May 2008 Advance NotificationPosted Thursday, May 08, 2008 9:51 AM by MSRCTEAM
Hello, Bill here.
I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, May 13, 2008 around 10 a.m. Pacific Standard Time.
It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
As part of our regularly scheduled bulletin release, we’re currently planning to release:
· Three Microsoft Security Bulletins rated Critical and one that is rated as Moderate. These updates may require a restart and will be detectable using the newly released version of the Microsoft Baseline Security Analyzer.
As we do each month, the Microsoft Windows Malicious Software Removal Tool will be updated.
Finally, we are planning to release high-priority, non-security updates on Windows Update and Windows Server Update Services (WSUS) as well as high-priority, non-security updates on Microsoft Update and Windows Server Update Services (WSUS). For additional information, please see the Other Information section of the Advanced Notification.
Hacker's Choice: Top Six Database Attacks - 5/8/2008 6:20:00 PM It doesn't take a database expert to break into one
Ex-Feds Start Up ID Theft Protection Service - 5/7/2008 6:00:00 PM iSekurity promises to find out who stole your identity – or pay you $11,000
Free 'AxBan' Tool Kills Bad ActiveX Controls - 5/7/2008 5:55:00 PM Errata Security offers freebie ActiveX 'killbit' tool for users
Ireland: Data Protection Complaints Soared in 2007
According to the Office of the Data Protection Commissioner's annual report, which was published this morning, 1,037 new complaint investigations were initiated last year, up from 658 in 2006. The Data Protection Commissioner Billy Hawkes attributed the substantial increase in cases to a rise in complaints in relation to unsolicited text (SMS) messages. A total of 390 complaints about unsolicited text messages were received in 2007, equivalent to 38 per cent of all complaints received.
Data protection complaints rise in 2007, Irish Times, May 8, 2008.
Posted by EPIC on May 08, 2008.Permanent link to this item.
Mozilla Distributes Virus-Infected Language Pack
http://blogs.washingtonpost.com/securityfix/
Also at http://blogs.washingtonpost.com/securityfix/
Robotraff: A Hacker's Go-To For Clicks
Anyone who doubts that Internet click fraud has become a big money maker should take a look at a Russian Web site called Robotraff.com, which bills itself as "the first stock exchange of Web traffic."
Set up a free account at Robotraff and you're ready to buy or sell Web traffic. Got 30,000 hacked personal computers under your thumb? Super! Now you can use those systems to generate a steady income just by pointing them at Web sites requested by a buyer.
...
Proposed cybersecurity bill to pressure DHSNews Brief, 2008-05-09The legislation would hold the Department of Homeland Security responsible for investigating cyber attacks and shore up the agency's network security.
India, Belgium warn of Chinese attacksNews Brief, 2008-05-08Two more countries join the growing list of nations concerned with attacks from China that target their systems over the Internet.
Google turns Postini into Google Web Security for Enterprise
Google has been steadily adding corporate features to Google Apps for some time now, and the company's Google Web Security for Enterprise service that debuts today is no exception. Google Web Security is meant to give corporate users working from remote locations a safe portal from which to access the 'Net, without requiring that they log into a corporate network.
May 08, 2008 - 05:25PM CT - by Joel Hruska
China refuses to guarantee open Internet during Olympics
Just over a month after the International Olympic Committee "insisted" with China that the Internet must be open during the Games, officials have said that it won't be entirely open, because it must screen out "unhealthy web sites."
May 08, 2008 - 10:46AM CT - by Jacqui Cheng
Google Earth – Updated Images of MyanmarBy now, most of you have noticed the "Support victims" link featured on the... [read >>]
Office 2007 SP1 has a date
Mary Jo Foley: Systems administrators: Mark your calendars. Microsoft is going to start pushing the first service packs for Office 2007 and SharePoint 2007 next month.
Sometimes the old tricks work the best.May 9, 2008Beware of the scammer warning you of an impostor registering variants of your domain name in China, Hong Kong and the like.
The Happy Birthday Copyright Saga: Generating Millions On A Copyright That May Not Exist
from the but-would-anyone-test-it-in-court? dept
In the past we've joked about the (supposed) fact that the song "Happy Birthday" remains under copyright, due to a copyright originally held by sisters Mildred and Patti Hill, the claimed original authors of the song. However, William Patry points us to a fascinatingly detailed research paper into questions surrounding the copyright. What comes out of it is pretty strong evidence that the copyright is not valid -- but it's never gotten far enough in court to have a decision rendered. Plus, it sounds like many aspects of the "history" of the song really appear to be close to a myth. The sisters in question may have written the melody, but they almost definitely did not write the lyrics (their original copyright was on a different set of lyrics, "Good Morning to All"). As for the melody, there's plenty of evidence to suggest that it was actually taken from a series of extremely similar songs. So, there's a good chance they wrote neither the melody nor the lyrics. Also, there are numerous questions concerning whether or not the copyright holders correctly followed the various rules required of copyright holders at the time, suggesting that even if there were a legal copyright at some point, it's long since expired. And, of course, there's even some evidence to suggest less-than-legal tactics involved with transferring around some of the interest in the song. Amazingly, however, the legitimacy of the copyright has never been determined in court, and it now generates over $2 million per year. Over 1% of the money that ASCAP distributes to songwriters is for this one song, even though it may not be legitimate. Somehow, I doubt this is what the Founding Fathers intended when they wrote the Constitution.
4 Comments Leave a Comment..
IP Lawyer Explains Why Uploading Files May Not Be Distribution For Copyright
from the forget-making-available... dept
EA To Use Controversial Internet-Required DRM On New Games
from the pissing-off-your-customers dept
SteveD writes "PC Gamers are in an uproar over a new copy projection system announced by Electronic Arts for use on their upcoming titles. The PC-port of the successful Xbox title Mass Effect, and the eagerly awaited Will Wright title Spore will be two of the higher profile games to use this new system. The new system is the latest iteration of the SecuROM protection, which has caused problems in the past over technical issues with several popular titles. The version of SecuROM that shipped with Bioshock was even accused (but never proven) of installing a root-kit on users PCs.
Phone Marketer Stiffed Inmates, Prison Says
By KARINA BROWN
LOS ANGELES (CN) - Infomercial marketer Robert Klayman stiffed federal inmates for five months of work, Federal Prison Industries claims in a federal complaint.
You have to pay for quality
Wednesday May 7, 2008 at 10:01 am CSTPosted by Francois Paget
2 Comments;Permanent Link
The media frequently speaks about the underground economy and quote price ranges for various private goods available for sale. I recently read the trends were bearish, but let there be no misunderstanding about that, if the quality is here, the price will still be high. It is just like the price of food, you have the hard-discount and the luxury stores!!
With this post, I wish to be more precise regarding the data regarding the prices of some cybercriminal groups around the globe.
Last Friday morning in France...
Rare SCADA vulnerability discovered
Dan Kaplan May 08, 2008
Exploiting a rare and recently disclosed vulnerability in control system software - used to run industrial plants - could lead to service disruptions.
Report: FBI Investigates Epilepsy Forum Attackers
The AP follows up today on my March story about an assault on a popular epilepsy support forum, in which internet griefers used JavaScript code and flashing computer animation to trigger migraine headaches and seizures in some users.
There's really only one bit of new information in the report. Apparently the FBI is now investigating the attack.
Windows Vista More Vulnerable To Malware Than Windows 2000TechWeb - Thu May 8, 7:20 PM ET
InformationWeek - Vista let 639 threats per thousand computers through, compared with 586 for Windows 2000, 478 for Windows 2003, and 1,021 for Windows XP, security vendor PC Tools said.
http://www.guardian.co.uk/science/2008/may/07/starsgalaxiesandplanets.spaceexploration
Closer encounter: Nasa plans landing on 40m-wide asteroid travelling at 28,000mph
Blog entry by Scott McPherson, CIO for the Florida House of Representatives.
McPherson condemns the state of data sharing and data mining in law enforcement, saying that the US causes itself a great deal of trouble by focusing more on "antiterror armor and nuke-sniffing devices" than a useful information distribution network. He discusses a few such projects, and how they could have directly affected the events of 9/11. Quoting: "One of those ingenious things that actually worked, Seisint founder Hank Asher's brilliant MATRIX system, remains mired in controversy and politics. Hank showed me MATRIX just a few short weeks after the 9/11 attacks. Using law enforcement data and commercial data, all of the commercial data available in the public domain, Asher's query produced [hijacker Mohamed] Atta's photo -- and about 80 others, many of them fellow 9/11 hijackers, many of them associates of the 9/11 hijackers. It was simple data mining and algorithms, and none of the information was obtained illegally."
0-day treasure hunt: Researcher hides IE attack on Web
...The bug, which affects Internet Explorer 7 and IE 8, could allow an attacker to run unauthorized software on a victim's computer. Raff informed Microsoft of the flaw on Tuesday and the software vendor has not yet patched it, Raff said.
British banks are becoming increasingly reluctant to help victims of Internet fraud as new rules added to the Banking Code signal less willingness to cover losses.The updated code, which covers the banks' treatment of customers, says The Times, came into effect last month and states that victims of online fraud must have up-to-date antivirus and antispyware software installed, plus a personal firewall, to claim redress from their banks. If you fail to have the correct protection in place, the banks are increasingly likely to refuse any claim for a refund. The more hardline stance has been introduced as figures reveal that cases of fraudsters trying to steal bank details using bogus e-mails has tripled over the past year. Watchdogs say that there were 10 235 reported cases of phishing in the first three months of the year, against 3 394 in the first quarter of last year. Original article
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment