Security Hero Rotating Header Image

Chat

Its summer…Do you know what your kids are doing?, (Fri, May 29th)

Its summer…Do you know what your kids are doing?, (Fri, May 29th)

School is over or about to be over for many kids. With that comes many families whose parents work and kids will be left at home to relax and enjoy their summer vacation. This means alot of free time and an internet out there just waiting to be explored. Everyone is aware of the need to keep your kids safe while on the internet. But in some cases, there is a need to keep the internet and others safe from your kids. Let me explain that last comment. Kids with too much time on their hands get into trouble. You hear about it all the time on the news with kids getting into trouble with things such as vandalism, stealing,etc. What about kids getting into trouble on the internet?
Do a google search on the phrase teenage hacker and see what comes up. Kids are curious and learn fast. The internet can become a playground for them to explore and test out cool new programs and tools they find on the internet or write themselves. Chat rooms are available where kids can learn many things from others and want to try them for themselves. They can also get pulled into the wrong crowd on the internet and get in way over their heads fast. They may not even see anything wrong with it, its just computers after all.
Most of the filtering technology today focuses on web traffic. What are your kids looking at on the web. That is a good thing, but there are many other ports and protocols available and nothing watching them. Would you know if your child was running a botnet? Stealing credit card numbers? Hacking into websites? Its not a game and there are real consequences to it, even sometimes when the intent may have been to do good.Here are some recent examples:
Nineteen-year-old Dmitriy Guzner from New Jersey was part of an underground hacking group named ‘Anonymous’ that targeted the church with several attacks. He could face ten years in prison on computer hacking charges and is due to be sentenced on August 24. http://www.securecomputing.net.au/News/144850,teenage-hacker-pleads-guilty-to-church-of-scientology-cyber-attacks.aspx

Twitter has announced a review into four worm attacks on the site as a teenage hacker admits he could be jailed for his role in the stunt. http://news.sky.com/skynews/Home/Technology/Twitter-Worm-Attack-Biz-Stone-Announces-Review-As-Teenage-Hacker-Michael-Mooney-Speaks-Out/Article/200904215261579
A teenage hacker whose campaign to expose holes in Internet security sparked an FBI investigation was being sentenced in court today. http://www.independent.co.uk/news/business/news/teenage-hacker-to-be-sentenced-for-internet-crusade-676871.html

As parents, we need to also talk to our kids about the other dangers that are on the internet. Dangers such as hacking, virus making, botnet creation, stealing, etc. You may think your child is doing nothing but sitting on a computer playing. But keep in mind that computer on the internet is a portal to a whole nother world.

URL: http://isc.sans.org/diary.php?storyid=6490&rss

Adium 1.4 beta brings Twitter support and other goodies

Adium 1.4 beta brings Twitter support and other goodies

Our favorite multi-service messaging client, Adium has issued two awesome updates. For OS X 10.4 Tiger users, or users who just want to use the most “stable” Adium release, the team has released Adium 1.3.4. This version boasts and updated core library and an updated Facebook chat plugin. The Adium blog states that this will likely be the last update for OS X 10.4 Tiger users.

If you’re running OS X 10.5 Leopard and you want to get a taste of some new Adium features, the first beta of Adium 1.4 is also now available. The big news with Adium 1.4 is Twitter support! In addition to Twitter, Adium 1.4 also supports IRC, enhanced group messaging (independent styles and whatnot) and a slew of other improvements and enhancements.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31353

The New York Times Twitter Account Hijacked

The New York Times Twitter Account Hijacked

The Moment, a popular fashion blog belonging to the New York Times, had its Twitter account commandeered by cyber-crooks. Following the incident, more than half a million users of the micro-blogging platform received adult-oriented spam.

A message reading, “Everyone visit http://tinyurl.com/[removed] for 100% FREE webcam girls/guys doing anything you ask them in the chat, I love it personally,” baffled The Moment’s Twitter followers on Thursday.

The security breach was confirmed a couple of hours later, after the real owners regained control of the compromised account. “In case that spam wasn’t obvious enough ˇX Yes, we were hacked! What a lousy way to thank our half million followers. Sorry everybody!” they wrote.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31332

Apple Mac OS X iChat Disabled SSL Connection Information Disclosure Vulnerability

Vuln: Apple Mac OS X iChat Disabled SSL Connection Information Disclosure Vulnerability

Apple Mac OS X iChat Disabled SSL Connection Information Disclosure Vulnerability

URL: http://www.securityfocus.com/bid/34973

Apple delivers jumbo security update for Mac OS X

Apple delivers jumbo security update for Mac OS X

Apple Inc. today patched 67 vulnerabilities in Mac OS X, including two bugs that researchers used in March to walk off with $5,000 each in a noted hacking contest.

Tuesday’s update was the largest for Apple since March 2008. “For Apple, updates this size are now becoming the norm,” said Andrew Storms, director of security operations at nCircle Network Security.

Security Update 2009-002, which was bundled with the upgrade for Leopard to Mac OS X 10.5.7, and available separately for users of Tiger, plugged holes in BIND, CoreGraphics, Disk Images, Flash Player, iChat, Kerberos, QuickDraw Manager, Safari, Spotlight, WebKit and other bits and pieces of the operating system.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31273

Apple patches and updates, (Tue, May 12th)

Apple patches and updates, (Tue, May 12th)

Apple released patches today:

Apple OS X 10.5.7 update / Security update 2009-002
10.5.7 is an update of the operating system (much like a service pack in the windows world) and contains functionality as well as security updates.
The security content of this update is:

Apache: CVE-2008-2939, CVE-2008-0456
ATS: CVE-2009-0154
BIND (update to 9.3.6-P1 or 9.4.2-P1): CVE-2009-0025
CFNetwork: CVE-2009-0144, CVE-2009-0157
CoreGraphics: CVE-2009-0155, CVE-2009-0146, CVE-2009-0147, CVE-2009-0165
Cscope: CVE-2009-0148
CUPS: CVE-2009-0164
Disk Images: CVE-2009-0150, CVE-2009-0149
Enscript (update to 1.6.4): CVE-2004-1184, CVE-2004-1185, CVE-2004-1186, CVE-2008-3863
Flash Player plug-in (update to 10.0.22.87 or 9.0.159.0): CVE-2009-0519, CVE-2009-0520, CVE-2009-0114
Help Viewer: CVE-2009-0942, CVE-2009-0943
iChat: CVE-2009-0152
International Components for Unicode: CVE-2009-0153
IPSec:CVE-2008-3651, CVE-2008-3652
Kerberos: CVE-2009-0845, CVE-2009-0846, CVE-2009-0847, CVE-2009-0844
Kernel: CVE-2008-1517
Launch Services: CVE-2009-0156
libxml: CVE-2008-3529
Net-SNMP: CVE-2008-4309
Network Time: CVE-2009-0021, CVE-2009-0159
Networking: CVE-2008-3530
OpenSSL: CVE-2008-5077
PHP: CVE-2008-3659, CVE-2008-2829, CVE-2008-3660, CVE-2008-2666, CVE-2008-2371, CVE-2008-2665, CVE-2008-3658, CVE-2008-5557 (upgrade to 5.2.8)
QuickDraw Manager: CVE-2009-0160, CVE-2009-0010
Ruby (a.o. update to 1.8.6-p287): CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2009-0161
Safari: CVE-2009-0162
Spotlight: CVE-2009-0944
system_cmds
telnet: CVE-2009-0158
WebKit: CVE-2009-0945
X11 (a.o. updates to FreeType 2.3.8, libpng 1.2.35): CVE-2006-0747, CVE-2007-2754, CVE-2008-2383, CVE-2008-1382, CVE-2009-0040, CVE-2009-0946

as always, this update is all or nothing, o no mixing and matching of what you need more urgently than other.

