read more

www.debian.org:
DSA-582-1 libxml -- buffer overflow. Read more

www.debian.org:
DSA-581-1 xpdf -- integer overflows. Read more

www.windowsitpro.com:
Arbitrary Code Execution in PuTTY for Windows. Read more

www.securiteam.com:
Internet Explorer FRAME SRC and NAME Property Buffer Overflow (PoC). Read more

www.securiteam.com:
PHP Array Heap Content Disclosure. Read more

www.securiteam.com:
Apache Multiple Space Header DoS. Read more

 

News:
news.zdnet.co.uk:
Microsoft denies spoofing is a security flaw. Read more

www.theregister.co.uk:
IE exploits top web security threat list. Read more

news.zdnet.co.uk:
Internet Explorer is the number one hack attack. Read more

www.theregister.co.uk:
Free training offer is latest spam scam. Read more

www.theinquirer.net:
Bagle Worm writer fails to score hit. Read more

news.zdnet.co.uk:
Smarter users have taken the bite out of Bagle. Read more

news.zdnet.co.uk:
Cisco source code for sale online. Read more

www.varbusiness.com:
How To Spot Bogus E-Mail. Read more

www.theregister.co.uk:
Phishing for dummies: hook, line and sinker. Read more

news.zdnet.co.uk:
Millions of Bagles knock out Windows firewall. Read more

news.zdnet.co.uk:
Firefox gains more ground on IE. Read more

news.com.com:
Old scams pose the 'greatest security risk'. Read more

software.silicon.com:
IM virus hoax threatens bandwidth drain. Read more

02 November 2004

Tools
www.hardened-php.net:
Hardened-PHP adds security hardening features to PHP to protect your servers on the one hand against a number of well known problems in hastily written PHP scripts and on the other hand against potential unknown vulnerabilities within the engine itself. Read more

 

Guides, Papers, etc
www.nextgenss.com:
Second-order Code Injection Attacks
Advanced Code Injection Techniques and Testing Procedures (pdf). Read more

www.securiteam.com:
Bypassing Client Application Protection Techniques. Read more

www.securereality.com.au:
A Study In Scarlet. Exploiting Common Vulnerabilities in PHP Applications. Read more

bugs.php.net:
PHP Bugs. Read more

 

Vulnerabilities & Exploits
secway.org:
XDICT Buffer OverRun Vulnerability. Read more

www.debian.org:
DSA-580-1 iptables -- missing initialisation. Read more

www.debian.org:
DSA-579-1 abiword -- buffer overflow. Read more

www.debian.org:
DSA-578-1 mpg123 -- buffer overflow. Read more

www.securiteam.com:
Altiris Carbon Copy Remote Control Local SYSTEM Exploitation. Read more

www.securiteam.com:
Firewire/IEEE 1394 Considered Harmful to Physical Security. Read more

www.securiteam.com:
AOL Journals BlogID Incrementing Discloses Account Names and Email Addresses. Read more

www.securiteam.com:
socat Format string vulnerability. Read more

www.securiteam.com:
kpdf Integer Overflows. Read more

www.securiteam.com:
IPTables Log Integer Underflow (PoC). Read more

www.securiteam.com:
WvTftpd Option Name Value Pairs Remote Root Heap Overflow (PoC Included). Read more

securitytracker.com:
XDICT Word Translation Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
QwikMail Format String Flaw Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Land Down Under Input Validation Holes in 'users.php' and Other Scripts Let Remote Users Inject SQL Commands. Read more

securitytracker.com:
Allied Telesyn AT-TFTP Server Lets Remote Users Download and Upload Arbitrary Files or Cause the TFTP Service to Crash. Read more

securitytracker.com:
Netcordia Chesapeake TFTP Server Lets Remote Users Download and Upload Arbitrary Files or Cause the TFTP Service to Crash. Read more

securitytracker.com:
Sun Java System Web Proxy Server Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more

 

News:
www.theregister.co.uk:
China shuts 1,600 cybercafes. Read more

software.silicon.com:
Bagle toasts Windows firewall. Read more

comment.silicon.com:
Devil's Advocate: Should we lock up virus writers? Read more

www.theregister.co.uk:
Undead worms dominate Halloween viral chart. Read more

www.theregister.co.uk:
Beware of Yahoo! spam scam. Read more

news.zdnet.com:
Old con tricks pose the 'greatest security risk'. Read more

www.theregister.co.uk:
Oxford Uni 'hackers' suspended. Read more

www.crime-research.org:
Illegal Internet Access – the Most Popular Internet Crime in Russia. Read more

www.pcworld.idg.com.au:
Security hole burns Java proxy server. Read more

www.infoworld.com:
Online identity theft: Many medicines, no cure. Read more

software.silicon.com:
Apple denies worm. Read more

news.zdnet.com:
Scammers teach Web students a tough lesson. Read more

www.antiphishing.org:
Phishing website: http://200.189.70.90/citi/
Citibank - 'Security Alert on Microsoft Internet Explorer'. Read more

01 November 2004

Tools
www.corestreet.com:
SpoofStick is a simple browser extension that helps users detect spoofed (fake) websites.
A spoofed website is typically made to look like a well known, branded site (like ebay.com or citibank.com) with a slightly different or confusing URL.
The attacker then tries to trick people into going to the spoofed site by sending out fake email messages or posting links in public places - hoping that some percentage of users won't notice the incorrect URL and give away important information.
This practice is sometimes known as “phishing". Read more

 

Guides, Papers, etc
www.microsoft.com:
How A Criminal Might Infiltrate Your Network. Read more

 

Vulnerabilities & Exploits
www.securiteam.com:
MailCarrier SMTP EHLO/HELO Buffer Overflow (PoC). Read more

www.securiteam.com:
Libxml2 Remote Buffer Overflows. Read more

www.securiteam.com:
GD Graphics Library Integer Overflow Leading to a Heap Overflow. Read more

cvs.sourceforge.net:
vulnerability in bogofilter/bogolexer. Read more

www.openpkg.org:
libxml arbitrary code execution. Read more

securitytracker.com:
HTML::Merge Input Validation Hole in 'printsource.pl' Lets Remote Users Execute Commands. Read more

 

News:
www.pcworld.idg.com.au:
Bagle virus takes aim at Microsoft. Read more

www.theinquirer.net:
China confirms more Internet cafe closures. Read more

www.pcworld.idg.com.au:
Secret Service busts online organized crime ring. Read more

www.bizjournals.com:
Hacked off, fighting back. Read more

www.durangoherald.com:
Internet users may not be safe on Web. Read more

www.southbendtribune.com:
Don't get hooked into a phishing trip. Read more

www.theinquirer.net:
Bagle back from the dead. Read more

www.timesstar.com:
Pictures could be entrance for hackers. Read more


Copyright© MegaSecurity.org