Skip Links

DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Security

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library.  Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Audio

Crackin' the Kraken bot. Listen now!

Network World's Newsmaker of the Week

Wireless dangers at airports. Listen now!

Network World Panorama

Additional Resources

RSS

FEATURED REPORTS

Executive Guide: Storage Heats Up HP

Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.

IT Buyer's Guides

View All Buyer's Guides

Free Newsletters

Sign up and receive the latest news, reviews and trends on your favorite technology topics

Save The Date!
What They Are Saying

what is wrong with you dont you like to read two inch text articles?- Anon3233

Join the Discussion

CA users targeted by attackers

Patches from Mandriva, Gentoo, Debian, others Sophos warns of Mac Trojan malware Deep Throat Fight Club, and other interesting reading
Security: Threat Alert By Jason Meserve , Network World , 04/03/2008
  • Social Web 
  • Email 
  • Feedback 
  • Close

New exploit targets corporate CA users
An exploit specifically targeting corporate Computer Associates users has been created some three weeks after a critical vulnerability was identified. The attack uses an ActiveX Control buffer overflow vulnerability present in 21 CA products, including BrightStor ARCServe Backup for Laptops and Desktops, Unicentre Remote Control, Software Delivery, Asset Management, Desktop Management Bundle and Desktop Management Suite. Computerworld, 04/01/08.
**********

Mandriva, Gentoo patch CUPS vulnerabilities

Multiple flaws have been found in CUPS, the most serious of which could be exploited to run malicious code on an affected machine. Both Gentoo and Mandriva are out with patches for the problem.

Mandriva

Gentoo
**********

Two new patches from Debian:

xine-lib (multiple flaws)

iceweasel (multiple flaws)
**********

Two new updates from rPath:

lighttpd (denial of service)

Firefox (multiple flaws)
**********

Today's malware news:

Mebroot Spreading through High-Traffic, Compromised Web Sites
Symantec is tracking more and more high-traffic Web sites that become compromised and then used to spread malicious code. After the breach our MSS team spotted out on Tata, we have been notified of another Web site with a similar issue. Symantec Security Response blog, 04/02/08.

Office exploit hits the street
Attack code that targets a recently patched vulnerability in Microsoft Corp.'s Office suite has gone public, a security company said today as it urged users to update immediately. Computerworld, 03/31/08.

Stormy April Fool's Day
A wave of April Fool's Day related Storm mails have just been sent out. Similar as the other times with a link that points to an IP address. F-Secure blog, 03/31/08.

Unusual banking trojan found today
We've seen tons of banking trojans lately, but now we've run into something quite unique. This new banking trojan was found today from a drive-by-download site. We've added detection for it as Win32.Pril.A. It not only infects the MBR of the machine, but also reflashes the boot code in the Flash BIOS, making disinfection problematic. F-Secure blog, 04/01/08.

1 | 2 |  Next >
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.
First Name
Last Name
E-mail
Zip Code