- 4chan hell raisers finding fame brings heat?
- The 10 dumbest mistakes network managers make
- NetApp quits bidding war in face of EMC opposition
- CompuServe closes after 30 years
- Google to launch open-source Chrome OS this year
Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.
Chinese blogs detail zero-day flaw in Microsoft Works
Chinese-language blogs are detailing a zero-day vulnerability in Microsoft Works, the company's lower-end office productivity
suite, according to security vendor McAfee. The vulnerability is within an ActiveX control for the Works' Image Server, wrote
McAfee analyst Kevin Beets. A PC would need to visit a Web site engineered to exploit the flaw, Beets wrote.
McAfee Avert Labs blog: Potential Microsoft Works ActiveX Zero-Day Surfaces
Microsoft rings alarm on Windows rights bug
Microsoft Corp. yesterday issued a security alert to warn users of a bug in most versions of Windows, but didn't promise to
fix the flaw or -- if it does patch the problem -- say when a fix would be released. Computerworld, 04/18/08.
Microsoft: Vulnerability in Windows Could Allow Elevation of Privilege
**********
Seven new patches from Gentoo:
PowerDNS Recursor (DNS cache poisoning)
Adobe Flash Player (multiple flaws)
PHP Toolkit (data leak, denial of service)
rsync (buffer overflow, code execution)
**********
Two new updates from Ubuntu:
Squid (denial of service)
**********
Six new fixes from Debian:
mplayer (input sanitization, code execution)
ClamAV (buffer overflows, code execution)
openoffice.org (multiple flaws)
**********
Three new patches from Mandriva:
ClamAV (buffer overflows, code execution)
policykit (format string, denial of service)
**********
Today's malware news:
Loads.CC Bot Still Live, Still Targeted
Enough has been written about the Loads.CC team to probably give you enough of a picture that you need to know. Some reports
suggested they went away, but they didn't. They’re still active. See these reports by RBN exploit, CIO magazine, 2-viruses.com,
this PC Week article by Scott B, and Adam T for a good background. The team is still quite active. Security to the Core blog,
04/17/08.
Rock Phish gang adds second punch to phishing attacks
A notorious online gang known for its prolific phishing operations has expanded its means of attack, potentially putting more
PC users at risk of losing personal data. IDG News Service, 04/21/08.
**********
From the interesting reading department:
MySpace hack reveals profile visitors
A security problem with MySpace has the potential to botch up law-enforcement efforts to track bad actors on the social-networking
site. IDG News Service, 04/17/08.
SANS solves mystery of mass Web site infections
The SANS Institute has uncovered what they've termed a "rare gem" as far as computer security investigations go that sheds
new light on how up to 20,000 Web sites have been hacked since January. IDG News Service, 04/17/08.
SANS ISC blog: The 10.000 web sites infection mystery solved
PayPal to block users with old browsers to cut back phishing
PayPal, eBay's electronic payment service, plans to take the dramatic step of locking out people using older versions of Web
browsers in order to stem phishing attacks. IDG News Service, 04/18/08.
5 Ways to Molest Internet Users
A good bit of the attention garnered by DMK's ToorCon presentation focused on how ISPs are employing Provider-In-The-Middle
Attacks (PITMAs) to collect ad-related revenue from their customers, and how security "of the web" ends up being fully gated
by the security of the ad server folks. While I completely agree with this, I would emphasize (as DMK did subtly note) that,
even for the attacks DMK outlined, you do NOT have to be the ISP/packet data path at all to molest Internet users, just in
the DNS "control path". Security to the Core blog, 04/20/08.
When the inside threat is from outsiders
With the economy being so shaky right now, my company has put a freeze on hiring and we are currently using temporary contractors
to fill certain positions. It seems that outsiders are the new insiders. Any tips on best practices for making sure contractors
have what they need, but can't take sensitive information out the door when the job is done? Network World, 04/21/08.
U.K. phishing attacks double
Phishing attacks on U.K. consumers have more than doubled for the first quarter of this year, according to Apacs, the U.K.
payment association. TechWorld, 04/18/08.
EarthLink redirect service poses security risk, expert says
A vulnerability in servers used by EarthLink to handle mistyped Web page requests may have allowed attackers to launch undetectable
phishing attacks against any Internet site, according to a noted Internet security researcher. IDG News Service, 04/19/08.
Jason Meserve is multimedia editor at Network World.
Comment