Home    News Archive    Translate Traducen

News October 2008

23 October 2008 Guides, Papers, etc isc.sans.org Microsoft out-of-band patch - Severity Critical. Read more isc.sans.org Podcast Episode Eleven Posted. Read more Project Grey Goose Phase I Report. Project Grey Goose is, in technology terms, a pure play Open Source Intelligence (OSINT) initiative launched on August 22, 2008 to examine how the Russian cyber war was conducted against Georgian Web sites and if the Russian government was involved or if it was entirely a grass roots movement by patriotic Russian hackers. Read more lasecwww.epfl.ch COMPROMISING ELECTROMAGNETIC EMANATIONS OF WIRED KEYBOARDS. Read more www.haaretz.com Is Israel's booming high-tech industry a branch of the Mossad? Read more resources.zdnet.co.uk Rootkits: What you should know. Read more www.f-secure.com Virus.VBS.Confi. Read more www.f-secure.com Surge in Facebook Malware. Read more www.f-secure.com Exploit Predictions. Read more www.usatoday.com Hackers' mind-set: They've done nothing wrong. Read more www.net-security.org [I]SECURE Magazine Issue 18. Read more www.instructables.com Yellow Dots of Mystery: Is Your Printer Spying on You? Read more www.avertlabs.com French President a Victim of Identity Theft. Read more www.thedarkvisitor.com Stolen lawn mowers and Chinese rage against Microsoft. Read more www.thedarkvisitor.com Chinese hackers taking advantage of Microsoft �Black Screen of Death�. Read more feeds.feedburner.co The Dark Visitor � podcast. Read more www.darkreading.com 'Block the Vote' Tactics Go Online This Election. Read more www.darkreading.com Microsoft Blue Hat: Researcher Demos No-Hack Attack. Read more www.darkreading.com The Root of Online Evils. Read more ddanchev.blogspot.com A Diverse Portfolio of Fake Security Software - Part Ten. Read more ddanchev.blogspot.com Massive SQL Injection Attacks - the Chinese Way. Read more ddanchev.blogspot.com Real-Time OSINT vs Historical OSINT in Russia/Georgia Cyberattacks. Read more ddanchev.blogspot.com A Diverse Portfolio of Fake Security Software - Part Nine. Read more ddanchev.blogspot.com TorrentReactor Compromised, 1.2M Users Database In the Wild. Read more ddanchev.blogspot.com DDoS Attack Graphs from Russia vs Georgia's Cyberattacks. Read more ddanchev.blogspot.com The Cost of Anonymizing a Cybercriminal's Internet Activities. Read more ddanchev.blogspot.com Quality Assurance in Malware Attacks - Part Two. Read more thisweekintech.com Security Now 166: Cross Site Request Forgery. Read more sunbeltblog.blogspot.com WinDefender 2008 with a sidebar. Read more sunbeltblog.blogspot.com New rogue: AntiSpyware XP 2009. Read more sunbeltblog.blogspot.com New rogue: Pro Antispyware 2009. Read more blog.trendmicro.com Start With Trust, End in Malware. Read more blog.trendmicro.com A Very Early London Olympics Scam. Read more blog.trendmicro.com �Halloween Costumes� Bring More Fright Than Expected. Read more   Vulnerabilities & Exploits isc.sans.org F-Secure and Trend Micro Release Critical Patches. Read more   News www.securityfocus.com Researchers find keyboards to be tattletales. Read more www.securityfocus.com Ohio searches for state-site attacker. Read more www.cnn.com Authorities shut down huge spam e-mail ring. Read more www.theregister.co.uk McAfee update classifies Vista component as a Trojan. Read more www.channelregister.co.uk Microsoft sued in China for black screen of death. Read more www.washingtonpost.com Al-Qaeda Web Forums Abruptly Taken Offline. Read more www.itbusiness.ca E-ticket scam crash lands victims into a load of malware. Read more www.reuters.com FBI catches up with Miley Cyrus hacker. Read more

