Saturday, February 14, 2009

Around The Horn vol.1,40

Alerts

7:02 PM (11 hours ago)
Canada Calling, (Fri, Feb 13th)

from SANS Internet Storm Center, InfoCON: green
A reader wrote in to ask about the uptick in port 5060 activity (visible here: isc.sans ...(more)...

Security News

Feb 12, 2009 (2 days ago)
Paraskavedekatriaphobia and something I haven't found a word for, (Fri, Feb 13th)

from SANS Internet Storm Center, InfoCON: green
Today is Friday the 13th, and also the day when we reach the symbolic 1234567890th second of Unix ti ...(more)...

Feb 13, 2009 (yesterday)
Third party information on conficker, (Fri, Feb 13th)

from SANS Internet Storm Center, InfoCON: green
(This will be updated as more information becomes public) In an effort to provde YOU the enduser t ...(more)...

Feb 12, 2009 (2 days ago)
We want your logs, obfuscated even., (Fri, Feb 13th)

from SANS Internet Storm Center, InfoCON: green
We always have a banner up on the webpage that says We want your logs or How to su ...(more)...

12:56 AM (6 hours ago)
Defacement archive Zone-h gets defaced

from CGISecurity - Website and Application Security News by Robert A.
"Defacement archive Zone-h.org has itself been defaced. The hack - claimed in the names of Cyber-Terrorist, HeLL cYbEr, and Jurm - involved posting a link to a YouTube video and dancing babies on the site's altered home page. The Arab language video, featuring an ad promoting nappies, replaced the site's usual...

12:56 AM (6 hours ago)
Security Vendor Kasperky Hacked Via SQL Injection

from CGISecurity - Website and Application Security News by Robert A.
A security lapse at Kaspersky has exposed a wealth of proprietary information about the anti-virus provider's products and customers, according to a blogger, who posted screen shots and other details that appeared to substantiate the claims. In a posting made Saturday, the hacker claimed a simple SQL injection gave access to...

12:56 AM (6 hours ago)
PHP filesystem attack vectors

from CGISecurity - Website and Application Security News by Robert A.
ascii writes"On Apr 07, 2008 I spoke with Kuza55 and Wisec about an attack I found some time before that was a new attack vector for filesystem functions (fopen, (includerequire)[_once]?, file_(putget)_contents, etc) for the PHP language. It was a path normalization issue and I asked them to keep it “secret” [4],...

Feb 13, 2009 (16 hours ago)
Twitter attack exposes awesome power of clickjacking

from The Register - Security
Hard to stop, harder to resist
A worm that forced a wave of people to unintentionally broadcast messages on microblogging site Twitter shows the potential of a vulnerability known as clickjacking to dupe large numbers of internet users into installing malware or visiting malicious pages without any clue they're being attacked.…

Feb 13, 2009 (17 hours ago)
Defacement archive Zone-h gets defaced

from The Register - Security
Web graffiti attack harks back to age of innocence
Defacement archive Zone-h.org has itself been defaced.…

Feb 13, 2009 (18 hours ago)
Kaspersky breach: No user info lifted, auditor confirms

from The Register - Security
But data was exposed
No customer information was accessed during last weekend's breach of a Kaspersky website, an independent auditor has concluded, confirming the results of an internal investigation conducted earlier by members of the anti-virus firm.…

Feb 13, 2009 (19 hours ago)
Wanna see how to use Win 7 UAC to pwn a PC?

from The Register - Security
Just press play...
White hat hackers have created a proof of concept demo illustrating how improved User Account Control (UAC) features in Windows 7 might be completely bypassed.…

Feb 13, 2009 (22 hours ago)
Serial security hackers hit F-secure

from The Register - Security
Sequel SQL assault
F-Secure admitted on Thursday that it had been hit by the same Romanian group that previously hit Kaspersky Lab and Bitdefender's reseller-run Portugese website over recent days.…

Feb 13, 2009 (yesterday)
McAfee sales strong despite recession

from The Register - Security
Security firm rides out economic storm
McAfee bucked the trend of poor financial news from the IT industry by posting strong results that exceeded analyst expectations on Thursday.…

Feb 13, 2009 (yesterday)
Microsoft Offers $250K Bounty for Conficker Author

from Darknet - The Darkside by Darknet
We did mention Conficker when it broke out back in January causing one of the largest scale infections ever seen (an estimated 9 million machines in just a few months). The latest news is that Microsoft are offering a bounty to catch the author of the malware, we have seen this back in 2003/4 (The Anti-virus [...]Read the full post at darknet.org.uk

Feb 13, 2009 (20 hours ago)
News: Cabal forms to fight Conficker, offers bounty

from SecurityFocus News
Cabal forms to fight Conficker, offers bounty

Feb 13, 2009 (15 hours ago)
Brief: Online thieves nab employee info from FAA

from SecurityFocus News
Online thieves nab employee info from FAA

Feb 13, 2009 (14 hours ago)
Why Google's Software Update Tool Is Evil

from Wired Top Stories by Scott Gilbertson
When Google Earth 5 was released last week, the Mac OS X version of the free desktop application came with an auto-updater that was installed on users' machines. The update tool runs in the background and can't be easily disabled — a tactic other software makers have long known is a huge no-no, and one some users are hopping mad about.

Feb 13, 2009 (18 hours ago)
With Global Effort, a New Type of Worm Is Slowed

from PC World Latest Technology News
There have been big computer worm outbreaks before, but nothing quite like Conficker

No comments:

Post a Comment

My Blog List