Security Hero Rotating Header Image

April, 2009:

4048

4048

BAT/TrojanDownloader.Agent.NAG, Win32/Adware.Coolezweb (3), Win32/Adware.Virtumonde.NEK (2), Win32/Agent.CEAJ (2), Win32/Agent.PIW, Win32/Autoit.AG, Win32/Autoit.FR, Win32/AutoRun.FlyStudio.IG, Win32/Bagle.RD, Win32/Delf.OGU (2), Win32/DNSChanger.NAO, Win32/Hupigon, Win32/IRCBot.ADZ, Win32/PcClient.NDO (2), Win32/PcClient.NDP (2), Win32/PSW.Delf.NPC, Win32/PSW.LdPinch.NCB, Win32/Rootkit.Agent.NIA, Win32/Rootkit.Agent.NLF (2), Win32/Spy.Banker.OWM (2), Win32/Spy.Banker.QEP, Win32/Spy.Delf.NQK, Win32/Spy.Delf.NTC (2), Win32/Spy.Zbot.BA, Win32/Spy.Zbot.JF (2), Win32/TrojanClicker.VB.NGP, Win32/TrojanDownloader.Agent.OXU, Win32/TrojanDownloader.Agent.PAR (2), Win32/TrojanDownloader.FakeAlert.ABF (2), Win32/TrojanDownloader.Zlob.CZK, Win32/TrojanDropper.Joiner.AJ, Win32/TrojanProxy.Ranky, Win32/VB.OCL

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=5991&Itemid=26

udev

[ MDVSA-2009:104 ] udev

Posted by security_at_mandriva.com on May 01

 _______________________________________________________________________

 Mandriva Linux Security Advisory MDVSA-2009:104
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package :…

URL: http://seclists.org/fulldisclosure/2009/Apr/0316.html

Sony chooses Trend Micro for PlayStation security

Sony chooses Trend Micro for PlayStation security

Trend Micro has announced that it is developing web security software for Sony gaming devices.

With gamers increasingly playing online, Sony commissioned Trend Micro to develop Internet security software for its PlayStation 3 (PS3) and PlayStation Portable (PSP) gaming platforms.

Services provided by the software include Kidˇ¦s Safety URL Filtering, controlling childrenˇ¦s access to gambling, violent, or sexual websites; and Web Reputation technology to protect gamers from being victimised by hackers and phishing sites. Rik Ferguson, Trend Micro senior security adviser, said: ˇ§We are happy to announce this partnership with Sony today. ˇ§By having our technology in place, PS3 and PSP users all over the world can enjoy a fully connected gaming experience without the worries of Internet crime.ˇ¨

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31099

Cyber Security Review Release Is Imminent

Cyber Security Review Release Is Imminent

The Obama administration will release its plans for a major overhaul of the nation’s cyber security policies in the coming days, a senior administration official said today.

Speaking to intelligence industry professionals in McLean, VA, Melissa Hathaway, tasked by the White House with a 60-day review of the nation’s cybersecurity infrastructure, said that the H1N1 flu response had delayed the roll-out.

In her speech, Hathaway did not say much about the administration’s policy changes, although published reporters indicate that Obama plans to create a powerful national cybersecurity directorate that would work through the Department of Homeland Security, establish a national cybersecurity recovery plan and resolve longstanding conflicts between agencies.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31098

McAfee profit jumps

McAfee profit jumps

McAfee, the second-biggest maker of security software, reported a 77 percent rise in first- quarter profit after customers renewed subscriptions and added programs that safeguard data.

Net income climbed to $53.5 million, or 34 cents a share, the Santa Clara company said today in a statement. Excluding acquisition costs and other expenses, profit was 57 cents a share, beating the 49-cent average estimate of analysts in a Bloomberg survey.

Security software is proving resilient to a broader slump in technology spending because of a constant threat from hackers and viruses. Chief Executive Officer Dave DeWalt also is seeking new customers by signing deals with personal-computer makers and Internet services, which offer trial versions of McAfee’s programs. “The profitability speaks to a company that is navigating through the storm as well as investors can expect,” said Daniel Ives, an analyst with Friedman Billings Ramsey & Co. in New York. He doesn’t own the shares, which he expects to perform in line with the market. “Their strategy of creating partnerships on the PC front has been a key tenet in their ability to further penetrate the consumer market.”

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31097

Facebook fights “phishing” scam

Facebook fights “phishing” scam

Facebook Thursday said it has blocked a link at the heart of a “phishing” scam being used to dupe members into revealing passwords to accounts at the social networking website.

Facebook also announced it is expanding an alliance with Internet security firm MarkMonitor to better protect users from hackers and online subterfuge.

“The meteoric success of Facebook makes it a natural target for malware attacks that seek to capitalize on their trusted and recognizable brand,” said MarkMonitor chief marketing officer Frederick Felman. “Our experience … allows us to expertly address Facebook’s concerns about malware and phishing, and to help protect their platform and their users from ongoing attacks.”

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31096

6781 (ez_gaming_directory)

CVE-2008-6781 (ez_gaming_directory)

SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6781

6780 (ez_affiliate)

CVE-2008-6780 (ez_affiliate)

SQL injection vulnerability in directory.php in Scripts for Sites (SFS) SFS EZ Affiliate allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6780

6779 (sarkilar)

CVE-2008-6779 (sarkilar)

SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a showcontent action to modules.php.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6779

6778 (ez_auction)

CVE-2008-6778 (ez_auction)

SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6778

6777 (myphp_forum)

CVE-2008-6777 (myphp_forum)

Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a confirm action, the (2) user parameter in a newconfirm action, and (3) reqpwd action to member.php; and the (4) quote parameter in a post action and (5) pid parameter in an edit action to post.php, different vectors than CVE-2005-0413.2 and CVE-2007-6667.

URL: http://web.nvd.nistgov/view/vuln/detail?vulnId=CVE-2008-6777

6776 (ez_hot_or_not)

CVE-2008-6776 (ez_hot_or_not)

SQL injection vulnerability in viewcomments.php in Scripts For Sites (SFS) EZ Hot or Not allows remote attackers to execute arbitrary SQL commands via the phid parameter.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6776

1499 (com_mailto)

CVE-2009-1499 (com_mailto)

SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1499

Adobe Reader ‘getAnnots()’ JavaScript Function Remote Code Execution Vulnerability

Vuln: Adobe Reader ‘getAnnots()’ JavaScript Function Remote Code Execution Vulnerability

Adobe Reader ‘getAnnots()’ JavaScript Function Remote Code Execution Vulnerability

URL: http://www.securityfocus.com/bid/34736

RM Downloader ‘.smi’ File Buffer Overflow Vulnerability

Vuln: RM Downloader ‘.smi’ File Buffer Overflow Vulnerability

RM Downloader ‘.smi’ File Buffer Overflow Vulnerability

URL: http://www.securityfocus.com/bid/34794