Sitemap

Main Menu

• SpamAlerts | Windows | Linux | Tutorials | Excell | WhitePapers | News | Spam | Virus.
• Windows Focus.
• VNews.
• Vulnerability.
• Hacking.
• Sql Injection.
• map.
• Downloads.

Top Menu

• VNews.
• Vulnerability.
• Hacking.
• Sql Injection.
• Windows Focus.
• Tips.

Content

Alert

Buffer overflow

• FreeBSD i386_set_ldt Integer Overflow Vulnerability.
• HP-UX Kerberos Client Remote Unauthenticated Execution of Code.
• worm W32.Areses.Q@mm.

Exploits

• 3 unfixed issues in Internet Explorer7.
• ASPintranet SQL Injection.
• AttackAPI 2.0 alpha.
• Backdooring MP3 files (plus QuickTime issues and Cross-context Scripting) Sep 20 2006.
• Because of 0Day Tech Support is Flooded.
• BPG Content Management System SQL Injection.
• DoS in Microsoft Windows Live Messenger 8.0.
• Dr.Web 4.33 antivirus LHA long directory name heap overflow.
• ECommerce Store Shop Builder.
• Exploit-CVE2006-3944.
• Exploit-CVE2006-5758.
• Image gallery with Access Database SQL Injection.
• More Vulnerable ATM Models Sep 22 2006.
• New Windows tool - PWDumpX v1.0.
• NVIDIA nView (keystone) local Denial Of service.
• Password Flaw in Firefox 1.5.08 and 2.0.
• Phpbb XS remote file include exploit – phpbb_root_path 23-sep-2006.
• phpQuestionnaire 3.12 (GLOBALS[phpQRootDir]) Remote File Inclusion Sep 21.
• RED Blog Remote File Include Vulnerability Exploit.
• Typo3 v4.x: XSS in extension "Indexed Search" v2.9.0.

Latest Hacking News

• Eavesdroppers must now sort through bits.
• Einstein Provides Key for Stopping Hackers.
• Firewall Puts Harrison Ford Back On Top.
• Hacker Compromises Personal Info At UCCS.
• Hacking Xboxes For Fun And Profit.
• Man who hacked into Naval computer gets probation.
• Middle Eastern Hackers Attack Over 500 Danish Websites, Put Up Messages Hailing Islam....
• New laser may stop computer hackers.
• States server hacked.
• Access Intelligence Editor Uncovers First Major VoIP Hacking Scheme.
• Advanced Hacking?.
• AMD Hack Points to Widespread Web Forum Flaws, Attacks.
• Attacks Target XML-RPC Flaws in PHP Blogging Apps.
• Black Hat show yields another Cisco bug.
• Bot Herder Pleads Guilty to Fraudulent Adware Installs and Selling Zombies to Hackers and Spammers.
• Brazilian Hacker Smash.
• Browser developers team up to thwart hackers.
• China suspected of using hackers to spy on the UK.
• Computer Hacker Did Not Find Military Secrets.
• Cupids (Possibly) Poison Arrow.
• CyberGuard provides secure VPN access to TOYS R US Intranet in Scandinavia.
• Dog Hacker Gets 7 Months.
• Hacker jailed for bringing down millions of PCs.
• Hacker jailed for bringing down millions of PCs.
• Hacker Suspected In Cal State East Bay Break-In.
• Hackers could exploit Windows error.
• Hackers follow Microsoft patches with malware.
• Hackers shift their focus to new programs.
• Hackers Shifting Targets.
• Is Having A Hacker Break Into Diebold Machines A Bad Idea?.
• Microsoft France is been Hacked!.
• Millionaire accused of being part of hacker gang.
• MS hacked by Dimitri again. Perhaps.
• New hack cracks secure Bluetooth devices.
• Notre Dame probes hack of computer system.
• Office hackers.
• Pentagon hacker wants to see Bushs John Hancock.
• Police Blotter: Best Buy hacker loses in court.
• Regency’s website attacked by hackers.
• Report: Hackers Break Into UCSD Server.
• Security experts lift lid on Chinese hack attacks.
• Skype ideal vehicle for hackers, scientists warn.
• Spanish Hacker Cracked Defense Department.
• Staff, Students Warned After USD Server Hacked.
• Trojan kit found.
• TrueNorth IA eMailserver 5.3.4 buffer overflow vulnerability.
• Windows 2000 vulnerability could allow hackers to launch remote denial-of-service.
• Young hacker pleads guilty.
• Zombie master pleads guilty to PC hijacking.

Latest Virus News

• ADW_SLAGENT.A.
• ADW_TBARWIN32.A.
• HTML_NETSKY.P.
• JS_PSYME.ANT.
• New Virus Alert on 3rd FEB - KamaSutra.
• SA companies are not prepared for the next wave of threats.
• SYMBOS_CARDTRP.B.
• Trojan.Spamlia.
• TROJ_CONHOOK.CR.
• TROJ_DROPPER.LZ.
• TROJ_PERLOVGA.A.
• W32.Cleevix.
• W32.Dabora.B@mm.
• W32.Kelvir.FJ.
• W32.Meetot.
• W32.Neshuta.
• W97M.Enife.
• W97M/Kukudro.t.
• Warning over unpatched IE bug.
• Winrar 3.30 Local Buffer Overflow.
• WORM_AGENT.PWC.
• WORM_LOVELETER.A.
• WORM_NETSKY.AL.
• WORM_NETSKY.P.
• WORM_RJUMP.A.
• WORM_SDBOT.FOB.
• WORM_VB.CYC.

Mobile Threat

• Arkansas lawyer claims company charged for free ring tones.
• Careless Users Challenge Mobile Security.
• Companies Partner for Wireless Filtering.
• Denial-of-Service Bug Bites BlackBerry.
• Ericsson Offers Mobile Antivirus Solution.
• Nokia Taps Symantec for Smart-Phone Security.
• PocketPC MMS - Remote Code Injection/Execution Vulnerability andDenial-of-Service.
• SYMBOS.SKUDOO.A (Low Risk).

