Spyware Warrior

[wawadave]

VERISIGN, RSA INTRODUCE AUTHENTICATION TOOLS
VeriSign Inc. added yet another security system to the industry with
VeriSign Unified Authentication.
http://www.net-security.org/news.php?id=6153

E-BUSINESS SITES HIT WITH ATTACKS, EXTORTION THREATS
Attackers may be shifting strategy and aiming at specific companies.
http://www.net-security.org/news.php?id=6155

HACKERS SMELL BLOOD IN COMMON WINDOWS INTERFACE
Hackers smell blood in Common Windows Interface
http://www.net-security.org/news.php?id=6156

FINANCIAL WEB SITES VULNERABLE TO PHISHING ATTACKS
Survey shows nine out of 10 financial web sites contain security
flaws.
http://www.net-security.org/news.php?id=6163

HOUSE STRUGGLES OVER SECURITY BILL
House Republicans rejected language in a bill that would have shifted
oversight responsibility for cybersecurity from the Homeland Security
Department to a newly created position in the Office of Management
and Budget.
http://www.net-security.org/news.php?id=6165

TERRORISTS GROW FAT ON EMAIL SCAMS
Organisations such as al-Qaeda, ETA en PKK are copying Nigerian scams
to fund terrorism, two Dutch experts told Dutch daily De Telegraaf.
http://www.net-security.org/news.php?id=6167

NUKE WATCHDOG ISSUES CYBERGEDDON ALERT
The United Nations' nuclear watchdog agency warned of growing concern
about cyber attacks against nuclear facilities.
http://www.net-security.org/news.php?id=6168

SECURITY VENDORS HARDEN PRODUCTS
Security companies are trotting out intrusion-prevention system and
vulnerability-assessment products.
http://www.net-security.org/news.php?id=6170

WIRELESS SECURITY: 'WE HAVE TO DO THE RIGHT THINGS'
With its security improving, wireless is set for deployment.
http://www.net-security.org/news.php?id=6172

MICROSOFT, AMAZON.COM FILE PHISHING, SPAMMING LAWSUITS
Suit alleges Gold Disk Canada is responsible for sending millions of
deceptive e-mails.
http://www.net-security.org/news.php?id=6173

SECURITY FIRMS MERGE TO FORM CYBERTRUST
"We are going to see more consolidation in this space. I don't think
many of these managed security companies are making a huge profit or
having much impact on the market. The whole area is a minefield and
requires huge investment," Bernie Dodwell, business development
director at distributor Wick Hill, said.
http://www.net-security.org/news.php?id=6176

UK POLICEMAN ARRESTED OVER PHONE TAP CLAIMS
Six men - including a serving Metropolitan Police officer - have been
arrested concerning the alleged illegal interception of private phone
calls.
http://www.net-security.org/news.php?id=6178

VENDORS STRUGGLE TO COPE WITH WLAN SECURITY THREATS
The market for wireless local area network (WLAN) security
technologies is growing "phenomenally", but vendors are struggling to
keep up with the fast-moving nature of WLAN security threats, industry
experts have warned.
http://www.net-security.org/news.php?id=6179

SYSADMIN TO SYSADMIN: FIVE FLAGS YOU COMPLETELY FORGOT ABOUT
Administrators are creatures of habit. So much so that we often read
things and think, "hey, that's really cool," and then we completely
forget about them, even though they might, in some instances, be
useful on a regular basis.
http://www.net-security.org/news.php?id=6185

HOW TO COMBAT SPYWARE
There's no doubt that the presence of spyware on a computer is a
serious intrusion of privacy that needs to be dealt with.
http://www.net-security.org/news.php?id=6186

LARGE SCALE IM VIRUS ATTACK FEARED
Security researchers are seeing the first signs of a large-scale
virus attack taking advantage of a known flaw in the way JPEG images
are processed in Microsoft Windows products.
http://www.net-security.org/news.php?id=6187

