Home    News Archive    Translate Traducen

News June 2007

30 June 2007 Guides, Papers, etc www.matasano.com: Joanna�s Shocking Confession: There Exists Some Amount Of Money For Which I Would Agree To See BluePill Detected By Lawson, Ferrie, Dai Zovi and Ptacek. Read more erratasec.blogspot.com: The Purple Pill? Read more blogs.securiteam.com: London Car Bombs and Internet Forums. Read more blogs.securiteam.com: IPv6, C&C (not botnets, coffee and cats). Read more www.eweek.com: CPU Bugs, Patches and Vulnerability. Read more ddanchev.blogspot.com: Exploits Serving Domains - Part Two. Read more www.symantec.com: Spam from the Kernel: Full-Kernel Malware Installed by MPack. Read more www.avertlabs.com: W32/Nuwar@MM: Its Raining Postcards! Read more www.cisrt.org: Greeting Card spams. Read more www.darkreading.com: 3Com to Issue TippingPoint IPO. Read more www.darkreading.com: Loss of Innocence. Read more www.networkworld.com: Integrity of hardware-based computer security is challenged. Read more www.infoworld.com: IIS vs. Apache: Re-examining the statistics. Read more download.microsoft.com: Windows Vista Downgrade Rights. Read more www.computerworld.com: Is overwritten data really unrecoverable? Read more www.computerworld.com: Overwitten data: Why even the Secret Service can't get it back. Read more www.podtrac.com: Audio: Windows Weekly 29: Dell Rising. Listen   Vulnerabilities & Exploits securitytracker.com: Java Web Start Applet Privilege Escalation Bug Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Sun JavaDoc Input Validation Hole Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Solaris TCP Loopback/Fusion Implementation Logic Error Lets Local Users Deny Service. Read more securitytracker.com: Kaspersky Anti-Spam Product Configuration System Grants Directory Access to Users. Read more   News www.theregister.co.uk: Unwanted e-card conceals a Storm. Read more www.theregister.co.uk: DoJ alerts US citizens to spam attack. Read more www.scmagazine.com: MySpace users warned of drive-by exploit attack. Read more www.vnunet.com: Harry Potter worm claims wizard is dead. Read more www.finjan.com: Beware, crimeware. Read more blogs.zdnet.com: Rutkowska faces �100% undetectable malware� challenge. Read more blogs.zdnet.com: Blue Pill hacker challenge update: It�s a no-go. Read more www.computerworld.com: Hackers don't time exploits for maximum impact, researcher says. Read more www.computerworlduk.com: Microsoft UK site hacked. Read more ww.zone-h.org: Microsoft Defaced, again! Read more www.computerworld.com: Planned Black Hat demo off the schedule with no explanation given. Read more www.smh.com.au: Sting entraps more Skype sex predators. Read more www.smh.com.au: Keeping teenagers safe online. Read more computerworld.co.nz: Banks demand a look inside customer PCs in fraud cases. Read more www.computeractive.co.uk: Microsoft launches piracy legal blitz. Read more www.theregister.co.uk: Cyberstalker to spend six months in jail. Read more www.first.org: From the Humor Dept: What's wrong with Norton AV? Symantec presenter using Kaspersky Anti Virus (KAV) himself. Read more

29 June 2007 Guides, Papers, etc theinvisiblethings.blogspot.com: We're ready for the Ptacek's challenge! Read more www.matasano.com: Joanna: We Can Detect BluePill. Let Us Prove It! Read more www.securityfocus.com: Experts challenge claim of undetectable rootkits. Read more www.benedelman.org: ComScore Doesn't Always Get Consent. Read more marc.info: Bugs in Intel's Core 2 cpu. Read more seclists.org: 6 Month Vista Vuln Report, Debunked. Read more isc.sans.org: MySpace Phish and Drive-by attack vector propagating Fast Flux network growth. Read more www.darkreading.com: Hacker Smackdown. Read more www.darkreading.com: IBM Tool Polices Policy. Read more www.darkreading.com: Not One Size Fits All. Read more labnol.blogspot.com: Bypass Censorship, Unblock All Restricted Websites With Opera Simulator. Read more www.informationweek.com: How To Crash Windows Vista In 10 Seconds Or Less. Read more ha.ckers.org: NOSCRIPT on Cenzic. Read more www.irmplc.com: Cisco IOS Exploitation Techniques Paper. Read more news.com.com: Solving the Web security challenge. Read more www.computerworld.com: Big Brother is watching you... and he's a computer. Read more www.computerworld.com: Hack DNS for lightning-fast Web browsing. Read more www.podtrac.com: Audio: Security Now 98: Internet Identity Metasystems. Read more   Vulnerabilities & Exploits securitytracker.com: Red Hat CMAN Buffer Overflow Lets Local Users Deny Service or Potentially Gain Elevated Privileges. Read more securitytracker.com: Solaris KSSL Kernel Module Lets Remote Users Deny Service. Read more securitytracker.com: Microsoft Excel Sheet Name Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Trend Micro OfficeScan Buffer Overflow Lets Remote Users Execute Arbitrary Code and Console Bug Lets Remote Users Bypass Authentication. Read more   Tools: labs.arubanetworks.com: WiFiDEnum - Summary. Read more   News www.vnunet.com: 'Wave of Trojans' goes on the rampage. Read more www.news.com.au: Harry Potter worm infects PCs. Read more www.sophos.com: Harry Potter worm claims teenage wizard is dead. Read more www.newsfactor.com: DOJ Warns of 'Dear Citizen' Phishing Scam. Read more scmagazine.com: Romanian NASA hacker appears in court. Read more www.informationweek.com: Cybercriminals Playing Mind Games With Users. Read more news.zdnet.com: Malware finds a new home. Read more www.boston.com: Web page about wrestler was updated to mention wife's death before bodies were found. Read more

28 June 2007 Guides, Papers, etc www.esecurityplanet.com: Antiforensics: When Tools Enable the Masses. Read more www.24-7pressrelease.com: DNSWorld, Defining the future of DNS and its security, to be held in Cancun, Mexico, from Oct, 10-12, 2007. Read more www.theregister.co.uk: Worms 2.0! Read more www.avertlabs.com: Zero Day Threats: Part 3.5 (addendum to part 3). Read more lifehacker.com: Verify that your virus scanner is working. Read more anti-virus-rants.blogspot.com: more on whitelisting. Read more ha.ckers.org: Links Roundup. Read more www.smh.com.au: Phishing the net for the gullible. Read more ddanchev.blogspot.com: Post a Crime Online. Read more blogs.ittoolbox.com: Dangerous searches - June 27, 2007. Read more blogs.pandasoftware.com: A profitable use for stolen credit cards. Read more www.cisrt.org: Large amounts of .PDF spams. Read more www.darkreading.com: IBM Tool Polices Policy. Read more www.darkreading.com: Vulnerability Management Grows Up. Read more www.podtrac.com: Audio: Leo Laporte - The Tech Guy 364. The Blueant handsfree, Yahoo makes a big change, and why you should never run as administrator...Listen   Vulnerabilities & Exploits securitytracker.com: Nessus Input Validation Hole in Windows GUI Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Check Point Safe@Office Input Validation Hole Permits Cross-Site Request Forgery Attacks. Read more securitytracker.com: Solaris libsldap Library Lets Local Users Deny Service. Read more securitytracker.com: Wireshark DHCP/BOOTP, MMS, SSL, DCP ETSI, iSeries, and HTTP Chunked Response Bugs Let Remote Users Deny Service. Read more securitytracker.com: Apache HTTPD scoreboard Protection Flaw Lets Local Users Terminate Arbitrary Processes. Read more securitytracker.com: Apache HTTPD mod_cache May Let Remote Users Deny Service. Read more securitytracker.com: Apache mod_status Input Validation Hole Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Symantec Mail Security Bug in Parsing Executable Attachments Lets Remote Users Deny Service. Read more   News www.securityfocus.com: Lawmakers worry over gov't network breaches. Read more www.securityfocus.com: Cybercrime busts net data-theft suspects. Read more www.theregister.co.uk: Serious security hole plugged in RealPlayer and HelixPlayer. Read more www.sltrib.com: Cyber criminals exploit Facebook, MySpace users. Read more apcmag.com: Romania a global hotspot for eBay fraud. Read more news.com.com: eBay targets Romanian fraudsters. Read more www.itnews.com.au: Trojan hides behind Yes & No video. Read more www.itnews.com.au: Scammers dump pump-and-dump spam. Read more www.informationweek.com: Hackers Take Over MySpace Pages To Build Bots. Read more news.zdnet.co.uk: Spammers release hoax Microsoft security bulletin. Read more news.bbc.co.uk: Private-eye hackers are convicted. Read more

