Home

News Archive    Translate Traducen

News November 2001

30 November 2001 New trojan: G-Spot 1.0 www.securityfocus.com: BinTec X Series Router PPTP Denial of Service Vulnerability. Read more www.securityfocus.com: Horde IMP Encoded Cross-Site Scripting Vulnerability. Read more www.wired.com: 'Lantern' Backdoor Flap Rages. Read more slashdot.org: FBI/Magic Lantern story. Read more www.netsurf.com: Commercial Anti-Virus Companies Won't Detect FBI Snoopware. Read more www.counterpane.com: Full Disclosure and the Window of Exposure. Read more www.infoconomy.com: Virus writers and hackers uniting to defeat security. Read more www.theregister.co.uk: WinXP steals your bandwidth. Read more www.theregister.co.uk: Red Hat pre-releases major Linux bug details. Read more securityfocus.com: Oops! Linux Bug Escapes Early. Read more www.newsbytes.com: Fluffi Bunni Places Ads At Security Site. Read more www.zdnet.com: Hackers put IM in their sights. Read more www.computeruser.com: Satanic hacking group targets church sites. Read more www.theregister.co.uk: Cisco accountant hackers sent to jail. Read more www.computeruser.com: ID-theft suspect had entire motor-vehicle database - police. Read more www.zdnet.com: Overture begins for new Opera 6.0. Read more www.infoworld.com: It's not a bug, it's a feature. Read more www.theregister.co.uk: Meet the future of Windows security exploits. Read more www.newsbytes.com: Servers Left Vulnerable By Early Patch Release. Read more www.newsbytes.com: Bush Signs Spending Bill With Cyber-Security Funding. Read more www.netimperative.com: Security fears, despite growth in online shopping. Read more www.zdnet.com: Finding a backup to Excite@Home. Read more web.lexis-nexis.com: Judge indicted on charges of possessing child porn. Read more chicagotribune.com: Hollywood Victory in DVD Hacker Case. Read more www.law.com: Appeals Court Sides With Hollywood Over Hackers, Rules DVD Copying Hurts Sales. Read more

29 November 2001 New trojan: rada-tat-Rat 1.0 www.securityfocus.com: Horde IMP Encoded Cross-Site Scripting Vulnerability. Read more www.securityfocus.com: Apache Artificially Long Slash Path Directory Listing Vulnerability. Read more www.securityfocus.com: Apache Possible Directory Index Disclosure Vulnerability. Read more www.securityfocus.com: Workaround Addresss IIS 4/5 Web Server Root Directory Browse Access. Read more www.cgisecurity.org: Mailman Email archiver Cross Site Scripting Hole. Read more linuxtoday.com: SuSE Security Announcement: wuftpd. Read more security-protocols.com: Wu-Ftpd File Globbing Heap Corruption Vulnerability. Read more security-protocols.com: Cisco Vulnerability in IOS Firewall Feature Set. Read more security-protocols.com: Firewall-1 remote SYSTEM shell buffer overflow. Read more security-protocols.com: SafeWord Agent for SSH (secure shell) vulnerability. Read more www.securiteam.com: NetDynamics Session ID is Reusable. Read more www.securiteam.com: GRC.com Can be Used to Scan Arbitrary IP Addresses. Read more www.securiteam.com: Xitami Admin Password Vulnerability. Read more www.securiteam.com: Auto Nice Daemon Format String Vulnerability. Read more www.theregister.co.uk: Hybrid viruses set to become bigger threat. Read more www.reuters.com: Trojans Top 2001 Computer Virus List, Execs Say. Read more www.usatoday.com: New self-executing virus hits Net. Read more www.newsbytes.com: Satanic Hacking Group Targets Church Sites. Read more news.cnet.com: The root of the problem: Bad software. Read more www.stuff.co.nz: Instant messaging � hackers like it, too. Read more www.newsbytes.com: Philippine Hackers Deface Sites To 'Expose Flaws'. Read more news.cnet.com: Playboy says hacker stole customer info. Read more www.dmnews.com: Playboy Makes Changes to be Less Exposed to Hacker Attack. Read more www.cnn.com: Judge sets appeal hearings in Sklyarov case. Read more www.silicon.com: Encryption: is it a load of &*^%&^&^$%? Read more www.theregister.co.uk: How to crash a phone by SMS. Read more www.theregister.co.uk: Meet the future of Windows security exploits. Read more news.cnet.com: Opera fine-tunes latest browser. Read more news.cnet.com: Court upholds ban on DVD-cracking code. Read more news.cnet.com: Court dismisses free-speech lawsuit. Read more www.theregister.co.uk: International Net paedophile ring smashed by UK police. Read more Wanted: Voyager Alpha Force

28 November 2001 New trojan: Q-taz 2.2 www.securityfocus.com: Unix Shell Redirection Race Condition Vulnerability. Read more www.securityfocus.com: RedHat RPM Corrupt Query Vulnerability. Read more www.securityfocus.com: Microsoft Internet Explorer Patch Q290108 Vulnerability. Read more security-protocols.com: Sendpage (Perl CGI) Remote Execution Vulnerability. Read more security-protocols.com: Auto Nice Daemon Format String Vulnerability. Read more security-protocols.com: Xitami Webserver stores admin password in clear text. Read more security-protocols.com: NetDynamics Session ID is Reusable. Read more www.securiteam.com: Uncovering the Asterisks in Password Inputs. Read more www.securiteam.com: Microsoft IIS Vulnerable to Log Faking. Read more www.securiteam.com: Hypermail SSI Vulnerability. Read more www.securiteam.com: RegistryBrowser Allows Remote Registry Access to HKEY_CURRENT_USER. Read more www.securiteam.com: PDD, Forensic Analysis for the PalmOS. Read more www.securiteam.com: AV Vendors Split Over FBI Trojan. Read more www.msnbc.com: FBI software cracks encryption wall. Read more www.wired.com: 'Lantern' Backdoor Flap Rages. Read more www.computeruser.com: Thirty nations sign global cybercrime treaty. Read more www.zdnet.com: Worms: Despite patching, infection continues. Why? Read more www.stuff.co.nz: Internet worm opens door for hackers. Read more www.silicon.com: Badtrans worm - it's bad. Read more www.boardwatch.com: Internet Worm that Tracks Typing Still Spreading. Read more www.computing.vnunet.com: Remote access Trojans on the warpath. Read more www.sfgate.com: Worms find new ways to attack. Read more www.reuters.com: Internet Worm That Tracks Typing Still Spreading. Read more www.silicon.com: BT mails virus to customers. Read more www.cnn.com: Microsoft touts tighter security of Web services. Read more www.computeruser.com: Microsoft's latest security problem. Read more www.eweek.com: Tool Measures W2K Security. Read more www.nwc.com: Vulnerability Life Cycles. Read more www.miami.com: Fewer havens for hackers. Read more www.newsbytes.com: Cisco Hackers Sentenced For Stock Theft. Read more www.computing.vnunet.com: Google not 'hackers' best friend'. Read more www.computing.vnunet.com: Cyber terrorism is 'fantasy'. Read more

