http://www.freerepublic.com/tag/exploit/ en-us Wed, 30 Jan 2008 18:20:42 GMT Focus Forum 15 http://www.freerepublic.com/focus/f-news/1962106/posts Security researchers yesterday said they'd discredited Microsoft's claim that the year's first critical Windows vulnerability would be "difficult and unlikely" to be exploited by attackers. On Tuesday, Immunity Inc. updated a working exploit for the TCP/IP flaw spelled out Jan. 8 in Microsoft's MS08-001 security bulletin, and posted a Flash demonstration of the attack on its Web site. The exploit, which was released to customers of its CANVAS penetration testing software -- but is not available to the public -- was a revised version of code first issued two weeks ago. "This demonstrates conclusively that the MS08-001 IGMPv3 vulnerability is... ComputerWorld http://www.freerepublic.com/focus/f-news/1962106/posts#comment Wed, 30 Jan 2008 18:20:42 GMT http://www.freerepublic.com/focus/f-news/1954029/posts Fourteen-year-old Cara and her 15-year-old cousin, Stacy (not their real names) walked out of their homes in Toledo, Ohio on a rainy May day in 2005 to get milkshakes. A few blocks away, a couple driving a Lincoln Continental pulled alongside the cousins and asked if they wanted a lift. Believing the man’s claim to be a schoolmate’s father, the girls stepped into the car — and entered a nightmare world of sexual slavery. The couple drove the girls to a house and locked them in. As their families frantically searched for them, the teens were sold over and over... National Review http://www.freerepublic.com/focus/f-news/1954029/posts#comment Tue, 15 Jan 2008 14:55:08 GMT http://www.freerepublic.com/focus/f-news/1917385/posts E-mails containing malicious PDF files have been putting computers at risk since Friday, Finnish security software firm F-Secure said on Saturday. "The e-mails sent in bulk looked like credit card statements, and contained an attachment called 'report.pdf'," its Chief Research Officer Mikko Hypponen said in a statement. When such PDF files are viewed on vulnerable machines, they start downloading software from servers in Malaysia or Sweden, which are now being cleaned, he said. "There will be more such attacks." "We are worried about this case, as PDF attachments are typically not filtered at e-mail gateways." A security update for Adobe... ZDNet http://www.freerepublic.com/focus/f-news/1917385/posts#comment Sun, 28 Oct 2007 00:40:16 GMT http://www.freerepublic.com/focus/f-chat/1783825/posts There is a major zero day bug announced in solaris 10 and 11 with the telnet and login combination. It has been verified. In my opinion NOBODY be should running telnet open to the internet. Versions of Solaris 9 and lower do not appear to have this vulnerability. The issue: The telnet daemon passes switches directly to the login process which looks for a switch that allows root to login to any account without a password. If your telnet daemon is running as root it allows unauthenticated remote logins. Telnet should be disabled. Since 1994 the cert.org team has recommended... SANS http://www.freerepublic.com/focus/f-chat/1783825/posts#comment Tue, 13 Feb 2007 06:35:07 GMT http://www.freerepublic.com/focus/f-news/1705977/posts Exploits against the unpatched vulnerability in Microsoft's Internet Explorer are increasing and attackers are gathering momentum, researchers said Thursday. They warned that the problem would become worse if cyber criminals attack via e-mail next. "It might come to nothing, but it feels like a storm's coming," said Roger Thompson, the chief technology officer at Exploit Prevention Labs. "The potential is there. Call it a storm watch, not a storm warning." At least two different exploits have appeared this week, said Thompson, one linked to the Russian-made hacker exploit kit called WebAttacker, the other posted early Thursday on the xSec gray-hat... TechWeb http://www.freerepublic.com/focus/f-news/1705977/posts#comment Fri, 22 Sep 2006 00:31:55 GMT http://www.freerepublic.com/focus/f-news/1705072/posts Although Microsoft has acknowledged that in-the-wild exploits are taking advantage of an unpatched flaw in Internet Explorer, the developer has not committed to cranking out a fix before next month's regularly-scheduled update on Oct. 10. Users who want to protect themselves now, however, do have options. Disable the vulnerable .dll: In the security advisory posted yesterday, Microsoft suggested that users can disable the vulnerable "Vgx.dll" from the command line. -- Click Start, choose Run, and then type -- regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll -- Click OK, then click OK again in the confirmation dialog that appears. To undo the command,... TechWeb http://www.freerepublic.com/focus/f-news/1705072/posts#comment Wed, 20 Sep 2006 19:41:51 GMT http://www.freerepublic.com/focus/f-news/1704561/posts An unpatched vulnerability in all editions of Microsoft's Internet Explorer browser is being exploited, security researchers said Tuesday, with the attack dumping a broad range of adware, spyware, and Trojans onto PCs whose users simply surf to an infected or malicious site. First reported by Sunbelt Software -- although rival Internet Security Systems claimed it was the first to discover the bug -- the vulnerability is in how IE renders VML (Vector Mark-up Language), an extension of XML that defines on-the-Web images in vector graphics format. The previously unknown -- and thus unpatched -- bug inside IE is already being... TechWeb http://www.freerepublic.com/focus/f-news/1704561/posts#comment Wed, 20 Sep 2006 00:36:00 GMT http://www.freerepublic.com/focus/f-chat/1652816/posts Attack code for a new security hole in Excel has surfaced on the Internet, just as Microsoft is scrambling to respond to a separate bug in the spreadsheet program. The latest vulnerability could cause Excel to crash after a malicious file is opened, according to an alert Symantec sent to customers on Monday. The security company also said there was a risk that an intruder could commandeer a PC. "Attackers may also be able to execute arbitrary code…but this has not been confirmed," it said. The security hole exists because Excel fails to properly check user-supplied input before copying it... CNET News.com http://www.freerepublic.com/focus/f-chat/1652816/posts#comment Wed, 21 Jun 2006 02:47:56 GMT http://www.freerepublic.com/focus/f-chat/1604381/posts A dangerous new exploit in Internet Explorer could put PCs and data at risk, Microsoft has admitted. The flaw, for which code has already been published on the internet, could be exploited to set an email-borne virus free on the unsuspecting public. Potential viruses could come as an attachment that conceals the code, or could possibly redirect users to a site that will unleash the code on the user's machine, leaving the computer open to remote attack. Once the PC is being controlled by a malicious user, it can then be used to launch attacks on other PCs. Even supposedly... theregister.co.uk http://www.freerepublic.com/focus/f-chat/1604381/posts#comment Tue, 28 Mar 2006 02:58:48 GMT http://www.freerepublic.com/focus/f-news/1589886/posts Windows Vista won't have a backdoor that could be used by police forces to get into encrypted files, Microsoft has stressed. In February, a BBC News story suggested that the British government was in discussions with Microsoft over backdoor access to the operating system. A backdoor is a method of bypassing normal authentication to gain access to a computer without to the PC user knowing. But Microsoft has now quelled the suggestion that law enforcement might get such access. "Microsoft has not and will not put 'backdoors' into Windows," a company representative said in a statement sent via e-mail. The... Cnet http://www.freerepublic.com/focus/f-news/1589886/posts#comment Sat, 4 Mar 2006 14:22:54 GMT http://www.freerepublic.com/focus/f-news/1559010/posts This is a transcript from a show Steve Gibson did with Leo LaPorte. The link to the audio is at the above link. Also, I will excerpt a little of the relevant information here.Steve: And so, you know, because I'm a developer when I'm not being a hacker, I wanted to understand - oh, and the other thing is, I want to write a robust testing application, you know, that always works all the time. So I wanted to know, like, okay, what bytes have to be set which way, what matters, what doesn't. Because, you know, that's the way... Security Now! http://www.freerepublic.com/focus/f-news/1559010/posts#comment Mon, 16 Jan 2006 17:48:37 GMT http://www.freerepublic.com/focus/f-news/1550547/posts Looking forward to the week ahead, I find myself in the very peculiar position of having to say something that I don't believe has ever been said here in the Handler's diary before: "Please, trust us." I've written more than a few diaries, and I've often been silly or said funny things, but now, I'm being as straightforward and