Microsoft investigates new Windows zero-day flaw
,----[ Quote ]
| Bill Sisk, security response communications manager for Microsoft, said in an
| email Thursday evening that the flaw allows for privilege escalation from
| authenticated user to LocalSystem in Windows XP, Windows Server 2003, Windows
| Vista, and Windows Server 2008.
`----
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1310249,00.html
ActiveX module in Microsoft Works opens up security hole
,----[ Quote ]
| A demonstration of a security hole in the Microsoft Works Image Server
| (WkImgSrv.dll) ActiveX module contained in the Microsoft Works office suite
| has appeared on the Bugtraq mailing list. The demo appears to only cause a
| system crash. McAfee, however, has already found fully functional exploits
| which allow attackers to inject vulnerable systems with malicious code via
| specially crafted web pages.
`----
http://www.heise-online.co.uk/security/ActiveX-module-in-Microsoft-Works-opens-up-security-hole--/news/110563
Microsoft rings alarm on Windows rights bug
,----[ Quote ]
| Microsoft Corp. yesterday issued a security alert to warn users of a bug in
| most versions of Windows, but didn't promise to fix the flaw or -- if it does
| patch the problem -- say when a fix would be released.
`----
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=operating_systems&articleId=9078959&taxonomyId=89&intsrc=kc_top
Recent:
Bots rule in cyberspace
,----[ Quote ]
| USA TODAY REPORTS that on an average day, 40 per cent of the 800 million
| computers connected to the Internet are bots used to send out spam, viruses
| and to mine for sensitive personal data.
`----
http://www.theinquirer.net/gb/inquirer/news/2008/03/17/bots-rule-cyberspace
http://www.usatoday.com/tech/news/computersecurity/2008-03-16-computer-botnets_N.htm
Botnets Running Rampant
,----[ Quote ]
| How much money is being stolen by cybercriminals? No one knows, and no one
| even knows how to go about coming up with that number, IronPort's Peterson
| said.
`----
http://www.pcworld.com/businesscenter/article/144489/botnets_running_rampant.html
New Massive Botnet Twice the Size of Storm
,----[ Quote ]
| Damballa predicts that even now that Kraken has been outed, it will continue
| growing at least in the near-term -- up to at least 600,000 new bots by
| mid-April. Its bots are prolific, too: The firm has seen single Kraken bots
| sending out up to 500,000 pieces of spam in a day.
`----
http://www.darkreading.com/document.asp?doc_id=150292&WT.svl=news1_1
New Zealand teenager convicted over international cyber crime ring
,----[ Quote ]
| Owen Thor Walker, 18, known by his online name "AKILL," was involved in a
| network accused of infiltrating 1.3 million computers and skimming millions
| of dollars from victims' bank accounts.
`----
http://news.smh.com.au/new-zealand-teenager-convicted-over-international-cyber-crime-ring/20080301-1vzs.html
Internet has a garbage problem, researcher says
,----[ Quote ]
| Somewhere between 1 percent and 3 percent of all traffic on the Internet is
| meaningless packets of information, used in distributed denial of service
| attacks (DDOS) to knock Web sites offline.
`----
http://www.linuxworld.com.au/index.php/id;1488056707
Spam blights e-mail 15 years on
,----[ Quote ]
| More than 90% of all e-mail is spam, according to anti-spam body Spamhaus.
|
| "Spam is a real life arms race," said Mark Sunner, chief analyst at online
| security firm Message Labs.
|
| Billions of spam e-mails are sent each day, blocking mail servers, slowing
| down networks, infecting people's computers with viruses, helping hijack
| machines and generally making the internet a painful experience for many.
`----
http://news.bbc.co.uk/1/hi/technology/7322615.stm
No April Fools'--Storm worm is back
,----[ Quote ]
| The compromised computer will then install the downloaded file as C:
| \WINDOWS\aromis.exe. Nazario reports that the botnet file opens the firewall
| using the netsh firewall set command, makes a lot of outbound connections,
| then listens on a random UDP port.
`----
http://www.news.com/8301-10789_3-9906880-57.html?part=rss&subj=news&tag=2547-1_3-0-20
What spooks Microsoft's chief security advisor
,----[ Quote ]
| Speaking at the Boston SecureWorld conference Wednesday, the 19-year
| Microsoft veteran whose job includes protecting enterprises, developers and
| Microsoft itself said there actually is plenty of good news on the security
| front. For example, his outfit scans a half million devices (with customer
| permission) per month and in the first half of last year saw the first
| period-over-period decline in new vulnerabilities disclosed across Microsoft
| and non-Microsoft software since 2003.
|
| However, 3,400 new vulnerabilities were discovered and “it’s still a big
| number,” Arsenault says. “So if vulnerability rates are down, where are
| they?”
`----
http://www.networkworld.com/news/2008/032608-microsoft-security-concerns.html
Botnet farmers play the international exchange game
,----[ Quote ]
| Selling "installs" is a common practice in the cyber-underworld, the most
| notable example being in 2005 when Jeanson Ancheta was arrested for building
| a 400,000-strong botnet and installing adware from 180 solutions for a fee of
| $60,000.
`----
http://www.channelregister.co.uk/2008/03/19/botnet_spyware_scam/
DSL Reports back up after DDoS attack
,----[ Quote ]
| At least 1,100 bot-infested machines took part in the assault, which at one
| point directed nearly 48MBps of malicious data at the site.
`----
http://www.theregister.co.uk/2008/03/19/dslreports_under_ddos_attack/
|
|