Bookmark or link to: www.kobayashi.cjb.net. All other url`s could change!

News Archive    Translate Traducen

News June 2001

30 June 2001 MoonPie 1.35 beta 3a Latinus 1.0 bonus Source FireCracker disables @Guard - ZoneAlarm - Mc Afee Firewall ZoneKiller disables ZoneAlarm www.cyberport.com: Winsock Programmer's FAQ. How can I open a raw data socket? Read more www.rawether.net: Windows Networking Architecture. Read more CERT Advisory CA-2001-15 Buffer Overflow In Sun Solaris in.lpd Print Daemon. Read more www.securiteam.com: Exploit Code Released for the Index Server ISAPI Extension Vulnerability (IDQ). Read more www.securiteam.com: Multiple Vulnerabilities in 1C: Arcadia (tradecli.dll). Read more www.securiteam.com: Solaris Libsldap Buffer Overflow (LDAP_OPTIONS). Read more www.securiteam.com: Vulnerability in Oracle 8i TNS Listener. Read more www.crn.com: Security Flaw Affects Cisco Routers, Switches. Read more news.zdnet.co.uk: Router bug could let hackers control Internet traffic. Read more www.networkmagazine.com: New Worm And Network Crawler On The Loose. Read more www.freeos.com: Cheese: If it's good (worm), let it be! Read more www.silicon.com: Do MP3s contain virus time-bombs? Read more news.zdnet.co.uk: Apache gets Web hacker protection. Read more news.zdnet.co.uk: Virus authors let off lightly. Read more www.challenge.securecomputing.com. Secure Computing Challenge Site. The reward of $100,000 is reached. Read more www.ananova.com: Britney's official website is hacked. Read more www.vnunet.com: Oops... Britney gets hacked. Read more www.newsbytes.com: PKWARE Site Unzipped By Hackers. Read more www.reuters.com: Hackers Invade Computers of Argentina Rights Group. Read more web.lexis-nexis.com: Hackers destroy Singapore opposition party's cyber network. Read more www.zdnet.com: Mass ICQ hack has security seething. Read more www.individual.com: PFS Introduces Trillian Data Transport Mechanism for Financial Information Enables Streaming Web Input Through a Firewall Without Refreshing or Downloading. Read more www.individual.com: Icon Laboratories Unveils SNMP Sniffer. Read more computerworld.com: Oracle users urged to patch holes in Oracle8i. Read more slashdot.org: The Psychology of Passwords. Read more cryptome.org: FBI Computer Security Training. Read more cryptome.org: DMCA and "Church" (Scientology Cult) of L. Ron Hubbard. Read more www.vnunet.com: Hacker wages war on the waves. Read more siliconvalley.internet.com: Too Much Focus On Hackers, Warns Security Expert. Read more www.extremetech.com: Got Broadband? You're Under Attack. Read more www.zdnet.com: Your boss knows you're reading this. Read more web.lexis-nexis.com: Computer-related crimes among youth are increasing steadily, according to a police report released yesterday. Read more web.lexis-nexis.com: Companies Focus On the Wrong Things When It Comes to Computer Security, Claims New Educational Program by WatchIT.com. Read more

29 June 2001 Theef 1.2 Cisco Security Advisory: Multiple SSH Vulnerabilities. Read more Cisco Security Advisory: IOS HTTP Authorization Vulnerability. Read more Internet Security Systems Security Alert Cisco Web Interface Authentication Bypass Vulnerability. Read more CERT� Advisory CA-2001-14 Cisco IOS HTTP Server Authentication Vulnerability. Read more www.windowsitsecurity.com: Windows 2000 LDAP over SSL Password Change Vulnerability. Read more www.securiteam.com: Security Vulnerabilities Found in IceCast (DoS, Directory Traversal). Read more www.securiteam.com: Possible Abuse against IPv6 Transition Technologies. Read more www.securiteam.com: Cerberus FTP Server Remote DoS Attack. Read more www.securiteam.com: KTVision Symlinks Vulnerability Leads to Root Compromise. Read more www.securiteam.com: eXtremail Remote Format String Security Vulnerability. Read more www.securiteam.com: SCO Tarantella Remote File Viewing (ttawebtop.cgi). Read more www.securiteam.com: Suid Scotty (ntping) Buffer Overflow. Read more www.theregister.co.uk: SSH hits the fan for Cisco on security. Read more dailynews.yahoo.com: Security Flaws Revealed in Cisco Software. Read more www.newsbytes.com: July 4 Virus Hoax Threatens MP3 Files. Read more www.securitywatch.com: Sophos reports variants on Word 97 macro virus. Read more www.safemode.org: Web sites defaced by sysadmcn. Read more www.safemode.org: Special defacements list. Read more www.newsbytes.com: Defacement Worm Strikes Quote.com Site. Read more www.computerworld.com: Brief: Sprint confirms denial-of-service attack. Read more dailynews.yahoo.com: How the NSA is monitoring you. Read more www.pcworld.com: Hackers Hold Off on Censorship-Busting Software. Read more www.silicon.com: AOL laid low by hackers, again. Read more news.zdnet.co.uk: Computer passwords reveal office workers' secrets. Read more web.lexis-nexis.com: CIA EXPERTS SAY RUSSIA AND CHINA MAY UNLEASH CYBER WAR AGAINST THE US. Read more www.zdnet.com: Smart Tags dropped from Windows XP. Read more www.crn.com: Security Solution Providers Divided Over Microsoft Ruling. Read more www.securitywatch.com: Sun releases flock of patches. Read more web.lexis-nexis.com: No joke: E-mail spoofing on the rise: This Internet fraud can be more serious than annoying. Read more www.informationweek.com: The Web-Bug Boondoggle. Read more grc.com: The Anatomy of File Download Spyware. Read more

28 June 2001 Fraggle Rock 1.50 lite Password stealer Antigen (Trojan.PSW.Antigen.a) Steve joins TechTV's Leo Laporte by satellite to discuss the May 4th & 5th, 2001, distributed denial of service (DDoS) attack on GRC.COM. Bottem of this Page www.securitynewsportal.com: One mans fight against computer hackers - Steve Gibson Interview. Read more keir.net: Further analysis of machines that attacked GRC on June 20th 2001. Read more vil.nai.com: W95/Linong@MM. Read more www.cisco.com: Cisco Security Advisory: IOS HTTP Authorization Vulnerability. Read more www.cisco.com: Cisco Security Advisory: Multiple SSH Vulnerabilities. Read more www.securityfocus.com: Samba Remote Arbitrary File Creation Vulnerability. Read more www.theregister.co.uk: LDAP flap as passwords put at risk. Read more www.newsbytes.com: Hotkey Attack Could Open Windows Security Hole. Read more www.securiteam.co: ASP Source Code Exposed Using Unicode Encoding Attack. Read more www.securiteam.co: Oracle Listener Denial of Service Vulnerabilities. Read more www.securiteam.co: Crypto Flaw in Secure Mail Standards. Read more www.securiteam.co: Pmpost Symlinks Vulnerability Leads to Root Compromise. Read more www.pcworld.com: Readers to Microsoft: Copy Controls? No Way! Read more www.zdnetasia.com: Defacement site gets defaced. Read more thestar.com.my: Sosco's hacked website 'cleaned'. Read more www.zdnet.com: Retool delays hackers' free-speech app. Read more www.ananova.com: Echelon 'has spied on Japan for 20 years'. Read more www.zdnet.com: Net espionage stirs Cold-War tensions. Read more news.zdnet.co.uk: Hacker tracking site falls prey to ThePike. Read more www.vnunet.com: Hackers hit defacement mirror website. Read more uk.news.yahoo.com: Burger King site grilled for third time. Read more content.techweb.com: ESNIFF NOSES OUT MISCHIEF MAKERS. Read more content.techweb.com: New Way To Detect Hacking -- StealthWatch tool examines data flow to expose undocumented attacks. Read more www.newsbytes.com: Always-On Broadband A Security Hole. Read more

