AlertsMS08-054 – Critical: Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
from
Microsoft Security BulletinsBulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Windows Media Player that could allow remote code execution when a specially crafted audio file is streamed from a Windows Media server. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Jan 5, 2009 (20 hours ago)
MS08-055 – Critical: Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)
from
Microsoft Security BulletinsBulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user clicks a specially crafted
OneNote URL. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Jan 5, 2009 (20 hours ago)
MS08-056 - Moderate: Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)
from
Microsoft Security BulletinsBulletin Severity Rating:Moderate - This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow information disclosure if a user clicks a specially crafted
CDO URL. An attacker who successfully exploited this vulnerability could inject a client side script in the user's browser that could spoof content, disclose information, or take any action that the user could take on the affected Web site.
Jan 5, 2009 (20 hours ago)
MS08-057 – Critical: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)
from
Microsoft Security BulletinsBulletin Severity Rating:Critical - This security update resolves three privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS08-058 - Critical: Cumulative Security Update for Internet Explorer (956390)
from
Microsoft Security BulletinsBulletin Severity Rating:Critical - This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. The vulnerabilities could allow information disclosure or remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Jan 5, 2009 (20 hours ago)
MS08-059 – Critical: Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)
from
Microsoft Security BulletinsBulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Host Integration Server. The vulnerability could allow remote code execution if an attacker sent a specially crafted Remote Procedure Call (
RPC) request to an affected system. Customers who follow best practices and configure the
SNA RPC service account to have fewer user rights on the system could be less impacted than customers who configure the
SNA RPC service account to have administrative user rights.
Jan 3, 2009 (3 days ago)
Gaza<->Israel Defacements/Hacks, (Sat, Jan 3rd)
from
SANS Internet Storm Center, InfoCON: greenEmails have been trickling into the
ISC with information about the ongoing
Cyberwar accompanying the ...(more)...
Jan 4, 2009 (2 days ago)
Twitter/Facebook Phishing Attempt, (Sun, Jan 4th)
from
SANS Internet Storm Center, InfoCON: greenSeveral readers have sent us information about a
phishing attempt based on Twitter and possibly Face ...(more)...
Jan 3, 2009 (3 days ago)
RAID != Backup, (Sat, Jan 3rd)
from
SANS Internet Storm Center, InfoCON: greenReader
Tomasz sent in a message discussing the demise of
JournalSpace.
JournalSpace was a
rela ...(more)...
UK Police planning to hack citizens' PCs, (Mon, Jan 5th)
from
SANS Internet Storm Center, InfoCON: greenAn interesting article from the
TimesOnline - http://www.timesonline ...(more)...
Jan 5, 2009 (14 hours ago)
OSSEC HIDS being detected as malware, (Mon, Jan 5th)
from
SANS Internet Storm Center, InfoCON: greenDaniel from
OSSEC has reported that a couple Antivirus products are currently detecting the Windows ...(more)...
Security NewsDec 30, 2008 11:17 AM
CURRENT ISSUES IN DNS
from
SANS Information Security Reading RoomCategory:
DNS Issues
Paper Added: December 30, 2008
Dec 30, 2008 11:17 AM
Transparent (Layer 2) Firewalls: A look at 2 Vendor Offerings: Juniper and Cisco
from
SANS Information Security Reading RoomCategory: Firewalls & Perimeter Protection
Paper Added: December 12, 2008
Mining for Malware - There's Gold in Them Thar Proxy Logs!
from
SANS Information Security Reading RoomCategory: Malicious Code
Paper Added: November 17, 2008
Microsoft Security Advisory (960906): Vulnerability in WordPad Text Converter Could Allow Remote Code Execution
from
Microsoft Security Content: Comprehensive EditionRevision Note: December 15, 2008: Updated the workaround, Disable the
WordPad Text Converter for Word 97.Summary: Microsoft is investigating new reports of a vulnerability in the
WordPad Text Converter for Word 97 files on Windows 2000 Service Pack 4, Windows
XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Windows
XP Service Pack 3, Windows Vista, and Windows Server 2008 are not affected as these operating systems do not contain the vulnerable code.
