|
|
| Page 1 of 2 |
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
 Posted: Sun, 6th Feb 2005 10:18 Post subject: The official security F.A.Q and news thread |
|
 |
Let's keep anything regarding discussions about viruses, worms and spyware in this thread.
Links
Linux
- Debian hardened (Hardened Debian/Debian Hardened is a project that brings to Debian GNU/Linux high security & hardening features, hardened kernels, packages and enhanced toolchain, the DHKP kernel patches and other cryptography-related enhancements.)
- Securing Debian manual (Instructions of how to secure Debian linux)
- Passphrases (How to use passphrases)
- OpenPGP website (Main realm for the OpenPGP encryption)
- Linux firewall tools (How to's and links for firewall) security for Linux)
- F-Prot Linux antivirus (Free Linux anti virus prog)
General
Answers to common questions and problems
Windows
[list]
[*]What can I do against all these trojans, viruses and spyware?
Get a firewall. I would recommend a hardware one like a home router. If you don't feel like buying that get a software one like Outpost firewall. To get rid of spyware, viruses and trojans I highly recommend you to get Nod32 and Microsoft antispyware. These three apps have been announced as "best in test" at several places and are well known. And please try to stay away from McAfee, Symantec, Zonealarm and Lavasoft Adaware.
[/list]
[sYn] - Killed, over 2 years old.
by RaZoR1394 - Updated 2005-03-29
Last edited by razor1394 on Wed, 30th Mar 2005 09:54; edited 18 times in total
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Fri, 11th Feb 2005 15:44 Post subject: |
|
|
| Quote: |
Microsoft Corp. is investigating attempts to attack the company's newly released program to remove spyware from computers running its Windows operating system.
Stephen Toulouse, a Microsoft security program manager, said the attack, known as "Bankash-A Trojan," could attempt to disable or delete the spyware removal tool and suppress warning messages. It also may try to steal online banking passwords or other personal information through a keystroke tracker.
To be attacked, Toulouse said, a user would have to be fooled into opening an e-mail attachment that would then start the malicious program. He said the company had not seen any evidence so far that the attack is widespread.
Toulouse said Microsoft was recommending that users who believe they might be attacked use antivirus software, such as products made by Symantec Corp. or McAfee Inc., to try to remove it.
Microsoft has said it plans to offer its own antivirus software for sale, but it has not yet set a date for that release.
Microsoft AntiSpyware is being offered in test form, and about 6 million people have downloaded it so far.
The free product aims to help users find and remove spyware, which are programs that can secretly monitor a users' Internet surfing habits, spew out relentless pop-up ads and slow computer performance. |
Source -> http://news.com.com/Microsoft+probes+anti-spyware+Trojan/2100-7349_3-5571362.html?tag=nefd.top
Source 2 -> http://news.bbc.co.uk/1/hi/technology/4256379.stm
 If there are such security holes in a antispyware product. Something must be really wrong over there. How come the original Giant product aint affected? Hummm.
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 11th Feb 2005 18:27 Post subject: |
|
|
Respect to Microsoft for bringing out this tool.
its a shame its got vulnerabilities, but as soon as the big giant introduces some software seems the hackers start on it straight away.
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Sun, 13th Feb 2005 10:41 Post subject: |
|
|
First Firefox spyware?
| Quote: |
Security experts are advising that spyware that targets browsers from the Mozilla Foundation has been spotted--a threat that could worsen as its Firefox browser takes market share from Microsoft.
Stu Sjouwerman, the founder of Sunbelt Software, said on Tuesday that the anti-spyware company has discovered what it believes is the first spyware to take aim at surfers using Mozilla browsers.
|
Source -> http://news.com.com/Spyware+takes+aim+at+Mozilla+browsers/2100-7349_3-5569635.html
|
|
| Back to top |
|
|
Under
Posts: 667
Location: Scotland
|
| Posted: Sun, 13th Feb 2005 11:40 Post subject: |
|
|
91% of users have spyware installed on they computer (owned by adware ?)
But frankly speaking most users don't even know how easly the spyware/adware can get to your computer ...
Need a expample : Messenger Service ? RPC bug ?
The only way to be well secured is to get all the Microsoft Critical patches (and that's a lot of dl ;P) get some good A-V software and AdWare Stuff - delete Internet Explorer (it's one huge hole in WIndows) and get Mozilla (even Mozilla can be attacked by spyware - as the razor1394 said the post before) or so one and maybe you won't get infected ...