27 November 2001 New trojan: Sensive 3.1 vapid.dhs.org: Xitami Admin Password vulnerability from imatrix.com. Read more www.nmrc.org: A vulnerability has been found in Sun's NetDymanics session management package that allows an attacker to hijack random user sessions. Read more www.securityfocus.com: Microsoft Internet Explorer Misleading File Extension Vulnerability. Read more www.securityfocus.com: Linux Syn Filter Evasion Vulnerability. Read more www.securityfocus.com: Linux Ptrace/Setuid Exec Vulnerability. Read more www.securityfocus.com: A Brief History of The Worm. Read more Watch out for e-mails with only "Re:" in the subject line! www.computerworld.com: Badtrans worm leaves back doors, logs data. Read more news.cnet.com: Worm hitting home for the holidays. Read more www.theregister.co.uk: BadTrans virus bites Windows users hard. Read more www.zdnet.com: Britain invaded by worm. Read more www.freep.com: Tracking worm spreads through Outlook e-mail. Read more news.zdnet.co.uk: British trojan launches weekend attack. Read more www.cnn.com: 'Badtrans' worm picks up speed. Read more www.msnbc.com: Badtrans virus spreading quickly. Read more www.vnunet.com: Badtrans is back, but don't panic. Read more www.theregister.co.uk: BTopenwoe emails virus to customers. Read more quote.bloomberg.com: Two Computer Viruses Multiply in U.S., U.K., Japan, Experts Say. Read more www.theregister.co.uk: Steve Gibson accidentally creates DoS tool. Read more www.theregister.co.uk: DDoS protection racket targets online bookies. Read more www.vnunet.com: Russian Mafia targets online businesses. Read more www.federaltimes.com: Agencies Prepare To Hit Back At Hackers. Read more news.cnet.com: Russian programmer gets April court date. Read more www.newsbytes.com: AOL Pokes Holes In Some Personal Firewalls. Read more www.law.com: New Law Lets U.S. Nab Foreign Hackers. Read more www.idg.net: Instant Messaging Hacker Tool Poses a Threat. Read more www.computerworld.com: Record-breaking year for security incidents expected. Read more www.computerworld.com: Security Experts: Users Are the Weakest Link. Read more www.reuters.com: Microsoft Touts Tightened Security of Web Services. Read more www.techtv.com: Pirates' Proficiency Worries Microsoft. Read more web.lexis-nexis.com: Cyber trail in hacking case leads to UW dorm room. Read more

26 November 2001 New trojan: DFch 0.1 beta www.securityfocus.com: Stronghold Secure Web Server Information Disclosure Vulnerability. Read more www.securiteam.com: A Cryptanalysis of the High-bandwidth Digital Content Protection System. Read more www.securiteam.com: Logic Flaw in HP-UX Line Printer Daemon Leads to Remote Code Execution. Read more www.securiteam.com: Off-By-One Security Vulnerability in THTTPd. Read more www.securiteam.com: PHPNuke Admin Password Can Be Stolen. Read more news.zdnet.co.uk: Hybrid DDoS worm strikes Microsoft SQL Server. Read more www.dallasnews.com: U.S. can now prosecute hackers outside borders. Read more www.iht.com: Law Applies to Foreign Crime If U.S. Cables Are Involved. Read more www.2600.com: AOL LINKS ITS "KIDS ONLY" PAGE TO PORNOGRAPHY. Read more www.computeruser.com: No recession for cybersecurity. Read more www.computeruser.com: Mirror software makes it easier to spoof famous sites. Read more www.zdnet.co.uk: How to spot security risks. Read more news.zdnet.co.uk: Police set up e-crime tip-off system. Read more www.cmpnetasia.com: Security problems worsen in HK. Read more news.zdnet.co.uk: Online security gets government cash boost. Read more

25 November 2001 New trojan: Duddie Internal (server) www.securityfocus.com: SSH CRC-32 Compensation Attack Detector Vulnerability. Read more www.securiteam.com: Legato NetWorker Authentication Vulnerability. Read more www.securiteam.com: Windows Media Player .ASF Processor Buffer Overflow Vulnerability. Read more www.securiteam.com: Berkeley pmake Security Vulnerability. Read more www.securiteam.com: Digital UNIX CDE dtaction Vulnerability (proof of concept code, -user). Read more www.vnunet.com: Bugwatch: The internet - safety first. Read more www.itworld.com: Instant-messaging hacker tool may threaten servers. Read more news.zdnet.co.uk: Flaw puts Unix at risk from hackers. Read more www.vnunet.com: eBook hacker brought to book. Read more news.zdnet.co.uk: DIY ADSL? It's not as cheap as you think. Read more news.zdnet.co.uk: Researchers create DNA-based computer. Read more web.lexis-nexis.com: F-Secure, Gartner Schedule Nov. 28 Web Seminar To Explore How to Incorporate Wireless Devices Into Enterprises' Total Security Solutions. Read more www.theregister.co.uk: ElcomSoft shies away from Black Hat Europe. Read more www.cnn.com: War games: Military training goes high-tech. Read more