PHP Vulnerability

• Php-Nuke Pool and News Module IMG Tag Cross Site.
• Addressing VMwares problem.
• AngelineCMS Multiple Vulnerabilities.
• Archangel Weblog 0.90.02 Admin Authentication Bypass & Remote File Inclusion.
• Asterisk Local and Remote Denial of Service vulnerability.
• Authenticated EIGRP DoS / Information leak.
• Buffer overflow" term considered overloaded Sep 23 2006.
• Calendar Module <= 1.5.7 Remote File Include Vulnerabilities.
• Captivate 1.0 - XSS Vuln.
• Change passwd 3.1 (SquirrelMail plugin ).
• Confixx 3.1.2 <= Code Injection.
• cPanel OpenBaseDir Bypass.
• Critical SQL Injection PHPNuke <= 7.8 - Your_Account module.
• CuteNews 1.4.1 Multiple vulnerabilities.
• Did Microsoft deliberately RootKit everyones computer to allow spying by the NSA, CIA and FBI ? Stev.
• eBay pulls vulnerability auction.
• Firefox 1.5.0.3 Flaw - Page can obtain path to Mozilla installation or profile by examining JavaScri.
• HTML injection and XSS (Cross Site Scripting).
• Html Injection in vBulletin 3.5.2.
• HylaFAX: Multiple vulnerabilities.
• Invision Power Board 2.1 <= 2.1.6 sql injection.
• Invision Power Board Multiple Vulnerabilities Oct 04 2006 06:58PM.
• Invision Power Board v2.1.4 - session hijacking.
• IwebNegar v1.1 Multiple vulnerabilities.
• Joomla 1.0.11 Remote File Include.
• JOOMLA CMS 1.0.7 DoS & path disclosing.
• libapache2-mod-auth-pgsql vulnerability.
• MBT, VeriSign Team Up.
• Mozilla Firefox: Potential remote code execution.
• Multiple Vulnerabilities - Mambo.
• New York faces DOJ suit over voter accessibility law.
• oaBoard PHP Code Execution.
• osCommerce one 2 060817 POC Exploit.
• PhotoPost PHP 4.6 - 4.5 Remote File Include Vulnerability.
• phpArcadeScript XSS Injections.
• phpBB "charts.php" XSS and SQL-Injection.
• phpBB "Upload Avatar from a URL" Remote HTTP Request Weakness.
• phpBB - 2.0.19 Multiple DoS vulnerabilities.
• phpBB 2.0.20 Full Path Disclosure and SQL Errors.
• phpBB 2.0.21 Full Path Disclosure.
• PHPBB 3 Memberlist.PHP SQL Injection Vulnerability.
• phpBB User Viewed Posts Tracker Version Vulnerability.
• phpBB XS Remote File Include Vulnerability.
• PHPenpals SQL Injection Vulnerabilit.
• PhpMyAdmin all version [multiples vulnerability].
• phpMyAdmin server_privileges.php SQL Injection Vulnerabilities..
• phpRPC Library Remote Code Execution.
• phpWebSite 0.10.2 Remote File Include Vulnerabilities.
• PluggedOut Nexus SQL injection.
• PNews v1.1.0 (nbs) Remote File Inclusion.
• Portail PHP v1.7 <- (chemin) Remote Inclusion Vulnerability.
• Postnuke pnPHPBB remote file include vulnerability.
• Proof of concept that PGP AUTHENTICATION CAN BE BYPASSED WITHOUT PATCHING.
• ReviewPost version 2.5 vulnerability - Remote File Inclusion (RP_PATH).
• rPSA-2006-0084-1 fetchmail.
• Scout Portal Toolkit "forumid" Parameter SQL Injection.
• Shoutcast Status Full (VB3.5).
• Simple Machines Forum 1.1RC2 unset vulnerabilities.
• TinyPHPForum Multiple Vulnerabilities.
• Tivoli Identity Manager slimmed down for small and midsize firms.
• txtForum: Script Injection Vulnerability.
• vbulletin 3.5.x xross site explolite.
• vBulletin 3.6.1 Data Loss Issue (With Patch).
• vbulletin security Alert.
• vBulletin3.0.12&3.5.3~is_valid_email()~XSS Attack.
• Veritas NetBackup "Volume Manager Daemon" Module Stack Overflow - Exploit.
• vulnerability has been reported in Invision Power Board.
• vulnerability in Ralf Image Gallery.
• vulnerability in SmartSiteCMS.
• Webmin / Usermin Arbitrary File Disclosure Vulnerability Perl.
• WordPress 2.0.3 SQL Error and Full Path Disclosure.
• X7Chat <= 2.0.2 avatar XSS injection.
• XOOPS <= 2.0.13.2 xoopsOption[nocommon] exploit.
• Xoops Pool Module IMG Tag Cross Site Scripting.
• XSS in Vbulletin 3.6.0 in IE 0nly.
• YapBB <= 1.2 Beta2 find.php SQL Injection Vulnerability.
• [myimei]WordPress2.0.0~autorswebsite~XSS attack.

Scams and Hoaxes

• Firewall Puts Harrison Ford Back On Top.
• Islamic Messages Defacing Danish Websites.
• New Feebs trojan variant hides elaborate eBay fraud.
• S&P changes makeup of indices.
• Symantec set for higher profit, revenue on Veritas.
• Winamp exploit found in the wild.
• 180Solutions Drops Lawsuit Against Zone Labs.
• A Moment Of Silence Hoax.
• Attention online shoppers: Be careful.
• Attention online shoppers: Be careful.
• Bank Customers Hit For €1 Million.
• Blackmal deletion day appears a dud.
• Blackmal down, but may not be out.
• Campus killer avoids death penalty, family of victim satisfied.
• CBC-MAC IV misleading programming interface.
• CSU East Bay employees may have had data breached.
• Data leaks already inundating 2006.
• Differing worm names causing confusion, concern.
• E-Trade offers customers new fraud coverage, payment protection.
• EHOVE adds various trades, enrichment classes to schedule.
• FBI center to concentrate on computer crimes.
• FBI publishes 2005 computer crime survey.
• Federal flaw database commits to grading system.
• Forum urges flu pandemic preparations.
• Fraud Spam Baits with Russian Billions.
• FTC May Wage Shame Campaign Against Adware.
• Gary Mckinnon fights US extradition.
• Geeks On Call PCs : 5-Minute Fixes.
• Giving newspaper readers some credit.
• IE7 bug reports stack up.
• Industry finally begins to can the spam.
• Is Your Website Hackable? Find Vulnerabilities with a Free Acunetix Security Audit.
• New Industry Helping Banks Fight Back.
• Newspapers lose readers information.
• Nineteen accused of digital piracy.
• Nineteen accused of digital piracy.
• Nobody better bet against Ford to outfox, outfight clever villains.
• Online scammers go spear-phishin.
• Phishing for your money.
• Researcher: Sony BMG "rootkit" still widespread.
• Romanian Election Enters Net Battleground.
• Santa IM Worm Installs Rootkit Payload.
• Search Terms Are a Witness for the Prosecution.
• Secret Service Investigates Phony, Offensive E-mail.
• Sex and the Silver Years.
• Silicon Valley Sleuth, an insiders view from Silicon Valley.
• Sophos scoffs at Bill Gates ‘death-of-spam’ prophecy.
• South African ISP ups security after hacker attack.
• StopBadware backed by Google, Lenovo, and Sun.
• Sunbelt Tracks DIY Trojan Builder Program.
• Symantec Roadmap Includes Massive "Genesis" Suite.
• Symantec shares slump on results, financial outlook.
• Symantecs harsh warning.
• Targeted cybercrime, threats increase by 48% in 2005.
• Teen photos & a policemans story.
• The True Computer Parasite.
• Three charged with wiretapping, racketeering.
• Two Years Later, Blaster Worm Still Squirming.
• U.S. government sued over NSA spying.
• UNAVAILABLE!? Mobile Phone Hoax.
• Vistas encryption could vex investigators.
• Zero-day details underscore criticism of Oracle.
• Zero-day exploit exposes Winamp users.

