Bookmark or link to: www.kobayashi.cjb.net. All other url`s could change!
News Archive    Translate Traducen
News December 2000
31 December 2000

Dark FTP 1.7 by WaVeR.

www.viruslist.com:
The Hybris Virus Comes in Many Variations. Read More

antionline:
Beware of Happy New Year Virus. Read More

securitygeeks.shmoo.com:
Port Scanning is NOT Legal. Read More

www3.haaretz.co.il:
Israeli hacker 'The Analyzer' admits sabotage in plea bargain. Read More

securitywatch.com:
Top ten defacements of the year. Read More

securitywatch.com:
RFP website hacked... a revival of the ::$DATA vulnerability? Read More

computerworld:
Federal agency warns about denial-of-service attacks. Read More

CNN:
Report: Microsoft hack a U.S. security risk. Read More

thestar.com.my:
US shores up cyberwar defence. Read More

computeruser:
Korean hacker attacks triple during 2000. Read More

ZDNet:
A Year Ago: Taiwan tech firm hires Chernobyl virus author. Read More

30 December 2000

MoonPie 1.0. Thanks to ISO.

The Scull Trojan can be found here. Anybody can get and send me a working copy?

techweb.com:
Beware Of Happy New Year Virus. Read More

www3.haaretz.co.il:
Israeli hacker 'The Analyzer' admits sabotage in plea bargain. Read More

reuters:
Holiday Computer Viruses Infect And Annoy, But Few Destroy. Read More

Lexis_nexis:
Viruses not likely to crash the party; Computer security experts are. Read More

ZDNet:
Are killer hack attacks coming? Read More

lexis-nexis:
High-tech crime role for expert. Read More

newsbytes.com:
Feds Warn Of Concerted Hacker Attacks On New Year' Eve. Read More

newsbytes:
Hordes Of Zombies Could Bring Down The Net. Read More

Lexis_nexis:
The U.S. government believes tens of thousands of innocent computer systems may have been turned into "zombies". Read More

Federal agency warns about denial-of-service attacks. Read More

computeruser:
Thailand's daily news Web site hacked. Read More

vnunet.com:
Security 2000 - the year in review. Read More

29 December 2000

Undetected Xmas edition

Undetected Remover

SecurityPortal:
Weekly Virus Digest 2000/12/22 to 2000/12/28. Read More

securityfocus:
An Introduction to Viruses and Malicious Code Part Two: Protecting Your Computers and Data. Read More

www.vny.com:
NSC: 'Zombies' could cripple Net. Read More

www.linux-mag.com:
Network Security With Linux 2.4. Read More

CNet:
Anti-racism site target of cyberattack. Read More

www.newsbytes.com:
Thailand's Daily News Web Site Hacked. Read More

www.newsbytes.com:
Web Sites List Prisoners, Parolees. Read More

nationalpost.com:
Egghead.com hires Web sleuth to crack credit card breach. Read More

securityportal.com:
The Story of Jeff. Read More

worldnews.com:
China: Online Subversion Illegal. Read More

www.nua.ie:
Security attacks may worsen in 2001. Read More

computerworld.com:
Intruder defaces Nasdaq-100 Index Web page. Read More

Lexis-Nexis:
Israel: Hacker of Pentagon site convicted; others infiltrate Hezbollah site. Read More

Lexis-Nexis:
Hacker arrested in Russian city for stealing money from US banking accounts. Read More

28 December 2000

Infector 1.7 by FC.
Lot of functions, like double ICQ notify, desktop previeuw, keylogger, application manager and more.

SecurityFocus:
An Introduction to Viruses and Malicious Code Part Two: Protecting Your Computers and Data. Read More

Linuxpower.org:
No money in Hackerdom, Version 1.0. Read More

Computeruser:
Hong Kong Police Offer Christmas Warning To Hackers. Read More

mg.co.za:
Cybervandals target your mail. Read More

CNet:
Report targets security risks of ActiveX. Read More
This CERT report can be found here.

ComputerWorld:
Think tank warns that Microsoft hack could pose national security risk. Read More

Hacked Sites: Read More

ComputerWorld:
Intruder defaces Nasdaq-100 Index Web page. Read More

Lexis-Nexis:
Hackers show new criminal twist. Read More

Lexis-Nexis:
Agencies take byte out of Austin's Net crime. Read More

Lexis-Nexis:
Lessons of Y2K bug fight important, combatants say. Read More

Financialexpress.com:
Cybersleuths trap hackers in honeypots to study them. Read More

27 December 2000

AudioDoor 1.1 by WaVeR.

