Bookmark or link to: www.kobayashi.cjb.net. All other url`s could change!
News Archive    Translate Traducen
News November 2000
30 November 2000

New:
New Silencer beta by The SmithKlan.

Thanks to Vladimir the AVP udates are complete again.

<http://linuxbsm.sourceforge.net/> The Linux Basic Security Module (Linux BSM) is an initiative of the University of California at Davis to provide a comprehensive auditing package for Linux that is fully compliant with the U.S. Government's C2 standards for security.
Current Stable Release:
<http://download.sourceforge.net/linuxbsm/linuxbsm-0.60.tar.gz>

<http://www.bb4.com/>Big Brother is designed to let administrators see how the network is doing in near real-time, from any web browser. A vulnerability in the product leaks possibly-sensitive information such as allowing to identify whether a certain file exists on the hard-drive, as well as determine user ids on the BBDISPLAY server (this information can later be used to launch a password brute-force attack).
Exploit:
http://www.example.com/cgi-bin/bb-hist.sh?HISTFILE=/home/*

TheRegister:
AOL Instant Msgr accounts easily hijacked. Read more

ZDNetAsia:
Cyber-pirates escape judicial net. Read more

PlanetIT:
The New Peer-To-Peer Security Problems. Read more

Lexis-nexis:
Test Your Security' at Finjan Software's New Malicious Code Research Center. Read more

Computeruser:
Apology Virus Causing PC Users Problems, Says Sophos. Read more

Idg.net:
MTX virus gaining speed in unusual ways. Read more

ZDNet:
MTX virus won't let you get help. Read more Lexis-nexis:
Computer Associates to Deliver Antivirus for the Palm OS Platform;New Palm OS Platform Version of InoculateIT Provides Comprehensive Virus and Trojan Detection for Handheld Devices. Read more

Yankeegroup.com:
Hacked into the Zone: Latin American Banks May Have to Alter Their Internet Migration. Read more

Computerweekly:
No ban on hacking tools. Read more

Idg.net:
Any port is a hacker storm. Read more

Lexis-nexis:
Middle East war rages on the Internet. Read more

HelpNetSecurity:
"CyberWar Rages in the Middle East!!! YOUR Servers could be next!!!" Read more

DenverPost:
Ex-temp worker charged in state Web site hacking. Read more

You can help to keep this site alive by sending MegaSecurity new trojans or links.

29 November 2000


New:
Webserve CT 2

Antivirus.com:
TROJ_ORION. Read more

HelpNetSecurity:
Cyber-terrorism. Read more

Auctionwatch.com:
Hacker Auction Banished From Sites. Read more

Vmyths.com:
Moment of Silence virus. Read more

Lexis-nexis:
Many victims of hacks clam up FBI fears word about cyber crime isn't getting out. Read more

Zdnetasia.com:
Cyber-pirates escape judicial net. Read more

ZDNet:
SDMI awards two hackers $5K each. Read more

Lexis-nexis: Home connections need better security. Read more

CNN:
Russian party boy secludes himself in Web experiment. Read more

28 November 2000


New:
The Flu by Lazarus.

Georgi Guninski security advisory #30, 2000.
IIS 5.0 with patch Q277873 allows executing arbitrary commands on the web server. Read more

ZDNet:
Forget passwords, what about pictures? Read more

T3:
Japan makes hacker arrests. Read more

Usatoday:
Many victims of hacks clam up. Read more

TheRegister:
Delinquent hackers target games site. Read more

Linuxtoday:
CompterWorld: Security Manager Dons Hacker Hat for a Change. Read more

Slashdot:
Collecting Logs from Firewalls to Detect Crackers. Read more

Lexis-nexis:
Microsoft Announces Two New Internet Safety Web Sites for Children, Parents and Consumers. Read more

Vnunet:
London bank hit by computer raiders. Read more

Study Calls For Stronger Audit Trail In FBI's Carnivore.

Computerworld:
Microsoft, Hacker Meet. Read more

F-Secure Publishes Guidelines On Safe Computing. Read more

CNN:
Porn filter on e-mail can be easily tricked. Read more

27 November 2000


New:
Progenic Trojan beta 2.0

LinuxSecurity.com: Linux Security Week - November 27th 2000. Read more

Weekly Microsoft Security Digest 2000/11/20 to 2000/11/26. Read more

Weekly Solaris Security Digest 2000/11/20 to 2000/11/26. Read more

Weekly BSD Security Digest 2000/11/20 to 2000/11/26. Read more

Georgi Genunski: [NT] OBJECT TYPE="text/html" vulnerability in IE 5.5 allows arbitrary command execution.Read more

Russian hackers lurk in the shadows of cyberspace. Read more

FBI steps up efforts to fight crimes related to computers. Read more

Computeruser:
Hackers Worldwide Fan Flames In Middle East Conflict. Read more

26 November 2000


New:
Progenic Trojan 1.0 beta by Xela.

