Home    News Archive    Translate Traducen
News April 2006
29 April 2006

Guides, Papers, etc
pharos.cpsc.ucalgary.ca:
Spam Zombies from Outer Space. Read more

www.pcmag.com:
The Great Microsoft Blunder. Read more

blogs.pcworld.com:
Windows Genuine Advantage: Genuinely Annoying. Read more

www.cmpnetasia.com:
Trouble at the root. Read more

www.eweek.com:
Let's Be Civil About Responsibility. Read more

isc.sans.org:
What's a super.proxy.scanner and why is it in my logs? (NEW). Read more

www.mightyseek.com:
Hands On Series - SQL Injection Part 1. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
WinISO ISO Archive Extraction Directory Traversal Bug Writes Files to Arbitrary Locations. Read more

securitytracker.com:
UltraISO ISO Archive Extraction Directory Traversal Bug Writes Files to Arbitrary Locations. Read more

securitytracker.com:
PowerISO ISO Archive Extraction Directory Traversal Bug Writes Files to Arbitrary Locations. Read more

securitytracker.com:
MagicISO ISO Archive Extraction Directory Traversal Bug Writes Files to Arbitrary Locations. Read more

securitytracker.com:
Microsoft Internet Explorer (IE) 'mhtml:' Redirect URL Processing Lets Remote Users Bypass Security Domains. Read more

securitytracker.com:
NetBSD Audio Subsystem May Let Local Users Crash the System. Read more

 

News
www.terra.net.lb:
Yahoo says it is 'unaware' of case of jailed China cyber-dissident. Read more

www.theinquirer.net:
Super-hacker McKinnon speaks out. Read more

www.informationweek.com:
Vista To Handcuff Firewall. Read more

www.sfgate.com:
Gates, N.Y. Times Tout 'Onscreen Reader'. Read more

news.zdnet.com:
Trojan horse: Your money or your files. Read more

28 April 2006

Guides, Papers, etc
labnol.blogspot.com:
Disable Non Genuine Windows Warning Messages: WGA Workarounds. Read more

sunbeltblog.blogspot.com:
These botnets are getting pretty slick. Read more

sunbeltblog.blogspot.com:
Pssst...you wanna see a Firefox exploit in action? Read more

www.esecurityplanet.com:
Bouncebacks: The Hidden Cost of Spam. Read more

blogs.securiteam.com:
Should we kill IE? Read more

 

Vulnerabilities & Exploits
securitytracker.com:
SpeedCommander Buffer Overflows in Processing ACE Archives May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Squeez Buffer Overflows in Processing ACE Archives May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Internet Explorer Modal Security Dialog Race Condition May Let Remote Users Install Code or Obtain Information. Read more

securitytracker.com:
Microsoft Internet Explorer Bug in Processing Nested OBJECT Tags Lets Remote Users Deny Service. Read more

securitytracker.com:
Juniper NetScreen Instant Virtual Extranet Buffer Overflow in 'JuniperSetup.ocx' ActiveX Control Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Oracle Database DBMS_EXPORT_EXTENSION Package Lets Remote Users Execute Arbitrary Functions. Read more

securitytracker.com:
3Com Baseline Switch 2848-SFP Plus Lets Remote Users Deny Service With Specially Crafted DHCP Packets. Read more

 

News
www.theregister.co.uk:
AV firms rubbish MS Vista security claims. Read more

blog.washingtonpost.com:
Real World Impact of IE Flaw. Read more

www.eweek.com:
Microsoft Rocked by New IE Zero-Day Flaw Warning. Read more

www.itnews.com.au:
Researcher: Microsoft security team dismissive, adversarial. Read more

today.reuters.co.uk:
Yahoo cited in jailing of China Internet writer. Read more

www.theregister.co.uk:
Trojan demands ransom with menaces. Read more

techdirt.com:
Script Kiddies Killing The Margins In Online Extortion. Read more

www.pcworld.com:
Security Advice From a Wanted Hacker. Read more

www.slovakspectator.sk:
Security bureau hacked. Read more

www.technewsworld.com:
Survey Finds 97 Percent of Web Users a Click Away From Infection. Read more

www.theglobeandmail.com:
Beware the sophisticated style of spam to come. Read more

www.theregister.co.uk:
BitLocker gives dual-boot systems the elbow. Read more

www.theregister.co.uk:
Early days of dial-up hacking recalled. Read more

www.terra.net.lb:
Brazil clashes with Google over user data. Read more

27 April 2006

Guides, Papers, etc
www.eweek.com:
Irresponsible Bug Disclosure. Read more

www.techweb.com:
Users' Web Password Practices Pitiful. Read more

support.microsoft.com:
Description of the Windows Genuine Advantage Notifications application. Read more

www.newsfactor.com:
How To Stop Internet Identity Theft. Read more

www.newsfactor.com:
Bringing More Security to Wi-Fi Networks. Read more

sunbeltblog.blogspot.com:
If you're paranoid, Skype might be your best bet. Read more

 

Tools:
www.ieaddons.com:
Add-Ons for Microsoft Internet Explorer. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Nessus libnasl split() Function Buffer Overflow May Let Authorized Users Deny Service. Read more

securitytracker.com:
BIND Can Be Crashed By Remote Users Sending a Broken TSIG. Read more

securitytracker.com:
JUNOSe DNS Response Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
DeleGate Can Be Crashed By Remote Systems Returning Specially Crafted DNS Responses. Read more

securitytracker.com:
MyDNS Can Be Crashed By Remote Users Sending a 'Query-of-Death' Request. Read more

securitytracker.com:
pdnsd Bug in Processing ADNS Queries Lets Remote Users Deny Service. Read more

 

News
www.vnunet.com:
Schneier warns Microsoft over Vista security. Read more

www.vnunet.com:
Zombie PC botnets move east. Read more

www.vnunet.com:
Spyware evolving faster than viruses. Read more

www.theregister.co.uk:
Phishing goes international. Read more

www.informationweek.com:
Phishers Snare Victims With VoIP. Read more

www.vnunet.com:
Major mobile virus attack 'imminent'. Read more

news.com.com:
Chinese Internet writer charged with subversion. Read more

www.eweek.com:
Intel Lays Hacker Trap, Read more

www.iht.com:
Spyware firms on the defensive. Read more

26 April 2006

Guides, Papers, etc
ddanchev.blogspot.com:
Wild Wild Underground. Read more

www.corsaire.com:
Cookie Path Best Practice. Read more

www.dslreports.com:
Using No Anti-Virus. Read more

www.infosec.co.uk:
Trojans, Trojans, Trojans! Read more

www.infosec.co.uk:
Money, Money, Money! From computer vandalism to crimeware. Read more

www.schneier.com:
RFID Cards and Man-in-the-Middle Attacks. Read more

www.security.nl:
Spyware: The first thing you need to know is that you probably have it. Read more

www.networkcomputing.com:
Market Analysis: Web Application Firewalls. Read more

 