One of ZDNet's web sites was defaced this weekend. Read More

Hezbollah site hacked by Israeli. Read More

Test the security strengths and weaknesses of various firewalls with LeakTest. Read More

ZDNet:
2000 Roundup: Cybercrime goes global. Read More

ZDNet:
Security a low priority in Y2K. Read More

Wired:
Both Sides Hacked Over Kashmir. Read More

Lexis-Nexis:
British "hacker" stranded six months in UAE. Read More

Lexis-Nexis:
Watch out for leaks in firewall programs. Read More

Lexis-Nexis:
Taskforce targets whiz-kid hackers Read More

32bitsonline.com:
E-Tailer Egghead Says Hacker Rifled Systems. Read More

Etisalat to be told to produce evidence against hacker. Read More

26 December 2000

Incognito 1.2 beta

ZDNet:
Top 10 security stories of 2000. Read More

computeruser:
E-Tailer Egghead Says Hacker Rifled Systems. Read More

linuxtoday:
Linux Magazine: System Security. Read More

dotcomdirectory:
Hong Kong police advise hackers to think twice. Read More

ZDNet:
A Year Ago: Kevin Poulsen - A hacker Christmas. Read More

thestar.com:
Indian hacker attacks Pakistani website. Read More

securityportal:
Establishing Email Validity. Read More

nua.ie:
Security risks lie beneath broadband hype. Read More

25 December 2000

MsnCookie 2.5 by koR.

Weekly Microsoft Security Digest 2000/12/18 to 2000/12/24. Read More

LinuxSecurity.com:
Linux Security Week - December 25th 2000. Read More

Weekly Solaris Security Digest 2000/12/18 to 2000/12/24. Read More

HelpNetSecurity:
W32.Kriz Prevention Tool. Read More

individual.com:
McAfee AVERT Warns Over Holiday Viruse. Read More

Stopping Spam And Trojan Horses With BSD. Read More

sysadmin.oreilly.com:
dsniff and SSH. Read More

32bitsonline.com:
E-Tailer Egghead Says Hacker Rifled Systems. Read More

A Year Ago: Kevin Poulsen - A hacker Christmas. Read More

Lexis-Nexis:
Prison Computer Hacker Did Little Harm ; Report says inmate thirsted for knowledge, not personal gain. Read More

24 December 2000

Studio 54 1.0

Antivirus.com:
Weekly Virus Report. Read More

BBC:
Christmas virus alert. Read More

Securitywatch.com:
Watch out for privacy issues with e-Xmas cards. Read More

Wiretrip:
Decoded FreeLink macro virus. Read More

Windowsitsecurity:
Windows 2000 Security.
Dangerous Services, Part 1. Read More
Dangerous Services, Part 2. Read More

Wiretrip:
Why do we hack? Read More

Feedmag:
Cry Hackerdom! Read More

Securiteam.com:
Patch available for the Internet Explorer 5 "Browser Print Template" and "File Upload via Form" vulnerabilities. Read More

Public.wsj.com:
'Honeypots' Let Security Officials
Track a Hacker's Every Move. Read More

News:
SecurityFocus:
SERIOUS VULNERABILTY AFFECTS ALL VERSIONS OF UNIX AND WINDOWS. Read More

Mercurycenter:
Holiday hacking on the rise. Read More

ZDNet:
Egghead scrambles to gauge damage. Read More

Wired:
Both Sides Hacked Over Kashmir. Read More

Lexis-Nexis:
HACKER TAPPED MEDICAL RECORDS. Read More

23 December 2000

Barrio Trojan 5.0

Previeuw of Exploiter 1.4.

By SennaSpy:
How to change .exe, .com, .pif and .bat files entries in the registry...
This allow execute a file before start an application - Visual Basic source code available: Registry

ICMP Usage In Scanning. (PDF) Read More

Past summer, CERT sponsored a two-day workshop on security issues with ActiveX controls. The final report was just released today and is available as a PDF file at the CERT Web site. Read More

News:
SecurityPortal:
Weekly Virus Digest 2000/12/15 to 2000/12/21. Read More

BBC:
Christmas virus alert. Read More

TheRegister:
Christmas IT viruses alert. Read More

Lexis-Nexis:
E-greetings spread viruses, tax networks Companies say, 'Do not open'. Read More

Lexis-Nexis:
Virus expert humbugs Kriz holiday scare. Read More

PlanetIT:
Firewalls Becoming Ineffective, Experts Say. Read More

Wired:
Both Sides Hacked Over Kashmir. Read More

CNet:
Group crafts rating system for server security. Read More

CNN:
Internet Security Systems Founder Offers Some Holiday E-mail Warnings. Read More

home.kyodo.co.jp:
TSE's Mothers e-mail service hacked. Read More

NewsBytes:
E-Tailer Egghead Says Hacker Rifled Systems. Read More

Computerworld:
Bulletin: Hacker breaks Egghead's security shell. Read More

worldnetdaily.com:
Playing games with Iraq. Read More

Seattletimes:
Student hacker blames teacher. Read More

TheRegister:
Kid hacks school comp on teacher's dare. Read More

Computerworld:
March trial date set for alleged teen hacker. Read More

22 December 2000

Dark FTP 1.65 by WaVeR.

Atomic2 1.1 by Marius David. Thanks to Sniper.

News:
Multiple Vulnerabilities in ZoneAlarm. Read More. Link by HeLLfiReZ.