11 October 2008 Guides, Papers, etc www.benedelman.org CPA Advertising Fraud: Forced Clicks and Invisible Windows. Read more www.eecs.umich.edu Towards an Understanding of Anti-virtualization and Anti-debugging Behavior in Modern Malware. Read more honeyblog.org As the Net Churns: Fast-Flux Botnet Observations. Read more www.turbocrypt.com Visualisation of potential weakness of existing cipher engine implementations in commercial on-the-fly disk encryption software. Read more www.internetnews.com Metasploit 3.2 Offers More 'Evil Deeds'. Read more www.theregister.co.uk New Google bugs empower phishermen. Read more blogs.paretologic.com Web crawling for malware with a Honeypot. Read more blogs.paretologic.com Rogue makers ahead of time? Read more www.internetevolution.com Cracking the Internet's Axis of Evil. Read more www.sudosecure.net Storm Worm - Go away, we�re not home. Read more www.webmonkey.com Hackers Are Watching You: Flash Clickjacking Vulnerability Exposes Webcams and Mics. Read more www.youtube.com Webcam ClickJacking. Watch ha.ckers.org Clickjacking Details. Read more www.technewsworld.com Blacklisting and Whitelisting: Color-Coding Security. Read more www.eweek.com Challenging the Immutable Laws Of Security. Read more www.smh.com.au No names: inside the fake identity racket. Read more www.darkreading.com Hacker in Your Pocket. Read more www.darkreading.com Disclosure's Slippery Middle Ground. Read more www.darkreading.com How EMC/RSA Scared Me Half to Death. Read more www.avertlabs.com Cracking CAPTCHA: Another Russian Business. Read more ddanchev.blogspot.com Cybercriminals Abusing Lycos Spain To Serve Malware. Read more ddanchev.blogspot.com Commoditization of Anti Debugging Features in RATs - Part Two. Read more ddanchev.blogspot.com A Diverse Portfolio of Fake Security Software - Part Eight. Read more ddanchev.blogspot.com Web Based Malware Emphasizes on Anti-Debugging Features. Read more ddanchev.blogspot.com Fake Windows XP Activation Trojan Wants Your CVV2 Code. Read more isc.sans.org When the Hackers Hack Back. Read more www.f-secure.com The Art of the Hidden File. Read more www.f-secure.com "Latest security Update Standard 128-bit Upgrade Certificate". Read more sunbeltblog.blogspot.com New rogue: Rapid Antivirus. Read more sunbeltblog.blogspot.com SSH Scam sites update. Read more msmvps.com ALERT: Treat all content from the ad agency called Adshaven with extreme caution. Read more msmvps.com New malvertizement trickery affecting surfline.com and careerbuilder.com. Read more blog.spywareguide.com Google AdWords Phish. Read more blog.trendmicro.com Fake SSL Certificates Seen Again. Read more blog.trendmicro.com A New YouTube Malware Tool. Read more arstechnica.com Osama bin Fragged: a review of terrorist propaganda games. Read more   Vulnerabilities & Exploits www.adobe.com Flash Player workaround available for "Clickjacking" issue. Read more News www.securityfocus.com Lawmaker's son indicted for Palin e-mail hack. Read more news.cnet.com World Bank under cyberattack? Read more blog.wired.com Palin Hacker Allegedly Involved in Another Computer Intrusion. Read more www.khou.com Student faces porn charge over text message sent by classmate. Read more www.newarkadvocate.com Hottinger: Law didn't anticipate cell phone photo case (video). Read more www.theregister.co.uk Turbo-charged wireless hacks threaten networks. Read more www.nypost.com HOTEL HACK ATTACK. Read more www.smh.com.au Fake YouTube pages used to spread viruses. Read more www.ctv.ca Canadian teen hacker reveals secrets in tell-all book. Read more www.scmagazineuk.com WiFi is no longer a viable secure connection. Read more uk.gizmodo.com 'Unbreakable' Encryption System Launched. Read more