27 June 2007 Guides, Papers, etc support.microsoft.com: A microcode reliability update is available that improves the reliability of systems that use Intel processors. Read more www.theregister.co.uk: The decline of antivirus and the rise of whitelisting. Read more ddanchev.blogspot.com: Exploits Serving Domains. Read more ddanchev.blogspot.com: Early Warning Security Event Systems. Read more blogs.pandasoftware.com: A profitable use for stolen credit cards. Read more www.redorbit.com: A Perspective On Internet Security. Read more www.securityfocus.com: Study: Exploit Wednesday more myth than reality. Read more www.avertlabs.com: Zero Day Threats: Part 3 - When & How Are They Released? Read more isc.sans.org: FAKE Microsoft patch email -> Fake Spyware Doctor! Read more blogs.securiteam.com: CPU vulnerabilities, the future is here? Read more blogs.securiteam.com: PDF spam. Read more www.secureworks.com: HTTP DDoS Attack Mitigation Using Tarpitting. Read more www.computerworld.com: 'Scam-spammers' mess with our minds. Read more www.darkreading.com: ZEN for the Endpoint. Read more www.darkreading.com: CSRF Bug Runs Rampant. Read more www.darkreading.com: Users: Encryption No Silver Bullet. Read more www.darkreading.com: Killing That 'Man in the Browser'. Read more www.darkreading.com: A Stirring Giant. Read more www.darkreading.com: Pain in the Bot. Read more anti-virus-rants.blogspot.com: looking for security wizards. Read more www.smh.com.au: Developing an eagle eye for fraud. Read more howsoftwareisbuilt.com: Michael Howard (Microsoft) Interview. Read more www.wired.com: Hans Reiser: Once a Linux Visionary, Now Accused of Murder. Read more www.popsci.com: The Worst Jobs in Science 2007. Read more   Vulnerabilities & Exploits securitytracker.com: RealPlayer SMIL parseWallClockValue() Stack Overflow Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Helix Player SMIL parseWallClockValue() Stack Overflow Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Kerberos kadmind Buffer Overflow in rename_principal_2_svc() Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Kerberos kadmind RPC Library Bugs May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Xythos Enterprise Document Manager Input Validation Holes Permit Cross-Site Scripting and Cross-Site Request Forgery Attacks. Read more securitytracker.com: Xythos Digital Locker Input Validation Holes Permit Cross-Site Scripting and Cross-Site Request Forgery Attacks. Read more securitytracker.com: Linux Kernel sysfs_readdir() NULL Pointer Dereference Lets Local Users Deny Service. Read more securitytracker.com: IBM WebSphere May Disclose One Users Information to Another User in Certain Cases. Read more securitytracker.com: Calendarix Input Validation Flaws Let Remote Users Inject SQL Commands. Read more   News www.secretservice.gov: UNITED STATES SECRET SERVICE TARGETS CYBER CRIMINALS. Read more www.theregister.co.uk: How to sniff out private information on Facebook. Read more www.computerworlduk.com: Hackers build new Trojans with online 'construction kit'. Read more www.vnunet.com: Trojan hides behind Yes & No video. Read more www.computerworld.com: Data breaches start at the gas station, analyst says. Read more www.telecomseurope.net: Police arrest Belgian teenager for hacking. Read more www.vnunet.com: No quick tech fix for phishing. Read more www.smh.com.au: US jails Aussie piracy kingpin. Read more

26 June 2007 Guides, Papers, etc isc.sans.org: Blocking spoofed internal email from external sources. Read more isc.sans.org: Spam volume. Read more isc.sans.org: Preventing spoofed internal e-mail. Read more blogs.securiteam.com: CFP: ISOI III (a DA workshop). Read more blogs.securiteam.com: Burb Proxy open for orders. Read more sunbeltblog.blogspot.com: Just one more reason why Web 2.0 is such a pain. Read more www.securitycadets.com: SpyHeal becomes VirusHeal. Read more www.viruslist.com: Feelings can be misleading. Read more www.schneier.com: Cell Phone Stalking. Read more ddanchev.blogspot.com: Cell Phone Stalking. Read more icbirmingham.icnetwork.co.uk: Phishing for trouble. Read more www.darkreading.com: Black Ops & Grandma. Read more www.darkreading.com: It's Not Just Bug Counts. Read more ha.ckers.org: Blocking Bots By HTAccess. Read more blog.vulnerableminds.com: Bad Reputation vs Bad Assumptions. Read more msmvps.com: haute secure - how it works. Read more www.vista4beginners.com: Getting to know the Microsoft enthusiasts: Corrine Chorney - Microsoft MVP. Read more blogs.msdn.com: Installing Vista: My Personal Hell. Read more sunbeltblog.blogspot.com: Sunbelt Weekly TechTips #50: Configuration and Troubleshooting. Read more   Vulnerabilities & Exploits securitytracker.com: RaidenHTTPD Input Validation Hole Permits Cross-Site Scripting Attacks. Read more   News www.theregister.co.uk: Google calls for court to tighten Microsoft's anti-trust leash. Read more www.breitbart.com: 'Citizen journalism' battles the Chinese censors. Read more www.theregister.com: Bush on cyber war: 'a subject I can learn a lot about'. Read more www.dailytech.com: Leader of Internet Piracy Gang Sentenced. Read more www.itrportal.com: Phishing on the Rise While Bots Slow. Read more www.computerworld.com: Hackers use 'construction kit' to unleash Trojan variants. Read more www.theregister.co.uk: US porn spammers guilty as charged. Read more www.theregister.co.uk: Symantec showers free software on bug-afflicted Chinese. Read more www.securityfocus.com: Spanish police arrest alleged phone-virus creator. Read more www.zdnet.com.au: CA's virus zoo reaches melting point. Read more www.thetowntalk.com: Undercover Internet operation nets three sex crime-related arrests, State Police report. Read more

25 June 2007 Guides, Papers, etc www.securityfocus.com: Don't Be Evil. Read more isc.sans.org: Blacklists & Politics. Read more isc.sans.org: Apple Releases Patch for Cross-Site Scripting Vulnerability. Read more isc.sans.org: Exploit against MS07-033 being used in the wild. Read more isc.sans.org: More Hostile Advertisement Filtering. Read more www.nytimes.com: When Computers Attack. Read more news.com.com: Global security challenge falls to an elite corps. Read more www.enterprisenetworkingplanet.com: Unix Security: How Do You Know When You've Been Owned? Read more www.mcafee.com: Say "No, Thanks" to Unwanted Email. Read more blogs.ittoolbox.com: Dangerous searches - June 23, 2007. Read more myappsecurity.blogspot.com: Reflection on Cesar Cerrudo. Read more Reflection on Alex Stamos. Read more taosecurity.blogspot.com: Three Reviews Posted. Read more   Vulnerabilities & Exploits websecurity.com.ua: MOSEB-20 Bonus: Google dorks strikes back. Read more securitytracker.com: Apple Safari Bugs Let Remote Users Modify the Address Bar and Conduct Cross-Domain Scripting Attacks. Read more securitytracker.com: Mac OS X WebKit and WebCore Bugs Permit Cross-Domain Scripting Attacks and Remote Code Execution. Read more securitytracker.com: Ingres Database Heap Overflows Let Remote Users Execute Arbitrary Code. Read more   News www.itnews.com.au: Cybercrime fighters to gather in US next week. Read more www.terra.net.lb: Spanish police arrest creator of mobile phone virus. Read more www.computerworld.com: Microsoft sues more alleged Hotmail spammers. Read more www.unisys.com: British Retail Banks Fail to Secure Consumer Trust. Read more www.usatoday.com: Google wants feds to fight Web censors. Read more www.informationweek.com: Feds' Own Hacker Cracks Homeland Security Network. Read more www.computerworld.com: Symantec Labs working on SiteAdvisor alternative. Read more www.techworld.com: Symantec ready to offer Chinese users compensation. Read more www.time.com: E-mail Privacy Gets a Win in Court. Read more blog.wired.com: Hacker Adrian Lamo Wins, Won't Have to Give the FBI his Blood. Read more

