Home    News Archive    Translate Traducen

News February 2006

28 February 2006 Guides, Papers, etc www.nytimes.com: Cyberthieves Silently Copy Your Passwords as You Type. Read more www.sans.org: SECURITY 617: Assessing and Securing Wireless Networks. Read more www.securityfocus.com: Keyloggers on the rise. Read more www.securityfocus.com: Spreading security awareness for OS X. Read more www.digitalmunition.com: InqTana Through the eyes of Dr. Frankenstein. read more msdn.microsoft.com: Finding Security Compatibility Issues in Internet Explorer 7. Read more www.vmware.com: VMware Ultimate Virtual Appliance Challenge. Read more www.redmondmag.com: Vista Security: Worth Paying For. Read more computerworld.co.nz: How secure is open source? Read more www.infoworld.com: Malware dissection 101. Read more www.securitypipeline.com: Reports: IE 7 Crashes While Accessing Windows Updates. Read more   Vulnerabilities & Exploits securitytracker.com: DCI Designs Input Validation Holes in Taskeen Permit SQL Injection Attacks. Read more securitytracker.com: PwsPHP Input Validation Weakness in 'id' Parameter Lets Remote Users Inject SQL Commands. Read more securitytracker.com: eZ publish Input Validation Hole in 'ReferrerURL' Parameter Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Pentacle In-Out Board Input Validation Bugs in 'newsdetailsview.asp' and 'login.asp' Permit SQL Injection. Read more securitytracker.com: ArGoSoft FTP Server Buffer Overflow in DELE Command Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Sun Solaris Unspecified hsfs File System Bug Lets Local Users Deny Service and Gain Elevated Privileges. Read more securitytracker.com: Mambo Input Validation Holes in 'mambo.php' Permit SQL Injection and in _setTemplate() Function Let Remote Users Include Local Files. Read more securitytracker.com: Guestex Input Validation Hole in 'url' Parameter Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Cilem Haber Unspecified Input Validation Bug Permits SQL Injection. Read more securitytracker.com: SCO UnixWare ptrace Lets Local Users Inject Code into setuid Processes to Obtain Elevated Privileges. Read more   News www.theregister.co.uk: Yahoo! link confirmed in second Chinese dissident case. Read more news.bbc.co.uk: Viruses plague British businesses. Read more www.redherring.com: DOJ: Google Shouldn�t Worry. Read more www.redherring.com: ClickTracks Warns of Fraud. Read more www.theregister.co.uk: Politically motivated attacks soar in 2005. Read more www.theregister.co.uk: Dutch police target 23 Nigerian gangs. Read more www.scmagazine.com: Crimeware code sells trojans to hackers. Read more www.newsfactor.com: Web Attacks Disrupting Online Sales. Read more times.hankooki.com: Korea to Block Alien Hackers. Read more www.vnunet.com: New virus closes gap between PCs and Windows Mobile. Read more www.mercurynews.com: New Google service could compete with PayPal. Read more news.com.com: Distributed computing cracks Enigma code. Read more

27 February 2006 Guides, Papers, etc www.pcworld.com: The New Virus Fighters. Read more www.jpost.com: Legendary hacker Mitnick turns legit. Read more blogs.securiteam.com: OSX/Inqtana False Positive. Read more reviews.cnet.com: Small business. Read more blog.washingtonpost.com: The New Face of Phishing. Read more www.msnbc.msn.com: It�s �phishing� season for tax scammers. Read more msmvps.com: Microsoft Update versus Windows Update...Read more www.wired.com: A MySpace Cheat Sheet for Parents. Read more   Tools: www.securitypark.co.uk: Elcomsoft Recovers Passwords Using the Power of Multiple Computers. Read more   News www.pcpro.co.uk: DoJ hits back at Google over search logs. Read more www.mercurynews.com: Censorship in China divides Americans. Read more www.securityfocus.com: McAfee employees at risk. Read more www.dailytech.com: Virus Writer Accidentally Leaks Identity During Washington Post Interview. Read more www.pandasoftware.com: PandaLabs uncovers a complex malware creation system designed to spy and steal personal data. Read more www.marketwire.com: Symantec and Hotbar Resolve Adware Dispute. Read more today.reuters.com: Microsoft to offer 6 versions of Windows Vista. Read more news.com.com: Is your cell phone due for an antivirus shot? Read more www.redherring.com: Symantec Imitates a Startup. Read more www.wired.com: Building the Internet Toll Road. Read more www.redherring.com: Googling the National Archives. Read more

25 February 2006 Guides, Papers, etc www.informationweek.com: Gaming, Celebrity URLs: Riskiest Web Sites. Read more searchsecurity.techtarget.com: Smile! You're about to be hacked. Read more blogs.securiteam.com: Bypassing SSL in Phishing. Read more www.jpost.com: Legendary hacker Mitnick turns legit. Read more www.securitytechnique.com: Wi-Fi Security Checklist. Read more isc.sans.org: Malware: When <!-- comments --> become commands (NEW). Read more ddanchev.blogspot.com: Chinese Internet Censorship efforts and the outbreak. Read more ddanchev.blogspot.com: One bite only, at least so far! Read more   Tools: www.microsoft.com: Microsoft Anti-Cross Site Scripting Library V1.0. Read more www.keelog.com: DIY hardware keylogger. Read more   Vulnerabilities & Exploits secunia.com: Macromedia ShockWave Player ActiveX Installer Buffer Overflow. Read more securitytracker.com: Winamp Buffer Overflow in Processing '.m3u' Program Titles May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Teca Diary Personal Edition Input Validation Holes in 'functions.php' Permit SQL Injection. Read more   News seattletimes.nwsource.com: Virus creators begin knocking at Apple's core. Read more www.crn.com: Panda Detects Complex For-Profit Malware Scam. Read more news.com.com: Winamp update fixes flaw. Read more www.websensesecuritylabs.com: Increased deployment of Phishing Kits. Read more news.bbc.co.uk: Piracy 'in almost every street'. Read more www.zone-h.org: FACING THE DEFACERS: ISLAMIC HACKER ARRESTED IN FRANCE. Read more software.silicon.com: Mare.D virus: Ignore the hype. Read more www.spamdailynews.com: Americans oppose storage of search queries. Read more www.technewsworld.com: Microsoft Goes 'Live' With New Parental Controls. Read more googleblog.blogspot.com: Google to Digitize National Archives Footage. Read more

24 February 2006 Guides, Papers, etc articles.news.aol.com: www.defcon.org: DEF CON 14. Call for Papers. Read more searchwindowssecurity.techtarget.com: Vista's security features: What to expect. Read more www.theregister.co.uk: The real reason Skype isn't as good as it was. Read more www.sunbelt-software.com: BOTNETS. Read more downloads.bbc.co.uk: Internet censorship in China, the malicious code designed to attack Apple Macs and an energy-saving, pedal-powered Nintendo. Listen   Tools: www.betanews.com: Google Testing Web 'Page Creator' Beta. Read more fileforum.betanews.com: Process Explorer for Windows NT/2000/XP/2003 10.06. Read more   Vulnerabilities & Exploits www.zerodayinitiative.com: Adobe Macromedia ShockWave Code Execution. Read more www.h4cky0u.org: Oi! Email Marketing 3.0 SQL Injection. Read more securitytracker.com: Shockwave Player Buffer Overflow in ActiveX Installer Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: WinAce Buffer Overflow in ARJ Header Block Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: NOCC Has Multiple Bugs That Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks. Read more securitytracker.com: VisNetic AntiVirus Plug-in for Mail Server Lets Local Users Obtain Elevated Privileges. Read more securitytracker.com: InfoVista VistaPortal Discloses Files and Path to Remote Users. Read more securitytracker.com: zoo Buffer Overflow in fullpath() Lets Remote Users Cause Arbitrary Code to Be Executed. Read more securitytracker.com: Noah's Classifieds Has Multiple Bugs That Let Remote Users Include and Execute Arbitrary Code, Inject SQL Commands, and Conduct Cross-Site Scripting Attacks. Read more securitytracker.com: PEAR Auth Input Validation Bugs Let Remote Users Falsify Authentication Credentials. Read more securitytracker.com: Mozilla Thunderbird Validation Error in IFRAME SRC Tag Lets Remote Users Execute Arbitrary Javascript. Read more   News www.zone-h.org: FACING THE DEFACERS: ISLAMIC HACKER ARRESTED IN FRANCE. Read more news.com.com: MPAA sues newsgroup, P2P search sites. Read more www.techworld.com: Smaller businesses can't keep up with patches. Read more news.com.com: China plans spam crackdown. Read more www.vnunet.com: Spammers change distribution tactics. Read more www.eweek.com: Malware Honeypot Projects Merge. Read more www.informationweek.com: Zero-Day Exploit Turns Up Heat On Mac OS X. Read more www.charlotte.com: In quantum physics breakthrough, strange computer is on and off. Read more www.thestar.com: Prof says there's no hacker he can't foil. Read more

23 February 2006 Guides, Papers, etc articles.news.aol.com: staff.science.uva.nl: The Domain Name Service as an IDS. Read more www.antiphishing.org: Phishing Activity Trends Report. Read more taosecurity.blogspot.com: Brian Krebs Botmaster Interview. Read more www.securityfocus.com: Federico Biancuzzi interviews Solar Designer, creator of the popular John the Ripper password cracker. Read more www.itmanagersjournal.com: Interviewing hackers. Read more spamkings.oreilly.com: P2P spam scam. Read more www.honeynet.org: Know your Enemy: Phishing. Read more   Vulnerabilities & Exploits securitytracker.com: IA eMailServer Buffer Overflow in MAP SEARCH Command Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: RUNCMS Input Validation Error in 'ratefile.php' Permits Cross-Site Scripting Attacks. Read more securitytracker.com: SquirrelMail Input Validation Bugs Let Remote Users Inject IMAP Commands and Conduct Cross-Site Scripting Attacks. Read more securitytracker.com: CPG Dragonfly CMS Input Validation Holes in Multiple Modules Permit Cross-Site Scripting Attacks. Read more securitytracker.com: Winamp Buffer Overflow in Processing '.m3u' File 'cda' References May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: PEAR LiveUser Input Validation Flaws in Processing Cookies Let Remote Users Determine File Existence and Delete Files. Read more securitytracker.com: ViRobot Authentication Error Lets Remote Users Obtain Authentication Data and Gain Access to the Target System. Read more securitytracker.com: IBM Lotus Domino/Notes Archive Processing Buffer Overflow and Directory Traversal Bugs Let Remote Users Execute Arbitrary Code and Delete Files. Read more securitytracker.com: Tar on Red Hat Enterprise Linux Lets Remote Users Write Files. Read more securitytracker.com: Metamail Buffer Overflow Lets Remote Users Deny Service. Read more securitytracker.com: IBM Tivoli Directory Server Zero-Byte Write Error Lets Remote Users Deny Service. Read more securitytracker.com: Apple Safari Lets Remote Users Cause Shell Code to Be Executed by the Target User. Read more securitytracker.com: PHP-Nuke Input Validation Hole in Search Module Lets Remote Users Inject SQL Commands. Read more securitytracker.com: Magic Calendar Lite Input Validation Flaw in 'cms/index.php' Permits SQL Injection. Read more securitytracker.com: NJStar Chinese/Japanese Word Processor Buffer Overflow in Font Names Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Xerox WorkCentre Multiple Bugs in ESS/Network Controller and MicroServer Web Server Permit Remote Access, Denial of Service, and Cross-Site Scripting Attacks. Read more   News www.securityfocus.com: 12 arrested in email scam investigation. Read more www.theregister.co.uk: Unpatched Mac OS X hole poses critical risk. Read more blog.washingtonpost.com: Alarming Phishing Trends. Read more www.scmagazine.com: CSIA: Fight against spyware is on. Read more www.theregister.co.uk: Microsoft faces another anti-trust suit. Read more seattletimes.nwsource.com: Businesses get to try out new version of Windows. Read more www.theregister.co.uk: Google Perfect 10 thumbnails 'breach copyright'. Read more management.silicon.com: Google in court for copying porno. Read more news.zdnet.co.uk: Security fears over London's blanket Wi-Fi. Read more www.loosewireblog.com: Phishing and the Peril of Fonts. Read more news.com.com: IBM issues subpoenas for tech giants' SCO dealings. Read more www.betanews.com: Vista 'Enterprise CTP' Feature Complete. Read more news.com.com: FBI widens probe of debit-card theft. Read more www.esecurityplanet.com: Please, No More Promises from Bill Gates. Read more

22 February 2006 Guides, Papers, etc articles.news.aol.com: www.windowsdevcenter.com: Inside Look: Internet Explorer 7, Beta 2. Read more www.wormblog.com: Recent PHP Worm Activity. Read more articles.news.aol.com: Could Skype's Encrypted Calls Kill Wiretaps? Read more www.vortex.com: Video: Internet and Empires. Watch blogs.msdn.com: Internet Explorer Administration Kit and Group Policy in IE7. Read more honeyblog.org: Learning More About Attack Patterns With Honeypots. Read more www.wired.com: All Google's Roads Lead to Kansas. Read more   Vulnerabilities & Exploits www.waraxe.us: Bypassing CAPTCHA in phpNuke 6.x-7.9. Read more   News news.bbc.co.uk: Zombie PCs growing quickly online. Read more today.reuters.com: Microsoft blunder leaks information about Vista. Read more news.bbc.co.uk: Google defends China search site. Read more www.washingtonpost.com: Chinese Media Assail Google. Read more www.techtree.com: Google Search Violates Copyright. Read more software.silicon.com: Cyber bank robbers threaten ecommerce. Read more today.reuters.com: EU gets new complaint against Microsoft. Read more www.theregister.co.uk: The ugly face of crime. Read more news.com.com: Kaspersky update zaps Microsoft antivirus. Read more www.theregister.co.uk: Chinese hackers allegedly make a game of ID theft. Read more www.hs.fi: Two teenagers fined for spreading computer viruses. Read more www.usdoj.gov: Grand Jury Returns Indictment Charging Student with Accessing Protected Computer at University of Utah. Read more www.usdoj.gov: Utah Man Charged with Bringing down Wireless Internet Services in Vernal Region. Read more www.vnunet.com: Sophos sees OS X virus ghosts. Read more www.vnunet.com: Identity theft feeds $1bn gaming black market. Read more www.informationweek.com: With Gates Leading The Call, IT Vendors Eye Cooperation On IT Security. Read more www.vnunet.com: Gates poised for new IE as Firefox users gripe. Read more www.theinquirer.net: Washington Post fails to protect Deep Throat. Read more www.dailytech.com: Samsung Sued Over "Hacker-Friendly" DVD Player. Read more www.wired.com: Mac Attack a Load of Crap. Read more

