Home    News Archive    Translate Traducen

News November 2005

29 November 2005 Guides, Papers, etc www.viruslist.com: The contemporary antivirus industry and its problems. Read more www.eweek.com: Is System Lockdown the Secret Weapon? Read more hacking101.sourceforge.net: Hacking 101. Becoming Productive Quickly in the UNIX World. Read more www.trendmicro.com: The Future of Bot Worms. Read more www.informationweek.com: New Path Of Attack. Read more online.wsj.com: For Some Technology Companies, 'Beta' Becomes a Long-Term Label. Read more   Vulnerabilities & Exploits secunia.com: Vulnerability Report >> Microsoft Windows XP Professional. Read more securitytracker.com: Athena Include File Bug Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Q-News Include File Bug Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: phpGreetz Include File Bug Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Cisco IOS HTTP Server Input Validation Hole in Buffers Command Permits Cross-Site Scripting Attacks. Read more securitytracker.com: vtiger Multiple Input Validation Bugs Let Remote Users Traverse the Directory, Conduct Cross-Site Scripting and SQL Injection Attacks, and Execute Arbitrary Code. Read more securitytracker.com: eFiction Input Validation Holes Let Remote Users Inject SQL Commands, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code. Read more   News www.vnunet.com: Storage vendor ships hard drives with trojan. Read more www.f-secure.com: Peripherals manufacturer I-O Data has shipped a series of nice-looking portable hard drives in the 40GB to 120GB range - carrying the Backdoor.Win32.Tompai trojan on them. Read more www.theregister.co.uk: NHTCU warns over Sober worm. Read more www.eff.org: SonyBMG's Secret Recall. Read more www.businessweek.com: Sony BMG's Costly Deafness. Read more blogs.zdnet.com: Why can't Microsoft just patch everything? Read more www.vnunet.com: Web outage hits 120,000 websites. Read more software.silicon.com: MP calls for UK e-crime tsar. Read more www.msnbc.msn.com: Spam filters getting better, FTC says. Read more www.wnct.com: Life Of An Identity Theft Victim. Read more news.bbc.co.uk: Kazaa to install anti-piracy tool. Read more www.theregister.co.uk: Google tests click-to-call. Read more www.securityfocus.com: Major financial leak threatens stock traders. Read more news.bbc.co.uk: Young 'prefer illegal song swaps'. Read more

. 28 November 2005 Guides, Papers, etc software.newsforge.com: Nine principles of security architecture. Read more dnaindia.com: The top 10 hacks of all time. Read more security.ithub.com: WPA: It's like WEP, but Good. Read more   Tools: www.rtfm.com: ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. Read more   News nwc.securitypipeline.com: Sober Worm's Still With Us. Read more www.smh.com.au: Thailand to block over 800,000 sites. Read more www.vnunet.com: Chinese surfers reject political control. Read more isc.sans.org: A proof of concept (PoC) exploit was released against systems vulnerable to MS05-051. Read more www.itnews.com.au: Consumers underestimate computer virus threat: BT. Read more www.fcw.com: Los Alamos enters market with worm defense. Read more www.fcw.com: Expert: Feds, industry must team to fight vulnerabilities. Read more news.bbc.co.uk: Fight for your right to privacy. Read more www.cooltechzone.com: Linux is Doomed, Thanks to Microsoft. Read more lxer.com: Linux Desktops will get killed by Microsoft this Christmas. Read more www.biosmagazine.co.uk: The Kids Are Wrecking The Web! Read more www.businessweek.com: Googling For Gold. Read more www.technewsworld.com: Copy-Protected CDs Turning Music Fans Off Record Buying. Read more www.guardian.co.uk: Music industry seeks access to private data to fight piracy. Read more www.terra.net.lb: Child pornography problem growing in Sweden. Read more news.com.com: Writing the fastest code, by hand, for fun. Read more www.mg.co.za: Sony adds parental control to new PlayStation. Read more

. 26 November 2005 Guides, Papers, etc bsdpakistan.org: Host Fingerprinting and Firewalking With hping. Read more   Vulnerabilities & Exploits securitytracker.com: AgileBill Input Validation Error in product_cat Module Permits SQL Injection Attacks. Read more securitytracker.com: vtiger Multiple Input Validation Bugs Let Remote Users Conduct Cross-Site Scripting and SQL Injection Attacks and Execute Arbitrary Code. Read more securitytracker.com: IsolSoft Support Center Input Validation Holes in 'search.php' Permit SQL Injection Attacks. Read more securitytracker.com: freeForum Input Validation Flaw in 'cat' and 'thread' Parameters Permits SQL Injection Attacks. Read more securitytracker.com: MailEnable IMAP RENAME Command Lets Remote Authenticated Users Deny Service. Read more securitytracker.com: SpeedCommander Buffer Overflows in Processing ZIP/UUE Files May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Squeez Buffer Overflows in Processing ZIP/UUE Files May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: ZipStar Buffer Overflow in Processing ZIP Files May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: blogBuddies Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more securitytracker.com: OTRS Input Validation Bugs Permit SQL Injection and Cross-Site Scripting Attacks. Read more securitytracker.com: Sun Solaris traceroute(1M) Buffer Overflow in Processing '-g' Parameters Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: Novell ZENworks Console One Lets Remote Authenticated Users Access Diagnostic Functions. Read more securitytracker.com: SmartPPC Pro 'username' Input Validation Holes Permit Cross-Site Scripting Attacks. Read more securitytracker.com: Mambo Server 'content.html.php' Include File Bug Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Struts Input Validation Hole in Error Message Permits Cross-Site Scripting Attacks. Read more   News www.channelregister.co.uk: Manufacturer loads Trojans onto HDDs. Read more www.theregister.co.uk: Symantec refuses to sell audit tool outside the US. Read more www.securityfocus.com: Study suggests DMCA takedown regs abused. Read more news.bbc.co.uk: Fight for your right to privacy. Read more www.vnunet.com: Employers leave gaps for in-house fraudsters. Read more www.technewsworld.com: Forecast: ID Theft by Insiders to Grow Dramatically in '06. Read more

. 25 November 2005 Guides, Papers, etc www.securityfocus.com: Tenable discusses the Nessus 3 release. Read more cnews.canoe.ca: News by Mafiaboy. Read more www.ares-conf.org: ARES 2006. The First International Conference on Availability, Reliability and Security. Read more security.ithub.com: When Legal Strikes�Chaos Theory Meets DRM. Read more support.microsoft.com: Description of the Windows File Protection Feature. Read more www.securitycompass.com: Writing Stack Based Overflows on Windows. Part I � Basic Concepts. Read more Part II - Windows Assembly for writing Exploits. Read more Part III - Stack Overflows. Read more Part IV � Shell Code Creation and Exploiting An Application Remotely. Read more www.line56.com: Hacking Google. Read more wired.com: Who's Afraid of Google? Everyone. Read more redtape.msnbc.com: I *STILL* KNOW WHO YOU CALLED LAST MONTH. Read more   News www.securityfocus.com: The color of trust. Read more www.theregister.co.uk: Opera *nixed by security bug. Read more www.theregister.co.uk: UK 'full of fraudsters' - survey. Read more news.com.com: Microsoft loses money on each Xbox. Read more