Security

• SecureWorks Ranks 79th on Inc. Magazines 500 Fastest Growing Private Companies List.
• Bit 5 Blog SQL Injection & Authentication Bypass Vulnerability.
• Blue Coat Reporter multiple remote vulnerabilities.
• From Hacker to Protector.
• Qpopper Privilege Escalation Vulnerabilities.
• The Death Of A Firewall.
• ?6.5m phishing duo jailed.
• Adobe Reader 7 XML External Entity (XXE) Attack.
• Adobe Version Cue VCNative Multiple Vulnerabilities (Privileges Escalation, Symlink Attack).
• ADOdb PostgreSQL SQL Injection Vulnerability.
• ADOdb Server.PHP SQL Injection Vulnerability.
• Advisory: dForum <= 1.5 Multiple Remote File Inclusion Vulnerabilities..
• Anti spammers are downed by Spammers.
• AOblogger Multiple Input Validation Vulnerabilities.
• Apache ssl_callback_SSLVerify_CRL DoS.
• Apache: Multiple vulnerabilities.
• Apple Mac OS X Multiple Vulnerabilities.
• Apple OSX dsidentity Privileges Escalation.
• Apple QuickTime/iTunes Integer And Heap Overflow Vulnerabilities.
• Apple QuickTime/iTunes Integer And Heap Overflow Vulnerabilities.
• Apple Safari Web Browser Rowspan Denial Of Service Vulnerability.
• Asia: Spam factory of the world!.
• AWebBB Multiple Input Validation Vulnerabilities.
• B&S Insider Locks Down.
• Backup Doesnt Matter.
• Barracuda Spam Firewall Appliance.
• BetaParticle Database Disclosure and Arbitrary File Inclusion.
• Blacklist of Internet Advertisers.
• Blogger.com classic HTTP response splitting vulnerability.
• Boosting Embedded Application Security.
• Calyptix Secures Intellectual Property Rights; UNC Charlotte Partners with Security Company.
• Canada Combats "Cyberhate".
• Cashing In on Cyber Crime.
• Cerberus FTP Server 2.32 Denial of Service.
• Cisco CallManager Multiple Vulnerabilities (DoS, Memory Leak, Buffer Overflow).
• Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow.
• Cisco Secure ACS Insecure Password Storage Vulnerability.
• Clam AntiVirus Multiple DoS (MS-Expand File Handling, Cabinet File Handling).
• Cool Cafe SQL Injection and Disclosure of Sensitive Information.
• CoolMenus Index.PHP Remote File Include Vulnerability.
• CPIO CHMod File Permission Modification Race Condition Weakness.
• CPIO File Size Stack Buffer Overflow Vulnerability.
• Cross-Site Scripting (CSS) in Hosting Controller.
• CrossFire Denial Of Service Vulnerability.
• Crown Prosecution Service tackles hi-tech crime.
• CutePHP CuteNews Editnews Module Cross-Site Scripting Vulnerability.
• Cybercrime Being Fought in New Ways.
• Details of Lotus Notes Java Applet vulnerabilities Oct 06 2006 04:36PM.
• Download.Fullalc.
• Downloader-Iframe136.
• Drupal Arbitrary PHP Code Execution Vulnerability.
• Dzip is vulnerable to a directory traversal attack..
• eEye Advisory - EEYEB-20050316 - HTML Help File Parsing Buffer Overflow.
• Encrypt the Hard(ware) Way.
• Error logging buffer overflow in Informix.
• Fake Microsoft security alert includes Trojan patch.
• Fall fundraisers burst with color.
• Feds Target Internet Piracy Organizations.
• FileProtection Express Authentication Bypass Vulnerability.
• Flaw finders score loyalty rewards from iDefense.
• FTPshell Server DoS.
• Gekco Browsers DoS.
• Get An Account On AntiOnline - Its FREE!.
• GNOME Foundation GDM .ICEauthority Improper File Permissions Vulnerability.
• GNU Mailutils is vulnerable to SQL command injection attacks..
• GNU Strings Denial Of Service Vulnerability.
• Hacker May Have Accessed University Applicants Records.
• Hacker Protection for Your Web Applications.
• Hackers, Spammers Partner Up To Wreak Havoc.
• HOCR Local Buffer Overflows.
• Horde Help Viewer Remote PHP Code Execution Vulnerability.
• I-RATER Platinum Config_settings.TPL.PHP Remote File Include Vulnerability.
• ICQ Client Cross-Application Scripting (XAS).
• Informix Long Username Buffer Overflow Vulnerability.
• Internet Security Systems Beats Estimates.
• Ipswitch IMail IMAP Vulnerabilities (Multiple Buffer Overflow, Multiple DoS, Directory Traversal).
• JAWS Glossary Cross-Site Scripting Vulnerability.
• Keeping net users safe from harm.
• Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders..
• Latest Bluetooth attack makes short work of weak passwords.
• Linksys WRT54G Router Multiple Vulnerabilities.
• Linux Advisory Watch: October 21st 2005.
• Linux Kernel Elf Binary Loading Local Denial of Service Vulnerability.
• Linux Kernel EXT2 File System Information Leak Vulnerability.
• Linux Kernel Multiple SCTP Remote Denial of Service Vulnerabilities.
• Linux Kernel Multiple Vulnerabilities.
• Linux Kernel SMBFS CHRoot Security Restriction Bypass Vulnerability.
• Linux Orinoco Driver Remote Information Disclosure Vulnerability.
• Log4sh Insecure Temporary File Creation Vulnerability.
• Mac OSX Ping and Traceroute Local Buffer Overflow.
• Mambo Open Source Mambo.PHP User Name SQL Injection Vulnerability.
• McAfee Intrushield IPS Privilege Escalation and Cross Site Scripting.
• Medal Of Honor Allied Assault Remote Buffer Overflow Vulnerability.
• Meteor FTP Server v1.5 Buffer Overflow.
• Microsoft Defends Claria Adware Changes.
• Microsoft Draws Criticism For Changing AntiSpyware Definitions.
• Microsoft Excel Malformed Record Remote Code Execution Vulnerability.
• Microsoft Infotech Storage library Heap Corruption.
• Microsoft Internet Explorer COM Object Instantiation Code Execution Vulnerability.
• Microsoft Internet Explorer Popup Cross-Domain Information Disclosure Vulnerability.
• Microsoft to reward informants after Sasser conviction.
• Microsoft Windows MSDTC Invalid Memory Access Denial Of Service Vulnerability.
• Microsoft Windows NTFS Failure To Initialize File Block Vulnerability.
• Mini-NUKE Pages.ASP SQL Injection Vulnerability.
• Misleading e-mail.
• Mozilla / Mozilla Firefox Authentication Weakness.
• Mozilla Firefox HTML Parsing Null Pointer Dereference Denial of Service Vulnerability.
• Mozilla XPCOM Library Race Condition.
• Multiple Mozilla Products Memory Corruption/Code Injection/Access Restriction Bypass Vulnerabilities.
• Multiple Vendor Web Vulnerability Scanner Arbitrary DHTML Injection.
• Netscape update fixes Firefox bugs.
• Networking Device: Settlement reached in Cisco flaw dispute with Black Hats.
• No Ones Safe.
• Nokia PC Suite CDDBControl ActiveX Control Buffer Overflow.
• Nortel, Websense Join Forces on Wireless Security.
• Novell NDPS Remote Vulnerability (Server & Client).
• NTLM HTTP Authentication is Insecure By DesignSummary.
• Old software weakening Nets backbone, survey says.
• One password to rule them all.
• Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation.
• Papoo Multiple Cross-Site Scripting Vulnerabilities.
• PayPal Phishing Site Exploits Google XSS Vulnerability.
• PHP Calendar Buffer Overflow.
• PHP Radia Notify Daemon: Multiple Buffer Overflow Vulnerabilitie.
• PHPList Index.PHP Local File Include Vulnerability.
• PhpListPro 2.01 Remote File Include Vulnerability.
• PWSteal.Tarno.S.
• Quake 3 Engine remapShader Command Remote Buffer Overflow Vulnerability.
• Reverse engineering patches making disclosure a moot choice?.
• RSA Hits Tough Times.
• RSync Receive_XATTR Integer Overflow Vulnerability.
• Russcom Network LoginPHP Open EMail Relay Vulnerability.
• SA government site hacked.
• Scirus to Index Caltech Digital Archives.
• Scry Gallery Directory Traversal Vulnerability.
• SEC-CONSULT SA20050602-1 :: Arbitrary File Inclusion in phpCMS 1.2..
• SEC-CONSULT SA20050602-2 :: Exhibit Engine Blind SQL Injectio.
• Siemens Santis 50 Information Disclosure.
• SIRE Lire.PHP Remote File Include Vulnerability.
• SmoothWall Announces International Partner Program with 40 New Resellers; Security Specialist Plans.
• SmoothWall Kick Starts New Programme With 40 New Resellers In First Two Months.
• Soldier of Fortune II DoS Vulnerability (/ignore command).
• SpamAssassin Malformed Email Header Remote Denial Of Service Vulnerability.
• SPI Dynamics Participates in SYSTEMS Show.
• SquirrelMail Multiple Unspecified Cross-Site Scripting Vulnerabilities.
• SYMANTEC PROVIDES CONTINUOUS DATA PROTECTION AND SYSTEM RECOVERY WITH NORTON SYSTEMWORKS 2006.
• Symantec Scan Engine File Disclosure Vulnerability.
• Symantec Secures Its Future.
• Tech Bits.
• The eScan Electronic Voting System.
• Three critical patches for MS July Patch Tuesday.
• Trapeze, AirDefense Partner.
• Trapeze, AirDefense Partner.
• UK Is Facing A Cyber War.
• vBulletin Calendar Script SQL Injection Vulnerability.
• vbulletin security Alert.
• Ventrilo Denial of Service.
• Virtual card offers online security blanket.
• Vizra A_Login.PHP Cross-Site Scripting Vulnerability.
• VWar Admin.PHP Remote File Include Vulnerability.
• WatchGuard Technologies Firebox SSL Core.
• Windows Genuine Advantage 1.0 Hacked After 2 Days.
• WLAN Session Containment DoS.
• WORM_MYTOB.JX.
• WORM_REATLE.F.
• WORM_ZOTOB.H.
• Worry Watch: A second wave of banking protection.
• XBL Implementation Allows Script Execution (Gecko).
• Xmail: Privilege escalation through sendmail.
• XML-RPC for PHP Remote Code Injection Vulnerability.
• XPDF StreamPredictor Remote Heap Buffer Overflow Vulnerability.
• XZGV Image Viewer JPEG File Remote Heap Buffer Overflow Vulnerability.
• Yahoo fixes Web mail security flaw.
• Yahoo!, youve got worms.
• Yaws Source Code Disclosure Vulnerability.
• [ GLSA 200507-01 ] PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability.