21 February 2006 Guides, Papers, etc blogs.securiteam.com: PHP as a secure language? PHP worms? Read more www.securityfocus.com: Private identities become a corporate focus. Read more www.microsoft.com: Video Q&A between Bill Gates and Mike Nash, our Corporate Vice President of the Security Technology Unit. Watch www.uninformed.org: Bypassing Windows Hardware-enforced Data Execution Prevention. Read more www.financialexpress.com: It�s time to hone your hacking skills, legally. Read more www.sunherald.com: I've got 8 rules for fighting spyware. Read more news.bbc.co.uk: Who does the net think you are? Read more blog.washingtonpost.com: A Interview with 180Solutions' CEO. Read more software.silicon.com: Q&A: Cisco CSO John Stewart. Read more www.eweek.com: What Will Apple Do When the Malware Comes? Read more www.timesonline.co.uk: Computers make for chatty children. Read more   Vulnerabilities & Exploits securitytracker.com: Macallan Mail Solution IMAP Command Input Validation Error Lets Remote Authenticated Users View E-mail of Other Users. Read more   News www.theregister.co.uk: Political hacking scandal hits Hungary. Read more www.kaspersky.com: Bizanga partners with Kaspersky Lab. Rea more www.int.iol.co.za: China 'concerned' about Google's content. Read more www.terra.net.lb: Google operating without Internet license in China. Read more today.reuters.co.uk: Google denies acting unlawfully in China. Read more software.silicon.com: Cyber bank robbers threaten ecommerce. Read more www.theregister.co.uk: Active cookies aim to thwart cyber-crooks. Read more www.theregister.co.uk: Spammers adopt stealth tactics. Read more news.com.com: Google admits Desktop security risk. Read more www.interfax.cn: Chinese hackers accused of mass theft relating to online game Lineage in South Korea. Read more www.theregister.co.uk: Dell seeks damages from man called Dell. Read more www.chron.com: Next step comes in form of Windows Defender. Read more www.silicon.com: MP slams "out of control" DNA database. Read more

20 February 2006 Guides, Papers, etc www.virus.gr: Comparative tests of antivirus programs, 14-22 December 2005. Read more www.benedelman.org: Nonconsensual 180 Installations Continue, Despite 180's "S3" Screen. Read more blog.washingtonpost.com: Botnets: A Global Pandemic. Read more www.washingtonpost.com: Invasion of the Computer Snatchers. Read more blogs.securiteam.com: New Linux malware. Read more blogs.securiteam.com: More info on the new Linux worm. Read more itpolicy.princeton.edu: Lessons from the Sony CD DRM Episode. Read more www.informationweek.com: Yes, Trusted Computing is used for DRM. Read more www.fbi.gov: Remarks by Robert S. Mueller, III Director, Federal Bureau of Investigation 15 th Annual RSA Conference San Jose, California February 15, 2006. Read more arstechnica.com: Is Skype a haven for criminals? Read more www.oreillynet.com: Trojan or Worm? Read more ezine.daemonnews.org: Interview on Xen with Manuel Bouyer. Read more searchopensource.techtarget.com: The Dark Side of the Web. Read more   Vulnerabilities & Exploits securitytracker.com: Coppermine Photo Gallery Include File Bugs in 'include/init.inc.php' and 'docs/showdoc.php' Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Blue Coat ProxySG Policy Error May Let Remote Users Bypass Default CONNECT Policy Rules. Read more   News news.bbc.co.uk: Google throws out US data demand. Read more news.ft.com: China�s virtual cops pinpoint web dissent. Read more observer.guardian.co.uk: China crisis for Google bosses. Read more www.theinquirer.net: Microsoft fumes about security bounty. Read more www.commtouch.com: January Virus and Spam Statistics: 2006 Starts with a Bang. Read more www.chinatechnews.com: Beijing Mobile Suffers RMB3.7 Million Loss From Hacker's Attack. Read more www.redherring.com: Cell Phone Dead? Blame Virus. Read more www.kotaku.com: SPAM Alert: Fight Night 3 PSP Costs Privacy. Read more edition.cnn.com: Apple's ode to hackers. Read more www.esecurityplanet.com: IBM Takes Holistic Security Stance. Read more cooltech.iafrica.com: IBM makes chip breakthrough. Read more

18 February 2006 Guides, Papers, etc blogs.securiteam.com: Looking behind the smoke screen of the Internet: DNS recursive attacks, spamvertised domains, phishing, botnet C&C�s, International Infrastructure and you. Read more www.us-cert.gov: The Continuing Denial of Service Threat Posed by DNS Recursion. Read more cc.uoregon.edu: Non-UO Recursive Domain Name Server Access to be Curtailed February 1. Read more www.bellua.com: Bellua Cyber Security Asia 2006. Read more student.missouristate.edu: Microsoft's Blunder: The Windows Media Plug-in Exploit. Read more securityreason.com: Expanding Exposure: The Decreasing Time Between Web Application Vulnerability and Exploitation. Read more blogs.securiteam.com: Linux kernel remote DoS, 20 mailing lists to read, best security training and insecure appliances. Read more blogs.securiteam.com: Windows Media Exploit: Lesson Learned Yet? Read more www.gartner.com: Manage Google's Desktop Search Now or Lock It Out. Read more www.betanews.com: Interview: Microsoft Exec Talks IE7, RSS. Read more ddanchev.blogspot.com: How to win 10,000 bucks until the end of March? Read more reviews.cnet.com: Your smart phone has a dumb virus. Read more techrepublic.com.com: See why even a simple firewall is better than nothing. Read more wiredblogs.tripod.com: First Mac OS X Worm a Wake-Up Call. Read more itpolicy.princeton.edu: Lessons from the Sony CD DRM Episode. Read more www.infectionvectors.com: Frames and MetaFrames. Read more vascan.org: Botnets. Read more www.eweek.com: Time To Raise Prices�Internet Access is Too Cheap. Read more www.enterpriseserver.techweb.com: WMF: The Russians Are Coming! Read more www.redherring.com: Q&A: Congressman Tom Lantos. Human rights advocate denounces censorship, saying Internet companies �have to learn to show some guts.� Read more abcnews.go.com: Study: Internet Users Go Online for Fun. Read more   Vulnerabilities & Exploits retrogod.altervista.org: DocMGR <= 0.54.2 arbitrary remote inclusion. Read more retrogod.altervista.org: Linpha <= 1.0 multiple arbitrary local inclusion. Read more blogs.securiteam.com: Exploit: Head-2-head - H D Moore and Matthew Murphy (MS06-006). Read more securitytracker.co: APC PowerChute May Install a Vulnerable Version of JRE. Read more securitytracker.co: Netcool/NeuSecure Discloses Passwords to Local Users. Read more securitytracker.co: Gallery 'util.php' Include File Bug Lets Remote Users Execute Code Stored on the Local System. Read more securitytracker.co: PHPKIT 'include.php' Include File Bug Lets Remote Users Execute Arbitrary Code. Read more   News news.com.com: Google may have to fight second subpoena. Read more news.bbc.co.uk: UK holds Microsoft security talks. Read more www.forbes.com: Gates Poised For New IE As Firefox Users Gripe. Read more www.washingtonpost.com: Windows Flaw Makes Surfing Riskier. Read more www.pcworld.com: Vista's Encryption Could Vex Investigators. Read more www.theregister.co.uk: Panic spreads over Windows Vista 'back door' that never was. Read more news.com.com: Google to feds: Back off. Read more news.zdnet.com: New Trojans plunder bank accounts. Read more www.computerworld.com: Hackers follow Microsoft patches with malware. Read more blogs.securiteam.com: Cell phone operator sent 7000-large Government account information with unprotected e-mail. Read more seattletimes.nwsource.com: Microsoft finally adds security for Windows. Read more www.techweb.com: Gartner: Turn Off File Sharing In Google Desktop. Read more www.techweb.com: Firm Offers $10K Reward For Critical Windows Bug. Read more news.bbc.co.uk: New US plan to ban internet bets. Read more www.techweb.com: FBI Probes Auto-Surf Site, Ponzi Scam Alleged. Read more news.bbc.co.uk: Malicious worm aims to bite Apple. Read more www.securityfocus.com: Second OS X worm appears. Read more www.theregister.co.uk: Homeland security urges DRM rootkit ban. Read more www.theregister.co.uk: Techies in Microsoft licence reading bombshell. Read more searchsecurity.techtarget.com: Companies still not reporting attacks, FBI director says. Read more www.terra.net.lb: Court rejects release of Livedoor's Horie: reports. Read more news.bbc.co.uk: Man charged over Oscar 'piracy'. Read more