Decompiled SubSeven Source. Download

Individual.com:
Keep Your Network Safe with Security Scanners. Read more

Cmptr.com:
Beating The Worm. Read more

Computeruser:
Hackers Worldwide Fan Flames In Middle East Conflict. Read more

Theregister:
Web professionals site hacked by cartoon character. Read more

Itn.co.uk:
Quarter of firms hit by viruses. Read more

JapanTimes:
Three arrested on hacking charges. Read more

25 November 2000


New:
Net Controller 2000 by IoB&Hora.

Zebedee is a simple program to establish an encrypted, compressed �tunnel� for TCP/IP or UDP data transfer between two systems. This allows traffic such as telnet, ftp and X to be protected from snooping.

SecurityPortal:
Weekly Virus Digest 2000/11/17 to 2000/11/23. Read more

Silicon.com:
Microsoft admits further security blunders. Read more

Computeruser:
Hackers Worldwide Fan Flames In Middle East Conflict. Read more

Lexis-nexis:
Caution issued against new computer virus 'W32/MTX'. Read more

SecurityFocus:
'Analyzer' defends Israeli sites. Read more

Wired:
'Cyber-Terrorist' Jailed Again. Read more

TheRegister:
MS: how PCs shipped without Windows will destroy your life. Read more

SecurityFocus:
eBay pulls Mitnick Memorabilia. Read more

CNet:
Who will win the war of the worms? Read more

Sfgate.com:
Hacking With a Conscience Is a New Trend. Read more

Vnunet:
E-security: are you the weakest link? Read more

PlanetIT:
SurfControl SuperScout 3.0 Brought Down by Bugs. Read more

Wanted:
People who want to help MegaSecurity.

AVP Updates later than 6 october 2000. The latest I have are here.

Sivka Burka

Mail to Webmaster

24 November 2000


New:
Fore 1.0 beta

Microsoft Security Bulletin (MS00-090):
Patch Available for ".ASX Buffer Overrun" and ".WMS Script Execution" Vulnerabilities. Read more

RAT.QAZ Trojan Analysis by Diamond Computer Systems.
Aliases: W32.QAZ.Worm, HLLW.QAZ, QAZ Trojan. Read more

Freeware Autostart Registry Monitor by Diamond Computer Systems. Read more

Top 50 Security Tools by Insecure.org. Read more

Infoworld:
Security holes found in Windows Media Player. Read more

Lexis-nexis:
Seasonal Hack Fears. Read more

TheRegister:
Microconnectors hacked and down. Read more

Lexis-nexis:
Hacker sabotages English tourist website. Read more

ZDNet:
A Year Ago: Tory MP says don't blame hackers. Read more

Wired:
FBI Gets Carnivore Approval ...Read more

Silicon.com:
Big businesses still ignore virus alerts. Read more

CNN:
FBI 'Carnivore' report sides with government. Read more

Computerworld:
Update: Carnivore report mollifies some, leaves others leery. Read more

CNN:
Critics blast report that supports FBI's Carnivore. Read more

Thisislondon.com:
Shropshire rallies against hacker. Read more

Computerworld:
Bulgarian bug hunter Georgi Guninski has discovered yet another vulnerability in Microsoft's Internet Explorer Web browser. Read more

TheRegister:
Guninski finds another IE 5.5 security hole. Read more

AstaLaVista.Box

Wanted:
People who want to help MegaSecurity.
Could be anything, depends on what you know and how many time you want to spent.

AVP Updates later than 6 october 2000. The latest I have are here.

Sivka Burka

Mail to Webmaster

23 November 2000


New:
ControlTotal beta 4 by Pele.

Explanation of the hack used for Romeo & Juliet Worm. Read more.

HelpNetSecurity:
Netscape HTML buffer overflow. (Red Hat Linux). Read more

Enteract.com:
Know Your Enemy: Worms at War.
The Not so Friendly World of Cyberspace. Read more

Telekomnet:
Worm blocks anti-virus sites. Read more

TheRegister:
PING author killed in car crash. Read more

TheRegister:
Solar Sunrise hacker joins Mid-East cyber-war. Read more

Wired:
A Star Wars Defense to Hackers. Read more

CNN:
U.S. Army kick-starts cyberwar machine. Read more

Guardian:
Sony PlayStation 2 Trojan? Read more

Nzherald.co.nz:
Doctors: hackers threat to computerised medical files. Read more

Lexis-nexis:
Hackers plan to deny Christmas with Trojan Zombies. Read more

Reuters:
Critics Slam 'Whitewash' of FBI Email-Tracking Tool. Read more

Yahoo:
Herbless the hacker goes legitimate. Read more

Ananova:
Microsoft met hacker at Dutch headquarters. Read more

CNN:
MS, hacker secretive about meeting. Read more

TheRegister:
Workers open back doors for hackers. Read more Wanted:
Sivka Burka

22 November 2000


New:
Zyon 1.0 is a multibinder that can run more files and sends a notify by ICQ. By PreP.

