Google Flaw Lets Remote Users Hijack Accounts

Nana NetLife Magazine (nana.co.il) reported a vulnerability in Google Gmail that was discovered by Israeli hacker Nir Goldshlagger. A remote user can create a specially crafted link that, when loaded by the target user, will disclose the target user’s cookie. With the target user’s cookie, the remote user can then access the target user’s account. The report indicates that the specially crafted link will direct to the Gmail site. No further details were provided. Google has reportedly confirmed the flaw. http://www.securitytracker.com/alerts/2004/Oct/1012001.html

Bagle-AU worm disables Windows XP SP2 firewall, reports Sophos

 The Bagle-AU worm can disable security applications, including the firewall built into Windows XP Service Pack 2. Experts at Sophos have warned users that the new W32/Bagle-AU worm attempts to disable security software on infected Windows PCs. “By turning off firewall protection and other security software the author of the latest incarnation of the Bagle worm is opening up computers to attack,” said Graham Cluley, senior technology consultant for Sophos. “Increasingly virus writers are aiming to take over innocent peoples’ computers in order to steal, spam or cause mischief.” Sophos notes that the W32/Bagle-AU worm is capable of turning off … Continue reading Bagle-AU worm disables Windows XP SP2 firewall, reports Sophos

New Wireless Security Boot Camp

Airscanner Corp. is launching a new Wireless Security Boot Camp to be held in Dallas, TX on Feb. 3-4, 2005. Originally presented at the University of Pennsylvania, this course has grown into an intense, two-day lecture and lab. The small, intimate class size allows close interatction between attendees and the presenter. A detailed syllabus of what is covered can be found at http://www.airscanner.com/wireless/outline.html The course is vendor neutral and particularly emphasizes Linux and freeware security auditing tools.  “This is a maximally intense, wireless hacking lecture and lab,” stated Seth Fogie, co-author of the books “Maximum Wireless Security” from SAMS and “Security … Continue reading New Wireless Security Boot Camp

WhenU Enters the Anti-Spyware Market; Aluria Software Gone Bad

Eric Howes, a Microsoft MVP, author of IE-SPYAD & AGNIS List and Rogue/Suspect Anti-Spyware Products & Web Sites posted in http://www.dslreports.com/forum/remark,11723816~mode=flat that Aluria has partnered with WhenU. He posted: “Hi All: You might have heard about the recent arrangement between Aluria (makers of Spyware Eliminator, a version of which is bundled with AOL 9.0) and WhenU, one of the more well-known distributors of adware. See here for the press release: http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=109&STORY=/www/story/10-27-2004/0002312862&EDATE Aluria agreed to de-list WhenU from the defintions it uses for Spyware Eliminator. Suzi at Spyware Warrior has blogged about this: www.netrn.net/spywareblog/ And there’s a news story on the … Continue reading WhenU Enters the Anti-Spyware Market; Aluria Software Gone Bad

Beagle is again in the wild

  W32.Beagle.AV@mm, W32.Beagle.AW@mm, W32.Beagle.AU@mm are a mass-mailing worms that also spreads through file-sharing networks. The worm will open a backdoor on TCP port 81.  Due to an increased rate of submissions, Symantec Security Response has raised the category rating to level 3 for W32.Beagle.AV@mm More info in http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.av@mm.html http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.aw@mm.html http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.au@mm.html W32.Beagle@mm!cpl is a generic detection for variants of W32.Beagle@mm that use Control Panel applets as droppers. These files contain a copy of the worm and usually arrive as email attachments with .cpl file extensions. The above W32.Beagle@mm variants are known to contain copies of W32.Beagle@mm!cpl http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle@mm!cpl.html  

BugTraq: New URL spoofing bug in Microsoft Internet Explorer

“There is a security bug in Internet Explorer 6.0.2800.1106 (fully patched), which allowes to show any faked target-address in the status bar of the window“, posted by Benjamin Tobias Franz in SecuritryFocus BugTraq. Description: Microsoft Internet Explorer can’t handle links surrounded by a table and an other link correct. The bug can be exploited using HTML mail message too. Affected software: Microsoft Internet Explorer, Microsoft Outlook Express Workaround: Don’t click on non-trusted links. Or right-click on links to see the real target. Or use Copy-and-Paste. Example has been provided. http://www.securityfocus.com/archive/1/379764

Hey Spammer! Aren’t you tired?

Feedback feature has been disabled in this blog page.  I disabled it today.  A spammer is posting spam messages.  I patiently deleted 100+ of spam feedbacks today.  No feedback for now.  Hey Spammer! with .info domain.  Aren’t you tired? Bloggers can simply enable/disable the feedback feature in just 2 clicks.  It’s an easy task for bloggers.  Your task isn’t easy .. tsk..tsk

When the Spam Hits the Blogs

Owners of the conversational websites known as weblogs have recently noticed that their referral logs have become the newest target for spam. Referral logs, intended to collect information on who visited a website and how they happened to arrive there, are being stuffed with bogus links. Curious bloggers who click on a logged link to see who visited their site are instead led to pornography or advertising sites. More in http://www.wired.com/news/culture/0,1284,56017,00.html

AOL Files Lawsuit Against IM ‘Spim’

America Online Inc. said Thursday it had filed a federal lawsuit accusing numerous unnamed defendants of violating federal and state laws by sending bulk messages known as “spim” to instant message accounts and Internet chat rooms. The lawsuit, filed late Wednesday in federal court in Alexandria, Va., marked the first time AOL has expressly targeted spim in a legal action. http://www.winonadailynews.com/articles/2004/10/29/ap/hitech/d860pnko0.txt