. 24 November 2005 Guides, Papers, etc www.viruslist.com: The contemporary antivirus industry and its problems. Read more   Vulnerabilities & Exploits securitytracker.com: Cisco PIX Firewall Lets Remote Users Block TCP Connections By Spoofing Packets with Invalid Checksums. Read more securitytracker.com: IBM WebSphere on z/OS Double-Free Bug Lets Remote Users Crash the Service. Read more securitytracker.com: IPSec-tools IKE Processing Lets Remote Users Deny Service. Read more securitytracker.com: Opera URL Loading Script Backtick Parsing Lets Remote Users Execute Arbitrary Shell Commands. Read more securitytracker.com: Driverse May Let Local Users Invoke ptrace() to Gain Elevated Privileges. Read more securitytracker.com: Microsoft Internet Explorer Bug in Processing onload() Events May Let Remote Users Execute Arbitrary Code. Read more www.debian.org: DSA-910-1 zope.2.7 -- design error. Read more www.debian.org: DSA-909-1 horde3 -- missing input sanitising. Read more   News www.theregister.co.uk: Sony fiasco: More questions than answers. Read more news.zdnet.co.uk: Schneier: Worry about cybercriminals, not terrorists. Read more software.silicon.com: Chinese hackers breach US military defences. Read more www.vnunet.com: Microsoft blasts security firm for early disclosure. Read more www.securityfocus.com: Latest virus a sober threat. Read more news.com.com: Latest Sober threatens e-mail gateways. Read more seattlepi.nwsource.com: That e-mail from the FBI? It probably isn't. Read more www.securityfocus.com: Google appliances vulnerable. Read more www.itweb.co.za: Famous hacker heads to SA. Read more www.theregister.co.uk: Gartner 'clarifies' Windows Vista advice. Read more www.computing.co.uk: CA plots security management research arm. Read more

. 23 November 2005 Guides, Papers, etc mvp.unixwiz.ne: rpat - Realtime Proxy Abuse Triangulation. Read more astalavista.com: Distributed Phishing Attacks. Read more www.windowsecurity.com: Windows & Active Directory Auditing. Read more   Vulnerabilities & Exploits securitytracker.com: PowerChute Network Shutdown Uses a Non-Secure Web Interface. Read more securitytracker.com: Symantec Firewall/VPN Appliance IPSec IKE Processing Lets Remote Users Deny Service. Read more securitytracker.com: Symantec Gateway Security IPSec IKE Processing Lets Remote Users Deny Service. Read more securitytracker.com: Symantec Enterprise Firewall IPSec IKE Processing Lets Remote Users Deny Service. Read more securitytracker.com: Google Search Appliance 'proxystylesheet' Parameter Lets Remote Users Execute Arbitrary System Commands. Read more securitytracker.com: Advanced Poll Input Validation Hole in 'popup.php' Permits Cross-Site Scripting Attacks. Read more www.debian.org: DSA-908-1 sylpheed-claws -- buffer overflows. Read more www.debian.org: DSA-907-1 ipmenu -- insecure temporary file. Read more www.debian.org: DSA-906-1 sylpheed -- buffer overflows. Read more moritz-naumann.com: VHCS 2.x HTTP Error Cross Site Scripting. Read more   News www.itnews.com.au: Microsoft promises to patch IE zero-day bug. Read more www.securityfocus.com: Sony-baloney. Read more www.theregister.co.uk: Sony unsinged by rootkit CD fiasco. Read more www.technewsworld.com: Lawsuits, Copyright Pilfering Allegations Added to Sony CD Snafu. Read more www.betanews.com: EFF Files Lawsuit Against Sony BMG. Read more www.itnews.com.au: New Sober worm spoofs FBI, CIA. Read more www.theregister.co.uk: FBI warns over Sober worm. Read more www.theregister.co.uk: SANS compiles Top 20 security vulns list. Read more www.gcn.com: Hackers take �90-degree-turn� in their attacks. Read more www.theregister.co.uk: Search usurping email as top internet activity. Read more www.websensesecuritylabs.com: Phishing Alert: Academy Bank. Read more www.websensesecuritylabs.com: Phishing Alert: Teacher Federal Credit Union. Read more www.websensesecuritylabs.com: Phishing Alert: Bank of Clarke County. Read more www.theregister.co.uk: Exploit code unpicks IE flaw. Read more dot.kde.org: Web Browser Developers Work Together on Security. Read more news.bbc.co.uk: Hungry for net freedom in Tunisia. Read more www.vnunet.com: Liverpool fans duped by phishing scam. Read more news.bbc.co.uk: Sony sued over controversial CDs. Read more blog.ziffdavis.com: Symantec AntiVirus Corporate Edition, the Secret Anti-Rootkit Tool? Read more www.redherring.com: The (Xbox) Game Is On. Read more

. 22 November 2005 Guides, Papers, etc www.benedelman.org: Cleaning Up Sony's Rootkit Mess. Read more www.spywarewarrior.com: 180solutions in 365 Days. Read more www.pcworld.com: Web of Crime Series. Read more insight.zdnet.co.uk: Why rootkits mean you must nuke your machine. Read more news.com.com: What makes a rootkit? Read more news.com.com: Who has the right to control your PC? Read more blogs.msdn.com: Better Website Identification and Extended Validation Certificates in IE7 and Other Browsers. Read more www.pcmag.com: Security Watch: Killfiles.AD Could Wipe Out Your System. Read more www.eweek.com: By Larry Seltzer. Tough Decisions: Heuristics and Threats. Read more   Vulnerabilities & Exploits Microsoft Security Advisory (911302) Vulnerability in the way Internet Explorer Handles onLoad Events Could Allow Remote Code Execution. Read more www.debian.org: DSA-905-1 mantis -- several vulnerabilities. Read more www.debian.org: DSA-904-1 netpbm-free -- buffer overflows. Read more www.debian.org: DSA-903-1 unzip -- race condition. Read more www.debian.org: DSA-902-1 xmail -- buffer overflow. Read more www.debian.org: DSA-811-2 common-lisp-controller -- design error. Read more   News www.securityfocus.com: Texas puts Sony BMG in its sights. Read more www.vnunet.com: 'Computer terrorism' exposes unpatched Explorer flaw. Read more www.securityfocus.com: Shadowcrew Six plead guilty. Read more www.usdoj.gov: Six Defendants Plead Guilty in Internet Identity Theft and Credit Card Fraud Conspiracy. Read more www.businessweek.com: Viruses Get Smarter -- and Greedy. Read more www.techtree.com: FBI Warns of Email Scam. Read more www.technewsworld.com: Microsoft Rebukes Security Researcher. Read more today.reuters.co.uk: Online criminals shift focus of attack-study. Read more www.theregister.co.uk: Nigerian fraud duo jailed for 37 years. Read more www.vnunet.com: EFF slaps lawsuit on Sony for XCP 'damage'. Read more www.theregister.co.uk: Gaffer tape defeats Sony DRM rootkit. Read more seattletimes.nwsource.com: Sony BMG faces two lawsuits over anti-piracy software. Read more www.vnunet.com: RIAA praises Sony over rootkit debacle. Read more news.com.com: Sony sailing past rootkit controversy. Read more www.eff.org: SonyBMG Litigation and Rootkit Info. Read more www.boingboing.net: Sony anti-customer technology roundup and time-line. Read more today.reuters.com: Microsoft in video game market for long haul: Gates. Read more www.theregister.co.uk: Patchy response to reducing security exposure. Read more