Tools:
fileforum.betanews.com:
F-Secure BlackLight 2.2.1036 Beta. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Clansys Include File Bug in 'page' Parameter Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Sun Solaris libpkcs11 May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Trac Wiki Function Input Validation Hole Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Ethereal Bugs in Multipe Dissectors Lets Remote Users Execute Arbitrary Code and Remote Deny Service. Read more

securitytracker.com:
phpMyAgenda 'rootagenda' Parameter Include File Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
RateIt Input Validation Hole in 'rateit_id' Parameter Permits SQL Injection. Read more

securitytracker.com:
Safari Bug in Processing Table Rowspan Elements Let Remote Users Deny Service. Read more

securitytracker.com:
Firefox iframe.contentWindow.focus() Function Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
iOpus Secure Email Attachments Password Weakness May Let Remote Users Decrypt Attachments. Read more

securitytracker.com:
PHP wordwrap(), array_fill(), and substr_compare() Bugs Let Remote Users Deny Service or Execute Arbitrary Code. Read more

securitytracker.com:
Ruby HTTP/XMLRPC Server Lets Remote Users Block Connections. Read more

 

News
Microsoft Security Bulletin MS06-015
Microsoft Security Bulletin Re-Releases. Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531). Read more

blog.washingtonpost.com:
MS Expands Anti-Piracy Program, Reissues Patch. Read more

www.theregister.co.uk:
IE7 Beta 2 is go. Read more

software.silicon.com:
Group bug: Flaws flagged in IE, Mozilla, Safari. Read more

today.reuters.co.uk:
Online gangs targeting consumers - crime agency. Read more

www.iol.co.za:
Microsoft feels the heat from new browsers. Read more

www.wired.com:
Making a Revolution. Read more

www.itnews.com.au:
Hacker 'Smartbomb' toolkit attacks unpatched computers. Read more

www.securityfocus.com:
Forensic felonies. Read more

www.vnunet.com:
Bluetooth virus leaves mobile users out of pocket. Read more

25 April 2006

Guides, Papers, etc
www.usatoday.com:
Malicious-software spreaders get sneakier, more prevalent. Read more

www.microsoft.com:
It's not always malware: How to fix the top 10 Internet Explorer issues. Read more

www.feedsforme.com:
Google Cheat Sheets. Read more

www.applematters.com:
Will Vista Be the Last Operating System Microsoft Produces? Read more

www.schneier.com:
Microsoft Vista's Endless Security Warnings. Read more

www.sysinternals.com:
Why Winternals Sued Best Buy. Read more

 

Tools:
Nmap 4.03 Released. Read more

www.betanews.com:
Internet Explorer 7 Beta 2 Released. Read more

 

News
news.com.com:
Microsoft piracy check comes calling. Read more

www.statesman.com:
Computer records on 197,000 people breached at UT. Read more

www.informationweek.com:
ISPs Will Face More Fed Heat. Read more

www.eweek.com:
Government-Funded Startup Blasts Rootkits. Read more

www.usatoday.com:
States rush to remove data on residents from websites. Read more

www.infoworld.com:
Rootkit programs benefit from open source. Read more

www.securityfocus.com:
U.S. remains spam king, China close second. Read more

www.securityfocus.com:
Forensic felonies. Read more

www.theregister.co.uk:
Cybercops and zero day vulns. Read more

news.com.com:
New group aims to 'save the Internet'. Read more

www.technewsworld.com:
UK Group Aims to Thwart Child Predators Online. Read more

www.theregister.co.uk:
Text to speech is getting emotional. Read more

24 April 2006

Guides, Papers, etc
news.com.com:
Video: Microsoft fixes a patch. Watch

news.com.com:
Video: New Opera Web browser debuts. Watch

news.com.com:
Video: Gates on Google. Watch

www.dslreports.com:
Audio: Leo Laporte and Steve Gibson use NO Antivirus. Download

www.websensesecuritylabs.com:
Video: Cyber extortion malicious code video. Watch

www.linux-watch.com:
When Microsoft-Lovers Bash Microsoft. Read more

www.bobparsons.com:
The add/drop scheme. How millions of .COM names are used but never paid for. Read more

www.hacknot.info:
Debugging 101. Read more

blogs.msdn.com:
5 Reasons to Choose Simple Sandboxing. Read more

 

Tools:
www.microsoft.com:
Password checker. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
MKPortal Input Validation Holes Permit Cross-Site Scripting and SQL Injection Attacks. Read more

securitytracker.com:
Simplog Input Validation Holes in 'preview.php', 'archive.php', and 'comments.php' Permit SQL Injection Attacks. Read more

securitytracker.com:
Cisco Subscriber Edge Services Manager Can Be Crashed With Specially Crafted Compressed DNS Data. Read more

securitytracker.com:
Symantec Scan Engine Lets Remote Users Access the System and Download Files. Read more

securitytracker.com:
SL_site Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
phpGraphy 'editwelcome' Function Grants Remote Users Access to Some Administrative Functions. Read more

 

News
www.m2.com:
Cyber-blackmail and mobile viruses increase - report. Read more

www.latimes.com:
Records Hacked at University of Texas. Read more

www.newsfactor.com:
Man Charged with Hacking USC Database. Read more

www.vnunet.com:
Seven unpatched OS X vulnerabilities exposed. Read more

www.2-spyware.com:
YapBrowser - adware and child porn. Read more

www.pcworld.com:
Researcher: Major Banking Sites Insecure. Read more

www.pcworld.com:
Torvalds Patches Linux Kernel, Fixes Broken Virus. Read more

today.reuters.co.uk:
Police target online paedophiles with Internet agency. Read more

news.com.com:
Gonzales calls for mandatory Web labeling law. Read more

knac.com:
RIAA Sues Family Without A Computer. Read more

22 April 2006

Guides, Papers, etc
blogs.securiteam.com:
Advanced targeted comment spam and FP decision making. Read more

blogs.securiteam.com:
Fixing silently is Apple�s business too. Read more

isc.sans.org:
phpBB bots/worms. Read more

blogs.zdnet.com:
Spamming malware: Parite.B and IRC backdoor disable anti-spyware programs. Read more

www.techweb.com:
Rootkits To Mask Most Malware By 2008. Read more

www.infoworld.com:
Go hack yourself. Read more

blogs.zdnet.com:
Super-Glue: Best practice for countering key stroke loggers. Read more

economictimes.indiatimes.com:
Surfing the net for jobs? Be cautious. Read more

www.processor.com:
Wi-Fi Hotspot Do�s & Don�ts. Read more

download.jiwire.com:
Understanding The Basics of Wi-Fi Security. Read more

www.eweek.com:
Microsoft Patches: When Silence Isn't Golden. Read more

www.techweb.com:
How To Uninstall A Microsoft Patch. Read more

 