Microsoft Security Bulletin (MS00-086):
Patch Available for "Web Server File Request Parsing" Vulnerability. Read more

Microsoft Security Bulletin (MS00-089):
Microsoft has released a patch that eliminates a security vulnerability in Microsoft(r) Windows 2000. The vulnerability could allow a malicious user to use repeated attempts to guess an account password even if the domain administrator had set an account lockout policy. Read more

Securityportal:
Top 20 Virus Report. Read more

Computeruser:
Nothing Romantic About New Romeo & Juliet Virus. Read more

TheRegister:
Solar Sunrise hacker joins Mid-East cyber-war. Read more

Vnunet:
Nasa hacker gets six months downtime. Read more

Yahoo:
Morocco's Government Internet Site Attacked by Hacker. Read more

Internetnews:
Analyze This: Carnivore is Not an Omnivore. Read more

Wired:
A Star Wars Defense to Hackers. Read more

Idg.net:
MS, hacker secretive about meeting. Read more

Infoworld:
Microsoft, hacker secretive about meeting. Read more

Lexis-nexis:
Super Hacker Says New ID Book Goes Too Far. Read more

Betanews:
Windows Whistler Advanced Security Features. Read more Wanted:
Sivka Burka

21 November 2000


New:
GateCrasher 1.2, probably made by Snake_Ice.

Microsoft:
Patch Available for "Session ID Cookie Marking" Vulnerability. Read more

TINC is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between hosts on the Internet. Because the tunnel appears to the IP level network code as a normal network device, there is no need to adapt any existing software. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information to others. (Linux). Read more

By Georgi Guninski:
IE vulnerability allows execution of arbitrary programs (.chm files and temporary file folder). Read more

W32.Verona Worm. Read more

GFI discovers the 'Romeo and Juliet' Virus.
The 'Romeo and Juliet' Virus spreads through an HTML e-mail message, containing an executable file called 'My Romeo' and a compiled help file (.chm) called 'My Juliet'. It takes advantage of a vulnerability in Internet Explorer that executes the compiled help file without warning the user, and then sends copies of itself by e-mail using known open-relay mail servers. In order to block this Virus it is recommended to filter incoming mail containing .chm files as attachment.

Weekly BSD Security Digest 2000/11/13 to 2000/11/19. Read more

LinuxSecurity.com:
Linux Security Week - November 20th 2000. Read more

Securitywatch:
US military hatches plans for a cyber offensive arsenal. Read more

Lexis-nexis:
The latest version of Kevin Mitnick Ex-hacker breaks out apology, more or less. Read more

Lexis-nexis:
Two accused of hacking into Teamsters database. Read more

CNN:
Russia's hackers: notorious or desperate? Read more

Herbless the hacker goes legitimate. Read more

Securityfocus:
'Analyzer' defends Israeli sites. Read more

Law.com:
Help, Hackers Stole Our Name! Read more

Nandotimes:
Holding back hackers. Read more

20 November 2000


New:
Y3K_Rat 1.4b (bugs fixed) by -/Chucky-\- and [Firelarm].

Navidad is an Internet worm that spreads by means of e-mail. Read more.
Navidad Cleaner

Weekly Linux Security Digest 2000/11/13 to 2000/11/19. Read more

CNet:
"Low risk" worm could squirm into trouble. Read more

ZDNet:
Is tech-savvy worm dangerous or not? Read more

News.ninemsn.com.au:
Computer hacker claims Hackett. Read more

Msnbc:
Lock hackers out of your small biz. Read more

Newsbytes:
Israeli Firm Claims It Can Track Down Cyber-Attackers. Read more

Sunworld:
Real hackers go to Usenix. Read more

Seattletimes:
FBI's e-mail snooper more powerful than acknowledged. Read more

Worldnews.com:
Papers Contradict FBI on Carnivore. Read more

Timesofindia:
Questions surface about FBI software. Read more

Observer.co.uk:
How Russia's cyber crooks hack the net. Read more

19 November 2000


New:
InetSpy beta 1

Stealthy TCP IO Module for Back Orifice 2000.
Version BO2k 1.1 beta(Win32): download
More Plugins for Back Orifice: Roe`s Downloads

Natas, Network Administrators Tool for Analyzing and Sniffing.
Natas is an advanced network packet capturing and analyzing program designed for Windows 2000. Natas only works with the new Windows 2000 winsock v2.2 that supports raw sockets like *nix operating systems. You have to be admin on the machine to run Natas.