honest as I can possibly be: the Microsoft WMF vulnerability is bad. It is very, very bad. The SANS Institute http://www.freerepublic.com/focus/f-news/1550547/posts#comment Mon, 2 Jan 2006 13:07:56 GMT http://www.freerepublic.com/focus/f-news/1551217/posts Excerpt - NEW YORK -(Dow Jones)- Microsoft Corp. (MSFT) plans to release a patch for a new security flaw at its next scheduled update release on Jan. 10, leaving users largely unprotected until then from a rapidly spreading computer virus strain. "Microsoft's delay is inexcusable," said Alan Paller, director of research at computer security group SANS Institute. "There's no excuse other than incompetence and negligence." "It's a problem that there's no known solution from Microsoft," said Alfred Huger, senior director of engineering at Symantec Corp.'s (SYMC) security response team. SANS Institute, via its Internet Storm Center, has taken the unusual... Dow Jones News Service (excerpt) http://www.freerepublic.com/focus/f-news/1551217/posts#comment Tue, 3 Jan 2006 19:42:23 GMT http://www.freerepublic.com/focus/f-news/1550822/posts Computer security experts were grappling with the threat of a newweakness in Microsoft’s Windows operating system that could put hundreds of millions of PCs at risk of infection by spyware or viruses. The news marks the latest security setback for Microsoft, the world’s biggest software company, whose Windows operating system is a favourite target for hackers. “The potential [security threat] is huge,” said Mikko Hyppönen, chief research officer at F-Secure, an antivirus company. “It’s probably bigger than for any other vulnerability we’ve seen. Any version of Windows is vulnerable right now.” The flaw, which allows hackers to infect computers using... Financial Times via Drudge http://www.freerepublic.com/focus/f-news/1550822/posts#comment Mon, 2 Jan 2006 23:54:03 GMT http://www.freerepublic.com/focus/f-news/1549982/posts * New exploit released for the WMF vulnerability - YELLOW (NEW) Published: 2006-01-01, Last Updated: 2006-01-01 00:06:40 UTC by Tom Liston (Version: 6(click to highlight changes)) New exploit On New Year's eve the defenders got a 'nice' present from the full disclosure community. The source code claims to be made by the folks at metasploit and xfocus, together with an anonymous source. The exploit generates files: * with a random size; * no .wmf extension, (.jpg), but could be any other image extension actually; * a random piece of junk in front of the bad call; carefully crafted to be... SANS http://www.freerepublic.com/focus/f-news/1549982/posts#comment Sun, 1 Jan 2006 00:26:16 GMT http://www.freerepublic.com/focus/f-news/1548350/posts This alert is a follow-up to a post made yesterday on our blog: http://www.websensesecuritylabs.com/blog/ Websense® Security Labs™ has discovered numerous websites exploiting an unpatched Windows vulnerability in the handling of .WMF image files. The websites which have been uncovered at this point are using the exploit to distribute Spyware applications and other Potentially Unwanted Soware. The user's desktop background is replaced with a message warning of a spyware infection and a "spyware cleaning" application is launched. This application prompts the user to enter credit card information in order to remove the detected spyware. The background image used and the "spyware... Websense Security Labs http://www.freerepublic.com/focus/f-news/1548350/posts#comment Wed, 28 Dec 2005 22:55:03 GMT http://www.freerepublic.com/focus/f-news/1548427/posts Security researchers have released instructions for exploiting a previously unknown security hole in Windows XP and Windows 2003 Web Server with all of the latest patches applied. Washington ComPost http://www.freerepublic.com/focus/f-news/1548427/posts#comment Thu, 29 Dec 2005 01:45:47 GMT http://www.freerepublic.com/focus/f-chat/1539269/posts If you use the Firefox browser .. read this !! .. Two vulnerabilities in the popular Firefox browser have been rated "extremely critical" because exploit code is now available to take advantage of them. The cross-site scripting and remote system access flaws were discovered in Firefox version 1.0.3, but other versions may also be affected, said security company Secunia, which issued the ratings Sunday. ZDnet http://www.freerepublic.com/focus/f-chat/1539269/posts#comment Tue, 13 Dec 2005 04:14:49 GMT http://www.freerepublic.com/focus/f-news/1536740/posts Exploit code for the latest version