Microsoft Security Bulletin (MS00-099)
Patch Available for “Directory Service Restore Mode Password” Vulnerability. Read More

Atriskonline.com:
Viruses, Trojans, and CIA. Read More

Securityportal:
Weekly Virus Digest 2000/12/15 to 2000/12/21. Read More

TheRegister:
Nasty hybrid virus gift unwraps on Xmas day. Read More

Nikkeibp.asiabiztech.com:
Watch Out for PC Virus on Christmas Day. Read More

InfoWorld:
Kris virus waiting for holiday strike. Read More

Seattletimes:
Student hacker blames teacher. Read More

Ctnow.com:
Sued, `Hacker' Denies Breaking Law. Read More

TheRegister:
How Carnivore works. Read More

Ananova:
Mafiaboy released on bail again. Read More

PlanetIT:
Microsoft Security Server Nearly Ready. Read More

21 December 2000

SubZero Alpha by CrAcKeR.

ActiveX control in Indexing Services can expose file properties.
An ActiveX that ships with Microsoft's Indexing Services is incorrectly marked as 'safe for scripting', which allows malicious web operators to activate it when a user surfing the web from a vulnerable machine reaches their web site. This ActiveX can be used to retrieve file properties on local files, and in some extreme cases might lead to reading of local text file's content.
DETAILS
Vulnerable systems:
Index Server 2.0 (ships in Windows NT 4.0 Option Pack)
Indexing Services 3.0 (ships in Windows 2000)
Patch Availability: www.microsoft.com

TheRegister:
Security patch distribution - it's trojan time. Read More

Securityportal:
Personal Firewall Test: Conseal PC Firewall. Read More

Computerworld:
March trial date set for alleged teen hacker. Read More

Timesofindia:
Virus swamps auto, engineering, govt offices. Read More

Securityportal:
Top 20 Virus Report. Read More

Computeruser:
This Naughty Bug's Not Nice For Christmas. Read More

Zdii.com:
Kriz virus makes return appearance. Read More

CNN:
Hospital hack points to need for standards. Read More

Vnunet:
Yahoo hacker bailed out after job promise. Read More

Computerworld:
March trial date set for alleged teen hacker. Read More

Lexis-Nexis:
Russia's first school of computer hacking. Read More

Internetnews:
Taiwan Government Web Site Hacked. Read More

20 December 2000

Direct Connection 1.0 beta3 by snapman. Thanks to HeLLfiReZ.

Microsoft Security Bulletin (MS00-098):
Microsoft has released a patch that eliminates a security vulnerability in a component that ships as part of Microsoft® Windows® 2000. The vulnerability could allow a malicious web site operator to learn the names and properties of files and folders on the machine of a visiting user. Read More

Securityfocus:
Port scans legal, judge says. Read More

ZDNet:
McAfee antivirus update damages NT 4.0. Read More

NZherald:
Beware of fun teasers says virus hunter. Read More

Securityportal:
Web Bugs, Paranoia and Microsoft. Read More

CNet:
Alleged teen hacker makes bail. Read More

ZDNet:
Hackers caught in security 'honeypot'. Read More

TheRegister:
How Carnivore works. Read More

TheRegister:
Virus writers and cracker love-in. Read More

Lexis-Nexis:
An erotic exchange of e-mail between two English lovers has highlighted the dangers of sending personal information electronically. Read More

Lexis-Nexis:
They call themselves "the Viper Brothers," "the Software Underground Empire" and "Armageddon in Russia.". Read More

Lexis-Nexis:
Russian youths study the modern art of hacking. Read More

Lexis-Nexis:
Hospital Confirms HackerStole 5,000 Patient Files. Read More

Lexis-Nexis:
A hacker broke into CreditCards.com's database. Read More

19 December 2000

GodWilll 1.0.5 by SpaWn.

MegaSecurity opened a new Top List. Only for sites that have their own trojan.
MegaSecurity Top List 50

Securityportal:
W32/Hybrisworm spreading fast. Read More

Computeruser:
Kakworm Beats Love Bug In Sophos Annual Virus Charts. Read More

Vnunet:
Hackers beat Microsoft - again. Read More

linuxtoday:
Security Focus: Port scans legal, judge says. Read More

CNN:
Digital assault against Pentagon rises. Read More

ItWorld:
Firewall acceleration over ATM. Read More

Hindustantimes:
Hack the hackers. Read More

Chinatimes:
Taiwan Foreign Trade Board Website Hacked Into. Read More

FBI: 'Tis the season for cyberattacks. Read More

BBC:
Cybercrime treaty condemned. Read More

ZDNet:
The year of the killer hackers. Read More

32bitsonline:
Hong Kong Teen Gets 6 Months For Hacking. Read More

Thisislondo:
Cyber crime 'holds banks to ransom'. Read More

Vny.com:
San Diego prosecutors assigned to combat cyber crime. Read More

18 December 2000

Exploiter 1.3 Delta by ap0calaps.