. 21 November 2005 Guides, Papers, etc www.dailytimes.com.pk: Machines and objects to overtake humans on the Internet. Read more www.qualys.com: The Laws of Vulnerabilities. Read more www.rootsecure.net: Analysis of WEP and RC4 Algorithms. Read more www.rootsecure.net: Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection. Read more www.airespace.com: Wireless Intrusion Detection & Prevention. Read more   Tools: www.sofotex.com: Encrypted RunAs. Read more   Vulnerabilities & Exploits www.soulblack.com.ar: ExoPHPDesk Multiple Remote Vulnerabilities. Read more www.debian.org: DSA-901-1 gnump3d -- programming error. Read more securitytracker.com: e-Quick Cart Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more securitytracker.com: Groupmax Mail SMTP Can Be Crashed By Remote Users With a Specially Crafted E-Mail Message. Read more securitytracker.com: Groupmax Collaboration Suite Bugs Let Remote Users Conduct Cross-Site Scripting and Remote Denial of Service Attacks. Read more securitytracker.com: Cosminexus Collaboration Suite Bugs Let Remote Users Conduct Cross-Site Scripting and Remote Denial of Service Attacks. Read more   News www.centredaily.com: 6 plead guilty for role in identity theft. Read more fraudwar.blogspot.com: Nigerians Convicted in 242 Million Fraud Scam. Read more www.informationweek.com: Sony Plays The Blues As Bloggers Turn Up The Volume. Read more nwc.securitypipeline.com: Sony Rootkits: A Sign Of Security Industry Failure. Read more www.infoworld.com: More questions raised as Sony starts rootkit exchange. Read more lefsetz.com: Bring Me The Head Of Andy Lack. Read more www.eweek.com: Analysts Warn that Hackers Are Turning to Client Apps. Read more www.cpwire.com: CP NewsLink Transcript: Cary Sherman of the RIAA. Read more www.vnunet.com: Firms admit to mobile security shambles. Read more www.technewsworld.com: Google Sitemaps Flaw Draws User Concern. Read more www.nzherald.co.nz: Online dating services accused of fraud. Read more www.washingtonpost.com: Study: Search Now No. 2 Among Web Tasks. Read more www.redherring.com: Youth�s Death Linked to Game. Read more

. 19 November 2005 Guides, Papers, etc www.microsoft.com: Microsoft Security Advisory (911052) Memory Allocation Denial of Service Via RPC. Read more www.eweek.com: By Larry Seltzer: User Privileges, Malware and the Sony Rootkit Debacle. Read more   Tools: www.stachliu.com: MD5 Collision Generation. Read more   Vulnerabilities & Exploits securitytracker.com: Novell NetMail Buffer Overflows in IMAP Service May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: MailEnable Bugs Let Remote Authenticated Users Execute Arbitrary Code and Create/Delete Directories on the Target System. Read more securitytracker.com: VP-ASP Input Validation Error in 'shopadmin.asp' Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Eudora WorldMail Server Directory Traversal in IMAP Server Lets Remote Authenticated Users Read Arbitrary E-mail Messages. Read more securitytracker.com: Check Point FireWall-1/VPN-1 IPSec IKE Processing Lets Remote Users Deny Service. Read more   News www.securityfocus.com: Sony BMG: The security remix. Read more www.theregister.co.uk: Sony's CD rootkit infringes DVD Jon's copyright. Read more news.zdnet.com: Did Sony 'rootkit' pluck from open source? Read more www.theregister.co.uk: Exploit code targets unpatched Windows flaw. Read more software.silicon.com: Hacker group uses BitTorrent for breaches. Read more www.techspot.com: Keystroke logging booming. Read more www.newsday.com: Operators of Web site admit role in online identity theft ring. Read more www.securityfocus.com: Sitemaps for all. Read more news.com.com: Week in review: Sony's sour note. Read more news.bbc.co.uk: Amazon offer for Sony CD buyers. Read more www.theregister.co.uk: Sony's rootkit drives squirrels to new careers in adult movies. Read more www.betanews.com: Novell Attacks Microsoft Linux Study. Read more www.vnunet.com: Legislators search for right way to outlaw DoS. Read more www.s-ox.com: How Hackers Can Destroy Yor Business. Read more physicsweb.org: Search engines are not unfair. Read more

. 18 November 2005 Guides, Papers, etc wired.com: Real Story of the Rogue Rootkit. Read more www.invisiblethings.org: Concepts for the Stealth Windows Rootkit. Read more www.securityfocus.com: Windows rootkits in 2005, part two. Read more www.techweb.com: Rootkits DOA In 64-bit Software, Says Microsoft. Read more www.sophos.com: Are you a spammer? Why stopping zombies dead in their tracks is essential. Read more www.webroot.com: State of Spyware. Read more   Vulnerabilities & Exploits securitytracker.com: Microsoft AntiSpyware Improper CreateProcess() Call Lets Local Users Execute Arbitrary Code. Read more securitytracker.com: LiteSpeed Web Server Input Validation Flaw in 'confMgr.php' Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Microsoft Windows RPC Service May Let Remote Users Deny Service. Read more securitytracker.com: Cisco 7920 Wireless IP Phone Grants Remote Users SNMP Access, Discloses Debugging Information, and Lets Remote Users Deny Service. Read more securitytracker.com: Revize CMS Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more securitytracker.com: freeFTPd Can Be Crashed By Remote Users. Read more securitytracker.com: HP-UX IPSec IKE Processing Lets Remote Users Deny Service. Read more securitytracker.com: HP JetDirect 635n Print Server IKE Processing Lets Remote Users Deny Service. Read more securitytracker.com: VMware Workstation Improper CreateProcess() Call Lets Local Users Execute Arbitrary Code. Read more securitytracker.com: Kaspersky Anti-Virus for Windows File Servers Improper CreateProcess() Call Lets Local Users Execute Arbitrary Code. Read more securitytracker.com: RealPlayer Improper CreateProcess() Call Lets Local Users Execute Arbitrary Code. Read more securitytracker.com: Apple iTunes for Windows Improper CreateProcess() Call Lets Local Users Execute Arbitrary Code. Read more securitytracker.com: Macromedia Contribute Publishing Server May Use a Weak Password Encryption Method. Read more www.debian.org: DSA-900-1 fetchmail -- programming error. Read more www.debian.org: DSA-899-1 egroupware -- programming errors. Read more www.debian.org: DSA-898-1 phpgroupware -- programming errors. Read more   News www.theregister.co.uk: Sony DRM uninstaller 'worse than rootkit'. Read more www.usatoday.com: CD woes may have had roots in merger. Read more www.theregister.co.uk: Sony in USB lead porn punt shocker. Read more news.bbc.co.uk: More pain for Sony over CD code. Read more www.microsoft.com: Microsoft Enhances Phishing Protection for Windows, MSN and Microsoft Windows Live Customers. Read more www.esecurityplanet.com: IM Virus Mutations Up the Security Threat. Read more www.biosmagazine.co.uk: The New Hackers On The Block. Read more www.securityfocus.com: Can adware be trusted? Read more www.theregister.co.uk: 'Vindictive' UK spammer jailed for six years. Read more www.theregister.co.uk: Microsoft may look again at virus notification. Read more www.informationweek.com: Why 'Windows Live' Ain't Dead Yet. Read more www.idsnews.com: Hacker accesses 5,300 personal student records. Read more www.theregister.co.uk: Users don't trust websites with personal info. Read more news.netcraft.com: Report a phishing site, gain a chance to win an Ipod. Read more