Standard.net:
'Worm' virus infects Ogden computers. Read more

HelpNetSecurity:
Extraordinary simultaneous activity of several dangerous Internet-worms has been detected. Read more

The Register:
Israeli army plans offensive against US dotcom. Read more

Newsbytes.com:
ID Fraud Book Goes Too Far - Mitnick. Read more

ZDNet:
A Year Ago: Funlove virus wreaks havoc at Dell plant. Read more

18 November 2000


New:
Cero beta 1 by tilt. Thanks to MaGuS.

Idg.net:
Three Minutes With 'Doctor Owl,' Virus Writer. Read more

Computeruser:
Hackers Deface Policy.com As 'Public Service. Read more

Wired:
Israeli Hackers Vow to Defend. Read more

ZDNet:
EDS devises package to pre-empt hackers. Read more
In this aricle:
"He described how EDS security analysts collected information from 22,000 sources, including chat rooms."

SecurityWatch:
Belgian newspaper splashscreen site defaced.

Lexis-nexis:
'Analyzer' enlisted to defend Israeli sites against violence on the Web. Read more

Lexis-nexis:
Super Hacker Says New ID Book Goes Too Far. Read more Read more

17 November 2000


New:
711 beta by WH�.

Microsoft has released a patch that eliminates a security vulnerability in Microsoft(r) Exchange 2000 Server and Exchange 2000 Enterprise Server. This vulnerability could potentially allow an unauthorized user to remotely login to an Exchange 2000 server and possibly other servers on the affected computer's network. Read more

SecurityPortal:
Weekly Virus Digest 2000/11/10 to 2000/11/16. Read more

Saint is a security scanning tool based on Satan.
� New: the version 3.1.1b1 has been released.
� Changes: this new version now checks for vulnerable versions of the Lotus Domino Server, vulnerable iPlanet Web Servers and Cisco Catalyst switch vulnerabilities. The detection of unpassworded NT guest and administrator accounts using samba has been improved. Bugs have been fixed in the IMAP and Cold Fusion checks. This version also includes an improved FAQ and documentation to include instructions on using rules/drop to ignore false alarms.

SecurityFocus:
Infectable Objects - part 3. Read more

SecurityPortal:
W32.Music email-aware Win32 worm. Read more

Thisislancashire.co.uk:
Beware of mail from old Mexico. Read more

Lexis-nexis:
Israeli hackers band together. Read more

Jpost.com:
'Analyzer' enlisted to defend Israeli sites against Web violence. Read more

Newsbytes:
FBI Releases More Documents On Carnivore - Update. Read more

Vnunet:
Mass Xmas hack plan exposed. Read more
In the same link.
X-Force infiltrate hackers gangs:
"X-Force, whose members infiltrate hacker gangs to get intelligence on the digital underground, has discovered over 800 computers infected with the SubSeven DEFCON8 2.1 backdoor, a variation of the SubSeven Trojan."

Thisislocallondon.co.uk:
Net police patrol a virtual beat. Read more

16 November 2000


New:
Tini, written in assembler, has a 3k server. By Arne Vidstrom.

HelpNetSecurity:
Paranoia Vs. Transparency And Their Effects On Internet Security. Read more

Technews:
Hackers Deface Policy.com As 'Public Service' � Update. Read more

ZDNet:
Is tech-savvy virus dangerous or not? Read more

TheRegister:
Netnames whois server hacked. Read more

Fosters.com:
Alleged hacker indicted by federal jury. Read more

ZDNet:
CIA secret chat room investigated. Read more

15 November 2000


New:
BioNet 3.02 ME by ��Zm�nd

Georgi Guninski security advisory #27
There is a security vulnerability in IE 5.x, Outlook, and Outlook Express which allows searching for files with specific name (wildcards are allowed) or content. Combined with other local file reading vulnerabilities this allows attackers to search for and retrieve any file on a users drive. Read more
Demonstration is available at: http://www.guninski.com/indexserv1.html

SecurityPortal:
Top 20 Virus Report. Read more

ZDNet:
Lumbering viruses infect PCs worldwide. Read more

Vnunet:
Internet worms spread from Latin America. Read more

Betanews:
Navidad Virus Not Spreading Cheer. Read more

Silicon.com:
Low-level e-security despite high profile attacks. Read more

Wired:
Israelis Hackers Vow to Defend. Read more

Fosters.com:
Alleged hacker indicted by federal jury. Read more

Lexis-nexis:
pounds 25m cybercop squad to tackle internet crime. Read more

SecurityPortal:
Wasting an Attacker's Time. Read more

14 November 2000


New:
Undetected 3.1 by Knox_rw.