Vulnerabilities & Exploits
www.rapid7.com:
Symantec Scan Engine Authentication Fundamental Design Error. Read more

securitytracker.com:
PHPSurveyor Input Validation Hole Permits SQL Injection and Lets Remote Users Include and Execute Arbitrary Code. Read more

 

News
www.redherring.com:
Yahoo Defends China Policy. Read more

www.sfgate.com:
Watchdogs take Yahoo to task One more man imprisoned by Chinese officials. Read more

www.informationweek.com:
Mac OS X Hit By 6 New Zero-Day Bugs. Read more

www.theregister.co.uk:
Virus writers get into cyber-extortion. Read more

www.itnews.com.au:
Microsoft patch 'erases' Outlook Express addresses. Read more

www.itnews.com.au:
Feds issue security alert on Firefox. Read more

www.theregister.co.uk:
Readers battle botnets for control of planet Earth. Read more

www.cioupdate.com:
Lessons Learned from Biggest Bank Heist in History. Read more

www.redherring.com:
Spammers Bait Users with Porn. Read more

entmag.com:
N.Y. County Enacts Wireless Security Law. Read more

www.vnunet.com:
Skype kowtows to Chinese censors. Read more

www.technewsworld.com:
Washington State Settles Spyware Suit. Read more

www.theinquirer.net:
US plans more internet monitoring laws. Read more

21 April 2006

Guides, Papers, etc
blogs.technet.com:
More information on the MS06-015 issue. Read more

www.infosecdaily.net:
The anti virus industry�s panacea - a virus recovery button. Read more

searchwindowssecurity.techtarget.com:
Internet Explorer 7: How it can make your life easier. Read more

techplanetasia.com:
Beware the silent exploit. Read more

www.zdnet.com.au:
The pros and cons of Windows Firewall. Read more

www.pcmag.com:
An Open Letter to Security Vendors. Read more

www.cio-today.com:
Cleaning Up the Net's Malicious Software. Read more

blog.finke.ws:
Cracking WEP. Read more

www.winsupersite.com:
Windows Vista February 2006 CTP (Build 5308) Review, Part 1. Read more

www.winsupersite.com:
Windows Vista February 2006 CTP (Build 5308) Review, Part 2: Setup and Installation. Read more

www.winsupersite.com:
Windows Vista February 2006 CTP (Build 5308) Review, Part 3: New Applications. Read more

www.winsupersite.com:
Windows Vista February 2006 CTP (Build 5308/5342) Review, Part 4: Improved Applications. Read more

www.winsupersite.com:
Windows Vista February 2006 CTP (Build 5308/5342) Review, Part 5: Where Vista Fails. Read more

www.securewebbank.com:
A List of Banks Using and Not Using SSL Forms. Read more

 

Tools:
fileforum.betanews.com:
Tor for Windows 0.1.1.18-rc beta. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
HP StorageWorks Secure Path for Windows Lets Remote Users Deny Service. Read more

securitytracker.com:
PCPIN Chat Input Validation Holes Let Remote Users Inject SQL Commands and Include Local Files. Read more

securitytracker.com:
ActualAnalyzer Include File Bug in 'direct.php' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
FreeBSD Floating Point Unit Kernel Implementation Error May Let Local Users Obtain Sensitive Information. Read more

securitytracker.com:
CiscoWorks Wireless LAN Solution Engine Cross-Site Scripting Flaw Yields Administrative Privileges and Command Line Bug Lets Remote Authenticated Users Gain Shell Access. Read more

securitytracker.com:
Cisco IOS XR MPLS Bugs Let Remote Users Deny Service. Read more

 

News
www.theregister.co.uk:
Skype uses peer pressure defense to explain China text censorship. Read more

www.securityfocus.com:
E-mail authentication gaining steam. Read more

www.vnunet.com:
Worldwide laws fail to fight cyber crime. Read more

www.securityfocus.com:
Man charged with accessing USC student data. Read more

www.theregister.co.uk:
We're winning the war against hackers. Read more

www.technewsworld.com:
Security Firms Bust Malware-for-Sale Racketeers. Read more

www.toptechnews.com:
More Internet Threats Expected This Year. Read more

today.reuters.com:
Microsoft's legal fight in Europe seen as Vista threat. Read more

20 April 2006

Guides, Papers, etc
www.gi-ev.de:
International Conference on IT-Incident Management & IT-Forensics. Read more

www.timesonline.co.uk:
Britain. Read more

www.tomshardware.co.uk:
Social Engineering: The Biggest Risk to Internet Security. Read more

www.thenetworksecurity.org:
DNS Cache Poisoning, The Next Generation. Read more

www.symantec.com:
Familiarize Yourself With the Many Objectives of Spyware. Read more

www.echannelline.com:
The future of malicious code. Read more

sunbeltblog.blogspot.com:
Spyware Quake installed through exploits [Site list included]. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Oracle Database and Other Products Have Multiple Unspecified Vulnerabilities With Unspecified Impact. Read more

securitytracker.com:
Neuron Blog Input Validation Holes in 'name' and 'website' Parameters Let Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
xine Playlist File Path Format String Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
ShoutBOOK Input Validation Bug in Name and Comments Fields Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
CzarNews Input Validation Holes in 'news.php' and Other Scripts Permit Cross-Site Scripting and SQL Injection Attacks. Read more

securitytracker.com:
Betaboard Input Validation Flaw in User Profiles Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Calendarix Input Validation Flaw in 'ycyear' Parameter Permits Cross-Site Scripting Attacks. Read more

 

News
edition.cnn.com:
Yahoo accused of helping jail Internet writer. Read more

www.betanews.com:
Yahoo Target of New Criticism in China. Read more

www.terra.net.lb:
Bill Gates makes cryptic remark on Internet rights to China's Hu. Read more

www.zdnet.com.au:
Microsoft OneCare only cares about one�Read more

www.sophos.com:
Sophos report reveals latest 'dirty dozen' spam relaying countries. Read more

news.zdnet.co.uk:
Research reveals stalemate in 'IT security war'. Read more

www.itnews.com.au:
Man fined $US84k in spyware case. Read more

blog.siteadvisor.co:
Free iPods -- What Really Happens To Your E-mail Address. Read more

news.com.com:
Kids outsmart Web filters. Read more

www.technewsworld.com:
Microsoft Takes Another Step in Fight Against Spam. Read more