27 June 2001 Oblivion 0.1 by Stan. How to make a Dropper in C by Stan. Read more Noknok 8.0.b Client Microsoft Security Bulletin MS01-036 Function Exposed via LDAP over SSL Could Enable Passwords to be Changed. Read more www.nipc.gov: "New Scanning Activity (with W32-Leaves.worm) Exploiting SubSeven Victims ". Read more www.zdnet.com: Feds warn of new worm threat. Read more news.cnet.com: Feds warn of rogue code. Read more vil.nai.com: W32/Leave.worm. Read more www.securiteam.com: LDAP over SSL Exposes Password Changing Function. Read more www.securiteam.com: Issues with Windows 2000 Encrypting File System and Disk Wipe Software. Read more www.securiteam.com: Additional Details Revealed on FrontPage Extensions Buffer Overflow. Read more www.securiteam.com: ePerl Circular Includes Vulnerability Allows Arbitrary Command Execution. Read more vil.nai.com: VBS/Merlin@MM. Read more web.lexis-nexis.com: BEWARE OF HACKER WHO HATES LAWYERS. Read more www.newsfactor.com: AOL Confirms ICQ Servers Hacked. Read more www.itworld.com: Hackers penetrate ICQ Web servers. Read more www.computerworld.com: Hackers penetrate America Online's ICQ Web servers. Read more www.computerworld.com: Asta Launches DDOS Detection Software. Read more slashdot.org: Hacking DirecTV over TCP/IP using Linux. Read more www.theregister.co.uk: Flaw means virus could disable Norton Anti-Virus. Read more news.cnet.com: Encryption flaw allows e-mail tricks. Read more biz.yahoo.com: Revenge of the Laid-Off Techies. Read more biz.yahoo.com: A Cold War in Cyberspace? Read more news.zdnet.co.uk: Security pros set up defence front. Read more news.cnet.com: European firms fear cybercrime most. Read more

26 June 2001 Konik 0.6 Snipernet 2.2 Source CERT� Advisory CA-1996-21 TCP SYN Flooding and IP Spoofing Attacks. Read more www.theregister.co.uk: Steve Gibson really is off his rocker. Madness writ large? Read more Internet Security Systems Security Alert Remote FrontPage Server Extensions Buffer Overflow. Read more NSFOCUS Security Advisory(SA2001-03) Microsoft FrontPage 2000 Server Extensions Buffer Overflow Vulnerability. Read more www.securiteam.com: Multiple Vendors 802.11b Access Point SNMP Authentication Flaw. Read more www.securiteam.com: Solaris /opt/SUNWssp/bin/cb_reset Buffer Overflow. Read more www.securiteam.com: W3m Malformed MIME Header Buffer Overflow. Read more skyscraper.fortunecity.com: VBA VIRUSES AND TROJANS. Read more www.symantec.com: SennaSpy Generator. Read more www.securityfocus.com: libICE Denial of Service Vulnerability. Read more www.securityfocus.com: XFree86 Xserver Denial of Service Vulnerability. Read more www.securityfocus.com: XDMCP Infinite Loop Denial of Service Vulnerability. Read more www.securityfocus.com: XFree86 4.0.1 /tmp Vulnerabilities. Read more www.newsbytes.com: 'Leave' Worm Targets PCs For Use In Possible DDoS Attack. Read more www.zdnet.com: Feds warn of new worm threat. Read more it.mycareer.com.au: Worm fears prompt new network safety warning. Read more www.ciol.com: SOS: A new virus on the prowl! Read more www.theregister.co.uk: Flaw means virus could disable Norton Anti-Virus. Read more www.vnunet.com: Concern grows over 'secret' hacking tool. Read more www.nwfusion.com: Start-up Mazu unveils device to stop DDoS attacks. Read more www.newsbytes.com: Adobe To Protect PDF Files From Viruses. Read more www.cnn.com: Printer bug found in Sun's Solaris software. Read more www.newsfactor.com: Levi's Sites Caught With Pants Down. Read more itmanagement.earthweb.com: Dress Your E-Security in Layers. Read more finance.individual.com: ADVISORY/Report from European Parliament Advises Internet Users to Encrypt Emails. Read more www.themoscowtimes.com: U.S. Official: Russians Working on Cyber War. Read more dailynews.yahoo.com: Survey: Security Password Picks Are Easy Prey. Read more it.mycareer.com.au: Bank confirms crackers break into website. Read more www.cnn.co: CIA official warns Congress of cyberattack danger. Read more news.excite.com: Europe: Net Crime-Stoppers. Read more www.nwfusion.com: Hitachi, Sanyo to unveil Palm secure memory card. Read more www.chicagotribune.com: Insiders beat out hackers as threat. Read more news.zdnet.co.uk: A Year Ago: Briton accused of Middle Eastern hacking. Read more

25 June 2001 Little Witch 4.1 www.adonai.fr.st: AdonAi is a Ftp Attack Tool designed for Windows user. Made by Del_Armg0. Read more BioNet Lite was tested by ColdWarTendencies. Read more www.pcflank.com: The goal of PC Flank is to make your interactions on the Internet safe and private. Our main concern is to help protect your computer. Read more www.securiteam.com: SMBd Remote File Creation Vulnerability. Read more www.symantec.com: W32.Leave.Worm. Read more www.idg.net: Backdoors, Trojan plague Usenet, says McAfee. Read more www.stuff.co.nz: Virus protection starts with knowledge. Read more www.gdgsoft.com: False virus alert with packages built by Paquet Builder. When upgrading to the virus signatures of June, some end users got alerts from Norton(r) Antivirus, a product from Symantec. Read more www.securiteam.com: Banking - Does It Belong Online? Read more www.8wire.com: Tech Alert: The .ida ISAPI Filter Offers Keyless Entry to IIS. Read more news.cnet.com: Hackers hoarding code to exploit server flaw. Read more www.boston.com: Worries of wireless. Read more news.cnet.com: 'Chinaman' dethrones 'Hacker' on cyber-terror hit parade. Read more www.theaustralian.news.com.au: High cost of too few checks on the email. Read more www.cnn.com: Woman Made Famous for Finding Encryption Algorithm. Read more www.economictimes.com: Business banter: Network Security. Read more www.ecommercetimes.com: Databases Exposed at Online Credit-Card Security Firm. Read more www.computeruser.com: U.K. fraudster gang steals $140,000 from e-tailers. Read more web.lexis-nexis.com: HACKERS TARGET TOP IRISH FIRMS. Read more

24 June 2001 Fraggle Rock 1.44 lite NetSpy 2.0.d Mantis 1.0 Source www.securiteam.com: Wired-side SNMP WEP Key Exposure in 802.11b Access Points. Read more www.securiteam.com: Malformed Word Document Enables Macro to Run Without Warning. Read more www.securiteam.com: FrontPage Server Extension Sub-Component Buffer Overflow Vulnerability. Read more www.securiteam.com: Solaris /opt/SUNWvts/bin/ptexec Buffer Overflow Vulnerability. Read more www.cert.org: How the FBI Investigates Computer Crime. Read more www.8wire.com: Secure FTP via SSH Tunnel. Read more www.guardianunlimited.co.uk: Get ahead - get a security blanket. Read more www.vnunet.com: US spooks fear the hackers. Read more iwsun4.infoworld.com: CIA official warns Congress of cyberattack danger. Read more news.zdnet.co.uk: Russia and China pose cyberthreat. Read more www.theregister.co.uk: 'Chinaman' dethrones 'Hacker' on cyber-terror hit parade. Read more

