Home    News Archive    Translate Traducen

News March 2006

31 March 2006 Guides, Papers, etc www.benedelman.org: Advertisers Funding Direct Revenue. Read more insecuremag.com: (IN)SECURE Magazine ISSUE 1.6 (March 2006). Read more people.deas.harvard.edu: Why Phishing Works. Read more www.windowsecurity.com: Best Practices for Configuring Group Policy Objects. Read more www.joystiq.com: Sony trounces MSFT & Nintendo in brand trust survey. Read more   Vulnerabilities & Exploits securitytracker.com: Sun Cluster SunPlex Manager May Let Certain Local Users Access Restricted Files. Read more securitytracker.com: NetBSD elf_load_file() Validation Error Lets Local Users Crash the System. Read more securitytracker.com: NetBSD mail(1) May Set Insecure File Permissions on Record File. Read more securitytracker.com: NetBSD if_bridge() May Disclose Portions of Kernel Memory to Local Users. Read more securitytracker.com: TWiki Access Control Bugs in rdiff and preview May Let Remote Users Access Restricted Content. Read more   News informationweek.com: Justice Department Subpoenas Reach Far Beyond Google. Read more www.theregister.co.uk: VXers add rootkit tech to MyDoom and Bagle. Read more www.businessweek.com: This Worm Is Nasty, Brutish, And Sneaky. Read more isc.sans.org: Microsoft Altering ActiveX in Next Set of Patches (NEW). Read more www.securityfocus.com: Spat over cell-phone spy program. Read more blogs.zdnet.com: Spyware in you cell phone � what next? Read more www.eweek.com: Hackers Use BBC News as IE Attack Lure. Read more blog.washingtonpost.com: RealNetworks Fixes Critical Media-Player Flaws. Read more news.zdnet.co.uk: Systems should be sold secure, says Interpol. Read more software.silicon.com: Vendors failing to secure applications. Read more news.zdnet.com: Microsoft extends life of security scanner. Read more news.zdnet.co.uk: Microsoft: 'Harden your environment'. Read more www.computerworld.com: Hacker hits Georgia state database via hole in security software. Read more www.firstcoastnews.com: College Student Charged in Hacking. Read more www.theregister.co.uk: Judge quashes MS bid to subpoena Oracle and Sun. Read more www.theregister.co.uk: Packet-sniffing techie uncovers spousal infidelity. Read more

30 March 2006 Guides, Papers, etc isc.sans.org: Windows Command-Line Kung Fu with WMIC (NEW). Read more news.com.com: Gates scopes out the business landscape. Read more blog.washingtonpost.com: When Macs Attack. Read more www.securityfocus.com: Open source security testing methodology. Read more www.itweek.co.uk: Do virtual machines weaken security? Read more www.techworld.com: Let down by McAfee. Read more www.technewsworld.com: Thefts Prompt Products That Do More to Secure Laptops. Read more   Tools: blogs.securiteam.com: diStorm - very quick (open source) stream disassembler. Read more tamspalm.tamoggemon.com: Google page creator review. Read more   Vulnerabilities & Exploits www.hardened-php.net: Advisory 03/2006: KisMAC Cisco Vendor Tag Encapsulated SSID Overflow. Read more securitytracker.com: MPlayer Integer Overflows in Processing ASF and AVI Headers Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Horde Application Framework Bug Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: ExplorerXP Input Validation Hole Permits Directory Traversal and Cross-Site Scripting Attacks. Read more securitytracker.com: Genius VideoCAM Snapshot Viewer Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: Blazix Server Discloses JSP Source Code to Remote Users. Read more securitytracker.com: VSNS Lemon Input Validation Holes Let Remote Users Inject SQL Commands and Cross-Site Scripting. Read more   News www.virus.org: Symbian Commercial Spyware Released. Read more software.silicon.com: Mobile spy software is 'a Trojan', says F-Secure. Read more www.securityfocus.com: Patches released for zero-day IE threat. Read more www.infoworld.com: After IE attacks, Microsoft eyes security betas. Read more blog.eweek.com: Microsoft Cautions Again on 3rd-Party Patches. Read more www.thedailywtf.com: The Spider of Doom. Read more www.theregister.co.uk: DNS hackers target domain registrars. Read more www.techworld.com: Open-source guru creates new ID system. Read more www.itweek.co.uk: Rumours rife over Google stake in Chinese ISP. Read more www.techworld.com: Porn surfing blamed for security woes. Read more www.theregister.co.uk: Joe-job spammers shift tactics to evade filters. Read more www.theregister.co.uk: German downloaders face two years' prison. Read more

29 March 2006 Guides, Papers, etc blogs.securiteam.com: Counters say MSIE 0-day exploit is extremely popular. Read more blogs.securiteam.com: Two Unofficial createTextRange() IE Patches. Read more hacks.oreilly.com: Scan for Viruses with Knoppix. Read more os.newsforge.com: Interview: Theo de Raadt of OpenBSD. Read more www.it-observer.com: Stealth Malware: Interview with Joanna Rutkowska. Read more www.nzherald.co.nz: Creator's vision of open net. Read more blogs.zdnet.com: Day 3: Stein: "In 5-10 years, most of the software you use will be free". Read more   Vulnerabilities & Exploits Sun Grid Engine 'rsh' Bug Lets Local Users Obtain Root Privileges. Read more HP-UX Unspecified Bug in passwd Lets Local Users Deny Service. Read more Sun Solaris '/usr/ucb/ps' May Disclose Sensitive Information to Local Users. Read more Veritas NetBackup Buffer Overflows in vmd, bpdbm, and bpspsserver Daemons Let Remote Users Execute Arbitrary Code. Read more   News www.techworld.com: DNS servers hit by more denial-of-service attacks. Read more www.terra.net.lb: Yahoo co-founder defends support for 'Great Firewall of China'. Read more searchsecurity.techtarget.com: Fresh Bagels offer baked-in rootkits. Read more www.technewsworld.com: Microsoft's Slow Reflexes Prompt Outside Firms to Fix IE Flaw. Read more news.com.com: Gates on the speed of Windows updates. Read more www.betanews.com: Microsoft Opens Public IE Bug Database. Read more www.eweek.com: Anti-malware Vendors Stare Down Microsoft Threat. Read more money.cnn.com: The sleeping giant goes on the offensive. Read more www.redherring.com: Hello, It�s Jajah Calling. A new Luxembourg company may hang up the phone on Skype. Read more www.vnunet.com: Holographic breakthrough crams in 0.5TB per square inch. Read more blogs.zdnet.com: How about some Fried Phish? Read more www.sophos.com: Beware of increase in child-porn spam, Sophos warns. Read more

