Microsoft's IIS Web server may be to blame, says researcher
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9080580
Researcher finds new flaw in QuickTime for Windows A rather tricky vulnerability in QuickTime could be exploited remotely to attack Windows PCs running Vista SP1 or XP SP2. Read more...
With antivirus vendors already processing some 30,000 samples each day, there's no need for any more samples, said Roger Thompson, chief research officer at AVG Technologies. "It's hard to see an upside for encouraging people to write more viruses," he said via instant message. "It's a dumb idea."
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9080658&taxonomyId=17&intsrc=kc_top
Securing the Internet's DNS - 4/24/2008 5:30:00 PM Internet's .arpa, .org, and .uk domains soon to adopt DNSSEC
Researchers Infiltrate and 'Pollute' Storm Botnet - 4/23/2008 3:45:00 PM European botnet experts devise a method that disrupts stubborn peer-to-peer botnets like Storm
Companies May Be Held Liable for Deals With Terrorists, ID Thieves - 4/23/2008 5:25:00 PM New and little-known regulations could mean fines, or even jail time, for companies that do business with bad guys
Ten myths about Identity Fraud
http://www.darkreading.com/document.asp?doc_id=145823
Questions about Web Server Attacks
Posted Friday, April 25, 2008 9:44 PM by MSRCTEAM
Hi there this is Bill Sisk.
There have been conflicting public reports describing a recent rash of web server attacks. I want to bring some clarification about the reports and point you to the IIS blog for additional information.
To begin with, our investigation has shown that there are no new or unknown vulnerabilities being exploited. This wave is not a result of a vulnerability in Internet Information Services or Microsoft SQL Server. We have also determined that these attacks are in no way related to Microsoft Security Advisory (951306).
The attacks are facilitated by SQL injection exploits and are not issues related to IIS 6.0, ASP, ASP.Net or Microsoft SQL technologies. SQL injection attacks enable malicious users to execute commands in an application's database. To protect against SQL injection attacks the developer of the Web site or application must use industry best practices outlined here. Our counterparts over on the IIS blog have written a post with a wealth of information for web developers and IT Professionals can take to minimize their exposure to these types of attacks by minimizing the attack surface area in their code and server configurations. Additional information can be found here: http://blogs.iis.net/bills/archive/2008/04/25/sql-injection-attacks-on-iis-web-servers.aspx
FBI Director Wants Broad Power to Monitor Internet Activity
The FBI on Wednesday called for new legislation that would allow federal police to monitor the Internet for "illegal activity." The suggestion from FBI Director Robert Mueller, which came during a House of Representatives Judiciary Committee hearing, appears to go beyond a current plan to monitor traffic on federal-government networks. Mueller seemed to suggest that the bureau should have a broad "omnibus" authority to conduct monitoring and surveillance of private-sector networks as well. If any omnibus Internet-monitoring proposal became law, it could implicate the Fourth Amendment's guarantee of freedom from unreasonable searches and seizures. In general, courts have ruled that police need search warrants to obtain the content of communication.
FBI wants widespread monitoring of 'illegal' Internet activity, CNet News.com, April 23, 2008.
Posted by EPIC on April 24, 2008.Permanent link to this item.
Cyber Espionage
Interesting investigative article from Business Week on Chinese cyber espionage against the U.S. government, and the government's reaction.
When the deluge began in 2006, officials scurried to come up with software "patches," "wraps," and other bits of triage. The effort got serious last summer when top military brass discreetly summoned the chief executives or their representatives from the 20 largest U.S. defense contractors to the Pentagon for a "threat briefing." BusinessWeek has learned the U.S. government has launched a classified operation called Byzantine Foothold to detect, track, and disarm intrusions on the government's most critical networks. And President George W. Bush on Jan. 8 quietly signed an order known as the Cyber Initiative to overhaul U.S. cyber defenses, at an eventual cost in the tens of billions of dollars, and establishing 12 distinct goals, according to people briefed on its contents. One goal in particular illustrates the urgency and scope of the problem: By June all government agencies must cut the number of communication channels, or ports, through which their networks connect to the Internet from more than 4,000 to fewer than 100. On Apr. 8, Homeland Security Dept. Secretary Michael Chertoff called the President's order a cyber security "Manhattan Project."
It can only help for the U.S. government to get its own cybersecurity house in order.
Posted on April 28, 2008 at 06:45 AM • 9 Comments •
View Blog Reactions
WordPress PHP Code Execution and Cross-Site Scripting - Highly critical - From remoteIssued 4 hours ago. Two vulnerabilities have been reported in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and to compromise a vulnerable system.
"The first naturally occurring superheavy element has been found. An international team of scientists found several nuclei of unbibium in a sample of the naturally occurring heavy metal thorium. Unbibium has an atomic number of 122 and an atomic weight of 292. In general, very heavy elements tend to be unstable but scientists have long predicted that even heavier nuclei would be stable. The group that found unbibium in thorium say it has a half life in excess of 100 million years and an abundance of about 10^(-12) relative to thorium, which itself is about as abundant as lead."