isc.sans.org:
Banks use non-ssl login forms. Read more

news.com.com:
Danger: Authenticating e-mail can break it. Read more

19 April 2006

Guides, Papers, etc
www.isotf.org:
DNS Amplification Attacks. Read more

www.securityfocus.com:
Stop the bots. Read more

www.qbrundage.com:
Working at Microsoft. Read more

blog.washingtonpost.com:
Windows Users: Drop Your Rights. Read more

www.mightyseek.com:
Audio: Privilage Escalation Attacks. Listen

lauren.vortex.com:
Video: "Internet and Empires" Talk at Google. Watch

www.free-seo-news.com:
Do hackers hijack your search engine listings? Read more

www.eweek.com:
The Future of Phish Fighting. Read more

www.eweek.com:
Open Source and Anti-Virus Don't Mix. Read more

ddanchev.blogspot.com:
Spotting valuable investments in the information security market. Read more

www.devx.com:
Great Hackers Make the Worst Developers. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Symantec LiveUpdate for Macintosh Missing Path Specification Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
IBM AIX rm_mlcache_file Command May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
wpBlog Input Validation Flaw in 'postid' Parameter Permits SQL Injection. Read more

securitytracker.com:
Neon Responders for Windows Can Be Crashed By Remote Users. Read more

securitytracker.com:
FlexBB Input Validation Flaw in 'flexbb_username' Cookie Parameter Permits SQL Injection Attacks. Read more

securitytracker.com:
Boardsolution Missing Input Validation in Search Function Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Snipe Gallery Input Validation Holes in 'view.php', 'image.php', and 'search.php' Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
FlexBB Input Validation Bugs Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
phpFaber TopSites Input Validation Hole in 'page' Parameter Permits Cross-Site Scripting Attacks. Read more

 

News
www.theregister.co.uk:
European firms open to security attacks: McAfee. Read more

software.newsforge.com:
Torvalds creates patch for cross-platform virus. Read more

www.securityfocus.com:
Firefox fixes new security flaws. Read more

www.betanews.com:
Microsoft Looking Into Patch Problems. Read more

www.esecurityplanet.com:
Hackers Issue Own 'Patch' to Infected Computers. Read more

www.theregister.co.uk:
Mobile search focuses on smut. Read more

www.informationweek.com:
Beware Bagel Worms Updating. Read more

catless.ncl.ac.uk:
New Microsoft Patch Breaks Web Pages -- On Purpose! Read more

news.com.com:
What's the next security threat? Read more

today.reuters.com:
Google to search inside business software programs. Read more

www.reghardware.co.uk:
AMD said to be researching 'reverse multi-threading' tech. Read more

18 April 2006

Guides, Papers, etc
download.nai.com:
Rootkits, The Growing Threat. Read more

www.rootkit.com:
Ad-Aware PR. Read more

sunbeltblog.blogspot.com:
New rogue on the loose -- Spyware Soft Stop. Read more

www.networkworld.com:
Does open source encourage rootkits? Read more

blogs.securiteam.com:
�and one giant step for PHP security. Read more

os.newsforge.com:
Hands-on testing of the new Linux virus. Read more

www.loosewireblog.com:
RFID -- Ready For Imminent Destruction? Read more

www.techworld.com:
Finding software vulnerabilities with "honeyclients". Read more

www.rootkit.com:
Kick the Heuristic Anti-virus out of the Rootkit. Read more

www.businessweek.com:
Your Ad Here. And Here. And Here. Read more

www.infoworld.com:
Stupid user tricks: Eleven IT horror stories. Read more

www.htrnews.com:
Survey finds many wireless networks in city not protected. Read more

www.redherring.com:
The Future of the Internet. Read more

www.forensicfocus.com:
Forensic Analysis of the Windows Registry. Read more

www.forensicfocus.com:
Analysis of hidden data in NTFS file system. Read more

www.emailbattles.com:
Why Yahoo Can't Deliver Email. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
osCommerce 'extras' Directory Bug May Let Remote Users View Files on the Target System. Read more

securitytracker.com:
FarsiNews Input Validation Hole in 'search.php' Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
phpWebSite Include File Bug in 'hub_dir' Parameter May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
LifeType Input Validation Bug Lets Remote Users Conduct Cross-Site Scripting Attacks and Also Determine the Installation Path. Read more

securitytracker.com:
MODx 'id' Parameter Input Validation Flaw Permits Directory Traversal and Cross-Site Scripting Attacks. Read more

securitytracker.com:
Papoo Input Validation Holes in 'menuid', 'forumid', and 'reporeid_print' Parameters Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Dokeos Input Validation Flaw in 'viewtopic.php' Permits SQL Injection. Read more

securitytracker.com:
PHP121 Input Validation Bug in 'sess_username' Parameter Permits SQL Injection. Read more

securitytracker.com:
Clansys Input Validation Flain in 'member' Page Permits SQL Injection Attacks. Read more

securitytracker.com:
Clansys Input Validation Holes in 'page' Parameter and Search Function Permit Cross-Site Scripting Attacks. Read more

 

News
www.securityfocus.com:
Microsoft criticized for silent patches. Read more

www.infoworld.com:
Hacked computers download spam tool. Read more

www.vnunet.com:
Rootkit use continues to grow. Read more

news.com.com:
What's the next security threat? Read more

www.securityfocus.com:
Suspected Czech phishing mule busted. Read more

www.theinquirer.net:
Microsoft security patch kills Office. Read more

www.it-observer.com:
Easter Eggs Bypass Security. Read more

channels.netscape.com:
Thousands of British credit card details traded online. Read more

www.technewsworld.com:
Low-Hanging Fruit for Identity Thieves in Seoul. Read more

www.betanews.com:
AOL Blocking E-mail from Critics? Read more

arstechnica.com:
EFF files brief in free speech case. Read more

15 April 2006

Guides, Papers, etc
isc.sans.org:
Rootkit Findings. Read more

permalink.gmane.org:
Microsoft DNS resolver: deliberately sabotaged hosts-file lookup. Read more

blogs.zdnet.com:
Why Windows is less secure than Linux. Read more

www.eweek.com:
Gumming Up Your USB Drive: How and Why. Read more

www.eweek.com:
It's Time to Leave Win9x Behind. Read more

www.itnews.com.au:
Microsoft's tying IE changes in security patch sparks backlash. Read more

www.itnews.com.au:
Web app hack incidents are up as businesses take cover. Read more

news.com.com:
Video: Security Bites videocast. A flood of patches. Watch

news.com.com:
Video: When your security is insecure. Is fixing software really that hard? Watch

ddanchev.blogspot.com:
On the Insecurities of the Internet. Read more

ddanchev.blogspot.com:
Fighting Internet's email junk through licensing. Read more

msnbc.msn.com:
When pigs fly: Running Windows on a Mac. Read more

www.esecurityplanet.com:
Q&A: Is a Threat Lurking on Your Network? Read more

www.dailybulletin.com:
A place for predators. Encounters on social networking Web sites are not always what they seem. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Mozilla Firefox js_ValueToFunctionObject() Security Check Can Be Bypassed by Remote Users to Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Thunderbird js_ValueToFunctionObject() Security Check Can Be Bypassed by Remote Users to Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Seamonkey js_ValueToFunctionObject() Security Check Can Be Bypassed by Remote Users to Execute Arbitrary Code. Read more

