Alerts
Jan 13, 2009 (13 hours ago)
Critical Patch Update - January 2009
from Oracle Security Alerts
-- Aurora Report updated: erroneously posted past outdated Oracle alerts have been removed.
6:25 PM (11 hours ago)
TA09-013A: Microsoft Updates for Multiple SMB Protocol Vulnerabilities
from US-CERT Technical Cyber Security Alerts
Microsoft Updates for Multiple SMB Protocol Vulnerabilities
6:25 PM (11 hours ago)
TA08-352A: Microsoft Internet Explorer Data Binding Vulnerability
from US-CERT Technical Cyber Security Alerts
Microsoft Internet Explorer Data Binding Vulnerability
6:25 PM (11 hours ago)
TA08-350A: Apple
from US-CERT Technical Cyber Security Alerts
Apple
6:25 PM (11 hours ago)
TA08-340A: Sun Java Updates for Multiple Vulnerabilities
from US-CERT Technical Cyber Security Alerts
Sun Java Updates for Multiple Vulnerabilities
Jan 13, 2009 (16 hours ago)
MS09-001 - Critical: Vulnerabilities in SMB Could Allow Remote Code Execution (958687)
from Microsoft Security Bulletins
Bulletin Severity Rating:Critical - This security update resolves several privately reported vulnerabilities in Microsoft Server Message Block (SMB) Protocol. The vulnerabilities could allow remote code execution on affected systems. An attacker who successfully exploited these vulnerabilities could install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
7:29 PM (10 hours ago)
The Oracle Patches are here, (Tue, Jan 13th)
from SANS Internet Storm Center, InfoCON: green
And boyare there a lot of them. The overall patch is listed as CRITICAL and from the details, ...(more)...
6:28 PM (11 hours ago)
New info disclosure vuln in Safari reported, (Tue, Jan 13th)
from SANS Internet Storm Center, InfoCON: green
Ismael Valenzuela pointed us at Brian Mastenbrook's blog where he has published a new information di ...(more)...
Jan 13, 2009 (12 hours ago)
Roundcube Webmail follow-up, (Tue, Jan 13th)
from SANS Internet Storm Center, InfoCON: green
ISC Reader David Wharton sent us an excellent follow-up to our previous diary entry - http://isc.san ...(more)...
Jan 13, 2009 (16 hours ago)
January Black Tuesday Overview, (Tue, Jan 13th)
from SANS Internet Storm Center, InfoCON: green
Overview of the January 2009 Microsoft patches (KB article) and their status. ...(more)...
Jan 13, 2009 (13 hours ago)
SANS publishes Top 25 most dangerous programming errors, (Tue, Jan 13th)
from SANS Internet Storm Center, InfoCON: green
Just a quick note in between patch info. SANS has published a list of the top 25 worst p ...(more)...
Jan 13, 2009 (15 hours ago)
The Oracle Patches are Coming! The Oracle Patches are Coming!, (Tue, Jan 13th)
from SANS Internet Storm Center, InfoCON: green
Oracle has posted a pre-release announcement for their January patch release and it looks to be big. ...(more)...
7:29 PM (10 hours ago)
Web Application Firewalls (WAF) - Have you deployed WAF technology?, (Mon, Jan 12th)
from SANS Internet Storm Center, InfoCON: green
What is WAF? If your first response to the subject is What is a Web Application Firew ...(more)...
7:29 PM (10 hours ago)
Downadup / Conficker - MS08-067 exploit and Windows domain account lockout, (Mon, Jan 12th)
from SANS Internet Storm Center, InfoCON: green
The storm center handlers mailbox has received a growing number of email inquiries regarding root ca ...(more)...
Security News
Jan 13, 2009 (16 hours ago)
Microsoft Security Bulletin Summary for January 2009
from Microsoft Security Content: Comprehensive Edition
Revision Note: Bulletin Summary published.Summary: This bulletin summary lists security bulletins released for January 2009.
Jan 13, 2009 (16 hours ago)
MS09-001 - Critical: Vulnerabilities in SMB Could Allow Remote Code Execution (958687) - Version:1.0
from Microsoft Security Content: Comprehensive Edition
Severity Rating: Critical - Revision Note: Bulletin published.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Server Message Block (SMB) Protocol. The vulnerabilities could allow remote code execution on affected systems. An attacker who successfully exploited these vulnerabilities could install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.
Jan 13, 2009 (16 hours ago)
MS08-037 – Important: Vulnerabilities in DNS Could Allow Spoofing (953230) - Version:2.3
from Microsoft Security Content: Comprehensive Edition
Severity Rating: Important - Revision Note: V2.3 (January 13, 2009): Added a new entry to the Frequently Asked Questions (FAQ) Related to This Security Update section to communicate the fix to a detection and deployment issue with Windows XP Service Pack 3. There were no changes to the binaries or packages for this update. Customers who have successfully updated their systems do not need to reinstall this update.Summary: This security update resolves two privately reported vulnerabilities in the Windows Domain Name System (DNS) that could allow spoofing. These vulnerabilities exist in both the DNS client and DNS server and could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems.