24 November 2001 New trojan: BDDT security-protocols.com: Alert: MS SQL worm. Read more www.securityfocus.com: Multiple Vendor lpd Remote Buffer Overflow Vulnerability. Read more www.securityfocus.com: SSH CRC-32 Compensation Attack Detector Vulnerability. Read more www.securityfocus.com: Linux VMLinux Arbitrary Kernel Execution Denial of Service Vulnerability. Read more www.securityfocus.com: Jakarta Tomcat Error Message Information Disclosure Vulnerability. Read more www.securityfocus.com: thttpd Basic Authentication Buffer Overflow Vulnerability. Read more www.securityfocus.com: Microsoft Windows Script Host GetObject() File Disclosure Vulnerability. Read more www.theregister.co.uk: Aliz worm turns, bites Windows users. Read more web.lexis-nexis.com: Brunei: Warning out on Bin Laden virus. Read more www.salon.com: Anti-terror law bad news for foreign hackers. Read more sns.chicagotribune.com: New Law Lets U.S. Nab Foreign Hackers. Read more news.bbc.co.uk: New net crime accord. Read more www.ananova.com: Europe set for cybercrime accord. Read more www.silicon.com: Hacker Dmitri back in court. Read more www.theregister.co.uk: WinXP Diaries - the final conflict? Read more www.theregister.co.uk: First Direct online banking locks out WinXP with Sun Java. Read more

23 November 2001 New trojan: Sensive 3.0 www.computeruser.com: New worm targets Microsoft SQL servers. Read more www.dallasnews.com: U.S. can now prosecute hackers outside borders. Read more www.cnn.com: Antiterror law gives U.S. sweeping Net power. Read more www.canoe.ca: FBI pushes high-tech eavesdropping. Read more www.theage.com.au: Software to help FBI spy on crooks. Read more www.cbsnews.com: FBI's Secret Cyber-Monitor. Read more cryptome.org: Public safety hazards and possible illegality of the FBI "Magic Lantern" program. Read more news.24.com: Hacker tool to target servers. Read more www.newscientist.com: Convention on Cybercrime arrives. Read more www.abc.net.au: Businesses urged to prevent cyber crime. Read more www.reuters.co.uk: Away on Business: Electronic Security. Read more news.cnet.com: Researchers build tiny computer from DNA. Read more www.canoe.ca: Hacking the Xbox. Read more

22 November 2001 New trojan: CyberSpy 8.0 neworder.box.sk Ethical Hacking. Read more www.roqe.org: Papillon is a security module for Solaris 8. Read more www.isecurelabs.com: PhpNuke Admin password can be stolen. Read more CERT� Advisory CA-2001-32 Overflow in HP-UX Line Printer Daemon. Read more www.securiteam.com: Multiple Vulnerabilities in Access Control List Implementation for Cisco 12000 Series Internet Router. Read more www.securityfocus.com: ActivePerl perlIIS.dll Buffer Overflow Vulnerability. Read more www.securityfocus.com: Linux Syn Filter Evasion Vulnerability. Read more www.securityfocus.com: Linux Ptrace/Setuid Exec Vulnerability. Read more security-protocols.com: NSI Rwhoisd another Remote Format String Vulnerability. Read more security-protocols.com: Insecure Password Authentication in Yahoo! Messenger. Read more security-protocols.com: Legato Networker vulnerability. Read more ecurity-protocols.com: WebFree E-Commerce "Secure Data" Is Not Secure. Read more www.theregister.co.uk: China closes 17,488 Net cafes. Read more www.theregister.co.uk: MS victim of humorous DNS non-hack. Read more www.cbsnews.com: FBI's Secret Cyber-Monitor. Read more www.zdnet.com: FBI's magic revealed as old tricks. Read more www.newscientist.com: FBI's "Trojan horse" program to grab passwords. Read more www.reuters.com: New Hacker Tool Could Target Web Servers -Experts. Read more web.lexis-nexis.com: SecurityFocus Identifies New DDoS Tool Controlled by Internet Relay Chat Spreading Rapidly Worldwide. Read more www.siliconvalley.com: FBI borrows from hackers in reported virus project. Read more www.securityfocus.com: You Say "Hacker", the Feds Say "Terrorist". Read more www.securityfocus.com: Northern Disclosure. Read more www.zdnet.com: Cybercrime treaty: Lives at stake too. Read more www.zdnet.com: Mozilla unveils latest browser beta. Read more www.foxnews.com: Government Can Use U.S. Standards to Nab Foreign Hackers. Read more www.usatoday.com: Online meetings lax on security. Read more web.lexis-nexis.com: Angry hacker disabled ex-boss. Read more

21 November 2001 New trojan: NetDevil 1.1 Internet Security Systems Security Advisory: Remote Logic Flaw Vulnerability in HP-UX Line Printer Daemon. Read more www.securiteam.com: Cisco IOS ARP Table Overwrite Vulnerability. Read more www.securiteam.com: SCO 'top' Utility Vulnerable to a Format String Vulnerability. Read more www.msnbc.com: FBI uses Trojan software to grab encryption key passwords, source tells MSNBC. Read more www.devitry.com: Cross Site Scripting Holes. Read more www.computeruser.com: EU moves to ratify cybercrime terms, penalties. Read more www.timesofindia.com: 'Bin Laden' virus spreads in China. Read more www.theregister.co.uk: MS blames messenger for IE security hole. Read more news.cnet.com: Microsoft apologizes in security flap. Read more www.ananova.com: Firms sceptical over Microsoft's call for bug secrecy. Read more www.idg.net: Microsoft attempts security culture reinvention. Read more www.computeruser.com: Microsoft warns of media player security vulnerability. Read more www.cnn.com: Hackers access Playboy.com's credit card data. Read more www.reuters.com: Playboy.com Web Site Hacked. Read more www.internetnews.com: Personal Data Stripped from Playboy.com. Read more www.siliconvalley.com: Hackers attack 156 web sites in Vietnam. Read more www.computing.vnunet.com: Top sites vulnerable to hackers. Read more www.time.com: Keeping The Hackers At Bay. Read more www.computeruser.com: Consumer group reports hacker break-ins. Read more www.computeruser.com: XP can be a minus with AOL plus. Read more www.theregister.co.uk: Red Hat trumps MS poor kids offer. Read more www.theregister.co.uk: MS makes its pitch on security, cyber terror to House. Read more

