57 minutes ago
Friday, January 16, 2009
Around The Horn vol.1,11
Alerts
Jan 15, 2009 (15 hours ago)
TA09-015A: Oracle Updates for Multiple Vulnerabilities
from US-CERT Technical Cyber Security Alerts
Oracle Updates for Multiple Vulnerabilities
4:02 AM (2 hours ago)
...and all that SPAM - Evolution of Spam Bots in 2009, (Fri, Jan 16th)
from SANS Internet Storm Center, InfoCON: green
Argh! Its a brand new day, and another brand new batch of Spam to delete from the inbox. ...(more)...
Security News
Jan 15, 2009 (17 hours ago)
Conficker Worm using Metasploit payload to spread
from McAfee Avert Labs by Xiao Chen
Recently we got some new samples of the W32/Conficker.Worm to analyze. While investigating we found that this worm has an exploit for the recent MS08-067 vulnerability and uses the exploitation method derived from the metasploit ms08_067_netapi module to spread itself. Below is the traffic packet capture snapshot sent by the worm:
Jan 15, 2009 (14 hours ago)
Web entrepreneur accused of massive data heist
from The Register - Security
9,000 plus consumer reports lifted, suit says
Consumer rating service Angie's List has accused a web entrepreneur of plundering thousands of its records so he could start a rival company that offers a similar service.…
Jan 15, 2009 (18 hours ago)
Royal Navy warships lose email in virus infection
from The Register - Security
Windows for Warships™ combat kit unaffected, says MoD
The Ministry of Defence confirmed today that it has suffered virus infections which have shut down "a small number" of MoD systems, most notably including admin networks aboard Royal Navy warships.…
Jan 15, 2009 (19 hours ago)
Sacked worker faces jail over malware revenge attack
from The Register - Security
Fast food systems choke on system-crashing code
A sacked worker has admitted planting malware on his former employer's computer network in a revenge attack.…
Jan 15, 2009 (18 hours ago)
419ers take Canadian for $150,000
from The Register - Security
Textbook scam
A Canadian man who fell for a 419 scam was taken for $150,000 by advance fee fraudsters who conducted a textbook operation to fleece their victim.…
Jan 15, 2009 (21 hours ago)
Prolific worm infects 3.5m Windows PCs
from The Register - Security
Conficker wriggles far and wide
A prolific new worm has spread to infect more than 3.5m Windows PCs, according to net security firm F-secure. The success of the Conficker (AKA Downadup) worm is explained by its use of multiple attack vectors and new social engineering ruses, designed to hoodwink the unwary into getting infected.…
9:02 PM (9 hours ago)
Solitary MS update lances critical Windows risk
from The Register - Security
Oracle patches own January Black Tuesday
The solitary security update in the latest edition of Microsoft's monthly Patch Tuesday still poses a critical risk.…
5:05 AM (1 hour ago)
Six worst Internet routing attacks
from Network World on Security by Carolyn Duffy Marsan
Here's our list of the biggest security incidents involving the Internet's core routing protocol, the Border Gateway Protocol. Some of these incidents were attacks; others were accidental misconfigurations. But all of them disrupted traffic to Web sites or entire networks because of incorrect routing messages being propagated across the Internet through BGP.
5:05 AM (1 hour ago)
4 open source BGP tools
from Network World on Security by Carolyn Duffy Marsan
The U.S. Department of Homeland Security is funding the following industry and academic groups involved in developing open source tools aimed at securing the Internet's Border Gateway Protocol-based routing infrastructure.
5:05 AM (1 hour ago)
U.S. plots major upgrade to Internet router security
from Network World on Security by Carolyn Duffy Marsan
The U.S. federal government is accelerating its efforts to secure the Internet's routing system, with plans this year for the Department of Homeland Security to quadruple its investment in research aimed at adding digital signatures to router communications.
5:05 AM (1 hour ago)
How Obama might get his way on BlackBerry
from Network World on Security by Ellen Messmer,John Cox
Should Obama as president use a BlackBerry? Security and legal experts weigh in on what would be a first for any U.S. president, sending e-mail from his own personal digital assistant.
5:05 AM (1 hour ago)
Study blasted for downplaying online threats to children
from Network World on Security
A report released Wednesday by a task force set up by MySpace Inc. paints a surprisingly benign picture of the online security and privacy threats faced by children. But the report's conclusion - that some of the common concerns about those threats may be overstated or misplaced - is drawing sharp criticism from some quarters.
5:05 AM (1 hour ago)
Police in India sweep for unsecured Wi-Fi networks
from Network World on Security by John Cox
The Mumbai, India, police are using a battery of devices to systematically identify and eliminate unsecured Wi-Fi networks.
5:05 AM (1 hour ago)
1 in 3 Windows PCs vulnerable to worm attack
from Network World on Security
The worm that has infected several million Windows PCs is causing havoc because nearly a third of all systems remain unpatched 80 days after Microsoft rolled out an emergency fix, a security expert said Thursday.
5:05 AM (1 hour ago)
The Security Laugh Metric
from Network World on Security
Individuals such as Pete Lindstrom and groups like securitymetrics have done a great job creating awareness of the need for security metrics. In fact, nearly a thousand security metrics can be found in the book Complete Guide to Security and Privacy Metrics for those who are metrics obsessed.