28 March 2006 Guides, Papers, etc edition.cnn.com: CHINA AND INTERNET CENSORSHIP. Read more www.s-3con.com: Software Security Summit� 2006. Read more domino.watson.ibm.com: Billy Goat, an Accurate Worm-Detection System (Revised Version). Read more www.eweek.com: In Internet Security, How Critical Is Critical? Read more www.linux-watch.com: Why is anyone still using Internet Explorer? Read more durangoherald.com: In PC world, fight against evil never ends. Read more ddanchev.blogspot.com: Are cyber criminals or bureaucrats the industry's top performer? Read more usa.visa.com: Payment Card Industry Data Security Standard. Read more   Vulnerabilities & Exploits securitytracker.com: G-Book Lack of Input Validation in Message Conents Permits Cross-Site Scripting Attacks. Read more securitytracker.com: phpAdsNew Input Validation Holes in Admin Scripts and Login Form Permit Cross-Site Scripting Attacks. Read more securitytracker.com: phpPgAds Input Validation Holes in Admin Scripts and Login Form Permit Cross-Site Scripting Attacks. Read more www.securityfocus.com: Microsoft Windows XP SP2 Firewall issue. Read more   News news.zdnet.com: Third party offers temporary IE fix. Read more www.vnunet.com: Panda roots out rootkits. Read more www.techweb.com: FTC Smacks Spammer With $900,000 Fine. Read more www.theregister.co.uk: Israel jails spyware-for-hire couple. Read more www.zdnet.com.au: No security silver bullet for Vista: Microsoft. Read more www.theregister.co.uk: S'kiddies get into spyware for just $15. Read more www.theregister.co.uk: Four 419 scammers indicted, 800 to go. Read more www.theregister.co.uk: 'Critical' IE bug threatens PC users. Read more www.informationweek.com: IT Confidential: Hey, Google, Are You Paying Attention? Read more auctionbytes.com: PayPal Security Flaw Makes eBay and PayPal Users Vulnerable to Phishers. Read more www.computerweekly.com: McAfee anti-virus glitch leaves firms struggling to restore systems. Read more www.computerweekly.com: Banks tread warily over two-factor security. Read more Microsoft Opens Public IE Bug Database. Read more arstechnica.com: Take a sneak peek at Google's new interface. Read more news.xinhuanet.com: Hotmail-targeted computer viruses could attack China. Read more www.vnunet.com: Phishers stick the boot into World Cup fans. Read more bugzilla.mozilla.org: Firefox Bug Causes Relationship to Break Up. Read more

27 March 2006 Guides, Papers, etc isc.sans.org: Modified Malware for the IE Expoit. Read more www.iht.com: Burden of the years weighs on Windows. Read more youtube.com: Video: Bill Gates being grilled by US anti-trust lawyers. Watch www.linux.com: Making the jump to Linux: Six frustrations. Read more blogs.zdnet.com: SpywareQuake - newest rogue, replacing SpyFalcon and SpyAxe. Read more news.com.com: Windows is so slow, but why? Read more   Vulnerabilities & Exploits blogs.securiteam.com: Internet Explorer createTextRange() 0day ITW Exploit. Read more securitytracker.com: @1 File Store Input Validation Flaws Permit Cross-Site Scripting and SQL Injection Attacks. Read more securitytracker.com: Microsoft ASP.NET Incorrect COM Component Reference Lets Remote Users Deny Service. Read more securitytracker.com: CoMoblog Lack of Input Validation in 'img.php' Permits Cross-Site Scripting. Read more securitytracker.com: Orion Application Server Discloses JSP Source Code to Remote Users. Read more securitytracker.com: IBM Tivoli Business Systems Manager Input Validation Flaw in 'apwc_win_main.jsp' Permits Cross-Site Scripting Attacks. Read more securitytracker.com: BlackICE Help System Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: RealSecure Desktop Help System Lets Local Users Gain Elevated Privileges. Read more   News computerworld.co.nz: Microsoft warns of nasty IE bug. Read more edition.cnn.com: A Primer on Chinese Censoring Technology. Read more www.informationweek.com: Google's Privacy Win Could Be Pyrrhic Victory. Read more www.washingtonpost.com: Terrorist 007, Exposed. Read more www.techworld.com: Hackers get IBM's goat. Read more software.silicon.com: Trojan nasties raid passwords. Read more rrstar.com: Man fined $250 in first area case of Internet piracy. Read more www.thenation.com: Google's Wi-Fi Privacy Ploy. Read more news.netcraft.com: Domain Registrar Joker Hit by DDoS. Read more www.eetimes.com: Some Microsoft workers call for heads to roll. Read more andyabramson.blogs.com: Skype, Zennstrom, Friis Et Al Sued for RICO Violations. Rea more

25 March 2006 Guides, Papers, etc www.f-secure.com: How Would You Like Your Bagle Done, with Rootkits on the Side? Read more www.securitypronews.com: Kazaa And Others Flunk �Badware� Test. Read more edition.cnn.com: Is your boss spying on you? Read more reviews.cnet.com: Theft of trust. Read more www.infectionvectors.com: Phish Sticks: Email Crime Update. Read more   News www.techweb.com: IE Exploit Strikes, Installs Spyware. Read more software.silicon.com: IE exploit could unleash email virus. Read more news.zdnet.com: Fixes in for RealPlayer flaws. Read more www.theregister.co.uk: Trojan intercepts bank tokens. Read more news.zdnet.com: DNS servers do hackers' dirty work. Read more www.pcpro.co.uk: Spyware kits for sale online for a pittance. Read more www.smh.com.au: Police snare high profile hacker. Read more news.zdnet.com: Microsoft mulls rushing out IE patch. Read more www.betanews.com: Microsoft: No Vista Code Changes. Read more www.spamdailynews.com: Jailed spam king caught conspiring to kill witness. Read more www.zone-h.org: Web saboteurs wanted? Russian Duma praises hacker crew for defacing "Anti-russian" web sites. Read more www.securityfocus.com: Check Point calls off Sourcefire buy. Read more mosnews.com: Russian Software Developer Beats Pirate in Boxing Ring. Read more