20 November 2001 New trojan: PSYchoFiles 1.71 A Safe Dialect of C. Cyclone is a programming language that is as C-like as possible while preventing unsafe behavior (buffer overflows, dangling pointers, format string attacks, and so on). Read more www.securiteam.com: More Problems with RADIUS (Protocol and Implementations, exploit code). Read more www.securiteam.com: RunAs Service Pipe Authentication Failure (exploit code). Read more www.securiteam.com: Multi-Vendor Buffer Overflow Vulnerability in CDE Subprocess Control Service. Read more Microsoft Security Bulletin MS01-056 Windows Media Player .ASF Processor Contains Unchecked Buffer. Read more www.zdnet.com: Microsoft admits IE security alert lapse. Read more news.cnet.com: Microsoft apologizes in security flap. Read more web.lexis-nexis.com: Microsoft under fire for security policy. Read more www.cnn.com: Viruses dwindle, but impact rises. Read more www.newsfactor.com: When the Hacked Becomes the Hacker. Read more www.newsbytes.com: Consumer Group Reports Hacker Break-Ins. Read more www.news24.co.za: Hacking is still a man's world. Read more www.latimes.com: Hacker Admits Defacing NASA, Army Web Sites. Read more www.bday.co.za: Hackers used to upgrade security. Read more www.thescotsman.co.uk: Authorities fear French hackers� school will spin web of intrigue. Read more www.zdnet.com: Time's up for secret surfing. Read more www.zdnet.com: Can your biz pass a security audit? Here's why it must. Read more www.europemedia.net: Cryptography helps in fight against fraud. Read more www.zdnet.com: Buyers fume over copy-protected CD. Read more

19 November 2001 New trojan: Little Witch FTP 2.0 Real2000 Server www.securiteam.com: ICMP Unreachable Vulnerability in Cisco 12000 Series Internet Router. Read more www.securiteam.com: Stock Portfolio Sent Via Clear Text in Datek Streamer Application. Read more www.securiteam.com: Several JavaScript Vulnerabilities Found in Opera. Read more www.securiteam.com: ActivePerl PerlIS.dll Remote Buffer Overflow Vulnerability. Read more www.securiteam.com: RunAs Sensitive Data Exposure. Read more www.computeruser.com: Internet an ideal tool for extremists - FBI. Read more www.vnunet.com: High-tech crime unit scared of hackers. Read more media.guardian.co.uk: Firms 'leaving back door open to hackers'. Read more www.computeruser.com: House OKs bill with cyber-security funding. Read more www.computeruser.com: FCC forms telecom security policy council. Read more www.zdnet.com: Will hackers make a fool of Larry Ellison? Read more www.eweek.com: Gaps in Security Plan. Read more www.computeruser.com: AOL denies 'three strikes and out' policy for XP users. Read more www.computeruser.com: Firewall makers in patent infringement dispute. Read more web.lexis-nexis.com: ICANN forum warns of Web vulnerability. Read more web.lexis-nexis.com: Firms review e-security in wake of September attacks. Read more www.fcw.com: Pentagon tests new biometric mouse. Read more

18 November 2001 New trojan: Latinus 1.5 Gnotify 1.1 by Gobo. www.securityfocus.com: Network Tool PHPNuke Addon Metacharacter Filtering Command Execution Vulnerability. Read more security-protocols.com: ActivePerl PerlIS.dll Remote Buffer Overflow Vulnerability. Read more security-protocols.com: Buffer overflow in solaris 'format' command. Read more www.securityfocus.com: OPIE Account Existence Information Leak Vulnerability. Read more www.securityfocus.com: Session hijacking vulnerability. Read more www.securityfocus.com: Cisco Local Interface ARP Denial of Service Vulnerability. Read more www.vnunet.com: PIN code cracking claims questioned. Read more www.theregister.co.uk: WinXP: log on as admin if you want to play games, MP3s? Read more www.vnunet.com: Better the devil you know. Read more web.lexis-nexis.com: Guarded Networks Provides 24-Hour Protection Against Cyberattacks. Read more

17 November 2001 New trojan: Crazy Evolution 2k www.cgisecurity.com: "Fingerprinting Port 80 Attacks: A look into web server, and web application attack signatures." Read more www.securiteam.com: Windows 2000 and Windows XP Terminal Services IP Spoofing. Read more www.securiteam.com: OpenSSH and S/Key Information Leakage. Read more www.securityfocus.com: Postfix SMTP Log Denial Of Service Vulnerability. Read more www.securityfocus.com: Cisco Access Control List Fragment Keyword Ignored Vulnerability. Read more www.securityfocus.com: Horde IMP Session Hijacking Vulnerability. Read more www.counterpane.com: The Fallacy of Cracking Contests. Read more www.zdnet.com: Will hackers keep the cyberpeace? Read more www.yomiuri.co.jp: Government to sign intl cybercrime accord. Read more www.newsbytes.com: ICANN: Expert Proposes Shift In Focus For Web Security. Read more www.fcw.com: NMCI to shore up security. Read more www.vnunet.com: High-tech crime unit scared of hackers. Read more media.guardian.co.uk: Firms 'leaving back door open to hackers'. Read more www3.gartner.com: Plan to Migrate to Advanced Encryption Standard. Read more www.computeruser.com: Taking aim at Microsoft. Read more www.zdnet.com: It's a new playing field for Microsoft. Read more www.computeruser.com: FCC forms telecom security policy council. Read more www.vnunet.com: HAL hailed as Intel inspiration. Read more

16 November 2001 New trojan: Theef 1.34 rpi.net.au: Resource HackerTM is a freeware utility to view, modify, add, delete and extract resources in 32bit Windows executables. Read more Georgi Guninski security advisory #51, 2001 Several javascript vulnerabilities in Opera. Read more NSFOCUS Security Advisory(SA2001-07) ActivePerl PerlIS.dll Remote Buffer Overflow Vulnerability. Read more www.securiteam.com: MS SQL 7.0 DTS Saved Packages Contain Plain Text Passwords. Read more www.securiteam.com: Additional Details on the Microsoft IE Cookies Exposure via 'About:' URLS. Read more www.securiteam.com: Denial of Service Vulnerability in Windows 2000 RunAs Service. Read more www.securiteam.com: ClearCase db_loader TERM Environment Variable Buffer Overflow. Read more www.securiteam.com: IBM AS/400 HTTP Server '/' Attack (Source Code Viewing). Read more www.counterpane.com: Full Disclosure. Read more www.counterpane.com: Microsoft on Windows XP. Read more www.zdnet.com: Microsoft issues patch for IE hole. Read more www.latimes.com: Close the Window on Virus-Prone Outlook. Read more www.vnunet.com: US Muslim Council hacked. Read more www.vnunet.com: Fake Nimda plagues Symantec software. Read more www.ananova.com: City warned of 'drive-by' hacking. Read more www.vnunet.com: City firms risk drive-by hacks. Read more www.netsurf.com: Cryptocoprocessor Hacked, Cracked, Whatever You Want to Call It. Read more enterprisesecurity.symantec.com: Experts Weigh Issues Affecting Internet Security. Read more www.idg.net: Hacking's History. Read more

