Monday, March 30th, 2009 Experts have discovered a security hole in the computer code that powers the Conficker worm, an aggressive contagion that has spread to more than 12 million Microsoft Windows systems worldwide. The security community is treading lightly with this news, because while the discovery could make it easier to isolate infected ...
Posted in Coding, Internet, Security, Windows | 2 Comments
Thursday, March 26th, 2009 Mozilla Firefox is prone to a remote memory-corruption vulnerability.An attacker can exploit this issue to execute arbitrary code within the context of the affected browser. Failed exploit attempt will result in a denial-of-service condition.The following proof of concept is available:http://www.securityfocus.com/data/vulnerabilities/exploits/2009-ffox-poc.tar.gz
Posted in Coding, Internet, Security, Software | 1 Comment
Thursday, March 26th, 2009 Panda, an antivirus software company, has a new free Panda USB Vaccine available for download that can disable the Windows Autorun feature for an entire PC or a particular USB drive.The Autorun feature in Windows can make it easier to install software - and it can also be exploited by ...
Posted in Hardware, Security | No Comments
Wednesday, March 25th, 2009 Websense Security Labs ThreatSeeker Network has discovered that the official Web site of Peugeot in Romania has been compromised and is infecting the machines of site visitors with malicious code. Malicious code has been inserted onto the reported page of the site via iframes. These iframes redirect to the pages ...
Posted in Coding, Internet, Security | No Comments
Saturday, March 21st, 2009 As promised, the paper and the proof of concept code has just been posted on the ITL website here.A quote from the paper:
In this paper we have described practical exploitation of the CPU cache poisoning in order to read or write into (otherwise protected) SMRAM memory. We have implemented two ...
Posted in Coding, Hardware, Linux, Security, Windows | No Comments