24 March 2006 Guides, Papers, etc www.eecs.umich.edu: SubVirt: Implementing malware with virtual machines. Read more www.cdt.org: Following the Money: How Advertising Dollars Encourage Nuisance and Harmful Adware and What Can be Done to Reverse the Trend. Read more www.cdt.org: Major Companies Help Fund the Spread of Unwanted Adware, New Report Finds. Read more www.itnews.com.au: Massive botnet stealing banking info. Read more www.logisticsit.com: AIM RFID Experts Refute RFID Virus Claims. Read more ddanchev.blogspot.com: Privacy issues related to mobile and wireless Internet access. Read more itmanagement.earthweb.com: A War Driving Experience - Part I: The Results. Read more itmanagement.earthweb.com: A War Driving Experience - Part II: Comparing the Results. Read more www.tomsnetworking.com: They're Out to Get You - An Introduction to Internet Security. Read more   Tools: searchwindowssecurity.techtarget.com: Little known Microsoft security utilities. Read more   Vulnerabilities & Exploits Microsoft Security Advisory (917077) Vulnerability in the way HTML Objects Handle Unexpected Method Calls Could Allow Remote Code Execution. Read more www.idefense.com: RealNetworks RealPlayer and Helix Player Invalid Chunk Size Heap Overflow Vulnerability. Read more securitytracker.com: HP-UX swagentd Bug Lets Remote Users Deny Service. Read more securitytracker.com: Maian Weblog Input Validation Bugs in 'print.php' and 'mail.php' Permit SQL Injection. Read more securitytracker.com: OPIE on FreeBSD May Let Local Users Modify the Configuration or Remote Users Gain Root Access. Read more securitytracker.com: VeriSign Managed PKI Input Validation Flaw in 'haydn.exe' Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Microsoft Internet Explorer createTextRange() Memory Error Lets Remote Users Execute Arbitrary Code. Read more blogs.securiteam.com: Sendmail Silently-Patched Memory Leak. Read more blogs.securiteam.com: Trusting SMTP (more on SenderGate: SMTP Multiple Vulnerabilities). Read more   News www.cdfreaks.com: Starforce enforces DRM by instant reboot (without warning). Read more www.theregister.co.uk: Hackers put the futility back in Sun's grid utility. Read more www.theregister.co.uk: China breaks up illicit gaming and piracy networks. Read more www.theregister.co.uk: 40,000 BP workers exposed in Ernst & Young laptop loss. Read more software.silicon.com: IE exploit could unleash email virus. Read more www.theregister.co.uk: Sendmail flaw poses critical hacker risk. Read more www.scmagazine.com: Double attack fires 650,000 trojan emails at U.K. firms. Read more www.siliconrepublic.com: Irish software company protests �trackware� label. Read more www.pcworld.com: Largest U.S. Fine Ever Levied for Spam Violations. Read more www.technewsworld.com: Whistleblower Says FBI E-Mail Flap Overblown. Read more news.com.com: Four men charged in Nigeria e-mail scam. Read more edition.cnn.com: Vista delay potential boon for rivals. Read more www.geekzone.co.nz: Hard Disk Drive Organization Announces a New Sector Length Standard. Read more news.bbc.co.uk: Nano circuit offers big promise. Read more edition.cnn.com: Coming soon: Download-to-own films. Read more

23 March 2006 Guides, Papers, etc Video: The Code Room: Breaking Into Vegas The Code Room is a 1/2 hour internet TV show bases around information security. Episode 3 shows bad guys using a combination of SQL Injection and Session Hi-Jacking to steal 4.5 million dollars from a Vegas casino. Watch www.businessweek.com: Audio: Microsoft's Next Browser. Listen www.washingtonpost.com: Bringing Botnets Out of the Shadows. Read more www.f-secure.com: From Russia with Rootkit. Read more www.pcmag.com: Malware Grifters. Read more www.windowsecurity.com: Tools of the Trade (Part 2). Read more ddanchev.blogspot.com: The Practical Complexities of Adware Advertising. Read more www.informationweek.com: Vista Delays And Multiple Versions: Cut Through The Confusion. Read more www.windowsecurity.com: Hidden Backdoors, Trojan Horses and Rootkit Tools in a Windows Environment. Read more www.ccianet.org: CyberInsecurity: The Cost of Monopoly. Read more www.techbuilder.org Fight Spyware Like You Mean It! Read more www.techbuilder.org: The Ultimate Malware Fighter: System Restore. Read more www.rit.edu: Survey of Trends in Honeypot Technology Users. Read more blogs.securiteam.com: Copyright Gone Mad. Read more www.securityfocus.com: Security Czar. Read more   Vulnerabilities & Exploits securitytracker.com: RealPlayer Buffer Overflow in Processing Mimio Broadcast Files May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: IPSec Bug in 'xform_esp.c' May Let Remote Users Bypass Anti-Replay Sequence Number Checking. Read more securitytracker.com: RealPlayer Heap Overflow in Embedded Player May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: RealPlayer Buffer Overflow in Processing SWF Flash Files Lets Remote Cause Arbitrary Code to Be Executed. Read more securitytracker.com: Sendmail Race Condition in Signal Handler May Let Remote Users Trigger a Buffer Overflow to Execute Arbitrary Code. Read more securitytracker.com: Microsoft Internet Explorer (IE) Lets Remote Users Cause HTA Files to Be Executed. Read more securitytracker.com: NetWare NILE.NLM May Use a Weak Encryption Algorithm or Cleartext via the SSL Port. Read more securitytracker.com: F5 FirePass Input Validation Hole in 'my.support.php3' Permits Cross-Site Scripting Attacks. Read more securitytracker.com: MailEnable POP Authentication Bug Has Unspecified Impact. Read more securitytracker.com: FreeRADIUS Input Validation Error in EAP-MSCHAPv2 Module May Let Remote Users Bypass Authentication. Read more securitytracker.com: Microsoft Internet Explorer 'mshtml.dll' Bug in Processing Multiple Action Handlers Lets Remote Users Deny Service. Read more securitytracker.com: X.Org Server '-modulepath' and '-logfile' Parameter Privilege Validation Error Lets Local Users Gain Root Privileges. Read more securitytracker.com: WebLogic Server Default Internal Servlet May Let Remote Users Access the Local File System. Read more securitytracker.com: WebLogic Portal May Disclose a User's JSR-168 Portlet Contents. Read more   News www.securityfocus.com: Interpol: Politicians failing to tackle phishing. Read more www.securityfocus.com: As Japanese Bring Work Home, Virus Hitches a Ride. Read more www.wired.com: Probes Scrutinize Caller ID Hacks. Read more www.theregister.co.uk: Gates admits Internet Explorer error. Read more www.telecompaper.com: Consumer Wi-Fi needs user-friendly security - study. Read more www.usatoday.com: Yahoo calls on customers to try its new phone service. Read more

22 March 2006 Guides, Papers, etc Following the Money: How Advertising Dollars Encourage Nuisance and Harmful Adware and What Can be Done to Reverse the Trend. Read more www.washingtonpost.com: Bringing Botnets Out of the Shadows. Read more www.stopbadware.org: Badware Report. Read more www.pcmag.com: Malware Grifters. Read more www.securityfocus.com: Encryption for the masses. Read more www.cato.org: Circumventing Competition. The Perverse Consequences of the Digital Millennium Copyright Act. Read more   Tools: www.tgdaily.com: Samsung launches 32 GB Flash disk for mobile computers. Read more   Vulnerabilities & Exploits jeffrey.vanderstad.net: The grasshopper vulnerability. Read more www.securiteam.com: Internet Explorer Script Action Handlers (mshtml.dll) Buffer Overflow. Read more securitytracker.com: WebLogic XML Document Parsing Memory Error Lets Remote Users Deny Service. Read more securitytracker.com: Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks. Read more   News www.theregister.co.uk: Windows Vista slips to 2007. Read more www.microsoft-watch.com: What's Really Behind the Windows Vista Delay? Read more searchsecurity.techtarget.com: New Trojan, kernel-level rootkit have 'frightening capabilities'. Read more www.nthworld.org: In-the-wild rootkit and Trojan. Read more techdirt.com: Security Through Begging. Read more www.theregister.co.uk: Adware backers named and shamed. Read more www.eweek.com: Spyware Trail Leads to Kazaa, Big Advertisers. Read more spamkings.oreilly.com: Spammers hitch a free ride on car site. Read more www.abc.net.au: Porn block plan 'would slow Internet'. Read more money.cnn.com: Microsoft's big Internet bet -- will it pay? Read more www.informationweek.com: Microsoft Refreshes Internet Explorer 7 Beta 2 Preview. Read more campus.acm.org: DEBUGGING EXPERT WINS ACM DOCTORAL DISSERTATION AWARD. Read more today.reuters.co.uk: China forced to rethink online gaming limit - FT. Read more