15 November 2001 New trojan: Phoenix II 1.72 Gnotify 1.0a by Gobo. Get IP notification through ICQ, using a new method that works. Microsoft Security Bulletin MS01-055 13 November 2001 Cumulative Patch for IE. (Exposure and altering of data in cookies). Read more Xato Network Security: WINDOWS 2000 AND XP TERMINAL SERVICES IP ADDRESS SPOOFING. Read more CERT� Advisory CA-2001-31 Buffer Overflow in CDE Subprocess Control Service. Read more Cisco Security Advisory ICMP Unreachable Vulnerability in Cisco 12000 Series Internet Router. Read more Cisco Security Advisory Multiple Vulnerabilities in Access Control List Implementation for Cisco 12000 Series Internet Router. Read more www.securiteam.com: tHTTPd and Mini_HTTPd Permission Bypass Vulnerability. Read more ww.securiteam.com: Fingerprinting Port 80 Attacks: A Look into Web Server, and Web Application Attack Signatures. Read more www.eweek.com: Microsoft's Grand Security Plan. Read more news.zdnet.co.uk: Internet could be shut down by hackers, warn experts. Read more news.cnet.com: The cyberterrorism czar: What's next? Read more www.idg.net: Comdex: Virus numbers dwindle, but impact increases. Read more www.silicon.com: 'A virus could destroy the internet' says Icann. Read more www.pcworld.com: Oracle Chief Challenges Hackers. Read more www.theregister.co.uk: How WinXP can make non-MS files invisible. Read more www.theregister.co.uk: Linux fans 'hack' Windows XP advert. Read more www.newsbytes.com: Increased Security A Threat To Laptops. Read more www.newsbytes.com: House OKs Bill With Cyber-Security Funding. Read more www.theregister.co.uk: Do-it-yourself Internet anonymity. Read more www.silicon.com: Printers are a hacker's best friend. Read more www.vnunet.com: 'Dark web space' hides net nasties. Read more www.bday.co.za: Good security can mean competitive advantage. Read more salon.com: The joy of junk mail. Read more www.informationweek.com: DES Final Death Knell? Read more news.cnet.com: Intel's accidental revolution. Read more www.wired.com: Server Farm: Your Place or Mine? Read more www.pcworld.com: Virtual Keyboards Let You Type in Air. Read more www.pcworld.com: Windows XP Inside & Out. Read more www.theregister.co.uk: Researchers probe Net's 'dark address space'. Read more

14 November 2001 New trojan: PSYchoFiles 1.7 keir.net: How to bypass your personal firewall outbound detection. Read more support.microsoft.com: Description of the Windows Recovery Console. Read more www.securiteam.com: SMB Auditing Tool (NetBIOS). Read more www.securiteam.com: NT Password Recovery Bootable CD. Read more www.headstrong.de: ICQr Information reads out information stored in ICQ Database files. It currently works for ICQ 99a/b, 2000a/b and 2001. Read more www.vinecorp.com: NDiff compares two nmap scans and outputs the differences. Read more www.dest-unreach.org: Socat is a relay for bidirectional data transfer between two independent data channels. Read more Microsoft Security Bulletin MS01-054 Invalid Universal Plug and Play Request can Disrupt System Operation. Read more www.securiteam.com: Lotus Domino Web Administrator Template ReplicaID Access. Read more www.securiteam.com: An Analysis of the RADIUS Authentication Protocol. Read more www.vnunet.com: 'Limpninja' Trojan horse emerges. Read more www.osopinion.com: How Computer Worms Work - and Why They Never Die. Read more www.newsbytes.com: ICANN: Terrorist Attacks Change Focus To Security Of Web. Read more milwaukee.bcentral.com: America under cyber attack: Post Sept. 11, companies must focus on 'survivability'. Read more www.reuters.com: International Cyber-Sleuths Demand New Powers. Read more www.accessatlanta.com: Security concerns to dominate Internet domain group meeting. Read more www.sfgate.com: Next major attack could be over Net. Read more news.bbc.co.uk: Cybercrime treaty gets green light. Read more www.newsbytes.com: WinXP bug ate my data. Read more www.zdnet.com: Give viruses the heave-ho! Here's how. Read more www.informationweek.com: Virus Definition Update Rings False Alarm On Nimda. Read more www.computeruser.com: Virus false alarm bugs InstallShield users. Read more web.lexis-nexis.com: A Day in the Life of the Exodus Cyber Attack Tiger Team: CATT Meets Worm. Read more www.infoworld.com: Comdex: Security concerns top Comdex agenda. Read more www.linuxsecurity.com: Bug secrecy vs. full disclosure. Read more chicagotribune.com: Test security early and often. Read more www.theregister.co.uk: Personal firewalls are 'futile'. Read more www.nzherald.co.nz: Firewalls no protection for sloppy systems, says expert. Read more www.govexec.com: Companies reluctant to share cybersecurity info with feds. Read more www.computeruser.com: Feds go online to spread message to Muslim states. Read more www.vnunet.com: Terror at every turn. Read more www.vnunet.com: US government server blacklisted. Read more www.businessweek.com: Virus Nightmare Scenarios. Read more www.newsbytes.com: Japanese Tech Official Urges Enhanced Net Security. Read more www.newsbytes.com: U.S. Internet User Count Hits All-Time High - Survey. Read more www.newsbytes.com: Napster Bumped Off Lycos 50 List After 88 Weeks. Read more