SO MANY VIRUSES, SO LITTLE TIME
Those who design new ways of launching attacks on computers are
shortening the development cycle for new exploits, worrying companies
and systems manufacturers.
http://www.net-security.org/news.php?id=6190

IM WORM CRAWLS THROUGH JPEG HOLE
Attack largely unsuccessful, but security experts warn of more to
come.
http://www.net-security.org/news.php?id=6191

STICKY SECURITY PROBLEMS
The potential threats posed by memory sticks.
http://www.net-security.org/news.php?id=6194

ID RULE EXISTS, BUT CAN'T BE SEEN
Justice Department lawyers say there is indeed a rule requiring
passengers to show ID at the airport before boarding a plane, but
they say the exact wording of the rule can't be read by the public
and can't be challenged.
http://www.net-security.org/news.php?id=6195

PHISHING TAB TO REACH $500 MILLION
By any measure, it is clear that online fraud, or phishing, is bad
and getting worse.
http://www.net-security.org/news.php?id=6196

PHISHERS COME UP WITH A NEW SCAM
A new kind of phishing scam alters the website of a financial
institution.
http://www.net-security.org/news.php?id=6200

CYBERNAPPING' DANGER OF UNPROTECTED SYSTEMS
Experts warn of exponential rise in the run-up to Christmas.
http://www.net-security.org/news.php?id=6201

TEN STEPS TO E-MAIL SECURITY
Organizations would be wise to establish clearly defined security and
e-mail policies. More than 137,000 computer security incidents were
reported in 2003, nearly double the figure from 2002, according to
the Carnegie Mellon's Computer Emergency Response Team.
http://www.net-security.org/news.php?id=6202

dbPowerAmp Buffer Overflow and Denial of Service Vulnerabilities
http://www.net-security.org/vuln.php?id=3739
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[Moore]

Thanks Wawadave
_________________
| Stop Malvertising | Outpost | Blocklist Pro | Hosts |

[wawadave]

your wellcome moore glad some one see it!
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

MICROSOFT INVESTIGATES ASP.NET VULNERABILITY | SearchSecurity.com

Microsoft is investigating reports of a vulnerability that an
attacker could use to bypass authentication on a Web site running
ASP.Net applications on Windows 2000 or Windows XP.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1011904,00.html?track=NL-102&ad=493626
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Apple Patches QuickTime Flaw
The computer maker issues patch for its media player and tends to other flaws in OS X.
http://nl.internet.com/ct.html?rtr=on&s=1,15oy,1,hril,ldpd,9s3s,a9gz
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Madrid, October 5 2004 - The Mozilla Foundation has released an update for
the Firefox browser to fix a serious security problem.

The corrected vulnerability could allow an attacker to delete files from the
download directory of the affected computer. User interaction is needed to
exploit this security problem. Although there are still no known cases of
attacks exploiting this problem, the Mozilla Foundation advises users to
install the update as a precaution.

The latest version of Firefox that corrects the vulnerability is version
0.10.1. Users can check the version of their browser through the options
'Help' - 'About Mozilla Firefox'.

Users with versions prior to 0.10.1 can download the latest version from:
http://www.mozilla.org/products/firefox/index.html
A specific patch can also be downloaded from:
http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/0.10.1/patches/25970
8.xpi

More information is available in the official advisory at:
http://www.mozilla.org/press/mozilla-2004-10-01-02.html

NOTE: The addresses above may not show up on your screen as single lines.
This would prevent you from using the links to access the web pages. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.