. 17 November 2005 Guides, Papers, etc www.ngssoftware.com: Data-mining with SQL Injection and Inference. Read more www.microsoft.com: Understanding Reliability of Evolving Systems. Read more www.washingtonpost.com: Bypassing the Password Prompt. Read more support.microsoft.com: How to stop an ActiveX control from running in Internet Explorer. Read more   Vulnerabilities & Exploits www.frsirt.com: Sony CD First4Internet XCP Uninstallation ActiveX Vulnerabilities. Read more www.elhacker.net: Gmail Bug. Read more www.cisco.com: Cisco Security Advisory: Fixed SNMP Communities and Open UDP Port in Cisco 7920 Wireless IP Phone. Read more www.idefense.com: Multiple Vendor Insecure Call to CreateProcess() Vulnerability. Read more securitytracker.com: Macromedia Breeze Communication Server RTMP Processing Bug Lets Remote Users Deny Service. Read more securitytracker.com: Macromedia Flash Communication Server RTMP Processing Bug Lets Remote Users Deny Service. Read more securitytracker.com: gdk-pixbuf Bugs in Processing XPM Images Let Remote Users Deny Service or Execute Arbitrary Code. Read more www.frsirt.com: Microsoft Windows RPC Memory Allocation Remote Denial of Service Exploit. Read more   News www.securityfocus.com: Sony BMG's copy-protection problems grow. Read more www.sysinternals.com: Mark's Sysinternals Blog: Victory! Read more news.com.com: Attack targets Sony 'rootkit' fix. Read more www.securityfocus.com: Counterfeiters caught in a jam. Read more www.prnewswire.com: CMP Media Acquires Black Hat. Read more www.securityfocus.com: A $10-million hat. Read more software.silicon.com: Zombie armies are shrinking, says security guru. Read more software.silicon.com: Sony's DRM woes grow as hackers say hello. Read more news.com.com: Sony launches free Internet phone service. Read more news.com.com: Bumpy start for Google analytics giveaway. Read more www.theregister.co.uk: GoogleNet conquers Mountain View. Read more www.theregister.co.uk: Bavarian police have spooky Sober moment. Read more

. 16 November 2005 Guides, Papers, etc www.benedelman.org: What Claria Doesn't Disclose (Any More). Read more castlecops.com: Windows Security Checklist - Part 31: Rootkit Revelations. Read more net-security.org: Interview with Alf Watt, Creator of iStumbler. Read more   Tools: www.sysinternals.com: RootkitRevealer v1.56. Read more   Vulnerabilities & Exploits securitytracker.com: PHP-Nuke Input Validation Error in Search Module Lets Remote Users Inject SQL Commands. Read more securitytracker.com: Openswan IKE Processing Lets Remote Users Deny Service. Read more securitytracker.com: phpMyAdmin 'libraries/header_http.inc.php' Lets Remote Users Conduct HTTP Response Splitting Attacks. Read more securitytracker.com: IBM AIX diagela Absolute Path Vulnerability Has Unspecified Impact. Read more securitytracker.com: EasyPageCMS Input Validation Flaw Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Sun Solaris IKE Processing Lets Remote Users Deny Service. Read more securitytracker.com: OpenBSD IKE Processing May Let Remote Users Deny Service. Read more securitytracker.com: aMember Input Validation Bugs in 'sendpass.php' and 'member.php' Permit Cross-Site Scripting Attacks. Read more securitytracker.com: ekinboard Input Validation Holes Let Remote Users Conduct Cross-Site Scripting Attacks. Read more securitytracker.com: PHPCalendar, PHPClique, PHPFanBase, PHPCurrently, and PHPQuotes Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Cisco Adaptive Security Appliance Failover Bug Lets Remote Users Deny Service in Certain Conditions. Read more securitytracker.com: Walla! TeleSite Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks. Read more www.debian.org: DSA-897-1 phpsysinfo -- programming errors. Read more   News news.bbc.co.uk: US retains hold of the internet. Read more hack.fi: Muzzy's research about Sony's XCP DRM system. Read more seattletimes.nwsource.com: Sony BMG digs itself deeper hole in security. Read more www.the-interweb.com: Is Sony in violation of the LGPL? - Part II. Read more www.freedom-to-tinker.com: Sony�s Web-Based Uninstaller Opens a Big Security Hole; Sony to Recall Discs. Read more www.securityfocus.com: Report: PC security weakened by Sony uninstaller. Read more www.doxpara.com: Welcome To Planet Sony. At least 568,200 nameservers have witnessed DNS queries related to the rootkit. Read more www.idiotabroad.com: CD�s affected by the Sony-BMG spyware. Read more www.etmag.com: Sony malware infections in the millions - security expert. Read more www.theregister.co.uk: Sony rootkit DRM: how many infected titles? Read more www.sysinternals.com: Sony: No More Rootkit - For Now. Read more www.eff.org: An Open Letter to Sony-BMG. Read more www.redherring.com: Keylogger Threats Rise 65%. Read more news.zdnet.com: Bots may get cloak of encryption. Read more software.silicon.com: Virus alert: Sober trio in the wild. Read more www.securityfocus.com: Bavarian police predict new viruses. Read more www.betanews.com: Microsoft Software to Require 64-bits. Read more www.theregister.co.uk: Gates promises a supercomputer under every desk. Read more www.redmondmag.com: Gates: Microsoft Ships Beta 2 of HPC Cluster Version of Windows. Read more www.terra.net.lb: Microsoft throws weight behind supercomputer software. Read more www.theregister.co.uk: Sony in internet 'price-rigging' rumpus. Read more www.channelregister.co.uk: 'Honest' card scam hits e-traders. Read more www.betanews.com: Record Industry Sues 2,100 P2P Users. Read more

. 15 November 2005 Guides, Papers, etc www.sda-asia.com: Kang Meng Chow Outlines Microsoft's Security and Privacy Protection Strategy. Read more www.informationweek.com: It Takes A Hacker To Catch One. Read more news.bbc.co.uk: Google searches for the future. Read more www.securityfocus.com: Sony's legal issues. Read more www.antiphishing.org: Online Identity Theft: Phishing Technology, Chokepoints and Countermeasures. Read more news.softpedia.com: Worms and Viruses Are A Thing of the Past. Read more nitecruzr.blogspot.com: Please Protect Yourself - Layer Your Defenses. Read more www.theregister.com: Meet the man who will save the internet. Read more   Tools: denyhosts.sourceforge.net: DenyHosts is a script intended to be run by Linux system administrators to help thwart ssh server attacks. Read more fail2ban.sourceforge.net: Fail2Ban Bans IP that makes too many password failures. Read more   Vulnerabilities & Exploits www.debian.org: DSA-896-1 linux-ftpd-ssl -- buffer overflow. Read more www.debian.org: DSA-895-1 uim -- programming error. Read more www.debian.org: DSA-894-1 abiword -- buffer overflows. Read more www.debian.org: DSA-893-1 acidlab -- missing input sanitising. Read more   News www.msnbc.msn.com: CIA slipped bugs to Soviets. Read more news.com.com: VPN flaw threatens Internet traffic. Read more www.securityfocus.com: Microsoft to mark Sony "rootkit" for removal. Read more www.freedom-to-tinker.com: Don�t Use Sony�s Web-based XCP Uninstaller. Read more blogs.washingtonpost.com: More Sony Problems to Be Revealed. Read more www.technewsworld.com: Why You Shouldn't Buy Products From Sony This Season. Read more www.signonsandiego.com: Sony CDs allow spying and hacking, experts say. Read more news.zdnet.com: Sony rootkit prompts office clampdown on CD use. Read more news.bbc.co.uk: US heads for internet showdown. Read more news.zdnet.com: Bank customers willing to pay for online security. Read more australianit.news.com.au: Trojans targetting government agencies. Read more icbirmingham.icnetwork.co.uk: Trio jailed for eBay 'phishing' scam. Read more www.vnunet.com: Sony backs out of rootkit anti-piracy scheme. Read more www.scmagazine.com: Malware effects inconsistent throughout British business. Read more www.scmagazine.com: Most IT acceptable use policies contain 'gaping security holes'. Read more www.timesonline.co.uk: End to online bargains as Sony forces prices higher. Read more news.ft.com: Intel releases chips that can divide PCs. Read more