21 March 2006 Guides, Papers, etc www.benedelman.org: Advertisers Funding 180solutions. Read more www.securityfocus.com: Debit-card fraud underscores legal loopholes. Read more www.courant.com: How To Fight E-Invaders. Read more www.channelregister.co.uk: Forgotten password clues create hacker risk. Read more www.computerweekly.com: The effective response to computer crime. Read more www.lurhq.com: DNS Cache Poisoning � The Next Generation. Read more   Vulnerabilities & Exploits securitytracker.com: betaparticle blog Input Validation Bugs in 'id' and 'fldGalleryID' Parameters Permit SQL Injection. Read more   News www.securityfocus.com: Web site takes exploits private. Read more www.theregister.co.uk: MS lawsuits aim to reel in phishers. Read more online.wsj.com: Former Hacker Irks Microsoft In EU Dispute. Read more www.informationweek.com: Gates Vows A New Internet Explorer Every Year--Or More. Read more www.theinquirer.net: Why Bill Gates is right, for once. Read more news.com.com: Gates looks to expand view beyond Windows. Read more www.informationweek.com: Bot Herders Ready Attack Against Message Forums. Read more www.betanews.com: MSN Silently Opens Up Live Messenger. Read more www.esecurityplanet.com: Google: Creating a World Without Privacy. Read more today.reuters.co.uk: Internet phone services to shake up Latam telecoms. Read more

20 March 2006 Guides, Papers, etc www.iht.com: Innovation may lower Net users' privacy. Read more csrc.nist.gov: SECURE HASH STANDARD. Read more gtresearchnews.gatech.edu: Optical-Wireless Convergence: New Network Architecture Delivers Super-Broadband Wired and Wireless Service Simultaneously. Read more redtape.msnbc.com: HOW CAN SOMEONE IN MOSCOW TAKE YOUR MONEY? Read more www.betanews.com: UMPC: Why Microsoft Thinks You Need It. Read more news.com.com: Spyware-killing Vista could take out rivals. Read more j-walk.com: The 3rd Annual Nigerian EMail Conference "Write better emails. Make more moneys. Read more   Vulnerabilities & Exploits securitytracker.com: BorderWare MXtreme Vulnerability in Web Administration Interface Has Unspecified Impact. Read more securitytracker.com: AIX Bug in 'bos.rte.lvm' Has Unspecified Impact. Read more securitytracker.com: Veritas Backup Exec for Windows Servers Media Server Format String Bug in BENGINE May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Symantec Veritas Backup Exec Memory Errors Let Remote Users Deny Service. Read more securitytracker.com: HP-UX usermod Lets Local Users Modify File and Directory Permissions. Read more securitytracker.com: Novell FTP Server (NWFTPD) MDTM Command Buffer Overflow Lets Remote Authenticated Users Deny Service. Read more   News www.computerworld.com: Google must give index data, not queries, to gov't. Read more www.redherring.com: Judge Limits US Data Hunt. Read more www.computerworld.com: Tough week ahead for malware companies. Read more www.techweb.com: Brazen Botnets Steal From E-Shopping Carts. Read more www.theinquirer.net: Milosevic causes Trojan problems. Read more isc.sans.org: Potential phpBB Hack Coming? Read more www.facetime.com: FaceTime Identifies New Botnets Utilizing Instant Messaging to Steal Personal Information from Online Shoppers and PayPal Customers. Read more news.zdnet.com: Visa warns software may store customer data. Read more www.theinquirer.net: Microsoft sues firm for re-selling Spyware beta. Read more economictimes.indiatimes.com: Internet to get dot xxx porno line. Read more www.techworld.com: You can't lock up a Trojan. Read more www.securitypark.co.uk: 1 in 5 emails is pharmaceutical spam. Read more www.gcn.com: NIST says agencies should begin move to stronger hashing tools. Read more today.reuters.com: Kinderstart sues Google over lower page ranking. Rea more

18 March 2006 Guides, Papers, etc www.isotf.org: DNS Amplification Attacks. Read more members.lycos.co.uk: Detecting Botnets Using a Low Interaction Honeypot. Read more www.phrack.org: Raising The Bar For Windows Rootkit Detection. Read more ddanchev.blogspot.com: Getting paid for getting hacked. Read more www.microsoft-watch.com: Internet Explorer Has a Future. Read more   Vulnerabilities & Exploits www.ush.it: Milkeyway Captive Portal Multiple Vulnerabilities. Read more securitytracker.com: unalz Directory Traversal Bug Lets Users Write Files to Arbitrary Locations. Read more securitytracker.com: Dwarf HTTP Server Discloses JSP Source Code and Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Milkeyway Input Validation Bugs Permit SQL Injection and Cross-Site Scripting Attacks. Read more securitytracker.com: phpMyAdmin Input Validation Flaw in 'set_theme' Permits Cross-Site Scripting Attacks. Read more   News www.msnbc.msn.com: Judge lets Google preserve some privacy. Read more www.mercurynews.com: Google avoids surrendering search requests to government. Read more www.msnbc.msn.com: Web site sues over Google 'blacklist'. Read more today.reuters.co.uk: U.S. judge dismisses Google copyright case. Read more today.reuters.co.uk: China jails Internet writer. Read more reviews.cnet.com: Psst. Your shiny new passport has a computer virus. Read more isc.sans.org: Phishing Messages May Include Highly-Personalized Information. Read more www.scmagazine.com: Experts expose botnets controlling 150K PCs. Read more www.internetnews.com: Botnets on The Run? Read more www.technewsworld.com: Data Mining Easy as Using Credit Card. Read more news.com.com: Week in review: Can Google keep a secret? Read more www.scmagazine.com: More clever hackers emerging. Read more www.computerworld.com: New Spycar software will test antispyware. Read more www.betanews.com: Gates Pokes Fun at $100 Laptop. Read more

17 March 2006 Guides, Papers, etc www.lurhq.com: Cryzip Ransomware Trojan Analysis. Read more blogs.securiteam.com: Skype - The new NMAP? Read more blogs.securiteam.com: Free QA and Light-bulb Disclosure. Read more blogs.securiteam.com: Thinking Different IV. Read more techrepublic.com.com: Look at your network through a hacker's eyes. Read more www.pcworld.com: Stop Others From Altering Your Security Settings. Read more   Tools: fire.dmzs.com: FIRE is a portable bootable cdrom based distribution with the goal of providing an immediate environment to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment. Read more   News www.eweek.com: Cryzip Trojan Encrypts Files, Demands Ransom. Read more www.technewsworld.com: Security Researchers Crack Zippo Password. Read more www.theregister.co.uk: Say Hi to the mouse click capturing Trojan. Read more www.eweek.com: RAIDE Rootkit Elimination Tool Hits Beta. Read more www.infoworld.com: Microsoft goes public with Blue Hat hacker conference. Read more www.betanews.com: VeriSign Warns of New DoS Attacks. Read more www.eweek.com: FrSIRT Puts Exploits up for Sale. Read more www.vnunet.com: Bank strikes back at ID cheats. Read more www.washingtonpost.com: Hacking Made Easy. Read more www.securityfocus.com: Police break online child porn ring. Read more