Security Reviews

• Exploiting kmalloc Based Buffer Overflows.
• Exploiting The XmlHttpRequest Object In IE.
• Exploring Windows CE Shellcode.
• Understanding and Preventing DNS-related Attacks by Phishers.
• XSS Virus Whitepaper.

SQL Injection

• ADP Forum 2.0 script njection.
• Drupal 4.6.6 / 4.5.8 fixes access control issue.
• Hazir Site v2.0 Admin SQL Injection.
• Invision Community Blog .. Bugs.
• Linux Kernel Radionet Open Source Environment Unspecified Vulnerability.
• Multiple Translation websites Cross Site Scripting.
• MyPhPim Multiple SQL Injection and XSS Vulnerabilities.
• PwsPHP Injection SQL on Index.php.
• SQL injection - 4images.
• SQL injection - moodle.
• SQL Injection in DCI-Taskeen.
• Sql Injection SMS 1.1 RC3 Admin section.
• The latest version of iSearch is V2.16.
• Tons of SQL-injections and XSS in Eichhorn Portal and vendor page.
• Venom Board SQL Injection Vulnerability.
• Virtual War "war.php" SQL Injection Vulnerabilities.
• WebWiz Products SQL Injection.
• WebWiz Products SQL Injection.
• Y.A.N.S sql injection.
• [MajorSecurity #21] phpFaber TopSites <=2.0.9 - SQL Injection Vulnerability.

Tools

• Napster shares make noise early.
• Peter OKellys Reality Check.
• Spyware Makers Aiming For Enterprises.
• Analysis of a win32 Userland Rootkit.
• Apple QuickTime udta ATOM Heap Overflow.
• Arbor Networks Honored with Hot Companies Award.
• Buffer Overflow - Winamp 5.13 m3u Playlist.
• Buffer Overflow Vulnerability in Winlpd.
• Check Point Targets Enterprise Spyware.
• CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net.
• Company requires RFID injection.
• Copy protected CDs land Sony in hot water.
• Detect attacks with network monitoring techniques.
• difficulties of detecting complex viruses.
• Directory traversal - SpeedCommander 11.0 & ZipStar 5.1 & Squeez 5.1.
• Directory traversal - WinAce Archiver v2.6.
• Do Web filters protect your child?.
• DoS Vulnerability in Firefox <= 1.0.7.
• Exploit code targets unpatched Windows flaw.
• FileFuzz - Windows Based File Format Fuzzing Tool.
• flaws in IE 7.0 beta.
• Help! My box has been owned....
• I-RATER Platinum Remote File Inclusion exploit Cod3d by R@1D3N.
• IBM Acquisition Accelerates SOAs.
• IndieVolume 1.2.
• Internet Explorer Beta 7.0 a Must Download!.
• Invision Power Board v2.1.5 Remote SQL Injection.
• Ipswitch WhatsUp Professional multiple flaws.
• Juniper Hires Black Hat Speaker.
• Linksys Launches Affordable Family of Switches for Small Business Networks.
• Mercury Messenger.
• Microsoft plans for seven patches.
• Microsoft PowerPoint 0-day Vulnerability FAQ document written.
• Microsoft Windows WMF "SETABORTPROC" Arbitrary Code Execution.
• Multiple Vulnerabilities - Invision Power Board 2.1.4.
• NessusWC - Nessus Web Management.
• Netdiscover - Network Address Reconnaissance Tool.
• New Industry Helping Banks Fight Back.
• NSAs Trailblazer loses way.
• Oracle 10g R2 and, probably, all previous versions.
• Pointsec and Entrust Selected by Swedish Government to Deliver Secure Authentication for Public Elec.
• ProFTPd Format String Vulnerabilities.
• Raritan Console Servers Access Privileges Escalation and Default Login.
• Sacrifice Format String and Buffer Overflow.
• Security advisory for Bugzilla < 2.16.11.
• Security Breach At Investment Company Compromises Personal Information Of Customers.
• Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs.
• Snortcheck Tool: Check If Snort Its Running.
• SqWebMail Conditional Comments Script Insertion.
• The latest packages to protect your PC.
• Veritas Purchase, Weak Antivirus Sales Hurt Symantecs Quarter.
• Visual Studio 6.0 Buffer Overflow Vulnerability.
• Vulnerability - CilemNews System <= 1.1 Remote SQL Injection.
• Whats the password?.
• Windows Live Messenger 8.0 ( Contact List *.ctt ) Heap Overflow.
• Zope vulnerability.

UNIX Focus

• Linux kernel vulnerabilities.
• Aladdin Announces eToken PKI Support for Linux.
• ARC Insecure Temporary File Creation.
• Buffer Overflow in Elm (Expires header).
• Dave Carrigan Auth_LDAP Remote Format String Vulnerability.
• Ethereal: Buffer overflow in OSPF protocol dissector.
• Fetchmail DoS and Code Execution Vulnerabilities (POP3, UID).
• GWCC Insecure Temporary File Creation.
• HP Ignite-UX Information Disclosure.
• IBM Proposes Open-Source AJAX Project to Eclipse.
• Lantonix Secure Console Multiple Vulnerabilities (Buffer Overflow, Directory Traversal, Multiple Pri.
• Linux leader attacks "anti-DRM" GPL.
• Linux leader attacks "anti-DRM" GPL.
• mutt mutt_decode_xbit() Buffer Overflow.
• ncompress Insecure Temporary File Creation.
• ncpfs Buffer Overflow.
• Open DC hub Buffer Overflow ($RedirectAll).
• PHP HelpDesk Authentication Bypass (Exploit).
• PHP Images Galleries EXIF Metadata XSS Multiple Vulnerabilities.
• PHPFreeNews SQL Injection and XSS.
• PHPTB Code Injection Vulnerabilities.
• Realplayer/Helixplayer Format String Paper.
• SAP Internet Graphics Server Directory Traversal.
• SysCP Code Execution.
• UW-IMAP Netmailbox Name Parsing Buffer Overflow.
• WordPress Command Execution Vulnerability (Cache_lastpostdate).
• xloadimage NIFF Buffer Overflows.
• [FLSA-2005:152870] Updated a2ps package fixes security issue.

