[x]Blackmoor Vituperative

Monday, 2006-10-02

Hackers claim zero-day flaw in Firefox

Filed under: Security — bblackmoor @ 18:06

Jesse Ruderman, a Mozilla security staffer, attended the presentation and was called up on the stage with the two hackers. He attempted to persuade the presenters to responsibly disclose flaws via Mozilla’s bug bounty program instead of using them for malicious purposes such as creating networks of hijacked PCs, called botnets.

“I do hope you guys change your minds and decide to report the holes to us and take away $500 per vulnerability instead of using them for botnets,” Ruderman said.

The two hackers laughed off the comment. “It is a double-edged sword, but what we’re doing is really for the greater good of the Internet. We’re setting up communication networks for black hats,” Wbeelsoi said.

(from ZDNet, Hackers claim zero-day flaw in Firefox)

On the bright side, the idiot hackers have publically confessed, so the federal case against them when their crime goes to court should be a slam dunk. Say hello to your new cellmate, hacker scumbag.

Update:

Apparently it was just a joke. Just good-natured fun. Those wacky hackers.

Tuesday, 2006-09-19

Porn sites exploit new IE flaw

Filed under: Security,Software — bblackmoor @ 23:59

Miscreants are using an unpatched security bug in Internet Explorer to install malicious software from rigged Web sites, experts warned Tuesday.

[…]

“Fully patched Internet Explorer browsers are vulnerable,” Ken Dunham, director of the rapid response team at VeriSign’s iDefense, said in an e-mailed statement. “This new zero-day attack is trivial to reproduce and has great potential for widespread Web-based attacks in the near future.”

(from ZDNet, Porn sites exploit new IE flaw)

On the one hand, I am curious why ZDNet specifically mentions porn. The exploit could just as easily be on a web site with photos of kittens. On the other hand, I am wondering why on the gods’ green earth anyone is still using Internet Explorer to begin with. Use Firefox, you knuckleheads!

Friday, 2006-09-01

Phishing Phor Phishers

Filed under: Security — bblackmoor @ 13:50

Oooo, pretty light!Phishing Phor Phishers

Monday, 2006-08-28

Replacing SMTP: A proposal

Filed under: Security — bblackmoor @ 11:45

If you’re like the majority of Internet users, a good quantity of your e-mail is junk. Perhaps the amount seems like less than it actually is thanks to filtering, but it’s still there. The world is fighting a losing battle with junk e-mail — primarily because of weaknesses in the Simple Mail Transfer Protocol (SMTP) — and everyone knows it.

(from TechRepublic.com, Replacing SMTP: A proposal)

Spam is beyond ridiculous. We have needed a better email protocol for years. Yarden’s sugestion is as good as anything else that I have seen.

Wednesday, 2006-08-23

IE patch carries security bug

Filed under: Security — bblackmoor @ 15:06

Microsoft’s most recent security update for Internet Explorer introduces a serious security flaw on some Windows systems.

See Tech News on ZDNet, IE patch carries security bug.

Friday, 2006-08-11

Homeland Security urges Windows fix

Filed under: Security — bblackmoor @ 11:26

The US Department of Homeland Security has urged Windows users to install the latest patches from Microsoft as quickly as possible.

In particular it warned about one bug fixed in the latest batch of security updates that, if exploited, could put a PC under the control of an attacker.

Microsoft’s recent update fixed 23 flaws found in Windows software.

Many of these bugs are known to malicious hackers and some are already actively exploited on the net.

(from BBC News, Official warning on Windows bugs)

Thursday, 2006-07-27

Firefox update plugs ‘critical’ holes

Filed under: Security,Software — bblackmoor @ 14:52

Firefox 1.5.0.5 is a security update that is part of our ongoing program to provide a safe Internet experience for our customers,” Mozilla said on its Web site. “We recommend that all users upgrade to this latest version.”

Friday, 2006-07-21

Windows Genuine Spyware

Filed under: Security — bblackmoor @ 10:53

WGA nabs 60 million Windows cheaters?

According to a Microsoft manager, 60 million people have failed the Windows Genuine Advantage validation test. But according to Ed Bott, the numbers don’t add up.

See also: That deceptive, misleading WGA installation

Thursday, 2006-07-13

New PowerPoint hole used in cyberattacks

Filed under: Security,Software — bblackmoor @ 18:46

File under “yet another reason to switch to OpenOffice”.

New PowerPoint hole used in cyberattacks | Tech News on ZDNet

Friday, 2006-06-30

‘Blue Pill’ Prototype Creates 100% Undetectable Malware

Filed under: Security — bblackmoor @ 23:52

A security researcher with expertise in rootkits has built a working prototype of new technology that is capable of creating malware that remains “100 percent undetectable,” even on Windows Vista x64 systems.

Joanna Rutkowska, a stealth malware researcher at Singapore-based IT security firm COSEINC, says the new Blue Pill concept uses AMD’s SVM/Pacifica virtualization technology to create an ultra-thin hypervisor that takes complete control of the underlying operating system.

Rutkowska plans to discuss the idea and demonstrate a working prototype for Windows Vista x64 at the SyScan Conference in Singapore on July 21 and at the Black Hat Briefings in Las Vegas on Aug. 3.

The Black Hat presentation will occur on the same day Microsoft is scheduled to show off some of the key security features and functionality being fitted into Vista.

(from eWeek, ‘Blue Pill’ Prototype Creates 100% Undetectable Malware)

« Previous PageNext Page »