securitytracker.com:
Sun Java Studio Enterprise Unsafe File Permissions May Let Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Mozilla Firefox XBL Control 'Print Preview' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Thunderbird XBL Control 'Print Preview' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Browser Suite XBL Control 'Print Preview' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Seamonkey XBL Control 'Print Preview' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Firefox crypto.generateCRMFRequest Method Lets Remote Users Install and Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Thunderbird crypto.generateCRMFRequest Method Lets Remote Users Install and Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Seamonkey crypto.generateCRMFRequest Method Lets Remote Users Install and Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Browser Suite crypto.generateCRMFRequest Method Lets Remote Users Install and Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Firefox Memory Corruption in Processing DHTML May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Thunderbird Memory Corruption in Processing DHTML May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Seamonkey Memory Corruption in Processing DHTML May Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Firefox Integer Overflow in CSS Letter-Spacing Property Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Browser Suite Integer Overflow in CSS Letter-Spacing Property Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Seamonkey Integer Overflow in CSS Letter-Spacing Property Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mozilla Thunderbird Integer Overflow in CSS Letter-Spacing Property Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
IBM Lotus Notes Incorrect E-mail Address Book Entry May Cause Mail to Be Sent to the Wrong Recipient. Read more

securitytracker.com:
Sybase EAServer Manager May Disclose Passwords to Remote Authenticated Users. Read more

securitytracker.com:
Opera Cascading Style Sheet Attribute Integer Overflow Lets Remote Users Deny Service. Read more

securitytracker.com:
Novell GroupWise Messenger Buffer Overflow in Accept-Language Header Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.crn.com:
Microsoft Patch Causing Lockups, Crashes. Read more

www.cio-today.com:
Gates Sketches Out Vision for the Future. Read more

www.securityfocus.com:
Suspected Czech phishing mule busted. Read more

weblog.infoworld.com:
A Conversation About Spyware. Read more

www.vnunet.com:
China outlaws Outlook. Read more

www.technewsworld.com:
More E-Mail, IM Attacks, Fewer Viruses Last Month. Read more

news.com.com:
Vista won't show fancy side to pirates. Read more

www.worldtribune.com:
'Red Hackers Alliance' seen behind attacks on U.S. sites. Read more

www.usatoday.com:
Sellers of Internet addresses surf for � and get � some big payoffs. Read more

14 April 2006

Guides, Papers, etc
www.clickz.com:
Questions for Ben Edelman. Read more

www.viruslist.com:
Malware Evolution: January - March 2006. Read more

www.f-secure.com:
Forget about Windows update. Read more

www.ethicalhacker.net:
The Technical Foundations of Hacking. Read more

blogs.zdnet.com:
Linux zombies show platforms don't matter. Read more

www.newsforge.com:
Linux and Viruses Explained. Read more

chkpt.zdnet.com:
Audio: Distributed Denial of Service Attacks. Listen

sunbeltblog.blogspot.com:
Video of CreateTextRange. Watch

www.trimmail.com:
Malware threats today and tomorrow. Read more

searchsecurity.techtarget.com:
Opinion: It's time to fix AV warning messages. Read more

www.windowsecurity.com:
A proxy by any other name. Read more

 

Vulnerabilities & Exploits
www.argeniss.com:
Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (MS06-17). Read more

www.redteam-pentesting.de:
PAJAX Remote Code Injection and File Inclusion Vulnerability. Read more

securitytracker.com:
NetBSD sysctl() Buffer Validation Error Lets Local Users Deny Service. Read more

securitytracker.com:
NetBSD SIOCGIFALIAS ioctl Error Lets Local Users Deny Service. Read more

securitytracker.com:
NetBSD Intel RNG Driver May Use a Constant Stream for Randomization. Read more

securitytracker.com:
Adobe LiveCycle May Let OBSOLETE Users Continue to Access the System. Read more

securitytracker.com:
Adobe Document Server May Disclose Authentication Credentials to Remote Users. Read more

securitytracker.com:
Simplog Include File Bug in 'doc/index.php' Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Sun Solaris LDAP Client May Disclose RootDN Password to Local Users. Read more

securitytracker.com:
Solaris Bug in sh Temporary File Creation Lets Local Users Deny Service. Read more

securitytracker.com:
HP System Management Homepage Lets Remote Users Bypass Authentication. Read more

 

News
www.eweek.com:
Microsoft's Security Disclosures Come Under Fire. Read more

blogs.zdnet.com:
Disturbing developments in DDoS attacks. Read more

www.scmagazine.com:
Rootkits, blackmail scams on the rise. Read more

www.scmagazine.com:
Fear of viruses, spyware cut down illegal downloads. Read more

www.techweb.com:
Analyst: More Vista Delays Would Sell 1 Million More PCs. Read more

www.informationweek.com:
IE 7 Security Update Picture Remains Muddy. Read more

www.vnunet.com:
Research finds no way to beat phishing. Read more

www.theregister.co.uk:
Google receives 'voice search' patent. Read more

www.techworld.com:
Yahoo accused of poor email service. Read more

www.theregister.co.uk:
Browser crashers warm to data fuzzing. Read more

www.theregister.co.uk:
Alleged Pentagon hacker fears Guantanamo. Read more

13 April 2006

Guides, Papers, etc
www.cioupdate.com:
The Fourth Generation of Malware. Read more

www.securityfocus.com:
Browsers feel the fuzz. Read more

metasploit.blogspot.com:
Browser fuzzing for fun and profit. Read more

www.forbes.com:
Is The Internet Out Of Room? Read more

www.securityfocus.com:
Virtualization for security. Read more

www.windowsecurity.com:
Why and how to implement SecurID Authentication. Read more

isc.sans.org:
'Who is' your friend! (NEW). Read more

news.bbc.co.uk:
Profile: Gary McKinnon. Read more

news.com.com:
Video: Fighting Yahoo's China policies. Watch

 