23 June 2007 Guides, Papers, etc www.viruslist.com: Free sex - Dutch email seeded. Read more www.viruslist.com: Summer in Russia: time for a phishing trip. Read more isc.sans.org: Active Banner Ads. Read more isc.sans.org: Hacking Harry. Read more www.technewsworld.com: Boutique Malware: Custom-Made for the Executive Suite. Read more blog.spywareguide.com: Pornoplayer installed from fake Windows Codec. Read more www.cisrt.org: Ecard and Zhelatin. Read more ha.ckers.org: Hiding JS in Valid Images. Read more ha.ckers.org: Blackhat Head�s Up. Read more ddanchev.blogspot.com: The MPack Kit Attack on Video. Read more ddanchev.blogspot.com: A Blacklist of Chinese Spammers. Read more msmvps.com/blogs: Dell backs down on bloatware. Read more www.darkreading.com: Mi5's Not-So-Secret Weapon. Read more www.darkreading.com: Security Fears Slow Virtualization. Read more www.darkreading.com: Microsoft's 'Virtual' Security Problem. Read more www.darkreading.com: Rethinking Security Technology. Read more www.infoworld.com: A secure Internet requires a secure network protocol. Read more blogs.msdn.com: From Microsoft TechEd 2007: Web Development Tools for Internet Explorer. Read more www.gulfnews.com: Microsoft and the art of fixing bugs. Read more taosecurity.blogspot.com: Internet Traffic Study. Read more www.eweek.com: Fear and Loathing in IT: iPhone and Macintosh. Read more www.internetnews.com: Four Bot Herders Get Put Out To Pasture. Read more aolradio.podcast.aol.com: Audio: Security Now 97: Operation Bot Roast - sponsored by Astaro Corp. Listen   Tools: addons.mozilla.org: Firefox Add-ons. Adblock Plus 0.7.5.1. Read more   News www.pcpro.co.uk: Google Earth a security risk claims US general. Read more www.theregister.co.uk: Russian trouble makers find Quicken backdoor. Read more www.theregister.co.uk: Pump-and-dump scammers issue German prospectus. Read more news.zdnet.co.uk: Symantec takes Microsoft to task over security. Read more www.esecurityplanet.com: Yahoo Moves Quickly To Plug Phishing Hole. Read more weblog.infoworld.com: Nasty malware toolkit making the rounds. Read more blog.wired.com: DHS Security Chief Dismisses Congress's Hacking Questions. Read more www.theregister.co.uk: Internet users living secret lives online. Read more www.theregister.co.uk: Hacker breaks into Pentagon email system. Read more www.pcworld.com: EU Examines Search Engines and Privacy Issues. Read more www.theregister.com: Ohio data leak was 'accident waiting to happen'. Read more www.groklaw.net: Microsoft's Windows Marketplace: "Ubuntu is perfect!" -- Eek! Read more www.zdnet.com.au: Mystery surrounds Microsoft's virtualisation flip-flop. Read more www.dailytech.com: Cell Phones, Internet to Help Citizens Fight Crime. Read more hosted.ap.org: Hitachi: Move the Train With Your Brain. Read more

22 June 2007 Guides, Papers, etc isc.sans.org: Fake Adobe Shockwave Player download page. Read more isc.sans.org: Summary of TCP services on your network. Read more www.avertlabs.com: Infected E-Mail Makes a Poor Ambassador. Read more www.cisrt.org: Ecard and Zhelatin. Read more www.sophos.com: Spammers use PDF files in latest pump-and-dump scam. Read more www.symantec.com: MPack - The Movie. Read more www.eweek.com: Meet Verizon, King of ISP Spammers. Read more www.esecurityplanet.com: Malware Mayhem Means Companies Must Stay Alert. Read more www.esecurityplanet.com: Malware on The Tube. Read more www.darkreading.com: 'You're Now Free to Move About the Company'. Read more www.darkreading.com: Securing the 'Company Jewels'. Read more www.darkreading.com: Old Dogs Can Still Do Dirty Tricks. Read more www.darkreading.com: Encryption: A Code, Not a Law. Read more   Vulnerabilities & Exploits securitytracker.com: GNU Emacs Lets Remote Users Deny Service. Read more securitytracker.com: HP Help and Support Center Buffer Overflow Lets Remote Users Execute Arbitrary Code. Read more   Tools: www.thelaptoplock.com: LaptopLock protects the data and aids in the recovery process of a computer if it's stolen. Read more   News www.computerworld.com: Stolen credit cards traded through online stores. Read more www.time.com: Cyber Attack Hits Pentagon. Read more www.techworld.com: Quicken has a back door. Read more www.heise.d: Data Protection Commissioner deplores "trend towards a Big Brother state". Read more www.newsfactor.com: Security Experts Monitor MPack Threat. Read more www.zdnet.com.au: US Homeland Security still infected with Trojans? Read more www.theregister.com: About those 844 security breaches... 'fess up, Congress tells DHS. Read more blog.washingtonpost.com: LexisNexis Warns of Consumer Database Breaches. Read more www.securityfocus.com: Apple shutters IPv6 flaw in Mac OS X. Read more www.channelregister.co.uk: Rivals torture consumers via Microsoft. Read more arstechnica.com: Google says Vista search changes not enough. Read more www.virusbtn.com: 100,000 new phishing sites set up in 7 days. Read more www.computerworld.com: Microsoft better at patching XP than Vista? Read more www.smh.com.au: Scammers net Munster data. Read more news.zdnet.co.uk: Photos: Symantec leaves its security bunker. Read more

21 June 2007 Guides, Papers, etc isc.sans.org: MPack Analysis. Read more isc.sans.org: Pump and dump scams now in PDF. Read more isc.sans.org: Other miscellaneous stuff I've come across recently. Read more isc.sans.org: Apple TV security update. Read more blogs.technet.com: The Case of the Insecure Security Software. Read more sunbeltblog.blogspot.com: I think this needs clarification: YouTube spawning malware? Read more www.avertlabs.com: nic.at bitten by Spamhaus for helping phishers. Read more blogs.pandasoftware.com: Dream System. Read more ha.ckers.org: Code Execution Through Filenames in Uploads. Read more explabs.blogspot.com: Dangerous searches - June 20, 2007. Read more ddanchev.blogspot.com: Massive Embedded Web Attack in Italy. Read more www.darkreading.com: People, Not Passwords, Are the Problem. Read more www.darkreading.com: Hackers Create Nuclear Bomb Scare. Read more www.cerias.purdue.edu: Complexity, virtualization, security, and an old approach. Read more strikecenter.bpointsys.com: IPS Evasion with the Apache HTTP Server. Read more www.pewinternet.org: The volume of spam is growing in Americans� personal and workplace email accounts, but email users are less bothered by it. Read more www.microsoft.com: JOINT STATUS REPORT ON MICROSOFT�S COMPLIANCE WITH THE FINAL JUDGMENTS. Read more news.com.com: Locking down laptops before it's too late. Read more   Vulnerabilities & Exploits securitytracker.com: Apache Tomcat Input Validation Hole in Processing Accept-Language Header Permits Cross-Site Scripting Attacks. Read more   Tools: www-robotics.jpl.nasa.gov: First Public Release of CLARAty Software. Read more   News www.theregister.co.uk: YouTube 'riddled with 40-plus security vulnerabilities'. Read more www.informationweek.com: Trojans Lurking In Fake Video Postings On YouTube. Read more www.theregister.co.uk: Phishermen, not zombies, causing biggest security woes. Read more www.itnews.com.au: Phishers casting ever wider nets. Read more www.itnews.com.au: Mafia-style mobs muscle in on malware. Read more www.techworld.com: Five billion spams pump German stock. Read more www.computing.co.uk: London Stock Exchange hacking. Read more www.gnn.gov.uk: DTI targets the weakest link. Read more arstechnica.com: Microsoft ditches about-face on virtualization restrictions at 11th hour. Read more news.com.com: Mystery surrounds Microsoft's virtualization flip-flop. Read more www.esecurityplanet.com: Google's Race to the Bottom. Read more www.newsfactor.com: Microsoft Agrees To Open Windows Vista Search. Read more www.computeractive.co.uk: Brits indulge in risky behaviour online. Read more news.zdnet.co.uk: Wi-Fi Alliance defends early certification. Read more www.theregister.co.uk: One in four web merchants do not know web shopping laws. Read more

20 June 2007 Guides, Papers, etc isc.sans.org: PHP code in GIF (Part 2). Read more www.scanit.be: Secure file upload in PHP web applications. Read more www.microsoft-watch.com: MPack It Up. Read more sunbeltblog.blogspot.com: SmartFixer being installed through dubious methods? Read more www.sophos.com: USB flash drive worm spreads information about AIDS. Read more www.justice4matt.com: The Matt Bandy Story. Read more www.technewsworld.com: Ethernet's New Security Layer. Read more www.darkreading.com: Stop, Thief! Read more www.darkreading.com: Steampunk Security. Read more www.lightbluetouchpaper.org: Hacking tools are legal for a little longer. Read more   Vulnerabilities & Exploits securitytracker.com: F-Secure Internet Security May Fail to Scan Certain LHA and RAR Archives. Read more securitytracker.com: F-Secure Internet Gatekeeper May Fail to Scan Certain LHA and RAR Archives. Read more securitytracker.com: F-Secure Anti-Virus May Fail to Scan Certain LHA and RAR Archives. Read more   News www.securityfocus.com: Amero case spawns effort to educate. Read more www.cnn.com: Users rage against China's 'Great Firewall'. Read more www.securityfocus.com: Mpack attack infects PCs on massive scale. Read more money.guardian.co.uk: Gangs infect 10,000 websites to steal users' bank details. Read more www.chron.com: Homeland Security acknowledges own computer break-ins. Read more news.ninemsn.com.au: Hackers add explosive angle to weather broadcast. Read more www.securityfocus.com: HP to acquire SPI Dynamics. Read more www.techworld.com: US nuclear secrets sent in email, committee discovers. Read more www.computerworld.com.sg: Google offers security blacklists to all. Read more www.vnunet.com: Browsers fail to curb phishing. Read more www.gsa.gov: Data at Rest (DAR) Encryption Awardees Announced. Read more www.reuters.com: British censor bans first video game in 10 years. Read more

