The zero-day (un-patched) IE exploit is now reportedly attacking IE7 on all OS versions including VistaSP1, and other versions of IE both older and newer are “potentially vulnerable”. Microsoft discusses this problem here: http://www.microsoft.com/technet/security/advisory/961051.mspx.
http://www.virustotal.com/analisis/244ae03fed5b32d999c50b614fddde6a shows that 20/38 of virus scanners are currently catching this exploit, and McAfee and Symantec are NOT among them. Microsoft lists “Disable XML Island functionality” as a workaround. Check the advisory for how (but not why) to do that.
There is a list of domains that are compromised (http://www.shadowserver.net/wiki/) that could be used for a manual block list.
Cisco: Cybercriminals Hiding Behind Legitimate Websites, Email Accounts Dec 15,2008
New annual security threat report from Cisco highlights a 'rough year' for computing in 2008
http://newsroom.cisco.com/dlls/2008/prod_121508.html?POSITION=LINK&COUNTRY_SITE=us&CAMPAIGN=NewsAtCiscoLatestNewsfromCDCHP&CREATIVE=LINK1&REFERRING_SITE=CISCO.COMHOMEPAGE
The Annual Cisco Security Report: Notable Trends
- The overall number of disclosed vulnerabilities grew by 11.5 percent over 2007.
- Vulnerabilities in virtualization technology nearly tripled from 35 to 103 year over year.
Attacks are becoming increasingly blended, cross-vector and targeted. - Cisco researchers saw a 90 percent growth in threats originating from legitimate domains, nearly double what was seen in 2007.
- The volume of malware successfully propagated via e-mail attachments is declining. Over the past two years (2007-2008), the number of attachment-based attacks decreased by 50 percent from the previous two years (2005-2006).
Friday update for Microsoft Security Advisory 961051Posted Friday, December 12, 2008 4:58 PM by MSRCTEAM
Hi this is Christopher Budd,
I wanted to give you a quick update on a couple of new things today related to Microsoft Security Advisory 961051.
We’ve made another revision to the advisory today. Our research teams are working around the clock to help identify better, more effective workarounds to give customers more options to evaluate and we’ve updated the advisory with the latest information from their research.
We’ve also posted some additional details and information on the Security Vulnerability Research and Defense blog. This includes a Vista-specific workaround as well as additional information to help your analysis of the different workaround options.
Clarification on the various workarounds from the recent IE advisory
Businesses 'fail to learn' from HMRC data loss disaster
McCain Campaign BlackBerry Yields Sensitive Data
Critics to ICANN: Top-level domain sale dangerous, costly
Spam levels rise again after McColo fallout fades
Microsoft update leaves some bugs unpatched
Va. seeks reinstatement of anti-spam law AP - Thu Dec 11, 4:48 PM ET
RICHMOND, Va. - Virginia's attorney general asked the nation's highest court Thursday to revive a state anti-spam law struck down by a lower court as unconstitutionally overbroad.
Sony BMG to Pay US$1 Million to FTC for COPPA Violations
PC World - Thu Dec 11, 1:30 PM ET
Sony BMG Music Entertainment will pay US$1 million to the U.S. Federal Trade Commission for collecting data on at least 30,000 children under the age of 13 without their parents' consent, behavior that violates the U.S. Children's Online Privacy Protection Act (COPPA).
Dec 13, 3:35 pm
Internet Black Market Thrives
The online underground economy is booming, and the cybercrooks can't do it without you, Symantec warns.
New MS SQL Server vulnerability
Published: 2008-12-15,Last Updated: 2008-12-15 18:03:47 UTCby Toby Kohlenberg (Version: 1)
A slightly belated entry to make sure everyone is aware that last week we saw a new vulnerability announced for MS SQL Server 2000, 2005 & 2005 Express Edition by Bernhard Mueller from SEC Consult. Here is the original announcement: http://www.sec-consult.com/files/20081209_mssql-sp_replwritetovarbin_memwrite.txt
The above link does include a simple test script (not a full PoC) for the vulnerability.
There is a mitigation available - you can remove the vulnerable stored procedure. Microsoft hasn't provided a patch yet and hasn't provided a timeframe for delivery either.
British Telecom To Expand Phorm UseCarrier could eventually land in the States01:46PM Monday Dec 15 2008 by Karl Bode
British Telecom's early trials of Phorm behavioral advertising technology ended in controversy, when it was leaked that the trials were conducted without informing consumers their browsing histories were being sold. BT's third, and more transparent trial of the technology is nearing completion, Phorm saying they expect BT to fully deploy the technology shortly. story continues..
Chinese hackers are targeting French Embassy websites all around the world to protest President Nicolas Sarkozy’s visit with the Dalai Lama.
No comments:
Post a Comment