05 October 2008 Guides, Papers, etc www.benedelman.org Auditing Spyware Advertising Fraud: Wasted Spending at VistaPrint. Read more insecure.org Explaining the �New� TCP Resource Exhaustion Denial of Service (DoS) Attack by Fyodor. Read more taosecurity.blogspot.com DoS Me Like It's 1996. Read more media.grc.com Audio. Security now. SockStress. Listen www.grc.com SockStress. Read more erratasec.blogspot.com TCP Selective ACK considered evil. Read more www.securecomputing.net.au Eugene Kaspersky on the cybercrime arms race. Read more honeyblog.org Reconstructing People�s Lives: A Case Study in Teaching Forensic Computing. Read more. chuvakin.blogspot.com Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008. Read more www.darkreading.com How to Root Out Bots in Your Network. Read more www.sophos.com VB2008: Lipstick, pigs, anti-virus and ponytails. Read more www.f-secure.com Your computer is now stoned (�again). Read more www.f-secure.com John Doe is a Criminal Mastermind. Read more blog.trendmicro.com Rogue AV Tactics Continue to Threaten. Read more blog.trendmicro.com Spam Using Email Delivery Notifications To Verify Valid Addresses. Read more www.avertlabs.com Artemis Backstage #1: Malware Mapping. Read more ddanchev.blogspot.com Inside a Managed Spam Service. Read more ddanchev.blogspot.com Syndicating Google Trends Keywords for Blackhat SE... Read more ddanchev.blogspot.com Managed Fast Flux Provider - Part Two. Read more ddanchev.blogspot.com Monetizing Infected Hosts by Hijacking Search Results. Read more ddanchev.blogspot.com Copycat Web Malware Exploitation Kit Comes with Disclaimer. Read more ddanchev.blogspot.com Web Based Malware Eradicates Rootkits and Competing Malware. Read more ddanchev.blogspot.com Identifying the Gpcode Ransomware Author. Read more www.darkreading.com Clickjacking Defense Will Require Browser Overhaul. Read more www.darkreading.com The Encryption That Wasn't There. Read more blog.wired.com Online Posse Assembles, to Unmask Russia's Hackers. Read more www.nationalpost.com 'Mafiaboy' writes book about the day he shut down the Internet. Read more www.sophos.com VB2008: Lipstick, pigs, anti-virus and pony-tails. Read more share.skype.co Skype President Addresses Chinese Privacy Breach. Read more blogs.wsj.com Skype Responds to China Surveillance Report. Read more www.securityfocus.com Blaming the Good Samaritan. Read more www.securityfocus.com It's All About Reputation. Read more www.thedarkvisitor.com China�s Cyber Police Map (with links). Read more hphosts.blogspot.com Directi and HostFresh still supporting criminals! Read more dvlabs.tippingpoint.com ThreatLinQ: Spyware and Executable Packers Revisited. Read more www.technewsworld.com Identity Fraud, Part 1: A $45 Billion Snowball. Read more www.technewsworld.com Identity Fraud, Part 2: Digging Yourself Out of the Wreckage. Read more www.technewsworld.com Identity Fraud, Part 3: Taking the Target Off Your Back. Read more www.telegraph.co.uk People 'more likely to lie in emails' Read more theecakescraps.wordpress.com Pure Profit: A Look at Swoop. Read more voices.washingtonpost.com EstDomains: A Sordid History and a Storied CEO. Read more www.businessweek.com Dangerous Fakes How counterfeit, defective computer components from China are getting into U.S. warplanes and ships. Read more blog.spywareguide.com The Strange World of EBay Auctions. Read more www.eweek.com Passports: Another Bad Use of Self-Signed Certificates. Read more www.chayden.net Eliza Test. Read more   Vulnerabilities & Exploits www.securiteam.com VMware Emulation Flaw x64 Guest Privilege Escalation. Read more   News edition.cnn.com Homeland Security seeks cyber counterattack system. Read more www.dw-world.de Telekom Says Data From 17 Million Customers Was Stolen. Read more www.computerworld.com Researcher finds evidence of massive site compromise. Read more www.securityfocus.com Report claims surveillance of Chinese messaging. Read more www.securityfocus.com TCP flaws allow deadly DoS attacks, finders say. Read more www.theregister.co.uk Hackers exploit Neosploit to booby trap BBC, US postal service. Read more blog.wired.com Supremes Mull Whether Bad Databases Make for Illegal Searches. Read more voices.washingtonpost.com New State Laws Target Data Encryption, RFID Tracking. Read more voices.washingtonpost.com New Federal Law Targets ID Theft, Cybercrime. Read more www.pcpro.co.uk Asus ships software cracker on recovery DVD. Read more www.pcworld.com Two Europeans Charged in US Over DDOS Attacks. Read more www.theregister.co.uk Brit, German indicted for stateside satellite TV attacks. Read more www.securecomputing.net.au South Korean defence suppliers uncover malicious code. Read more www.yomiuri.co.jp China to make foreign firms reveal secret info. Read more

Copyright� MegaSecurity.org