Tuesday, June 24th, 2008
The MSRC released an advisory today that discusses the recent SQL injection attacks and announces three new tools to help identify and block these types of vulnerabilities. The advisory discusses the new tools, the purpose of each, and the way each complements the others. The goal of this blog post is ...
Posted in Coding, Internet, Security, Software | No Comments
Monday, April 28th, 2008
Microsoft has provided security advice to web developers using its products after many such sites were compromised. Last week, hundreds of thousands of web pages were infected with a malicious iframe which tries to infect visitors with a trojan. Many high profile sites including the United Nations (un.org), the UK ...
Posted in Internet, Security | No Comments
Tuesday, April 22nd, 2008
Following a friendly heads up from someone yesterday morning, I re-loaded the
following Kraken samples into my honeypot:
1d51463150db06bc098fef335bc64971
65b958bf6f5eddca3d9455354af08b6f
6ec7d67d5553cbec2a99c7fbe385a729
7ecef2f126e66e7270afa7b803f715bc
8fd8c67103ec073d9303a7fbc702f89a
and began monitoring them. Each sample proceeded to update itself;
the updated binary is around 160KB, given a random name and
placed in the system32 directory, and no longer has an imagefile icon.
The names/MD5 values of ...
Posted in Coding, Internet, Privacy, Security | No Comments
Monday, April 21st, 2008
In a security alert last week, Microsoft reported a vulnerability which allows local users and users signed on with access to an Internet Information Server (IIS) or MS SQL server to escalate their privileges. Server operators such as hosting providers who allow user code to be executed, for example on ...
Posted in Coding, Privacy, Security, Windows | No Comments
Friday, April 18th, 2008
Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2 and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. Customers who allow user-provided code to run ...
Posted in Security, Windows | No Comments
Saturday, March 8th, 2008
More than 100 Web servers running Microsoft's Internet Information Services software are still infected with malicious code that was part of a widespread Internet attack, known as Scob, or Download.ject, that began two weeks ago, a security researcher says.
Dan Hubbard director of security and technology research at Websense Inc., a ...
Posted in Security | No Comments