Weekly Microsoft Security Digest 2000/12/11 to 2000/12/17. Read More

Linux Security Week - December 18th 2000. Read More

Packetstorm:
How Freebsd.org was hacked. Read More

All.net:
Cyber War in the Middle East. Read More

All.net:
Recent Cyber War Events from the Middle East. Read More

TheRegister:
FBI hacker sleuths hint at power-grid disaster. Read More

TheRegister:
Int'l cybercrime treaty remains horrid. Read More

Siliconvalley.internet.com:
SecurityPortal Debuts 'Top 20' Viruses Service. Read More

Lexis-Nexis:
FBI forms computer crime lab in San Diego. Read More

Lexis-Nexis:
High-school hacker detained by police; Charged with obtaining 6.3 million pieces of personal information. Read More

Wired:
German Hate Law: No Denying It. Read More

17 December 2000

GodWill 1.0.4 by SpaWn.

News
Computeruser:
Kakworm Beats Love Bug In Sophos Annual Virus Charts. Read More

Linuxtoday:
Kapersky Lab: Reflecting on the Year 2000 [includes Linux virus discussion]. Read More

TheRegister:
FBI hacker sleuths hint at power-grid disaster. Read More

Excite:
Teenage Computer Hacker Sent to Detention Center. Read more

Silicon.com:
Virus crisis: 2001 will beat this year for attacks. Read More

Abcnews:
Hacker Who Stole Credit Card Numbers Wanted by Authorities. Read More

Infoworld:
Final version of Carnivore study released. Read More

ZDNet:
Power play: Electric company hacked. Read more

news.globetechnology.com:
Trial set for March in Web attacks. Read More

news.globetechnology.com:
Canada lags in cybercrime laws. Read More

Business.scotsman.com:
Network defence against the hackers at the click of a button. Read More

Lexis-Nexis:
High-school hacker detained by police; Charged with obtaining 6.3 million pieces of personal information. Read More

Lexis-Nexis:
Canadian experts irked by report on cyber-crime laws: To demand retraction: 'Misleading' study should not be treated seriously. Read More

Lexis-Nexis:
Man told to pay $48,520 for e-mail attack; Former employee illegally accessed company computers; Read More

Lexis-Nexis:
Former courthouse guard suspected of hacking;He used hidden computer to play Net games late at night, authorities allege. Read More

16 December 2000

GodWilll 1.0.3c by SpaWn.

Nexzus did test Amin Tool 2.0, FC ICQ Pager, Mosucker 2.0 and WEIMA-MEIA.
A must read. You can find it here.

Microsoft Security Bulletin MS00-097:
Patch Available for “Severed Windows Media Server Connection” Vulnerability. Read more

News:
Globetechnology:
Text-message viruses throw systems a curv. Read more

TheRegister:
Thus virus variant is not very scary. Read more

TheRegister:
Int'l cybercrime treaty remains horrid. Read more

TheRegister:
Microsoft hacked in the Balkans. Read more

TheRegister:
Blackmailer posts credit card details on the Net. Read more

Idg.net:
Hackers Get Final Y2K Jollies. Read more

ComputerWorld:
System administrators salary survey: How do you measure up? Read more

ComputerWorld:
You better watch out, and Santa's got nothing to do with why. Read more

ComputerWorld:
Hospital confirms copying of patient files by hacker. Read More

15 December 2000

Dark FTP 1.4 by WaVeR. Thanks To Senna Spy.

BO Ping 2.0 is a network scanner for the infamous Back Orifice program. It is many times faster than the ping sweeper built in to the original client program. This is intended as a vigilante tool to notify victims who unknowingly have the trojan on their system. It includes the ability to notify detected victims by sending them a BO messagebox message directly from within the program.

News
SecurityPortal:
Weekly Virus Digest 2000/12/08 to 2000/12/14. Read more

Computeruser:
Norman Security Firm Warns Against Virus Overreaction. Read More

Computeruser:
Panda Issues Worm Warning.
The new worm is notable because no attached file needs to be opened in order for it to be activated. Read more

Name: VBS/Forgotten.A@mm
Alias: VBS/Pica.worm.gen
PandaSoftware: Read more

Sunworld.com:
OS identification. Read more

Uk.news.yahoo:
Hong Kong hacker sent to detention centre. Read more

Securityfocus:
Cybercrime treaty still horrible. Read more

Newsbytes:
Positive 'Carnivore' Review Draws Immediate Fire. Read more

TheRegister:
The year is 2020 and it's a digicrime nightmare scenario. Read more

Mercurycenter:
Teenage computer hacker sent to detention center. Read more

Bsdtoday:
Interview with BSDi on proactive BSD/OS security. Read more

Vnunet:
Search engine cheats risk jail. Read more

businessweek:
When the Hacker Is on the Inside. Read more

Lexis-Nexis:
Hackers can't resist holiday Web traffic, feds warn But security experts see no cause for extra alarm. Read more

Lexis-Nexis:
Teen pleads not guilty in hack attack: 'Mafiaboy' accused of causing $2 billion in lost business to Internet firms. Read more

Lexis-Nexis:
Eighth-grade hackers pilfer science class exam. Read More

Lexis-Nexis:
Criminal laws need to be extended into cyberspace. Read more

ComputerWorld:
Cyberattacks against Pentagon on the rise. Read more

14 December 2000

Check out the new Kobayasi Forum. Thanks to m0it. Kobayashi`s Forum

WEIMA HEIMA 0.1 by Why.