News
www.terra.net.lb:
Google defends censorship practices in China, praises Beijing. Read more

news.com.com:
Yahoo pressured over China cooperation. Read more

www.betanews.com:
Microsoft Launches Academic Search. Read more

software.silicon.com:
XP won't expose Macs to viruses, says Gartner. Read more

news.bbc.co.uk:
British 'hacker' fears Guantanamo. Read more

news.com.com:
Alleged NASA hacker to hear fate next month. Read more

www.it-observer.com:
Finjan Identifies Critical Microsoft Vulnerability That Could Be Exploited via Internet Explorer. Read more

software.silicon.com:
Security 'network' to speed up anti-hacker tools. Read more

www.windowsitpro.com:
Will Malware Prompt Broad Shift to VMs? Read more

software.silicon.com:
The weakest link in the security chain? You. Read more

go.reuters.co.uk:
China targets PC makers in anti-piracy drive. Read more

www.informationweek.com:
Software Warns Parents Of Online Sexual Predators. Read more

news.com.com:
Phony kids, virtual sex. Read more

12 April 2006

Guides, Papers, etc
blogs.securiteam.com:
Misleading and Incomplete Information in MS06-015. Read more

research.microsoft.com:
Strider Typo-Patrol: Discovery and Analysis of Systematic Typo-Squatting. Read more

www.honeypots.com:
Steganography in Botnet Command & Control. Read more

www.honeypots.com:
A Short Visit to the Bot Zoo. Read more

www.wired.com:
Bug Bounties Exterminate Holes. Read more

www.techweb.com:
IE Changes Due: What You Can Expect. Read more

www.channel4.com:
Video: Hacking into the Pentagon. Read more

www.microsoft.com:
Zombies and botnets: help keep your computer under your control. Read more

software.newsforge.com:
The case of the non-viral virus. Read more

 

Tools:
research.microsoft.com:
Strider URL Tracer with Typo-Patrol. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Microsoft Internet Explorer Parsing and State Errors Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Internet Explorer Lets Remote Users Spoof the Address Bar URL. Read more

securitytracker.com:
Microsoft Outlook Express Buffer Overflow in Processing Windows Address Books Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Windows Explorer COM Object Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft FrontPage Server Extensions Input Validation Holes Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Microsoft SharePoint Team Services Input Validation Holes Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Microsoft Data Access Components RDS.Dataspace Access Control Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Microsoft Internet Explorer Popup Window Object Bugs Let Remote Users Execute Scripting Code in Arbitrary Domains. Read more

securitytracker.com:
Indexu Include File Bug in 'theme_path' and 'base_path' Parameters Permits Remote Code Execution. Read more

securitytracker.com:
Confixx Input Validation Hole in 'allgemein_transfer.php' Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
PHPlist Include File Bug Lets Remote Users Execute Arbitrary Commands. Read more

securitytracker.com:
PHPKIT Input Validation Flaw in 'contentid' Parameter Permits SQL Injection. Read more

securitytracker.com:
Clam AntiVirus Integer Overflow in Processing UPX File PE Headers Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Oracle Database Lets Remote Authenticated Low Privilege Users Make Unauthorized Modifications on a Base Table. Read more

securitytracker.com:
Sire Bugs Let Remote Users Include and Execute Arbitrary Code and Upload Image Files. Read more

securitytracker.com:
Autonomous LAN Party Include File Bug Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
SaphpLesson Input Validation Hole in 'search.php' Permits Cross-Site Scripting Attacks. Read more

 

News
www.microsoft.com:
Microsoft Security Bulletin Summary for April, 2006. Read more

www.securityfocus.com:
Microsoft tool aims to stymie typosquatters. Read more

www.theregister.co.uk:
Argentina extradites Spanish hacker. Read more

www.strategypage.com:
The Mysterious Botnets of China. Read more

software.silicon.com:
McAfee unafraid of Microsoft's security effort. Read more

www.theinquirer.net:
Microsoft helped write Oklahoma computer law. Read more

www.theregister.co.uk:
VMware throws next punch in virtualisation battle. Read more

www.fcw.com:
Pentium computers vulnerable to cyberattack. Read more

news.com.com:
Blogosphere suffers spam explosion. Read more

sfgate.com:
Web site exposes Air Force One defenses. Read more

www.securityfocus.com:
Phone records for sale. Read more

10 April 2006

Guides, Papers, etc
techrepublic.com.com:
10 Internet threats your users should ignore. Read more

searchwindowssecurity.techtarget.com:
How to (really) harden Windows clients. Read more

www.siliconvalleysleuth.com:
For profit virus writers lacking skills. Read more

isc.sans.org:
Spam reporting addresses (NEW). Read more

www.networkworld.com:
Startup called Webaroo touts 'Web on a hard drive'. Read more

yorn.wordpress.com:
Losing Trust in Anti-Virus Vendors. Read more

news.com.com:
Video: Why phishing works. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
PHP copy() Function Safe Mode Checking Error Lets Users Bypass Safe Mode File Access Restrictions. Read more

securitytracker.com:
PHP tempname() Argument Error Lets Users Bypass open_basedir Restrictions. Read more

securitytracker.com:
PHP Self-Referencing Function Memory Allocation Error May Let Local Users Deny Service. Read more

securitytracker.com:
PHP phpinfo() Array Validation Bug Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more

securitytracker.com:
Aweb's Scripts Seller Lets Remote Users Bypass Authorization and Download Files Without Paying. Read more

securitytracker.com:
Aweb's Banner Generator Input Validation Hole in 'banner' Parameter Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
Mailman Input Validation Bug in Private Archive Script Permits Cross-Site Scripting Attacks. Read more

securitytracker.com:
HP-UX su LDAP Netgroup Bug Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
phpMyChat Input Validation Hole in 'chat/messagesL.php3' Permits SQL Injection. Read more

 

News
software.silicon.com:
IBM building security into chips. Read more

www.vnunet.com:
Microsoft preps critical Windows Media patch. Read more

www.smh.com.au:
Google wins rights to Aussie algorithm. Read more

www.fcw.com:
Cyberattackers can exploit Pentium self-defense. Read more

mcpmag.com:
More Japanese Companies Spying on Employee PC Usage. Read more

www.physorg.com:
'Megahacker' extradited from Argentina to Spain. Read more

news.zdnet.co.uk:
Assembler virus spells trouble for Linux. Read more

www.esecurityplanet.com:
Laptops: The Most Dangerous Tool on the Network. Read more

08 April 2006

Guides, Papers, etc
www.benedelman.org:
Direct Revenue's Dirty Documents. Read more

www.honeynet.org:
Know your Enemy: Tracking Botnets. Read more

www.cert.org:
Botnets as a Vehicle for Online Crime. Read more

www.shadowserver.org:
Researching Botnets. Read more

tibbar.blog.co.uk:
Kernel Mode Ircbot. Read more

www.microsoft.com:
Zombies and botnets: help keep your computer under your control. Read more

www.emailbattles.com:
How The Anti-Virus Industry Is Turning A White Hat Black, or (at least) Gray. Read more

www.ic3.gov:
2005 Internet Crime Report. Read more

taosecurity.blogspot.com:
Virtualization is the New Web Browser. Read more

www.oag.state.ny.us:
STATE SUES MAJOR "SPYWARE" DISTRIBUTOR. Read more

people.freebsd.org:
Open Letter to D-Link about their NTP vandalism. Read more

www.skyhunter.com:
An Introduction to Petname Systems. Read more

www.informationweek.com:
Study: Child Porn Isn't Illegal In Most Countries. Read more

www.f-secure.com:
Video: Keynote video from HITBSecConf2005. Watch

news.com.com:
Video: Security Bites videocast. Watch

www.omninerd.com:
Rootkits: The "r00t" of Digital Evil. Read more

comment.zdnet.co.uk:
Give adware a chance. Read more

www.macworld.com:
Windows to the world. Read more

 