Virus Information

• Backdoor.Ranky.O.
• Computer Associates Vet Antivirus engine heap overflow vulnerability.
• Virus Primer.
• W32.Beaker.A@mm.
• W32.Mytob.EG@mm.
• W32.Mytob.EH@mm.
• ADW_BADBITOR.A.
• Anti-virus experts are alerting all consumers of a worm virus known as Kama Sutra..
• Antivirus Concerns in XP and .NET Environments.
• Backdoor.Abebot.
• Backdoor.Berbew.O.
• Backdoor.Dckane.
• Backdoor.Fuwudoor.
• Backdoor.Kotilla.
• Backdoor.Lateda.
• Backdoor.Lateda.B.
• Backdoor.Lifefournow.
• Backdoor.Lingosky.
• Backdoor.Ranky.O.
• Backdoor.Rustock.
• Backdoor.Sdbot.AJ.
• Backdoor.Verify.
• BKDR_LANDIS.A.
• Consumers underestimate computer virus threat: BT.
• Cumulative Security Update for Internet Explorer (MS05-052).
• CYBERCHASE.
• Dasher Squirms Through Patched Win2K Worm Hole.
• Detecting Complex Viruses.
• Detecting Complex Viruses.
• Downloader-AYB.
• Downloader.Admincash.
• dtSearch DUNZIP32.dll Buffer Overflow Vulnerability.
• Feared computer worm not so scary in Asia, Europe.
• Fighting EPO Viruses.
• File-destroying worm set to detonate Friday.
• Gmail virus scanning draws some user complaints.
• Gmail virus scanning draws some user complaints.
• Jackson virus gets suicidal with your computer.
• JAVA_BYTEVER.A.
• JAVA_BYTEVER.A.
• JBoss HSQLDB Remote Command Injection Vulnerability.
• Lessons Learned from Virus Infections.
• Lessons Learned from Virus Infections.
• letter bomb.
• macro virus.
• Microsoft - No Antivirus - New WMF Flaw.
• Mobler.worm.
• Nasty Nyxem virus set to strike.
• New Trojan filtering packets to isolate users.
• New USB Key Sports Built-In Antivirus.
• New worm lures users with breaking news.
• Part I - Detecting Worms and Abnormal Activities with NetFlow.
• Part II - Detecting Worms and Abnormal Activities with NetFlow.
• PE_BOBAX.AB.
• Porn worm disables security tools.
• PWSteal.Bancos.X.
• Russian stock exchange attacked by virus.
• Security Toolbar 7.1.
• Sober Is Biggest Worm Attack Of The Year.
• Sober variant on rise, security firm warns.
• Sober Worm Code Algorithm Cracked.
• Sober worm hangover finally draws to a close.
• Sober worm infects one in eight e-mails.
• SPYW_GATOR.
• Stealthy Trojan horses, modular bot software dodging defenses.
• Symantec Antivirus Library Remote Heap Overflows.
• SymbOS.Fontal.A.
• SymbOS.Lasco.A.
• Targeted Trojan-horse attacks hitting U.S., worldwide.
• The Brain virus turns 20.
• Trend Micro PC-Cillin Internet Security Insecure File Permission Vulnerability.
• Trend Micro ServerProtect Crystal Reports ReportServer File Disclosure.
• Trend Micro’s latest version of PC-cillin unveiled.
• Trojan - PWS-QQPass!885ea315.
• Trojan - TROJ_LINKOPTIM.V.
• Trojan - TROJ_MDROPPER.BO.
• Trojan - TROJ_MDROPPER.BU.
• Trojan Downloader-AYN.
• Trojan PWS-Banker.gen.ah-383CD1C0.
• Trojan-Clicker.JS.Agent.h.
• Trojan.Checkraise.
• Trojan.Infticker.
• Trojan.Mochi.
• Trojan.Tabela.D.
• Trojan.Tannick.B.
• Trojan.Zlob.H.
• TROJ_GOBRENA.AB.
• TSPY_SMALL.SN.
• TSPY_SMALL.SN.
• Two British Hackers Convicted for TK Trojan.
• VBS.Nukip.
• VBS.Swerun.
• VBS.Ypsan.B@mm.
• VBS.Ypsan.G@mm.
• VBS.Ypsan.G@mm.
• Virus Poses as Leaked MSN Messenger Beta.
• Virus Project.
• W32-Opanki.worm!MS06-040.
• W32.Alcra.A.
• W32.Allim.A.
• W32.Beagle.BQ@mm.
• W32.Beaker.A@mm.
• W32.Drivus.A.
• W32.Feebs.E@mm.
• W32.Feebs.J@mm.
• W32.Kassbot.B.
• W32.Kelvir.AI.
• W32.Kelvir.AP.
• W32.Kelvir.AX.
• W32.Kelvir.BF.
• W32.Kelvir.DR.
• W32.Kelvir.FK.
• W32.Kelvir.K.
• W32.Kelvir.Q.
• W32.Linkbot.M.
• W32.Looked.AH - Worm.
• W32.Looked.B.
• W32.Looksky.G@mm.
• W32.Loxbot.D.
• W32.Mirsa.A@mm.
• W32.Mugly.D@mm.
• W32.Mugly.E@mm.
• W32.Mugly.F@mm.
• W32.Mydoom.AM@mm.
• W32.Mytob.AA@mm.
• W32.Mytob.AH@mm.
• W32.Mytob.AI@mm.
• W32.Mytob.AS@mm.
• W32.Mytob.BJ@mm.
• W32.Mytob.BR@mm.
• W32.Mytob.DG@mm.
• W32.Mytob.EF@mm.
• W32.Mytob.EK@mm.
• W32.Mytob.FW@mm.
• W32.Mytob.FX@mm.
• W32.Mytob.J@mm.
• W32.Neshuta.
• W32.Nodmin@mm.
• W32.Picrate.B@mm.
• W32.Protoride.B.
• W32.Shelp.
• W32.Sober.N@mm.
• W32.Spybot.HUR.
• W32.Spybot.OBZ.
• W32.Spybot.PEN.
• W32.Spybot.PKC.
• W32.Topion.A.
• W32.Yami.A.
• W32.Zar.A@mm.
• W32.Zar.A@mm.
• W32/Sdbot.worm!4990c306.
• W97M.Banedi.
• W97M.Grurev.
• Will the Sober Worm Spawn?.
• worm W32.Lunalight@mm.
• Worm Set to Wreak Havoc.
• Worm WORM_STRATION.AZ.
• WORM_BAGLE.BM.
• WORM_BAGLE.BN.
• WORM_KELVIR.EH.
• WORM_KIDALA.A.
• WORM_MYTOB.JF.
• WORM_MYTOB.JH.
• WORM_REATLE.D.
• WORM_REATLE.E.
• WORM_XIPI.A.
• X97M.Dropo.