All the rage in Europe: Firefox market share climbs higher
Month by month, Firefox continues to make gains in Europe, where the browser approaches a 50 percent market share in some countries. Firefox also has stronger usage on weekends, when people get to use the browser of their choice.
April 27, 2008 - 06:58PM CT - by Ryan Paul
Two more indicted on E-Rate fraud charges
After Web defacement, university warns of data breach
China worries hackers will strike during Beijing Olympics
Judge orders White House to resolve e-mail backup 'ambiguity'
Researcher finds new way to hack Oracle database
If Top Gov't Officials Need To Leave Blackberries Outside A Meeting, Shouldn't Someone Guard Them?
from the just-a-thought dept
Apparently a Mexican press attache at a meeting with White House officials in New Orleans saw an opportunity and swiped the Blackberries of a bunch of White House staffers. At many such meetings, it's required for attendees to leave their phones and mobile devices outside of the meeting room. You would think that with such high-powered government officials that someone would then be left to guard the devices, but apparently not. This guy grabbed a bunch of the devices and made a run for the airport, where he was caught by Secret Service officials, who promptly showed him the surveillance camera footage of him taking the devices. His response was that he thought the devices had been left behind, and he was merely picking them up to return them to their owners, which might be more believable if the folks weren't still in the meeting room when he grabbed all the devices. Who knows if it's true, but I'm still wondering why no one was guarding the Blackberries.
Google Analytics getting my passwords? NOT!
Friday April 25, 2008 at 8:15 am CSTPosted by Pedro Bueno
http://www.avertlabs.com/research/blog/index.php/2008/04/25/google-analytics-getting-my-passwords-not/
So, on a bright Friday morning here in Brazil, I was analyzing an interesting piece of malware. Well, this piece of malware was sending encoded data to gooqle-analytics.com…hmmmm maybe trying to get infection statistics?
We have seen this before…but something wasn’t quite clear… it seemed that this was all that the malware was doing… hmmmm ok… checking a little closer, I could see the traffic generated… it was encoded traffic… not common for Google Analytics…
A little more research revealed that there was a dll injected in the svchost process, and analyzing this packed dll revealed that its purpose was to steal information and send to gooqle-analytics… but what the heck? Is Google stealing my info? NOT!!! As some of you noticed reading this blog, I did not misspell the name… it was sending the info to gooqle-analytics.com, and not google-analytics.com…
This gooqle thing domain is hosted on a IP in Italy…yea…bad,bad gooQle…!
Hacker denies using tool to break into Dish Network security
Jim Carr April 25, 2008
A software engineer testified that he was hired by a unit of News Corp. to develop software that could reverse engineer code on satellite receiver smart cards, but denies hacking.
Another Apple QuickTime bug reported
Dan Kaplan April 24, 2008
US-CERT has issued an alert concerning a new zero-day vulnerability in the Apple QuickTime media player.
Which Gov Agency Should Be Your Computer's Firewall?
By Ryan Singel April 25, 2008 8:05:10 PMCategories: Cybarmageddon!, Spooks Gone Wild
First the NSA says it needs to examine every search and email on the internet to prevent an e-9/11 attack, then President Bush signs a secret cyber-security Presidential Directive to make that possible, while the Air Force has set up a cyber warfare division where cyber-security is played like a game of Space Invaders.
Not to be left out on the cybarmegeddon! action, the Department of Homeland Security plans to spearhead a "Manhattan Project" attempt to secure the internet. But there's no way FBI chief Robert Mueller is gonna let DHS honcho Michael Chertoff have all the bits, so this week he told a House committee that G-Men need to be living in the tubes, too.
The great thing about all of these agencies deciding that they need to be inspecting packets on the interweb is that soon you will no longer have to buy anti-virus or security software, you'll just have to choose which government agency you hand your computer password to.
But the question is, which one should you choose to protect your Win98 box?
Submit your favorite agency (with logo link if you have one) or vote up other choices here. Defend your vote in the comments, if you like.
Show agencies that are: hot new
The originator of “Red Heart China” gets his website hacked!! Europeans responsible?
Bluetooth Mobile Phone Hacked Right Before Your Eyes
Published 03/27/2008
Watch How Scammers Turn Bluetooth Technology Into Hard Cold Cash In The Below Video
http://www.nationalcybersecurity.com/blogs/626/Tornado-Hacking-Tool-For-Rent.html
Security researchers have discovered a new web-based attack tool which exploits up to 14 browser vulnerabilities and installs malware on the user's system.
Symantec researcher Liam O'Murchu said that 'Tornado' is commonly installed on a server by a single 'administrator', who then offers accounts on the server to other attackers.
The attackers then inject code into other web pages to redirect users to the Tornado server, where the exploit and malware installation is conducted.
Google Docs gets new features, templates soon
More URI handler issues to come
Nate McFeters: A new command injection flaw was discovered, this time in IBM's Lotus Expeditor. What's most interesting about this class of vulnerability is that it can be deployed quite simply
No comments:
Post a Comment