IMHO there is no good type protection to keep you free from this all sh*t ...
Oh and i almost forgot about it : you want to see how quick the spyware is ? Install clean windows plug it to internet and wait 2 mins i've had this problem lately when i was formating a pc one of my friends - forgot to apply some damn patches and boom I fought 2 hours with this ...
Best PICKUP LINE :
"Hey, does this rag smell like chloroform to you?"
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Thu, 17th Feb 2005 21:56 Post subject: |
|
|
I don't think Microsoft will remove IE at any cost. The important part for them is not that the OS/browser should be safe/stable/fast, but that people actually buy and use it  . At least they are upgrading IE now to v7. I don't think they would have done that in a long time if Firefox and Opera weren't present. Microsoft are also making a bigger update service (Microsoft update) to cover most of their important products such as Office and Windows. At least that is good to see.
Btw, It seems that the MyDoom virus has woken again, but this time through the search engines.
| Quote: |
Internet users are being threatened by yet another variant of the MyDoom mass mailing worm, which is spreading in part by using e-mail addresses found through popular search engines, security experts warn. The new variant was first spotted late Wednesday and reports from computer users suggest the worm is already circling the globe, according to Graham Cluley, senior technology consultant at Sophos.
The worm proliferates by e-mailing itself through its own SMTP (Simple Mail Transfer Protocol) engine, according to Sophos. When it infects a computer it scans the hard disk for e-mail addresses and then takes the domains of the addresses it finds and queries search engines such as Google, Yahoo, and Lycos looking for similar addresses, Cluley says.
|
Windows anti-spyware to come free of charge
| Quote: |
Ending speculation about whether it was shifting to a paid model, Microsoft said on Tuesday that it will provide customers with its new anti-spyware software for free.
The pledge, made by Microsoft Chairman Bill Gates during his keynote speech kicking off the RSA Conference 2005 here, comes after the company had been testing its AntiSpyware application--technology it acquired with its purchase of security software maker Giant Software.
"Just as spyware is something that we have to nip down today, we have decided that all licensed Windows users should have that protection at no charge," Gates said. The initiative is part of Microsoft's efforts to strengthen security for home and business users of its Windows desktop software. Consumers are not always aware of the dangers of such threats as spyware, viruses and "phishing." A study published last October found that more than 80 percent of consumers had been infected by spyware.
|
Sounds very good. Charging for the app would be so evil from their side. Keeping it free is how it should be!
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Fri, 18th Feb 2005 11:06 Post subject: |
|
|
Microsoft Windows Antispyware updated
| Quote: |
Windows AntiSpyware (Beta) is a security technology that helps protect Windows users from spyware and other potentially unwanted software. Known spyware on your PC can be detected and removed. This helps reduce negative effects caused by spyware including slow PC performance, annoying pop-up ads, unwanted changes to Internet settings, and unauthorized use of your private information. Continuous protection improves Internet browsing safety by guarding over 50 ways spyware can enter your PC.
Since releasing Windows AntiSpyware (Beta) on January 6, 2005, we have received feedback from customers and have made enhancements to the software based on this feedback. We have enhanced some of the real-time protection agents, added new threat categories, and improved stability and performance. If you are using a previous version you can simply upgrade to the refreshed version. The version number of the refreshed version is 1.0.509. To check the version number, click About Microsoft AntiSpyware… on the Help menu.
Note: This download has been updated to include signature version 5687, which is the most current as of February 10, 2005. Customers who have installed Microsoft Windows AntiSpyware prior to this date do not need to re-download. They will receive signature updates as part of their next automatic or manual signature update.
|
News source - http://www.osnn.net/comments.php?shownews=11805
Application download - http://www.microsoft.com/downloads/details.aspx?FamilyId=321CD7A2-6A57-4C57-A8BD-DBF62EDA9671&displaylang=en
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Fri, 18th Feb 2005 23:31 Post subject: |
|
|
Microsoft Warns of Impossible to Clean Spyware
| Quote: |
The Inquirer has a story that the next generation of Windows spyware and exploits are starting to make use of "kernel rootkits". A paper at Microsoft Research has details on a prototype detection tool. Computerworld has more details, as well." From the article: "Newer rootkits can intercept system calls that are passed to the kernel and filter out queries generated by the software. This makes them invisible to administrators and to detection tools...