Safari 4 beta

libxml: CVE-2008-3529
Safari: CVE-2009-0162
WebKit: CVE-2009-0945

Safari 3.2.3

libxml: CVE-2008-3529
Safari: CVE-2009-0162
WebKit: CVE-2009-0945

MataChat ‘input.php’ Multiple Cross Site Scripting Vulnerabilities

Vuln: MataChat ‘input.php’ Multiple Cross Site Scripting Vulnerabilities

MataChat ‘input.php’ Multiple Cross Site Scripting Vulnerabilities

URL: http://www.securityfocus.com/bid/34722

MataChat Cross-Site Scripting Vulnerabilities

MataChat Cross-Site Scripting Vulnerabilities

<!– Envelope-to: email@address Delivery-date: Mon, 27 Apr 2009 16:41:03 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1LySx5-00086L-0W for email@address; Mon, 27 Apr 2009 16:41:03 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id F0AC2236F2D; Mon, 27 Apr 2009 09:05:50 -0600 (MDT) Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:bugtraq-help@securityfocus.com> List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Received: (qmail 5976 invoked from network); 25 Apr 2009 05:53:34 -0000 Message-ID: <20090425055840.29668.qmail@securityfocus.com> Content-Type: text/plain Content-Disposition: inline MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) Content-Transfer-Encoding: quoted-printable X-IMAPbase: 1176125385 8893 Status: O X-UID: 8892 Content-Length: 2925 X-Keywords:

4Chan Takes Over The Time 100

4Chan Takes Over The Time 100

Look closely at Time magazine’s online voting results so far for the Time 100 and you will see at the top someone called moot (aka 21-year-old Christopher Poole), the founder of 4chan, the notorious online bulletin board where hackers like to hang out. Not only did moot’s followers manage to get his name to the top of the Time 100 reader’s list, they also manipulated the next 20 spots. If you take the first letter of each name, it spells out the cryptic message, “Marblecake, also the game.” (See image below). Update: According to a tip, marblecake was also the name of the chatroom “where Project Chanology was born (4chan’s war against Scientology).”

It turns out the results were hacked with an auto-voting program spread on 4chan. (For details of the hack, read this post). What does it mean? Marblecake is a sophomoric sexual reference, which is in keeping with the spirit of 4chan, which also claims to be where Rickrolling and Lolcats got their start.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31002

Denial of Service

Bugtraq: [ GLSA 200904-04 ] WeeChat: Denial of Service

[ GLSA 200904-04 ] WeeChat: Denial of Service

URL: http://www.securityfocus.com/archive/1/502479

Denial of Service

[ GLSA 200904-04 ] WeeChat: Denial of Service

Posted by Tobias Heinlein on Apr 04

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Gentoo Linux Security Advisory GLSA 200904-04
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

URL: http://seclists.org/fulldisclosure/2009/Apr/0040.html

Major Chinese Game (Duowan) Spoofed Web Site Serving Trojan Ranked Top in Baidu

Malicious Web Site / Malicious Code: SEO Poisoning: Major Chinese Game (Duowan) Spoofed Web Site Serving Trojan Ranked Top in Baidu

Websense® Security Labs™ ThreatSeeker™ Network has discovered that a download site supplying free audio chat software to users under Duowan.com has been SEO poisoned with the intention of directing visitors to a malicious site.

Duowan.com is a large Chinese Internet game community which has an Alexa traffic rank of 448. If you search for YY in Baidu.com, the malicious site which is masquerading as the Duowan.com download site appears as the first result.

The search result in Baidu.com:

The fake site: 

This is the offical site:

Macs lacking in security

Charlie Miller: Macs lacking in security

Youˇ¦ve probably seen the headlines: ˇ§Pwn2Own 2008: MacBook Air hacked in 2 minutesˇ¨ or ˇ§Pwn2Own 2009: Safari/MacBook falls in seconds.ˇ¨ But thereˇ¦s a story behind every headline and who better to get the story from than Charlie Miller, the man behind the headlines? We had the opportunity to chat with Charlie after his back-to-back successes in demonstrating zero-day exploits affecting the Mac.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=30634

Ontario Court Orders Website To Disclose Identity of Anonymous Posters

Ontario Court Orders Website To Disclose Identity of Anonymous Posters

An Ontario court has ordered (pdf) the owners of the FreeDominion.ca to disclose all personal information on eight anonymous posters to the chat site. The required information includes email and IP addresses. The case arises from a lawsuit launched by Richard Warman, the anti-hate fighter, against the site and the posters. The court focused heavily on the Ontario Rules of Civil Procedure, which contain a strong duty of disclosure on litigants.

Source – Michael Geist

Reddit It | Digg This | Add to del.icio.us

URL: http://www.pogowasright.org/article.php?story=20090325065105842

PHPizabi ‘modules/chat/dac.php’ Local File Include Vulnerability

Vuln: PHPizabi ‘modules/chat/dac.php’ Local File Include Vulnerability

PHPizabi ‘modules/chat/dac.php’ Local File Include Vulnerability

URL: http://www.securityfocus.com/bid/34213