17 February 2006 Guides, Papers, etc www.msnbc.msn.com: Transcript of interview with Bill Gates. Read more www.windowsecurity.com: Securing the Network from Within (Part 2). Read more www.microsoft.com: It�s Me, and Here�s My Proof: Why Identity and Authentication Must Remain Distinct. Read more www.btplc.com: ONLINE IDENTITY THEFT. Read more www.informationweek.com: Microsoft Hones IE 7's Drive-by-Download Defenses. Read more blogs.securiteam.com: Comment spam and Xanga: create blogs to spam to? Read more blogs.securiteam.com: A few humble observations regarding the current state of InfoSEC. Read more blogs.securiteam.com: Australia: First WMF mass mailer ItW (phishing Trojan). Read more www.networkingpipeline.com: Google: Porn? Users Don't Want No Stinkin' Porn! Read more www.networkingpipeline.com: Google Desktop Privacy Dangers Are Overblown. Read more www.cs.wisc.edu: WYSINWYX: What You See Is Not What You eXecute. Read more   Tools: www.dest-unreach.org: socat - Multipurpose relay. Read more   Vulnerabilities & Exploits www.cybsec.com: Arbitrary File Read/Delete in SAP BC (Business Connector). Read more www.cisco.com: Cisco Security Advisory: TACACS+ Authentication Bypass in Cisco Anomaly Detection and Mitigation Products. Read more www.digitalarmaments.com: Gallery web-based photo gallery remote file execution. Read more securitytracker.com: SAP Business Connector Bugs Let Remote Users View or Delete Files and Conduct Phishing Attacks. Read more securitytracker.com: Cisco Traffic Anomaly Detector May Let Remote Users Bypass TACACS+ Authentication. Read more securitytracker.com: Cisco Guard May Let Remote Users Bypass TACACS+ Authentication. Read more   News www.securityfocus.com: OS X Trojan appears. Read more www.whatpc.co.uk: Mobile virus growth outpaces PC malware. Read more news.com.com: Homeland Security official suggests outlawing rootkits. Read more www.m2.com: Webroot reports new type of phishing trojans. Read more www.computerworld.com: DHS: Sony rootkit may lead to regulation. Read more software.silicon.com: New twist in Nasa hacker hearing. Read more www.securityfocus.com: Firms: Don't expect federated IDs soon. Read more www.tmcnet.com: Anti-virus companies slow to tackle Sony's spy software. Read more www.securitypronews.com: UK Wants Backdoor Into Windows. Read more www.watchguard.com: Movie Review: Firewall is all about the hack (in the writing sense). Read more

16 February 2006 Guides, Papers, etc www.cs.columbia.edu: Worm Propagation Strategies in an IPv6 Internet. Read more www.theglobeandmail.com: Scaling the firewall of digital censorship. Read more blogs.securiteam.com: Comment spam: drive-by sites, domains and spyware - analysis, samples and facts. Read more www.securityfocus.com: Privacy and anonymity. Read more ddanchev.blogspot.com: A timeframe on the purchased/sold WMF vulnerability. Read more ddanchev.blogspot.com: Detecting intruders and where to look for. Read more www.uninformed.org: Rootkit Technology: FUTo. Read more www.emailbattles.com: Rootkitted? Do NOT Re-Format That Hard Drive. Read more www.emailbattles.com: Rootkitters Lay in Wait for Vista 2006. Read more www.emailbattles.com: Rootkit Guru: Win 9x/ME Are Hopeless. Read more invisiblethings.org: Thoughts about Cross-View based Rootkit Detection. Read more www.siliconvalleysleuth.com: Things you don't want Google to find. Read more ia.rediff.com: The ultimate challenge for hackers. Read more www.pcworld.com: Avoid Viruses and Phishing Scams. Read more www1.cs.columbia.edu: A Self-Learning Worm Using Importance Scanning. Read more www1.cs.columbia.edu: On Instant Messaging Worms, Analysis and Countermeasures. Read more news.com.com: Video: Taking heat over censorship in China. Read more news.com.com: Video: Tech giants' 'nauseating collaboration' in China. Read more www.eff.org: A Code of Conduct for Internet Companies in Authoritarian Regimes. Read more   Vulnerabilities & Exploits securitytracker.com: PostgreSQL SET ROLE Validation Error Lets Remote Authenticated Users Obtain Elevated Privileges. Read more securitytracker.com: Sun Solaris in.rexecd(1M) on Kerberos Systems Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: Mac OS X Undocumented System Call Lets Local Users Deny Service. Read more securitytracker.com: Microsoft PowerPoint May Let Users Access Contents of the Temporary Internet Files Folder. Read more securitytracker.com: Microsoft Office Korean Input Method Editor Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: Microsoft Windows Web Client Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code. Read more securitytracker.com: Microsoft Windows IGMP Processing Bug Lets Remote Users Deny Service. Read more securitytracker.com: Windows Media Player Plug-in for 3rd Party Browsers Buffer Overflow in Processing EMBED Elements Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Windows Media Player Bitmap File Bug May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: RUNCMS Input Validation Flaw in 'pmlite.php' Permits SQL Injection Attacks. Read more securitytracker.com: Plume CMS Include File Error in 'prepend.php' Lets Remote Users Execute Arbitrary Commands. Read more securitytracker.com: ImageMagick SetImageInfo() Format String Bug May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Winamp Buffer Overflow in Processing '.m3u' File Names May Let Remote Users Execute Arbitrary Code. Read more   News www.washingtonpost.com: Internet Firms Address China Practices. Read more technology.guardian.co.uk: Pirates and bloggers beat China's great wall of propaganda. Read more news.com.com: Congressman quizzes Net companies on shame. Read more www.vnunet.com: Worms turn on Google to hunt for victims. Read more news.bbc.co.uk: Profile: Hacker Gary McKinnon. Read more news.com.com: Judge: Firm not negligent in failure to encrypt data. Read more www.theregister.co.uk: 'Pentagon hacker' wants to see Bush's John Hancock. Read more www.pcworld.com: FBI Director: Cyberthreats 'Fluid and Far-reaching'. Read more www.smh.com.au: 'Spam man' wins gold. Read more software.silicon.com: Proof: Employees don't care about security. Read more www.reghardware.co.uk: Patch posted to run Mac OS X 10.4.4 on 'generic PC'. Read more www.emailbattles.com: How Go Daddy Lost A Longtime Customer To A Phisher. Read more news.com.com: Oracle tried to buy open-source MySQL. Read more

15 February 2006 Guides, Papers, etc www.securescience.net: Emerging Threat Center Malware Analysis Report 02-February 2006, v1.1. Read more www.f-secure.com: HIDE 'N SEEK REVISITED -FULL STEALTH IS BACK. Read more www.blackhat.com: Rootkit Hunting vs. Compromise Detection. Read more blogs.msdn.com: Security and Compatibility with IE7. Read more ddanchev.blogspot.com: Look who's gonna cash for evaluating the maliciousness of the Web? Read more www.usenix.org: Botz-4-Sale: Surviving Organized DDoS Attacks That Mimic Flash Crowds. Read more www.viruslist.com: Love is in the Internet. Or is it? Read more belnet.dl.sourceforge.net: Tutorial of SQL Power Injector 1.0. Read more blogs.pcworld.com: Spyware Can Make Your PC Lie To You--Report. Read more www.wired.com: Spyware: What You Need to Know. Read more www.informationweek.com: 'Trusted Network Connect' Puts Hardware Security Agent In Every PC. Read more news.com.com: The man behind Cisco's security. Read more   Tools: www.sqlpowerinjector.com: SQL Power Injector is an application created in .Net 1.1 that helps the penetrating tester to inject SQL commands on a web page. Read more   News www.microsoft.com: Microsoft Security Bulletin MS06-004. Read more blogs.technet.com: Information about Today's Bulletin Release and MS06-007 on Microsoft Update/Windows Update. Read more www.f-secure.com: About the Hidden Smith Family. Read more www.kentucky.com: Tech firms feel the heat over China's firewall. Read more news.bbc.co.uk: Party elders attack China censors. Read more news.bbc.co.uk: Net firms face grilling on China. Read more today.reuters.co.uk: China shuts 76 Web sites in crackdown on piracy. Read more bink.nu: Gates Shares Microsoft�s Vision for a More Secure Future. Read more www.neowin.net: Bill Gates: RSA Keynote 2006. Read more news.xinhuanet.com: Microsoft unveils new security program for online transactions. Read more news.bbc.co.uk: UK holds Microsoft security talks. Read more software.silicon.com: Cyber security 'not keeping pace with threats'. Read more www.theregister.co.uk: Skype and Vonage: thank you, and goodnight. Read more weblogs.mozillazine.org: real world browser threats. Read more www.theregister.co.uk: OFT warns of online dating scams. Read more australianit.news.com.au: Hacker fights US extradition. Read more www.msnbc.msn.com: Man threatens to attack Olympic computers. Read more

14 February 2006 Guides, Papers, etc www.eusecwest.com: EUSecWest: Security Masters Dojo. Read more blogs.securiteam.com: Three exploits for HTML Help Workshop flaw released. Read more www.virusbtn.com: The trouble with rootkits. Read more www.microsoft.com: Windows Vista Step-by-Step Guides for IT Professionals. Read more isc.sans.org: Phollow the Phlopping Phish. Read more blog.washingtonpost.com: The New Face of Phishing. Read more ddanchev.blogspot.com: Recent Malware developments. Read more www.comp.leeds.ac.uk: Automatic Identification of Shipping Container Codes. Read more www.it-observer.com: AJAX Security. Read more www.time.com: Meet The Google Guys. Read more www.tcmagazine.info: Under Attack. Read more news.com.com: Video: Computer history on display. Watch news.com.com: ENIAC: The public's first glimpse of a computer. Watch news.com.com: Video: A computer pioneer flashes back to the '40s. Watch news.com.com: Video: Google's new desktop search. Watch www.cis.upenn.edu: Defending against Hitlist Worms using Network Address Space Randomization. Read more www.sfgate.com: How best to protect kids from online porn. Read more   Vulnerabilities & Exploits www.securiteam.com: Microsoft Internet Explorer Drag-and-Drop Redeux. Read more blogs.technet.com: Information on IE Drag and Drop Issue. Read more www.securiteam.com: Microsoft Internet Explorer Drag-and-Drop Redeux. Read more www.frsirt.com: Honeyd IP Reassembly Remote Virtual Hosts Detection Vulnerability. Read more securitytracker.com: phphg Multiple Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more securitytracker.com: SSH Tectia Server SFTP Logging Bug May Let Remote Authenticated Users Execute Arbitrary Commands. Read more securitytracker.com: libpng Buffer Overflow in png_set_strip_alpha() Lets Users Deny Service. Read more   News news.com.com: Google fixes China search bugs. Read more news.com.com: Web of intrigue widens in debit-card theft case. Read more www.theregister.co.uk: Dept of Homeland Security tests cyberterrorism response. Read more seattlepi.nwsource.com: Microsoft unveils mobile software to rival BlackBerry. Read more seattlepi.nwsource.com: Microsoft pushes InfoCard for secure online ID. Read more www.usatoday.com: Bill would keep servers out of China. Read more edition.cnn.com: Entwistle computer gives up sex secrets. Read more news.com.com: Spyware fight attracts a crowd. Read more www.informationweek.com: How To Avoid A St. Valentine's Day Malware Massacre. Read more www.technewsworld.com: 2006: 'Year of the Exploit' for OS X? Read more www.usdoj.gov: Florida Man Indicted for Causing Damage and Transmitting Threat to Former Employer�s Computer System. Read more www.local6.com: Woman Victimized By 'Keylogger' Spyware. Read more

13 February 2006 Guides, Papers, etc blog.washingtonpost.com: Microsoft Anti-Spyware Deleting Norton Anti-Virus. Read more www.acsa-admin.org: Design and Implementation of an Extrusion-based Break-In Detector for Personal Computers. Read more www.acsa-admin.org: Detecting Intra-enterprise Scanning Worms based on Address Resolution. Read more www.acsa-admin.org: Stealth Breakpoints. Read more www.pcworld.com: The New Virus Fighters. Read more blogs.securiteam.com: Comment Spam: new trends, failing counter-measures and why it�s a big deal. Read more www.microsoft.com: Microsoft Announces Beta Availability of ISA Server 2006 and Acquisition of a Web-Filtering Product from FutureSoft. Read more   Vulnerabilities & Exploits isc.sans.org: New Exploit for HTML Help Workshop vulnerability. Read more www.rs-labs.com: Multiple flaws in VHCS 2.x. Read more securitytracker.com: GnuTLS libtasn1 DER Decoding Bugs Let Remote Users Deny Service. Read more securitytracker.com: IBM Lotus Domino/Notes 'nldap.exe' Bug Lets Remote Users Deny Service. Read more securitytracker.com: IBM Domino Web Access Input Validation Flaws Permit Cross-Site Scripting Attacks. Read more   News news.netcraft.com: Payment Gateway StormPay Battling Sustained DDoS Attack. Read more news.bbc.co.uk: 'Cyber Storm' tests US defences. Read more blogs.siliconvalley.com: New from Google Labs: Google Information Security Catastrophe. Read more sltrib.com: AT&T sues small nonprofit company for hacking fees that trace back to it. Read more www.pcworld.idg.com.au: Movie 'Firewall' dramatizes dangers of ID theft. Read more seattletimes.nwsource.com: 3 accused of inducing ill effects on computers at local hospital. Read more www.redorbit.com: Tarari's Chip Catches Viruses Before They Hit. Read more www.news24.com: Website's name 'too rude'. Read more