23 June 2001 BioNet 3.18 ME www.securitystorm.net: Pulse is a network stress tool that allows system administrators to test their network security. Pulse is designed to test network firewalls' ability to stop common denial of service attacks. Read more Gibson Posts List of Attack Sites After weathering seven denial of service attacks in a little over one month,Steve Gibson has decided to name names. He has successfully logged the addresses of 195 machines that were used by the attackers to flood GRC.com with data. In a move designed both to prod the operators into patching their systems, and to cut the legs out from under his attackers, Gibson has posted a list of the machines at his site. Read more project.honeynet.org: Know Your Enemy: Honeynets. Read more Microsoft Security Bulletin MS01-035 FrontPage Server Extension Sub-Component Contains Unchecked Buffer. Read more Microsoft Security Bulletin MS01-034 Malformed Word Document Could Enable Macro to Run Automatically. Read more Microsoft Security Bulletin (MS00-077) Patch Available for "NetMeeting Desktop Sharing" Vulnerability. Read more www.symantec.com: W32.Storm.Worm is a worm that seeks out Microsoft Internet Information Services (IIS) systems that have not applied the proper security patches. Any such systems that it finds are then infected with the worm. The payload of this worm performs a denial-of-service attack on http://www.microsoft.com. Read more www.symantec.com: Backdoor.Bionet.318. Read more www.securiteam.com: Trend Micro InterScan VirusWall FtpSaveCSP.dll Buffer Overflow. Read more linuxtoday.com: Red Hat Security Advisory: Kernel: FTP iptables vulnerability in 2.4 kernel and general bug fixes. Read more www.zdnet.com: Hackers wait to exploit MS server flaw. Read more news.cnet.com: Hackers hoarding code to exploit server flaw. Read more www.ntsecurity.net: IP Security Filtering. Read more www.newsbytes.com: Security Expert Publishes List of Attack Sites. Read more webserv.vnunet.com: Startups aim to prevent DoS attacks. Read more www.itworld.com: Bug in Word can lead to security problems. Read more www.newsbytes.com: Web Site Crackers Strike Microsoft Servers Again. Read more www.idg.net: Backdoors, Trojan plague Usenet, says McAfee. Read more www.theregister.co.uk: Porn spam flood swamps Usenet. Read more www.newsbytes.com: Symantec Downplays Disabling Attack On Norton AntiVirus. Read more www.pcworld.com: Word Bug Can Permit Malicious Macros. Read more www.wired.com: U.S.: Fear Countries, Not Hackers. Read more news.cnet.com: Will hacking become the new warfare? Read more www.smh.com.au: Anti-globalisation groups prepare for online battle. Read more www.securityfocus.com: California indictment in Russian hacks. Read more www.computeruser.com: CIA official: Hackers are too fast. Read more www.themoscowtimes.com: Hacker Indicted in U.S. Read more www.newsbytes.com: Hacked EU Site Back Online, But Attack Continues. Read more news.zdnet.co.uk: Confidential reports to aid cybercrime crackdown. Read more news.bbc.co.uk: Which? under fire over security scare. Read more www.usatoday.com: Spotlight turned on FBI computer systems. Read more www.theregister.co.uk: PC market slowdown hits Symantec. Read more www.wired.com: E-Commerce Fears? Good Reasons. Read more

22 June 2001 MoonPie 1.35 beta 3 GhostSpy 1.0 project.honeynet.org: Know Your Enemy: Passive Fingerprinting. Read more www.securityfocus.com: Chasing the Wind, Part Seven: An Ill Wind. Read more whitehats.com: Lion Internet Worm Analysis. Read more users.rcn.com: Accidental Trojan Horses: Security problems in Windows 98 PCs. Read more www.securiteam.com: Remote Buffer Overflow in MDBMS. Read more www.securiteam.com: Remote Buffer Overflow Vulnerability in Solaris Print Protocol Daemon. Read more www.viruslist.com: Goga Warning Continues. Read more news.excite.com: Windows XP: More Holes Than Swiss Cheese. Read more jumpfn.123jump.com: Web Site Crackers Strike Microsoft Servers Again. Read more www.securitywatch.com: Three Microsoft sites in 30 minutes!. Read more www.itworld.com: Lufthansa fights off denial-of-service attack. Read more enterprisesecurity.symantec.com: Top Department of Justice Official Outlines Priority List to Combat Cybercrime. Read more www.newsbytes.com: Symantec Downplays Disabling Attack On Norton AntiVirus. Read more www.securitywatch.com: More info on Norton Anti-Virus remote disabling vulnerability. Read more See also "Disabling NAV by SennaSpy" published on MegaSecurity on 10 june 2001. Read more www.itworld.com: Solaris bug gives hackers free rein. Read more www.sunspot.net: Official: Hackers move too fast for CIA. Read more www.dallasnews.com: CIA a step behind hackers, Congress told. Read more investor.cnet.com: CIA says it can't keep up with hackers. Read more www.themoscowtimes.com: Hacker Indicted in U.S. Read more www.newsbytes.com: Russian Hacker Indicted On Wire Fraud, Extortion Charges. Read more dailynews.yahoo.com: Russia, China Working on Cyber Warfare -US Official. Read more news.bbc.co.uk: Kournikova virus suspect faces court hearing. Read more www.chosun.com: Fifteen Year Old Becomes 'Hacker Queen'. Read more web.lexis-nexis.com: The battle to stop viruses. Read more www.ctnow.com: Is Your Computer Spying On You? Read more washingtonpost.com: Firewall Software Guards Against Internet Attacks. Read more www.accessatlanta.com: $89,911 phone bill. Read more

21 June 2001 FraggleRock 1.43 Lite by Gobo. project.honeynet.org: Know Your Enemy: Worms at War. Read more www.securityfocus.com: Chasing the Wind, Episode Six: The Gathering Storm. Read more Hping2 is a network tool able to send custom ICMP/UDP/TCP packets and to display target replies like ping does with ICMP replies. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under supported protocols. Using hping2, you can: test firewall rules, perform [spoofed] port scanning, test net performance using different protocols, packet size, TOS (type of service), and fragmentation, do path MTU discovery, tranfer files (even between really Fascist firewall rules), perform traceroute-like actions under different protocols, fingerprint remote OSs, audit a TCP/IP stack, etc. hping2 is a good tool for learning TCP/IP. Read more xforce.iss.net: Multiple Oracle Listener Denial of Service Vulnerabilities. Read more xforce.iss.net: Remote IIS Index Server ISAPI Extension Buffer Overflow. Read more xforce.iss.net: Multiple Vendor 802.11b Access Point SNMP authentication flaw. Read more xforce.iss.net: Wired-side SNMP WEP key exposure in 802.11b Access Points. Read more www.securiteam.com: SurfControl SuperScout can be Bypassed Using Split Packets. Read more www.securiteam.com: Cisco TFTPD Security Vulnerability (Directory Traversal). Read more www.securiteam.com: Oracle Redirect Denial of Service (Incomplete Connection). Read more www.securiteam.com: Buffer Overflow Found in GazTek HTTP Daemon (GET). Read more www.securiteam.com: Rxvt Buffer Overflow Vulnerability. Read more www.zdnet.com: You might be surprised who's hacking you. Read more computerworld.com: Brief: Lufthansa fights off denial-of-service attack. Read more biz.yahoo.com: Maker of Kournikova Virus to Be Prosecuted. Read more www.theregister.co.uk: Kournikova suspect to stand trial in September. Read more www.iol.co.za: Send teen hacker Mafiaboy to jail, court told. Read more www.vnunet.com: Hacker Mafiaboy 'deserves' jail term. Read more www.wired.com: Anti-Virus Board Gets Sick. Read more news.zdnet.co.uk: Microsoft urges urgent action on Windows security hole. Read more www.newsbytes.com: Solaris Bug Gives Attackers System-Level Access. Read more www.nzherald.co.nz: Insiders more of a threat than hackers, says survey. Read more web.lexis-nexis.com: Experts Speak About Cyber-Terrorism at Bedford, N.H., Forum. Read more www.ecommercetimes.com: 'E' Stands for Exposure. Read more

20 June 2001 MoSucker 2.2 by Krusty. Go to "Top Trojan Sites" to visit Krusty`s Site. project.honeynet.org: Know Your Enemy: Motives. Read more www.securityfocus.com: Chasing the Wind, Episode Five: The Devil in the Details. Read more packetstorm.securify.com: Introduction to Denial of Service. Read more Juno is a SYN flooder, which means that it's a program that floods a network connection with SYN packets. It can thus be summed up as a Denial of Service tool. There are actually two versions of Juno available. This article will focus on Juno-z_101, which was written by Sorcerer and is a rewrite of the original program, Juno.c. Read more www.safemode.org: Defaced web sites. Read more www.symantec.com: IRC.Mimic is an mIRC script which may cause infected computers to participate in Distributed Denial of Service attacks. Read more securityportal.com: (Un)authorized Access. Read more securityportal.com: Macintosh Malware Database. Read more www.eeye.com: All versions of Microsoft Internet Information Services Remote buffer overflow (SYSTEM Level Access). Read more www.securiteam.com: Additional Details Released on the IIS Remote Buffer Overflow (Indexing Service, IDA). Read more xforce.iss.net: Remote IIS Index Server ISAPI Extension Buffer Overflow. Read more cve.mitre.org: CERT Advisory CA-2001-13 Buffer Overflow In IIS Indexing Service DLL. Read more www.securiteam.com: Norton Antivirus Real-time Protection can be Deactivated. Read more www.securiteam.com: Multiple Vulnerabilities Found in AMLServer. Read more www.securiteam.com: Unchecked Buffer in Index Server ISAPI Extension Leads to Web Server Compromise. Read more www.symantec.com: IRC.Whacked.Worm. Read more www.symantec.com: VBS.Kidarcade.F. Read more australianit.news.com.a: Hole in Microsoft's web. ead more www.itworld.com: Another serious security hole found in Microsoft IIS. Read more www.theregister.co.uk: MS confronts another IIS system-level hole. Read more www.thestandard.com: Who Let the Wolves In? Read more www.belfasttelegraph.co.uk: Viruses 'could be used as future weapons'. Read more www.zdnet.com: What hackers can teach you about security. Read more www.theregister.co.uk: Ultimate in Internet security or anti-hacker hype? Read more www.themoscowtimes.com: 'Unstable' Hacker Faces Jail Time. Read more www.canoe.ca: Mafiaboy must be jailed, says social worker. Read more jumpfn.123jump.com: Montreal hacker Mafiaboy must be jailed so he won't reoffend says social worker. Read more www.vny.com: Secret Service trying to educate on Cybercrime. Read more www.boston.com: Ex-tech worker gets jail term in hacking. Read more pacific.bcentral.com: Asia hacker activity rises. Read more web.lexis-nexis.com: Cyberspace is the next battlefield U.S., foreign forces prepare for conflict unlike any before. Read more web.lexis-nexis.com: In War Against Cyberspace Intruders, Knowledge Is Power. Read more