13 November 2001 New trojan: Nerte 7.6 xforce.iss.net: Multi-Vendor Buffer Overflow Vulnerability in CDE Subprocess Control Service. Read more www.camisade.com: Denial of Service Vulnerability in Windows 2000 RunAs Service. Read more www.securiteam.com: Extracting a 3DES Key from an IBM 4758. Read more www.securiteam.com: Cookie Data in IE Can Be Exposed or Altered Through Script Injection. Read more www.securiteam.com: Progress Database Local Buffer Overflow. Read more www.securiteam.com: Multiple Vulnerabilities in lpd. Read more www.securityfocus.com: CDE dtspcd Overflow Vulnerability. Read more www.infowarrior.org: The Freedom to Innovate Includes The Freedom to Obfuscate: Why Microsoft's New "Security Framework" is Just Another .NET Vulnerability. Read more www.attrition.org: Microsoft's Responsible Vulnerability Disclosure, The New Non-Issue. Read more Two NASA JPL machines defaced. In the early hours of Saturday (11-10-01), a defacer known as "psaux" compromised and defaced a linux machine on the NASA Jet Propulsions Laboratory network. This comes a day after a defacer known as "xst" defaced a Windows NT machine on the same network. Mirror Mirror www.securitytimes.com: Internet/Local problem with ZoneAlarm Pro. Read more www.securitytimes.com: Implementation of Honeynets. Read more cgi.usatoday.com: Always-on connections make it easy for anyone to barge in on PCs Security can keep cyberthieves at bay. Read more news.zdnet.co.uk: Printers could be security risk. Read more news.cnet.com: Thai software pirates crack Windows XP. Read more www.theregister.co.uk: MS throttles research to conceal SW bugs. Read more www.newsbytes.com: Microsoft To Review Buggy Patch Procedures. Read more www.financialexpress.com: Hackers train guns on Indian websites. Read more www.businessweek.com: How to Keep Prying Eyes off Your Medical Records. Read more www.businessweek.com: Don't Let Crooks Steal Your Identity. Read more kerneltrap.com: Kernel hacker interview: Neal Walfield. Read more www.business.scotsman.com: Virtual security is a real nightmare for business. Read more www.newsday.com: Focusing On Net Security. Read more it.mycareer.com.au: Holding email mean but legal. Read more web.lexis-nexis.com: Hackers have cracked the encrypted codes that protect DVDs from being copied. Read more

12 November 2001 New trojan: EZ Killa 1.1 www.incidents.org: Passive OS Fingerprinting: Details and Techniques. Read more www.zdnet.com: MS to hackers: Shhh, can't we be a little more discrete? Read more www.reuters.co.uk: FOCUS: Will hackers play by new rules? Read more www.worldnews.com: Computer Security Dominates Internet Meeting. Read more www.reuters.co.uk: Thai pirates crack Microsoft's new Windows system. Read more www.govexec.com: Feds get �F� in computer security. Read more news.com.au: US government fails hacker test. Read more www.eweek.com: Cracking Down on Hackers. Read more www.skyreport.com: Hacker Gets 2 Years in Prison. Read more www.zdnet.com: MS group to oversee hack reports. Read more ww.reuters.co.uk: Gates says PCs don't work very well. Read more news.24.com: ATMs easy prey for hackers. Read more news.zdnet.co.uk: Five years ago: Sun's Webtops to reach through firewalls. Read more

11 November 2001 New trojan: Ghost 2.2 by Lame_joker. www.securiteam.com: IConnectHere.com Unencrypted Cookie Vulnerability. Read more www.securiteam.com: Microsoft Passport to Trouble. Read more www.securityfocus.com: Solaris PT_CHMOD Arbitrary Terminal Writing Vulnerability. Read more www.securityfocus.com: RedHat Linux IPTables Save Option Unrestorable Rules Vulnerability. Read more www.securityfocus.com: Apache mod_usertrack Predictable ID Generation Vulnerability. Read more softwaredev.earthweb.com: On the Security of PHP, Part 1. Read more www.usenix.org: Timing Analysis of Keystrokes and Timing Attacks on SSH. Read more www.wired.com: Nimda Lives; What a Concept. Read more cbsnews.com: Government Flunks Hacker Test. Read more www.wired.com: Hidden Messages: Any There There? Read more computerworld.com: U.S. Army leading the way in portal technology. Read more computerworld.com: How to blunt the socially engineered hack. Read more

10 November 2001 New trojan: Slackbot 1.0 www.securiteam.com: Best Practices for Secure Development. Read more www.cnn.com: Cybersecurity czar: Protect IT infrastructure. Read more www.zdnet.com: MS group to oversee hack reports. Read more www.solutions.fi: Microsoft Internet Explorer cookie vulnerability. Read more www.computing.vnunet.com: Bugwatch: Routing out hackers. Read more www.newsbytes.com: FAA Secures Server That Allowed E-Mail Forgery. Read more www.zdnet.com: IE flaw puts credit card info at risk. Read more www.osopinion.com: Web Trackers: The Spies in Your Computer. Read more www.zdnet.com: Firewalls--as safe as you think? Read more news.cnet.com: Security woes: Who is to blame? Read more www.zdnet.com: Linux snares security tool. Read more cbsnews.com: Government Flunks Hacker Test. Read more www.smh.com.au: Students crack bank pin codes. Read more www.boardwatch.com: Cambridge Students Find Way to Hack Into Banks. Read more news.zdnet.co.uk: Five years ago: Macro viruses still causing hassles. Read more

09 November 2001 New trojan: Unify 1.5 MS. A big thanks to Da. www.cl.cam.ac.uk: Extracting a 3DES key from an IBM 4758. Read more www.securiteam.com: WS_FTP server 2.0.3 Buffer Overflow (STAT). Read more www.computing.vnunet.com: Trojans make firewalls futile. Read more www.newsbytes.com: Personal Firewalls Spring Security Leaks - Update. Read more www.trusecure.com: ICSA Labs Announce the First PC Firewalls to Pass Stringent Testing Criteria and Achieve Certification. Read more www.newsbytes.com: Microsoft Warns Of Browser Cookie-Eating Attack. Read more www.silicon.com: Read your boss's CV online, thanks to Microsoft...Read more www3.gartner.com: Passport Problems Show Software-Based Security's Fatal Flaw. Read more www.cnn.com: U.S. prepares for cyberwar. Read more news.cnet.com: U.S. builds up cyberwar arsenal. Read more www.cnn.com: Denial-of-service attacks expected. Read more www.securityfocus.com: White House: Prepare for Super-Hackers. Read more news.cnet.com: Bush adviser: Terror a real threat to tech. Read more www.windowsitsecurity.com: Is Faulty Code a Risk to National Security? Read more www.forbes.com: Cyber-security czar snubs ID plan, defends Govnet. Read more it.mycareer.com.au: UK students crack worldwide bank security codes. Read more news.bbc.co.uk: Security hole in cash machines. Read more www.reuters.co.uk: Techies find way to hack into banks. Read more www.computing.vnunet.com: UK law lets hackers get away with it. Read more www.theregister.co.uk: Linux security self-censorship ominous. Read more www.miami.com: Computer worm slows federal court system. Read more news.cnet.com: Hacker watchdog group in the works. Read more www.zdnet.com: Microsoft, security honchos trade blame. Read more www.macuser.co.uk: Microsoft favours closed-door security policy. Read more www.vnunet.com: XP file destruction sparks controversy. Read more www.businessweek.com: Staying One Step Ahead of the Worms. Read more www.zdnet.com: HP accuses ex-worker of sabotage. Read more news.bbc.co.uk: Security chief cleared of blackmail. Read more www.siliconvalley.com: Kids' psychological records mistakenly put online by university. Read more