19 June 2007 Guides, Papers, etc www.theregister.co.uk: Anti-hacking laws 'can hobble net security'. Read more isc.sans.org: PHP Exploit Code in a GIF. Read more isc.sans.org: Vulnerability in Trillian. Read more isc.sans.org: Massive MPACK Compromise. Read more www.f-secure.com: 21 New Commwarrior Variants Sighted - Corrected June 19th 10:30. Read more www.avertlabs.com: Revisiting the Crystal Ball: Updating Our 2007 Predictions. Read more blogs.pandasoftware.com: Botnet controller via web. Read more blogs.pandasoftware.com: Cybercrime... for sale (II). Read more www.sophos.com: Zero-day threats. Read more www.eweek.com: One Bot Per Child? Read more www.publictechnology.net: DTI surveys reveals biggest risk to computer network security. Read more� blogs.pandasoftware.com: MPack uncovered. Read more www.symantec.com: If You Build it, They Will Come. Read more ha.ckers.org: Another Google XSS in Google Documents. Read more www.darkreading.com: Startup Puts New Spin on Firewalls. Read more www.darkreading.com: Beware the Rose. Read more podcasts.sophos.com: Audio: Zero-day threats explored in Sophos podcast. Listen podcasts.sophos.com: Rootkits: What you need to know. Listen   Vulnerabilities & Exploits securitytracker.com: mod_perl Input Validation Flaw in PerlRun Module Lets Remote Users Deny Service. Read more securitytracker.com: Simple Machines Forum Bugs Let Remote Users Execute Arbitrary Code or Bypass the Sound-Based CAPTCHA Function. Read more securitytracker.com: Novell exteNd Director ActiveX Control Lets Remote Users Execute Arbitrary Code. Read more   News www.securityfocus.com: PayPal offers a key to secure transactions. Read more www.theregister.co.uk: Cyber crooks hijack 10,000 websites. Read more www.zdnet.com.au: Westpac hit by DoS attacks. Read more www.itnews.com.au: Small firms warned of data protection scam. Read more www.itnews.com.au: IPv6 to boost US government security. Read more www.theregister.co.uk: Malware targets computer forensics tool. Read more www.thesmokinggun.com: Site Exposed More Than Paris Hilton. Read more www.itwire.com.au: Symbian Trojan sends premium SMS. Read more www.computing.co.uk: Almost half of small business are victims of cyber crime. Read more www.theregister.co.uk: Dutch police arrest 111 West Africans in 419 clampdown. Read more www.theregister.co.uk: Texas arrests seven MySpace sex offenders. Read more blogs.abcnews.com: 'Brilliant' Identity Theft Scheme Targets Child Porn Buyers. Read more www.theregister.co.uk: Cops smash paedophile ring. Read more

18 June 2007 Guides, Papers, etc blogs.securiteam.com: Microsoft really trust to IIS 7.0. Read more blogs.securiteam.com: Safari 3.0.1 fixes three flaws - what about the others? Read more blogs.securiteam.com: Next to come: Nigerian scam ads in the New York Times. Read more isc.sans.org: New Hacker Challenge for you all. Read more isc.sans.org: Attack involving .hk domains. Read more sunbeltblog.blogspot.com: Update on worm spam wave. Read more anti-virus-rants.blogspot.com: and then hell froze over. Read more ha.ckers.org: Another Google XSS in Google Documents. Read more ha.ckers.org: Google/Youtube Ultimatum. Read more www.eweek.com: Is It OK that Google Owns Us? Read more www.computerworld.com: Experts Debate Microsoft Patch Priorities. Read more news.softpedia.com: The More Hackers, The Better. Read more www.itnews.com.au: Opinion: Google vs. the FBI - who has more right to data? Read more www.itnews.com.au: Panel attempts to debunk myths about online predators. Read more www.techdo.com: How to log on to Windows after 30 days Without Activation. Read more consumerist.com: 22 Confessions Of A Former Dell Sales Manager. Read more aolradio.podcast.aol.com: Audio: TWiT 101: Moon Over Google. Google Street View and privacy, Michael Moore and piracy, hackers and Safari... Listen freescienceonline.blogspot.com: Programming, Networking Free Video Lectures and Other Interesting Ones. Read more   Tools: www.techdo.com: Top 20 Antivirus rankings. Tested using 174,770 virus samples. Read more   News www.australianit.news.com.au: 'Hackers' gather for global event. Read more www.zdnet.com.au: A million zombies threaten US national security. Read more techdirt.com: Dutch Police Arrest A Bunch Of Internet Scammers. Read more www.smh.com.au: Aussie piracy 'mastermind' facing sentence. Read more arstechnica.com: US Internet Crime Complaint Center fields its millionth complaint. Read more www.itnews.com.au: Anti-spyware bill introduced. Read more

16 June 2007 Guides, Papers, etc www.f-secure.com: WinHex Virus? Here you go... Read more isc.sans.org: BBB=>IRS=>FTC=>Proforma | don't open that invoice! Read more www.securityfocus.com/: Group: Anti-hacking laws can hobble Net security. Read more www.informationweek.com: In Fight Against Botnets, Warning Victims Is Half The Battle. Read more www.informationweek.com: IT Confidential: Google Vs. The FBI: Who's Got More Right To Data? Read more www.darkreading.com: A New Approach to Database Security. Read more www.darkreading.com: Eight Vulnerabilities You May Have Missed. Read more www.darkreading.com: Welcome to the Big Leagues. Read more www.darkreading.com: Prophetic Warnings. Read more freshmeat.net: Enigform: The OpenPGP Firefox Extension. Read more www.theregister.co.uk: Why is Hotmail so bad at spam? Read more www.computerworld.com: FAQ: For Microsoft, anti-piracy is a naked baby. Read more taosecurity.blogspot.com: DHS Einstein Demonstrates Value of Session Data. Read more www.infosecurity-magazine.com: Interview: Bruce Schneier. Read more blogs.zdnet.com: Schneier on ID theft. Read more infosecsellout.blogspot.com: The Want-To-Be Hacker Without A Clue. Read more newsletters.trendmicro.com: Protect Yourself from Video Malware. Read more www.microsoft-watch.com: Why Google Succeeds, Part 1. Read more www.microsoft-watch.com: Why Google Succeeds, Part 2. Read more www.infoworld.com: The security solution revolution, continued. Read more ha.ckers.org: XSS Irony. Read more ha.ckers.org: First Conviction of Can Spam Act. Read more zdpub.vo.llnwd.net: Audio: Google vs. Microsoft: Good vs. Evil? Listen www.net-security.org: Video: Data Seepage: How to Give Attackers a Roadmap to Your Network. Watch   Vulnerabilities & Exploits securitytracker.com: Kaspersky Internet Security 'klif.sys' Driver Lets Local Users Deny Service. Read more securitytracker.com: HP System Management Homepage Grants Access to Remote Users. Read more securitytracker.com: Sun Java System Directory Server Lets Remote Users Modify Certain Data. Read more securitytracker.com: Sun Java System Directory Server Discloses Attribute Existence to Remote Users. Read more securitytracker.com: Solaris NFS Bug in Processing XDR Data Lets Remote Users Deny Service. Read more securitytracker.com: Solaris IPv6 Bug in Processing IPSec Packets Lets Remote Users Execute Arbitrary Code. Read more netcooties.blogspot.com: Yahoo defect endangers users -- do web sites care? Read more   News www.securityfocus.com: NATO to focus on securing critical systems. Read more today.reuters.co.uk: Texas authorities arrest 7 former MySpace members. Read more www.theregister.co.uk: Yahoo! fixes bug that gave free rein to user accounts. Read more news.com.com: Hated blogger leaves U.S., threatens lawsuits. Read more www.usatoday.com: Military personnel prime targets for ID theft. Read more opinion.zdnet.co.uk: Fighting the zombie hordes. Read more www.itnews.com.au: Malware poses as FTC complaint. Read more www.itnews.com.au: Cyberattack fools you once, evades detection. Read more www.itnews.com.au: New geolocation service could help track cyberthieves. Read more