19 June 2001 Ultimate RAT 2.0.b project.honeynet.org: Know Your Enemy: A Forensic Analysis. Read more www.securityfocus.com: Chasing the Wind, Episode Four: Through a Glass, Darkly. Read more Microsoft Security Bulletin MS01-033 Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise. Read more staff.washington.edu: DDoS -- Is There Really a Threat? Read more dailynews.yahoo.com: DDoS attackers raising the bar. Distributed denial-of-service attacks�which by some estimates total more than 4,000 a week�are likely to get much worse as the perpetrators hone their skills and new weaknesses in popular platforms are discovered and exploited. Read more www.idg.net: Start-ups go on attack vs. denial-of-service threat. Read more news.zdnet.co.uk: Security pros dig in for new DoS attacks. Read more www.itworld.com: Asta Networks uses Vantage to fight DoS. Read more web.lexis-nexis.com: MICROSOFT DEFENDS XP SECURITY STATUS. Read more www.antionline.com: Windows Xp and DDoS. Read more www.securiteam.com: OpenBSD Local Root Compromise (Kernel Race). Read more www.cisco.com: Cisco 6400 NRP2 Telnet Vulnerability. Read more www.nwfusion.com: Another serious security hole in Microsoft IIS. Read more www.newsfactor.com: Computer Viruses Easier to Write, Harder to Fight. Read more www.theregister.co.uk: NSA secures Win-2K. Read more www.thestandard.com: Victor Sheymov: Changing Addresses, Stopping Hackers. Read more www.theage.com.au: Cola competition hacked. Read more www.kcstar.com: Communitech.Net inadvertently hosted hackers' Web site. Read more www.idg.net: Hacker vigilantes strike back. Read more www.computerworld.com: Weak security taints directory. Read more www.vnunet.com: Cyberwar hacker avoids prison. Read more web.lexis-nexis.com: EU Plans Anti-Hacking Crackdown. Read more web.lexis-nexis.com: Russia: Computer crime on the rise. Read more

18 June 2001 Kamikaze project.honeynet.org: Know Your Enemy: III. Read more www.securityfocus.com: Chasing the Wind Episode Three: From Out of the Blue. Read more www.s21sec.com: SING is a tool that sends fully customized ICMP packets from the command line. Its main purpose is to replace and complement the ping command, adding certain enhancements as fragmentation, sending and receiving spoofed packets, sending many ICMP information types. Read more www.ecst.csuchico.edu: Beej's Guide to Network Programming Using Internet Sockets. Read more A brief programming tutorial in C for raw sockets. Read more "Tribe Flood Network 3000": A theoretical review of what exactly Distributed DOS tools are, how they can be used, what more dangerous features can be implemented in the future, and starting points on establishing Network Intrusion Detection Rules for DDOS. Read more Learning to cope with the SYNs of the Internet by NightAxis and Rain Forest Puppy. Read more Strategies for Defeating Distributed Attacks. Read more www.securiteam.com: Cisco 6400 NRP2 Telnet Vulnerability. Read more www.securiteam.com: The Dangers of Allowing Users to Post Images (Cross-Site Request Forgeries). Read more www.securiteam.com: JRun Vulnerable to JSP Cross-Site Scripting. Read more www.securiteam.com: Apache Artificially Long Slash Directory Listing Exploit Code. Read more www.securiteam.com: BIND Inadvertent Local Exposure of HMAC-MD5 (TSIG) Keys. Read more linuxtoday.com: Debian Security Advisory: two xinetd problems. Read more observer.co.uk: A hacker's dream - from Microsoft. Smart Tags enables Microsoft - through the browser running on your PC - to re-edit anybody's site, without the owner's knowledge or permission, in a way that tempts users to leave and go to a site chosen by Microsoft. Read more www.counterpane.com: DDOS Attacks Against grc.com. Read more www.newsbytes.com: New Tool Will Expose Security-Slacker ISPs. Steve Gibson, president of Gibson Research Corp., is developing a free tool that will hold ISP's feet to the fire if they have not implemented a security technique known as "egress filtering." Read more www.cnn.com: Microsoft has third go at plugging Exchange hole. Read more www.theregister.co.uk: NSA secures Win-2K. Read more cryptome.org: Windows 2000 Security Recommendation Guides. Read more linuxtoday.com: osOpinion: Carnivore 'No Problem' for New E-Mail Encryption. Read more www.nypostonline.com: CYBER-WHIZ WILL HELP FBI, INSTEAD OF �HACKING' JAIL. Read more www.latimes.com: Hacker Attack Sends Shock Through Cal-ISO. Read more inq.philly.com: Fired workers taking revenge through hacking. Read more dailynews.yahoo.com: Nasty mobile e-mail scares Japan. Read more DJ TVA Workers Compromised Computer Security - Report. Read more

17 June 2001 Theef 1.1 project.honeynet.org: Know Your Enemy: II. Read more www.securityfocus.com: Chasing the Wind Episode Two: Raising the Stakes. Read more www.securiteam.com: Security Bug in Internet Explorer Gives Remote File Access. This is a security bug, as it should be impossible to read any file on the client's file system. Of course, the file should have a correct JavaScript or VBScript syntax and the filename should be known. However, it is easy to image how this security hole can be misused. This bug does not utilize and Active X component making it more dangerous than previously found security holes. Read more www.securiteam.com: XFree86 XFS Vulnerable to DoS (Garbled Connection). Read more www.securiteam.com: GMX Webmail Vulnerable to JavaScript Embedding. Read more www.securiteam.com: Buffer Overflow in BestCrypt for Linux. Read more www.securiteam.com: Anonymous Access? Not Quite Yet. Read more vil.nai.com: Backdoor-QN. Read more www.all.net: The Deception Toolkit. Read more www.sundayherald.com: Firms told: neglect the threat of hackers at your peril. Read more www.vnunet.com: Mouse hole in device security. Read more web.lexis-nexis.com: Hacker Attack Sends Shock Through Cal-ISO. Read more web.lexis-nexis.com: Castro: No cyberattack plan;U.S. official had warned of possible Internet-based strike. Read more www.internetnews.com: NetWare Aims to Secure LAN/WAN Networks. Read more