SecurityPortal:
Personal Firewalls/Intrusion Detection Systems. Read more

Vnunet:
Internet worms spread from Latin America. Read more

Newsbytes"
Kaspersky Lab Warns Over Revamped Hybris Worm. Read more

Betanews.efront:
Navidad Virus Not Spreading Cheer. Read more

Lexis-nexis:
Christmas comes early with new computer virus. Read more

Silicon:
'Don't press this button' virus spreads despite its own advice. Read more

Canoe.ca:
Hackershammer NHL fans. Read more

Computeruser:
Cyberterror Should Be International Crime. Read more

Vnunet:
Hotmail can be used to launch email bombs. Read more

13 November 2000


New:
Ruler 1.3 by Psycho.

Weekly Microsoft Security Digest 2000/11/06 to 2000/11/12. Read more

LinuxToday:
Weekly Linux Security Digest 2000/11/06 to 2000/11/12. Read more

Weekly Solaris Security Digest 2000/11/06 to 2000/11/12. Read more

Weekly BSD Security Digest 2000/11/06 to 2000/11/12. Read more

ComputerUser:
Risk Of Navidad Worm Upgraded. Read more

Telekomnet:
Central Command introduces ICQ anti-virus. Read more

Lexis-nexis:
National Christmas Virus Infecting Fortune 500 Computers. Read more

12 november 2000


New :
Cain & Abel 2.0 by Massimiliano Montoro.

Weekly Virus Digest 2000/11/03 to 2000/11/09. Read more

CNN:
'Navidad' computer virus poses moderate risk. Read more

Lexis-nexis:
McAfee.com Warns PC Users of Navidad Virus. Read more

SecurityFocus:
The Virus that Stole Christmas. Read more

Lexis-nexis:
Windham man guilty of computer hacking. Read more

TheStandard:
Hacking in the Holy Land. Read more

Ananova:
Student hacker faces jail afer changing school rules. Read more

11 november 2000


New Trojan:
Stealth 2.19

Techweb:
Pro-Palestinian Hackers Threaten AT&T. Read more

Ananova:
Internet hackers anger Israeli politician. Read more

Telekomnet:
Central Command introduces ICQ anti-virus. Read more

Idg.net:
A Hacker With a Cause. Read more Ananova:
Student hacker faces jail afer changing school rules.Read more

Excite.com:
Computer Virus Strikes 10 Companies. Read more

Techweb:
Virus Wishes You A Merry Christmas. Read more Microsoft:
Internet Security Part 2: Advanced Issues. Read more

10 November 2000


New:
Fruitcake 0.9.3 can catch commands that are exchanged between client and server. By ISO.

Microsoft Security Bulletin (MS00-087):
Microsoft has released a patch that eliminates a security vulnerability in Microsoft(r) Windows NT 4.0 Terminal Server. The vulnerability could allow a malicious user to cause the Terminal Server to fail or, in certain instances, to execute hostile code on the server. Read more

Natas 3.00.01
Natas is an advanced network packet capturing and analyzing program designed for Windows 2000. It only works with the new Windows 2000 winsock v2.2 which supports raw sockets like *nix operating systems. Features the ability to filter traffic by address and port, log packets, parse out passwords, and requires no driver. Read more

Linux Today:
The Register: Hacker research team disputes 'hack SDMI' results. Read more

The Register:
MS hacker gets in touch with The Reg. Read more

CNet:
Yankees' Web site hacking traced. Read more

Computeruser:
SDMI Says At Least Three Technologies Survived Hacker Test. Read more

Lexis-nexis:
Ebusiness; Web Site Hacks will multiply. Read more

Lexis-nexis:
Pro-Palestinian Hackers attack Lucent. Read more

9 November 2000


New:
InCommand1.6 beta 7 Server by Stoner and Bogart.

BSI will not be reviewing Windows 2000. Read more

This is Scientology: Read more

Finjan Software: Microsoft Hacker Incident - Looking Back. Read more

Wired.com:
Hacker War Rages in Holy Land. Read more

Top 20 Virus Report. Read more

TheRegister:
MS hacked by Dimitri again. Perhaps. Read more

PlanetIT:
Hackers Go 2-for-5 In SDMI Copyright Challenge. Read more

PlanetIT:
Lucent: Casualty Of Mideast Cyberwar? Read more

TheRegister:
Asus hacked and down. Read more

Lexis-nexis:
Web Site Hacks will Multiply. Read more

Lexis-nexis:
Political Sites Get Heavy Traffic -- Hackers, Too. Read more

Ananova:
Hacker admits accessing Nasa computers. Read more

Lexis-nexis:
Did the MS Hackers walk into a Trap? Read more

Financial Crimes and the Internet. Read more

8 November 2000


New:
Matrix 1.03 by mtronic. Thanks to Achates.