6:46 PM (11 hours ago)
Oracle Releases Critical Patch Update With 41 Fixes
from CGISecurity - Website and Application Security News by Robert
"Oracle delivered 41 security fixes to its customers in its first critical patch update (CPU) of the year. Among those fixes are patches for serious flaws affecting Oracle WebLogic Server and Windows versions of Oracle Secure Backup. According to Oracle, a vulnerability in the WebLogic Server plugins for Apache, Sun and...
Jan 13, 2009 (14 hours ago)
Microsoft Patch Tuesday: MS09-001
from CGISecurity - Website and Application Security News by Robert
Microsoft has just published MS09-001 . This update addresses an SMB flaw. "Vulnerabilities in SMB Could Allow Remote Code Execution (958687) This security update resolves several privately reported vulnerabilities in Microsoft Server Message Block (SMB) Protocol. The vulnerabilities could allow remote code execution on affected systems. An attacker who successfully exploited...
6:46 PM (11 hours ago)
Gary McKinnon confesses to escape extradition to USA
from CGISecurity - Website and Application Security News by Robert
"COMPUTER hacker Gary McKinnon has signed a formal confession in a last-ditch attempt to avoid his extradition to the US, his family have confirmed.Former Highgate Wood School pupil Mr McKinnon, 42, is currently awaiting extradition after being accused of causing $700,000 worth of damage when he allegedly hacked into US security...
6:46 PM (11 hours ago)
CWE & SANS TOP 25 Most Dangerous Programming Errors
from CGISecurity - Website and Application Security News by Robert
"Most of the vulnerabilities that hackers exploit to attack Web sites and corporate servers are usually the result of common and well-understood programming errors. A list of 25 of the most serious such coding errors is scheduled to be released later today by a group of 30 high-profile organizations, including Microsoft,...
7:39 PM (10 hours ago)
Researcher warns of data-snooping bug in Apple's Safari
from The Register - Security
Mac or Windows, equal pwnage opportunity
Apple's Safari web browser for both the Mac and Windows suffers from a serious vulnerability that can expose emails, passwords and other sensitive contents of a user's hard drive, a researcher has warned.…
Jan 13, 2009 (17 hours ago)
Paris Hilton website violated by Trojan-spreaders
from The Register - Security
That's not hot
Virus authors reportedly planted malicious code on Paris Hilton's website late last week.…
Jan 13, 2009 (21 hours ago)
AVG snaps up behaviour-based threat detection firm
from The Register - Security
Sana move in uncertain times
AVG, the net security firm best known for its free-of-charge anti-virus tool, has bought anti-ID theft software firm Sana Security. Financial terms of the deal, announced Tuesday, were undisclosed.…
Jan 13, 2009 (23 hours ago)
Virus writer signs off in cordial Trojan message to MS
from The Register - Security
So long, and thanks for all the phish
An unidentified Russian virus writer has reached out to Microsoft with a message buried within a recent variant of the Zlob Trojan. The greeting in the malicious code was friendly and cordial, in sharp contrast to messages posted on compromised websites by defacement crews, which frequently deride the security of Microsoft's software.…
7:39 PM (10 hours ago)
Vector buys security firm Aladdin
from The Register - Security
Private equity firm builds up information security portfolio
Private equity firm Vector Capital has agreed to acquire Israeli security tools firm Aladdin Knowledge Systems in a deal valued at $160m.…
7:39 PM (10 hours ago)
Web 2.0rhea hack mistaken for end of universe
from The Register - Security
Much aTwitter about nothing
Fail and You Kids these days. Used to be, when you were mad at your parents or your professors, you'd write an email worm in Visual Basic and spread it around via Outlook clients.…
5:03 AM (1 hour ago)
Privacy groups file mobile marketing complaint with FTC
from Network World on Security
Two privacy groups on Tuesday asked the U.S. Federal Trade Commission to regulate how mobile marketers can use consumers' personal information, saying many people don't know when their information is being collected from cell phones and how it's being used.
5:03 AM (1 hour ago)
Groups file FTC complaint over cell phone privacy
from Network World on Security
You may not know it yet, but your cell phone is becoming the new battleground in the war between consumer rights groups and the behavioral advertising community.
5:03 AM (1 hour ago)
Microsoft issues first Windows 7 beta patch
from Network World on Security
Microsoft Corp. Tuesday issued its first patch for the just-released Windows 7 beta, but it passed on plugging a hole in an important file-sharing protocol that it fixed in older versions of the operating system.
5:03 AM (1 hour ago)
Researchers have hope of cheap, distributed zero-day worm defense
from Network World on Security by Tim Greene
Shutting down zero-day computer attacks could be carried out inexpensively by peer-to-peer software that shares information about anomalous behavior, say researchers at the University of California at Davis.