News
sunbeltblog.blogspot.com:
Direct Revenue uses a PI to hunt down antispyware researcher. Read more

www.theregister.co.uk:
Warning over rogue anti-spyware app. Read more

www.theregister.co.uk:
Critical IE fix due Tuesday. Read more

www.infoworld.com:
Researchers worry over new cross-platform viruses. Read more

www.masternewmedia.org:
Mac Security: The Evil DRM Chip Is Bolted Inside The New Intel Macs? Read more

www.int.iol.co.za:
Spain's 'megahacker' facing 40 years in jail. Read more

www.technewsworld.com/:
Hackers Change Attack Modes, Seek Financial Payoff. Read more

07 April 2006

Guides, Papers, etc
money.cnn.com:
How I Work: Bill Gates. Read more

www.theregister.co.uk:
D�j� Vista. Read more

www.internetnews.com:
Spyware for the Masses. Read more

blogs.securiteam.com:
Measuring Software Security and Naming Vulnerabilities. Read more

www.securityfocus.com:
Study shows stock spam boosts prices. Read more

arstechnica.com:
Into the Core: Intel's next-generation microarchitecture. Read more

 

Vulnerabilities & Exploits
securitytracker.com:
Cisco ONS 15000 Series Common Control Cards Can Be Reset By Remote Users. Read more

securitytracker.com:
Cisco Transport Controller Installs With Broad Java Policy Permissions Which Lets Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Cisco 11500 Content Services Switch HTTP Compression Bug Lets Remote Users Deny Service. Read more

securitytracker.com:
SynchronEyes Packet Processing Bugs Let Remote Users Deny Service. Read more

 

News
news.zdnet.co.uk:
IE spoofing flaw adds to Windows' woes. Read more

www.gcn.com:
Trends in botnets: smaller, smarter. Read more

www.viruslist.com:
Crossplatform virus - the latest from 29A. Read more

smh.com.au:
Police secret password blunder. Read more

www.theregister.co.uk:
HP warns over printer hacking risk. Read more

www.theregister.co.uk:
Mobile malware fears delay smartphone rollouts. Read more

www.zdnet.com.au:
Users are the security problem: DSD. Read more

06 April 2006

Guides, Papers, etc
www.securityfocus.com:
Two attacks against VoIP. Read more

www.wired.com:
Why VOIP Needs Crypto. Read more

www.xmcopartners.com:
Voice over IP Security. A layered approach. Read more

www.securityfocus.com:
Groups argue over merits of flaw bounties. Read more

 

Tools:
www.windowsecurity.com:
Tools of the Trade (Part 3). Read more

www.informationweek.com:
Langa Letter: Another Hidden Gem: The Windows Disk Management Tool. Read more

 

Vulnerabilities & Exploits
retrogod.altervista.org:
PHPMyChat 0.14.5 \"SYS enter\" remote cmmnds xctn 0day. Read more

securitytracker.com:
xinelib Buffer Overflow in Processing MPEG Files Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
NOD32 Quarantine Function Lets Local Users Gain Elevated Privileges. Read more

securitytracker.com:
Barracuda Spam Firewall Buffer Overflows in Processing LHA and ZOO Archives Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Kaffeine Buffer Overflow in http_peek() When Fetching Playlists Lets Remote Users Execute Arbitrary Code. Read more

 

News
www.theregister.co.uk:
Virus writers at war. Read more

news.zdnet.co.uk:
Cybercriminals get stuck into honeypots. Read more

isc.sans.org:
Coolwebsearch / Trafficadvance got a new home... Read more

www.techtree.com:
Mobile Viruses Threaten Companies. Read more

www.informationweek.com:
Microsoft: Our Bugs Aren't The Only Problem. Read more

www.arnnet.com.au:
Feds, Microsoft sign whole of govt security deal. Read more

news.zdnet.co.uk:
Spammers take aim at HR departments. Read more

news.zdnet.co.uk:
$3m card trick baffles hosting firms. Read more

www.redherring.com:
McAfee Buys SiteAdvisor. Read more

security.ithub.com:
McAfee Gobbles Up Web Ratings Security Startup. Read more

www.nytimes.com:
Child Sex as Internet Fare, Through Eyes of a Victim. Read more

www.oag.state.ny.us:
STATE SUES MAJOR "SPYWARE" DISTRIBUTOR. Read more

05 April 2006

Guides, Papers, etc
blogs.securiteam.com:
�Rootkit� revamped? Read more

www.securityfocus.com:
Social engineering trumps flaws? Read more

www.nytimes.com:
Every Click You Make, They'll Be Watching You. Read more

www.winsupersite.com:
Windows Live OneCare Review. Read more

www.blackhat.com:
Black Hat USA 2006 Call for Papers. Read more

www.guay-leroux.com:
SMTP CONTENT FILTER SECURITY. Read more

 

Vulnerabilities & Exploits
www.frsirt.com:
Microsoft Internet Explorer Flash File Loading Address Bar Spoofing Vulnerability. Read more

securitytracker.com:
McAfee WebShield Format String Bug in Composing Bounce Messages Lets Remote Users Execute Arbitrary Code. Read more

www.guay-leroux.com:
Barracuda LHA archiver security bug leads to remote compromise. Read more

securitytracker.com:
HP Color LaserJet Toolbox Software Lets Remote Users View Files on the Target System. Read more

securitytracker.com:
Doomsday Engine Format String Bugs in Con_Message() and Con_Printf() Let Remote Users Execute Arbitrary Code. Read more

securitytracker.com:
Mac OS X Firmware Password Can By Bypassed on Intel-Based Systems. Read more

 

News
www.eweek.com:
Microsoft Says Recovery from Malware Becoming Impossible. Read more

www.vnunet.com:
Row breaks out over antivirus response times. Read more

www.zdnetasia.com:
U.S. to force firms to 'fess up on data loss. Read more

www.computerworld.com:
After attack, Network Solutions knocked down again. Read more

www.commentwire.com:
US takes interest in DDoS. Read more

www.channelregister.co.uk:
Trojan-powered scam network dismantled. Read more

www.theage.com.au:
Trojans creeping up the charts. Read more

www.kansascity.com:
Spitzer sues major Net ad company over alleged 'spyware'. Read more

www.sophos.com:
International phishing gang busted by police. Read more

news.com.com:
Microsoft hastens virtualization support. Read more

www.redherring.com:
Microsoft Clouds Tech's Vista. Read more

www.technewsworld.com:
File Sharers Targeted With Wave of Lawsuits in Europe. Read more