of open-source browser Firefox was published Wednesday, potentially putting users at risk of a denial-of-service attack. The exploit code takes advantage of a bug in the recently released Firefox 1.5, running on Windows XP with Service Pack 2. Firefox, which initially debuted over a year ago, has moved swiftly to capture 8 percent of the browser market. The latest Firefox flaw exists in the history.dat file, which stores information from Web sites users have visited with the Firefox 1.5 browser, according to a posting on the Internet Storm Center, which monitors online threats. "If... Cnet http://www.freerepublic.com/focus/f-news/1536740/posts#comment Fri, 9 Dec 2005 00:06:06 GMT http://www.freerepublic.com/focus/f-news/1535418/posts I hate vanity posts, but I am wondering if anyone in FR land knows anything about the Spy Axe 3.0 virus. It has set up shop in my toolbar and has hijacked my home page. eTrust isn't touching it. Help?!?! My PC http://www.freerepublic.com/focus/f-news/1535418/posts#comment Wed, 7 Dec 2005 04:16:34 GMT http://www.freerepublic.com/focus/f-news/1535370/posts My computer apparently picked up a virus from spyaxe.net. I have a pop-up window saying I have spyware and "it is recommended to use antispyware tools to prevent data loss." Everytime I close the popup it pops up again. I got tired of closing it and installed it then removed it with "Add/Remove Software" in the control panel. The pop-up is back. Can anyone help? http://www.freerepublic.com/focus/f-news/1535370/posts#comment Wed, 7 Dec 2005 02:38:12 GMT http://www.freerepublic.com/focus/f-chat/1531416/posts Microsoft acknowledged Tuesday that malicious software targeting an unpatched bug in Internet Explorer is on the loose, and urged users to run a complete system scan on its new Windows Live Safety Center -- which has a quirk of its own -- to detect and delete the code. In an update of a security advisory issued Nov. 21, Microsoft noted that both proof-of-concept code and an exploit are in circulation. The exploit can compromise PCs running IE on a host of the company's operating systems, including Windows 98, Windows Me, Windows 2000, and Windows XP. The bug, which was reported... TechWeb News http://www.freerepublic.com/focus/f-chat/1531416/posts#comment Wed, 30 Nov 2005 19:42:46 GMT http://www.freerepublic.com/focus/f-news/1524860/posts Sony's controversial copy-protection scheme had been in use for seven months before its cloaking rootkit was discovered, leading one analyst to question the effectiveness of the security industry. "[For] at least for seven months, Sony BMG Music CD buyers have been installing rootkits on their PCs. Why then did no security software vendor detect a problem and alert customers?" asked Joe Wilcox, an analyst with JupiterResearch. "Where the failure is, that's the question mark. Is it an indictment of how consumers view security software, that they have a sense of false protection, even when they don't update their anti-virus and... TechWeb News http://www.freerepublic.com/focus/f-news/1524860/posts#comment Fri, 18 Nov 2005 23:16:07 GMT http://www.freerepublic.com/focus/f-news/1523760/posts When the news first broke in the mainstream press that Windows expert and blogger Mark Russinovich (he wrote a book about Windows for Microsoft) had found that Sony's anti-piracy efforts had gone too far and that Sony's DRM was installing an undetectable rootkit on customers' computers which they couldn't safely remove, the first reaction from Microsoft was guarded. They were concerned, they said, and were evaluating what, if anything, to do: Microsoft, which also ships an anti-spyware program, recently renamed "Windows Defender," hasn't yet decided whether it will also flag the Sony DRM software as malicious code, the spokesperson said.... Groklaw http://www.freerepublic.com/focus/f-news/1523760/posts#comment Thu, 17 Nov 2005 14:09:52 GMT http://www.freerepublic.com/focus/f-news/1522663/posts More than one-half million networks infected by Sony including U.S. military and various countries. Dan Kaminsky, http://www.doxpara.com/ ,is the expert who broke this and did the work. His U.S. and Europe infection maps are shown below and are frightening. Dan did a hell of a good job. Search Google News for "sony numbers trouble" for more in an excellent article today that is very worth reading. Welcome to Planet Sony http://www.freerepublic.com/focus/f-news/1522663/posts#comment Tue, 15 Nov 2005 21:43:21 GMT