|
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Sun, 20th Feb 2005 12:09 Post subject: Microsoft Anti-Virus Push: Good For Us, Bad For AV Vendors |
|
|
Microsoft Anti-Virus Push: Good For Us, Bad For AV Vendors
| Quote: |
As Microsoft readies it's latest security software for it's Windows operating systems, some say it may catch the eye of antitrust regulators. There is concern that if Microsoft ties it's new anti-virus software too close to it's operating systems or prices it too far below competing prices, it could potentially stifle competition from an already well-established anti-virus software market.
"Aggressive entry into the established anti-virus market, especially to the extent Microsoft bundles its solution into the operating system, is almost certain to draw regulatory scrutiny, especially in the EU (European Union)," Sanford C. Bernstein & Co. analyst Charles Di Bona said in a recent note to clients.
It almost seems like a Catch 22. On the one side, Microsoft is perpetually under the gun to protect their operating systems and make computing in general safer for home user and more secure for everyone who uses their software. On the other side, in the process of taking steps to help users secure their systems, antitrust regulators could cry foul for attempting to undermine competitors' ability to maintain their share of the market.
Bill Gates remained upbeat speaking at the RSA computer security conference in San Francisco this week. "It's a challenging area, and new threats seem to emerge all the time, but I'm optimistic that ... we will be able to mitigate the security problems."
|
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Sun, 20th Feb 2005 12:09 Post subject: |
|
|
Mobile Phone Virus Makes It to the United States
| Quote: |
Finnish anti-virus research company F-Secure reports that the first mobile phone virus, called Cabir, has made it's way to the United States since it's discovery in the Philippines over eight months ago. The Cabir virus and it's twelve varients are known to prematurely drain cell phone batteries.
On Monday, Mikko Hypponen, director F-Secure, discovered Cabir on a Nokia cell phone in a technology gadgets store in Santa Monica, California, where someone spotted a telltale sign on the screen of the phone. The store owner's cell phone had also been infected.
"It's interesting (the Cabir variant) has now been found in the United States, but it's not the end of the world," said Hypponen.
While the threat is still relatively minimal compared to the thousands of computer viruses that make their rounds daily, Cabir marks the beginning of the new mobile device virus era.
|
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Tue, 22nd Feb 2005 11:27 Post subject: Microsoft To Force SP2 Update On All XP And XP SP1 Machines |
|
|
Microsoft To Force SP2 Update On All XP And XP SP1 Machines
| Quote: |
April 12th is the very last day. That’s when the clock runs, and the deadline looms.
And here you thought it was April 15th. Nope, it’s the twelfth. Because we’re not talking about the day your taxes are due. On no. We’re talking about the day that your Windows XP or Windows XP SP1 computer will be automatically updated to XP SP2 (Service Pack 2) whether you want it to or not. Period.
Up until now users who did not want to accept the SP2 update had the option of temporarily blocking the update from being downloaded to their machines through the Automatic or Windows Update mechanisms, however that option expires on April 12th.
According to Microsoft’s latest alert on the issue, “The intent of this alert is to provide you with a reminder about the upcoming deadline around the date on which Automatic Update (AU) and Windows Update (WU) will deliver Windows XP SP2 regardless of the presence of the blocking mechanism.”
|
Source - http://www.neowin.net/comments.php?id=27171&category=main#comment337903
Sounds like it won't work if you disable automatic updates. There are off course both good and bad things about this forced update. Personally I don't think that It's right for them to do as many users have problem with SP2.
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Wed, 23rd Feb 2005 21:54 Post subject: MS AntiSpyware vs Ad-Aware vs SpyBot |
|
|
MS AntiSpyware vs Ad-Aware vs SpyBot
| Quote: |
Microsoft AntiSpyware offers plenty of features which is sure to turn some heads. Not only does it scan for spyware/adware, it can also offer real-time protection which prevents spyware from being installed in the first place. Though Microsoft’s new toy offers really nice feature as we are about to explore, how well does it match up against the already known spyware removal champs; Ad-Aware and SpyBot S&D? Let us find out.