15 June 2007 Guides, Papers, etc blogs.securiteam.com: The Ballad of the Anonymous Explorer. Read more blogs.securiteam.com: Oh, did we forget to write �spam� in the subject line? Read more www.f-secure.com: 0.7 New Threats Per Day? Read more www.avertlabs.com: Zero-Day Threats, Part 2: Who�s Behind Them and Why? Read more blogs.authentium.com: Users does not stand a chance. Read more anti-virus-rants.blogspot.com: when misunderstanding hurts you. Read more www.securityfocus.com: Gov't group needed to keep the Net healthy? Read more www.eweek.com: Danger Lurks Around the Corner with Apple's Safari. Read more isc.sans.org: BBB=>IRS=>FTC=>Proforma | don't open that invoice! Read more ha.ckers.org: Writeup on Yahoo XSS. Read more www.darkreading.com: Feds Launch Operation Bot Roast. Read more www.darkreading.com: Survey: 1 in 4 WLANs Unsecured. Read more www.darkreading.com: What's Your Info Worth? Read more www.darkreading.com: Inside-Out Security. Read more www.lightbluetouchpaper.org: Phishing, students, and cheating at the lottery. Read more www.rsa.com: Wireless Adoption Leaps Ahead, Advanced Encryption Gains Ground in the Post-WEP Era. Read more blogs.ittoolbox.com: Dangerous searches June 14th 2007. Read more www.microsoft-watch.com: The Ride Died. Read more www.podtrac.com: Audio: Security Now 96: Your Questions, Steve�s Answers #20. Listen   Vulnerabilities & Exploits securitytracker.com: Microsoft Office Buffer Overflow in MSODataSourceControl ActiveX Control May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Linux Kernel Random Number Generator May Not Generate Random Numbers in Certain Situations. Read more securitytracker.com: Open-iSCSI Lets Local Users Deny Service. Read more securitytracker.com: Tomcat Input Validation Holes in the JSP Examples, Manager, and Host Manager Permit Cross-Site Scripting Attacks. Read more   News www.techworld.com: Online bank security worsens. Read more PayPal, eBay offer Security Key to U.S. customers. Read more www.vnunet.com: Scammers use FTC to lure victims. Read more www.newsfactor.com: FBI Turns Up Heat on Bot Herders. Read more www.itnews.com.au: New geolocation service could help track cyberthieves. Read more www.smh.com.au: Virus blight spreads to museum site. Read more www.computerworld.com: Mystery of tiny faces on Vista DVDs solved. Read more

14 June 2007 Guides, Papers, etc www.f-secure.com: FBI Headline: Operation BOT ROAST. Read more isc.sans.org: Office of Cyber Public Health? Read more isc.sans.org: IRS goes FTC. Read more isc.sans.org: FBI's Operation Bot Roast. Read more isc.sans.org: Investigating and responding to suspicious Office files. Read more www.darkreading.com: Authentication Goes USB Route. Read more www.darkreading.com: SonicWall Acquires Aventail. Read more www.darkreading.com: Pop-Ups Fake Security Alerts. Read more ha.ckers.org: CAPTCHA Breaking Game. Read more securityblog.itproportal.com: Video Interview with Peter Cox. Watch www.security-database.com: Turning Firefox to an Ethical Hacking Platform. Read more www.uoregon.edu: We Need a Cyber CDC or a Cyber World Health Organization. Read more   Vulnerabilities & Exploits securitytracker.com: SpamAssassin symlink Bug Lets Local Users Deny Service. Read more securitytracker.com: libexif Integer Overflow in exif_data_load_data_entry() May Let Remote Users Crash the Application or Execute Arbitrary Code. Read more securitytracker.com: OpenOffice.org Office Suite Heap Overflow in Parsing RTF Files Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Apple Safari window.setTimeout() JavaScript Function Lets Remote Users Execute Scripting Code in Arbitrary Domains. Read more securitytracker.com: Subversion Discloses Potentially Sensitive Revision Properties to Remote Authenticated Users in Certain Cases. Read more securitytracker.com: YaBB 'member.vars' File Lets Remote Users Gain Administrative Privileges. Read more   News www.securityfocus.com: FBI aims to disrupt bot masters. Read more www.fbi.gov: Over 1 Million Potential Victims of Botnet Cyber Crime. Read more www.theregister.co.uk: FBI logs its millionth zombie address. Read more news.bbc.co.uk: Yahoo's China policy rejected. Read more www.military.com: China Attempting Cyberspace Dominance. Read more www.smh.com.au: Google to dump user data after 18 months. Read more www.vnunet.com: University fails to notice hack attack. Read more www.wzzm13.com: Data theft arrests show how tens of millions are at risk. Read more networks.silicon.com: EU welcomes Google's privacy moves. Read more www.itnews.com.au: Hackers launching attacks against Yahoo Messenger bugs. Read more www.itnews.com.au: McAfee CEO optimistic about tackling security complexity. Read more vietnamnews.vnagency.com.vn: ADSL internet users warned: beware of hackers, data theft. Read more www.securitypark.co.uk: Beware of slow and quick viruses. Read more www.newindpress.com: Passwords no longer a secret. Read more www.theregister.com: Free ads site could help fraudsters recruit middlemen. Read more

13 June 2007 Guides, Papers, etc www.f-secure.com: Patch Tuesday, June Edition. Read more www.schneier.com: Teaching Viruses and Worms. Read more www.theregister.com: 10 reasons why the Black Hats have us outgunned. Read more www.f-secure.com: Dang. Read more isc.sans.org: June 2007, Microsoft Patch Tuesday Overview. Read more isc.sans.org: Investigating and responding to suspicious Office files. Read more isc.sans.org: Beta Software (Safari for Windows). Read more sunbeltblog.blogspot.com: This is so vicious. Read more sunbeltblog.blogspot.com: Sunbelt Weekly TechTips #48. Read more ddanchev.blogspot.com: DIY Malware Droppers in the Wild. Read more ddanchev.blogspot.com: Censoring Flickr in China. Read more www.net-security.org: Majority of new malware uses file packing to evade detection. Read more www.avertlabs.com: XML Controlled Trojans. Read more www.avertlabs.com: Safari for Windows is not a trojan horse. Read more www.sophos.com: Hackers spread illegal child content through web message boards. Read more www.eweek.com: Dell Responds to the Crapware Column. Read more www.darkreading.com: Pfizer Falls Victim to P2P Hack. Read more www.darkreading.com: Enterprises Mull Own Bug Research. Read more www.darkreading.com: Anti-Spam Group Under Attack. Read more www.darkreading.com: Security Charlatan. Read more taosecurity.blogspot.com: Threat Model vs Attack Model. Read more ha.ckers.org: Sad Day for Safari On Windows. Read more ha.ckers.org: Google Ranked Worst In Privacy. Read more www.cio.com: How Organized Crime Uses Technology to Make Money. Read more msmvps.com: Windows Vista DVD hologram mystery. Read more www.theregister.com: Embedded problems: exploiting NULL pointer dereferences. Read more silverstr.ufies.org: Time Machine: Why Apple perceptually has a better handle on information retention and recovery. Read more   Vulnerabilities & Exploits securitytracker.com: Microsoft Internet Explorer Bugs Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Windows Mail MHTML Protocol Handler Content-Disposition Bug Lets Remote Users Obtain Information. Read more securitytracker.com: Outlook Express MHTML Protocol Handler Content-Disposition Bug Lets Remote Users Obtain Information. Read more securitytracker.com: Windows Mail MHTML Protocol Handler Redirect Bug Lets Remote Users Obtain Information. Read more securitytracker.com: Outlook Express MHTML Protocol Handler Redirect Bug Lets Remote Users Obtain Information. Read more securitytracker.com: Windows Input Validation Flaw in Win32 API Lets Remote and Local Users Execute Arbitrary Code. Read more securitytracker.com: Visio File Version Number and Packed Object Validation Bugs Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Windows Schannel Digital Signature Bug Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Windows Vista Discloses Sensitive Information to Local Users. Read more securitytracker.com: Apple Safari Protocol Handler Validation Flaw Lets Remote Users Inject Arbitrary Commands. Read more securitytracker.com: Apple Safari Bugs Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: shadow-utils 'useradd' Unsafe Mailbox Folder Permissions May Let Local Users Read/Write Mail. Read more securitytracker.com: Cadant C3 IP Option Bug Lets Remote Users Deny Service. Read more securitytracker.com: Cisco Trust Agent User Notification Function Lets Physically Local Users Gain Administrative Privileges. Read more securitytracker.com: BrightStor ARCserve for Laptops and Desktops Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Novell Modular Authentication Service Writes Administrative Password to the 'NMASINST.LOG' File. Read more securitytracker.com: Linux Kernel cpuset_tasks_read() Memory Disclosure Lets Local Users View Portions of Kernel Memory. Read more   Tools: www.computerworld.com: Review roundup: Slim is in for Windows desktop firewalls. Read more   News www.securityfocus.com: Microsoft patches flaws in IE, Windows Mail. Read more news.com.com: Hated blogger leaves U.S., threatens lawsuits. Read more www.itnews.com.au: Hackers lift US$45,000 from Nevada bank. Read more www.securityfocus.com: Flaw hunters go off on Safari. Read more www.theregister.co.uk: Google throws a bone to privacy watchdogs. Read more www.theregister.co.uk: Users attacked by mysterious AIM buddies. Read more www.theregister.co.uk: Windows recovery loophole lets hackers in. Read more www.theregister.co.uk: Security researchers poke holes in Safari. Read more www.theregister.co.uk: Spammer faces 11 years in prison. Read more techdirt.com: Facing 101 Years, Phisher Gets Sentenced To Six. Read more www.latimes.com: Online tunes are more risky than Web porn. Read more www.smh.com.au: Nasty surprise discovered on Opera House's website. Read more www.technewsworld.com: What's Behind Google's Sneak Attack Against Microsoft? Read more www.phoenixnewtimes.com: What Happened in Vegas...Read more

12 June 2007 Guides, Papers, etc blogs.securiteam.com: Cracking to Windows with System Recovery - and no warning from Redmond. Read more www.securityfocus.com: Embedded Problems. Read more www.thc.org: The next level of Oracle attacks. Read more isc.sans.org: Internal Audits, many of us hate them, but.... Read more www.avertlabs.com: Zero Day Threats: Part 1 - What They Are, and What They�re Not. Read more sunbeltblog.blogspot.com: Making sure what happened to Julie...doesn't happen again. Read more sunbeltblog.blogspot.com: Who's Afraid of the Big Bad Eula? Read more blogs.ittoolbox.com: A cunning rootkit. Read more blog.siteadvisor.com: Hosting Sites �what are they hosting exactly? Read more www.sophos.com: Hackers spread illegal child content through web message boards. Read more www.darkreading.com: Architect's Many Identities. Read more www.darkreading.com: Phishers: No Points for Originality. Read more www.darkreading.com: Attackers Break Into UVA Database. Read more www.darkreading.com: Up Against the Firewall. Read more mcwresearch.com: Micro defense in depth. Read more podcasts.mcafee.com: Audio: AudioParasitic Episode 8. Teaching malware authoring in higher education part 1Listen podcasts.mcafee.com: Audio: AudioParasitic Episode 9. Teaching malware authoring in higher education part 2Listen   News www.computerworld.com: Study: Law puts damper on Web security research. Read more www.securityfocus.com: Image attack on MySpace boosts phishing exposure. Read more googleonlinesecurity.blogspot.com: Thwarting a large-scale phishing attack. Read more www.theregister.co.uk: Google goes spear phishing on MySpace. Read more www.securityfocus.com: Finalists allege hacking in $1 million stock contest. Read more www.theregister.co.uk: Video download site ordered to spy on users. Read more www.theregister.co.uk: Anti-spam sites weather DDoS assault. Read more www.theregister.co.uk: Large-scale DOS attack menace continues to grow. Read more www.computerworld.com.sg: Hackers audition Yahoo Messenger exploits. Read more www.publictechnology.net: Computer hackers take US city for $450,000. Could it happen in the UK? Read more www.zdnet.com.au: Don't fear Sydney Opera House trojan. Read more www.smh.com.au: Nasty surprise discovered on Opera House's website. Read more news.com.com: OpenOffice worm Badbunny hops across operating systems. Read more www.technewsworld.com: Privacy Watchdog Tags Google Worst on Web. Read more www.itnews.com.au: Half of all workers admit stealing data. Read more www.jacksonvilleprogress.com: Need cash? Try cyberbegging. Read more www.sfgate.com: Tech battle of the titans over users. Google says Microsoft's Vista fouls up rival search systems. Read more

11 June 2007 Guides, Papers, etc www.f-secure.com: Upgrade your Yahoo Messenger immediately. Read more isc.sans.org: Malware Analysis - handling base64. Read more isc.sans.org: Yahoo! Messenger exploits seen in the wild. Read more blogs.securiteam.com: RSS Spam. Read more blogs.securiteam.com: Month of Random Months. Read more blogs.securiteam.com: Macchiavelli and havesting targeted data for spam. Read more sunbeltblog.blogspot.com: Another massive university porn hacking spree. Read more ddanchev.blogspot.com: An Analysis of the Technical Mujahid - Issue Two. Read more www.mattcutts.com: Why I disagree with Privacy International. Read more www.it-analysis.com: IT Security and Cyberwarfare. Read more   News www.nytimes.com: A Dog or a Cat? New Tests to Fool Automated Spammers. Read more news.zdnet.co.uk: Global security vendors fail malware test. Read more www.washingtonpost.com: Watchdog Group Slams Google on Privacy. Read more www.computeractive.co.uk: Barclays banks on two-factor authentication. Read more www.sfgate.com: Flickr not even flickering in China. Internet photo site says service is being blocked and hopes it's only temporary. Read more torrentfreak.com: TorrentSpy Ordered By Federal Judge to Become MPAA Spy. Read more

09 June 2007 Guides, Papers, etc blogs.securiteam.com: Dan Holden and ISS Should Pull Their Heads Out of the Sand. Read more blogs.securiteam.com: Presenting vulnerabilities and patches as IP. Read more www.f-secure.com: Top10 malware registry launchpoints. Read more www.avertlabs.com: Play With Fire and You Might Get Burned. Read more isc.sans.org: Possible FAA computer glitches? Read more www.darkreading.com: P2P's Unintended Leaks. Read more www.darkreading.com: Mainstream Macs. Read more www.darkreading.com: Security's Dollar Daze. Read more weis2007.econinfosec.org: Inadvertent Disclosure � Information Leaks in the Extended Enterprise. Read more www.ibm.com: Anatomy of the Linux kernel. Read more www.digitalbond.com: SCADA Honeynet Results from the PCSF Annual Meeting March 6 � 7, 2007. Read more www.atomicmpc.com.au: Everything you ever wanted to know about video codecs. Read more podcasts.mcafee.com: Audio: AudioParasitics Episode 8. Listen   Vulnerabilities & Exploits securitytracker.com: Blue Coat Systems K9 Web Protection Buffer Overflow May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: APC PowerChute Network Shutdown Directory Traversal Bug Discloses Files to Remote Users. Read more msmvps.com: HOTFIX: You cannot add a Web site to the "Trusted Sites" zone when IE7 is installed, even when the user account belongs to the Administrators Group. Read more msmvps.com: You cannot prevent IE6 from caching HTTP pages by using META tags. Read more msmvps.com: You experience problems when you use Internet Explorer to browse through pages on a secure site. Read more   Tools: www.extremetech.com: 6 Free Multi-Service IM Clients. Read more www.lifehacker.com: Top 10 Network Utilities. Read more   News www.securityfocus.com: Yahoo releases emergency Messenger patch. Read more www.theregister.co.uk: Yahoo! patch squashes messenger bug. Read more www.internetnews.com: Loose Lips Help Hit Yahoo's IM. Read more www.theregister.co.uk: The slow death of AV technology. Read more www.theregister.co.uk: DIY kits dumb down phishing. Read more www.vnunet.com: Tech firms 'colluding' in web censorship. Read more news.com.com: TorrentSpy ordered to start tracking visitors. Read more today.reuters.co.uk: Russia monitors Internet to dampen ethnic violence. Read more www.theregister.co.uk: Cyberstalker caught after months on the run. Read more www.guardian.co.uk: Teacher to get retrial over internet porn. Read more arstechnica.com: Porn shown in 4th grade clasroom, teacher not blamed this time. Read more www.vnunet.com: Worm points the way to Arabic viruses. Read more

