When the news was first out that an antivirus firm (f-secure) had cracked the psuedo-random algorithm that the sober worm uses to determine where to download “updates” from, they said that they had previously notified German authorities where the free hosting sites were located so that they could deal with the sites. I did find that they have announced a list of the addresses for the January 5th update (and the January 6th as well.)
Category: Security
-
How much is a 0-day vulnerability worth?
ZDnet has this article today of an ebay auction for information on a Microsoft Excel vulnerability that the auction-seller had notified Microsoft of.
An online auction of a “brand new vulnerability” in Microsoft Excel had reached about $60 when eBay pulled the item late Thursday.
A seller using the name “fearwall” started the auction Wednesday evening at 1 cent. It was up to $56 on Thursday afternoon with 21 bids placed, and eBay quashed the auction soon after that.
-
10 things to do before hooking a Linux PC up to the net
An editor at tech republic gave a challange not too long ago to Linux users to step up and offer articles along the lines of the top 10 things to do before hooking a linux pc up to the internet. Click to read the first of these submissions (I don’t know if there will be more featured, but more are viewable here.)
-
DRM => spyware
Freedom-to-tinker once again has continued analysis of the whole Sony DRM mess. They basically have taken a look at the ways of protecting an audio cd. Active protection (using software to prevent the duplication of music) is currently the main practical solution if you’re pursuing DRM. But what’s interesting is how much in common they have with spyware writers.
-
More details on Sober worm
There’s a bit more detail in this betanews article on the sober worm. They basically say that the next expected “release” is January 8th, that f-secure has cracked the “code” of the worm. You see it appears that the URL’s that new versions of the worm are downloaded from are not hardcoded, but “psuedorandom” and they’ve cracked the algorithm the worm uses.
-
Two critical fixes from Microsoft on December patch Tuesday
December’s rendition of Microsoft’s monthly Patch Tuesday will feature two critical security fixes. The malicious software removal tool will also be updated…
Additionally, Microsoft will issue two non-security high-priority updates through Windows Update and Software Update Services, and three non-security high-priority updates through Microsoft Update and Windows Server Update Services. It is standard Microsoft procedure to not disclose the nature of the updates beforehand for security reasons.
-
Most home pc users lacking on PC security…
Surprise!!… ummm wait, no… This article has come out while I’ve been in the midst of cleaning up a Windows ME pc that has been “0\/\/ned” (owned/controlled…) by someone other than the owner for a bit over 15 months. The system had NO antivirus, no firewall (no antispyware) and used dialup for internet. (That much said, this is probably the most infected dialup system I’ve seen… 30-100 virii, 230+spyware remnants/etc.) Anyway…. the article from cnet news claims that a recent survey found 81% of home pc users lacked either
at least one of three types of critical security–a firewall, updated antivirus software or anti-spyware protection
-
Registrars not verifying contact information on domains?
According to a GAO report one of the reasons that phishing and scam websites are because of a lack of enforcement and policing by registrars of accurate contact information. According to their study over 5% of sites had been registered with false data. ~2.5% had been registered with incomplete information. These findings come from a random sample of 300 domain names that they then did lookups on the domains.