16 March 2006 Guides, Papers, etc www.rfidvirus.org: Is your pet infected with a computer virus? Read more www.rfidvirus.org: How to Write an RFID Worm. Read more www.schneier.com: The Future of Privacy. Read more www.themanufacturer.com: The price of Windows. Read more www.eweek.com: Credit Card Security Issues Rise to a Boil. Read more ddanchev.blogspot.com: Security vs Privacy or what's left from it. Read more www.windowsecurity.com: Deploying Auditing Settings and Reporting What is Configured. Read more www.egr.msu.edu: A Topologically-AwareWorm Propagation Model forWireless Sensor Networks. Read more www.it-observer.com: What E-Mail Hackers Know That You Don�t. Read more www.blackhat.com: Attacks on uninitialized local variables. Read more   Tools: www.microsoft.com: SyncToy v1.1 helps you copy, move, rename, and delete files between folders and computers quickly and easily. Read more   Vulnerabilities & Exploits securitytracker.com: ASP Portal Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more securitytracker.com: Horde Input Validation Hole in '/services/go.php' Lets Remote Users Traverse the Directory. Read more securitytracker.com: Macromedia Flash Player SWF File Processing Flaw Permits Remote Code Execution. Read more   News www.techtree.com: Feds Slacken Leash on Google. Read more www.theregister.co.uk: Plug pulled on Mac hacking challenge. Read more www.vnunet.com: Macabre Milosevic malware mounts. Read more www.terra.net.lb: Microsoft sues against alleged eBay software bootlegging. Read more www.terra.net.lb: Qatar conference urges combat of cyber crime. Read more www.terra.net.lb: New virus seeks 'ransom' for computer files. Read more news.zdnet.co.uk: Trojan 'kidnaps' data. Read more www.vnunet.com: Hackers cash in on financial sector attacks. Read mor blogs.zdnet.com: Botnet drama: database theft, IM attacks, financial fraud. Read more www.msnbc.msn.com: Radio chip barcodes can carry a virus. Read more today.reuters.com: Bill Gates mocks MIT's $100 laptop project. Read more www.vnunet.com: Global project cracks second Enigma code. Read more www.usdoj.gov: Former Officer of Internet Company Sentenced in Case of Massive Data Theft from Acxiom Corporation. Read more

15 March 2006 Guides, Papers, etc www.securityfocus.com: Social engineering reloaded. Read more www.esj.com: Bot Networks Hurl More Trojan Code. Read more www.javareport.com: Rapidly evolving security attack trends. Read more www.microsoft.com: 7 ways to protect your laptop on the road. Read more www.microsoft.com: Help keep your data safe. Encrypt your data with Windows XP Professional. Read more www.rootkit.com: VMBR's a threat? Not really. Read more www.argeniss.com: WLSI - Windows Local Shellcode Injection. Download www.securitypark.co.uk: How Hackers and Virus Writers Attack E-mail Systems. Read more blogs.securiteam.com: SPAMers are smart people. Read more blog.searchenginewatch.com: 25 Things I Hate About Google. Read more www.counterpane.com: CYBER ATTACKS TO SIGNIFICANTLY IMPACT FINANCIAL, HEALTHCARE AND UTILITIES SECTORS. Read more www.darksideprogramming.net: Creating Malware using MD5. Read more   Vulnerabilities & Exploits www.zerodayinitiative.com: Microsoft Excel File Format Parsing Vulnerability. Read more securitytracker.com: Adobe Graphics Server Interactive Login Configuration Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Adobe Document Server Interactive Login Configuration Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: ENet Packet Processing Bugs Let Remote Users Deny Service. Read more securitytracker.com: Microsoft Windows Services Have Unsafe Default ACLs That Let Remote Authenticated Users Gain Elevated Privileges. Read more securitytracker.com: mod_python FileSession Directory Traversal Bug May Let Local Users Gain Additional Privileges. Read more securitytracker.com: Apple Mac OS X CoreTypes Bug in Archive Processing Lets Remote Users Conduct Cross-Domain Scripting Attacks. Read more securitytracker.com: Apple Mail Buffer Overflow in Processing Attachments With Specially Crafted Real Names May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Ubuntu Installer Leaves Passwords in Plain Text on the System. Read more securitytracker.com: Apple Safari 'Safe' File Type Processing Flaw May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Ipswitch Collaboration Suite Buffer Overflow in IMAP FETCH Command Lets Remote Authenticated Users Execute Arbitrary Code. Read more securitytracker.com: DSPoll Input Validation Hole in Processing 'pollid' Parameter Let Remote Users Inject SQL Commands. Read more securitytracker.com: DSNewsletter 'email' Parameter Input Validation Flaw Permits SQL Injection. Read more   News Microsoft Security Bulletin MS06-012 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413). Read more news.com.com: Judge to help feds against Google. Read more news.com.com: Video: Google, ACLU respond as judge backs feds. Watch english.chosun.com: Hackers Stole 1 Million IDs for Online Game. Read more www.theregister.co.uk: Google cuts data deal with DoJ. Read more www.theregister.co.uk: McAfee ate my system. Read more www.theregister.co.uk: Phishing fraudsters offer cash reward. Read more www.sophos.com: Husband and wife face jail for Trojan horse that spied on businesses. Read more news.com.com: Study says RFID tags are vulnerable to viruses. Read more www.vnunet.com: Web search blows CIA spooks' cover. Read more www.scmagazine.com: Gartner warns of 'PIN block' hacking scams. Read more www.securitypark.co.uk: 50% of computers are wide open for online attacks and malware. Read more www.sfgate.com: SONY BMG ANNOUNCES ROOTKIT SETTLEMENT DETAILS. Read more news.com.com: OfficeMax: No evidence of security breach. Read more

14 March 2006 Guides, Papers, etc www.securityfocus.com: Human rights and wrongs online. Read more www.esj.com: Bot Networks Hurl More Trojan Code. Read more www.cs.wisc.edu: An Inside Look at Botnets. Read more sunbeltblog.blogspot.com: Behold the power of botnets. Read more www.securitypark.co.uk: Two-Factor Authentication for clients of banks and financial institutions. Read more blogs.securiteam.com: Full-Disclosure to be rated PG-13. Read more www.lurhq.com: Cryzip Ransomware Trojan Analysis. Read more isc.sans.org: A TCP/IP mystery (solved) (NEW). Read more decision.csl.uiuc.edu: How to do Business Safer Online in 6 Easy Steps. Read more   Tools: searchsecurity.techtarget.com: New freeware takes some mystery out of rogue files. Read more   Vulnerabilities & Exploits www.securityfocus.com: Ubuntnu stores clear text root password. Read more securitytracker.com: DSCounter 'X-Forwarded-For' Input Validation Flaw Permits SQL Injection Attacks. Read more securitytracker.com: DSDownload Input Validation Flaws in 'search.php' and 'downloads.php' Permit SQL Injection. Read more securitytracker.com: DSLogin Input Validation Bug in 'log_userid' Parameter Permits SQL Injection Attacks. Read more   News www.theregister.co.uk: Citibank ATM fraud 'just tip of iceberg' - analyst. Read more www.newsfactor.com: McAfee Update Kills More Than Viruses. Read more www.javareport.com: Rapidly evolving security attack trends. Read more www.businessweek.com: Speak Softly And Carry A Thick Brief. Read more www.vnunet.com: Sony BMG rootkit victims urged to claim free money. Read more www.apacs.org.uk: UK card fraud losses in 2005 fall by �65m - to �439.4m from �504.8m in 2004. Read more news.com.com: Google, feds face off over search records. Read more today.reuters.com: Google, US to face off over data. Read more www.computerworld.com: Hacked bank server hosts phishing sites. Read more www.theinquirer.net: McAfee sends 'bad pattern' to punters. Read more news.com.com: Windows Live offers Microsoft a quicker turnaround. Read more www.theregister.co.uk: Virtual rootkits create stealth risk. Read more www.betanews.com: Microsoft Updates Vista Design Tools. Read more