16 June 2001 SmallFun 1.1 project.honeynet.org: Know Your Enemy: Honeynets. Read more www.securityfocus.com: Chasing the Wind Episode One: No Place to Hide. Read more www.securiteam.com: Trend Micro VirusWall Allows Reconfiguration without Authentication. Read more www.securiteam.com: PassWD2000 Weak Encryption Vulnerability. Read more www.securiteam.com: UnixWare TERM Environment Security Vulnerability. Read more www.linux.com: Linux.com Security: Firewalls; IPtables and Rules. Read more securityportal.com: ADSL: Security Risks and Countermeasures. Read more www.ntsecurity.net: NSA Releases Win2K Security Recommendation Guidelines. Read more www.newsbytes.com: Hacker Turns RTF Exploit Theory Into Reality, Kaspersky Says. Read more www.silicon.com: Trojan horse carries away internet secrets. Read more www.securitywatch.com: �Goga� Trojan likes RTF. Read more www.symantec.com: W97M.Gogaru.A. Read more www.vnunet.com: Trojans a-Goga in Microsoft Word. Read more www.zdnet.com: New virus tools raise concerns. Read more www.totaltele.com: Mobile virus threat reiterated as I-mode users hit. Read more www.silicon.com: Virus attacks soar to record high. Read more www.zdnet.com: Israeli hackers blamed for UAE site attack. Read more www.yomiuri.co.jp: 80 organizations cracked by hackers, survey finds. Read more www.theregister.co.uk: Solar Sunrise hacker 'Analyzer' escapes jail. Read more www.dawn.com: Legislator resents FBI snooping. Read more www.blackhat.com: The Black Hat Briefings. Read more www.japantimes.co.jp: Hackers hit 20% of firms, NPA says. Read more www.newsbytes.com: Hacked European Union Site Pulled Offline. Read more www.newsbytes.com: Hacker Attacks Continue To Rise In Korea - Study. Read more www.ananova.com: Hacker invades Brazil's 'Ministry of Blackouts' website. Read more www.reuters.com: Alleged Israeli Hackers Deface UAE News Web Site. Read more www.securitywatch.com: Evilhackers defaced three times!!! Read more www.securitywatch.com: Japanese virus count triples. Read more www.securitywatch.com: Stack overflow fixed in BestCrypt. Read more www.nationalpost.com: Firms trading on Internet defenceless, expert says. Read more www.smh.com.au: Mafiaboy faces two years' jail for hacking. Read more www.montrealgazette.com: Hacker 'gloating,' court told. Read more www.bday.co.za: Directors risk cybercrime suits. Read more www.hindustantimes.com: Indian hacker rings false. Read more www.computerworld.com: Legislation urged to protect corporate data, theft of e-mail addresses. Read more webserv.vnunet.com: Bug Watch: The encryption solution. Read more www.wired.com: Hoosier Favorite Hack Victim? Read more www.timesofindia.com: Ways to deter hackers discussed. Read more www.wirelessnewsfactor.com: 'Malicious Hackers' Penetrate DoCoMo I-Mode Phones. Read more

15 June 2001 MoonPie 1.3 b Georgi Guninski security advisory #47, 2001 OpenBSD 2.9,2.8 local root compromise Systems affected: OpenBSD 2.9,2.8 There is local root compromise in OpenBSD 2.9, 2.8 due to a race probably in the kernel. This is quite similar to the linux kernel race several months ago. Read more www.securityfocus.com: Microsoft Exchange OWA Embedded Script Execution Vulnerabilit. Read more www.newsbytes.com: Bug Can Expose Anonymizer Users � Correction. Read more www.securiteam.com: Mac OS X Apache and Case Insensitive Filesystem Vulnerability. Read more www.securiteam.co: SITEWare Source Code Disclosure and Arbitrary File Retrieval Vulnerability. Read more www.zdnet.com: Word flaw opens door to Trojan horse. Read more news.cnet.com: Trojan horse exploits Microsoft Word. Read more www.securiteam.com: SQL Query Method Enables Cached Administrator Connection to be Reused. Read more www.securiteam.com: HP OpenView NNM Allows Execution of Commands via SNMP Traps. Read more www.securiteam.com: Local Root from /usr/bin/man and /etc/cron.daily/makewhatis.cron. Read more www.securiteam.com: Solaris 'at' Command Allows Arbitrary Command Execution (Format String). Read more www.securiteam.com: Tomcat Reveals Script Source Code by URL trickery (Double Encoding). Read more www.newsbytes.com: Hacker Turns RTF Exploit Theory Into Reality, Kaspersky Says. Read more www.nikkeibp.asiabiztech.com: Virus Infections in January-May Triple from Year Ago: IPA. Read more www.gnomedex.com: The world's first GnomeCONVENTION The Conference for Curious Computer Users. Read more www.codeguru.com: Raw TCP/IP library for Windows 2000. Read more www.idg.net: What is a Denial of Service Attack? Read more www.softactivity.com: Activity Monitor 2001. View remotely in real time screens of the remote computers, typed keystrokes, used applications. Read more www.zdnet.com: Microsoft: We messed up. System administrators who rely on Microsoft's Exchange e-mail server software are hoping the third time's a charm for the software giant. Read more www.itworld.com: Will three times be the charm for Exchange security fix? Read more news.zdnet.co.uk: McVeigh "video" file contains SubSeven Trojan. Read more news.zdnet.co.uk: Creative accused of 'spyware' It may act like a Trojan horse but it's there to help you, Creative says. Some angry users disagree. Read more support.microsoft.com: Qfecheck.exe Verifies the Installation of Windows 2000 Hotfixes. Read more www.cisecurity.org: PatchWork: A Tool to Test For Vulnerabilities Used By Russian Hackers. Read more www.ntsecurity.net: New Tweaks and Tools. Read more www.sarc.com: Virus Definitions Added by Symantec. Read more iwsun4.infoworld.com: House leader wants a second investigation of FBI's Carnivore. Read more www.newsbytes.com: German Firm Forms Special Anti-Hacker Team. Read more www.newsbytes.com: State Sites Facing 'World of Hell'. Read more www.newsfactor.com: Hackers Aim at Computer Security Sites. Read more www.netimperative.com: EC website downed by hackers. Read more www.japantoday.com: Computer hackers in epidemic say cops. Read more www.timesofindia.com: Ways to deter hackers discussed. Read more www.dallasnews.com: Hackers target Lottery Web site. Read more www.ireland.com: Hacker court hearing begins in Montreal. Read more www.canoe.ca: Witnesses dismiss Mafiaboy's defence. Read more www.wired.com: Hoosier Favorite Hack Victim? Read more www.zdnet.com: Humans opened the door for Calif. power hack. Read more www.newsbytes.com: DoCoMo Warns I-Mode Users Of E-Mail Attacks. Read more www.newsbytes.com: ASPSiam Launches Encrypted E-Mail Service In Thailand. Read more webserv.vnunet.com: Always-on GPRS a hacker's dream. Read more

14 June 2001 Bionet Version 3.17 BuschTrommel 1.0 Cyn 1.03.b server Trojan.Eurosol. Read more Anybody has a copy for us? Submit www.securityfocus.com: Reg duped in D.I.R.T. debacle. Read more Anybody has a copy for us? Submit www.f-secure.com: Hadra worm. Read more www.stuff.co.nz: McVeigh "video" file disguises virus. Read more Microsoft Security Bulletin MS01-030 Incorrect Attachment Handling in Exchange OWA Can Execute Script. Read more xforce.iss.net: BIND Inadvertent Local Exposure of HMAC-MD5 (TSIG) Keys. Read more www.securiteam.com: WebStore Remote Command Execution. Read more www.securiteam.com: BiblioWeb's Built-in Web Server Vulnerable to DoS (long URL). Read more www.securiteam.com: HPUX Old-style Exploit for Cau. Read more www.securiteam.com: Exploit Code for Su-Wrapper Released. Read more www.securiteam.com: Sudo Voodoo (Exploit). Read more www.securiteam.com: Buffer Overflow Found in XInetd (log.c). Read more www.vnunet.com: NSA unveils security-enhanced Linux. Read more it.mycareer.com.au: Witnesses say teen hacker intended to disable net sites. Read more www.newsfactor.com: Hackers Aim at Computer Security Sites. Read more www.cw360.com: Dutch hackers breach EC site. Read more www.computerworld.com: Hackers deface EC Web site in 2nd incident. Read more www.dallasnews.com: Hackers target Lottery Web site. Read more www.theregister.co.uk: EU's safer Internet site hacked and down. Read more it.mycareer.com.au: Canadian hacker 'Mafiaboy' awaits sentence. Read more www.theregister.co.uk: McVeigh lives on! Read more web.lexis-nexis.com: INTERNET SECURITY Web Visits Are DOA With DoS Hackers make thousands of denial-of-service attacks daily - and some succeed. Read more

13 June 2001 Trojan Generator 2001 a by SennaSpy and SkBeta. Artic 0.6 beta AVP antivirus Reverse Engineer by SennaSpy. Read more Microsoft Security Bulletin MS01-032 SQL Query Method Enables Cached Administrator Connection to be Reused. Read more www.securiteam.com: DoS.Storm.Worm Analysis. Read more www.securiteam.com: Broker FTP Server Vulnerable to DoS (dot space dot). Read more linuxtoday.com: Debian Security Advisory: man-db symlink attack. Read more www.salon.com: New computer virus offers McVeigh execution video. Read more www.pcadvisor.co.uk: Simpsons worm found in Apples. Read more www.individual.com: Qualys Network Vulnerability Scanning Platform Tops 1,000 Online Vulnerability Tests Demonstrates Platform at Gartner Group Security Conference. Read more linuxtoday.com: IEEE Spectrum: Learning from Hackers. Read more web.lexis-nexis.com: Man faces charges of computer hacking. Read more it.mycareer.com.au: Canadian hacker 'Mafiaboy' awaits sentence. Read more news.cnet.co: As cybercrime rises, officials seek help. Read more dailynews.yahoo.com: Hackers break into computers at IU again. Read more www.newsbytes.com: Hackers Stumbled Upon California Power Company. Read more www.chicagotribune.com: Hacker invades IU student records. Read more www.idg.net: Hackers taunt European Commission with site defacement. Read more hoovnews.hoovers.co: Finding pros for IT security (eWEEK PCWK). Read more

12 June 2001 Remote Hack 1.5 Latinus 1.2 source grc.com: Why Windows XP will be the Exploitation Tool of Choice for Internet Hackers Everywhere. The huge number of Windows XP machines will motivate hackers to find new ways into those machines � AND THEY WILL. Then users of Windows XP machines will become the most sought-after target for penetration. Read more www.theregister.co.uk: Security geek developing WinXP raw socket exploit. Read more www.guardian.co.uk: Teenage clicks. Edited transcript of a conversation between Gibson and the creator of the bot software over an IRC (internet relay chat) channel. Read more Windows XP will make Internet unstable - top security expert. Read more news.zdnet.co.uk: Microsoft zombie hacker denial condemned. Read more www.insecure.org: Remote OS detection via TCP/IP Stack FingerPrinting by Fyodor. Read more Microsoft Replaces Flawed Security Fix. Patch was designed to protect e-mail systems against hackers, but instead it kept authorized users out. Read more iwsun4.infoworld.com: Microsoft posts new Exchange patch. Read more Multiple Vulnerabilities in Microsoft Windows 2000 Telnet. Seven different vulnerabilities exist in the version of Telnet that Microsoft ships with Windows 2000. Read more www.securitywatch.com: Additional Details Released on the Windows Telnet Server Vulnerability. Read more www.securitywatch.com: Permissions bug in Windows 2000 Server. An anonymous bughunter has detected a bug in Windows 2000 Server that causes its Allow Inheritable Permissions and NTFS file permissions to change unexpectedly and without notification. Read more www.securitywatch.com: Trend Micro VCS bug skips admin authentication. Read more www.zdnet.com: 'AOL virus': Joke's on you. Read more iwsun4.infoworld.com: D'oh! Simpsons worm hits Macs. Read more D'oh! My Mac has the Simpsons virus. Read more www.zdnet.com: A message to virus bozos. Read more www.symantec.com: VBS.Pando.B. Read more www.symantec.com: DoS.Storm.Worm. Read more www.securiteam.com: Breaking Network Solutions' Crypt-PW Authentication-Scheme. Read more www.securiteam.com: VirtualCart Source Code Viewing Problem (Template). Read more www.securiteam.com: WatchGuard SMTP Proxy Bypassing (Boundary). Read more www.securiteam.com: OpenSSH Allows Deletion of Other Users' Cookie Files. Read more www.vnunet.com: Office XP cracked, say bootleggers. There is increasing evidence on the internet that Microsoft's flagship Office XP has been cracked, despite Microsoft's denials. Read more grove.ufl.edu: FINDING FENCES IN CYBERSPACE: PRIVACY AND OPEN ACCESS ON THE INTERNET. Read more www.itsecurity.com: Internet Security Systems opens facility dedicated to worldwide security threat intelligence. Read more www.itsecurity.com: If Big Brother Is Watching You, Then Let AWPTA Watch Big Brother. Read more uk.news.yahoo.com: Old-timers lead Russian cyber crime wave. Read more www.newsbytes.com: Virginia Government Data Web Site Hacked. A hacker group known as "World of Hell" brought a world of headache on administrators at Virginia's Department of Information Technology this weekend. Read more www.securitywatch.co: Populist rebel defaces Philippine central bank site. Read more www.securitywatch.co: Kiwi hacker loses major battle. Read more web.lexis-nexis.com: Internet is under constant barrage. Read more web.lexis-nexis.com: Hackers bedevil city site twice over the weekend. Read more web.lexis-nexis.com: Porn-seeking rogue virus raises concerns. Read more www.zdnet.com: The social engineering of security. Read more Not so secure? Read more www.internetnews.com: EU Steps Up e-Security. Read more

11 June 2001 Little Witch 4.0.b Softwar ShadowThieft Source www.ntsecurity.net: Windows XP to Sport Unix-like Raw Sockets. Read more securityportal.com: Denial of Service (DoS) FAQ. Read more www.net-security.org: Start your day with a cup of DoS. Read more www.big.net.au: SYSCALL REDIRECTION WITHOUT MODIFYING THE SYSCALL TABLE. This article describes a technique of redirecting system calls without modifying the sys call table (implemented in Linux). Read more grove.ufl.edu: FINDING FENCES IN CYBERSPACE: PRIVACY AND OPEN ACCESS ON THE INTERNET. Read more www.securiteam.com: Exim Header Check Format String Bug. Read more www.securiteam.com: Kmmodreg Vulnerable to Race Condition. Read more networking.earthweb.com: The Future of Operating Systems Security. Read more www.zdnet.com: Exchange patch leads to mail problems. Read more iwsun4.infoworld.com: Tripwire CTO: Security requires new thinking. Read more www.newsbytes.com: Anti-Virus Programs Sniff Out What Bugs Your Computer. Read more www.economictimes.com: Policing cyberia. Read more asia.internet.com: Dizzying Days for Security Outsourcers. Read more linuxtoday.com: IEEE Spectrum: Learning from Hackers. Read more linuxtoday.com: UnixInsider.com: Building blocks to security: Passwords -- the first line of defense. Read more www.nzherald.co.nz: Password ruling blow to accused hacker. Read more www.inq7.net: Central bank website hacked; BSP denies LAN also breached. Read more www.latimes.com: Hackers Victimize Cal-ISO. Read more news.cnet.com: Hackers threatened California power supply. Read more salon.com: Report: Hackers threatened Calif. power system. Read more

10 June 2001 Remote Administration Tool Latinus 1.0 Source Disabling Norton Antivirus 2001 by SennaSpy. Read more Microsoft Security Bulletin MS01-030 Incorrect Attachment Handling in Exchange OWA Can Execute Script. Read more www.securiteam.com: Rc.Firewall, an IPChains Based Firewall. Read more www.securiteam.com: Buffer Overflow in TIAtunnel. Read more www.securiteam.com: Doing Syscall Redirection without Modifying the Syscall Table. Read more www.dwheeler.com: Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. *** Why Windows XP will be the Exploitation Tool of Choice for Internet Hackers Everywhere. Read more Microsofts Answer. Hostile Code, not the Windows XP Socket Implementation, is the Real Security Threat. Read more www.theregister.co.uk Everything you wanted to know about DDoS attacks. Read more www.zdnet.com: Battle rages over Windows XP security. Read more www.theregister.co.uk: Network ICE hits back over Gibson jibes. Read more www.theregister.co.uk: Leading security expert on the end of DDoS attacks. Read more www.individual.com: Windows XP/ A Hacker's Dream? Read more *** www.vnunet.com: Zombie army attacks Microsoft. Read more www.theregister.co.uk: Win2k better than other MS OSes, but worse than Unix - report. Read more www.washtech.com: Anti-Virus Programs Sniff Out What Bugs Your Computer. Read more www.reuters.com: Hackers Hit Computers Running Calif.'s Power Grid. Read more news.cnet.com: Hackers threatened California power supply. Read more www.latimes.com: Hackers Victimize Cal-ISO. Read more sns.chicagotribune.com: Report: Calif. power grid was threatened by hackers. Read more

