Comcast Hijackers Expose Flaws in Internet’s DNS

Teen hackers Defiant and EBK apparently used “social engineering” to disrupt Comcast Web sites and redirect user e-mail. Defiant and EBK used the Domain Name System and registrar Network Solutions to reroute and deface Comcast sites. Defiant and EBK took comcast.net down for more than two hours and put obscenities in the WHOIS information.

http://www.data-storage-today.com/story.xhtml?story_id=13200CUXO3OC

See also:  How was Comcast.net hijacked? http://www.newsnow.co.uk/A/278825466?-18613

Blackberry Refuses To Spy For India

Research In Motion, the company that makes the Blackberry phone, has refused demands by the Indian government to decrypt suspicious text messages.

There are only around 115,000 Blackberry users in India, but they’re causing the government a problem. It seems that the country’s security services and department of technology haven’t been able to unencrypt text messages sent on the Blackberry, and they’ve asked Research In Motion (RIM), the Canadian company that makes the device, for the master key, worrying that criminals and terrorists might take to the device.

http://news.digitaltrends.com/news-article/16814/blackberry-refuses-to-spy-for-india

Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform

Microsoft Security Advisory (953818)
Microsoft is investigating new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default; it must be installed independently or through the Apple Software Update application. Customers running Safari on Windows should review this advisory.

At the present time, Microsoft is unaware of any attacks attempting to exploit this blended threat. Upon completion of this investigation, Microsoft will take the appropriate measures to protect our customers. This may include providing a solution through a service pack, the monthly update process, or an out-of-cycle security update, depending on customers needs.

Mitigating Factors:

•    Customers who have changed the default location where Safari downloads content to the local drive are not affected by this blended threat.

http://www.microsoft.com/technet/security/advisory/953818.mspx

Adware companies should laugh at these 3 security vendors

Comodo, Webroot and ZoneLabs offers antivirus and antispyware products.  Their scanners have detections on some known adware.  Their product will suggest to user to remove the known adware.

How about the adware Mysearch (ask toolbar) installed by Webroot, ZoneLabs and Comodo? Will they detect their own add-on?

Funny strategy by IAC because they are aware it’s being flagged but never cooperate to clean-up and the worst part, there are security vendors that adds “adware” to their (Webroot, Comodo, ZoneLabs) security product.
Their response? Just uninstall the toolbar or uncheck in the installation or configuration wizard. Will spyware and adware makers now have a good reason or can use that ‘type’ of response also? Programs with known spyware or adware will now laugh at these security programs because they will detect other program’s adware or spyware but will not detect their toolbar that is known adware.

http://www.dozleng.com/updates/index.php?s=&showtopic=16661&view=findpost&p=80703

Adobe confirmed the Flash Player security issue

Just a quick note to say we are aware of today’s report of a potential exploit involving Flash Player in the wild. We are working with Symantec to investigate the potential SWF vulnerability, and will have an update once we get more information.

UPDATE: This exploit appears to be taking advantage of a known vulnerability, reported by Mark Dowd of the ISS X-Force and wushi of team509, that was resolved in Flash Player 9.0.124.0 (CVE-2007-0071). We strongly encourage everyone to download and install the latest Flash Player update, 9.0.124.0.

 

http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html

This exploit does NOT appear to include a new, unpatched vulnerability as has been reported elsewhere – customers with Flash Player 9.0.124.0 should not be vulnerable to this exploit. We’re still looking in to the exploit files, and will update everyone with further information as we get it, but for now, we strongly encourage everyone to download and install the latest Flash Player update, 9.0.124.0.

http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue_u_1.html

Avira antivirus will detect infection while installing Comodo Firewall Pro

I mentioned before at Calendar of Updates the security vendors that will detect infection if Ask Toolbar or related component of Ask Toolbar is installed. I updated the topic by adding Avira antivirus as one of the security vendors that will detect infection on a user’s PC, if Comodo Firewall Pro with SafeSurf Toolbar is being installed.

http://www.dozleng.com/updates/index.php?showtopic=16661

An Avira antivirus customer reported in Comodo Forums that the antivirus is detecting infection while installing the Comodo Firewall. 

Why and why is the best firewall equipped with the Ask Toolbar and Safe Surf, i use Comodo Firewall 3.0.24.368 and i use Avira Anti-Virus Premium and A-Squared Anti-Malware, Windows XP Pro with SP 3.

While installing the new firewall version a lot of warnings from Avira was coming up because the ASK Toolbar is seem as spyware/adware or there at least traces that leads to suspecting behaviour, als A-Squared show ASK Toolbar as unwanted. Avira still warns for Adspy/MYSEARCH.I.2. see description:

Description:

This Trojan may be downloaded from remote sites by other malware. It may be dropped by other malware. It may arrive as a .DLL file that exports functions used by other malware. It is used to exports malicious functions that are usually used by other malware files.

Other malware use this .DLL to monitor the activities of the normal process, IEXPLORE.EXE, using it to connect to a varying remote server.

I have removed the ASK Toolbar completely and safe surf it is not needed and it concerns me that Comodo the best firewall equipped with useless embedded software and i hope the next version is free from useless software.

http://forums.comodo.com/help_for_v3/comodo_firewall_and_ask_toolbar-t23244.0.html;msg163612

Adobe Flash Player Unspecified Remote Code Execution Vulnerability

A vulnerability has been identified in Adobe Flash Player, which could be exploited by remote attackers to take complete control of an affected system. This issue is caused by an unspecified memory corruption error when processing a malformed SWF file, which could be exploited by attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a specially crafted web page.

Note : This vulnerability is reportedly being exploited in the wild.

http://www.frsirt.com/english/advisories/2008/1662

Ad-Aware SE users can’t install definitions manually

Lavasoft staff and Microsoft MVP Janie Whitty (aka CalamityJane) confirmed the issue of definitions file for Ad-Aware SE Personal is not loading on older operating systems when user is trying to .  Users of Ad-aware SE are encouraged to upgrade to Ad-Aware 2008 (free version is also available)

Discussion here and here

BTW, if you will install Ad-Aware 2008 and you got Spybot S&D, you will see incompatibility alert from SS&D.  Just clicked ignore button.

Screenshot at http://www.dozleng.com/updates/index.php?showtopic=18284