Monday, May 18, 2009

Around The Horn vol.1,101

Hackers crack flight sim community site, ruin it for everyone

By chris.foresman@arstechnica.com (Chris Foresman) on hackers

A website for flight simulator enthusiasts, originally launched in 1996, has been essentially "destroyed" by the shenanigans of hackers. Avsim had become an important resource for flight sim users over the last 13 years, but the site has been completely shut down after hackers essentially took down both the site's servers.

"The method of the hack makes recovery difficult, if not impossible," the site's founder, Tom Allensworth, said in a statement. "AVSIM is totally offline at this time and we expect to be so for some time to come. We are not able to predict when we will be back online, if we can come back at all."

FAQ: Cloud computing, demystified

Cloud computing brings great promise, but also confusion to the IT industry. Key questions are answered here.

AVG LinkScanner Helps Avoid "Poison" Web Sites

These days, one of the greatest threats to your PC is that of so-called poisoned Web pages, which contain malicious downloads, or that may do damage to your PC all by themselves. Anti-spyware and anti-virus software may not protect you against these pages. If you're looking for an extra layer of protection against them, the free AVG LinkScanner is a good bet.

Web attacks routinely hosted by real Web sites

The number of legitimate websites being hacked to host malware has hit startling highs in recent days, new figures from MessageLabs have revealed.

Teen hacking seen as casual activity

Casual hacking is almost as established a part of teen life as downloading music to an iPod, a new survey of the age group has claimed.

Cisco SAFE Security Reference Guide Updated, (Mon, May 18th)

A number of years ago I found myself in a new role responsible for consulting on the security of a V ...(more)...

IIS6.0 WebDav Remote Auth Bypass, (Fri, May 15th)

If you're in the security business long enough, this one will sound extremely familiar: Appare ...(more)...

SpringSource Spring Framework Denial of Service Vulnerability

The j.u.r.Pattern.compile method in Sun 1.5 JDK has a problem ([1],[2]) with exponential compilation times, when using optional groups.

Oracle Outside in Document Conversion Engine Spreadsheet Buffer Overflow Vulnerabilities

Oracle Corp.'s Outside In Technology is a document conversion engine supporting a large number of binary file formats. Prior to Oracle's acquisition, the software was maintained by Stellent Inc. The software appears to have originated from "QuickView" for Windows 98, but later spun off. It is used by various software packages, one of which is Motorola Inc.'s Good Mobile Messaging Server.

HP OpenView Network Node Manager "ovalarmsrv" Integer Overflow

Security Bulletin Webcast Video, Questions and Answers – May 2009

By MSRCTEAM

In the May 2009 security bulletin webcast, we addressed several questions relating to MS09-017 in addition to questions about WSUS and MBSA. For those questions that came in after we concluded the webcast, we have provided answers in the published Q&A which you can find here:
http://blogs.technet.com/msrc/pages/monthly-security-bulletin-webcast-q-a-May-2009.aspx

Also, here is the link to the Q&A index page in case you want to view previous months:
http://blogs.technet.com/msrc/pages/microsoft-security-bulletin-webcast-q-a-index-page.aspx

Here is the video of the session that includes our detailed look at the bulletin and the live questions and answers session:

More listening and viewing options:

As always, customers experiencing issues installing any of the updates this month should contact our Customer Service and Support group:

Customers in the U.S. and Canada can receive technical support from Microsoft Customer Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.

International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

Please join us for our next live webcast on June 10, 2009 at 11:00 am PDT (UTC –7). Follow this link to pre-register:
http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032395225

Hope to see you then!

Jerry Bryant

Most Attacks Come from Legit but Hijacked Sites

Web attacks are routinely hosted by actual sites infected and acting as zombies, security firm warns.

Teens Hack Just for Fun

Curiosity, amusement fuel 'casual hacking' by teens, often on social networks, a study reports.

Preparing for Cyberwar

The Navy Cyber Defense Operations Command is ready to defend against cyberattacks, while other parts of the military -- and other countries -- focus on offense.

PDF Flaw Patched -- But Does Anybody Know?

Adobe finally closed a dangerous hole in Acrobat Reader, but it may not get the attention it deserves.

No comments:

Post a Comment

My Blog List