6 month ago
Linkorama : Edge: SOCIAL NETWORKS ARE LIKE THE EYE - It is customary to think about fashions in things like clothes or music as spreading in a social network. But it turns out that all kinds of things, many of them quite unexpected, can flow through social networks, and this process obeys certain rules we a
# copy
11 month ago
nelson : Storm superworm - The other way to build a supercomputer
Rod Begbie : Gathering 'Storm' Superworm Poses Grave Threat to PC Nets - Analysis of the "Storm" worm. Cunningly designed to be as undetectable as possible, it's a frightening vision of what modern malware can be. [via] #
# copy
16 month ago
nelson : Botnet wars - Apparently the criminal syndicates who run the botnets are fighting for territory
# copy
19 month ago
plasticbag : The Virus 2 Flash Game lets you play a hexagonal virus as it spreads through a multi-coloured population - Nicely self-referential, I suspect it mirrors the game's own viral spread through popualtions of OCD nerds. Reminded me a lot of Webb's games as cleaning metaphors, which I think are more dull—games as imposition of order on chaos. Sorting.
# copy
23 month ago
jimray : Small Number of Fifth Generation iPods May Be Carrying Windows Virus - Whoops!
Andy Baio : Small Number of Video iPods Shipped With Windows Virus - "we are upset at Windows for not being more hardy against such viruses"
Eric Meyer : Small Number of Fifth Generation iPods May Be Carrying Windows Virus - No one is safe! Don't you understand? There's no stopping them! They're everywhere!
# copy
29 month ago
gleuschk : Holy Inverse Function, Batman!! A virus for MATLAB! - if a computer virus writer could harness the minds of the worlds leading engineers and mathematicians, just imagine the destruction that would be caused!!
# copy
32 month ago
kayodeok : Mark's Sysinternals Blog: Inside the WMF Backdoor - In my opinion the backdoor is one caused by a security flaw and not one made for subterfuge. I sent my findings to both Steve and to Microsoft Monday morning, but because the issue continues to draw media attention I’ve decided to publicly document
# copy
32 month ago
kayodeok : Looking at the WMF issue, how did it get there? - This was a different time in the security landscape and these metafile records were all completely trusted by the OS. To recap, when it was introduced, the SetAbortProc functionality served an important function
# copy
32 month ago
kayodeok : The Windows MetaFile Backdoor? - (The Windows MetaFile ) has the feeling of something that Microsoft deliberately designed into Windows. Given the nature of what it is, this would make it a remote code execution "backdoor."
# copy
33 month ago
kayodeok : Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919) - Patching Time!
# copy
33 month ago
kayodeok : BREAKING NEWS! Microsoft's OFFICIAL SECURITY UPDATE leaked onto the Internet early (and it works great!) - The updated GDI32.DLL file contained in this patch, was built in the evening of December 28th, LAST WEDNESDAY. It is clear that Microsoft jumped on this problem - and had it resolved - almost immediately. But the nature of the installed base of Windows sy
# copy
33 month ago
kayodeok : A Naive User's Guide to Running Windows More Securely - OSNews.com - A Naive User's Guide to Running Windows More Securely
# copy
33 month ago
kayodeok : Microsoft Security Advisory (912920): Systems that are infected with Win32/Sober.Z@mm may download and run malicious files from certain Web domains beginning on January 6, 2006 - On systems that are infected by Win32/Sober.Z@mm, the malware is programmed to download and run malicious files from certain Web domains beginning on January 6, 2006.
# copy
33 month ago
kayodeok : Microsoft Statement Concerning Windows Meta File Vulnerability - Microsoft has completed development of a security update to fix the vulnerability and is now testing it for quality and application compatibility, with a goal of releasing the fix worldwide on Jan. 10
# copy
33 month ago
kayodeok : Jesper's Blog : Conscientious Risk Management and WMF - Conscientious Risk Management and WMF
# copy
33 month ago
kayodeok : The PC Doctor: WMF exploit - Quick Guide - WMF exploit - Quick Guide
# copy
33 month ago
kayodeok : SANS - Internet Storm Center - Updated version of Ilfak Guilfanov's patch - Ilfak Guilfanov has released an updated version of his unofficial patch for the Window's WMF issue. We have reverse engineered, reviewed, and vetted the version here
# copy
33 month ago
kayodeok : Internet Storm Center on WMF Vulnerability: Trustworthy Computing - This is a bad situation that will only get worse. The very best response that our collective wisdom can create is contained in this advice - unregister shimgvw.dll and use the unofficial patch. You need to trust us.
# copy
33 month ago
kayodeok : WMF Vulnerability Checker - However, there is no safe way to tell if your system is vulnerable. Here is a small utility to address this problem. You can download it from the following link
# copy
33 month ago
kayodeok : WMF vulnerability: It's not a bug, it's a feature - Turns out this is not really a bug, it's just bad design. Design from another era
Rod Begbie : F-Secure : News from the Lab - It's not a bug, it's a feature - The currently-circulating Windows WMF exploit "probably affects more computers than any other security vulnerability, ever." Every PC running any version of Windows since 1990 -- even if fully patched -- is vulnerable! #
deusx : F-Secure : News from the Lab - January of 2006 - ""The WMF vulnerability" probably affects more computers than any other security vulnerability, ever."
Nelson Minar : WMF hole intentional - An image format designed to run arbitrary code. (via Hot Links)
# copy
33 month ago
kayodeok : Overview of the WMF related articles at the Internet Storm Center - Since this is one of the more complex stories to follow I've made a quick overview of the WMF issues.
# copy
33 month ago
kayodeok : WMF Vulnerability: From extreme to in depth - Suppose you are basically just not capable of accepting the risk associated with the WMF vulnerability, almost no matter what you break. In such a case you have big avenues to walk: Ban Microsoft products in your environment
# copy
33 month ago
kayodeok : SANS - Internet Storm Center - WMF Frequently Asked Questions (FAQ) - The WMF vulnerability uses images (WMF images) to execute arbitrary code. It will execute just by viewing the image. In most cases, you don't have click anything. Even images stored on your system may cause the exploit to be triggered if it is indexed by
cobra libre : WMF exploit FAQ - read this if you use windows #
Simon Willison : SANS WMF Exploit FAQ - This is really good.
# copy
33 month ago
kayodeok : Anti-Virus Protection for WMF Flaw Still Inconsistent ... How effective is your antivirus software? - AV-Test, which tests anti-malware products, has been tracking the situation closely and has, so far, analyzed 73 variants of malicious WMF files. Products from the following companies have identified all 73:
# copy
