SaferPC.info

Security News and Issues

Each day owning a computer and maintaining it online becomes more of a challenge. Security is a major concern to computer users. SaferPC brings you Security News and Issues of interest to security conscious PC users.

[First]  [Previous] |    1297     1298     1299     1300     1301     1302     1303     1304     1305     1306    | [Next]  [Last] of 1307 page(s)

     
 Title   Date   Author   Host 

Mac OS X CF_CHARSET_PATH Buffer Overflow Vulnerability
IDefense
by Tyler Hawes
March 21, 2005

Local exploitation of a buffer overflow vulnerability within the Core Foundation Library included by default in Apple Computer Inc.'s Mac OS X could allow an attacker to gain root privileges.

The vulnerability specifically exists due to improper handling of the CF_CHARSET_PATH environment variable. When a string greater than 1,024 characters is passed via this variable, a stack-based overflow occurs, allowing the attacker to control program flow by overwriting the function's return address on the stack. Any application linked against the Core Foundation Library can be used as an exploit vector for this vulnerability. Some of the setuid root binaries that are vulnerable include su, pppd and login.

Orrin Hatch at the Copyright Helm
Slyck News
by Thomas Mennecke
March 20, 2005

United States Senator Orrin Hatch (R-UT), former chairman of the Judiciary Committee, has been appointed chairman of the new Intellectual Property Subcommittee.

"The subcommittee will have jurisdiction over all intellectual property laws and oversight on patent, copyright, trademark, and international intellectual property policies. Hatch named Bruce Artim, former staff director and chief counsel for the Judiciary Committee, the subcommittee's staff director and chief counsel." Why is this important to the P2P and file-sharing community' Let us take a look at Senator Hatch’s past record.

UK police foil massive bank theft
BBC News
March 17, 2005

Police in London say they have foiled one of the biggest attempted bank thefts in Britain.

The plan was to steal $423m from the London offices of the Japanese bank Sumitomo Mitsui. Computer experts are believed to have tried to transfer the money electronically after hacking into the bank's systems.

Lapse at Melbourne IT Enabled Panix.com Hijacking
Netcraft
by richm
March 17, 2005

In its findings on the panix.com hijacking, ICANN said it is "very concerned" that Australian registrar Melbourne IT relied upon a reseller to confirm the transfer request, and will "review the appropriateness of these arrangements." Panix was never conta

Domain registrar Melbourne IT today acknowledged that it failed to properly confirm a transfer request for Panix.com , allowing the domain for the New York ISP to be hijacked for most of the weekend. The Panix incident has focused attention on recent ICANN rule changes that allow domains to be transferred more easily, which some registrars warned would also make it easier to hjack domains . The hijacking disabled all email and Internet access for thousands of Panix customers, and persisted despite active efforts by the North American Network Operators Group (NANOG) to assist Panix in recovering the domain. The delays were blamed on unresponsiveness by several providers within the domain management system, but especially Melbourne IT, which appears to have no readily-accessible support on weekends. The Panix.com hijacking was not reversed until Melbourne IT's offices opened in Australia Monday morning (late Sunday in New York). "There was an error in the checking process prior to initiating the transfer, and thus the transfer should never have been initiated," Bruce Tonkin, the chief technology officer of Melbourne IT wrote in a message to the NANOG mailing list. "The loophole that led to this error has been closed." Tonkin did not describe the "loophole" but said the transfer of the domain from Dotster to Melbourne IT was initiated through an account at a Melbourne IT reseller, which was set up using stolen credit cards. "That reseller is analysing its logs and cooperating with law enforcement," he wrote.

Virus writers exchanging information
Kaspersky Lab
March 17, 2005

Virus analysts at Kaspersky Lab have been investigating the recent Bagle outbreak, and come to the conclusion that the authors of Bagle, Zafi and Netsky are working hand in hand with each other.

SpamTool.Win32.Small.b, a malicious program which harvests email addresses from infected machines, was first detected by Kaspersky Lab analysts on 15th February. Email addresses of antivirus companies are excluded from the list it compiles. Further analysis of the situation reveals that the mass mail of this program was a preliminary stage in the attack carried out by Bagle on 1st March. In researching the Bagle outbreak, virus analysts have concluded that the authors of Bagle, Zafi and Netsky and others are working closely together; they may not be personally known to each other, but they are all using information provided by the author of Bagle to mass mail their creations.

Holy Father on rootkit writing for fun, profit
InfoWorld
by Paul Roberts
March 16, 2005

The software developer behind a leading rootkit program says he is motivated by necessity, curiosity and a desire to expose weaknesses in the Windows operating system and security technology. He also isn't too worried about how others might use his softwa

While he declined to provide his real name or speak by phone, "Holy Father," author of the Hacker Defender rootkit, claims to live in the Czech Republic, where the hacker defender Web site is registered to a "Jaromir Lnenicka" in Prague. His online name stemmed from a desire to do "big thingz" in the computer hacking underground. On that score, he has succeeded. Written in conjunction with a member of the 29a malicious code writing group, Hacker Defender has been downloaded more than 100,000 times, by his count, and grabbed the attention of security researchers at Microsoft and other leading companies.