13 March 2006 Guides, Papers, etc blogs.msdn.com: Why you shouldn't run as admin...Read more www.microsoft.com: SafeDisc Windows XP Fix for Microsoft Games. Read more www.cs.princeton.edu: Windows Access Control Demystified. Read more blog.siteadvisor.com: The Ghosts of Downloads Past. Read more www.netsato.com: Malware Report - Rouge Anti-Spyware Software called �Bravesentry�. Read more isc.sans.org: Phishing arms race. Read more www.microsoft.com: Leetspeak: A parent's primer to computer slang. Read more news.com.com: Video: Google can't stay out of the news. Watch   Vulnerabilities & Exploits securitytracker.com: GuppY Input Validation Flaw in 'error.php' Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Linux Kernel Comparison Error in get_nodes() Lets Local Users Deny Service. Read more securitytracker.com: KDE kpdf/xpdf Incorrect Patch for Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: GnuPG May Fail to Detect the Injection of Unsigned Data. Read more securitytracker.com: Kerio MailServer IMAP Command Bug Lets Remote Users Deny Service. Read more securitytracker.com: Nodez Input Validation Flaw in 'op' Parameter Lets Remote Users Inject PHP Code and Also Conduct Cross-Site Scripting Attacks. Read more   News www.microsoft.com: Virus Information Alliance (VIA). Read more www.vnunet.com: Single Windows security patch for March. Read more www.spamdailynews.com: Spammer Brendan Battles denies he is Spam King Brendan Battles. Read more www.nzherald.co.nz: Viruses programmed to steal data proliferate. Read more www.computerworld.com: Security vendors: Windows OneCare won't cut it. Read more

11 March 2006 Guides, Papers, etc www.eweek.com: VM Rootkits: The Next Big Threat? Read more reviews.cnet.com: This time it's personal. Read more www.wired.com: Can Microsoft Save the Net? Read more www.windowsecurity.com: More on Running Windows Under Non-Admin Accounts. Read more ftp.research.microsoft.com: Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities. Read more www.thevirtualhandshake.com: I’ve Been Joe Jobbed - Need Your Help. Read more blog.siteadvisor.com: The Ghosts of Downloads Past. Read more   Tools: www.seagate.com: New Momentus Drive Slams Door Shut on Data Thieves. Read more www.windowsecurity.com: Tools of the Trade (Part 1). Read more www.few.vu.nl: Argos: an Emulator for Capturing Zero-Day Attacks. Read more tech.monstersandcritics.com: New ultra mobile PC points to future of computing. Read more   Vulnerabilities & Exploits securitytracker.com: TextfileBB Input Validation Flaw in 'messanger.php' Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more securitytracker.com: ZoneAlarm Use of Relative Path to Load DLLs Lets Local Users Gain Elevated Privileges Read more securitytracker.com: Dropbear SSH Server Authorization-Pending Limit Lets Remote Users Deny Service. Read more securitytracker.com: Linux Kernel dm-crypt Fails to Clear Key Storage. Read more securitytracker.com: RevilloC MailServer POP3 USER Command Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Xerox WorkCentre Pro Multiple PostScript Processing Errors Let Remote Users Deny Service. Read more securitytracker.com: GNU Mailman 'Scrubber.py' Decoding Error May Let Remote Users Deny Service. Read more   News news.com.com: Feds suggest 21-day deadline for Google subpoena. Read more www.theregister.co.uk: Virus names likely a lost cause. Read more news.com.com: Open-source bugs undermine digital signatures. Read more www.tmcnet.com: Invasion of privacy versus hacking: Internet cafe owners fear losing customers. Read more www.vnunet.com: Analyst firm savages Skype. Read more voyage.typepad.com: Google.cn "Very Likely" Replace Uncensored Google.com: Beijing News. Read more today.reuters.co.uk: EU Commission sends new warning to Microsoft. Read more www.redherring.com: Google Site in Hot Water. Read more www.nytimes.com: Popular Web Site Falls Victim to a Content Filter. Read more

10 March 2006 Guides, Papers, etc blog.washingtonpost.com: Shadowboxing With a Bot Herder. Read more www.securityfocus.com: Virus names likely a lost cause. Read more www.techworld.com: Test shows how vulnerable unpatched Windows is. Read more www.registerguard.com: Identity theft rooted in documents; shred them. Read more www.cio-today.com: Protecting Your Most Vulnerable Corporate Data. Read more www.informit.com: Analyzing the Crossover Virus: The First PC to Windows Handheld Cross-infector. Read more www.wired.com: Why Data Mining Won't Stop Terror. Read more   News www.usatoday.com: Click fraud's bound to continue, experts say. Read more www.theregister.co.uk: ISPs must take lead in fighting spam. Read more www.it-observer.com: Microsoft Plans Two Patches Next Week. Read more www.scmagazine.com: From Russia, bots and personal information for sale. Read more news.bbc.co.uk: Denial-of-service hacking soars. Read more www.scmagazine.com: No Citibank withdrawls north of the border. Read more www.informationweek.com: PIN Scandal 'Worst Hack Ever'; Citibank Only The Start. Read more www.crn.com: Famed 'Computer Terrorist' Teaches Anti-hacking. Read more www.it-observer.com: DeepNines and Kaspersky Lab Unite to Provide Leading Anti-Virus and Anti-Spyware Protection in DeepNines Integrated Solution. Read more www.theinquirer.net: Vista set to swallow 800MB of RAM. Read more www.vnunet.com: Microsoft warns of pirate software security risks. Read more www.vnunet.com: Intel beefs up desktop security. Read more www.bbspot.com: Typo Prompts RIAA to Prosecute Fire Sharers. Read more