08 June 2007 Guides, Papers, etc isc.sans.org: Fake Microsoft Security Bulletin -> Malicious Browser Add-On. Read more blogs.securiteam.com: YouTube security video on YouTube :) Read more www.schneier.com: Nonsecurity Considerations in Security Decisions. Read more honeyblog.org: "Automatic Handling Of Protocol Dependencies And Reaction To 0-Day Attacks With ScriptGen Based Honeypots". Read more ddanchev.blogspot.com: An Analysis of the Technical Mujahid - Issue Two. Read more www.avertlabs.com: A Virus in Your Calculator? Read more blog.siteadvisor.com: Simple Javascript generates "Exploit". Read more ha.ckers.org: The JavaScript Paradox. Read more www.wired.com/: Free the Spam King! Read more www.darkreading.com: Privacy Premium Doesn't Faze Buyers. Read more www.darkreading.com: Matasano Preps 'Firewall Mixer'. Read more www.darkreading.com: Web App Security Heats Up. Read more www.darkreading.com: Congress vs Spyware? Read more www.darkreading.com: JSON, Ajax & Web 2.0. Read more www.podtrac.com: Audio: Security Now 95: Open ID. Listen weis2007.econinfosec.org: The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study. Read more   Vulnerabilities & Exploits securitytracker.com: Yahoo Messenger Buffer Overflows in Webcam ActiveX Controls Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Yahoo Messenger Unspecified Bugs Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Solaris Management Console Logging Bug Grants Root Access to Remote or Local Users. Read more securitytracker.com: Solaris Management Console Authentication Bug Grants Root Access to Remote or Local Users. Read more securitytracker.com: Microsoft GDI+ ICO File Divide By Zero Bug Lets Remote Users Deny Service. Read more securitytracker.com: MaraDNS Memory Leak Lets Remote Users Deny Service. Read more   News www.theregister.co.uk: Vista and IE 7 to receive 'critical' fixes on Patch Tuesday. Read more www.theregister.co.uk: Hackers blamed for Illinois agency server hack. Read more www.theregister.co.uk: Hackers load malware onto Mercury music award site. Read more Buggy ActiveX controls menace Yahoo! Messenger. Read more www.theregister.co.uk: CA in malformed archives malware risk. Read more www.esecurityplanet.com: Microsoft IIS a Popular Target For Malware. Read more www.itnews.com.au: Former IT contractor pleads guilty to Chrysler sabotage. Read more www.itnews.com.au: Researchers report 10 critical bugs in CA's backup. Read more www.terra.net.lb: Wireless power may cut some wires, batteries: MIT. Read more

07 June 2007 Guides, Papers, etc sunbeltblog.blogspot.com: Some comments on the Julie Amero case. Read more blogs.securiteam.com: Thunderbird 1.5.0.12: I�m ready, download me! Read more isc.sans.org: A Java exploit. Read more isc.sans.org: Analyzing (malicious) SWF file actions. Read more isc.sans.org: Sun JRE Vulnerabilities. Read more www.symantec.com: The Beginning of the Arabic Virus Era. Read more www.avertlabs.com: (Mis)interpreting Reviews. Read more blogs.securiteam.com: FuzzGuru�s approach to fuzzing. Read more www.2-spyware.com: Real news spam. Read more blogs.authentium.com: IRS based targetted attacks. Read more ftp.research.microsoft.com: Automated Whitebox Fuzz Testing. Read more www.darkreading.com: Pop-Up Predicament. Read more www.darkreading.com: A Multitude of SIMs. Read more ha.ckers.org: Additional Image Bypass on Windows. Read more www.geeksaresexy.net: How to Delete an Undeletable File. Read more www.wired.com: Researchers Chart Internet's 'Black Holes'. Read more yro.slashdot.org: How Private Are Sites' Membership Lists? Read more   Vulnerabilities & Exploits securitytracker.com: Symantec Ghost Solution Suite Bugs Let Remote Users Deny Service. Read more securitytracker.com: CA Antivirus Stack Overflows in Processing Filenames and the 'coffFiles' Parameter in CAB Files Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Symantec Reporting Server Lets Remote Users Execute Arbitrary Code or Obtain the Administrative Password. Read more   Tools: www.tigoe.net: Bluetooth Sniffer. Read more www.security-database.com: RevHosts 2.0 for Pentest Information Gathering. Read more   News norwichbulletin.com: Teacher granted new trial in pornographic pop-up case; READ DOCUMENT. Read more www.securityfocus.com: Judge nixes teacher's conviction on porn pop-ups. Read more blog.washingtonpost.com: Substitute Teacher Granted New Trial in Porn Case. Read more news.bbc.co.uk: Censorship 'changes face of net'. Read more www.theregister.co.uk: US House passes another anti-spyware bill. Read more www.al.com: 400 may be victims of credit fraud. Read more www.vnunet.com: Phishers escaping the net. Read more www.theregister.co.uk: MS anti-Trojan shield fails to protect older Offices. Read more www.regdeveloper.co.uk: eBay's phishy old problem. Read more www.informationweek.com: Hackers Blamed For Data Breach That Compromised 300,000. Read more

06 June 2007 Guides, Papers, etc isc.sans.org: Iframe > malicious javascript > trojan. Read more isc.sans.org: More PHP Phun. Read more sunbeltblog.blogspot.com: Julie Amero sentencing on for tomorrow at 10 AM. Read more www.sophos.com: Phoney Marks and Spencer email offer spreads like wildfire. Read more blog.spywareguide.com: Rogue Security Applications Being Pushed On Myspace. Read more sunbeltblog.blogspot.com: Zango TRO against PC Tools denied. Read more www.darkreading.com: Using Bugs as Leverage. Read more www.darkreading.com: Vendors Tighten Up Security. Read more www.darkreading.com: Microsoft Unwraps Security Platform. Read more www.darkreading.com: Security's Sea Change. Read more www.darkreading.com: Firewall Wish List. Read more www.darkreading.com: Security's Soft Underbelly. Read more www.cio.in: How Secure is Your Security Software? Read more s3.amazonaws.com: Audio: PHP Secuity Tips. Listen news.zdnet.co.uk: Video: Mobile malware 'a threat'. Watch   Vulnerabilities & Exploits www.0x000000.com: Firefox Remote & Local Code Excution 0day. Read more securitytracker.com: Macrovision FLEXnet Connect Buffer Overflow in ActiveX Control Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: XScreenSaver Interaction With GNOME Assistive Technology Lets Physically Local Users Execute Arbitrary Code. Read more securitytracker.com: Microsoft Internet Explorer Lets Remote Users Spoof Certain Objects. Read more securitytracker.com: Microsoft Internet Explorer Input Validation Hole Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Centennial Discovery Stack Overflow in 'XferWan.exe' Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: F5 FirePass Input Validation Flaw in 'my.activation.php3' Permits Remote Command Execution. Read more securitytracker.com: IBM Lotus Domino Web Service Can Be Crashed With Specially Crafted URLs. Read more   News www.theregister.co.uk: Chinese user sues Symantec over dodgy updates. Read more www.theregister.co.uk: Microsoft threatens its Most Valuable Professional. Read more Firefox may use Google to block sites. Read more www.informationweek.com: Public In The Dark About 95% Of Software Bugs, IBM Says. Read more www.theregister.co.uk: Google's Street View could be unlawful in Europe. Read more money.cnn.com: Surfing the Web with nothing but brainwaves. Read more

05 June 2007 Guides, Papers, etc www.siteadvisor.com: The State of Search Engine Safety. Read more www.f-secure.com: Real News with Real Malware. Read more isc.sans.org: Firefox and IE Zero Days. Read more isc.sans.org: New Malware SPAM. Read more www.schneier.com: Third Party Consent and Computer Searches. Read more www.alex-ionescu.com: A New Direction. Read more ddanchev.blogspot.com: g0t XSSed? Read more blogs.securiteam.com: GDB UPX vulnerability not a UPX vulnerability at all. Read more mcwresearch.com: Evaluating malware from a network perspective. Read more ha.ckers.org: Passing Malicious PHP Through getimagesize(). Read more www.darkreading.com: EMC Secures Verid. Read more www.darkreading.com: eEye to Enter Security Services. Read more www.darkreading.com: Mobile Computing Gets Sexy Again. Read more www.techspot.com: Man in the middle attack threatens Google Desktop. Read more www.computerworld.com.sg: Beyond passwords: 5 new ways to authenticate users. Read more lauren.vortex.com: Google and the JFK Bomb Plot: The Censorship Circus. Read more   Vulnerabilities & Exploits lcamtuf.coredump.cx: MSIE bait & switch vulnerability demo. Read more securitytracker.com: Symantec VERITAS Storage Foundation Windows Scheduler Service Lets Remote Users Execute Arbitrary Commands. Read more securitytracker.com: PHP Infinite Loop in imagecreatefrompng() Lets Users Deny Service. Read more securitytracker.com: PHP Integer Overflow in chunk_split() Has Unspecified Impact. Read more securitytracker.com: VERITAS Storage Foundation Veritas Volume Replicator Administration Service Can Be Crashed By Remote Users. Read more securitytracker.com: GNU locate Filename Buffer Overflow Lets Local Users Execute Arbitrary Code. Read more   News www.securityfocus.com: Search engines reduce risky results, says report. Read more www.theregister.co.uk: Flaws galore in IE and Firefox. Read more www.securitypark.co.uk: Hackers have created a new class of highly evasive attacks. Read more www.itnews.com.au: Spam levels remain steady in May. Read more msmvps.com: 14 year old publishes self portrait on the Web; discovers it is being used as the cover art for a porn DVD without permission. Read more education.guardian.co.uk: Pupils crack schools' internet safety filters. Read more www.itnews.com.au: Proofpoint: Next-generation email security arrives. Read more www.smh.com.au: Cyber crime fear as online banking grows. Read more