ICQ Pager by FC.

Project R3x by Blade.
It's a program for auditing Windows networks and more ... Read more

IIS Hack. Read more

ItWorld:
Firewall makers scramble as security gadfly exposes flaw. Read more

Grc.com:
The Anatomy of File Download Spyware. Read more

News:
ZDNet:
BugTraq tiff 'a slippery slope'? Read more

Lexis-Nexis:
7 DAYS; CYBERCRIME IS UNPUNISHED. Read more

Lexis-Nexis:
Thief of the future revealed; New Strategies Will Be Needed To Tackle Crime In Internet Age. Read more Msnbc:
A good year for the bad guys. Read more

CNN:
U.K. antivirus company ranks top 10 viruses of 2000. Read more

Hindustantimes:
Hacker barks up wrong Zee. Read more

Vnunet:
Who can get hacked without noticing? Icann. Read more

Nandotimes:
55,000 credit card numbers stolen, posted by hacker. Read more

Nikkeibp.asiabiztech:
MTX Increases Virus Discoveries to Record High in November. Read more

13 December 2000

Admin Tool 2.0 by AGM65.

Posted by ISO.
LSP trojans -v- Firewalls and AV (for FISH).
Read more.

Posted by ISO.
Backdoor on the Windows NT Server & Windows 2000. Read more

SecurityPortal:
Top 20 Virus Report. Read more

Vnunet:
Russian virus busters hacked in Brazil. Read more

Princeton.edu:
About cache cookies.
Standard feature of Web browser design leaves opening for privacy attacks. Read more

CNet:
Cache attack could reveal people's online tracks. Read more

CNN:
Author of 'Prolin' worm eludes authorities. Read more

A message carved in spam.
Send a secret message by e-mail.
Read more

Newsbytes:
FBI Probes Hacking Of Creditcards.com. Read more

TheRegister:
AOL spammer pleads guilty to forgery. Read more

TheRegister:
Malicious use of the famous HTML bug.
Fun with Internet bugs. Read more

ZDNet:
Google tracker raises privacy issues. Read more

SecurityPortal:
Back Doors, Back Channels and HTTP(S). Read more

KOMO Exclusive:
60,000 Credit Card Nos. Posted On The Net ©KOMO TV. Read more

PlanetIT:
FTC Shuts Door On False ID Website. Read more

Slashdot:
Interview with Theo de Raadt of OpenBSD. Read more

Vnunet:
Still losing against an unseen enemy. Read more

12 December 2000

WebDownload 1.0

HTTPTunnel creates a bi-directional virtual data connection tunneled in HTTP requests.
The HTTP requests can be sent via an HTTP proxy if so desired.
This can be useful for users behind restrictive firewalls.
If WWW access is allowed through a HTTP proxy, it's possible to use HTTPTunnel and, say,
telnet or PPP to connect to a computer outside the firewall. Read more

News:
TheRegister:
E-mail 'bug' danger overstated? Read more

ZDNet:
Bymer spreads through open network shares. Read more

ZDNet:
Bymer Worm Removal Instructions. Read more

Linux.com:
Matt Michie's Security Outlook: Part I. Read more

Ananova:
Hackers put nude woman on police website. Read more

CNN:
Microsoft: Mideast piracy costs $100 million. Read more

Nwfusion:
FTC, FBI sites leave opening for hacker access. Read more

Forbes:
Internet security seen having long way to go. Read more

Yomiuri.co.jp:
Hacker modifies NPA-operated site. Read more

TheRegister:
Communists, Blofeld et al plan cyber Pearl Harbor for US. Read more

Vnunet:
Overseas offices fall prey to crackers. Read more

SecurityPortal:
Understanding Studies and Surveys of Computer Crime. Read more

11 December 2000

GodWilll 1.02 by SpaWn.

Weekly Microsoft Security Digest 2000/11/27 to 2000/12/03. Read more

LinuxSecurity.com: Linux Security Week - December 11th 2000. Read more

Weekly Solaris Security Digest 2000/11/27 to 2000/12/03. Read more

Securityfocus:
Inside the Stages Worm. Read more

Bocklabs.wisc.edu:
What is a polymorphic virus? Read more

SecurityFocus:
Shell Scraps Discussion. Read more

SecurityFocus:
Infectable Objects. Read more
Infectable Objects - part 2. Read more
Infectable Objects - part 3. Read more

Securityspace:
Ethical Hacking. Read more

Lexis-nexis:
Teen hacker's sentence: probation, restitution. Read more

Computerworld:
Proposed cybercrime laws stir debate at conference. Read more

10 December 2000

MoSucker 2.0 by Krusty.

New Binder by FC. Download.

