NY teen hacks AOL, infects systems

A New York teenager broke into AOL LLC networks and databases containing customer information and infected servers with a malicious program to transfer confidential data to his computer, AOL and the Manhattan District Attorney’s Office allege. http://www.networkworld.com/news/2007/042607-ny-teen-hacks-aol-infects.html

Symantec Product Advisory: SYM07-004

SYM07-004 April 26, 2007 Multiple Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recover Vulnerabilitieshttp://securityresponse.symantec.com/avcenter/security/Content/2007.04.26.html Two vulnerabilities have been identified in Norton Ghost, Norton Save & Recovery, LiveState Recovery and BackupExec System Recovery. Vulnerable Products/Versions Norton Ghost 10.0, 10.01Norton Ghost for Norton System Works 10.0Norton Ghost for Dell 10.0Norton Save & Recovery 11.0, 11.01, 11.01BNorton Save & Recovery for Norton System Works 2007 1.01BNorton Save & Recovery Sony Euro 1.01LiveState Recovery 6.0, 6.01, 6.02BackupExec System Recovery 6.5, 6.52, 6.52A, 6.53 DetailsScheduled backups of local disks saved to remote network shares saves login credentials, for the remote share, … Continue reading Symantec Product Advisory: SYM07-004

Google glitch loses user data

Google users are going ape crap after settings and data they’ve amassed over months have suddenly gone missing from their personalized homepage. According to the posts of hundreds of users on Google’s discussion boards, sticky notes, tabs, links and other customized settings vanished. http://go.theregister.com/feed/http://www.theregister.com/2007/04/26/personalized_homepage_malfunction/

IncrediMail IMMenuShellExt ActiveX control stack buffer overflow vulnerability

IncrediMail is an email application that includes animations and 1000’s of emoticons. IncrediMail comes with an ActiveX control called IMMenuShellExt, which is provided by the file ImShExt.dll. This ActiveX control contains a stack buffer overflow vulnerability in the DoWebMenuAction() method. SolutionWe are currently unaware of a practical solution to this problem. Please consider the following workarounds Disable the IMMenuShellExt ActiveX control in Internet Explorer The vulnerable ActiveX control can be disabled in Internet Explorer by setting the kill bit for the following CLSID: {F8984111-38B6-11D5-8725-0050DA2761C4} More information about how to set the kill bit is available in Microsoft Support Document 240797. … Continue reading IncrediMail IMMenuShellExt ActiveX control stack buffer overflow vulnerability

The Truth About Open Source Security

Is it better to run your company’s firewall or IDS using an open source tool, or is it better to buy something off the shelf? http://www.linuxinsider.com/story/b7hsTTW4HhJARZ/The-Truth-About-Open-Source-Security.xhtml

Revised: MS Security Bulletin MS07-021

The Microsoft Security Bulletin MS07-021 has been revised today:Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178)http://www.microsoft.com/technet/security/bulletin/MS07-021.mspx Revisions: V1.0 (April 10, 2007): Bulletin published.V1.1 (April 26, 2007): Updated File Information Section for Windows XP Service Pack 2 and Windows Vista.  

Enigma Responds to Symantec Listing SpyHunter as a Security Risk, and to Other Competitors

Symantec, other competitors of Enigma, including Malwarebytes.org, SecurityCadets.com, MalwareTeks.com, and Temerc.com, have been coordinating a campaign to have SpyHunter listed as rogue software.Each of these entities is a competitor of Enigma Software Group that either has competing products or is an affiliate of competing products. Enigma is evaluating closely its legal options with respect to this anticompetitive campaign. PRNewswire See the discussion at Spyware Warrior Forums:  http://www.spywarewarrior.com/viewtopic.php?t=24810  

New approaches to malware detection coming into view

The traditional signature-based method to detect viruses and other malware is increasingly seen as an insufficient defense given the rapid pace at which attackers are churning out virus and spyware variants. All of which raises the question: What’s next? The three security vendors that dominate the antivirus market today, McAfee, Symantec and Trend Micro, say they have no intention of abandoning signature-based defense, which calls for identifying a specific malware sample to create a matching signature in order to detect and eradicate it. However, the big three vendors acknowledge there’s a need to augment this decades-old methodology, and some of … Continue reading New approaches to malware detection coming into view