11 February 2006 Guides, Papers, etc www.computerworld.com: Protecting your network against spoofed IP packets. Read more www.wired.com: The Rootkit of All Evil. Read more www.techworld.com: Dawn of the undead. Read more blog.washingtonpost.com: Letter From the Anti-Spyware Coalition Conference. Read more www.acsa-admin.org: ScriptGen: an automated script generation tool for honeyd. Read more www.thomas-apel.de: Generating Fingerprints of Network Servers and their Use in Honeypots. Read more blogs.msdn.com: Search in IE7. Read more blogs.msdn.com: Protected Mode in Vista IE7. Read more www.informationweek.com: Letter writers on Unix: 'Wake up, Guys!'. Read more   Tools: www.microsoft.com: Microsoft Office Visio 2003 Connector for the Microsoft Baseline Security Analyzer (MBSA) 2.0. Read more searchwinsystems.techtarget.com: Freeware helps admins monitor Windows log files in real time. Read more www.caida.org: Cuttlefish: Geographic Visualization Tool. Read more fileforum.betanews.com: 3d Traceroute 2.2.16.31 Beta. Read more news.com.com: VMware to test new high-end product. Read more   Vulnerabilities & Exploits www.idefense.com: BM Lotus Domino Server LDAP DoS Vulnerability. Read more securitytracker.com: eyeOS Initialization Error in $_SESSION Array Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: CPAINT Input Validation Hole in 'cpaint2.inc.php' Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Indexu Include File Flaw in 'application.php' Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: HP Tru64 UNIX DNS BIND4/BIND8 Facilitates Cache Corruption Attacks. Read more securitytracker.com: HP Insight Manager Directory Traversal Bugs Let Remote Users Obtain Files on the Target System. Read more securitytracker.com: Sun Java System Directory Server LDAP Processing Bug Lets Remote Users Deny Service. Read more securitytracker.com: PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: SPIP Include File Bug in 'spip_rss.php' Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: CPG Dragonfly Include File Bug in 'install.php' Lets Remote Users Execute Arbitrary Code. Read more   News www.sophos.com: Bagle worm spreading widely as "February Price" email. Read more itvibe.com: Return of the Bagle worm, new variant spreading fast. Read more www.vnunet.com: Web giants slammed over China policy. Read more www.theregister.co.uk: Yahoo! in second Chinese dissident rumpus. Read more www.theregister.co.uk: EFF issues Google Desktop warning. Read more www.extremetech.com: One In Two PCs Won't Run Vista's 3D Interface. Read more www.theregister.co.uk: Google to get a handle on handwriting. Read more arstechnica.com: FTC considers going after companies that advertise with adware. Read more www.infoworld.com: Symantec moving ahead with database appliance. Read more www.vnunet.com: Japan leads the way in spam relay prevention. Read more www.viruslist.com: Official US cyber security survey launched. Read more www.wlns.com: Companies Hiring Hackers to Break into Their Computers. Read more www.theinquirer.net: Ericsson claims first antivirus for mobile operators. Read more

10 February 2006 Guides, Papers, etc blogs.securiteam.com: Google Copies Your Hard Drive - Government Smiles in Anticipation. Read more money.cnn.com: Privacy issues in Google desktop upgrade. Read more www.businessweek.com: Outrunning China's Web Cops. Read more blogs.washingtonpost.com: Virus Naming Still a Mess. Read more www.caida.org: The Nyxem Email Virus: Analysis and Inferences. Read more research.sun.com: Security, Wiretapping, and the Internet. Read more www.informationweek.com: Review: Microsoft Internet Explorer 7, Firefox, And Other Browsers In Four-Way Shootout. Read more www.hotwired.com: Webmonkey First Look: IE7 Beta2 Preview. Read more blogs.msdn.com: Protected Mode in Vista IE7. Read more msdn.microsoft.com: Understanding and Working in Protected Mode Internet Explorer. Read more www.invisiblethings.org: Thoughts about Cross-View based Rootkit Detection. Read more www.scs.carleton.ca: Addressing Malicious SMTP-based Mass-Mailing Activity Within an Enterprise Network. Read more ddanchev.blogspot.com: The War against botnets and DDoS attacks. Read more www.ecs.soton.ac.uk: Hunting the initial vector. Read more www.cioupdate.com: Decrypting Encryption Myths. Read more www.securityfocus.com: WiFi for dummies. Read more www.webpronews.com: How To Deal With Wireless Encryption Security Threats. Read more www.emailbattles.com: Black Hat Fingers Email As Easy Target. Read more   News www.theregister.co.uk: Islamist hackers attack Danish sites. Read more www.vnunet.com: Hackers take Mohammed cartoon jihad online. Read more www.crn.com: Spyware Barely Touches Firefox. Read more www.tmcnet.com: Computer anti-virus experts warn that Valentine's Day opens the way for spyware, spam and viruses. Read more www.microsoft.com: Microsoft Security Bulletin Advance Notification. Read more news.zdnet.co.uk: Microsoft widens legal protection. Read more news.bbc.co.uk: Spyware warriors call for action. Read more news.com.com: Advertisers may face public humiliation over adware. Read more www.linuxdevices.com: Hacker showcase this weekend in San Francisco. Read more www.informationweek.com: Homeland Security Readies International Cyber-Wargame. Read more www.informationweek.com: Microsoft Enters Consumer Security Battle With Symantec. Read more

09 February 2006 Guides, Papers, etc techrepublic.com.com: Securing an auto logon in Windows XP. Read more www.windowsecurity.com: Generating Resultant Set of Policy Queries. Read more www.eweek.com: By Larry Seltzer. Goodmail Is a Much Misunderstood Solution. Read more csrc.nist.gov: Guidelines for Media Sanitization. Read more   Vulnerabilities & Exploits sunsolve.sun.com: Security Vulnerabilities in the Java Runtime Environment may Allow an Untrusted Applet to Elevate its Privileges. Read more securitytracker.com: GA's Forum Input Validation Hole in 'archive.asp' Permits SQL Injection Attacks. Read more securitytracker.com: QNX Neutrino RTOS Multiple Bugs Let Local Users Gain Elevated Privileges. Read more securitytracker.com: QNX RTOS Unspecified Bug Lets Local Users Deny Service and 'rc.local' Configuration Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: Java Web Start Bug Lets Remote Applets Gain Privileges on the Target User's System. Read more securitytracker.com: Sun Java Runtime Environment (JRE) Reflection API Multiple Bugs Let Applets Gain Elevated Privileges. Read more securitytracker.com: Microsoft Windows UPnP/NetBT/SCardSvr/SSDP Services May Be Incorrectly Configured By 3rd Party Applications, Allowing Local Users to Gain Elevated Privileges. Read more securitytracker.com: vwdev Input Validation Hole Permits SQL Injection Attacks. Read more securitytracker.com: Lexmark Printer Sharing Service Lets Remote Users Execute Arbitrary Code on the Target User's System. Read more securitytracker.com: IBM Lotus Domino/Notes LDAP Bug Lets Remote Users Deny Service. Read more   News www.theregister.co.uk: Russian keyloggers hit bank customers. Read more news.bbc.co.uk: Chinese man 'jailed due to Yahoo'. Read more www.smh.com.au: Man jailed for posting critical comment online. Read more news.bbc.co.uk: Microsoft tackles security rivals. Read more www.techcrunch.com: Google Desktop 3.0: Privacy is Dead(er). Read more www.usatoday.com: U.S. plans massive data sweep. Read more www.betanews.com: MS Discloses Limited WMF Vulnerability. Read more www.computerworld.com.au: Attack code published for Firefox flaw. Read more www.timesonline.co.uk: Suicide mystery in Greek spy scandal. Read more www.theregister.co.uk: Spanish hacker jailed for two years. Read more www.computerworld.com: McAfee launches bot-killing system. Read more news.bbc.co.uk: Anti-cartoon protests go online. Read more