6:12 AM (2 hours ago)
Microsoft Security Advisory (961040): Vulnerability in SQL Server Could Allow Remote Code Execution
from
Microsoft Security Content: Comprehensive EditionRevision Note: Advisory
publishedSummary: Microsoft is investigating new public reports of a vulnerability that could allow remote code execution on systems with supported editions of Microsoft
SQL Server 2000, Microsoft
SQL Server 2005, Microsoft
SQL Server 2005 Express Edition, Microsoft
SQL Server 2000 Desktop Engine (
MSDE 2000), Microsoft
SQL Server 2000 Desktop Engine (
WMSDE), and Windows Internal Database (
WYukon). Systems with Microsoft
SQL Server 7.0 Service Pack 4 and Microsoft
SQL Server 2008 are not affected by this issue.
Dec 31, 2008 (6 days ago)
MS08-067 Worm on the Loose
from
CGISecurity - Website and Application Security News by Robert
Dshield has published a report of a new MS08-067 worm spreading."It does various things to install and hide itself on the infected computer. It removes any System Restore points that the user has set and disables the Windows Update Service. It looks for ADMIN$ shares on the local network and tries
Jan 4, 2009 (2 days ago)
Security: The Number One Technology Failure of All Time
from
CGISecurity - Website and Application Security News by Robert
"I was reading through an article last night about the 25 greatest blunders in technology history and was happily strolling through memory lane (what are Palm Pilots, PS/2s and Apple Newtons anyways? :p) and then got quite a surprise at the very end of the article. The number one technology failure
Twitter Security Collapses; Obama, Fox and Britney Accounts Hacked
from
CGISecurity - Website and Application Security News by Robert
"Days after a wave of
phishing attacks fooled thousands of Twitter users, it appears that another security hole has been found by...someone.
Obama's account, unused since election day, sent out an affiliate link to a survey with a gas card prize, Fox News said that "Bill
O'Reily is gay" (not that...
Jan 5, 2009 (17 hours ago)
Inside The Malicious Traffic Business
from
McAfee Avert Labs by
Micha PekrulThe Web’s classical social-engineering trick of the “missing video
codec” tries to lure people into clicking on links or download and install an executable which pretends to be the missing application which is needed in order to watch the movie. The animated picture below is such an example: at first glance, it looks like a typically embedded video which is unable to load. The “picture” states that you’d have to click on it in order to see the movie. And here the lure begins - in this blog entry, we’ll follow it down and outline what kind of traffic management backbones are deployed for
malware campaigns nowadays
-- AuroraReport notes that this involves Streaming Media...Jan 5, 2009 (17 hours ago)
One Hacker May Conceal Another
from
McAfee Avert Labs by Francois
PagetThe current crisis in Gaza between Palestinians and Israelis marks a renewal of web defacement activities. Various Morocco hacker groups have been pointed out by the press; the best known is “Team-Evil,” which just
hacked the Ynet Israeli news site.Jan 5, 2009 (16 hours ago)
25C3: Nothing to Hide
from
McAfee Avert Labs by
Toralv DirroThe last major event of the year has just ended: The
25th Chaos Communication Congress’ Closing Ceremony just took place. Now in its 25
th year, making it one of the oldest annual IT security conferences on the planet, more than 4,000 visitors crowded the
BCC in Berlin, making it difficult to get into the talks, much like at
Defcon some years ago.