ZDNet:
Love Bug bites again. Read more

Antivirus.com:
Worm VBS_FABLE Read more

Windows 2000 in danger of being banned.
An integral part of Windows 2000 is developed by Scientology, a dangerous cult. Read more

Computeruser:
Scientologist Raises Hell Over German Software Ban. Read more

PlanetIT:
Keystroke Logging Software Spies On Chats, IMs. Read more

Nandotimes:
Young hacker admits breaking into NASA systems. Read more

Idg.net:
Executives call for delay in cyber crime pact. Read more

Computerworld:
'Mafiaboy' to plead guilty to hacking major Web sites. Read more

Lexis-nexis:
A 20-year-old hacker pleaded guilty to federal charges Monday. Read more

Theregister:
George Dubya ridiculed on hacked RNC page. Read more

Newsfactor:
Hackers Make Mark on Presidential Race. Read more

ZDNet:
Republican Web site hacked on eve of election. Read more

Silicon.com:
SMEs fear viruses not hackers. Read more

Chron.com:
Despite patch, hackers strike Microsoft. Read more

Netsurf.com:
Mideast Hacking and the Spillover Effect. Read more

PlanetIT:
Lucent: Casualty Of Mideast Cyberwar? Read more

7 November 2000


New:
Enterprise by WishMaster.

Microsoft has released a patch that eliminates a serious security vulnerability in Microsoft(r) Internet Information Services 5.0. The vulnerability could enable a malicious user to run operating system commands on an affected web server.
Read more

Cult invades World Society.
Dangerous Cult now also has connections with Microsoft.

Wirednews:
German Win2K Bug: Scientology?
Is there Scientology in your software? Read more

Yahoo:
Scientologist CEO Lashes Out Against Germany. Read more

Yahoo:
Microsoft Bows to Pressure on Scientology Link. Read more

German: Sekten: Scientology-Bug in Windows 2000? Read more

Germany-info.org:
Scientology and Germany. Read more

Additional information about the Cult:
Scientology, Satanism, & the Occult. Read more
A Critic looks at the Church of Scientology: Read more
Is Scientology breaking the law? Read more

Ananova:
Microsoft admits hacker scare. Read more

Computerworld:
Home workers imperil systems. Read more

Computeruser:
Alleged Pakistani Hacker Hits Pro-Israel Site in D.C. Read more

Vnunet:
Cybercrime soars in the UK. Read more

Computeruser:
Apology Beats LoveLetter In October Virus Chart. Read more

6 November 2000


New:
ICQ Relay by EvilGoat.

Happy Browser is a Browser that looks for the most common security related vulnerabilities on NT-Servers (including Win95/98/2000), and give the user a lot of useful hints for exploiting or fixing them.

Keylogger; logs also offline, with icq notify. Download. With source.

RNS Keylogger by Maverick. Download.

Deep Throat 2.0 remover. Download

ICQ Password Sniffer C Source. Download

The USSR Team has found a vulnerability in the Microsoft System Monitor ActiveX control (class id: C4D2D8E0-D1DD-11CE-940F-008029004347, sysmon.ocx). The Value field name "LogFileName" could be used by a malicious web server operator to potentially run code on a visiting user's machine.Read more
Online examples:
Warning: Visiting the following pages might cause your browser to crash.
http://www.ussrback.com/microsoft/msmactivex.html
http://www.ussrback.com/microsoft/msmactivex2.html

Sscan2k is a remote auditing tool that scans for more than 200 known vulnerabilities that can be found remotely. Its features include remote OS detection to prevent unnecessary bandwidth usage, a scripting language, modules, improved multiple host scanning, and easy configuration.

Infosecuritymag.com:
Received�& Deceived
You just received a virus warning from an unknown source. Quick: Is it real, or just another hoax? Read more

Virus Myths. Read more

Virus Hoaxes. Read more

Weekly Microsoft Security Digest. Read more

Weekly Linux Security Digest. Read more

Weekly BSD Security Digest. Read more

Weekly Solaris Security Digest. Read more

TheRegister:
Microsoft Hack: Warned of weakness three months earlier. Read more

Where Do Today's Hackers Want to Go? Microsoft. Read more

Newsbytes.com:
Malaysian Government Site Spreads Anti-Mahathir Virus. Read more

Techweb:
Political Hacking Threat Seen Growing. Read more

5 November 2000


New:
InCommand1.6b Client by Stoner and Bogart.

Firestarter is a complete firewall tool for Linux machines. Use the firewall creation wizard to create a basic firewall, and then streamline it further using the powerful dynamic rules modifiers. Open and close ports with a few clicks, or stealth your services giving access only to a select few. Watch the real-time hit monitor as attackers probe your machine for open ports, in vain.
Firestarter 0.5.0 can be downloaded from: http://download.sourceforge.net/firestarter/firestarter-0.5.0-1.i386.rpm.

Nandotimes:
Hacker attacks strike numerous Jewish Web sites. Read more

Lexis-nexis:
Hackers Take Mideast Conflict Online. Read more

PlanetIT:
Political Hacking Threat Seen Growing. Read more

Linuxtoday:
IDG.net: Another hacker hits Microsoft. Read more

ZDNet:
Are automatic anti-virus updates a recipe for disaster? Bugs at Internet speed? Read more

Lexis-nexis:
We have seen the enemy and they are inside your firewall: Technology has made insider fraud and theft even easier. Read more

4 November 2000


New:
RUX The TIc.K 3.0 by PhilippP, modified by AGM65 Maverick.

Wired.com:
Crackers Attack Pro-Israeli Site. Read more

Techweb.com:
U.S.-Israeli Site Hacked, Mideast Link Uncertain. Read more

Chicagotribune.com:
Hackers Take Credit Card Numbers From Pro-Israel Site. Read more

Nondotimes.com:
Hacker attacks strike numerous Jewish Web sites. Red more

Lexis-nexis:
Crisis in the Middle East: Israeli, Palestinian Hackers Incite War of Words in Cyberspace. Read more

SecurityPortal:
Top 20 Virus Report. Read more

Infoworld.com:
Dutch Hacker hits Microsoft. Read more

Itworld.com:
Another hacker hits Microsoft. Read more

Mercurycenter:
Microsoft, consumers get lessons in latest attack. Read more

Antivirus.about.com:
Microsoft Hacked...are you next? Read more

Atriskonline.com:
Viruses: Then and Now. Read more

BindView Offers Free Trojan Scout to Identify QAZ Trojan Uncovered in Recent Microsoft Attacks. Read more

3 November 2000


New:
Net Trash 1.01 by Marc Benitz.

Microsoft Security Bulletin (MS00-084):
Microsoft has released a patch that eliminates a security vulnerability in Microsoft(r) Indexing Services for Windows 2000. This vulnerability could allow a malicious web site operator to misuse another web site as a means of attacking users. Read more

Microsoft Security Bulletin (MS00-085):
Microsoft has released a patch that eliminates a security vulnerability in Microsoft(r) Windows 2000. The vulnerability could allow enable a malicious user to potentially run code on another user's machine. Read more

Microsoft Security Bulletin (MS00-060) Re-release:
On August 25, 2000, Microsoft released the original version of this bulletin, to advise customers of the availability of a patch that eliminates a vulnerability in Microsoft(r) Internet Information Server. However, an additional variant of the vulnerability was subsequently identified, and on November 2, 2000, the bulletin was updated to advise customers of the availability of an updated patch. Read more

SecurityPortal:
Microsoft IIS Cross Site Scripting vulnerability. Read more

Senna Spy:
Download the OpenOffice 6.09 full source code Read more

Mcpmag.com:
Microsoft Acknowledges, Issues Statement on Security Breach (10/27/2000). Read more
Lexis-nexis:
A Cat-And-Mouse Game With Microsoft Hacker:
Read more

Lexis-nexis:
Hacking may have hurt key Microsoft strategy. Read more

Microsoft chases, fails in attempt to nab hacker. http://web.lexis-nexis.com/more/cahners-chicago/11407/6506538/6

"SONIC" WORM AND BACKDOOR
A multipart worm named Sonic is now in the wild. The worm spreads through an e-mail attachment, under either of the following names: Girls.exe, or Lovers.exe. When the attachment is opened, then the first part of the Trojan install itself to Windows' startup, with the name GDI32.EXE. It then activates, and contacts a predefined web address, to download the worm's latest version and then install it to the affected computer. It's the download that contains the main part of the worm, including the mailer. This part also contains a backdoor that provides hackers with limited control on the remote PC.

