According to this story, there has been another compromise of a debian project server. (Is this the third in the last year?)… the Alioth webserver was offline most of the 5th of September… It was simply stopped because we discovered that some script kiddies were running an IRC proxy. After thorough investigation, we discovered that […]
It went un-noticed by most people for a few years. After all, the ones that were affected were just those that were “asking for it”. Where to start. Let’s see, back in the day there were some that sent out messages to other peoples computers and even when people tried to stop getting the messages […]
So, I had the script all ready, I’ve got my x11vnc custom compiled to be as widely compatible as possible, I’ve tested thoroughly on the internal network. The next step was to test my x11vnc “one cut and paste” script over the internet. So, I visited my parents pc which dual-boots Windows XP and Mandrake […]
Strange AIM worm going around. It apparently includes an interesting combination of rootkits, a rootkit detector, spyware/adware, and a specialized bittorrent client. The machines can then be controlled through IRC. Source seems to be the Middle East… IM hackers then control a global botnet where their infections can be tested and payloads are pushed. Facetime […]
F-Secure is reporting on another SPAM attack that tries to get people to click on a link to a site with an exploit-crafted WMF file. The message is along the lines of a claimed Professor at Yale announcing the unfortunate vandalism over the New Year holiday, the link purports to be pictures of the act […]
Incidents.org writes to remind as that bot’s aren’t just for Windows. The recent PHP exploits have seen the use of the “kaiten” bot. After infection on the system it connects to an IRC server. It would primarily target linux systems. They do give a very good way to blunt most Linux bot-style malwares… Send […]
Unfortunately a LOT of people that have bought Sony-BMG cds (or borrowed, whatever…) are going to have some headaches too. By stock in Tylenol or Aleve or something…. anyway… here’s todays roundup of Sony Rootkit news. Including a virus borrowing the gift of SONY… First up is some “backstory” that reminds us of Sony’s attitudes […]
Incidents.org is reporting scanning for phpbb include vulnerabilities through Google. Apparently there is an IRC botnet being “cultivated”. They are scanning for versions of phpBB prior to 2.0.10, the current release is 2.0.18. The new IRC bot scans for vulnerable systems using Google, when successful it announces that “oopz and sirh0t and Aleks g0t pwned […]
Along the lines of “Wishlist of Spyware Slime” that I referred to last week, it appears there’s a chat transcript out from before the arrest of the suspected writer of the mytob and zotob worms. The security fix has the details. Send article as PDF
Wednesday afternoon and Esbot is up to revision .B, Zotob is up to G according to Sarc (Symantec antivirus research). They have appropriate removal tools and details on affected systems there. Meanwhile the Sans institute (incidents.org) has a rundown of the latest in todays handlers diary. Send article as PDF
Bookmark this site now by pressing Ctrl+D