Previeuw of Unlocked 1.0 Read more

News:
Timesofindia:
China warned against new e-mail virus. Read more

Hindustantimes:
India@sleep over new anti-hacker rules. Read more

TheRegister:
FTSE gets hacked. Read more

Lexis-nexis:
Hacker penetrates hospital database, steals patient records. Read more

Lexis-nexis:
Computer virus disguised as vaccine. Read more

Lexis-nexis:
'Mafiaboy' pleads not guilty. Read more

Nandotimes.com:
Next president urged to boost government computer security. Read more

HelpNetSecurity:
Hype and the Security Scene: Taking the "rep". Read more

Sggate.com:
Schwab Admits Web Accounts Not Secure From Hackers. Read more

Infoworld.com:
FTC, FBI sites leave opening for hacker access. Read more

CNet:
New site communes against hackers. Read more

ZDNet:
Do we need a second Internet? Read more

Washingtonpost:
Hacker Hits on Pentagon Computers Up 10% This Year. Read more

The Register:
Default logins posted on porn-defaced security site. Read more

ComputerWorld:
Proposed cybercrime laws stir debate at conference. Read more

Msnbc.com:
Your privacy invasion stories. Read more

9 December 2000

New:
M2 Trojan 1.4b by Myztic.

Nexzus tests Stealth 2.19

HelpNetSecurity:
Identifying ICMP Hackery Tools Used In The Wild Today. Read more

Personal Firewalls Fail the Leak Test. Read more

CNet:
New site communes against hackers. Read more

Nandotimes:
Technical details could slow trial of accused hacker 'Mafiaboy'. Read more

Infoworld:
FTC, FBI sites leave opening for hacker access. Read more

ZDNet:
Mafiaboy arrested by police again. Read more

TheRegister:
FTSE gets hacked . Read more

Lexis-nexis:
University denies hacker accessed patient-care computer. Read more

Pcadvisor:
Shockwave virus damage appears slight. Read more

Lexis-nexis:
2,203 computer viruses reported in Nov. Read more

Vnunet:
Microsoft gets heavy with security firm. Read more

CNet:
Microsoft banned from security email list. Read more

Slashdot:
BugTraq No Longer Able To Publish MS Security UPDATE. Read more

8 December 2000

New:
Stealth 2.19

Psychward 03b tested by Nexzus. Read more

SecurityPortal:
Weekly Virus Digest 2000/12/01 to 2000/12/07. Read more

PcWorld:
SafeMessage Masks Mail, Even Behind Firewalls. Read more

It.fairfax.com.au:
Hackers to release software to open net to China, Cuba and Iran. Read more

Zdii.com:
Gates: We must be more secure! Read more

Centraleurope.com:
Hackers Attack Czech Government Web Site. Read more

TheRegister:
Cybercrime laws are super weak. Read more

SecurityPortal:
Hex Editors: A Security Tool. Read more

Vnunet:
No shocks or waves from latest virus. Read more

Computerworld:
Schwab.com vulnerable to JavaScript security flaw. Read more

ZDNet:
Hospital hacked -- records stolen? Read more

ComputerWorld:
The Confessions of A White Hat Hacker. Read more

7 December 2000

New:
Psychward 03b by evilgoat.

Microsoft Security Bulletin (MS00-095):
Tool Available for “Registry Permissions” Vulnerability. (NT4.0). Read more

Microsoft Security Bulletin (MS00-096):
Tool Available for “SNMP Parameters” Vulnerability. Read more

An Interview with one of the TeamMembers of GodWill by MaGuS. Read more

HelpNetSecurity:
I-Worm.XTC worm.
Unlike many common Internet worms today, the I-Worm.XTC worm does not use the infected computers email address book, as like other Internet worms, in order to replicate and send out infected e-mail message attachments.
Instead, I-Worm.XTC utilizes the Temporary Internet Files folder to search though HTML and HTM files for e-mail addresses. Read more

Insecure.org:
Remote OS detection via TCP/IP Stack FingerPrinting. Read more

OpenBSD version 2.8 has been released. Read more

CNet:
Schwab financial site vulnerable to attack. Read more

Wired:
FBI Hacks Alleged Mobster. Read more

Washtech.com:
FBI Hacks PC To Monitor Alleged Mob Activity – Update. Read more

Computer crimes face weak laws in most countries. Read more

TechWeb:
OASIS Will Addresses Security With XML. Read more

Lexis-nexis:
Mafiaboy Misbehaves. Read more

TheRegister:
Mafiaboy goes back in the slam. Read more

PlanetIT:
CIA Workers Punished Over Secret Chat Rooms. Read more

PlanetIT:
Increased Cybercrime Is A Holiday Threat. Read more

Lexis-nexis:
Police have few weapons against cyber-criminals. Read more

SecurityFocus:
Hospital Records Hacked by Dutchman. Read more

Computerworld:
Researchers fault independent review of Carnivore. Read more

6 December 2000

New:
Web Serve CT1 by ControlTotal.

Infector 1.7, made by FC, will soon be released. The previeuw you can see here.

