A couple of late afternoon updates at the handlers diary at incidents.org (sans institute). For starters, it looks like there may be a variation of zotob that has a mass mailer included. I didn’t specifically see this in SARC’s writeups of zotob.a or zotob.b, so, I’m wondering if this is going to be a .c? […]
Here are some details on the zotob worm (s) culled from several sources…. It copies itself to the Windows system folder as BOTZOR.EXE, it modifies the hosts file to frustrate attempts to access antivirus sites. The .b variant copies itself as csm.exe in the Windows System folder. Both variants create a Mutex so that only […]
Sunbeltblog has another entry in the continuing story. Really, there is not much new here, but iDefense has analyzed the code of the trojan that was discovered and have stated that it is not related to CoolWebSearch. (Which is what sunbeltblog has been saying for some time.) They initially said it was discovered during a […]
As I noted yesterday, virii typically get updated and improved. Yesterdays reports about the zotob virus noted that Windows Xp service pack 2 and Windows 2003 were not affected by the new worm. Today however, the sans institute is reporting that zotob may be affecting some XP sp2 and 2003 installs. It appears that it […]
I can’t say I’m surprised, it makes sense. Plain old telephone service (POTS) can be tapped, and now that VOIP is coming into it’s own, the FBI and others need new ways of tapping the conversations. CNET is reporting on one such initiative that seems to be proving successful at the first step towards tapping […]
Wow – alphabet soup…. The National Instititute of Standards and Technology (NIST) has launched a National Vulnerability Database (NVD) sponsored by the Department of Homeland Security (DHS) Divison US-CERT (US Computer Emergency Response Team). It looks like it will be a nice one place stop to find a good deal of current info. Send […]
It looks as though CoolWebSearch has issued a release about the massive identity theft ring that their product name has featured so prominently in. They are 1) denying that it is related to their tool and asking for evidence that it does so they may pursue the issue (fire employees/contact FBI), 2) considering lawsuits against […]
According to The Sans handlers diary, a worm exploiting one of the security vulnerabilities disclosed last week by Microsoft, is in the wild and spreading. The worm tagged as zotob.a exploits the ms05-039 vulnerability. (Sans reminds us that ms02-039 was the vuln. targetted by the slammer worm. Interesting coincidence.) They are still at infocon yellow. […]
Good news on the WordPress front. A new release has been, well, released. Version 1.5.2 is a bugfix/security fix release. On the heels of an August 10th security advisory. The release announcement is available here. Send article as PDF
The Register writes that New York has passed a law that will require local government agencies and businesses to disclose security breaches. (System broken into or data stolen). I can understand businesses being reluctant to disclose this kind of information. “What will they say about us”, “bad reputation”, “we’ll lose customers”, the thoughts could go […]
Bookmark this site now by pressing Ctrl+D
You are currently browsing the archives for the Security category.