Though this review is mostly focused on how effectively each application can detect spyware and adware, I want to just mention a few features I enjoyed while using Microsoft AntiSpyware Beta.
|
| Quote: |
Though still in beta, Microsoft AntiSpyware was able to detect more infected files than the current leading anti-spyware applications in the market today, Ad-Aware and SpyBot S&D. AntiSpyware’s user interface is better looking than both SpyBot and Ad-Aware, not to mention much easier to use than SpyBot. Though Microsoft AntiSpyware was able to use better detection than both Ad-Aware and SpyBot, there is still the difference of cost between the three. Ad-Aware and SpyBot offer great performance for free, yet when Microsoft debuts its AntiSpyware application, it will require a subscription fee. Is Microsoft AntiSpyware really worth the subscription fee when there are currently good spyware removal applications out there that will do it for free? My answer to that question would be, if you can afford the fee, it is absolutely worth it; however, if you chose to use Microsoft AntiSpyware as your spyware removal tool, you will still need to run other tools such as Ad-Aware and SpyBot.
|
Yes, Microsoft antispyware rocks as I thought!
Source - http://www.flexbeta.net/main/articles.php?action=show&id=84&perpage=1&pagenum=4
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 23rd Feb 2005 22:00 Post subject: |
|
|
yay paying. (fuck paying)
hope they implent it in the next windows system. (which is free  )
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Wed, 23rd Feb 2005 22:04 Post subject: |
|
|
Critical Update for XP on Windows Update
| Quote: |
This update addresses an issue that could cause your system to stop responding if certain firewall or antivirus programs are installed. You can help resolve this issue by installing this HTTP.sys update from Microsoft. After you install this item, you may have to restart your computer.
|
Link - http://support.microsoft.com/kb/887742
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Fri, 25th Feb 2005 16:58 Post subject: |
|
|
Microsoft says sorry for AntiSpyware error
| Quote: |
Microsoft has publicly apologized and compensated Web directory Startpagina.nl, one of MSN's main competitors in Holland, after the software giant's anti-spyware product incorrectly flagged the site as malicious.
A Microsoft representative confirmed on Thursday that the Windows AntiSpyware beta prevented people from setting Startpagina as their home page. The representative said this problem has now been fixed in the latest update of the program. "Microsoft has posted a notice on the Web sites of Microsoft Netherlands and Microsoft Belgium that includes an appeal to download the new version of Windows AntiSpyware and provides an apology for the difficulty this issue may have caused Startpagina.nl and its users," the representative said. |
Like hell that was a mistake.
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Sun, 27th Feb 2005 10:32 Post subject: |
|
|
Update for Windows XP (KB884883)
| Quote: |
When you work in a program that loads both version 5 and version 6 of the Comctl32.dll file in Microsoft Windows XP, the program may stop responding, and an access violation may occur in the Comctl32.dll file.
You may also see mixed window styles when you experience this problem. If a program selects Comctl32.dll version 6, the program may show a Windows XP style (Comctl32 version 6) window. However, if you experience this problem, the program may show both the Windows XP style and Windows Classic style (Comctl32 version 5) windows.
|
Download - http://www.microsoft.com/downloads/details.aspx?FamilyID=d141ba54-ca8c-4ff3-86ee-96123ac97251&displaylang=en&Hash=XPDLV55
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Sun, 27th Feb 2005 21:16 Post subject: |
|
|
|
|
|
| Back to top |
|
|
Mutantius
VIP Member
Posts: 18594
Location: In Elektro looking for beans
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Mon, 28th Feb 2005 06:10 Post subject: |
|
|
Yes, It's a fake. But I wouldn't be so damn surprised if it was real. They have recently targeted WineHQ intentionally.
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Wed, 2nd Mar 2005 12:50 Post subject: |
|
|
Watch out for this nasty worm. Seems to travel via email.
Bagle.BB
| Quote: |
This trojan dropper appeared on March 1st, 2005. The dropper is sent by Bagle.be worm as an attachment to its infected e-mails. The dropper is sent inside a ZIP archive. The distribution was quite high, so we set Radar Level 2 for this dropper.
The dropped trojan is detected as Email-Worm.Win32.Bagle.bb.
|
Source - http://www.f-secure.com/v-descs/bagle_bb.shtml
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Fri, 4th Mar 2005 00:40 Post subject: No new security updates from Microsoft for March |
|
|
No new security updates from Microsoft for March
| Quote: |
Thanks MarcusJClifford fpr notifying us of this email bulletin sent out by Microsoft.
