Comcast Hijackers Expose Flaws in Internet’s DNS

Teen hackers Defiant and EBK apparently used “social engineering” to disrupt Comcast Web sites and redirect user e-mail. Defiant and EBK used the Domain Name System and registrar Network Solutions to reroute and deface Comcast sites. Defiant and EBK took comcast.net down for more than two hours and put obscenities in the WHOIS information. http://www.data-storage-today.com/story.xhtml?story_id=13200CUXO3OC See also:  How was Comcast.net hijacked? http://www.newsnow.co.uk/A/278825466?-18613

Hacker Changes Mars Lander’s Web Site, Redirects Traffic

A spokeswoman for the Phoenix Mars Lander mission says a hacker took over the mission’s public Web site during the night and changed its lead news story. Spokeswoman Sara Hammond says a mission update posted Friday was replaced with a hacker’s signature and a link redirecting visitors to an overseas Web site.http://www.foxnews.com/story/0,2933,361170,00.html

Blackberry Refuses To Spy For India

Research In Motion, the company that makes the Blackberry phone, has refused demands by the Indian government to decrypt suspicious text messages. There are only around 115,000 Blackberry users in India, but they’re causing the government a problem. It seems that the country’s security services and department of technology haven’t been able to unencrypt text messages sent on the Blackberry, and they’ve asked Research In Motion (RIM), the Canadian company that makes the device, for the master key, worrying that criminals and terrorists might take to the device. http://news.digitaltrends.com/news-article/16814/blackberry-refuses-to-spy-for-india

Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform

Microsoft Security Advisory (953818)Microsoft is investigating new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default; it must be installed independently or through the Apple Software Update application. Customers running Safari on Windows should review this advisory. At the present time, Microsoft is unaware of any attacks attempting to exploit this blended threat. Upon completion of this investigation, Microsoft will take the appropriate measures to protect our customers. … Continue reading Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform

Adware companies should laugh at these 3 security vendors

Comodo, Webroot and ZoneLabs offers antivirus and antispyware products.  Their scanners have detections on some known adware.  Their product will suggest to user to remove the known adware. How about the adware Mysearch (ask toolbar) installed by Webroot, ZoneLabs and Comodo? Will they detect their own add-on? Funny strategy by IAC because they are aware it’s being flagged but never cooperate to clean-up and the worst part, there are security vendors that adds “adware” to their (Webroot, Comodo, ZoneLabs) security product. Their response? Just uninstall the toolbar or uncheck in the installation or configuration wizard. Will spyware and adware makers … Continue reading Adware companies should laugh at these 3 security vendors

Adobe confirmed the Flash Player security issue

Just a quick note to say we are aware of today’s report of a potential exploit involving Flash Player in the wild. We are working with Symantec to investigate the potential SWF vulnerability, and will have an update once we get more information. UPDATE: This exploit appears to be taking advantage of a known vulnerability, reported by Mark Dowd of the ISS X-Force and wushi of team509, that was resolved in Flash Player 9.0.124.0 (CVE-2007-0071). We strongly encourage everyone to download and install the latest Flash Player update, 9.0.124.0.   http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html This exploit does NOT appear to include a new, … Continue reading Adobe confirmed the Flash Player security issue

Avira antivirus will detect infection while installing Comodo Firewall Pro

I mentioned before at Calendar of Updates the security vendors that will detect infection if Ask Toolbar or related component of Ask Toolbar is installed. I updated the topic by adding Avira antivirus as one of the security vendors that will detect infection on a user’s PC, if Comodo Firewall Pro with SafeSurf Toolbar is being installed. http://www.dozleng.com/updates/index.php?showtopic=16661 An Avira antivirus customer reported in Comodo Forums that the antivirus is detecting infection while installing the Comodo Firewall.  Why and why is the best firewall equipped with the Ask Toolbar and Safe Surf, i use Comodo Firewall 3.0.24.368 and i use … Continue reading Avira antivirus will detect infection while installing Comodo Firewall Pro

Apple released Mac OS X 10.5.3 Update

The 10.5.3 Update is recommended for all users running Mac OS X Leopard and includes general operating system fixes that enhance the stability, compatibility and security of your Mac. http://www.apple.com/support/downloads/macosx1053update.html http://www.apple.com/support/downloads/macosx1053comboupdate.html via CoU (lot of fixes)

Adobe Flash Player Unspecified Remote Code Execution Vulnerability

A vulnerability has been identified in Adobe Flash Player, which could be exploited by remote attackers to take complete control of an affected system. This issue is caused by an unspecified memory corruption error when processing a malformed SWF file, which could be exploited by attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a specially crafted web page. Note : This vulnerability is reportedly being exploited in the wild. http://www.frsirt.com/english/advisories/2008/1662

Ad-Aware SE users can’t install definitions manually

Lavasoft staff and Microsoft MVP Janie Whitty (aka CalamityJane) confirmed the issue of definitions file for Ad-Aware SE Personal is not loading on older operating systems when user is trying to .  Users of Ad-aware SE are encouraged to upgrade to Ad-Aware 2008 (free version is also available) Discussion here and here BTW, if you will install Ad-Aware 2008 and you got Spybot S&D, you will see incompatibility alert from SS&D.  Just clicked ignore button. Screenshot at http://www.dozleng.com/updates/index.php?showtopic=18284