Illegal aliens threaten U.S. medical system
World Net Daily
March 13, 2005

The increasing number of illegal aliens coming into the United States is forcing the closure of hospitals, spreading previously vanquished diseases and threatening to destroy America's prized health-care system.

The influx of illegal aliens has serious hidden medical consequences," writes Madeleine Pelner Cosman, author of the report. "We judge reality primarily by what we see. But what we do not see can be more dangerous, more expensive, and more deadly than what is seen." According to her study, 84 California hospitals are closing their doors as a direct result of the rising number of illegal aliens and their non-reimbursed tax on the system.

Hackers exploit Windows patches
BBC News
by Mark Ward
February 26, 2005

Hackers are relying on Microsoft to help them exploit loopholes in Windows, say [Microsoft] security experts.

In a keynote speech to the E-Crime Congress organised by Britain's National Hi-Tech Crime Unit, Mr Aucsmith said the tools that hackers were producing were getting better and shrinking the time between patches being issued and exploits being widely known. "We have never had vulnerabilities exploited before the patch was known," he said. Tools of choice A good example of this phenomenon, he said, was the recent ASN1 "critical vulnerability" that Microsoft produced a patch for in early February. The vulnerability was discovered by Eeye Digital Security in July 2003 but no exploits were produced until three days after Microsoft's patch became available. "Many people reverse engineer the patch and then build the exploit code," said Mr Aucsmith. Malicious hackers were greatly aided by improvements in tools that did a better job of working out what patches did. Firms have less time to react to vulnerabilities He said tools were available that compared patched and unpatched versions of Windows to help vandals and criminals work out what was different. "The guys who write the tools would not consider themselves to be criminals by any measure," he said, "but the tools are also being picked up by people with criminal intent." Mr Aucsmith said he could only think of one instance when a vulnerability was exploited before a patch was available. "It's a myth that hackers find the holes," said Nigel Beighton, who runs a research project for security firm Symantec that attempts to predict which vulnerabilities will be exploited next. He said in many cases the appearance of a patch was the spur that kicked off activity around a particular vulnerability. Many different malicious hackers and hacking groups competed to see who could be the first to produce a virus or other program that could work with the known hole, he said. Mr Aucsmith urged companies to keep up with patches because the time they had to react before hackers released exploits was shrinking. Newer operating systems were also more secure than older programs such as Windows 95 which, when it was first released, had no security features in it at all. "Almost all attacks against our software are against the legacy systems," he said. "If you want more secure software, upgrade."

Behind the wheel, troopers shouldn't be above the law - seattlepi.com
seattlepi.com
by Thomas Shapley
February 26, 2005

"We humbly apologize." Those are words no appointed state official wants to utter to the chairman of a key legislative committee after just three weeks on the job.

But Washington State Patrol Chief John Batiste had little choice in making that apology after a state legislator received a barrage of nasty, even threatening, e-mail messages apparently sent by troopers and their families. Batiste, who took the top WSP job earlier this month, offered the apology "as an individual and as a group," to House Transportation Chairman Ed Murray, D-Seattle, and Rep. Toby Nixon, R-Kirkland, at a committee hearing Wednesday evening. "I and the union representative want to apologize for the behavior of a few," he said.

Schneier on Security: Cryptanalysis of SHA-1
Schneier.com
by Bruce Schneier
February 15, 2005

On Tuesday, I blogged about a new cryptanalytic result -- the first attack faster than brute-force against SHA-1. I wrote about SHA, and the need to replace it, last September.

Earlier this week, three Chinese cryptographers showed that SHA-1 is not collision-free. That is, they developed an algorithm for finding collisions faster than brute force.

In 1999, a group of cryptographers built a DES cracker. It was able to perform 256 DES operations in 56 hours. The machine cost $250K to build, although duplicates could be made in the $50K-$75K range.

[First]  [Previous] |    1297     1298     1299     1300     1301     1302     1303     1304     1305     1306    | [Next]  [Last] of 1307 page(s)

     

Help keep this page up-to-date. Submit a Virus Information News link for inclusion on this page.

Shawn K. Hall © 2003-2025 Powered by 12 Point Design
Professional Web Hosting and Design Services: 12 Point DesignAt Summit Chiropractic our mission is to improve your quality of life - We know that health is much more than just not feeling painReliable Answers - developer information, current news, human interest and legislative newsLocal Homeschool provides the most up-to-date support group listings in a geographical and searchable indexTwain Harte, CA - The closest you can get to Heaven on EarthSaferPC dispels security misunderstandings and provides you with a solid understanding of viruses and computer security
Google

AddThis Social Bookmark Button