+ SecurityTeam.us +

Latest Headlines
Copyright: Copyright 2006 SecurityTeam ...

Last Update: Sat Sep 30 07:17:50 2006

+ Wi-Fi hijack risk for Macs + A trio of security flaws in Apple software that runs wireless-networking hardware could allow Macs to be hijacked over Wi-Fi, Apple [...] said on Thursday. Instead, the company itself hunted for bugs in its wireless software and uncovered the vulnerabilities, a

+ Spot a Bug, Go to Jail + A new federal prosecution again raises the issue of whether computer security experts must fear prison time for investigating and [...] within the meaning of the law because the company didn't want this information distributed. They even claimed the integrity o

+ Computer researchers warn of powerful new Internet attacks + Security researchers are warning about a new variety of unusually powerful Internet attacks that can overwhelm popular websites and [...] said. The U.S. Computer Emergency Readiness Team, a partnership with the Homeland Security Department, warned network engineers in De

+ Arbor Networks stops DDoS attacks against broadband sites in the Netherlands + Arbor Networks has tracked a malicious botnet that has been trying to wreak havoc against broadband sites hosted in the Netherlands. [...] spoke Dutch, and were employing Arabic-named IRC channels, usernames and passwords to control the botnet. courtesy: SecurityPark.net

+ Mac OS X hacked in under 30 minutes + Gaining root access to a Mac is "easy pickings," according to an individual who won an OS X hacking challenge last [...] Linux are the PaX patch and the grsecurity patches. They provide numerous hardening options on the system, and implement non-executabl

+ PHP Apps A Growing Target for Hackers + Security holes in PHP-based content management and forum apps are an increasingly active front in Internet security, as hackers target [...] mods for easy customization, and mobilize to deploy fixes for security holes. But as is the case with most web software, a significant

+ ISF Warns Of Spit And Other New Security Threats From VoIP + A new report from the Information Security Forum (ISF) warns that along with existing security problems associated with IP networks, [...] being increasingly used in the home environment, most businesses are still reliant on the Public Switch Telephone Network,? said Nic

+ Hackers, Scammers Hide Malicious JavaScript On Web Sites + Hackers and scammers have suddenly turned to a new technique to hide malicious JavaScript on compromised or criminal sites, a security [...] browser vulnerable to JS/Wonka, however. Alternate browsers, including the popular Firefox, can be fooled with JavaScript tricks, too

+ Firefox URL Domain Name Buffer Overflow + The vulnerability is caused due to an error in the handling of an URL that contains the 0xAD character in its domain name. This can be [...] VERIFY ADVISORY: http://secunia.com/advisories/16764/ Secunia Security Advisories

+ The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them) + "An exclusive look at how the hackers called TITAN RAIN are stealing U.S. secrets" by TIME Magazine It was another [...] commandeer a hidden section of a hard drive, zip up as many files as possible and immediately transmit the data to way stations in So

+ Windows Flaw May Let Hackers Hide Code From AV Scanners + A flaw in how Windows handles entries in the all-important registry can be used by hackers to hide evidence of malicious code from a [...] software to the "Run" registry key (at "HKey_Local_MachineSoftwareMicrosoftWindowsCurrentVersionRun&

+ Bot Battle Brewing + Just as the author of the Zotob bot worm was tentatively identified Wednesday as the same individual who wrote some of the Mytob [...] an e-mail. Unlike in 2004's Bagle vs. Netsky brouhaha, however, the motive isn't notoriety -- the Netsky author, for instance, was a

+ Microsoft Issues Critical Security Bulletins, Says Exploits Already Exist + Microsoft on Tuesday released a trio of security bulletins, all tagged as critical, two for Windows, the third for older editions of [...] and applications. According to Microsoft, the module's method of handling color profiles is flawed, and could be used by a hacker

+ Man Charged With Stealing Wi-Fi Signal + Police have arrested a man for using someone else's wireless Internet network in one of the first criminal cases involving this fairly [...] Dinon's network. Prosecutors declined to comment, and a working phone number could not be located for Smith. By the Associated Press

+ Organized cybercrime has IT security experts scared + Unlike the script kiddies of yesterday, today?s cyber-criminals are sophisticated, organized and out for a profit, according to a [...] Lewis said. They are a success because ?authentication remains a week point.? It?s dangerous because it erodes people?s confidence

+ Mass TCP Port Attack Could Be Imminent, Analyst Warns + An ominous increase in sniffing activity on TCP Port 445 could signal an impending mass malicious code attack targeting a recently [...] because such activity usually means a mass attack is imminent. "Such attacks typically follow a highly predictable timeline,

+ Mozilla / Firefox / Camino Dialog Origin Spoofing Vulnerability + Secunia Research has discovered a vulnerability in Mozilla, Firefox, and Camino, which can be exploited by malicious web sites to [...] VERIFY ADVISORY: http://secunia.com/advisories/15489/ Secunia Security Advisories

+ Microsoft Internet Explorer Dialog Origin Spoofing Vulnerability + Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious web sites to spoof dialog [...] VERIFY ADVISORY: http://secunia.com/advisories/15491/ Secunia Security Advisories

+ Opera Dialog Origin Spoofing Vulnerability + Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious web sites to spoof dialog boxes. The [...] VERIFY ADVISORY: http://secunia.com/advisories/15488/ Secunia Security Advisories

+ Microsoft Outlook Express News Reading Buffer Overflow + A vulnerability has been reported in Microsoft Outlook Express, which can be exploited by malicious people to compromise a user's [...] x64 Edition * Microsoft Windows XP Service Pack 2 PROVIDED AND/OR DISCOVERED BY: Discovered by anonymous person