09 June 2001 MoonPie 1.35 beta 2 Syphillis Source Nexus 5.7, a MIRC Trojan Scanner. A privacy group hopes to scare Web bugs out of hiding. The Privacy Foundation released free software Thursday that helps consumers detect when a site or e-mail contains a Web bug--a barely visible tracking tag, also known as clear GIFs, used mainly by marketers to monitor consumer habits online. Consumers can download the software, a browser add-on for Microsoft's Internet Explorer, at the site Bugnosis. The software does not work with other browsers. www.linux.com: Introduction to Port Scanning. Read more www.securityfocus.com: The Trouble With Tripwire: Making a Valuable Security Tool More Efficient. Read more www.securiteam.com: Outlook Express Address Book Spoofing. Read more www.securiteam.com: Predictable Name Pipes Enable Privilege Elevation via Telnet. Read more iwsun4.infoworld.com: Worm targets Gates with e-mail bomb. Read more news.cnet.com: Worm launches Microsoft attack. Read more www.newsbytes.com: Virus Experts Say Worm Is Bent On Spamming Bill Gates. Read more www.newsfactor.com: New Worm Attacks Microsoft Sites, Mail-Bombs Gates. Read more news.cnet.com: "AOL virus" joke fooling some. Read more www.symantec.com: VBS.Reaper. Read more www.symantec.com: VBS.Reset. Read more www.itworld.com: Viruses may soon be on a handheld near you. Read more cryptome.org: Functional specifications for lawful interception of Internet traffic in The Netherlands. Read more Update www.vancouversun.com: Culture of 'hacktivism' dangerous for teens. Read more www.itworld.com: Philippines reopens Love Bug virus case. Read more www.newsbytes.com: E-mail Attack Can Defeat Eudora Security. Read more web.lexis-nexis.com: Newsbytes Hacker-Security Review 06/07/01. Read more www.canoe.ca: Site puts private cell calls on Web. Read more

08 June 2001 Chat Power Cyn 1.03.a server www.lavasoft.de: Ad-aware. Remove ad-serving and spyware components that are installed when you use ad-supported software. Read more www.nexrealm.com: The worlds first and only continuous real-time authentication system for the windows 2000 platform. Read more www.tinysoftware.com: Tiny Personal Firewall (TPF) is a powerful and free utility designed to protect home cable and DSL connections. Read more Microsoft Security Bulletin MS01-031 Predictable Name Pipes Could Enable Privilege Elevation via Telnet. Read more www.securiteam.com: Incorrect Attachment Handling in Exchange 2000 OWA Can Execute Scripts. Read more www.securiteam.com: Shambala FTP server Directory Traversal. Read more www.securiteam.com: O'Reilly WebBoard JavaScript Code Execution Problem (Character Escape). Read more www.securiteam.com: InterScan VirusWall Remote Configuration Vulnerability (FtpSave.dll). Read more www.newsbytes.com: Bulgarian Bugmeister Turns His Gaze To Sun. Read more www.itworld.com: Exchange 2000 flaw could open mailbox to hacker. Read more www.computerworld.com: European 'safer Internet' site hit by hackers. Read more news.zdnet.co.uk: Windows XP slammed as gift to 'zombie' hackers. Read more www.newsbytes.com: Windows XP: A Hacker's Dream? Read more www.boston.com: The infiltration of 'spyware'. Read more www.securitywatch.com: Peace not on agenda for script kiddie. Read more www.theregister.co.uk: Network ICE CTO responds to further BlackICE criticisms. Read more www.post-gazette.com: Cybercreeps trick some into deleting files. Read more www.iht.com: Hackers: Not Always Bad And Not Just a Man's Club. Read more www.nzherald.co.nz: Court ruling critical to hacker charges. Read more www.newsbytes.com: No Mercy For Hackers At ISC 2001. Read more www.nzherald.co.nz: Spying chain's cover blown. Read more www.chicagotribune.com: Crop data vulnerable to hackers. Read more www.newsbytes.com: Internet Security: Always One Eye On The Hackers. Read more

07 June 2001 Undetected 3.32 Server UniteMail Microsoft Security Bulletin MS01-030 Incorrect Attachment Handling in Exchange 2000 OWA Can Execute Script. Read more www.securiteam.com: The Dangers of Obscurity (FPF Kernel Module). Read more www.kaspersky.com: Miss World`s Photos Hide a Dangerous Internet-Worm. Read more dailynews.yahoo.com: The Microsoft Way - Security Through Obscurity. Read more www.theregister.co.uk: Microsoft rebuts XP Net instability claims. Read more securityportal.com: A Matter of Trust: How Apache.org Was Compromised. Read more www.iii.co.uk: EU commission considering harmonising hacking, computer crime laws. Read more www.pcadvisor.co.uk: EC turns its gaze on hackers. Read more www.zdnet.com.au: Flash of Miss World causes virus. Read more abcnews.go.com: The Weakest Link. When It Come to Viruses, It�s You. Read more www.newsbytes.com: Europe Needs Early Warning System Against Hackers - EU. Read more www.newsbytes.com: Net Security Conference: Denial Of Service Wars Heat Up. Read more www.computeruser.com: Defense sites track visitors. Read more hoovnews.hoovers.com: Government's Crop Forecasts Vulnerable to Hackers, Audit Says. Read more web.lexis-nexis.com: 'Internet terrorist' to be sentenced today. Read more

06 June 2001 Ullysse. Thanks to ISO. Exclusive for MegaSecurity by Doc: The whole story of the Steven Gibson DDOS attacks. Read more *** D.I.R.T. (Data Interception by Remote Transmission) www.theregister.co.uk: Register duped by crimebusting D.I.R.T. Trojan. Read more www.theregister.co.uk: Trojan lets cyber-cops plant bogus evidence. Read more More about DIRT. Getting DIRT on the Bad Guys. Read more Codexdatasystems. Law enforcers to use Trojans. Read more We would like to receive a copy of the DIRT trojan. *** www.securiteam.com: BestCrypt Allows Gaining of Root Privileges (FSCHK). Read more www.securiteam.com: Acme.Serve Vulnerable to Directory Traversal Bug. Read more www.securiteam.com: WebTrends HTTP Server %20 Bug (Source View). Read more www.microsoft.com: Encrypting File System for Windows 2000. Read more dailynews.yahoo.com: Expert Says Windows XP Aids Vandals. Read more www.ctnow.com: Audit: Defense Sites Track Visitors. Read more itmanagement.earthweb.com: Viruses A Weak Threat? Think Again (Part 2). Read more it.mycareer.com.au: Hackers crack opensource sites. Read more www.wired.com: Is Military Hiding Hacks? Read more www.cleveland.com: Hacker 101: A syllabus Sites/sources2600. Read more www.insanely-great.com: Microsoft posts security fix for Word. Read more slashdot.org: Elegant Email Encryption for Everyone? Read more finance.news.com.au: Hackers causing company havoc. Read more www.timesofindia.com: It experts want to refresh current cyber laws. Read more www.yowusa.com: Can Microsoft Survive An Electronic Pearl Harbor? Read more

05 June 2001 NeurotcKat 1.0 b Georgi Guninski security advisory #46, 2001 $HOME buffer overflow in SunOS 5.8 x86 Systems affected: SunOS 5.8 x86 have not tested on other OSes Risk: Medium Read more www.securiteam.com: Yahoo/Hotmail Scripting Vulnerability Enable Worm Propagation. Read more www.vnunet.com: Email tidal-wave threat averted. Read more Read our news of 1 june about this exploit. Read more www.securiteam.com: Cisco Content Service Switch 11000 Series Web Management Vulnerability. Read more www.securiteam.com: Imp Creates Temporary Files Insecurely. Read more ICMP Usage In Scanning version 3.0. Version 3.0 introduces significant changes made to the text. The paper now starts with an introduction to the ICMP Protocol. The introduction explains what is the ICMP protocol; it�s message types, and where and when we should expect to see these. Read more (zip) www.linuxsecurity.com: Encrypted Tunnels using SSH and MindTerm. Read more packetstorm.securify.com: Anti Anti Sniffer Patch - Linux kernel patches to hide a sniffer from the most known anti-sniffers. Download packetstorm.securify.com: Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Download www.sans.org: Covert Shells. Read more www.s0ftpj.org: Detecting Loadable Kernel Modules. Read more Kingdom of Saudi Arabia has banned Insecure.Org by filtering the website at their central web proxy (which all citizens must use). Nmap 2.54BETA25 is now available. Read more www.computeruser.com: 'Jennifer Lopez Naked' worm latest to lure unwary voyeurs. Read more news.zdnet.co.uk: Worm sneaks ride with 1 June hoax. Read more www.ntsecurity.net: Spyware, Part 1. Read more www.vnunet.com: DoS attack on defacement site. Read more www.vnunet.com: Safety first. Read more www.2600.com: DEMONSTRATORS ENTER WBAI - REPORTERS CLASH. Read more www.gulf-news.com: UAE 'needs task force to fight cyber crime'. Read more www.ananova.com: Company guarantees safety from viruses. Read more finance.news.com.au: Hackers causing company havoc. Read more www.vnunet.com: A human touch makes passwords passe. Read more HUGE INCREASE IN COMPUTER CRIME. Read more news.zdnet.co.u: A Year Ago: Secure open source Web server debuts at Linux expo. Read more