04 June 2007 Guides, Papers, etc isc.sans.org: Invalid ssl certs ... Read more isc.sans.org: IIS 5.0 authentication bypass exploit -- CVE-2007-2815. Read more blogs.securiteam.com: Counting viruses - with TI-89 calculator. Read more blogs.securiteam.com: What is your favorite Capture the Flag? Read more sunbeltblog.blogspot.com: MyCleanerPC. Read more blogs.ittoolbox.com: Exploit-y news. Read more www.nytimes.com: Google Keeps Tweaking Its Search Engine. Read more news.com.com: Cyberattack in Estonia--what it really means. Read more www.newsfactor.com: Spam King's Revenge: Junk E-Mail Rages On. Read more community.zdnet.co.uk: Anatomy of a Mobile Virus: Dismantling A Daisy Chain Explosive. Read more www.websense.com: Web-Attacker Exposed. Read more msmvps.com: feedburner users - give your data to google, or LOSE your account. Read more   Tools: ha.ckers.org: OWASP Live CD. Read more   News www.wired.com: Desperate Botnet Battlers Call for an Internet Driver's License. Read more www.theregister.co.uk: Google security vulnerabilties stack up. Read more www.itrportal.com: New Cheburgen.a Worm Spreads via email, Web, Network Shares and Software Vulnerability! Read more www.techworld.com: Microsoft no longer worst at anti-virus. Read more www.islandpacket.com: Computers hacked at Hilton Head Island High. Read more www.foxnews.com: Michigan Man Fined for Using Coffee Shop's Wi-Fi Network. Read more

02 June 2007 byshell 0.67 beta2 Guides, Papers, etc www.f-secure.com: Should police hack? Read more www.securityfocus.com: Zero-day sales not "fair" -- to researchers. Read more blogs.securiteam.com: More Soloway documents online. Read more blogs.securiteam.com: The attacks on Estonia by Russians (or Russia?). Read more blogs.securiteam.com: �Where is Waldo?�, or �Security by Origami�. Read more isc.sans.org: p0f, spam detection and OOF e-mails. Read more isc.sans.org: Massive list of compromised sites. Read more www.symantec.com: MSN Worm Speaking in Tongues. Read more ha.ckers.org: Worst Idea Ever. Read more blogs.ittoolbox.com: One mystery solved - it's MPACK not WebAttacker2. Read more blogs.ittoolbox.com: Everyone knows the Internet is for porn...Read more blogs.iss.net: Counting Vulnerabilities. Read more www.avertlabs.com: YAP.it Yet Another Phishing targeted to Italy. Read more www.eweek.com: Why Is the Mac OS More Secure than Windows? Read more www.darkreading.com: Dismantling a Botnet. Read more www.darkreading.com: DR Survey: Insiders Take the Cake. Read more www.darkreading.com: All The Wrong Moves. Read more www.betanews.com: Could Google Gears Make 'Cookies' Obsolete? Read more www.cse.ohio-state.edu: Combating the Botnet Scourge. Read more seattletimes.nwsource.com: Attempt to block spam could be hindering e-mail. Read more csrc.nist.gov: Cell Phone Forensic Tools. Read more www.theregister.co.uk: Why Microsoft's innovation is only Surface deep. Read more   Vulnerabilities & Exploits securitytracker.com: Sun Java Runtime Environment Buffer Overflow in Applet Image Parsing Lets Remote Users Gain Privileges. Read more securitytracker.com: Apple Xserve Lights-Out Management Firmware IPMI Grants Administrative Access to Remote Users. Read more securitytracker.com: Novell GroupWise Lets Remote Users Conduct Man-in-the-Middle Attacks to Obtain Authentication Credentials. Read more   Tools: www.ijs.si: amavisd-new is a high-performance interface between mailer (MTA) and content checkers: virus scanners, and/or SpamAssassin. Read more www.edge-security.com: Wfuzz - The web bruteforcer - Updated 1.1. Read more   News www.theregister.co.uk: Hardy perennials dominate virus chart. Read more www.securityfocus.com: Online thieves nab $450,000 from town coffers. Read more www.itrportal.com: China goes for gold in malware olympics. Read more www.technewsworld.com: ChoicePoint Settles ID Theft Case, Licks Wounds. Read more news.com.com: Security Bites Podcast: The perils of flaw disclosure. Read more www.theregister.com Cloudmark takes anti-spam to the edge. Read more newpaper.asia1.com.sg: One of world's 'top 10' spammers nabbed. Read more www.computeractive.co.uk: Fear over children's online activity. Read more www.itnews.com.au: Dog lovers warned about online puppy scam. Read more

01 June 2007 Guides, Papers, etc Trojans of May. Read more www.cio.com: How Online Criminals Make Themselves Tough to Find, Near Impossible to Nab. Read more blogs.securiteam.com: Disclosing Firefox add-on vulnerabilities - why this week? Read more blogs.securiteam.com: Dmitry�s Summer of Code (SoC). Read more www.f-secure.com: Beating a Dead Horse. Read more www.sophos.com: Testing times: Sophos and AV-Test.org. Read more www.sophos.com: Hack Attack: 9,500 new infected web pages every day, reports Sophos. Read more www.techworld.com: Spammers will turn to AI. Read more www.sophos.com: Hong Kong Phooey. Read more isc.sans.org: PHP 5.2.3 released. Read more isc.sans.org: Symantec pattern fires on Spybot Search & Destroy 1.3. Read more isc.sans.org: An inside look at a targeted attack. Read more isc.sans.org: New Firefox releases fix security vulnerabilities. Read more www.riskbloggers.com: Phishing: Silver Hooks, Not Silver Bullets. Read more www.eweek.com/: Is Retail Crime Increasing or Just Being Noticed More? Read more ddanchev.blogspot.com: MSN Spamming Bot. Read more www.eweek.com: Akonix: IM Attacks So Far Increased 73% over 2006. Read more www.onlamp.com: A BSD Rootkit Primer. Read more www.darkreading.com: Guerrilla Storage. Read more www.darkreading.com: Beware of the Quiet Ones. Read more www.newsfactor.com: IRS Spoof Targets Execs Through RTF Vulnerability. Read more www.smh.com.au: Owning database forensics. Read more www.washingtonceo.com: Zango. Lessons Learned. An online media company perseveres through good times and bad. Read more arstechnica.com: What lurks below Microsoft's Surface? A brief Q&A with Microsoft. Read more www.viruslist.com: Wardriving in London 2007. Read more aolradio.podcast.aol.com: Audio: Security Now 94: The Fourth Factor. Read more   Vulnerabilities & Exploits ha.ckers.org: Google Desktop 0day. Read more securitytracker.com: HP System Management Homepage Input Validation Hole Permits Cross-Site Scripting Attacks. Read more securitytracker.com: IBM WebSM Lets Remote Users Deny Service. Read more securitytracker.com: Perl on IBM AIX Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: Mozilla Firefox Lets Remote Users Set Cookie Values to Deny Service. Read more securitytracker.com: Mozilla Seamonkey Lets Remote Users Set Cookie Values to Deny Service. Read more securitytracker.com: Mozilla Seamonkey Input Validation Hole in addEventListener Method Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Mozilla Firefox Input Validation Hole in addEventListener Method Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Mozilla Seamonkey XUL Popups Let Remote Users Spoof Portions of the Browser Chrome. Read more securitytracker.com: Mozilla Firefox XUL Popups Let Remote Users Spoof Portions of the Browser Chrome. Read more securitytracker.com: Mozilla Firefox Autocomplete Form Bug Lets Remote Users Deny Service. Read more securitytracker.com: Mozilla Seamonkey Bugs in Layout and Javascript Engines May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Mozilla Thunderbird Bugs in Javascript Engines May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Mozilla Firefox Bugs in Layout and Javascript Engines May Let Remote Users Execute Arbitrary Code. Read more   Tools: www.security-hacks.com: 10 Anti-Phishing Firefox Extensions. Read more   News www.pcadvisor.co.uk: Google Desktop open to hackers. Read more www.techworld.com: Don't trust Google Toolbar, researcher says. Read more www.latimes.com: Computer hackers steal Carson funds. Read more www.intentblog.co: Cyber Warfare: Beyond Estonia-Russia, Rise of China's 5th Dimension Cyber Army for the 21st C. Read more www.thepittsburghchannel.com: Call 4 Action: Scammers Targeting Military Families. Read more www.net-security.org: Banker Trojans imitating phishing attacks. Read more www.theregister.com: 40% of kids regularly visit forbidden sites. Read more www.theregister.co.uk: Spam King arrested in Seattle. Read more www.australianit.news.com.au: Spam flows despite arrest. Read more arstechnica.com: New AACS "fix" hacked in a day. Read more www.theregister.com: Spyware mum foils pervert. Read more www.canada.com: ATM skimmers seized in raid. Read more

Copyright� MegaSecurity.org