Posted by Jaime Raphael Licauco, CISSP, GSEC on December 2, 2008
A rootkit was found in an Enterprise Information Security software, reports Heise Security and The Register.
Another vulnerability was found in the popular VLC media player. So if you can, update.
The Chicago Tribune reports that a new round of cyber attacks has the Pentagon worried. They normally get a whole number of attacks per day, however, the magnitude and way the new attacks are being done are apparently designed to specifically attack military networks. Heise also covers the same topic here and here.
The Linux on iPhone project has released the first results of its project.
Anti-virus seems to be ineffective versus new malware that makes zombies out of PCs. Stuart Staniford talks about it in his blog.
WordPress update fixes XSS vulnerability.
Google denies security hole in GMail.
Microsoft adds malware detection to its Webmaster tools. Speaking of Microsoft, a new windows worm builds a massive botnet worth around half a million computers and growing.
For the first time, Apple quietly recommended Anti Virus software in a technote. About.com has Mac Anti-Virus recommendations. iAntivirus and ClamXav are free.
Posted in News, vulnerability | Tagged: Antivirus, apple, bot, botnet, Gmail, iphone, malware, Microsoft, tools, vlc, webmaster, worm | Leave a Comment »
Posted by Jaime Raphael Licauco, CISSP, GSEC on November 7, 2008
Newsweek reports that both the Obama and McCain camps had computers that were hacked. This is apparently also around the time Gov. Palin’s Yahoo account got hacked (details of how the hacker got into Palin’s account are here). SecurityFocus reports on the hack here.
On a related topic, SCMagazineUS reports that hackers began spreading malware soon after Obama got elected. In the typical bait-and-switch method of social engineering, spam e-mails that were supposed to contain a link to Obama’s “amazing speech” were actually links to trojans.
New critical vulnerabilities were found for the popular VLC media player. However the Window’s version has not been updated to close the said vulnerabilities. Workarounds can be found in a Heise Security report.
Heise Security also reports that the BotHunter tool has been updated with the new features listed here. The tool helps network administrators find out if their network has zombie computers.
There are now more worms that exploit the MS08-67 Critical vulnerability that was reported last month. So if your Windows system uses the “Server” service, you’ll hopefully have it patched soon. For home users that do not need this dis-service, they can easily disable it, by going to services.msc while using their Admin account.
Posted in News, vulnerability | Tagged: bothunter, critical, e-mail, hack, malware, mccain, Microsoft, obama, palin, Server, service, social engineering, vlc, vulnerability, Windows, yahoo, zombie | Leave a Comment »
InfoSec Philippines 