Windows Focus

• DoS Vulnerability in M$ IE 6 SP2 #1.
• Microsoft details Windows antivirus pricing.
• Xpdf, GPdf, CUPS, Poppler: Multiple vulnerabilities.
• # Internet Explorer <= 6 DoS vulnerability.
• A Growing Software Company Recruits Web Designer / Graphic Designer.
• AhnLab V3 Antivirus Archive Handling Buffer Overflow (ALZ/UUE/XXE).
• ALZip Multiple Archive Handling Buffer Overflow.
• Another WMF (Windows Major Foul-Up).
• Antigen for Exchange and SMTP Rule Bypassing Vulnerability.
• Atrise PHP Script Debugger 1.1.0.
• BFCommand and Control, Battlefield 1942 and BFVietnam Multiple Vulnerabilities.
• BNBT EasyTracker DoS.
• Carolina Technology solutions Recruits E-Marketing Management Executive.
• Cerberus Helpdesk multiple vulnerabilities.
• China attacks U.K. government using Windows security hole.
• Circular Edge Solution Private Limited Recruits JD Edwards Technical Consultant.
• Citrix Metaframe Presentation Server Policies Bypassing.
• Client of Executives Network Recruits PHP Programmer.
• Computer Associates BrightStor ARCserve/Enterprise Backup Agents Buffer Overflow.
• Crimson Interactive Pvt. Ltd Recruits Client Relations-Associate.
• Critical Patch Released For Windows.
• Cumulative Security Update for Internet Explorer (MS05-038).
• Cumulative Security Update for Internet Explorer (MS05-052).
• DC++ bzip2 Decompression Routine DoS.
• DeviceDriven Recruits Technical Writer.
• DoS Vulnerability in M$ IE 6 SP2 #2.
• DoS Vulnerability in M$ IE 6 SP2 #3.
• DTDC Recruits Customer Support Service - International.
• eMind Technologies Recruits Trainee - Network Engineer Freshers.
• EYUG CONSULTANTS Recruits Programmers.
• Fastream NETFile FTP/Web Server HTTP HEAD DoS.
• FREE SMTP Open Relay Vulnerability.
• GFI MailSecurity Web Module Buffer Overflow.
• Giga Technologies Recruits J2ee Professionals.
• GLOBAL INFOCOM Ltd Recruits Jr. Advocate.
• Global Realty Outsourcing India Private Limited Recruits Financial Analyst.
• HIFY CALL ZONE Recruits .NET FRESHER.
• High Technologies Solutions Recruits Software Trainees.
• IAP Company Ltd Recruits BE/Btech.
• iCat Consulting Recruits Middleware Developer.
• ICRA Techno Analytics Limited Recruits Analyst.
• IE Parent 0.9.1.
• IE7 website security certificate discrediting exploit.
• InfanView 3.98 (with plugins) - Access violation at processing images ANI files.
• Ion Exchange sercives Ltd Recruits Plant operator R.O.
• Is Gates Prediction on Spam a Bust?.
• Krish IT Solutions Recruits SAP BW consultants.
• Mantis: XSS and SQL injection vulnerabilities.
• Microsoft .NET request filtering bypass vulnerability.
• Microsoft Adds a P2P Star to the Live Lineup.
• Microsoft Bows to Eolas, Revamps IEs Multimedia Handling.
• Microsoft Builds New OS from Scratch.
• Microsoft Chairman Envisions Improved PC Security.
• Microsoft confirms USB bug that drains laptop batteries.
• Microsoft Distributed Transaction Coordinator Memory Modification (MS05-051).
• Microsoft Excel Array Index Error Remote Code Execution.
• Microsoft fixes 21 flaws, including Word issue.
• Microsoft Hardens Vista Against Kernel-Mode Malware.
• Microsoft IE Devenum.dll COM Instantiation Code Execution.
• Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit.
• Microsoft Internet Explorer Content-Type Denial Of Service Vulnerability.
• Microsoft Investigates HTML Help Flaw Warning.
• Microsoft invites consumers to test security service.
• Microsoft Looks Beyond Launch of Visual Studio 2005.
• Microsoft Office PowerPoint Malformed Slide Notes Rebuilding Vulnerability.
• Microsoft PowerPoint Malformed Record Memory Corruption.
• Microsoft Releases Bevy of Security Betas.
• Microsoft warns of Excel 0-day attack.
• Microsoft Windows DHCP Client Service Remote Buffer Overflow.
• Microsoft Windows Heap Based Overflow Exploiting.
• Microsoft Windows keybd_event Validation Vulnerability.
• Microsoft Word 2000 Unknown Code Execution.
• Microsoft Works - Buffer Overflows / Denial of Service (DoS)-Vulnerabilities.
• Microsoft(R) Internet Explorer 5 & 6 Remote Denial of Service (DoS) using IMG & XML elements.
• Microsofts nightmare inches closer to reality.
• Microsofts Sparkle: Is It a Flash Killer?.
• Miracle Corporate Solutions Pvt. Ltd. Recruits Software Project Trainee.
• Miscrosoft Registry Editor long string key hiding.
• MIT Group Of Institute's Maharashtra Academy of Engineering Recruits Network Administrator.
• Mozilla Firefox Multiple Vulnerabilities.
• MySQL UDF Multiple Vulnerabilities (Directory Traversal, DoS, Arbitrary Library Including, Buffer Ov.
• Nikhil Corporate Services Pvt Ltd Recruits Co-Ordinator / Counseller.
• Norton Antivirus Corporate Edition Privilege Escalation.
• P2P Pro Command DoS.
• Path conversion design flaw in Microsoft NTDLL.
• Plug and Play Vulnerability Allows Remote Code.
• Prapan Solutions Pvt Ltd Recruits Fresher J2EE.
• Quake 2 Server Format String (Lithium II).
• QuickTime 7.0.4 into an overflow.
• RSA Keyon Log verification bypass vulnerability.
• Sanmati Solutions Recruits Trainee(.Net).
• SecureOL VE2 Information Disclosure.
• Security point-of-contact for Ameritrade?.
• SGS Technologie Private Ltd Recruits DTP operators & Proof Readers.
• Shri Balaji Placements Recruits B.com.
• Spyware remains rampant as Winamp exploited.
• SQL Server 2005 May Tempt Many to Jump Platform, Study Says.
• The Chopras Recruits Branch Manager.
• The class-action lawsuit filed against microsoft.
• TYPSoft FTP Server RETR DoS.
• Uzanto Recruits Software Developers (.
• Virtools Web PlayerMultiple Vulnerabilities (Buffer-Overflow, Directory Traversal).
• Vulnerabilities in Kerberos Allow DoS, Information Disclosure, and Spoofing (MS05-042).
• Vulnerabilities in MSDTC and COM+ Allows Remote Code Execution (MS05-051).
• Vulnerabilities in Windows Shell Allows Remote Code Execution (MS05-049).
• Vulnerability in DirectShow Allows Remote Code Execution (MS05-050).
• Vulnerability in Network Connection Manager Allows.
• Vulnerability in Plug and Play Allows Remote Code Execution and Elevation of Privilege (MS05-039).
• Vulnerability in Print Spooler Service Allows Remote Code Execution (MS05-043).
• Vulnerability in Remote Desktop Protocol Allows DoS (MS05-041).
• Vulnerability in Telephony Service Allows Remote Code Execution (MS05-040).
• Vulnerability in the Client Service for NetWare Allows.
• WebArchiveX Unsafe Methods Vulnerability.
• Will Windows Vista eliminate third-party security apps?.
• Window XP update delayed until after Vista.
• Windows FTP Client Allows File Transfer Location.
• Windows Kernel APC Data-FreeLocal Privilege Escalation Vulnerability.
• Windows Local Shellcode Injection - Paper.
• Windows Media Player BMP Heap Overflow (MS06-005).
• Windows Wi-Fi patch could be long time coming.
• Windows Wireless Flaw Lets Others See Your Stuff.
• WinkeyFinder 1.72 Final Version! is Released.
• WMF Windows Media File vulnerability = another Windows Major Foul-Up.
• Wow, Microsoft Sure Patched That One Quickly!.
• Yes Consultants Recruits Mechanical Engineer.
• ZenQA RecruitsTest Engineer Trainee.
• ZipTorrent Local Information Disclosure.

Security

Tips

• Stop or Kill a Running Process.
• Un Register a Dll file.

SpamAlert

sp

• Hosting Controller 6.1 Hotfix.
• How to Disable System Restore.
• Trojan - BackDoor-BAC!55436.
• TROJ_FARFLI.EY.

Content Archiv

Alert

Latest Hacking News

• Department of Agriculture of US hacked.
• MiniBB Forum <= 1.5a Remote File Include.
• phpAutoMembersArea 3.2.5 ($installed_config_file) Remote File Inclusion Aug 04 2006.
• TorrentSpy.com and its parent company Valence Media filed additional court.

Latest Virus News

• Viruses use Sony anti-piracy CDs.
• 2004s Most Popular Viruses, and Hacking Tools.
• Anti-virus Software: The Next Big Worm Target?.
• Backdoor.Beasty.J.
• Backdoor.Ginwui.D.
• Backdoor.Hesive.B.
• Backdoor.Naninf.E.
• Backdoor.Pahador.
• BKDR_IRCBOT.DB.
• Blackmal virus set to delete files.
• Blackmal virus spreads in India, Peru.
• Computer Crime Trends.
• Cybercrime does pay ; heres how !.
• Detecting Worms and Abnormal Activities with NetFlow.
• Downloader.Booli.B.
• F-Secure Antivirus Products Scanning Bypass Vulnerability.
• Feared computer worm not so scary in Asia, Europe.
• Fighting EPO Viruses.
• First potential virus risk for Windows Vista found.
• Friday Is D-Day for Computer Worm.
• How Bad Is Kama Sutra?.
• Infostealer.Gamania.
• Kama Sutra Worm Set for Attack on Feb. 3.
• New Virus Strain Spreads Swiftly Through E-Mail.
• No Bond for Man Charged With Spreading Computer Viruses.
• Norton Monitoring Systems funny problems.
• Perl.Lekbot.B.
• PWSteal.Tarno.S.
• Researchers warn of file-destroying worm.
• Russian Hackers Steal Over $1M From Personal Bank Accounts in France.
• Russian stock exchange attacked by virus.
• SYMBOS_BLANFON.A.
• Trojan.Exobre.
• Trojan.Hlinic.B.
• Trojan.Meheerwar.
• Trojan.Satiloler.D.
• TROJ_BAGLE.BJ.
• TROJ_BAGLE.BK.
• Virus hit squad.
• Virus Poses as Leaked MSN Messenger Beta.
• W32.Amirecivel.E@mm.
• W32.Autex.C.
• W32.Banleed.B.
• W32.Beagle.DU.
• W32.Beagle.FF@mm.
• W32.Beagle.FG@mm.
• W32.Icogon.
• W32.Kidala.E@mm.
• W32.Kraze.
• W32.Qdens.E.
• W97M.Kukudro.A.
• WORM_BAGLE.CG.
• WORM_NETSAD.B.
• WORM_STAC.C.
• WORM_ZOTOB.B.

