Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: 2006 Alerts - Q2

  1. #11
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow Sony rootkit settlement finalized

    FYI...

    - http://www.theregister.com/2006/05/2...it_settlement/
    23 May 2006
    "Federal courts have decided the penalty Sony BMG must suffer for exposing thousands of music fans' computers to hackers with dodgy DRM software last year. District court judge Naomi Reice Buchwald granted final approval for a settlement yesterday. Consumers will receive new malware and vulnerability-free CDs, a patch to remove the offending XCP or MediaMax code, and Sony will be dishing out free downloads. Electronic Frontier Foundation legal director Cindy Cohn said: "This settlement gets music fans what they thought they were buying in the first place: music that will play on all their electronic devices without installing sneaky software." Sony's pages about the settlement, including how to claim, are here*. The list of popular platters covered by the ruling is here**."

    * http://www.sonybmgcdtechsettlement.com/

    ** http://www.sonybmgcdtechsettlement.com/CDList.htm

    >>> http://www.eff.org/sony/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #12
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow Firefox and Thunderbird 1.5.0.4 released

    FYI...

    - http://isc.sans.org/diary.php?storyid=1377
    Last Updated: 2006-06-02 01:53:57 UTC
    "Versions 1.5.0.4 of both Thunderbird and Firefox were released by the Mozilla Corporation today. The release notes state that each contained "several security fixes"...
    >>> http://www.mozilla.org/download.html

    --------------------------------------------

    Fix lists...

    - http://www.mozilla.org/projects/secu...s.html#Firefox

    - http://www.mozilla.org/projects/secu...ml#Thunderbird

    - http://secunia.com/advisories/20376/
    Release Date: 2006-06-02
    Critical: Highly critical
    Impact: Security Bypass, Cross Site Scripting, System access
    Where: From remote
    Solution Status: Vendor Patch
    Solution: Update to version 1.5.0.4.
    http://www.mozilla.com/firefox/ ..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #13
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Yahoo Mail Worm Harvesting Addresses

    FYI...

    - http://www.techweb.com/wire/security/189400183
    June 12, 2006
    "A new worm targeting Yahoo's Web-based e-mail service bent on collecting addresses for a spam database has been spotted in the wild, a security company warned Monday. The "Yamanner" worm* exploits a JavaScript vulnerability in Yahoo's Web mail, Cupertino, Calif. security specialist Symantec said in a Monday morning warning to customers of its DeepSight Threat Management System. Yamanner is spreading, added Symantec, which has assigned the threat a "2" in its 1 through 5 rating system. The worm targets addresses with the "yahoo.com" and "yahoogroups.com" domains, and arrives as an HTML message containing JavaScript. As soon as the recipient views the message, the script automatically runs to spread the worm to other users in the Yahoo address book. The message will have a From" address of av3@yahoo.com and a Subject: of "New Graphic Site". "Harvested addresses from the address book are then submitted to a remote URL, which is likely to be used for a spam database," noted Symantec in its alert. Yamanner won't execute on the newest Yahoo Mail Beta. Until Yahoo patches the flaw, Symantec recommended users steer clear of the service or disable the browser's JavaScript capabilities before reading any Web mail."
    * http://www.sarc.com/avcenter/venc/da...amanner@m.html

    - http://isc.sans.org/diary.php?compare=1&storyid=1398
    Last Updated: 2006-06-12 19:40:36 UTC
    "...It was first reported to the ISC at 12:32 UTC and now appears to be circulating in two slightly different variants... both variants are flawed therefore they spread very effectively but do not actually perform the intended action. The mass-mailer attempts to open a browser window... but a spelling mistake prevents this from working. The website appears to be dormant and rejecting accesses. The release of a new version barely two hours after we started our analysis which partially fixes the first version indicates that the code is very much under development and you should assume that the remaining bugs will be rapidly ironed out.
    To activate the mass-mailer it is sufficient to open the mail message without clicking on the attachment and it will scour your address list and send itself as an attachment (forwarded message) to everyone on it. It searches for both @yahoo.com and @yahoogroups.com e-mail addresses. There is currently no trivial fix for Yahoo! mail as turning off Javascript on the browser will prevent you from reading your e-mail. For Yahoo! groups it is recommended that moderators/adminstrators turn off attachments for the time being to prevent this spreading further."
    -----------------------------------------------
    Update: http://isc.sans.org/diary.php?compare=1&storyid=1398
    Last Updated: 2006-06-12 20:51:32 UTC ...(Version: 4)
    "...Yahoo! mass-mailer is currently making the rounds with a subject of "[random word] New Graphic site"... The mass-mailer also submits data to a page on av3.net but basic timing analysis on the response time seems to indicate that there is no difference between an access to the page without parameters or with the slew of parameters which are generated by the mass-mailer. This does not necessarily mean that the data is not being pharmed there and it is being investigated further... Note that this is not a binary attachment but a set of nested forwarded messages which are sent as an attachment in RFC2822 format... A long-term fix is apparently to migrate your Yahoo! e-mail to the Yahoo! Mail beta service although those who have already migrated mention that it is not a painless task..."
    -------------------------------------------------------------
    Update v5: http://isc.sans.org/diary.php?storyid=1398
    Last Updated: 2006-06-12 21:19:00 UTC ...(Version: 5)
    "...Update: Yahoo! is aware of the issue and is working on a fix, in their words "Yahoo! Mail is blocking most of these messages, and is working on a fix."

    :(
    Last edited by AplusWebMaster; 2006-06-13 at 01:42. Reason: Updated info from ISC...
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #14
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Angry Malware Volume To Double By 2008

    FYI...

    - http://www.techweb.com/wire/security/190300666
    July 06, 2006
    "..."It's remarkable that it took 18 years for our database to reach 100,000 malicious threats, and just under two years to double to 200,000," said Stuart McClure, senior vice president of research and threats, in a statement. "Hackers are releasing threats faster than ever before, with 200 percent more malicious threats per day than two years ago." McAfee added the 100,000th threat to its database in September 2004. At the current pace -- 2006 should see more than 60,000 new threats, up from the 56,000 during 2005 -- the 400,000 barrier should be broken in under two years, McAfee said."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •