-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lords throw McKinnon to the dogs
,----[ Quote ]
| PENTAGON HACKER Gary McKinnon could have the book thrown at him by US
| prosecutors after the UK's highest court today quashed his appeal against an
| extradition order.
`----
http://www.theinquirer.net/gb/inquirer/news/2008/07/30/lords-throw-mckinnon-dogs
The Net is a mess because of Windows, but they target the playful hackers
(scapegoats).
FBI warns of new Storm worm variant
,----[ Quote ]
| On Wednesday, the FBI and its partner, the Internet Crime Complaint Center
| (IC3), warned against a new e-mail campaign being used by the creators of the
| Storm Worm botnet.
`----
http://news.cnet.com/8301-1009_3-10002760-83.html?part=rss&subj=news&tag=2547-1_3-0-20
The Pentagon too is among those 320,000,000 zombies because it runs Windows in
places. It's being reported in the news all the time that the Pentagon, the
White House and whatnot are getting hijacked from overseas.
Recent:
,----[ Quote ]
| Over the course of two months leading up to the attack, malicious
| code infiltrated several systems belonging to the Pentagon's network
| and culminated in an exploit of a known Microsoft Windows
| vulnerability
`----
http://www.theregister.co.uk/2008/03/06/pentagon_breach_assessment/
Pentagon cyber attack more serious than previously assumed
,----[ Quote ]
| However, the new magazine report claims that malicious code, which exploits a
| hole in Microsoft Windows, was detected in various portions of the network
| during network infrastructure reorganisation.
`----
http://www.heise.de/english/newsticker/news/104819/from/rss09
Related:
Chinese military hacked into Pentagon
,----[ Quote ]
| The Chinese military hacked into a Pentagon computer network in June in the
| most successful cyber attack on the US defence department, say American
| officials.
`----
http://www.ft.com/cms/s/0/9dba9ba2-5a3b-11dc-9bcd-0000779fd2ac.html
China Crafts Cyberweapons
,----[ Quote ]
| The Defense Department reports China is building cyberwarfare
| units and developing viruses.
`----
http://www.pcworld.com/article/id,132284-pg,1/article.html(News)
German constitutional protection authorities foresee "secret service
procurement offensive"
,----[ Quote ]
| ...if Chinese attackers really had penetrated government computers, this
| would pose a risk even if no confidential data was involved. "It is possible
| to find out many things in this way - appointments, responsibilities, who is
| working on what - this is the first step in carrying out classical
| espionage," said Möller.
`----
http://www.heise.de/english/newsticker/news/95236/from/rss09
Politicians want to be informed on Chinese Trojan attacks
,----[ Quote ]
| Ruprecht Polenz (CDU), chairman of the Committee on Foreign Affairs,
| said: "If there is clear evidence that the Chinese state is responsible for
| these attacks, we cannot let the matter rest." According to a Spiegel report,
| the Federal Office for the Protection of the Constitution assumes that
| experts of the Chinese army have conducted the online espionage attacks
| against the Federal Chancellery, the ministry of economics, the ministry of
| research and also the ministry of foreign affairs.
`----
http://www.heise.de/english/newsticker/news/94983/from/rss09
Estonia suspects Kremlin in Web attacks
,----[ Quote ]
| He said more than 1 million computers worldwide have been used in
| recent weeks to attack Estonian government and business Web sites
| since a dispute arose with Moscow over Estonia's moving of a
| Soviet-era war memorial from downtown Tallinn.
`----
http://www.cnn.com/2007/TECH/internet/05/17/estonia.cyber.attacks.ap/index.html?eref=rss_tech
U.S. cyber counterattack: Bomb 'em one way or the other
,----[ Quote ]
| If the United States found itself under a major cyberattack aimed
| at undermining the natio's critical information infrastructure,
| the Department of Defense is prepared, based on the authority of
| the president, to launch a cyber counterattack or an actual
| bombing of an attack source.
`----
http://www.networkworld.com/news/2007/020807-rsa-cyber-attacks.html
US plans for cyber attack revealed
http://www.theinquirer.net/default.aspx?article=37563
Homeland Security sees cyberthreats on the rise
,----[ Quote ]
| To test the nation's response to a cyberattack, the Department
| of Homeland Security plans to hold another major exercise,
| called Cyberstorm II, in March 2008, Garcia said. A first
| such exercise happened early last year.