04 June 2001 T06 Trojan 0.1 ICQ Notify www.datanerds.net: Dsniff, a simple password sniffer. handles FTP, Telnet, HTTP, POP, NNTP, IMAP, SNMP, LDAP, Rlogin, NFS, SOCKS, X11, IRC, AIM, CVS, ICQ, Napster, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, and Oracle SQL*Net auth info. Read more www-106.ibm.com: On the lookout for dsniff: Part 1 Updated sniffer technology increases the risk of "man-in-the-middle" attacks. Read more www-106.ibm.com: On the lookout for dsniff, part 2 Strategies for reducing your network's vulnerability to sniffer attacks. Read more www.linuxsecurity.com: Network Monitoring with Dsniff. Read more sysadmin.oreilly.com: dsniff and SSH. Read more www.ntsecurity.net: Think You're Safe from Sniffing? Read more www.masker.online.de: MASKER, Hide any files and have them automatically encrypted. MASKER loads any file and encrypts it for protection using the 128 Bit RC4 algorithm. The encrypted files will then be hidden in the carrierfile. As carrierfile you can use: image file (bmp, gif, jpg, tif); audio file (wav, mid, snd, mp3); program file (exe, dll, ocx); video file (avi, mov, mpg, asf). Read more grc.com: The Strange Tale of the Attacks Against GRC.COM. Steve Gibson, of the eponymous Gibson Research Corporation, has published the long-awaited analysis of the series of distributed Denial-of-Service attacks that slammed his server between May 4 and 15, 2001. Read more cryptome.org: Nicky Hager Appearance before the European Parliament ECHELON Committee. Read more www.nypostonline.com: LOPEZ VIRUS TURNS HARD DRIVE TO MUSH. Read more news.cnet.com: Virus poses as nude Jennifer Lopez photos. Read more geeknews.net: Operation Swordfish hacking. Read more www.govexec.com: Agencies continue to use forbidden 'cookies' on Web sites. Read more www.alldas.de: Alldas.de Defacement Mirror temporary Offline. Read more www.siliconvalley.com: Hacking threat rises with high-tech layoffs. Read more www.chron.com: Waco bank targeted by computer hackers in Russia. Read more www.lasvegassun.com: A new Web of crime to untangle. Read more www.techweb.com: IBM Joins Japanese Giants For Linux Development. Read more

03 June 2001 MoonPie 1.35 beta 1 WebHead, a fake Sub7 & BioNet Server. www.insecure.org: Nmap 2.54BETA24 is now available. . This version fixes a few bugs and solves many portability issues. Read more www.securiteam.com: Buffer Overflow in yppassword Service. Read more www.securiteam.com: CesarFTP Triple Dot Directory Traversal and Weak Password Encryption. Read more www.securiteam.com: DynFX POPd Denial of Service Vulnerability (Long username). Read more linuxtoday.com: UnixReview.com: Hacking Linux Exposed: Linux Security Secrets & Solutions. Read more computerworld.com: June 1 virus hoax damage can be repaired. Read more www.newsbytes.com: SETI At Home Servers Invaded, Users Spammed. Read more www.nua.ie: Cybercriminals could hoodwink masses. Read more www.nua.ie: Net and email monitoring now standard. Read more www.securitywatch.com: FBI: 1, Russian hacker: 0. Read more www.securitywatch.com: Yes� it is possible for Yahoo! and Hotmail to spread viruses. Read more web.lexis-nexis.com: Universities are easy prey for hackers. Read more

02 June 2001 The Ripper 1.0a Dark FTP 1.6 Undetected 3.31 Server investor.cnet.com: Central Command Releases Its Dirty Dozen -- Top 12 -- Viruses For May 2001. Read more news.cnet.com: Duped by worm hoax, victims seek file fix. Read more linuxtoday.com: Caldera Security Advisory: Webmin root account leak. Read more news.cnet.com: Worm holes found in Hotmail, Yahoo Mail. Read more www.securiteam.com: Another eSafe Gateway Vulnerability - Bypassing Filtering Using HTML Tags. Read more www.securiteam.com: eSafe Gateway Bypassing Using Extended Character Encoding. Read more www.securiteam.com: Freestyle Chat Server Vulnerable to Directory Traversal and DoS Attack. Read more www.securiteam.com: SpoonFTP Buffer Overflow Vulnerabilities (CWD, LIST). Read more www.securiteam.com: GuildFTPD Buffer Overflow and Memory Leak DoS (SITE). Read more www.securiteam.com: Solaris Mailtool Buffer Overflow Vulnerability (OPENWINHOME). Read more www.securiteam.com: Remote Arbitrary Code Execution Vulnerability in GnuPG. Read more www.rnw.nl: Echelon Exists. Read more www.ireland.com: EU battle lines drawn as security challenge to data privacy grows. Read more www.cnn.com: Report: Europeans must protect against 'Echelon'. Read more www.pc-radio.com: Inside the DDoS Attack on GRC.com. Read more dailynews.yahoo.com: Internet Founder Worried Over EU Cybercrime Plans. Read more www.timesofindia.com: BSNL code hacked, top brass clueless. Read more english.peopledaily.com.cn: First Arrest of a Hacker Made in Beijing. Read more www.lasvegassun.com: Hackers Target University Computers. Read more www.zdnet.com: Judge OKs FBI hack of Russian computers. Read more news.zdnet.co.uk: A Year Ago: Hackers' favourite security holes revealed. Read more web.lexis-nexis.com: INTERNET SECURITY; INVISIBLE ENEMIES. Read more web.lexis-nexis.com: Asia takes the gloves off in fight against cybercriminals. Read more web.lexis-nexis.com: Check Your Firm's Computer Security Before It's Too Late. Read more

01 June 2001 Moses 2.01 BitchController 2.05 www.sidesport.com: Cross-site-scripting holes in Yahoo and Hotmail make it possible to replicate a Melissa-type worm through those webmail services. Read more www.sidesport.com: Hijacking the Web: Cookie Security. A malicious person can clone and capture a web-service user's session, by exploiting the widespread use of cookies for authentication. Read more www.sidesport.com: Error Handling Exploitation: Cookie Security. A White Paper. Read more www.securiteam.com: X-Chat Vulnerable to a Format String Attack (nickname). Read more www.newsbytes.com: 'Jennifer Lopez Naked' Worm Latest To Lure Unwary Voyeurs. Read more news.cnet.com: Virus poses as nude Jennifer Lopez photos. Read more www.symantec.com: VBS.NoMercy.A. Read more www.cnn.com: Report: Europeans must protect against 'Echelon'. Read more www.securitywatch.com: Sophos alerts users to the risks of anti-Echelon encryption. Read more www.theage.com.au: Call to scrap Echelon legislation. Read more www.nzherald.co.nz: The disturbing truth about Echelon. Read more dailynews.yahoo.com: Internet Founder Worried Over EU Cybercrime Plans. Read more dailynews.yahoo.com: Judge Upholds FBI Russian Hacker Trap. Read more www.timesofindia.com: BSNL code hacked, top brass clueless. Read more www.theregister.co.uk: Cowboy cracker nails Apache. Read more www.securitywatch.com: Hackers check out Apache source code - all of it. Read more www.kablenet.com: Locking out the hackers. Read more www.zdnet.com: Hacking 101: Watching the watchmen. Read more english.peopledaily.com.cn: First Arrest of a Hacker Made in Beijing. Read more www.usatoday.com: Layoffs lead to revenge hacking. Read more www.wired.com: If You Can't Track 'em, Join 'em. Read more www.wired.com: A Constitutional Right to Decode? Read more www.securiteam.com: Web blocking software can be easily bypassed. Read more

Copyright� MegaSecurity.org