08 February 2006 Guides, Papers, etc www.securityfocus.com: Apple's in the eye of flaw finders. Read more www.securityfocus.com: Blackmal down, but may not be out. Read more www.wired.com: Spinning Suspicious Searches. Read more www.computerworld.com.au: A new view of security in Vista. Read more www.sysinternals.com: Using Rootkits to Defeat Digital Rights Management. Read more www.securityfocus.com: Help! My box has been owned...Read more blogs.securiteam.com: Researchers and Wiki and Pederasts - Oh my! Read more searchsecurity.techtarget.com: Web application firewalls create breathing room. Read more www.rootsecure.net: Locate almost anyone in the UK without their permission. Read more   Vulnerabilities & Exploits securitytracker.com: Heimdal RSHD Credential Cache Bug Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: Clever Copy Input Validation Hole in 'mailarticle.php' Permits SQL Injection Attacks. Read more securitytracker.com: cPanel 'mime/handle.html' Input Validation Bug Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Borland Delphi-BCB/Compiler Integer Overflow May Let Users Execute Arbitrary Code. Read more   News software.silicon.com: 'New Windows security concerns in the wild', says Microsoft. Read more www.eweek.com: Microsoft Gives Workarounds for New IE, Windows Flaws. Read more www.theregister.co.uk: Microsoft details Windows antivirus pricing. Read more www.theage.com.au: Internet spins spy web for China. Read more news.com.com: Politicos divided on need for 'net neutrality' mandate. Read more www.sophos.com: Spanish hacker sentenced to two years in jail for DDoS attack. Read more blogs.zdnet.com: More on the University of Washington spyware study. Read more www.zone-h.org: Prophet Mohammed protest spreads on the digital ground. Hundreds of cyber attacks against Danish and western webservers spreading rage in the name of Allah. Read more www.theregister.co.uk: Drive-by downloads on the wane. Read more www.msnbc.msn.com: Yahoo, AOL plan fee for bypassing spam filters. Read more www.msnbc.msn.com: Google treads on Microsoft turf in Dell deal. Read more www.vnunet.com: Rule change aids China cyber-squatters. Read more news.bbc.co.uk: Global wi-fi plan gets $22m boost. Read more news.bbc.co.uk: Google takes aim at chat rivals. Read more www.technewsworld.com: Maker of CD Copying Software Relents on Security. Read more

07 February 2006 Guides, Papers, etc www.websensesecuritylabs.com: Technical Analysis of MS06-001. Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919). Read more www.caida.org: The Nyxem Email Virus: Analysis and Inferences. Read more www.symantec.com: When Malware Meets Rootkits. Read more www.symantec.com: The Evolution of Malicious IRC Bots. Read more www.infosecwriters.com: The Role of Modeling and Simulation in Information Security The Lost Ring. Read more blogs.securiteam.com: Memoirs of a (media hound) virus researcher. Read more www.webappsec.org: Domain Contamination. Read more www.cs.washington.edu: A Crawler-based Study of Spyware on the Web. Read more www.contractoruk.com: Is Windows really more secure than Linux? Read more searchopensource.techtarget.com: Fortifying Linux against common malware. Read more ddanchev.blogspot.com: The current state of IP spoofing. Read more www.eweek.com: Join the Spyware Fight. Read more castlecops.com: Identity Stolen... Now what? Read more weblogs.mozillazine.org: Where Did Firefox Come From? Read more   Tools: www.betanews.com: VMware Launches Free Server Beta. Read more   Vulnerabilities & Exploits securitytracker.com: Microsoft HTML Help Workshop Buffer Overflow in Processing .hhp Files Lets Remote User Execute Arbitrary Code. Read more securitytracker.com: CommuniGate Pro LDAP Bug Lets Remote Users Deny Service. Read more securitytracker.com: PluggedOut Blog Input Validation Bugs Permit SQL Injection and Cross-Site Scripting Attacks. Read more securitytracker.com: Hosting Controller Input Validation Holes in 'AddGatewaySettings.asp' and 'IPManager.asp' Permit SQL Injection. Read more   News www.securityfocus.com: Spyware remains rampant as Winamp exploited. Read more www.theregister.co.uk: Kama Sutra a wet blanket. Read more www.vnunet.com: US prepares to hack the world. Read more www.vnunet.com: Google blacklists page rank cheats. Read more news.zdnet.co.uk: Spam campaigners reject email payment plan. Read more www.silicon.com: Spamhaus hits out at paid-for email delivery plan. Read more software.silicon.com: Microsoft antivirus product due before summer. Read more www.washingtonpost.com: Varied Rationales Muddle Issue of NSA Eavesdropping. Read more blog.eweek.com: NSA uses D-Shield, too! Read more news.bbc.co.uk: Global wi-fi plan gets $22m boost. Read more news.bbc.co.uk: BT sounds child web porn warning. Read more

06 February 2006 Guides, Papers, etc astalavista.com: Chinese Hackerism in Retrospect : The Legend of a New Revolutionary Army. Read more blogs.securiteam.com: Where are all the victims of CME-24/BlackWorm? Read more www.rootkit.com: The definition of a rootkit. Read more news.zdnet.com: FAQ: When Google is not your friend. Read more reviews.cnet.com: Whom do you trust? Read more searchwindowssecurity.techtarget.com: Keylogger basics. Read more www.vnunet.com: MyDoom and the art of misdirection. Read more www.eweek.com: A Slow Death for ActiveX? Read more Patch Me Up by the geek band, Rootkit. Listen   Tools: www.northern-monkee.co.uk: BobCat is a tool to aid a security consultant in taking full advantage of SQL injection vulnerabilities. It is based on a tool named "Data Thief" that was published as PoC by appsecinc. BobCat can list the linked severs, database schema, and allow the retrieval of data from any table that the current application user has access to. Read more www.betanews.com: VMware to Give Away Server Software. Read more   Vulnerabilities & Exploits securityreason.com: phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin. Read more securitytracker.com: Loudblog Include File Bug Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: IBM Tivoli Access Manager Input Validation Hole in Web Server Plug-in 'pkmslogout' Script Lets Remote Authenticated Users Traverse the Directory. Read more securitytracker.com: NeoMail Input Validation Flaw in 'date' Parameter Permits Cross-Site Scripting Attacks. Read more   News business.timesonline.co.uk: Rumours mount over Google's internet plan. Read more www.vnunet.com: Hackers writing zero-day malware to order. Read more www.technewsworld.com: Kama Sutra Is All Tease and No Action. Read more www.int.iol.co.za: Google's good-guy image starting to wear thin. Read more www.timesonline.co.uk: Google blacklists BMW in Germany. Read more www.vnunet.com: Firms take control of IT security standards. Read more news.bbc.co.uk: E-mail charging plan to beat spam. Read more www.livescience.com: Study Notes Decline in Internet Spyware. Read more www.tgdaily.com: Chinese hackers going after game information. Read more news.bbc.co.uk: One in eight 'harassed by e-mail'. Read more www.kbcafe.com: Ringo is Malware. Read more news.com.com: Smoking out photo hoaxes with software. Read more

04 February 2006 Guides, Papers, etc www.securityfocus.com: Malicious Malware: attacking the attackers, part 2. Read more www.securitypipeline.com: How It Works: Polymorphs: Attack of the Mutant Virus. Read more news.bbc.co.uk: Sign software on the digital line. Read more www.windowsecurity.com: Caveat Lector: Authentication, the Forgotten, Should-be Predominant. Read more news.com.com: Verbatim: Search firms surveyed on privacy. Read more   Vulnerabilities & Exploits securitytracker.com: eXchange POP3 Server Buffer Overflow in SMTP RCPT TO Command Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Adobe Illustrator File/Folder Access Control Error Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: Adobe Photoshop File/Folder Access Control Error Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: Adobe Creative Suite File/Folder Access Control Error Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: KDE kpdf Heap Overflow in Splash Rasterizer Engine Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: CA Unicenter TNG Message Queuing Bugs Let Remote Users Deny Service. Read more securitytracker.com: Mozilla Firefox Multiple Vulnerabilities May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: SZUserMgnt Input Validation Flaw in 'SZUserMgnt.class.php' Permits SQL Injection Attacks. Read more   News www.securityfocus.com: Blackmal deletion day appears a dud. Read more www.theregister.co.uk: Virus floors Russian stock exchange. Read more seattlepi.nwsource.com: Researchers fear confusion on worm name. Read more www.dailytech.com: Great Google Firewall of China Relaxed for Six Hours. Read more www.webuser.co.uk: F-Secure falls victim to spoofers. Read more www.spamdailynews.com: Google.cn blocked by China's government. Read more blogs.zdnet.com: Decrease in spyware on the net? Read more