`----
http://news.com.com/2100-7355_3-6157809.html?part=rss&tag=2547-1_3-0-20&subj=news
http://tinyurl.com/2dpbmv
Zombie botnets attack global DNS servers
,----[ Quote ]
| Hackers launched a sustained attack last night against key root servers
| which form the backbone of the internet.
|
| Security firm Sophos said that botnets of zombie PCs bombarded the
| internet's domain name system (DNS) servers with traffic.
|
| "These zombie computers could have brought the web to its knees,"
| said Graham Cluley, senior technology consultant at Sophos.
`----
http://www.vnunet.com/vnunet/news/2174383/zombie-botnets-attack-global
Land Warrior System: Inside the Pentagon's New High-Tech Gear
,----[ Quote ]
| The Kevlar Advanced Combat Helmet weighs approximately 3 pounds --
| half the weight of current models. An eyepiece (A) bolted to the
| helmet acts as a full-color computer interface, displaying maps
| and images from the camera on the weapon. A boom mic (B) and
| over-the-ear headphones (C) allow troops to communicate...
`----
http://www.popularmechanics.com/technology/military_law/4215725.html
Perspective: Microsoft security--no more second chances?
,----[ Excerpt ]
| CNET News.com's Charles Cooper says the software maker is running out
| of excuses for a history of poor security.
`----
,----[ Quote ]
| As if Homeland Security Secretary Michael Chertoff didn't have enough on
| his plate.
|
| Not only has he had to deal with Katrina and Osama. Now he's also got to
| whip Steve Ballmer and the crew at Microsoft into shape. If past is
| prologue, that last task may be the most daunting of all.
`----
http://news.com.com/2010-1002_3-6104512.html?part=rss&tag=6104512&subj=news
Botnet 'pandemic' threatens to strangle the net
,----[ Quote ]
| Cerf estimated that between 100 million and 150 million of the
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^
| 600 million PCs on the internet are under the control of hackers,
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
| the BBC reports. "Despite all that, the net is still working,
| which is pretty amazing. It's pretty resilient," he said.
`----
http://www.theregister.co.uk/2007/01/26/botnet_threat/
EveryDNS, OpenDNS Under Botnet DDoS Attack
,----[ Quote ]
| The last time the Web mob (spammers and phishers using botnets)
| decided to go after a security service, Blue Security was forced
| to fold and collateral damage extended to several businesses,
| including Six Apart.
`----
http://securitywatch.eweek.com/exploits_and_attacks/everydns_opendns_under_botnet_ddos_attack.html
Be prepared: ActiveX attacks will persist
,----[ Quote ]
| A recent string of high-profile ActiveX vulnerabilities caused the U.S.
| Computer Emergency Readiness Team (US-CERT) to advise users to disable the
| ubiquitous Microsoft browser plug-in technology altogether.
`----
http://www.infoworld.com/article/08/02/19/08NF-activex-horror_1.html
ActiveX Controls Out of Control
,----[ Quote ]
| The federal agency's warning to disable all Internet Explorer ActiveX
| controls might as well be recommendation to use Firefox—or Opera or Safari.
| Hey, AOL, are you sure about pulling the plug on Netscape?
`----
http://www.microsoft-watch.com/content/security/activex_controls_out_of_control.html?kc=MWRSS02129TX1K0000535
The feds weigh in on Windows security
,----[ Quote ]
| "The benefits of this move are enormous: Common, secure configurations
| can help slow botnet spreading, can radically reduce delays in patching,
| can stop many attacks directly, and organizations that have made the
| move report that it actually saves money rather than costs money,"
| Paller wrote.
`----
http://news.zdnet.com/2100-1009_22-6172158.html
Yahoo IM affected by ActiveX vulnerabilities
,----[ Quote ]
| On the heels of ActiveX vulnerabilities in the image uploading tools for
| Facebook and MySpace.com, researchers warned Monday that Yahoo Instant
| Messenger and Yahoo Messenger are vulnerable to ActiveX-based attacks.
`----
http://www.news.com/8301-10789_3-9864333-57.html?part=rss&subj=news&tag=2547-1_3-0-20
Exploit for 'extremely critical' Yahoo Jukebox vuln goes wild
http://www.theregister.co.uk/2008/02/05/yahoo_jukebox_vuln/
'Highly critical' security bug bites HP Virtual Rooms
,----[ Quote ]
| The vulnerability in HP Virtual Rooms resides in the ActiveX client used to
| install the service on users' PCs, according to this advisory posted Tuesday
| on the Full-Disclosure mail list. Vulnerability tracking service Secunia
| rates it "highly critical," because it can be used by attackers to compromise
| a user's machine.
`----
http://www.theregister.co.uk/2008/01/22/hp_virtual_rooms_security_bug/
'Bricking' bug threatens most HP, Compaq laptops
,----[ Quote ]
| In a post to the milw0rm.com Web site Wednesday, a Polish security researcher
| who used the alias "porkythepig" spelled out a pair of vulnerabilities in an
| ActiveX control used by HP's Software Update, the patch management program
| bundled with virtually every HP- and Compaq-branded laptop.
`----
http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053818&intsrc=hm_list
Rogue ActiveX controls menace users
,----[ Quote ]
| Flaws in ActiveX controls are being increasingly used to run security
| exploits.
|
| [...]
|
| An attack exploiting this vulnerability can lead to arbitrary code execution
| by a remote attacker," a blog posting by Symantec researcher Parveen
| Vashishtha warns.
`----
http://www.theregister.co.uk/2007/10/24/activex_vulns/
RealPlayer Attack Circulating
,----[ Quote ]
| The attack exploits a flaw in an ActiveX browser helper object, software that
| RealPlayer employs to help users who are experiencing technical difficulties,
| so the PC must be using the Internet Explorer browser to be affected by this
| particular attack, Symantec said.
`----
http://news.yahoo.com/s/pcworld/20071020/tc_pcworld/138706
Yahoo! battered by second ActiveX vulnerability
,----[ Quote ]
| The vulnerabilities affect versions of Yahoo! Messenger 8.x prior to version
| 8.1.0.419, released late last week. Users are urged to upgrade.
`----
http://www.theregister.co.uk/2007/09/03/yahoo_activex_vuln/
Way Too ActiveX
,----[ Quote ]
| Today, over at Symantec's Security Response Weblog, Greg Ahmad
| reveals startling--and I do mean shocking--increases in ActiveX
| vulnerabilities. According to Symantec, ActiveX vulnerabilities
| stayed in the 12- to- 15-a-year range from 2002 to 2005. For
| 2006, the number of vulnerabilities "reached 50," with 42 in
| the second half of the year--coincidentally, the same time
| period Microsoft finished up and released Internet Explorer 7.
`----
http://www.microsoft-watch.com/content/security/way_too_activex.html?kc=MWRSS02129TX1K0000535
http://tinyurl.com/33cfno
Acer puts Active X hole on laptops
,----[ Quote ]
| Laptop outfit Acer seems to have placed an Active X control on its
| computers that seems to allow webpages to execute any program.
|
| This huge hole in network security has been installed on board Acer
| lap-tops since 1998.
`----
http://www.theinquirer.net/default.aspx?article=36773
Adobe Confirms 'Critical' Reader, Acrobat Exploits With IE
,----[ Quote ]
| A critical security vulnerability in an ActiveX control used by
| Internet Explorer could allow malicious hackers to use Adobe's
| Reader and Acrobat software to launch PC hijack attacks,
| according to a warning from Adobe Systems.
`----
http://www.pcmag.com/article2/0,1895,2066079,00.asp
Month of ActiveX bugs project begins with two Office flaws
,----[ Quote ]
| A hacker known as shinnai kicked off his "Month of ActiveX Bugs"
| (MoAxB) project with a bang by exposing a number of severe
| vulnerabilities affecting OCX controls in Microsoft Office.
`----
http://scmagazine.com/us/news/article/654659/month-activex-bugs-project-begins-two-office-flaws/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkiRe40ACgkQU4xAY3RXLo47IwCfSiiBcd0hlKCet3444DR0P6tH
8CAAoJk7F6VcGSkdda7bng/1UUeg3jge
=F04w
-----END PGP SIGNATURE-----
|
|