8:18 AM (31 minutes ago)
Browsers fail password protection tests
from
The Register - SecurityToxic soup of potential vulnerabilities
A beta version of Google Chrome has tied with Safari for last place in tests of how the browsers dealt with password security.…
Boffin brings 'write once, run anywhere' to Cisco hijacks
from
The Register - SecurityCurse of the
ROMmonA researcher has discovered a way to reliably exploit a known security vulnerability in a wide class of
Cisco System routers, a finding that for the first time allows attackers to hijack millions of devices with a single piece of code.…
Israel hacks Arab TV station
from
The Register - SecurityCyberspace becomes battleground in Gaza conflict
Israeli military forces have reportedly hacked into a Hamas-run TV station to broadcast propaganda.…
4:46 AM (4 hours ago)
Bruce Schneier: More on the Broad View of Security
from
Network World on SecurityBruce Schneier's evolution of interests is well documented, moving from encryption to broader and broader perspectives on security. (Hence his recent appearance on 60 Minutes, commenting on TSA's airport screening procedures.) To bring wider perspectives to bear on security issues, Schneier (Chief Security Technology Officer at BT) held in 2008 the first Workshop in Security and Human Behavior, with participants from a broad swath of disciplines including economics, psychology and more.
4:46 AM (4 hours ago)
Encryption top IT security initiative in 2009
from
Network World on Security by Ellen Messmer
Encryption seen as biggest IT security initiative in 2009, according to a Forrester Research survey.
Dec 25, 2008 4:49 AM
Secure Your Vista PC in 10 Easy Steps
from
Network World on SecurityWhile Windows Vista may be Microsoft's most secure operating system ever, it's far from completely secure. In its fresh-from-the-box configuration, Vista still leaves a chance for your personal data to leak out to the Web through Windows Firewall, or for some nefarious bot to tweak your browser settings without your knowing. But by making a few judicious changes using the security tools within Windows Vista--and in some cases by adding a few pieces of free software--you can lock down your operating system like a pro.
Dec 30, 2008 12:48 PM
The security imperative
from
Network World on SecurityLeslie Lambert, vice president and chief information security officer at Sun Microsystems Inc., returned from a three-week business trip to India with a few souvenirs and a whole new set of IT security priorities for 2009.
Dec 31, 2008 (6 days ago)
Securing DNS should trump budget-cutting for enterprise IT, experts say
from
Network World on Security by Denise Dubie
With economic concerns weighing heavy on enterprise IT executives' minds in 2009, revamping DNS systems might not seem like a top priority. Infoblox offers reasons why DNS should stay top-of-mind in 2009.
4:46 AM (4 hours ago)
Is your data center ready for tomorrow's applications?
from
Network World on SecurityClick here to see what Gartner, Network World and other experts say about the new data center.
6:31 AM (2 hours ago)
WITOOL v0.1 - GUI Based SQL Injection Tool in .NET
from
Darknet - The Darkside by Darknet
WITOOL is an graphical based SQL Injection Tool written in dotNET. - For SQL Server, Oracle - Error Base and Union Base Interface Features Retrieve schema : DB/TableSpace, Table, Column, other object Retrieve data : retrive paging, dump xml file Log : View the raw data HTTP log Environment OS: Windows 2000/XP/VISTA Requirement: Microsoft...
Jan 5, 2009 (18 hours ago)
Tim Callan: MD5 Hack Interesting, But Not Threatening
from
SecurityFocus NewsMD5 Hack Interesting, But Not Threatening
Jan 5, 2009 (20 hours ago)
Brief: Survey: One in seven SSL certificates are weak
from
SecurityFocus NewsSurvey: One in seven SSL certificates are weak
Dec 30, 2008 10:31 AM
News: Group attacks flaw in browser crypto security
from
SecurityFocus NewsGroup attacks flaw in browser crypto security
Sound Practice in Intrusion Detection & Prevention using NitroSecurity
from
SANS Technology Institute - Security LaboratoryThis paper investigates sound practices in intrusion detection and prevention, from IDS and IPS deployment considerations, to pushing the boundaries of IPS (with examples of advanced prevention techniques, specifically blocking the Kaminsky DNS cache poisoning exploit), and business applications.
--Aurora Report says that's all folks. Hopefully in going around the horn we touched all the bases, this has been the gala issue, so you might have noticed it is rather larger than a normal days worth of morning reading. Look forward to tomorrow and number two which will hopefully be a more palatable, quick, and informative read.
Posts
No comments:
Post a Comment