09 March 2006 Guides, Papers, etc www.dfrws.org: Call for Papers. Digital Forensic Research Workshop (DFRWS). Read more ddanchev.blogspot.com: Where's my 0day, please? Read more ddanchev.blogspot.com: The Future of Privacy = don't over-empower the watchers!. Read more www.informationweek.com: Firefox Whips Internet Explorer In Vulnerability Tally. Read more blogs.zdnet.com: Windows Defender Beta 2 vs. spyware. Read more blogs.securiteam.com: Message-Rendering Vulnerabilities in E-mail Readers. Read more   Tools: sourceforge.net: HLBR is an IPS (Intrusion Prevention System) that can filter packets in the OSI layer 2. Detection of malicious traffic is done by rules. It can even be used as bridge to honeypots. The HLBR is a firewall element and can use regular expressions. Read more www.newscientist.com: Create your favourite website, automatically. Read more   Vulnerabilities & Exploits reedarvin.thearvins.com: 18 ways to escalate privileges in Zone Labs ZoneAlarm Security Suite build 6.1.744.000. Read more securitytracker.com: Symantec Ghost Underlying Database Bugs May Let Local Users Access the Database. Read more securitytracker.com: Red Hat initscripts Environment Variable Processing May Let Local Users Gain Elevated Privileges. Read more securitytracker.com: Grisoft AVG Anti-Virus Update File Permissions Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: HP Tru64 UNIX IPSec IKE Processing Lets Remote Users Deny Service. Read more   News isc.sans.org: Bargain: 10'000 infected PC's for only 25$ Read more spamkings.oreilly.com: Mortgage spamming kit up for auction. Read more www.theregister.co.uk: Microsoft releases beta search. Read more www.wired.com: Porn Billing Leak Exposes Buyers. Read more www.theregister.co.uk: Phishing fraudsters aim to outpace site shutdowns. Read more business.scotsman.com: Privacy fear as Google plans 'super database'. Read more www.usatoday.com: U.S. Web giants cower at great firewall of China. Read more www.redherring.com: Acting as China's Web Cops. Read more www.computing.co.uk: Two charged with creating Trojan spyware. Read more www.techweb.com: Researchers Terminate Sites Selling Trojans. Read more deseretnews.com: Victim solves his ID theft. Read more netrn.net: Newest rogue anti-spyware installs adware from BestOffersNetwork. Read more today.reuters.co.uk: S.Korea aims to cool Internet rage attacks. Read more www.usatoday.com: Osama bin Laden fan clubs build online communities. Read more dsc.discovery.com: Photos as Passwords Foil Hackers. Read more

08 March 2006 Guides, Papers, etc www.securityfocus.com: The value of vulnerabilities. Read more news.bbc.co.uk: Hanging on the internet telephone. Read more www.computerworld.com.au: Attack of the Mutants. Read more msn.pcworld.com: Spam Mutates. Junk ads are migrating to blogs, instant messages, and cell phones. Read more www.eweek.com: Is 'American' Software More Secure? Read more www.securityfocus.com: Contests challenge Mac OS X security. Read more ddanchev.blogspot.com: 5 things Microsoft can do to secure the Internet, and why it wouldn't? Read more ddanchev.blogspot.com: Anti Phishing toolbars - can you trust them? Read more www.informationweek.com: Firefox Whips Internet Explorer In Vulnerability Tally. Read more public.gnucitizen.org: Purple paper on discovery and exploitative vhost hacking techniques. Read more blogs.securiteam.com: PHP-based CMS mass-exploitation. Read more   Vulnerabilities & Exploits securitytracker.com: CuteNews Input Validation Hole in 'index.php' Permits Cross-Site Scripting Attacks. Read more securitytracker.com: FTPoed Blog Engine Comment Section Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Linux Kernel 'binfmt_elf.c' ELF Entry Point Error Lets Local Users Deny Service. Read more securitytracker.com: Sun Solaris Memory Leak in Proc Pagedata Subsystem Lets Local Users Deny Service. Read more   News www.theregister.co.uk: MS denies helping Beijing nail cyberdissident. Read more www.channelregister.co.uk: Zombie PCs menace mankind. Read more www.redherring.com: China Zombie Machines Up 37%. Read more news.bbc.co.uk: China and the break-up of the net. Read more news.bbc.co.uk: Tougher hacking laws get support. Read more www.channelregister.co.uk: Citibank reissues cards after fraudulent withdrawals. Read more www.sophos.com: Police secrets leaked by computer virus. Read more www.it-observer.com: Hacking for Financial Gain. Read more www.vnunet.com: Apple OS X security withstands hacking contest. Read more www.theregister.co.uk: Firms 'invisible' to online shoppers. Read more news.bbc.co.uk: Google 'planning total storage'. Read more thescotsman.scotsman.com: Man jailed over cybergirl 'sex'. Read more

07 March 2006 Guides, Papers, etc blogs.securiteam.com: Oracle Secure Search: The World�s Greatest Paradox? Read more www.informationweek.com: Microsoft's IE7 Ignores Windows Setting. Read more www.philippinehoneynet.org: Honeynet Activity Monitor Report Archive 2006-02-16. Read more   News Citibank under fraud attack, customers locked out of accounts. Read more www.zdnet.com.au: Mac OS X hacked under 30 minutes. Read more www.securityfocus.com: Citibank issues ATM fraud statement. Read more www.mytelus.com: Internet security experts bracing for new wave of criminal 'bot-net' attacks. Read more www.securityfocus.com: Risky sites account for 5 percent of traffic. Read more www.channelregister.co.uk: Cybercrooks spur anti-virus market growth. Read more www.theregister.co.uk: US man faces IRC Trojan charges. Read more www.spamdailynews.com: Woman faces 5 years in jail over porn spam. Read more www.belfasttelegraph.co.uk: Protection is the name of the game. Read more arstechnica.com: Secret back doors? Microsoft says no, China says maybe. Read more news.zdnet.co.uk: Security standoff over PC-PDA malware code. Read more www.informationweek.com: Microsoft Backtracks On Timetable To Beat Google. Read more www.ameinfo.com: Expect hackers to shift targets in 2006. Read more

06 March 2006 Guides, Papers, etc chuvakin.blogspot.com: Will security ever "get done"? Read more www.nytimes.com: Hey Neighbor, Stop Piggybacking on My Wireless. Read more moneycentral.msn.com: 6 tips for shopping safely online. Read more www.wired.com: Are Spam Blockers Too Strict? Read more www.post-gazette.com: Today: The Internet, Tomorrow: The World. Read more www.fp6-noah.or: NoAH Honeynet Project. Read more www.fp6-noah.or: NoAH. Survey on the state-of-the-Art. Read more   Vulnerabilities & Exploits securitytracker.com: LISTSERV Web Archive Interface Unspecified Bugs Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Visual Studio Buffer Overflow in '.dbp' and '.sln' Files Let Remote Users Cause Arbitrary Code to Be Executed. Read more securitytracker.com: Gallery Input Validation Holes Let Remote Users Delete Files and Conduct Cross-Site Scripting Attacks. Read more securitytracker.com: IBM WebSphere Application Server May Disclose JavaServer Pages Source to Remote Users. Read more securitytracker.com: PluggedOut Nexus Input Validation Flaw in 'forgotten_password.php' Permits SQL Injection. Read more securitytracker.com: EMC Dantz Retrospect Client Lets Remote Users Disable Backup Services. Read more securitytracker.com: Apple Safari JavaScript Buffer Overflow Lets Remote Users Execute Arbitrary Code and HTTP Redirect Bug Lets Remote Users Access Files. Read more securitytracker.com: Mac OS X automount Lets Remote Users Execute Arbitrary Code on Systems on the Local Network. Read more securitytracker.com: OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service. Read more securitytracker.com: Tar Buffer Overflow in Processing PAX Extended Headers May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: lighttpd Discloses Script Source Code to Remote Users. Read more securitytracker.com: SAP Web Application Server Lets Remote Users Inject Data into HTTP Responses. Read more   News www.eweek.com: Hunt Intensifies for Botnet Command & Controls. Read more www.spamdailynews.com: Israeli Trojan horse developers indicted. Read more www.zdnet.com.au: Mac OS X hacked under 30 minutes. Read more www.linuxelectrons.com: Man Arrested for Placing Trojan in IRC Channel. Read more www.eweek.com: SiteAdvisor Finds Billions of Unsafe Web Visits. Read more www.financialexpress.com: China carves out its own Net domains. Read more www.betanews.com: ICANN: China Not Forming New Internet. Read more