03 February 2006 Guides, Papers, etc www.blackhat.com: Black Hat Europe 2006. Read more www.caida.org: Botnet Detection and Response: The Network is the Infection. Read more www.reverse.net: Operation Cyberslam. Read more www.cs.washington.edu: A Crawler-based Study of Spyware on the Web. Read more 209.59.135.198: The Great Anti-Virus Conspiracy. Read more   Tools: fileforum.betanews.com: RootkitRevealer 1.7. Read more   Vulnerabilities & Exploits securitytracker.com: Sun Java System Access Manager May Let Local Users Obtain Elevated Privileges. Read more securitytracker.com: FreeBSD TCP SACK Processing May Let Remote Users Deny Service. Read more securitytracker.com: Winamp Error in Processing m3u/pls Files With '.wma' File Extension Lets Remote Users Deny Service. Read more securitytracker.com: Netscape '-moz-binding' Property Validation Flaw Lets Remote Users Conduct Cross-Domain Scripting Attacks. Read more securitytracker.com: Symantec Sygate Management Server Input Validation Error Lets Remote Users Inject SQL Commands to Gain Administrative Access. Read more securitytracker.com: Calendarix Input Validation Bugs in cal_functions.inc.php and cal_login.php Permit SQL Injection Attacks. Read more securitytracker.com: Microsoft Internet Explorer Shockwave Flash Scripting Bug Lets Remote Users Deny Service. Read more securitytracker.com: MailEnable Professional IMAP EXAMINE Command May Let Remote Authenticated Users Deny Service. Read more securitytracker.com: Solaris 10 x64 Kernel setcontext() Bug Lets Local Users Deny Service. Read more securitytracker.com: SPIP Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more securitytracker.com: IronMail "Denial of Service Protection" Lets Remote Users Deny Service. Read more securitytracker.com: FarsiNews Include File Bug in 'logout.php' Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Mozilla Firefox '-moz-binding' Property Validation Flaw Lets Remote Users Conduct Cross-Domain Scripting Attacks. Read more securitytracker.com: Winamp Buffer Overflow in Processing Playlist Files Lets Remote Users Execute Arbitrary Code. Read more   News www.theregister.co.uk: Google cops more flak over China. Read more news.zdnet.co.uk: Russian hackers 'sold WMF exploit'. Read more news.bbc.co.uk: Computer threat from Nyxem virus. Read more sunbeltblog.blogspot.com: Winamp exploit found in the wild. Read more www.internetnews.com: A Sobering Report on Viruses. Read more www.vnunet.com: Mozilla plugs eight Firefox security holes. Read more www.informationweek.com: Feds Charge 19 In Piracy Ring. Read more www.internetnews.com: IBM: Users Are The Weak Link in Security. Read more www.emailbattles.com: CME-24 Porn Virus: First Unplug Your Network! Read more itvibe.com: Spammed trojan horse poses as CCTV picture of campus rapist. Read more www.technewsworld.com: January Busy Month for Malware Authors. Read more news.com.com: Judge postpones Google subpoena hearing. Read more news.zdnet.co.uk: Microsoft security chief attacks government. Read more

02 February 2006 New Trojans January 2006. Read more   Guides, Papers, etc blogs.securiteam.com: CME-24 (Blackworm) - First Results Of Damage Already Seen. Read more www.securitypipeline.com: How It Works: Polymorphs: Attack of the Mutant Virus. Read more se.securitypipeline.com: Five Ways To Keep Your Google Searches Private. Read more www.computerworld.com: Sidebar: A Simple Rootkit Example. Read more www.ebankingsecurity.com: Why eBanking is Bad for your Bank Balance. Read more www.esecurityplanet.com: New HIPS Technology Takes on Zero-Day Attacks. Read more blogs.washingtonpost.com: Research: Buggy, Flawed 'ActiveX' Controls Pervasive. Read more www.securitypipeline.com: Anatomy Of A Break-In. Read more   News www.microsoft.com: Microsoft Outlines Policy Framework for Dealing with Government Restrictions on Blog Content. Read more news.com.com: Gates: Web site censorship doesn't work. Read more www.theregister.co.uk: Microsoft changes China policy. Read more www.securityfocus.com: Blackmal virus set to delete files. Read more www.theregister.co.uk: Kama Sutra worm crashes malware chart. Read more www.theregister.co.uk: Old media wants new deal with search engines. Read more www.vnunet.com: Microsoft flooded with IE7 bug reports. Read more today.reuters.com: US accuses cyber-piracy group of 'massive' theft. Read more www.newsfactor.com: Security Heavyweights Join To Fight Spyware. Read more www.informationweek.com: CERT Stats Under Fire. Read more news.com.com: British ISPs must turn in customer details. Read more www.vnunet.com: Small firms face IT security risk. Read more www.securitypipeline.com: All the Rage: Worms Turn Against IM. Read more news.bbc.co.uk: ID theft 'contained' says study. Read more www.informationweek.com: Microsoft Won't Issue Advance Kama Sutra Fix. Read more news.com.com: How to evade Google search. Read more www.redherring.com: Analysts Rush to Google�s Side. Read more www.redherring.com: Gates Funds Community Tech. Read more www.redherring.com: Banks Press for Data Safety. Read more

01 February 2006 Guides, Papers, etc www.securityfocus.com: Malicious Malware: attacking the attackers, part 1. Read more www.securityfocus.com: Nmap 4.00 with Fyodor. Read more nwc.networkingpipeline.com: Russian Security Guru: Here Are Your Biggest Network Holes. Read more searchsecurity.techtarget.com: Security Bytes: Firefox flaw could expose sensitive data. Read more ddanchev.blogspot.com: Was the WMF vulnerability purchased for $4000?! Read more ddanchev.blogspot.com: Security Interviews 2004/2005 - Part 3. Read more www.tectonic.co.za: OSS is an easier hack: Mitnick. Read more www.cs.princeton.edu: Windows Access Control Demystified. Read more www.computerworld.com.au: Why seven-layer security is crucial for networks. Read more www.theregister.co.uk: VMware's Chief promises to play nice with Microsoft and Xen. Read more www.glop.org: Boycott Starforce. Read more   Tools: www.piotrbania.com: OPEN SOURCE DISASSEMBLER ENGINE. Read more   Vulnerabilities & Exploits securitytracker.com: HP Tru64 UNIX BIND Flaw May Let Remote Users Gain Privileged Access. Read more securitytracker.com: PmWiki Include File Bug Lets Remote Users Execute Arbitrary Code and Input Validation Bugs Permit Cross-Site Scripting, and Path Disclosure Attacks. Read more   News www.microsoft.com: Microsoft Security Advisory (904420). Read more www.securityfocus.com: Data leaks already inundating 2006. Read more www.theregister.co.uk: Winamp exploit poses hacker risk. Read more www.boingboing.net: Anti-copying malware installs itself with dozens of games. Read more www.boingboing.net: StarForce threatens to sue me for criticizing its products. Read more www.theregister.co.uk: Spyware probe couple deported to Israel. Read more spamkings.oreilly.com: Author of MySpace bot denies wrongdoing. Read more www.upi.com: British millionaire faces hacking charges. Read more www.betanews.com: Microsoft Releases Public IE7 Preview. Read more www.betanews.com: AT&T Sued for Opening Network to NSA. Read more

Copyright� MegaSecurity.org