Nexzus did test the latest Trojans for MegaSecurity.
You can find his comments at the link at the top of the news. Also here.

SecurityPortal:
Top 20 Virus Report. Read more

Infoworld:
Embedded HTML "bugs" pose potential security risk. Read more

HelpNetSecurity:
Worm using another tactic. Read more

Msnbc:
Five ways to protect yourself. Read more

Usatoday:
'Mafiaboy' trying to stare down prosecutors. Read more

Lexis-nexis:
'Mafiaboy' trying to stare down prosecutors. Read more

TheRegister:
Hackers, Windows NT and the FBI. Read more

Ananova:
FBI warns of New Year hacker attack. Read more

Lexis-nexis:
Unhappy New Year Due To Hacker Attacks, Warns FBI. Read more

Computeruser:
E-Commerce Sites Warned Of Increased Hacker Activity. Read more

Linuxsecurity:
Interview with Kurt Seifried of SecurityPortal.com. Read more

TheRegister:
Cisco 600 routers offer cracker fun. http://www.theregister.co.uk/content/5/15246.html

CNN:
Report: Serious concerns remain over FBI's 'Carnivore' system. Read more

Mercurycenter:
Keystroke surveillance by FBI could face challenge in court. Read more

Computeruser:
Shockwave E-Mail Worm More Annoying Than Dangerous. Read more

New.globes.co.il:
Overseas hackers strike again: Israel Land Administration shuts down most of its web site. Read more

New.globes.co.il:
Overseas hackers strike again: Israel Land Administration shuts down most of its web site. Read more

Computerworld:
Feds warn about rise in attacks against e-commerce sites. Read more

ZDNet:
Security administrators get a hacker's-eye view. Read more

Msnbc:
Invasion of Privacy. Read more

Msnbc:
Software to secure your computer. Read more

5 December 2000

GodWill for Godmessage IV
News by MaGuS.

GODWILL give you the power to:
- Trasform an existing HTML page in a GODMESSAGE one;
- Personalize creation process (for example changing language) by a wizard;
- Add an ICQ NOTIFICATION to your trojan server (if it hasn't);
- Add an ICQ NOTIFICATION to your infected page;
- Add an AUTOSTART FEATURE (by registry key) to your trojan sever
(if it hasn't);
- Add an UNKNOW (like SubSeven) AUTOSTART FEATURE to your trojan server;
- Create all files needed by GODMESSAGE EMAIL VERSION (there are many differences from WEB version);
- Crypt GODMESSAGE pages to avoid AntiVirus detection (but page dimension will doublesize!!!);
- Add personal VBS code to execute additional commands of your choise (only 1kb added);
- Compress or expand, by UPX, trojan server before inject it on the GODMESSAGE page (really a UPX GUI!).
Read more

Microsoft Security Bulletin (MS00-094):
Patch Available for "Phone Book Service Buffer Overflow" Vulnerability.
Although this vulnerability would not grant the malicious user administrative level privileges,
it would give the malicious user the ability to add, change or delete specific data,
run code already on the server, or upload new code to the server and run it.
Read more

LinuxToday:
VNU Net: Shockwave virus hits European businesses. Read more

TheRegister:
Hackers, Windows NT and the FBI. Read more

Darwinmag:
Meet the Hackers. Read more

Ananova:
FBI warns of New Year hacker attacks. Read more

Yahoo:
U.S. Embraces European Computer Crime Proposal. Read more

Computerworld:
Cyberattack report: Some progress made. Read more

Computerworld:
NASA hacker pleads guilty. Read more

4 December 2000

New:
Mosucker 1.12 Server by Krusty.

Computeruser:
Apology Pips Navidad & Kakworm In November Virus Charts. Read more

Weekly Microsoft Security Digest 2000/11/27 to 2000/12/03. Read more

Weekly Solaris Security Digest 2000/11/27 to 2000/12/03. Read more

LinuxSecurity.com:
Linux Security Week - December 4th 2000. Read more

Vnunet:
Network Associates denies hackers saw AV code. Read more

BBC:
Turkish PM website hacked. Read more

Reuters:
Turkish PM's Web Site Hacked in Protest at Economy. Read more

Lexis-nexis:
Damian Reece meets the head of the new police unit to fight cybercrime. Read more

Lexis-nexis:
Virus signed "THE PENGUIN" very active in Midwest. Read more

Observer:
Secret plan to spy on all British phone calls. Read more

3 December 2000

New:
Undetected 3.2 Knox_rw. Thanks to MaGus.

Scrap Files Can Tear You Up. Read more

InfoWorld:
Dutch ahead with adoption of cybercrime pact. Read more

Wired:
Palestinian Crackers Share Bugs. Read more

Netimperative:
RSA confirmed as backer of Marrakech. Read more

infoworld:
Kevin Mitnick: The hacker extraordinaire speaks out on security in today's Internet age. Read more

Nandotimes:
Notorious hacker's prison ID up for auction. Read more

HK-imail:
Larger companies face more risk from hackers. Read more

Wired:
Wild Worm With Pro-Linux Message. Read more

LinuxToday:
LinuxPR: "Prolin" Worm Demands Users Move to Linux. Read more

SecurityFocus:
Hijackers take AIM accounts. Read more

CNet:
Hacker pleads guilty in NASA case. Read more

2 December 2000


New:
Hack 99 KeyLogger by BadBoyKilla.