08 November 2001 New trojan: Aqua 0.2 www.securiteam.com: Lotus Domino Default Navigator Protection Bypass. Read more www.securiteam.com: Entrust GetAccess(tm) Access Service Vulnerability. Read more CERT� Advisory CA-2001-30 Multiple Vulnerabilities in lpd. Read more www.siliconvalley.com: Microsoft, researchers tussle over security issues. Read more news.cnet.com: Microsoft tries to cage security gremlins. Read more www.wired.com: IE Bug Can Lead to Strange Search. Read more www.zdnet.com: Warning: Lawmakers will lock up the Net. Read more www.zdnet.com: Linux snares security tool. Read more www.zdnet.com: Companies reluctant to take on Linux. Read more www.securityfocus.com: Freeware Forensics Tools for Unix. Read more www.latimes.com: Sony Dogs Aibo Enthusiast's Site. Read more www.baltimoresun.com: National Security Agency retreats into secrecy shell. Read more news.cnet.com: Comdex issues laptop reprieve. Read more techupdate.zdnet.com: Cure for Outlook worms is a sham. Read more web.lexis-nexis.com: Consumers Lost $4.3 Million to Internet Fraud in First Ten Months Of 2001. Read more

07 November 2001 New trojan: BioNet 3.19 beta Client www.securiteam.com: Internet Explorer System Information Disclosure. Read more www.securiteam.com: Progress Database PROMSGS Format String Vulnerabilities. Read more www.theregister.co.uk: Compendium of *nix lpd vulnerabilities. Read more alive.znep.com: Microsoft Passport to Trouble. Read more www.wired.com: Stealing MS Passport's Wallet. Read more www.theregister.co.uk: MS Passport cracked with Hotmail. Read more www.newsbytes.com: 'White Hat' Hackers Threaten Information Anarchy. Read more www.reuters.com: Microsoft, Researchers Tussle Over Security Issues. Read more www.idg.net: Microsoft in a pinch at security forum. Read more www.theregister.co.uk: Bin Laden hackers denounce founder. Read more www.siliconvalley.com: Adviser enlists support to fight cyber-attacks. Read more www.usatoday.com: Cybersecurity concerns take center stage. Read more www.idg.net: Inadequate security leaves companies open not just to hackers but to lawsuits. Read more news.bbc.co.uk: Welcome to the era of drive-by hacking. Read more www.computing.vnunet.com: UK law lets hackers get away with it. Read more www.nua.ie: Security fears for government site users. Read more www.news24.co.za: Companies veil true level of hacking. Read more www.wired.com: Ferreting Out Virus 'DNA'. Read more www.theregister.co.uk: Linux breaks 100-Petabyte ceiling. Read more www.zdnet.com: Linux snares security tool. Read more www.linuxsecurity.com: Linux Advisory Watch - November 2nd 2001. Read more news.com.au: How e-mail can ruin your life. Read more www.theregister.co.uk: Oops! MS.de 'pirates' its own WinXPs. Read more techupdate.zdnet.com: OpenBSD: The most secure OS around. Read more

06 November 2001 New trojan: PSYchoFiles 1.51 www.securiteam.com: Ikonboard Cookie Filter Vulnerability. Read more www.securiteam.com: Fuse Talk SQL Insertion Vulnerability. Read more www.securiteam.com: Microsoft ISA Server Fragmented UDP Flood Vulnerability. Read more www.securiteam.com: TUX HTTPD Denial of Service Condition (Large Host). Read more linuxtoday.com: EnGarde Secure Linux Security Advisory: kernel: Syncookie vulnerability. Read more www.zdnet.com.au: Microsoft infects customers with virus. Read more seattlep-i.nwsource.com: Passport flaw could let hackers steal data. Read more news.independent.co.uk Have hackers cracked Microsoft's new Windows? Read more www.networkcomputing.com: Online Only: How Trojan Viruses Work -- A New Wrinkle. Read more www.denverpost.com: Layoffs raise hacking fears. Read more www.computeruser.com: Anti-U.S. hackers may step up attacks - FBI. Read more www.siliconvalley.com: Adviser enlists support to fight cyber-attacks. Read more www.newsbytes.com: Cyberspace Security Czar Worries About 'Digital Pearl Harbor'. Read more web.lexis-nexis.com: World Wide Weapon. Read more web.lexis-nexis.com: Q&A: As computers proliferate, terrorists find more targets. Read more www.zdnet.com.au: 20 things you didn't know about Windows XP. Read more www.zdnet.com.au: XP: More than Windows dressing. Read more www.computeruser.com: Russian online anti-virus firm goes retail in U.S., Europe. Read more www.newsfactor.com: Internet Heavyweights Seek Profit in Security. Read more

05 November 2001 New trojan: Nethief 2.1 www.timesofindia.com: Microsoft shuts Passport for hours over security. Read more www.siliconvalley.com: Adviser enlists support to fight cyber-attacks. Read more www.accessatlanta.com: Cyberterrorism danger lurking. Read more www.cnn.com: Poking holes in Microsoft's copy protection. Read more www.nzherald.co.nz: Microsoft's XP copy-protection not foolproof. Read more linuxfocus.org: Nessus : another brick in the (security) wall. Read more www.economictimes.com: On why hacking victms shouldn�t fight shy of the cops. Read more web.lexis-nexis.com: World Wide Weapon. Read more www.cleveland.com: CSU center gives FBI agents skills to fight computer crime. Read more www.cnn.com: Euro civil liberty campaigners urge restraint. Read more www.washingtonpost.com: For Clarke, a Career of Expecting the Worst. Read more www.computeruser.com: Energy ramps up its cyber-security. Read more www.smh.com.au: Young warriors of the Web hack away at the enemy's financial roots. Read more