. 14 November 2005 Guides, Papers, etc www.owasp.org: Expanding Exposure: The Decreasing Time Between Web Application Vulnerability and Exploitation. Read more www.eweek.com: If Windows Had Never Happened ... Read more www.geocities.com: Hackers Today - Part 1. Read more files.malwareblog.com: EFFECTIVE SECURITY POLICY MANAGEMENT. Read more www.viruslist.com: Jerusalem virus. Read more   Tools: Internet Explorer Developer Toolbar. Read more   Vulnerabilities & Exploits securitytracker.com: Lynx 'lynxcgt:' Handler Configuration Bug Lets Remote Users Execute Arbitrary Commands. Read more securitytracker.com: Kerio WinRoute Firewall May Let Users of Disabled Account s Authenticate to the System. Read more securitytracker.com: phpAdsNew Input Validation Bugs in '/admin/lib-sessions.inc.php' Permit SQL Injection Attacks. Read more www.debian.org: DSA-892-1 awstats -- missing input sanitising. Read more www.debian.org: DSA-891-1 gpsdrive -- format string. Read more   News www.bbspot.com: New Sony Digital Camera Installs Rootkit to Stop Photo Sharing. (satire) Read more news.zdnet.com: Microsoft will wipe Sony's 'rootkit'. Read more www.theinquirer.net: Microsoft removes Sony malware with implications. Read more news.com.com: Are these the Sony rootkit CDs? Read more cooltech.iafrica.com: Hacking the consumer. Read more www.watchguard.com: Good intentions pave Sony's road to DRM hell. Read more www.itnews.com.au: RealNetworks patches pair of critical bugs in Player. Read more news.com.com: Google gets analytical. Read more www.macworld.com: US company hopes to block Skype in China. Read more www.technewsworld.com: US Mandates More Security in Online Banking. Read more blogs.zdnet.com: Anti-spyware spread by spyware. Read more sunbeltblog.blogspot.com: Seen in the wild: Lookoutsoft.net. Read more cnews.canoe.ca: Ontario mom faces $2M libel suit for website about problems in neighbourhood. Read more

. 12 November 2005 Guides, Papers, etc www.pcmag.com: By Larry Seltzer: Rootkits: The Ultimate Stealth Attack. Read more www.windowsecurity.com: Shells for Sale! (Part 3). Read more castlecops.com: Virtual Machines - Rapid Deployment Of Security Tools. Read more www.trendmicro.com: The Future of Bot Worms. Read more www.trendmicro.com: Phishing Attacks Going �Professional�. Read more www.icir.org: A Hybrid Quarantine Defense. Read more www.icir.org: Toward Understanding Distributed Blackhole Placement. Read more   Vulnerabilities & Exploits securitytracker.com: Sudo Input Validation Flaw in Perl-related Environment Variables Lets Certain Local Users Execute Arbitrary Perl Code. Read more securitytracker.com: Sun Solaris in.named Lets Remote Users Deny Service. Read more securitytracker.com: TikiWiki Input Validation Holes in 'user_preferences.php' and 'editpage.php' Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Helix Player Buffer Overflows in Processing .rm Files and Skin Files Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: RealPlayer/RealOne Player Buffer Overflows in Processing .rm Files and Skin Files Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: RealPlayer Enterprise Buffer Overflows in Processing .rm Files and Skin Files Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Moodle Input Validation Hole in 'datalib.php' Lets Remote Users Inject SQL Commands and Execute PHP Code. Read more securitytracker.com: lm_sensors Unsafed Temporary File Lets Local Users Gain Elevated Privileges. Read more   News www.securityfocus.com: Sony to stop making "rootkit" CDs. Read more today.reuters.com: Sony BMG Pulls CD Copy-Protection Software. Read more www.theregister.co.uk: Sony suspends rootkit DRM. Read more www.theregister.co.uk: Mac anti-rip code surfaces on Sony BMG CD. Read more www.wral.com: Petrick Googled 'Neck,' 'Snap,' Among Other Words, Prosecutor Says. Read more www.securitypronews.com: Tsunami Hacker Got A Real Job. Read more news.com.com: Feds' Net-wiretap order set to kick in. Read more news.zdnet.co.uk: Gartner: Ignore Vista until 2008. Read more www.securityfocus.com: FTC shutters suspected spyware group. Read more www.theregister.co.uk: Court restrains US spyware outfit. Read more news.com.com: Torvalds gets tough on kernel coders. Read more www.terra.net.lb: Microsoft settles anti-trust suit for 30 million dollars. Read more news.com.com: Week in review: Microsoft's memos. Read more www.vnunet.com: Dealing with unwelcome visitors. Read more news.bbc.co.uk: Google talks up print and privacy. Read more www.technewsworld.com: Less Than Half of Consumers Feel Safe Shopping Online. Read more www.techworld.com: Giants team to make VoIP work with firewalls. Read more

. 11 November 2005 Guides, Papers, etc www.bitdefender.com: Backdoor.IRC.Snyd.A. Read more www.f-secure.com: Breplibot.C. Read more   Vulnerabilities & Exploits securitytracker.com: Mambo Lets Remote Users Traverse the Directory and View Files on the Target System. Read more   News www.theregister.co.uk: First Trojan using Sony DRM spotted. Read more www.sci-tech-today.com: Hackers Exploit Secret Copy Protections Found in Sony CDs. Read more www.cnn.com: New virus uses Sony BMG software. Read more www.securityfocus.com: Sony BMG faces digital-rights seige. Read more www.theregister.co.uk: Sophos develops Sony DRM unmasking tool. Read more www.eweek.com: Microsoft 'Concerned' by Sony DRM. Read more news.bbc.co.uk: Sony sued over copy-protected CDs. Read more www.theregister.co.uk: Sony hit by lawsuits over root kit. Read more www.scmagazine.com: Sony application classified as spyware. Read more www.eff.org: Now the Legalese Rootkit: Sony-BMG's EULA. Read more www.techweb.com: U.K. Commercial Keylogger Challenges Anti-Spyware Vendor Sunbelt. Read more news.com.com: New Windows Trojan causes confusion. Read more www.wired.com: Microsoft's Secret Bug Squasher. Read more news.zdnet.com: Court puts clamp on alleged spyware ring. Read more www.azstarnet.com: Global Web fraud case has 17 local indictments. Read more www.theregister.co.uk: BBC film exposes phone scam misery. Read more www.theregister.co.uk: Email 'get rich quick' scams double in October. Read more www.pcworld.com: Will Hackers Target Copiers? Read more