It looks like the security sweepstakes for February have reeped benefits for Microsoft in March, at least, with an announcement for no new security bulletins for March 8th. The email sent out to Microsoft Security Response Center Bulletin Notification email subscribers, contains the following notice;
As part of the monthly security bulletin release cycle, Microsoft provides advance notification to our customers on the number of security updates being released and the products affected. This is intended to help our customers plan for the deployment of these security updates more effectively. The goal is to provide our customers with information on soon-to-be released security updates.
On 8 March 2005 the Microsoft Security Response Center is planning to release no new security bulletins.
Although we do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released.
|
Source - http://www.neowin.net/
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Tue, 8th Mar 2005 20:36 Post subject: |
|
|
First Mobile Picture Messaging Virus Uncovered
| Quote: | F-Secure is warning of the first mobile phone virus transmitted via MMS - mainly used for picture messaging for mobiles. The virus, Commwarrior, is the first which can be sent from phone to phone in this way, potentially opening them up for worldwide infection. Earlier mobile viruses were only sent via Bluetooth, infected nearby phones.
It appears the new virus came from Russia. It contains the text "OTMOP03KAM HET!", which F-Secure says translates as "No to braindeads". Symantec, meanwhile, is reporting a low threat from the worm. The virus affects Symbian Series 60 phones and isn't believed to be spreading at the moment. Message subjects include "Norton AntiVirus", "Official Symbian desctop manager.", or the required "Free SEX!".
Although it isn't spreading much at the moment, the appearance of the virus is worrying some analysts as it potentially opens up the possibility of much more dangerous worms. The current one simply creates some files and sends itself on without - apparently - doing much damage on the way. |
F-Secure, Symantec analysis
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Wed, 9th Mar 2005 12:51 Post subject: |
|
|
Thanks dude. Will add them later.
Here are some of the latest news:
Microsoft Malicious Software Removal Tool 1.2
| Quote: |
The Microsoft Windows Malicious Software Removal Tool checks Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder.
|
DOWNLOAD
Windows Server2003 & XPSP2 vulnerable:LAND ATTACK
| Dejan Levaja wrote: |
Hello, everyone.
Windows Server 2003 and XP SP2 (with Windows Firewall turned off) are vulnerable
to LAND attack.
LAND attack:
Sending TCP packet with SYN flag set, source and destination IP address and source
and destination port as of destination machine, results in 15-30 seconds DoS condition.
Tools used:
IP Sorcery for creating malicious packet, Ethereal for sniffing it and tcpreplay
for replaying.
Results:
Sending single LAND packet to file server causes Windows explorer freezing on all
workstations currently connected to the server. CPU on server goes 100%. Network
monitor on the victim server sometimes can not even sniff malicious packet. Using
tcpreplay to script this attack results in total collapse of the network.
Vulnerable operating systems:
Windows 2003
XP SP2
other OS not tested (I have other things to do currently ? like checking firewalls
on my networks )
Solution:
Use Windows Firewall on workstations, use some firewall capable of detecting LAND
attacks in front of your servers.
Ethic:
Microsoft was informed 7 days ago (25.02.2005, GMT +1, local time), NO answer received,
so I decided to share this info with security community.
|
SOURCE
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Tue, 15th Mar 2005 13:16 Post subject: |
|
|
Alternative browser spyware infects IE
| The register wrote: |
Some useful citizen has created an installer that will nail IE with spyware, even if a surfer is using Firefox (or another alternative browser) or has blocked access to the malicious site in IE beforehand. The technique allows a raft of spyware to be served up to Windows users in spite of any security measures that might be in place.
Christopher Boyd, a security researchers at Vitalsecurity.org, said the malware installer was capable of working on a range of browsers with native Java support. "The spyware installer is a Java applet powered by the Sun Java Runtime Environment, which allows them to whack most browsers out there, including Firefox, Mozilla, Netscape and others. In the original test, only Opera and Netcaptor didn't fall for the install but Daniel Veditz, who is the head of Mozilla security, has since confirmed to me that this will also work in Opera and Netcaptor," he explained.
In the example Boyd highlights surfers looking for Neil Diamond lyrics (of all things) are served with a variety of adware and spyware packages including Internet Optimizer, sais (180 Solutions) and Avenue Media. Thereafter, if victims allow the packages to install, victims will be bombarded with pop-up ads and their computer will be reduced to a crawl. The malware doesn't install automatically but managed web security firm ScanSafe reckons the pop-up dialogue it generates is obscure enough to fool most home users.
|
So now It's JAVA too and not only ActiveX, haha!
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Thu, 17th Mar 2005 08:45 Post subject: Desktop Anti-Spyware Not Up to Snuff, IT Pros Say |
|
|
Desktop Anti-Spyware Not Up to Snuff, IT Pros Say
| Quote: |
Desktop anti-spyware software isn't doing the job, IT professionals have concluded. According to an international survey by proxy appliance company Blue Coat Systems, 72 percent said desktop anti-spyware programs were ineffective in protecting their networks. Blue Coat surveyed 339 IT staffers who used programs from Computer Associates International (PestPatrol), Kaspersky Lab, Lavasoft (Ad-Aware), McAfee, Microsoft, Spybot, Symantec, or Webroot Software.
Eighty-four percent of respondents, from large, medium-size, and small organizations, reported their spyware problems were the same as or worse than three months ago, Blue Coat said. Techworld found this conflicted with findings for home broadband users in the U.S. whom the National Cyber Security Alliance, an industry body, said saw a reduction in infection from 91 percent in February 2004 to 80 percent in October.
|
Source
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Sun, 27th Mar 2005 14:47 Post subject: Trillian Vulnerability - Security Flaw Found in Trillian IM |
|
|
Trillian Vulnerability - Security Flaw Found in Trillian IM
| Quote: |
CNet news is reporting today that a potentially serious security flaw has been found in the Trillian instant messaging client.
Trillian is an instant messaging (IM) software which allows users to interact with people using many different IM services, such as AOL Instant Messenger and MSN Messenger, using just one instant messaging client (Trillian) instead of having to run each instant messenger software for each service separately.
A large number of people use Trillian, and not surprisingly, as it has been estimated that at least 25% of home users instant message with people on at least two different IM networks at the same time.
The security hole discovered in Trillian will allow a malicious hacker to shut down programs running on the target machine, and even to take control of the entire computer.
Trillian’s CEO, Scott Werndorfer, played the flaw down as being “extremely low risk", stating that the hacker would need to create a fake instant messaging software, then send a message to the Trillian user, and then have the user accept the message. More at Source.
|
Aunty Spam's Net Patrol
|
|
| Back to top |
|
|
Mutantius
VIP Member
Posts: 18594
Location: In Elektro looking for beans
|
| Posted: Sun, 27th Mar 2005 14:54 Post subject: |
|
|
Thanks for that update Razor!
"Why don't you zip it, Zipfero?" - fraich3
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Tue, 29th Mar 2005 15:45 Post subject: Updates |
|
|
Updates
- Links added.
- Started the questions part.
- All security related questions and links moved here.
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Wed, 30th Mar 2005 09:53 Post subject: Windows 2003 Service Pack 1 To Be Released Tomorrow |
|
|
Posting this here too as the article also tells about the 2003 sp1 rtm.
Windows 2003 Service Pack 1 To Be Released Tomorrow
| Neowin wrote: |
Microsoft is expected to announce tomorrow that Windows XP Professional 64-bit and Service Pack 1 for Windows Server 2003 have been released to manufacturing to be produced for general release next month WinBeta has learnt.
Build 1830 has been deemed worthy of release after 18 long months of beta testing of a product that many companies showed inital reluctance to install after Microsoft let slip that Service Pack 1 was already in the works at the release of Windows Server 2003 itself.
The service pack offers a compilation of updates as well as new security enhancements and originally was due in the first half of 2004.
The new Windows editions are designed to take advantage of 64-bit extensions to the standard x86 instruction set in processors from both Advanced Micro Devices Inc. (AMD) and Intel Corp. 64-bit systems offer users greater computing power as systems can process more data per clock cycle and have greater access to memory.
|
Source
Last edited by razor1394 on Wed, 30th Mar 2005 11:42; edited 1 time in total
|
|
| Back to top |
|
|
| Page 1 of 2 |
All times are GMT + 1 Hour |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group
|
|
 |
|