04 April 2006

Guides, Papers, etc
www.viruslist.com:
Malware Evolution: 2005, part two. Read more

www.benedelman.org:
The Spyware - Click-Fraud Connection -- and Yahoo's Role Revisited. Read more

www.sysinternals.com:
The Case of the Mysterious Driver. Read more

blog.washingtonpost.com:
Real World Impact of IE Flaw. Read more

www.esecurityplanet.com:
Are Hackers Going Beyond Zero-Day Attacks? Read more

www.esecurityplanet.com:
VM Rootkits: Dangerous, in Theory. Read more

www.businessweek.com:
Coming to Your PC's Back Door: Trojans. Read more

www.securityfocus.com:
Survey: Identity theft hits 3 percent. Read more

www.prweb.com:
New Software Tool Enhances Evidence Gathering Capabilities of Computer Forensic Investigators and Cyber-Crime Fighters. Read more

www.businessweek.com:
What I Learned at Hacker Camp. Read more

www.antispywarecoalition.org:
Safety Tips for Fighting Spyware. Read more

www.computerworld.com.au:
802.11w fills wireless security holes. Read more

 

Tools:
fileforum.betanews.com:
F-Secure BlackLight 2.2.1035 Beta. Read more

www.pcworld.com:
Microsoft Makes Virtual Server R2 Free. Read more

 

Vulnerabilities & Exploits
www.open-security.org:
Windows Help Heap Overflow. Read more

securitytracker.com:
AN HTTPD Discloses Script Source Code to Remote Users. Read more

securitytracker.com:
IBM WebSphere Lets Remote Users Deny Service By Sending Large HTTP Header Values. Read more

securitytracker.com:
Struts Bugs May Let Remote Users Bypass Validation, Conduct Cross-Site Scripting Attacks, and Deny Service. Read more

 

News
www.theregister.co.uk:
Anonymizer looks for chinks in Great Firewall of China. Read more

www.computerworld.com/:
Yahoo may face penalty over jailed Chinese journalist. Read more

www.vnunet.com:
Virus alerts 'as bad as spam'. Read more

www.computerworld.com:
Trend Micro data revealed due to virus. Read more

www.smh.com.au:
More than ever, watch what you say. Read more

www.sundayherald.com:
America's war on the web. Read more

www.stuff.co.nz:
Ever-growing arsenal for hacking attacks. Read more

www.theregister.co.uk:
Microsoft patches IE after Eolas ruling. Read more

www.thesmokinggun.com:
NASA HQ Raided In Kiddie Porn Probe. Read more

www.theregister.co.uk:
Man charged over click fraud scheme. Read more

today.reuters.com:
Two plead guilty in huge US CD piracy bust. Read more

03 April 2006

Guides, Papers, etc
www.informationweek.com:
Optimized IE Exploit Speeds Up Infection. Read more

www.usatoday.com:
Web users walk Great Firewall of China. Read more

people.deas.harvard.edu:
Why Phishing Works. Read more

www.windowsnetworking.com:
Hardware Considerations for Windows Vista. Read more

blogs.pcworld.com:
What Does "Windows Vista Capable" Mean? Read more

www.ethicalhacker.net:
How To Break Web Software. Read more

www.pbs.org:
Prisoner of RedmondYet: Another Way Paul Allen Isn�t Like You or Me. Read more

www.esecurityplanet.com:
Track Your Laptop Anywhere�Or Not. Read more

www.esecurityplanet.com:
Who's Watching the Privileged Users? Read more

www.revenews.com:
180 From The Inside Out. Read more

 

Tools:
news.com.com:
Ten years on, revisiting Palm's first Pilot. Read more

 

Vulnerabilities & Exploits
www.fortinet.com:
JS/CreateTextRange.B!exploit. In-Depth Analysis. Read more

 

News
www.techworld.com:
Hackers in new attack on Micrsoft. Read more

www.stuff.co.nz:
Ever-growing arsenal for hacking attacks. Read more

www.theage.com.au:
How phishing sites fool us. Read more

www.computerworld.com.au:
Spy software company argues product isn't a Trojan. Read more

www.wired.com:
A Pretty Good Way to Foil the NSA. Read more

today.reuters.co.uk:
China stands by verdict on virtual property thief. Read more

www.boston.com:
N.H. computer specialist says superiors ignored security warnings. Read more

news.com.com:
Microsoft to 'host' Linux virtually. Read more

www.sfbg.com:
iJacked. Strong-arm robberies of laptop computers are on the increase. Read more

01 April 2006

These Trojans have been added in March. Read more

 

Guides, Papers, etc
reviews.cnet.com:
The black hole inside the Bagle virus. Read more

www.eweek.com:
Would a Security Monopoly Really Be So Bad? Read more

digiassn.blogspot.com:
Security/C#: Demonstration of Steganography Messages to Evade IDS Detection. Read more

www.informationweek.com:
Spyware And Adware Continue To Plague PCs. Read more

i.cmpnet.com:
Audio: Confessions Of An Adware Purveyor. Listen

 

Vulnerabilities & Exploits
securitytracker.com:
Microsoft Office Array Index Boundary Error Lets Remote Users Deny Service. Read more

securitytracker.com:
Blank'N'Berg Input Validation Holes Disclose Files to Remote Users and Permit Cross-Site Scripting Attacks. Read more

securitytracker.com:
Dia Buffer Overflows in XFig Import Plugin May Let Remote Users Execute Arbitrary Code. Rea more

securitytracker.com:
Total Commander Buffer Overflow UNACEV2.DLL Lets Remote Users Cause Arbitrary Code to Be Executed. Read more

securitytracker.com:
GNU Mailman MIME Multipart Parsing Error in 'scrubber.py' May Let Remote Users Deny Service. Read more

securitytracker.com:
Samba winbindd Daemon Discloses Server Password to Local Users. Read more

 

News
www.securityfocus.com:
Seven arrested in online fraud crackdown. Read more

news.zdnet.com:
Phishers set hidden traps on eBay. Read more

news.zdnet.co.uk:
Yahoo calls for 'effective' cybercrime laws. Read more

www.forbes.com:
Jailed Chinese journalist's family mulls filing court action against Yahoo. Read more

www.informit.com:
A Student-Hacker Showdown at the Collegiate Cyber Defense Competition. Read more

www.networkworld.com:
MIT spam conference focuses on phishing. Read more

www.redherring.com:
PC Spy Threat Alarms US Group. Read more

software.silicon.com:
Mobile spy software is 'a Trojan', says F-Secure. Read more

software.silicon.com:
Spyware aims to exploit BBC and Microsoft. Read more

software.silicon.com:
Most emails 'an open book'. Read more

www.forbes.com:
Palmisano's IBM Steps Toward Atom-Size Computers. Read more

news.com.com:
Seeking changes to the DMCA. Read more


Copyright� MegaSecurity.org