5:03 AM (1 hour ago)
Critical Fixes Released for Microsoft, Oracle
from Network World on Security
For today's Patch Tuesday, Microsoft released critical fixes for holes that could allow worms to run rampant through business networks, reminiscent of yesteryear's Blaster and Sasser scourges. Not to be outdone, Oracle will release a whopping 41 patches, including ten that can be "exploited remotely and anonymously," according to Symantec.
5:03 AM (1 hour ago)
Programmer uncovers Safari RSS vulnerability
from Network World on Security
There's nothing we love more than a good security vulnerability. It just goes to remind you once again that the only truly secure computer is that old SE/30 in your basement that's not even plugged in and is kept under lock and key.
5:03 AM (1 hour ago)
RIM patch fixes attachment flaw
from Network World on Security
Research In Motion issued a software update to address a vulnerability that could let a hacker send malicious code in a PDF file.
5:03 AM (1 hour ago)
Taxpayer data at IRS remains vulnerable, GAO warns
from Network World on Security
Less than three months after the Treasury Inspector General for Tax Administration reported that there were major security vulnerabilities in two crucial Internal Revenue Service systems, the IRS's security practices have been panned by another government entity.
5:03 AM (1 hour ago)
Experts say beast hiding in Microsoft Patch Tuesday vulnerability
from Network World on Security by John Fontana
Microsoft's Patch Tuesday dropped in on 2009 with a whisper revealing only a single patch covering three vulnerabilities with the Windows operating system's Server Message Block Protocol.
5:03 AM (1 hour ago)
SonicWall airs zippy security appliance for small businesses
from Network World on Security by Tim Greene
SonicWall is introducing a multi-function security appliance for small businesses that gives five times more throughput than its low-end devices for an extra $200.
Jan 13, 2009 (17 hours ago)
U.S. export controls: Ensuring obsolescence and declining economic competitiveness
from Network World on Security by Scott Bradner
The United States places a thicket of controls on the export of high-tech knowledge and products, and numerous restrictions on non-U.S. researchers in U.S. research centers. In recognition of the stupidity of these controls, the National Research Council is calling on the new administration to dramatically change the rules.
Jan 13, 2009 (17 hours ago)
AVG acquires behavioral detection security company
from Network World on Security
Czech security company AVG has completed a deal to acquire Sana Security, which specializes in detecting malicious software based on its behavior.
Jan 13, 2009 (17 hours ago)
Will Top 25 list of software errors rescue you from rotten software?
from Network World on Security by Ellen Messmer
Will the Top 25 worst software errors list released Monday be able to rescue customers from rotten software? That's the palpable hope from some security managers who have backed the government and industry effort to identify the worst programming mistakes that lead to patch-management headaches and even cybercrime and cyber espionage.
3:01 AM (3 hours ago)
The Associative Word List Generator (AWLG) - Create Related Wordlists for Password Cracking
from Darknet - The Darkside by Darknet
You may remember some time back we did a fairly exhaustive post on Password Cracking Wordlists and Tools for Brute Forcing. Wyd the Password Profiling Tool also does something similar to AWLG but it’s a PERL script rather than being based online. I’d prefer if AWLG let us download an offline version too personally. About AWLG The...Read the full post at darknet.org.uk
Jan 13, 2009 (17 hours ago)
Fake CNN Site From Phishing E-mail Serves Trojan
from Darknet - The Darkside by Darknet
The latest Phishing E-mails going round are leveraging on people’s need to digest the latest information, in this case about the Israel-Hamas conflict. They set up a fake CNN site which prompts you to upgrade your flash player to view the video, of course it’s not Flash but a Trojan targeting your sensitive financial information. I...Read the full post at darknet.org.uk
Jan 13, 2009 (16 hours ago)
News: Group releases list to kill most-dangerous bugs
from SecurityFocus News
Group releases list to kill most-dangerous bugs
Jan 13, 2009 (12 hours ago)
Brief: Oracle's patch overshadows Microsoft's light fix
from SecurityFocus News
Oracle's patch overshadows Microsoft's light fix
Jan 13, 2009 (14 hours ago)
Watchdogs: FTC must halt "deceptive" cellphone tracking, ads
from Ars Technica by david@arstechnica.com (David Chartier)
Are new cell phone features like GPS and rich Internet browsers providing too much information to marketers? Two consumer watchdog groups think so, and they have submitted a 52-page complaint to the FTC outlining the potential dangers and requesting an investigation.
Read More...
Jan 13, 2009 (14 hours ago)
Two months after McColo takedown, spam levels yet to recover
from Ars Technica by jhruska@arstechnica.com (Joel Hruska)
Reports indicate that spam levels remain below McColo levels as we move through January. Looking back, international, governmental, and corporate cooperation was clearly the linchpin that held the attacks together.
-- Aurora report says I think you have enough to read already, but check out the first "Distilled vol.1,1" post if you are still bored.
Posts
No comments:
Post a Comment