Scams and Hoaxes

• SecureWorks Takes Down Nine Phishing Scams in Three Months.
• Network security company Trend Micro Inc announced yesterday that its Taiwan general manager, Marvi.
• Trading online? Watch out for crooks, SEC says.
• AJAX without XML.
• Applebees Gift Certificate Hoax.
• Area Code 809 Hoax.
• Arxceo Delivers Network Security Appliance For SMBs.
• Batch Watermark Creator 4.0.
• Berkeley DB: Technical Video by Sleepycat CTO Margo Seltzer.
• Content is starting to eat itself.
• Digital TV or bust.
• Hackers go wireless to steal identities.
• Identity theft easy, and lucrative.
• Internet Date Bait Scam Draws Lawsuits.
• Its "National Computer Security Day".
• JDBGMGR.EXE Hoax.
• Latest E--Mail Scam From the C.I.A..
• Man, 20, indicted in hacking.
• Microsofts BizTalk Gets Bigger Development Role.
• Nigerian 419 Scam.
• Protect your computer from garbage add-ons.
• Protect Your Network From the Enemy Within.
• Scams and Hoaxes.
• Security Concerns Boosted VeriSigns Dot-Net Bid.
• Snipe Networks Adds Network Security Executive to its Management Team.
• Spammers Jump On Bird Flu Bandwagon.
• Spyware reaches new threat level.
• Steel firm seals IT flaws from attack.
• Traders warned of online thieves.
• Tsunami Victims Hoax.
• VoIP may be vulnerable to barrage of threats, part 1.

Security

• Larry Loeb The Evil Scientists vs. Cisco.
• "Zombie net" master pleads guilty.
• Antivirus Vendors Collaborate on Spyware Fight.
• DHS cybersecurity budget grows to fight computer crime.
• e-Post SPA-PRO Mail Service Buffer Overflow.
• Hackers hit terror-law website.
• Law proposed to counter risks of wireless networks.
• Meru Networks Delivers Industrys First RF Signal-Level Wireless Security.
• MyBB 1.0.3~member.php~XSS Attack in contact details.
• New FBI Computer Crime Survey.
• Oracle Advises Users: Patch Critical Hole Now.
• Prestige 650R ADSL Router DoS.
• RSA Security Survey Polls ANZ Consumer Confidence in Online Security.
• User32.dll Icon Size Crash.
• Yahoo! Chat Add Buddy Without Consent Privacy Issue.
• 7,800 linked to USD told of network security breach.
• @1 File Store Multiple XSS and SQL Injection Vulnerabilities.
• A Peek at IE7s New Security.
• A rose by any other name.
• A secure gateway for wireless is built on three security perimeters.
• ACE USA Announces Top Issues Facing Risk Managers: Taking More Proactive Approach to Growing Network.
• ACROS Security: HTML Injection in BEA WebLogic Server Console (2).
• Acrowave AAP-3100AR Authentication Bypass.
• Adobe Document/Graphics Server File URI Resource Access.
• Adobe Patches Photoshop, Illustrator Flaws.
• Adobe SVG Viewer Local File Detection.
• ADP Forum 2.0.2,ADP Forum 2.0.3 versiyon user md5 hash bug.
• Advance Xbox 360s Fetching $1,000-plus On Ebay.
• Apple QuickTime Gets Security Makeover.
• Apples in the eye of flaw finders.
• Archive_Zip (Zip file management class) Directory traversal.
• As Elections Near, Officials Challenge Balloting Security.
• Astaro Security Gateway 525 Available.
• Astaro Security Linux 6.101 (Stable 6.X).
• ATOM 0.3 Feed.
• Bartercard Upping Password Security.
• Black Hat Will Use WinMagics Mobile Data Security and Encryption.
• Blackmal down, but may not be out.
• Bloodhound.Exploit.61.
• Businesses unable to effectively measure and report on network security risks.
• Bypassing Cisco SNMP Access Lists Using Spoofed SNMP Requests.
• CGI Calendar XSS Vulnerability.
• CGI Calendar XSS Vulnerability.
• CGI Calendar XSS Vulnerability.
• Check Point calls off Sourcefire buy.
• China Tightens Rules on E-Payment in Single Transaction.
• Cisco API Privileges Escalation.
• Cisco ASA Multiple Failover DoS Vulnerabilities.
• Cisco Internetwork Operating System IPv6 DoS and Arbitrary Code Execution.
• Cisco IOS Exploitation Techniques (Black Hat, Michael Lynn).
• Cisco IPSec IKE Multiple DoS Vulnerabilities.
• Cisco Password Cracker.
• Cisco touts body-like network security.
• Cisco WSM URL Filtering Solution TCP ACL Bypass Vulnerability.
• ClamAV Library Multiple Heap Overflows (TNEF, CHM, FSG).
• CNedra Buffer Overflow.
• Computer Associates Vet Antivirus Library Heap Overflow.
• Computer Security Day Urges Organizations to Protect Their Information, Promote Security Awareness.
• Computer Security — What? You Worry?.
• Consumers improving security, but gaps remain.
• CyberGuard Announces First Quarter Fiscal Year 2006 Results; Record First Quarter Revenues of $17.4.
• Data leaks already inundating 2006.
• Default Configuration Information Disclosure in Lotus Domino (Including Password Hashes).
• Detecting Worms and Abnormal Activities with NetFlow, Part 1.
• Directory traversal in DirectContact 0.3b.
• directory traversal in DirectContact 0.3b.
• DSDownload Multiple SQL Injection Vulnerabilities.
• DSPoll Multiple SQL Injection Vulnerabilities.
• E-Trade offers customers new fraud coverage, payment protection.
• Easy File Sharing Web Server Multiple Vulnerablilities.
• EMC Navisphere Manager Directory Traversal.
• EMC Pulls Forward With Backup.
• Europe and Asia Adjust to Online Information Priorities.
• Expert to test security of electronic voting machines.
• Exploiting Windows Device Drivers.
• Fall SNW hallmarks: Apprehension and optimism.
• Firewire/IEEE 1394 Considered Harmful to Physical Security.
• For 4th Time, Judge Seeks to Shield Indian Data.
• Free Kevin! (To Speak).
• Gecko Based Browsers HTTP Authentication Prompt Vulnerability.
• Geeklog Remote Code Execution.
• GeoVision Digital Video Surveillance System Multiple Privilege Escalation.
• GFI LANguard N.S.S. 7 offers integrated anti-virus/anti-spyware checks and mixed environment support.
• Give security software a rest.
• Giving newspaper readers some credit.
• Google Launches New Tools in Bid for Desktop Dominance.
• Grandstream Budge Tone 101/102 VoIP DoS.
• Group formed to commercialize quantum cryptography.
• Group formed to commercialize quantum cryptography.
• Hacker invades MPs voice mail, leaving obscene IR attack.
• Halo: Combat Evolved Denial of Service Vulnerability.
• Harrison Ford Ignites Emotions In Firewall.
• HelixPlayer Based Players Format String.
• Homeland Security Tests U.S. Readiness for Massive Internet Attack.
• How to buy online anonymity..
• IBM Predicts 2006 Security Threat Trends.
• IBM preps patches for security flaw.
• Identity theft costs U.K. £1.7bn every year.
• IIJ Releases the IIJ DDoS Solution Service; Management of DDoS Detection and Protection Hardware Pro.
• IMAP/SMTP Injection in SquirrelMail.
• Infineon, VeriSign to extend security level of computer.
• Ingate Unveils New Gear.
• Insecure Generation of Diffie-Hellman keys.
• Insecure Generation of Diffie-Hellman keys.
• Is VoIP Ripe for Attack?.
• IT Salaries To Rise In 2006: Report.
• IT Security Concerns Spreading.
• Java Sandbox and Stateful Firewalls Interaction.
• JavaMail Information Disclosure (msgno).
• Juniper Netscreen VPN Username Enumeration Vulnerability.
• Linksys WRT54GS WPA Personal/TKIP Authentication Flaws.
• Linux Kernel Sysctl Unregistration Local Denial of Service Vulnerability.
• Local Government Tells Businesses To Secure Wireless Access.
• M-Phorum Cross Site Scripting.
• Mac OS X Dashboard Arbitrary Widget Injection.
• Mac OS X malloc() Local Privilege Escalation.
• Mac OS X security under scrutiny.
• MarmaraWeb E-commerce Remote Command Exucetion.
• Maximum Security: 94 Essential Tips for Staying Safe.
• McAfee Strengthens Foundstone Arm.
• MIDP Application Security 4: Encryption in MIDP.
• MIDP Application Security 4: Encryption in MIDP.
• Mini-Nuke<=1.8.2 SQL injection.
• Mining .com for Fun and Profit.
• Mobile Networks Under Strain Following Bomb Blasts.
• MS ‘hacked’ by – illuminati terrorists, this time.
• Multi-layer is the buzzword in security.
• MX Logic Enhances Partner Program with Sales-on-Demand Initiative; Leading Email Defense Provider Of.
• MySQL AB Eventum Multiple Vulnerabilities.
• MySQL Query Logging Bypass Vulnerability.
• Neteyes Nexusways Weak Authentication, Shell Escaping and Command Execution.
• Network Security made simple with SonicWALL.
• Nokia OBEX DoS.
• Open Source Nessus Security Tool Goes Commercial.
• Opera *nixed by security bug.
• Oracle DBMS_SCHEDULER SESSION_USER Vulnerability.
• Oracle Password Hashing Algorithm Assessment.
• Patching Still Trips up IT.
• Patchy response to reducing security exposure.
• patterns & practices Guidance: Complete Catalog.
• PGP, Research in Motion Support E-Mail Security on BlackBerry Platform.
• Phone record revelation.
• PHP Html_Entity_Decode() Information Disclosure Vulnerability.
• phpBB: Cross-Site Scripting Vulnerability.
• PHPHeaven PHPMyChat Cross-site Scripting Vulnerablitiy.
• PicoWebServer Remote Unicode Stack Overflow.
• PlanetFileServer v2.0.1.3 - Denial Of Service.
• Prestige 650R ADSL Router DoS.
• Protect Yourself Against "Firewall".
• Quick n Easy/Baby Web Server ASP Code Disclosure Vulnerability.
• Remote access to NeuSecure/Netcool backend database via web interface credentials leakage.
• Remote access to NeuSecure/Netcool backend database via web interface credentials leakage.
• Remote access to NeuSecure/Netcool backend database via web interface credentials leakage.
• Reports: WMF flaw sold for $4,000.
• Researcher Details More Microsoft Patch Missteps.
• Researchers: Flaw auctions would improve security.
• Rolands Sunday Smart Trends #96.
• SafeNet Announces Plans to Acquire nCipher for Cash; Transaction Reinforces SafeNet’s Leadership Pos.
• SafeNet to buy British Internet security firm.
• SAN FRANCISCO--- Zone Labs Wins PC Magazines Best of Year 2005 Award In Security.
• Schneier on security.
• Schneier on Security.
• Scottrader Unchecked Password Field.
• SEC charges Estonian firm with fraud.
• Secure Your Wireless Network.
• Security concerns cloud holiday shopping.
• Security Experts Issue Update.
• Security firms react to rootkit.
• Security Flaw Allows Wiretaps to Be Evaded, Study Finds.
• Security glitch aids IRS phishers.
• Security issue in Microsoft Outlook.
• Security Risk Assessment and Management in Web Application Security.
• Security Startup Gets $8.4M.
• Security Startup Gets $8.4M.
• Sendmail Asynchronous Signal Handling Remote Code Execution Vulnerability.
• SlimFTPd RNFR Buffer Overflow (Exploit).
• Small, Medium Enterprises Leave Themselves Vulnerable to Threats.
• Sophos scoffs at Bill Gates ‘death-of-spam’ prophecy.
• SPI Dynamics Announces Compliance Pack.
• SRC Corp--Network Security Software.
• Stack overflow vulnerability in Internet Explorer exploitable trough VBScript and JScript scripting.
• Symantec 3Q Income Declines on Charges.
• Symantec Announces Security As A Service.
• Symantec launches security as a service.
• Teen cleared over e-mail salvo.
• Trojan.Stranget.B.
• U.S. government probes Caller ID spoofing.
• Ultimate Forum Password Database Vulnerability.
• Unauthenticated Arbitrary File Read in Horde v3.09 and prior.
• Updated kdelibs packages fix security issues.
• USD Security Breach.
• Utility, TIO Network Sign Cash Bill Pay Deal at AZ Circle Ks.
• Vail Resorts Deploys Proginets Advanced Managed File Transfer Solution to Secure Customer Data.
• VeriSign Acquires Retail Solutions Inc..
• VeriSign to replace LogicaCMG as CWTAs messaging provider.
• VERITAS NetBackup Enterprise Server Buffer Overflow (vmd).
• VihorDesing Script Remote Command Exucetion And Cross Scripting Attack.
• WatchGuard Technologies News Desk.
• WatchGuard Technologies News Desk.
• Web Application Security: More Budget Needed.
• Webwasher CSM Appliance Script Security Restriction Bypass.
• Windows Vista delayed on security concerns.
• WordPress 2.0.1 Multiple Vulnerabilities.
• Xine-Lib Malformed MPEG Stream Buffer Overflow Vulnerability.
• Yahoo! Messenger URL Handler Remote DoS Vulnerability.
• Zoidcom DoS.
• Zombie Ring Allegedly Hit 1.5 Million Computers.
• ZoneAlarm Anti-Spyware 6.1.