------------------------------------------------------------
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Spammers Hide Trojan in Opt-Out Link
Spammers have come up with a new way to fool users into downloading malicious code that
will turn their PC into an Open Proxy. They have hidden a Trojan in the opt-out link at
the bottom of each spam.
http://nl.internet.com/ct.html?rtr=on&s=1,15sx,1,jsm7,6a8m,9s3s,a9gz
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Network World's Security News Alert

Cracking the wireless security code, 10/04/04

We test 23 wireless products from 17 vendors to see if it is
possible to deploy a secure wireless LAN with technology
available today.
http://www.nwfusion.com/reviews/2004/1004wirelessmain.html?nl

Microsoft leaves colleges vulnerable, 10/04/04

Microsoft's licensing policies and legal restrictions that
forbid schools from distributing software patches to many
students are leaving IT executives at universities with
potentially thousands of unmanaged desktops that pose a serious
security risk.
http://www.nwfusion.com/news/2004/100404highered.html?nl

Future Windows component could spur old-school viruses, 10/04/04

A planned component for Microsoft's next version of Windows is
causing consternation among anti-virus experts, who say that the
new module, a scripting platform called Microsoft Shell, could
give birth to a whole new generation of viruses and remotely
exploitable attacks.
http://www.nwfusion.com/news/2004/1004futurwindo.html?nl

Symantec releases data recovery tools, 10/05/04

Security company Symantec Tuesday announced the availability of
new versions of its LiveState data recovery software.
http://www.nwfusion.com/news/2004/1005symanrelea.html?nl

SurfControl turns a trick on phishers, 10/04/04

In response to the growing threat that phishing poses to e-mail
users, SurfControl plans to upgrade its e-mail filter to catch
these attacks, and flag more spam and other abuses.
http://www.nwfusion.com/news/2004/100404surfcontrol.html?nl

IT pros may know more, but so do their kids, 10/04/04

Writing group policies, assigning user privileges and setting
restrictive security zones for Internet access keep system
management analyst Jason Kennedy plenty busy. . . . And then he
goes to work.
http://www.nwfusion.com/news/2004/100404widernethome.html?nl

Software follows trails left by computer thieves, 10/04/04

On rare occasions when employee laptops go missing, Joe
Scavetti, chief information security officer at Pension Benefits
Guaranty in Washington, D.C., isn't content to write it off to
bad luck. Scavetti doggedly pursues each case, aided by software
installed on each of the laptops that lets the devices call
home.
http://www.nwfusion.com/news/2004/100404guarantee.html?nl
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

ecurity Alert, October 7, 2004

Arbitrary Code-Execution Vulnerability in RealPlayer
eEye Digital Security discovered that a vulnerability in RealPlayer
could let a remote attacker reliably overwrite heap memory with
arbitrary data and execute arbitrary code within the user security
context. This specific flaw exists within the pnen3260.dll file that
RealPlayer uses. By specially crafting a malformed .rm movie file
along with a Synchronized Multimedia Integration Language (SMIL) file,
a direct heap overwrite is triggered and reliable code execution is
then possible. RealNetworks has released a patch for this
vulnerability, which is also available via the Updates section of the
affected application.
http://www.windowsitpro.com/article/articleid/44143/44143.html
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

House Toughens Spyware Penalties
Legislation adds prison sentences to maximum $3 million civil penalties approved on
Tuesday.
http://nl.internet.com/ct.html?rtr=on&s=1,160k,1,ctb,2vf8,9s3s,a9gz
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Microsoft investigates a reported vulnerability in ASP.NET -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, October 8, 2004 - Microsoft is studying a security problem in
ASP.NET that could allow an attacker to access protected web content,
without needing authentication.

Initial data released by Microsoft reveals that the vulnerability would
affect all versions of ASP.NET, regardless of the version of Internet
Information Server (IIS) installed or the version of the IIS components.

Until it has finished investigating the problem and the update that
definitively resolves the problem is available, Microsoft has published an
HTTP module, and reported the action that could be carried out until then.
The company strongly advises all Web content owners and administrators who
are running any version of ASP.NET to implement certain preventive measures,
which are available at:
http://www.microsoft.com/security/incident/aspnet.mspx

NOTE: The addresses above may not show up on your screen as single lines.
This would prevent you from using the links to access the web pages. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd