Security Hero Rotating Header Image

May 18th, 2009:

4086

4086

VBS/AutoRun.CC, Win32/Adware.BHO.NCX, Win32/Adware.FlyStudio.H, Win32/Agent.NXT (2), Win32/Agent.PAR, Win32/Delf.ODU (2), Win32/Exploit.SQLexp.E (2), Win32/Flyagent.NAR, Win32/Flyagent.NAS, Win32/Flyagent.NAT, Win32/HacDef.073.A (2), Win32/Koutodoor.G, Win32/Koutodoor.P (3), Win32/Kryptik.IA, Win32/PSW.QQPass.GYF, Win32/Qhost, Win32/Qhost.LHF (2), Win32/SpamTool.Rlsloup.B, Win32/Spy.Bancos.NLW, Win32/Spy.Banker.QNJ (2), Win32/Spy.Banker.QSB (3), Win32/TrojanDownloader.Agent.PCC (2), Win32/TrojanDownloader.Zlob.CZJ, Win32/VB.OEA (5)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6045&Itemid=26

Adium 1.4 beta brings Twitter support and other goodies

Adium 1.4 beta brings Twitter support and other goodies

Our favorite multi-service messaging client, Adium has issued two awesome updates. For OS X 10.4 Tiger users, or users who just want to use the most “stable” Adium release, the team has released Adium 1.3.4. This version boasts and updated core library and an updated Facebook chat plugin. The Adium blog states that this will likely be the last update for OS X 10.4 Tiger users.

If you’re running OS X 10.5 Leopard and you want to get a taste of some new Adium features, the first beta of Adium 1.4 is also now available. The big news with Adium 1.4 is Twitter support! In addition to Twitter, Adium 1.4 also supports IRC, enhanced group messaging (independent styles and whatnot) and a slew of other improvements and enhancements.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31353

SSH flaw could still cause problems

SSH flaw could still cause problems

A highly dangerous SSH flaw discovered a few months ago could still cause your organisation headaches, according to security experts.

The vulnerability was first made public when it emerged last November that researchers at Royal Holloway’s Information Security Group had found the flaw, which could allow hackers access to sensntive data.

SSH, or the Secure Shell Protocol, was designed to provide a secure channel between networked devices by encrypting data and is widely used by system administrators to allow them to securely access remote systems and to transfer sensitive data across the internet, according to the ISG.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31352

Five reasons why Hollywood will win

MPAA vs. RealNetworks: Five reasons why Hollywood will win

RealNetworks, the company behind the Real media player and Rhapsody music service, could this week become the latest courtroom conquest of the entertainment industry’s fierce efforts to protect copyrights.

On Thursday, U.S. District Judge Marilyn Patel is expected to hear closing arguments in proceedings that will determine whether to remove a ban on the sale of RealDVD. The $30 software enables users to create and store copies of DVDs to their computer hard drives.

The Motion Picture Association of America (MPAA), the trade group representing the six largest film studios, filed suit last September to stop the sale of RealDVD and accused Real of copyright infringement and breach of contract. RealDVD and Facet, a proposed DVD player that can copy and store films, would hand users the ability to copy rented discs without paying a cent for them. The practice is known as “rent, rip, and return.”

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31351

The Sims 3 Leaked Two Weeks Before Its Launch

The Sims 3 Leaked Two Weeks Before Its Launch

It can¡¦t get any better than this for gamers: The Sims 3 video game has been leaked on torrents two weeks before its official release. This is just unbelievable, as a few weeks ago, the an unfinished version of the Wolverine movie was leaked on torrents about 30 days before its premiere. According to Electronic Arts and Maxis, the game will officially be released on Junde 2, and for the moment none of them reacted on The Sims 3 leak on torrents.

We can say that hackers and pirates have won another battle against publishers and distributors, and this will have to hurt EA a lot. For the moment we can¡¦t tell for sure if the game is real as the packed/unpacked leaks are sized somewhere near 5GB. The small size of the game makes us think that this is not the actual game, but maybe it¡¦s an unfinished version of The Sims 3 life simulation game.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31350

Korean Ministry of Strategy and Finance to establish cyber security center

Korean Ministry of Strategy and Finance to establish cyber security center

The Ministry of Strategy and Finance will establish a cyber security center for financial and economic agencies, officials said yesterday. They said the security center to be set up early next year will be responsible for protecting major economic and financial organizations including the Bank of Korea and the National Tax Service.

The plans have been drawn up apparently in response to an incident in February when hackers broke into the Finance Ministry’s computer system. At the time, hackers sent e-mails disguised as official correspondences to Finance Ministry officials to break into the system.

The case is being investigated by the National Intelligence Service as the ministry’s system contains information concerning the country’s economic policies and other classified materials and the hackers may have been acting on behalf of other countries.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31349

ShouldIBackupMy.com – A project for Open Hack 2009

ShouldIBackupMy.com ¡V A project for Open Hack 2009

Last week I attended Open Hack 2009, an event hosted by Yahoo in which participants are encouraged to create applications (hacks) in 24 hours ideally using their APIs or libraries. During the last two Hack Days at which Yahoo was one of the main sponsors I never really got around to playing with their APIs that much, so I was eager to get my hands on them this time and see what was possible.

Yahoo has been in the news quite a lot lately, with an unsuccessful take over by Microsoft in 2008, the subsequent drop in stock price from $30 to $10, and the recent announcement of the closing of their once popular Geocities web hosting service. Some hackers at Open Hack including myself were a bit concerned about the amount of data we keep in the cloud, and the power that these big companies hold in choosing when to discontinue a service.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31348

Are You Holding Off on a PSP Purchase?

Are You Holding Off on a PSP Purchase?

Summer is almost here, and with it comes the chance to kick back in the great out-of-doors, get a tan, and forget the working world. Barbecues, hiking, trips to the beach – all opportunities to bring along your favorite video game handheld. Having grown out of touch-based minigames, many gamers might be considering taking the plunge and bringing Sony’s PSP along with them this year instead.

Despite the awesome lineup of games coming for the PSP, however, there are some factors that might be holding consumers back from picking up the hardware at retail. With a new revision on the way, what are the pros and cons of grabbing Sony’s handheld at the current price? We examine each in detail to see if now is a good moment to open your wallets or whether it would be better to hold off for a few months.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31347

FBI Budget Request for High-Tech Surveillance Capabilities Soar

FBI Budget Request for High-Tech Surveillance Capabilities Soar

The Federal Bureau of Investigation¡¦s budget request for Fiscal Year 2010 reveals that America¡¦s political police intend to greatly expand their high-tech surveillance capabilities.

According to ABC News, the FBI is seeking additional funds for the development of ¡§a new ¡¥Advanced Electronic Surveillance¡¦ program which is being funded at $233.9 million for 2010. The program has 133 employees, 15 of whom are agents.¡¨

Known as ¡§Going Dark,¡¨ the program is designed to beef up the Bureau¡¦s already formidable electronic surveillance, intelligence collection and evidence gathering capabilities ¡§as well as those of the greater Intelligence Community,¡¨ ABC reports.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31346

IIS 6 attack could let hackers snoop on servers

IIS 6 attack could let hackers snoop on servers

Security vendors are warning users of Microsoft’s Internet Information Services 6 Web-server software that a new online attack could put their data at risk.

The flaw was made public Thursday, when security researcher Nikolaos Rangos posted details of the vulnerability to the Full Disclosure security mailing list. By sending a specially crafted HTTP request to the server he was able to view and upload files on the machine. The attack takes advantage of a bug in the way that Microsoft’s software processes Unicode tokens, he said.

The vulnerability is being used in online attacks, the U.S. Computer Emergency Response Team said Monday. In a statement, Microsoft said it hadn’t heard of any such attacks, but that it was investigating Rangos’ claims. “We are working on a security advisory to provide customers with guidance,” the company said.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31345

1377 (openssl)

CVE-2009-1377 (openssl)

The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of “future epoch” DTLS records that are buffered in a queue, aka “DTLS record buffer limitation bug.”

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1377

IBM AIX ‘MALLOCDEBUG’ File Overwrite Vulnerability

Vuln: IBM AIX ‘MALLOCDEBUG’ File Overwrite Vulnerability

IBM AIX ‘MALLOCDEBUG’ File Overwrite Vulnerability

URL: http://www.securityfocus.com/bid/35034

PHP Site Lock Cookie Authentication Bypass Vulnerability

Vuln: PHP Site Lock Cookie Authentication Bypass Vulnerability

PHP Site Lock Cookie Authentication Bypass Vulnerability

URL: http://www.securityfocus.com/bid/34815

OCS Inventory NG Existing/Non-Existing Username Enumeration Weakness

Vuln: OCS Inventory NG Existing/Non-Existing Username Enumeration Weakness

OCS Inventory NG Existing/Non-Existing Username Enumeration Weakness

URL: http://www.securityfocus.com/bid/35023

activeCollab ‘re_route’ Parameter Cross Site Scripting Vulnerability

Vuln: activeCollab ‘re_route’ Parameter Cross Site Scripting Vulnerability

activeCollab ‘re_route’ Parameter Cross Site Scripting Vulnerability

URL: http://www.securityfocus.com/bid/35022