Updated News by MaGus. Read more

Microsoft Security Bulletin (MS00-086):
Patch Available for “Web Server File Request Parsing” Vulnerability.
This vulnerability would enable a malicious user to execute operating system commands on an affected web server. This would give him the ability to modify web pages, add, change or delete files, reformat the hard drive, or take other actions -- including uploading code of his choice to the server and executing it. Read more.

Microsoft Security Bulletin (MS00-091):
Patch Available for "Incomplete TCP/IP Packet" Vulnerability.
There is a denial of service vulnerability that affects Windows NT 4.0 Windows 95, 98, 98 Second Edition and Windows Me. By sending a flood of specially malformed TCP/IP packets to a victim’s machine a malicious user could cause either of two effects. In the most likely case, the flood would temporarily prevent any networking resources on an affected computer from responding to client requests; as soon as the packets stopped arriving, the machine would resume normal operation. In a less likely case, the system could hang, and remain unresponsive until it was rebooted. Read more

Microsoft Security Bulletin (MS00-092):
Patch Available for "Extended Stored Procedure Parameter Parsing" Vulnerability.
Microsoft has released a patch that eliminates a security vulnerability in Microsoft® SQL Server and Microsoft SQL Server Desktop Engine (MSDE). The vulnerability could enable a malicious user to run code on the server, subject to a number of restrictions. Read more

Microsoft Security Bulletin (MS00-093):
Microsoft has released a patch that eliminates four security vulnerabilities in Microsoft® Internet Explorer:
The “Browser Print Template” vulnerability, which could enable a malicious web site operator to take unauthorized actions on the computer of a user who visited her site.
The “File Upload via Form” vulnerability, which could enable a malicious web site operator to read files on a visiting user’s computer.
New variants of the “Scriptlet Rendering” and “Frame Domain Verification” vulnerabilities, both of which could enable a malicious web site operator to read files on a visiting user’s computer. Read more

W32/ProLin@MM is an Internet worm that spreads via email. McAfee AVERT has given it a risk assessment of MEDIUM TO HIGH-RISK. The email comes with an attachment named CREATIVE.EXE, which carries the icon of a Shockwave Media Player application. You may receive the email in this format: Subject = A great Shockwave flash movie Body = Check out this new flash movie that I downloaded just now ... It's Great Bye Attachment = creative.exe If you run CREATIVE.EXE, it finds and alters all .JPG and .ZIP files on your system and forwards a copy of itself to everyone in your email address book. Please do not run the attachment. Read more

Wired:
Wild Worm With Pro-Linux Message. Read more

InfoWorld:
Shockwave virus upgraded to high risk. Read more

CNN:
MTX virus gaining speed in unusual ways. Read more

TheRegister:
Virus prevents you asking for help. Read more

Lexis-nexis:
CIA cracks down on secret chat rooms. Read more

ComputerWorld:
CIA fires, reprimands workers for unauthorized computer use. Read more

Individual.com:
Microsoft Certified Professional Magazine Review Advocates CyberwallPLUS for `Comprehensive Firewall Protection'. Read more

SecurityWatch:
Green MP flames first Kiwi anti-hacking bill. Read more

Lexis-nexis:
The fight against cyber-crime. Read more

1 December 2000


New:
Backage 3.2 S.E beta by Ne-O-Sk8.

ZDNet:
Exploit Exposes Internet Explorer's File Cache. Read more

Wired:
Security Firm's Site Defaced. Read more

Voila:
Hacker breaks into Brazilian president's e-mail account. Read more

CNet:
Hacker sale draws auction ire. Read more

TheRegister:
Banned Mitnick trinket on Dutchbid.com. Read more

Techweb:
Hackers Invade AOL Kids' Event. Read more

ThisisLondon:
Teenager hacker told Lloyd's to secure site. Read more

Ananova.com:
Hackers hijack Rugrats web chat. Read more

Wired:
How MS Helped With Own Hack. Read more

TheStar.com:
Poland's first convicted hacker. Read more

CNet:
Retooled Navidad virus on the loose. Read more

Silicon.com:
Picture imperfect: Virus spreads via graphics attachments. Read more

ComputerUser:
Computer Associates Warns Of Afeto Virus. Read more

LinuxToday:
MSNBC: Pro-Linux virus infecting companies. Read more

Sarc.com:
PHP.Pirus is the first virus written in PHP, a server-side scripting language used for dynamic Web page generation. Read more

ZDNet:
New virus creates Shockwaves. Read more

TheRegister:
Computer engineer commits phone suicide. Read more

You can help to keep this site alive by sending MegaSecurity new trojans or links.


Copyright© MegaSecurity.org