Virus Information

• New PowerPoint Trojan installs itself as LSP.
• W32.Banleed.B.

SpamAlert

sp

• A Word to the Wise.
• An Internet Nightmare: Spamming And Spyware Issues On The Internet.
• And a voice said, ?You has been infected?.
• Backdoor Uses DNS as ?Side Door?.
• Basic Rules of Scam Baiting.
• Basic Spyware Tips..
• Blog Spamming.
• Brazilian plane crashes, new malware rises.
• Central Nic Domains.
• Comment Spam: Allure For The Online Totem Pole.
• Computer Viruses, 25 Years Going.
• Computer Viruses: How To Avoid And Get Rid Of Them.
• Earn Money With Parked Domains.
• Eliminating Spam: Techniques to Stopping Spammers Invading Your Inbox.
• eu Domains.
• Experts Rain on iPhone?s Parade.
• Files held for ransom.
• Finding the best anti spam solutions.
• Free spam blockers Vs Paid ones.
• HijackThis version 2.0.2 available now.
• How to Protect Yourself from Spam.
• How to use Guerilla Warfare on Spammers.
• IE and Firefox join forces to make computers vulnerable!.
• iPhone does a Safari.
• iPhone, Therefore I?m Hacked.
• June Malware Roundup.
• Learn simple strategies that will stop spammers from bombarding your inbox!.
• Mac Computers are Gorgeous.
• Methods to Fight Spam!!!.
• More4Computers-The Best In Digital Domain.
• Online Cell Phone Scams and Spam.
• PDF + JPEG = DOUBLE TROUBLE.
• Phishing in two seconds.
• PhpMyChat 0.14.5 Source Code Disclosure Vulnerability.
• Postcards or patches?.
• Promote Your Products Without Annoying Spam Filters.
• Quiz Yourself About Your Love With Computers.
• Simpson Spam Comes to an Inbox Near You.
• Spam Excel(s).
• Spam Filters.
• Spam Sources: How To Avoid Them.
• Spam! What's the Real Problem.
• Spamdexing.
• Splog: Rank Stealing In Blogging Fashion.
• Stop Spam.
• The Mediocre Practice Of Guestbook Spamming.
• The Quick and Byte-Free Tips in Buying Computers.
• The World Of Junk Junk Email That Is.
• Trillian Instant Messenger Vulnerabilities Uncovered.
• Updating VVindows.
• Use this JavaScript to Hide Your eMail from Spambots.
• vBulletin 3.6.3 Released.
• vBulletin 3.6.4 Released.
• Why El Cheapo Domains Will Cost You Money.
• Why You Need Antispyware Tools.
• woltlab.info hacked.
• Worm spreads Harry Potter rumor.
• Your Money Is Still In Your List - Build It!.

Copyright 2005 by Run Digital