9 month ago
Andy Baio : Inside the "Ron Paul" Spam Botnet - doesn't explain who paid to send the spams, but a great glimpse into how spambots operate [via]
nelson : Tracing a spam botnet - Excellent detailed account of tracing Ron Paul spam back into botnets and email spam services
Rod Begbie : Inside the 'Ron Paul' Spam Botnet - Research - SecureWorks - Interesting insight into the control interface for a spam-blasting botnet. [via] #
# copy
10 month ago
deusx : Tool opens iPhone, iPod Touch via web | Reg Hardware - "The code uses a known vulnerability with firmware 1.1.1, which it subsequently patches. Before doing so, it activates iPhones, jalbreaks both types of device to allow third-party apps to run, installs Installer, and allows the YouTube app to connect
# copy
11 month ago
Rod Begbie : xkcd - Exploits of a Mom - "Did you really name your son "Robert'); DROP TABLE Students;--" ?" #
# copy
27 month ago
deusx : 17 Mistakes Microsoft Made in the Xbox Security System - Xbox-Linux - "This article is about the security system of the Xbox and the mistakes Microsoft made."
# copy
31 month ago
kayodeok : Microsoft Security Advisory (914457): Possible Vulnerability in Windows Service ACLs - Microsoft is aware of published information and proof-of-concept code that that attempts to exploit overly permissive access controls on third- party (i.e., non-Microsoft) application services.
# copy
31 month ago
kayodeok : Malicious Malware: attacking the attackers, part 2 - Now in part two we finish the discussion by looking at how to own a malicious attacker's precious resources, which he planned to use against us, and then use these resources as a stepping stone to fully achieve our goals
# copy
31 month ago
kayodeok : Malicious Malware: attacking the attackers, part 1 - This article explores measures to attack those malicious attackers who seek to harm our legitimate systems. The proactive use of exploits and bot networks that fight other bot networks, along with social engineering and attacker techniques are all discuss
# copy
32 month ago
kayodeok : StopBadware.org: Regaining Control of Our Computers - Badware is a term we use to encompass the broad range of malicious software that is sneaking onto people's computers, including spyware and deceptive adware. It can subvert your computer for the benefit for a third party, frustrate you with unwanted adver
# copy
32 month ago
kayodeok : Ports Associated with Known Vulnerabilities and Exploits - Our advisories, incident notes, and current activity often include information regarding services that have been targeted for exploitation. The following table lists services and ports that have been mentioned in documents we have published since August 1
# copy
32 month ago
kayodeok : Mark's Sysinternals Blog: Inside the WMF Backdoor - In my opinion the backdoor is one caused by a security flaw and not one made for subterfuge. I sent my findings to both Steve and to Microsoft Monday morning, but because the issue continues to draw media attention I’ve decided to publicly document
# copy
32 month ago
kayodeok : Looking at the WMF issue, how did it get there? - This was a different time in the security landscape and these metafile records were all completely trusted by the OS. To recap, when it was introduced, the SetAbortProc functionality served an important function
# copy
32 month ago
kayodeok : The Windows MetaFile Backdoor? - (The Windows MetaFile ) has the feeling of something that Microsoft deliberately designed into Windows. Given the nature of what it is, this would make it a remote code execution "backdoor."
# copy
32 month ago
kayodeok : Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919) - Patching Time!
# copy
32 month ago
kayodeok : BREAKING NEWS! Microsoft's OFFICIAL SECURITY UPDATE leaked onto the Internet early (and it works great!) - The updated GDI32.DLL file contained in this patch, was built in the evening of December 28th, LAST WEDNESDAY. It is clear that Microsoft jumped on this problem - and had it resolved - almost immediately. But the nature of the installed base of Windows sy
# copy
32 month ago
kayodeok : Microsoft Statement Concerning Windows Meta File Vulnerability - Microsoft has completed development of a security update to fix the vulnerability and is now testing it for quality and application compatibility, with a goal of releasing the fix worldwide on Jan. 10
# copy
32 month ago
kayodeok : Jesper's Blog : Conscientious Risk Management and WMF - Conscientious Risk Management and WMF
# copy
32 month ago
kayodeok : The PC Doctor: WMF exploit - Quick Guide - WMF exploit - Quick Guide
# copy
32 month ago
kayodeok : SANS - Internet Storm Center - Updated version of Ilfak Guilfanov's patch - Ilfak Guilfanov has released an updated version of his unofficial patch for the Window's WMF issue. We have reverse engineered, reviewed, and vetted the version here
# copy
32 month ago
kayodeok : Internet Storm Center on WMF Vulnerability: Trustworthy Computing - This is a bad situation that will only get worse. The very best response that our collective wisdom can create is contained in this advice - unregister shimgvw.dll and use the unofficial patch. You need to trust us.
# copy
32 month ago
kayodeok : WMF Vulnerability Checker - However, there is no safe way to tell if your system is vulnerable. Here is a small utility to address this problem. You can download it from the following link
# copy
32 month ago
kayodeok : WMF vulnerability: It's not a bug, it's a feature - Turns out this is not really a bug, it's just bad design. Design from another era
Rod Begbie : F-Secure : News from the Lab - It's not a bug, it's a feature - The currently-circulating Windows WMF exploit "probably affects more computers than any other security vulnerability, ever." Every PC running any version of Windows since 1990 -- even if fully patched -- is vulnerable! #
deusx : F-Secure : News from the Lab - January of 2006 - ""The WMF vulnerability" probably affects more computers than any other security vulnerability, ever."
Nelson Minar : WMF hole intentional - An image format designed to run arbitrary code. (via Hot Links)
# copy
32 month ago
kayodeok : Overview of the WMF related articles at the Internet Storm Center - Since this is one of the more complex stories to follow I've made a quick overview of the WMF issues.
# copy
32 month ago
kayodeok : WMF Vulnerability: From extreme to in depth - Suppose you are basically just not capable of accepting the risk associated with the WMF vulnerability, almost no matter what you break. In such a case you have big avenues to walk: Ban Microsoft products in your environment
# copy
32 month ago
kayodeok : SANS - Internet Storm Center - WMF Frequently Asked Questions (FAQ) - The WMF vulnerability uses images (WMF images) to execute arbitrary code. It will execute just by viewing the image. In most cases, you don't have click anything. Even images stored on your system may cause the exploit to be triggered if it is indexed by
cobra libre : WMF exploit FAQ - read this if you use windows #
Simon Willison : SANS WMF Exploit FAQ - This is really good.
# copy
32 month ago
kayodeok : Anti-Virus Protection for WMF Flaw Still Inconsistent ... How effective is your antivirus software? - AV-Test, which tests anti-malware products, has been tracking the situation closely and has, so far, analyzed 73 variants of malicious WMF files. Products from the following companies have identified all 73:
# copy