04 March 2006 Guides, Papers, etc www.sysinternals.com: Running as Limited User - the Easy Way. Read more www.infoworld.com: An SSL trojan unmasked. Read more ka0s.peak.at: Ma First Steps in Reversing on a PPC/WinCE-Platform. Read more www.ethicalhacker.net: Hacking Online Banking and Credit Card Transactions � And How to Prevent It. Read more www.tik.ee.ethz.ch: Entropy Based Worm and Anomaly Detection in Fast IP Networks. Read more   News news.com.com: Microsoft: Vista won't get a backdoor. Read more www.securityfocus.com: Antivirus groups fight over Crossover sharing. Read more www.securityfocus.com: Report: Computer problems plague NSA. Readv more www.theregister.co.uk: 'Keylogger text' spooks Symantec. Read more redmondmag.com: U.S. Objects to Snort Purchase by Israel-Based Check Point. Read more www.vnunet.com: Virus promises nude Paris Hilton pics. Read more news.zdnet.co.uk: UK users gaining confidence in online banking. Read more www.technologyreview.com: Political CD: Does It Go Too Far? Read more news.bbc.co.uk: Origami gadget to debut at Cebit. Read more news.com.com: Porn, Google and the courts. Read more

03 March 2006 Guides, Papers, etc blogs.securiteam.com: It is the second day of BlackWorm. Read more blogs.securiteam.com: Interview with Luigi Auriemma. Read more blog.washingtonpost.com: Malware-Speak Spooks Symantec. Read more blogs.securiteam.com: Old XMLHTTP HTTP Request flaw in MSIE raising interest. Read more searchsecurity.techtarget.com: Protect your business from a Google hack. Read more www.informationweek.com: How To Punch Through Spam Filters. Read more www.windowsecurity.com: Setting up your Lab. Read more   News www.redherring.com: Google Moves Files from China. Read more software.silicon.com: Microsoft virus 'bounty hunter' warns of never-ending battle. Read more news.bbc.co.uk: Big push for Chinese net domains. Read more news.com.com: Live: Google faces off with analysts. Read more www.theregister.co.uk: US man faces five years for hacking supervisor's PC. Read more www.spamdailynews.com: ''Robin Hood'' escapes prison term. Read more www.securitypronews.com: Psyciatrist Suckered By 419 Scam. Read more www.theinquirer.net: 14 year-old finds critical hole in Gmail. Read more www.msnbc.msn.com: Two arrested on sex charges linked to MySpace. Read more

02 March 2006 New Trojans February. Read more   Guides, Papers, etc blogs.securiteam.com: More DDoS trouble in DNS land? Read more www.zdnet.com.au: Change of tactics in war on viruses. Read more www.combobulate.com: Defeating DIY Hardware Keyloggers. Read more searchwindowssecurity.techtarget.com: Windows features you can live without. Read more www.technewsworld.com: Identity Theft Demystified. Read more www.trapkit.de: scoopy doo - VMware Fingerprint Suite. Read more online.wsj.com: Our Columnist Creates Web 'Original Content' But Is in for a Surprise. Read more   News www.emailbattles.com: Hacker Defender Rootkit Guru Kills Stealth Project. Read more news.netcraft.com: DDoS Attacks Target Prominent Blogs. Read more www.eweek.com: Hacker Outsmarts Kinko's ExpressPay Cards. Read more www.computerworld.com: Former government IT worker guilty of hacking. Read more www.securityfocus.com: Professor criticized for online-attack test. Read more www.theregister.co.uk: Sting nets two spam scam suspects. Read more www.securityfocus.com: The big DRM mistake. Read more www.vnunet.com: Identity theft victims to sue NCsoft. Read more www.linuxelectrons.com: College Student Uses Brute Force PASSWD on School Computer to Change Grade. Read more news.bbc.co.uk: Online amateurs crack Nazi codes. Read more today.reuters.co.uk: Microsoft says better than Google soon. Read more www.businessweek.com: Microsoft seeking ways to help illiterate. Read more news.bbc.co.uk: Microsoft plans iPod media rival. Read more

01 March 2006 Guides, Papers, etc www.securityfocus.com: recursive DNS servers DDoS as a growing DDoS problem. Read more www.pcworld.com: Outsmarting the Online Privacy Snoops. Read more www.circleid.com: China's New Domain Names: Lost in Translation. Read more www.deccanherald.com: Beware, you are being �shadow�ed. Read more www.techworld.com: The ten-minute guide to wireless security. Read more news.com.com: Video: A greener path for dead chips. Read more   Vulnerabilities & Exploits www.securityfocus.com: Report: ExpressPay can be exploited for cash. Read more securitytracker.com: MySQL Query Bug Lets Remote Users Bypass Query Loggin. Read more securitytracker.com: HP System Management Homepage Unspecified Bug Lets Remote Users Traverse the Directory. Read more securitytracker.com: phpRPC decode() Input Validaiton Bug Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Compex NetPassage WPE54G Router Lets Remote Users Crash the UConfig Agent Service. Read more securitytracker.com: Archangel Weblog Authentication Weakness Lets Remote Users Gain Administrator Privileges. Read more securitytracker.com: Thomson Speed Touch 500 Series Web Interface Input Validation Hole Permits Cross-Site Scripting Attacks. Read more securitytracker.com: D3Jeeb Input Validation Hole in 'fastlinks.php' and 'catogary.php' Permits SQL Injection. Read more securitytracker.com: DirectContact Input Validation Error Lets Remote Users Traverse the Directory. Read more   News www.channelregister.co.uk: Trojan targets basic Java phones. Read more www.dailytech.com: Proof-of-Concept PC to Mobile "Crossover" Virus Shown. Read more www.techweb.com: Microsoft Unveils "Non-Security" Update For IE. Read more news.zdnet.co.uk: Viruses cause most security breaches. Read more www.vnunet.com: Clagger Trojan sparks AV industry war of words. Read more www.infoanarchy.org: CanadianRecord Company helps Texas teen battle RIAA. Read more news.zdnet.co.uk: Two-factor authentication imminent from Alliance & Leicester. Read more www.circleid.com: Chinese Alternate Root as a New Beginning and Real Internet Governance. Read more www.washingtonpost.com: AOL Sues Groups Under Anti-Phishing Law. Read more

Copyright� MegaSecurity.org