04 November 2001 New trojan: School Bus TR 2.0 modified www.securiteam.com: Lotus Domino View ACL Bypass. Read more www.securiteam.com: Widespread Exploitation of SSH CRC32 Compensation Attack. Read more www.securiteam.com: Formatting String Bug in Cyrus-SASL Library. Read more www.securiteam.com: Vulnerability in Viralator Proxy Extension. Read more linuxtoday.com: Red Hat Security Advisory: kernel 2.2 and 2.4: syncookie vulnerability. Read more www.salon.com: Microsoft admits security hole. Read more www.uniontrib.com: Court favors man who published DVD hacker software on Internet. Read more itmanagement.earthweb.com: Bashing IIS: Bad For Security, Bad For Business. Read more news.cnet.com: Sun threatens suit against Microsoft. Read more www.wired.com: OS Choice Could Be a New Option. Read more www.cnn.com: Five thoughts about cyberterrorism. Read more

03 November 2001 New trojan: Wintrix www.securiteam.com: Invalid Universal Plug and Play Request Can Disrupt System Operation. Read more www.infoworld.com: Survey reveals one in nine IIS servers could be taken over by hackers. Read more news.cnet.com: The agreement: Devil's in the details. Read more www.newsbytes.com: Microsoft's New Security Program Has Bugs. Read more www.theinquirer.net: MS warns of XP security problem. Read more news.cnet.com: Security problems open Microsoft's Wallet. Read more news.cnet.com: VMware riding on Windows XP coattails. Read more news.cnet.com: Settlement is "a reward, not a remedy". Read more www.computing.vnunet.com: Focusing on system security. Read more www.computing.vnunet.com: Reverse firewall dams DoS flood. Read more www.computing.vnunet.com: Bug Watch: Safety in electronic security. Read more www.pcadvisor.co.uk: ICQ through the firewall. Read more www.osopinion.com: The Internet Is an Open Book - Protect Yourself with Secure Protocols. Read more web.lexis-nexis.com: ARE CYBER VIRUSES PART OF TERRORISTS' OVERALL SCHEME? Read more news.cnet.com: Commentary: An anti-terrorism tool, and more. Read more chicagotribune.com: Appeals court upholds DVD hacker software. Read more news.cnet.com: Movie industry dealt DVD-cracking blow. Read more

02 November 2001 New trojan: Aqua 0.0.1 Microsoft Security Bulletin MS01-054 Invalid Universal Plug and Play Request can Disrupt System Operation. Read more www.securityfocus.com: Multiple Vendor lpd Remote Buffer Overflow Vulnerability. Read more www.securityfocus.com: Taylor UUCP Argument Handling Privilege Elevation Vulnerability. Read more www.computing.vnunet.com: Checkpoint error messages pose threat. Read more money.cnn.com: Microsoft, DOJ strike deal. Read more www.newsbytes.com: Microsoft's New Security Program Has Bugs. Read more www.theregister.co.uk: MS to force IT-security censorship. Read more www.theregister.co.uk: Berners-Lee slams 'blatant' MS browser tactics. Read more www.computing.vnunet.com: Hackers intent on destruction target US. Read more www.vnunet.com: Hackers shift DoS attack tactics. Read more www.zdnet.com: NY Times laid low by Nimda offshoot. Read more news.bbc.co.uk: DVD cartoon spreads virus. Read more www.theregister.co.uk: SirCam haunts dim-witted users. Read more news.cnet.com: Powerpuff DVD packs viral punch. Read more www.newsbytes.com: U.S. House Passes Energy Cyber-Security Bill. Read more www.zdnet.com: $1 billion boost possible for IT security. Read more www.vnunet.com: Comment: Data incoherence. Read more www.theregister.co.uk: Mideast 'cyberwar' veteran indicted. Read more www.zdnet.com: Court: DVD-cracking code is free speech. Read more www.zdnet.com: Sony's robot-dog gets hacked. Read more www.zdnet.com: States granted right to fight spam. Read more www.cnn.com: New 'Nimda' variant hits Net, users urged to patch. Read more www.ananova.com: Computer virus hits hospitals. Read more www.cmpnetasia.com: New, slower version of Nimda worm spreads. Read more www.newsbytes.com: Security As Plain As The Nose On Your Face. Read more www.theregister.co.uk: Ex-Buddhist monk to reclaim hacking from s'kiddiots. Read more

01 November 2001 New trojan: Nethief 2.0 www.ini2.net: Xprobe and Nmap Fingerprint Analysis. Read more www.zdnet.com: Powerpuff DVD spreads "FunLove" virus. Read more www.computeruser.com: This version of Nimda worm is 'new And improved'. Read more www.zdnet.com: Son of Nimda worm on the attack. Read more www.theregister.co.uk: Firms hit in Nimda mutant outbreak. Read more www.forbes.com: NY Times computer outage caused by resurgent virus. Read more www.cnn.com: Reports: Feds, Microsoft reach tentative deal. Read more www.silicon.com: Hackers 'unlock' Windows XP. Read more www.zdnet.com: Time to stop defending Microsoft security. Read more www.cmpnetasia.com: Hackers attacking routers in greater numbers. Read more www.newsbytes.com: Hacker 'Doctor Nuker' Claims FBI Fingered Wrong Person. Read more www.vnunet.com: More problems for Cisco firewalls. Read more www.newsfactor.com: Protecting Your Computer Now Part of National Security. Read more www.theregister.co.uk: Hacker jailed for revenge sewage attacks. Read more www.newsbytes.com: Australian Hacker Gets Slammer For Sewage Stunt. Read more www.theregister.co.uk: MSN.co.uk virus alert is false alarm. Read more www.fcw.com: DOD envisions virtual Pentagon. Read more news.cnet.com: Privacy expert resigns to focus on security. Read more www.zdnet.com: Need to ratchet up security? Start by centralizing the job. Read more www.zdnet.com: Netscape upgrade jumps on XP bandwagon. Read more ww.zdnet.com: AOL preens ICQ for smiley face-off. Read more ww.zdnet.com: UK trade group rallies to save cookies. Read more

Copyright� MegaSecurity.org