ZDNet:
McAfee Virus Definition Crashes Windows. Read more

Techweb:
Staying Ahead Of Virus Threats. Read more

CNet:
Mideast hackers may strike U.S. sites, FBI warns. Read more

CNet:
Lucent says Mideast hackers attacked Web site. Read more

Telekomnet:
US companies warned of Middle East hacker threat. Read more

Mercurycenter.com:
'Hacktivism' is growing threat to business, consultants say. Read more

Siliconvaley.internet.com:
McAfee Debuts VirusScan Wireless for Mobile Phones. Read more

2 November 2000


New:
Y3K_Rat 1.4 by -/Chucky-\- and [Firelarm]

A personal message from Senna Spy:
"I think in close for always, my page and suspend my work for community and leave the scene... I dont have many time for make news updates an in the last month, I receive many manace from Internet Investigators... because my page spread "rare" source codes to the world... like: MS-DOS, Award BIOS, Turbo Pascal, Apple MAC OS X, and anothers...."

Microsoft Security Bulletin (MS00-083):
Microsoft has released a patch that eliminates a security vulnerability in Microsoft(r) Windows NT(r) and Windows(r) 2000 server products and Systems Management Server. The vulnerability could allow a malicious user to gain control of an affected server. Read more

HelpNetSecurity:
Hotmail can act as email size amplifier with a factor of at least 1000, allowing flooding and mail-bombing a victim while using a negligible amount of your own bandwidth. Read more

UsaToday:
Details emerge about Microsoft hack. Read more

TheRegister:
Insiders help Windows code leak to warez sites, claims 'finder', Read more

TheRegister:
How you hack into Microsoft: a step by step guide. Read more

Telegraph.co.uk:
Microsoft humiliated as hackers crack Windows. Read more

ComputerUser:
Cos. Won't Learn From Microsoft Hack - Mitnick. Read more

Internetwk.com:
Convicted Hacker Doubts Microsoft Story On Intruder. Read more

Russian Hackers Hitting U.S. Dams, Bridges, Power Plants, Telecommunications. Read more

Telegraph.co.uk:
Why Russia excels in new cybercrime. Read more

Nwfusion:
Experts predict more mutating viruses. Read more

SecurityPortal:
Top 20 Virus Report. Read more

InternetNews:
Internet Worm Found in Europe Updates Itself. Read more

Nypost.com:
Expers Fear Cyberwar's Spread. Read more

ZDNet:
Middle East cyberconflict could spread, says FBI. Read more

The Register:
The Top Ten Net Con Tricks. Read more

Telekomnet.com:
Erap virus suspect arrested. Read more

UsaToday:
Student questioned in Yankee site hack. Read more

QAZ Trojan Information

1 November 2000


New:
MiniCommand 1.3 alpha by Stoner.
The Server is written in win32 ASM and only 8k. After compressing only 4k!

Vampire - The Worlds First ICQ worm by digital vampire.

Microsoft has released a patch that eliminates a security vulnerability in Microsoft(r) Exchange Server 5.5. The vulnerability could enable a malicious user to cause an Exchange server to fail. Read more

HelpNetSecurity:
Sonic: another self-updating Internet -worm has been discovered "in the wild". Read more

ZDNet:
Middle East cyberconflict could spread, says FBI. Read more

Crn.com:
Middle East Cyber Tension Could Escalate, Security Experts Warn. Read more

Hoovershbn.hoovers.com:
Hackers Try to 'Infect the Internet Backbone' of Israel As Cyber Battle in Middle East Intensifies. Read more

Lexis-nexis:
Microsoft Revises Statement on Computer Network Break-In. Read more

Crn.com:
Mitnick Says He Doubts Microsoft Story On Intruder. Read more

ZDNet:
Mitnick: Something's fishy in Redmond. Read more

ZDNet:
Mitnick apologizes to developers, discusses Microsoft hack. Read more

Uk.internet.com:
Interpol moves to fight global cybercrime. Read more

PlanetIT:
License To Hack Leaves Companies Vulnerable. Read more

Lexis-nexis:
System on Lookout for Cyber Threat. Read more

Lexis-nexis:
Know Thine Enemy. Read more

With the proliferation of e-mail Trojans and viruses, e-mail is becoming a preferred mechanism for attacking PC's. The best way to avoid these Trojans and viruses is not to use any insecure client software on your PC. Unfortunately, this is not always possible, so an alternative must be used. MIMEDefang is such an alternative.

Retina, the Network Security Scanner, is the first network security software application with state-of-the-art artificial intelligence features that allow it to think like a hacker. Retina works like an around-the-clock human network security analyst, giving you the most comprehensive security analysis available. Retina includes easy to navigate reporting tools to help you prioritize and isolate high priority fixes, giving you total control over auditing your network security. Visit eEye Digital Security to download your 30-day trial today. Read more


Copyright� MegaSecurity.org