Fun at the Library – Part 1

Since this is a slow news day, and I have an essay to handout tonight, I’ll just related one of my experiment I started yesterday. As I have more time, I will push further into the system. While waiting for a friend, I decided to stop by the library to pass time. As I was […]

Internet Explorer 7 Attack in the Wild

Bits of information about the new 0-day exploit are surfacing on the web. This exploit provokes a heap overflow in the XML parser of Internet Explorer 7. The exploit works with the fully patched version of Windows XP, Windows Server 2008 and Windows Vista SP1[1]. The Infection The exploit is initiated by a JavaScript file […]

DNSChanger Worm uses DNS poisoning

A variant of the DNSChanger worm is reported to use DNS poisoning to infect new machines on a network, according to a well-explained article from The Register[1]. The attack used is quite interesting, but far from being new mind you. The first strains of the DNSChanger worm infected Windows and Mac machines. It modified and […]

ENISA releases list of mobile phones vulnerabilities

The European Network and Information Security Agency (ENISA) release a paper about general vulnerabilities that is affecting or will affect mobile communications. The organization surveyed experts via different medias to gather concerns from the industry about the future of wireless communications. The document discusses security issues about three different types of devices, each using wireless […]

New Kid on the Block: Downadup

Many reports on the last few days mention a new worm growing on the back of the Windows’ MS08-067 vulnerability. The worm named Downadup, also being dubbed Conficker.A by Microsoft, as now spread to alarming levels: “We think 500,000 is a ball park figure” said Ivan Macalintal, a senior research engineer with Trend Micro Inc[1]. […]

Technology in the Mumbai Attacks – A Quick Overview

Details are now starting to emerge from the deadly attacks by terrorists on the city of Mumbai, formerly known as Bombay. News outlets are starting to report technologies used by the attackers to communicate and coordinate their attacks that killed an estimated 172 people from various nations[1] Among all the commercial technologies used by the […]

Srizbi is back

Malware

Update: The new Estonian company that hosted the command & control server, Starline Web Services, was shut down. The domain name chase continues! The Srizbi botnet is back online after being shut down by the closure of the criminal hosting company McColo Corp two weeks ago. Srizbi’s command and controls servers, now moved to an […]

Attacking the Vista Kernel

CNet reported not long ago about a new vulnerability found in the kernel of Vista[1]. The attack is a buffer overflow which corrupts the memory, and thus could be use for denial of service attacks. The report from Phion, the security company that reported the vulnerability, also states that the attack could be used to […]

Hacking Passwords from Google Mail Account Holders

Update: Apparently, the users whom domain were hijacked were hit by phishing attacks instead if using the vulnerability described below. Google deny this vulnerability, and are saying this bug was fixed last year. I was, however, still able to create the filter by forming the URL described when I didn’t sign off correctly. (by clicking […]

Cyber Warfare Will Limit U.S Freedom of Action

Flag of the PLA

Not entirely cyber warfare related but still a very interesting read, but according to the Global Trends 2025 report by the National Intelligence Council, irregular warfare, which cyber warfare is part of, will play a determinant part in the future of the United States: “… expanded adoption of irregular warfare tactics by both state and […]