. 10 November 2005 Guides, Papers, etc www.securityfocus.com: Linux worm overrated. Read more www.infoworld.com: A constant state of insecurity. Read more www.securityfocus.com: Gold at the end of rainbow cracking? Read more www.microsoft.com: Help keep your personal information safe when filling out a FAFSA. Read more   Tools: fileforum.betanews.com: nnCron is an advanced scheduler, reminder, and automation manager with a powerful scripting language. It can start applications, display messages, dial and hang up, shutdown/hibernate and wake up your PC, manage clipboard/files/registry, run tasks as specified user, and many more. Read more   Vulnerabilities & Exploits www.cybsec.com: HTTP Response Splitting in SAP WAS (Web Application Server). Read more securitytracker.com: SAP Web Application Server Input Validation Holes Permit HTTP Response Splitting, Cross-Site Scripting, and Phishing Attacks. Read more securitytracker.com: HP-UX Trusted Mode Unspecified remshd Bug Lets Remote Users Access the System. Read more securitytracker.com: HP-UX envd Lets Local Users Gain Elevated Privileges. Read more securitytracker.com: IBM Tivoli Directory Server Unspecified SLAPD Binding Error May Let Remote Users Modify/Delete Data. Read more securitytracker.com: Veritas NetBackup Buffer Overflow in vmd Shared Library Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: VERITAS Cluster Server for UNIX Buffer Overflow in VCSI18N_LANG Environment Variable Lets Local Users Gain Root Privileges. Read more securitytracker.com: Microsoft Windows Buffer Overflows in Graphics Rendering Engine Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: PHPKIT Has Multiple Bugs That Permit Remote Code Execution, SQL Injection, and Cross-Site Scripting Attacks. Read more securitytracker.com: ATutor Input Validation Hole in 'registration.php' Lets Remote Users Inject SQL Commands and Execute Arbitrary Code. Read more securitytracker.com: ATutor Input Validation Holes Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks. Read more securitytracker.com: Asterisk Web-Voicemail Discloses Voicemail Messages to Remote Authenticated Users. Read more securitytracker.com: OSTE Include File Flaw Lets Remote Users Execute Arbitrary Commands. Read more securitytracker.com: Gallery 'showGallery.php' Input Validation Hole in 'galid' Parameter Lets Remote Users Inject SQL Commands. Read more Microsoft Windows Macromedia Flash Player Improper Memory Access. Read more   News www.theregister.co.uk: Critical MS patch fixes graphics bugs. Read more www.sysinternals.com: Sony: You don�t reeeeaaaally want to uninstall, do you? Read more blogs.washingtonpost.com: Calif. Lawsuit Targets Sony. Read more www.eff.org: Are You Infected with Sony-BMG's Rootkit? EFF Confirms Secret Software on 19 CDs. Read more www.vnunet.com: CA blacklists Sony DRM. Read more news.com.com: Antivirus firms target Sony 'rootkit'. Read more www.usdoj.gov: Houston Man Pleads Guilty to Federal Identity Theft Charges, Says Justice Department. Read more www.theregister.co.uk: Software testers become 'rock stars' for Microsoft. Read more www.theregister.co.uk: Gates memo warns of future threats. Read more www.redherring.com: Gates Memo Rocks Microsoft. Read more www.millersmiles.co.uk: eBay phishing alert. Read more www.vnunet.com: Phishers target Google users. Read more www.technewsworld.com: Microsoft Rebrands, Broadens Spyware Solution. Read more

. 09 November 2005 Guides, Papers, etc news.com.com: A worm by any other name. Read more www.eweek.com: Is This the Dawn of the Linux Worms? Read more news.com.com: Give developers secure-coding ammo. Read more www.wired.com: History's Worst Software Bugs. Read more   Vulnerabilities & Exploits www.debian.org: DSA-890-1 libungif4 -- several vulnerabilities. Read more   News www.microsoft.com: Microsoft Security Bulletin Summary for November, 2005. Read more www.securityfocus.com: Microsoft fixes imperfect picture flaw. Read more www.vnunet.com: Windows graphics bug opens backdoor. Read more www.sysinternals.com: Sony�s Rootkit: First 4 Internet Responds. Read more www.eweek.com: Sony's Second 'Rootkit' DRM Patch Doesn't Hush Critics. Read more www.theregister.co.uk: Sony digital boss - rootkit ignorance is bliss. Read more www.informationweek.co: Computer Associates Joins Battle Against Sony Copy Protection Software. Read more www.bakutoday.net: Accused US 'botmaster' denies hijacking thousands of computers. Read more www.vnunet.com: Windows Update Trojan causes havoc. Read more money.cnn.com: Report: Hackers emptying online accounts. Read more news.tmcnet.com: No bond for Los Angeles man charged with spreading computer viruses. Read more news.com.com: Gates memo warns of 'disruptive' changes. Read more www.mercurynews.com: ChoicePoint notifies another 17,000 consumers on possible breach. Read more www.theregister.co.uk: Cisco's 'Black Hat' nemesis joins Juniper. Read more www.theregister.co.uk: Card fraud grows online. Read more news.bbc.co.uk: Card fraudsters target easy prey. Read more www.theinquirer.net: Nigerian scammers used US airbase, claim. Read more

. 08 November 2005 Guides, Papers, etc blogs.technet.com: What's in a name?? A lot!! Announcing Windows Defender! Read more news.com.com: Why they say spyware is good for you. Read more news.com.com: Ballmer: Here's why Microsoft is different. Read more www.pcworld.com: Copyright Crackdown. Read more   Vulnerabilities & Exploits securitytracker.com: PEAR Installer Lets Remote Users Execute Arbitrary Code in Certain Cases. Read more securitytracker.com: F-Secure Internet Gatekeeper CGI Scripts Let Local Users Obtain Root Privileges. Read more securitytracker.com: F-Secure Anti-Virus Linux Gateway CGI Scripts Let Local Users Obtain Root Privileges. Read more securitytracker.com: HP-UX ftpd LIST Command Lets Remote Authenticated Users View Directory Contents. Read more securitytracker.com: cPanel Input Validation Hole in Entropy Chat Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Macromedia Flash Index Boundary Error Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: IBM Lotus Domino/Notes Has Multiple Bugs That Allow Remote Users to Deny Service or Cause Other Unspecified Impacts. Read more securitytracker.com: Clam AntiVirus CAB, FSG, and OLE Bugs Let Remote Users Deny Service or Execute Arbitrary Code. Read more www.hardened-php.net: Multiple vulnerabilities in PHPKIT. Read more www.debian.org: DSA-889-1 enigmail -- programming error. Read more www.debian.org: DSA-888-1 openssl -- cryptographic weakness. Read more www.debian.org: DSA-887-1 clamav -- several vulnerabilities. Read more www.debian.org: DSA-886-1 chmlib -- several vulnerabilities. Read more www.debian.org: DSA-885-1 openvpn -- several vulnerabilities. Read more www.debian.org: DSA-884-1 horde3 -- design error. Read more   News www.techworld.com: Sony faces police investigation into DRM code. Read more www.internetnews.com: Sony Facing Not-so-Secretive Legal Action. Read more www.pcpro.co.uk: Sony rootkit DRM to spark copycat viruses. Read more news.com.com: EMI: We don't use rootkits. Read more www.networkworld.com: Botnets getting nastier. Read more www.securityfocus.com: In defense of Windows. Read more www.theregister.co.uk: Say hello to Windows Defender. Read more www.securityfocus.com: Skype under scrutiny for bugs. Read more www.theregister.co.uk: Skype explains why security evaluation omitted bug reports. Read more news.bbc.co.uk: Crooks turn to online card fraud . Read more www.securityfocus.com: New Linux worm crawls the web. Read more www.websensesecuritylabs.com: Malicious Website / Malicious Code: Microsoft Plug and Play Scam / Trojan Horse. Read more

. 07 November 2005 Guides, Papers, etc www.zdnet.com.au: Kevin Mitnick on hacking's evolution. Read more blog.ziffdavis.com: By Larry Seltzer: Sony Blithe About Rootkits, Lies About Privacy Violations. Read more www.techworld.com: How long does it take to crack a terrorist hard drive? Read more www.techworld.com: VoIP may be vulnerable to barrage of threats, part 1. Read more www.informit.com: Mastering File Types in Windows XP. Read more nwc.securitypipeline.com: Using Identity-Based Networking For Secure LAN Control. Read more www.techworld.com: Microsoft: multi-core chips changing PC software design. Read more homepages.cwi.nl: Analyzing Worms using Compression. Read more astalavista.com: Astalavista Group Security Newsletter Issue 22 - 30 October 2005. Read more www.secinf.net: I installed my Home Wireless Network and my neighbor was using it! Read more   Tools: www.f-secure.com: F-Secure BlackLightTM (Beta Release). Read more   Vulnerabilities & Exploits www.frsirt.com: Macromedia Flash Player Remote Command Execution Vulnerability. Read more www.debian.org: DSA-883-1 thttpd -- insecure temporary file. Read more www.debian.org: DSA-882-1 openssl095 -- cryptographic weakness. Read more www.debian.org: DSA-881-1 openssl096 -- cryptographic weakness. Read more   News www.sysinternals.com: More on Sony: Dangerous Decloaking Patch, EULAs and Phoning Home. Read more www.npr.org: PRESIDENT of Sony BMG's Global Digital Business: "Most people, I think, do not even know what a Rootkit is, so why should they care about it?". Listen www.fr33d0m.net: Microsoft's Free Web-based Virus Scanner Sends Data Back To Microsoft. Read more www.zdnet.com.au: ISPs recruited by government to kill zombies. Read more www.zdnet.com.au: Hackers target Ruddock's department. Read more news.netcraft.com: Attacks Target XML-RPC Flaws in PHP Blogging Apps. Read more nwc.securitypipeline.com: Security-Spooked Users Slap Sony CD On Amazon. Read more www.mb.com.ph: Internet users warned against buying drugs online. Read more www.sundaymail.co.uk: 7000 DEAD MEN WALKING. Read more www.esecurityplanet.com: Insider Threats Giving IT Execs Nightmares. Read more www.theaustralian.news.com.au: Microsoft puts money on the box that does all at home alone. Read more news.com.com: Just Googling it is striking fear into companies. Read more news.com.com: Windows Live rooted in MSN's past. Read more news.com.com: Internet fathers get presidential medal. Read more news.bbc.co.uk: Film file-sharer sent to prison. Read more news.bbc.co.uk: Malaysia warned over pirated CDs. Read more news.bbc.co.uk: Google posts first books online. Read more

. 05 November 2005 Guides, Papers, etc www.securityfocus.com: Windows rootkits in 2005, part one. Read more www.microsoft.com: Microsoft Security Bulletin Advance Notification. Read more www.sec.gov: Online Brokerage Accounts: What You Can Do to Safeguard Your Money and Your Personal Information. Read more www.websensesecuritylabs.com: Phishing Alert / Malicious Code: PayPal Traffic Redirection. Read more www.iht.com: Digitally assured destruction. Read more www.icir.org: Detecting Backdoors. Read more www.icir.org: Preliminary Results Using ScaleDown to Explore Worm Dynamics. Read more blog.ziffdavis.com: By Larry Seltzer: Pascal String Abuse On The Mac. Read more www.wired.com: The Art of Privacy Invasion. Read more   Vulnerabilities & Exploits securitytracker.com: Cerberus Helpdesk Discloses Attachments and Tickets to Other Users. Read more securitytracker.com: Apple QuickTime Player Integer and Buffer Overflows Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: Serv-U FTP Server Can Be Crashed By Remote Users. Read more securitytracker.com: libungif NULL Pointer Dereference and Memory Access Error May Let Remote Users Execute Arbitrary Code. Read more securitytracker.com: F-Prot Antivirus Lets Remote Users Bypass the Scanning Engine with Specially Crafted ZIP Files. Read more securitytracker.com: Tomcat Server Lets Remote Users Deny Service By Making Multiple Directory Listing Requests. Read more securitytracker.com: PerlDiver 'module' Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Sony Music CD Hides Files, Directories, Registry Entries, and Process Names Unrelated to the CD Software. Read more securitytracker.com: F-Secure Anti-Virus for Microsoft Exchange Web Console May Disclose Files to Remote Users. Read more securitytracker.com: F-Secure Internet Gatekeeper Web Console May Disclose Files to Remote Users. Read more securitytracker.com: WhatsUp Small Business Input Validation Hole Lets Remote Users Traverse the Directory and View Files. Read more   News www.securityfocus.com: Malware now doing the DNS switcheroo. Read more www.securityfocus.com: Online stock trading warning issued. Read more www.eweek.com: Cisco IOS Hacker Finds Work at Juniper. Read more www.theregister.co.uk: Linspire will replace Windows with crippled Linux - cheap. Read more p2pnet.net: Did Sony CD Malware Violate U.S. Computer Fraud and Abuse Act? Read more www.theregister.co.uk: World of Warcraft hackers using Sony BMG rootkit. Read more informationweek.com: Sony Issues Patch As Hackers Pounce On Rootkit. Read more news.bbc.co.uk: The rootkit of all evil? Read more www.eweek.com: FDA Considers Web to Study Safe Prescribing. Read more blogs.technet.com: Microsoft Windows AntiSpyware is now���Windows Defender�. Read more www.eweek.com: Microsoft Patch Day: 1 'Critical' Bulletin on Tap. Read more blogs.msdn.com: IE Security Update Impact to Security and Compatibility. Read more www.vnunet.com: Phishing attack hits PayPal subscribers. Read more www.cnn.com: MIT maps wireless users across campus. Read more www.eweek.com: New York County Proposes Law to Enforce Wi-Fi Security. Read more

. 04 November 2005 Guides, Papers, etc www.securityfocus.com: Automatic graylisting of unwanted software. Read more research.microsoft.com: Reactive Patching: a viable worm defence strategy? Read more www.windowsecurity.com: Backing up and Restoring GPOs using the GPMC. Read more www.eweek.com: By Larry Seltzer: When Vendors Install Malware. Read more www.eweek.com: By Larry Loeb: The Evil Scientists vs. Cisco. Read more   Vulnerabilities & Exploits securitytracker.com: Cisco Airespace Wireless LAN Controller May Allow Use of Unencrypted Connections. Read more securitytracker.com: Cisco IOS System Timers May Permit Heap Overflow Exploitation. Read more www.debian.org: DSA-880-1 phpmyadmin -- several vulnerabilities. Read more www.debian.org: DSA-879-1 gallery -- programming error. Read more   News www.securityfocus.com: Suspected bot master busted. Read more www.securityfocus.com: World of Warcraft hackers using Sony BMG rootkit. Read more www.theregister.co.uk: Hidden DRM code's legitimacy questioned. Read more www.eff.org: Uproot Sony-BMG's Invasion of Your Privacy and Your Computer. Read more bigpicture.typepad.com: DRM Crippled CD: A bizarre tale in 4 parts. Read more www.informationweek.com: Adware Purveyor Claims Extortion By Own Distributor. Read more www.theregister.co.uk: Harmless Oracle worm raises security fears. Read more blogs.washingtonpost.com: Microsoft Calls for National Privacy Law. Read more www.betanews.com: Microsoft Buys Another VoIP Company. Read more www.theregister.co.uk: Crypto gurus hash out future. Read more www.theregister.co.uk: Teen escapes email bombing charge. Read more news.zdnet.co.uk: Security is your biggest IT Priority. Read more www.newswireless.net: WiFi Internet cafes "must have firewall" - Westchester County. Read more

. 03 November 2005 Guides, Papers, etc research.microsoft.com: On the Race of Worms, Alerts and Patches. Read more www.dailyitem.com: Phish finder: Don't fall for these schemes. Read more handlers.sans.org: MALWARE ANALYSIS QUIZ. Read more   Vulnerabilities & Exploits www.cisco.com: Cisco Security Advisory: IOS Heap-based Overflow Vulnerability in System Timers. Read more securitytracker.com: Sun Java System Communications Express Discloses Configuration File to Remote Users. Read more securitytracker.com: IBM WebSphere Session Manager Tracing May Disclose Potentially Sensitive Information. Read more securitytracker.com: Cisco IOS IPS Signatures May Be Disabled When Configured via the Cisco Management Center for IPS Sensors. Read more securitytracker.com: NetBSD Bugs in Kernel, Networking, and Application Code May Let Local Users Deny Service or Gain Elevated Privileges. Read more securitytracker.com: PHP Flaw in parse_str() May Let Remote Users Turn register_globals On. Read more securitytracker.com: PHP Input Validation Hole in phpinfo() in Processing Stacked Array Contents Lets Remote Users Conduct Cross-Site Scripting Attacks. Read more securitytracker.com: PHP Bug Lets Remote Users Overwrite the $GLOBALS Array. Read more securitytracker.com: HP OpenVMS Lets Local Users Crash the System. Read more   News www.freedom-to-tinker.com: CD DRM Makes Computers Less Secure. Read more www.theinquirer.net: Sony DRM is worse than you might think. Read more news.com.com: Sony to patch copy-protected CD. Read more www.securityfocus.com: Hidden DRM code's legitimacy questioned. Read more news.bbc.co.uk: Sony attacked over anti-piracy CD. Read more news.com.com: Microsoft patches may break Web sites. Read more news.com.com: Cisco squashes 'critical' Net attack bug. Read more www.msnbc.msn.com: Forget phish, start fumigating for RATs. Read more www.theregister.co.uk: SDBot raises IM security concerns. Read more www.computing.co.uk: Microsoft turns bounty hunter to fight IT crime. Read more www.businessweek.com: Invasion of the Stock Hackers. Read more news.bbc.co.uk: Microsoft hails 'strategic shift'. Read more www.theregister.co.uk: Swedish programmer in Greek spam probe protests innocence. Read more www.esecurityplanet.com: Barrage of Viruses Hits in October. Read more cooltech.iafrica.com: Light replaces electricity in PC chips? Read more www.wired.com: Putting Porn on Your IPod. Read more abcnews.go.com: Grandpa Is Sued Over Grandson's Downloads. Read more

. 02 November 2005 Guides, Papers, etc eusecwest.com: EuSecWest/core06 conference. Read more www.windowsecurity.com: Shells for Sale! (Part 2). Read more www.microsoft.com: Wireless Networking Improvements in Windows XP Service Pack 2. Read more   Vulnerabilities & Exploits securitytracker.com: Mac OS X Kernel May Disclose Memory Contents to Local Users. Read more securitytracker.com: Mac OS X Keychain Access May Display a Password. Read more securitytracker.com: Mac OS X memberd Membership Changes May Be Significantly Delayed. Read more securitytracker.com: Mac OS X Software Update Bug May Prevent Updates from Installing. Read more securitytracker.com: Mac OS X Finder May Display Misleading Ownership Information. Read more securitytracker.com: IBM AIX Buffer Overflow in chcon Command Has Unspecified Impact. Read more   News www.theregister.co.uk: Removing Sony's CD 'rootkit' kills Windows. Read more www.f-secure.com: The "Sony rootkit" case. Read more news.com.com: Sony CD protection sparks security concerns. Read more www.theregister.co.uk: October breaks malware production records. Read more www.securityfocus.com: Latest bot continues to aim for AIM users. Read more www.informationweek.com: Your Next IM Could Be Your Network's Last. Read more www.theregister.co.uk: Web hosted, ad-supported Windows: streaming to your PC. Read more news.com.com: Other companies in Microsoft's crosshairs. Read more www.redherring.com: Microsoft Puts Windows on Net. Read more news.bbc.co.uk: Google restarts online books plan. Read more software.silicon.com: Teenager in court over "email bomb" DoS attack. Read more

. 01 November 2005 Guides, Papers, etc www.sysinternals.com: Mark's Sysinternals Blog: Sony, Rootkits and Digital Rights Management Gone Too Far. Read more www.microsoft.com: 10 Immutable Laws of Security. Read more www.computerworld.com: Spyware's Pyramid Scheme or Anatomy of a Plague. Read more news.bbc.co.uk: Bill Gates talks about the competition and Microsoft's future. Read more blogs.msdn.com: IE7 Networking improvements in content caching and decompression. Read more   Vulnerabilities & Exploits securitytracker.com: phpBB Lets Remote Users Bypass the Global 'Deregistration' Code, Inject SQL Commands, Execute PHP Code, and Conduct Cross-Site Scripting Attacks. Read more securitytracker.com: chmlib Buffer Overflow in *_chm_find_in_PMGL() Lets Remote Users Execute Arbitrary Code. Read more securitytracker.com: Hyper Estraier Lets Remote Users View File Contents. Read more securitytracker.com: GNUMP3d Discloses Files on the Target System to Remote Users and Permits Cross-Site Scripting Attacks. Read more securitytracker.com: RockLiffe MailSite Express WebMail Discloses WebMail Files to Remote Users and Permits Cross-Site Scripting Attacks. Read more securitytracker.com: Novell ZENworks Patch Management Server May Let Remote Users Inject SQL Commands. Read more securitytracker.com: Fetchmail 'fetchmailconf' May Disclose Passwords to Local Users. Read more securitytracker.com: Solaris Management Console Enables HTTP TRACE Support By Default. Read more   News www.theregister.co.uk: Bill Gates donates $258m to fight bugs. Read more www.itnews.com.au: Researcher details more Microsoft patch missteps. Read more seattlepi.nwsource.com: At Microsoft, not just another day at Office. Read more www.facetime.com: Worm Propagating On AOL Instant Messenger Installs Rootkit. Read more www.technewsworld.com: AOL Wants to Pull Worm Out by Its Rootkit. Read more news.com.com: Evasion bug bites virus shields. Read more

Copyright� MegaSecurity.org