Jan 15, 2009 (17 hours ago)
Can Mozilla Prove Firefox Is the Most Secure Browser
from Network World on Security
A little over a year ago, I challenged some of the security claims asserted by Mozilla that Firefox "won't harbor nearly as many security flaws as those that have Microsoft's Internet Explorer" with an Internet Explorer and Firefox Vulnerability Analysis. Of course, the publication of my report was quickly followed by a vigorous rebuttal from Mozilla's Mike Shaver (please do read it, so you have his viewpoint).
Jan 15, 2009 (17 hours ago)
Encryption programs open to kernel hack
from Network World on Security
Many popular Windows encryption programs that hide files inside mounted volumes could be fatally compromised by a new type of attack uncovered by a German researcher.
11:17 PM (7 hours ago)
FireCAT 1.5 Released - Firefox Catalog of Auditing Extensions
from Darknet - The Darkside by Darknet
FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment FireCAT 1.5 will be the last release of this 1.x branch. In fact, we are working on a new improved version 2.0 (management of plugins, instant download from...Read the full post at darknet.org.uk
Jan 15, 2009 (21 hours ago)
Next-Gen Botnets Taking The Place of Storm and Srizbi
from Darknet - The Darkside by Darknet
Back in November there was a considerable drop in Spam when Spam friendly ISP McColo was cut off from the Internet by it’s upstream peer. Srizbi worm was pretty smart though and was picking up again by the end of November. Later in the year the botnets were somewhat neutralised leading to a huge drop in [...]Read the full post at darknet.org.uk
-- Aurora Report says not to much, not to little, just the right dose for what ails you.
Subscribe to:
Post Comments (Atom)
My Blog List
-
Google I/O Was Confusing and That's a Big Problem - CNET - Commentary: Maybe it's time that Google used its AI tools to see everything from their customer's eyes.
-
Patch Tuesday, May 2024 Edition - Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two "zero-day" vulnerabilities i...3 hours ago
-
Google to Roll Out 'Gems,' Personalized Versions of Gemini - CNET - The announcement came during Google's annual developers conference.
3 hours ago -
-
Cybersec chiefs team up with insurers to say 'no' to ransomware bullies - Guidebook aims to undermine the criminal business model The latest effort to reduce the number of ransom payments sent to cybercriminals in the UK involve...7 hours ago
-
Anybody knows that this URL is about? Maybe Balena API request?, (Wed, Feb 7th) - Yesterday, I noticed a new URL in our honeypots: /v5/device/heartbeat. But I have no idea what this URL may be associated with. Based on some googleing, I ...3 months ago
-
Best EDR Of The Market (BEOTM) – Endpoint Detection and Response Testing Tool - BestEDROfTheMarket is a naive user-mode EDR (Endpoint Detection and Response) tool designed to serve as a testing ground4 months ago
-
My Last Email with W. Richard Stevens - In the fall of 1998 I joined the AFCERT. I became acquainted with the amazing book *TCP/IP Illustrated, Volume 1: The Protocols* by W. Richard Stevens...
10 months ago -
Comic for March 12, 2023 - Dilbert readers - Please visit Dilbert.com to read this feature. Due to changes with our feeds, we are now making this RSS feed a link to Dilbert.com.1 year ago
-
87% of Container Images in Production Have Critical or High-Severity Vulnerabilities - At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain.1 year ago
-
Vulnerability Summary for the Week of November 29, 2021 - Original release date: December 6, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info abb -- rtu50...2 years ago
-
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus - Original release date: December 2, 2021 Summary *This joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (AT...2 years ago
-
20 years of CGISecurity: What appsec looked like in the year 2000 - Just realized that 20 years have passed since I started this site to learn more about web security threats. What 'appsec' looked like in 2000 OWASP didn't ...3 years ago
-
Ransomware: Why one city chose to the pay the ransom after falling victim - Posted by InfoSec News on Aug 12 https://www.zdnet.com/article/ransomware-why-one-city-chose-to-the-pay-the-ransom-after-falling-victim/ By Danny Palmer Z...3 years ago
-
What the newly released Checkra1n jailbreak means for iDevice security - There are reasons to embrace it. There are reasons to be wary of it. Here's the breakdown.4 years ago
-
Privacy and Mobile Device Apps - Original release date: July 9, 2019 | Last revised: November 15, 2019 What are the risks associated with mobile device apps? Applications (apps) on your sm...4 years ago
-
44CON 2018 - 12th-14th September, London (UK) - Posted by Steve on Feb 28 44CON 2018 is the UK's best annual Security Conference and Training event. The conference spans 2.5 days with training on the 1...6 years ago
-
Cryptopp Crypto++ 5.6.4 octets Remote Code Execution Vulnerability - Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the leng...6 years ago
-
V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...7 years ago
-
vTech – ignorance is no defence (and neither are weasel words) - This morning, Troy Hunt published a blog post alerting to a recent change in the Terms & Conditions published by children’s toy manufacturer vTech. The cha...8 years ago
-
DOJ probing claims U.S. drug agency 'collaborated' with NSA on intelligence - The U.S. Justice Dept. said it was "looking into the issues" raised by an Reuters story, that one of its law enforcement agencies collaborated with the NSA...10 years ago
-
-
-
-
-
-
-
-
-
Posts
No comments:
Post a Comment