funsec mailing list archives
today in the news
From: Paul Vixie <paul () vix com>
Date: Tue, 25 Jul 2006 00:34:42 +0000
http://news.com.com/2010-7355_3-6097678.html?part=rss&tag=6097678 "Perspective: Zero-day Wednesdays" Somewhere--perhaps in the United States, but more likely, somewhere in China--a man walks out of a nondescript building, casts his eyes upon the urban landscape around him after spending an eight-hour day staring at a computer screen, and lights a cigarette. He does not know his bosses by name or by face; he knows only that he is paid, and paid pretty well, for his research. Like a legitimate computer-security researcher, he uses automated testing tools against Microsoft Office software, probing for buffer overflows, pointer errors or negative integers in Word, Excel and PowerPoint. Unlike a legitimate security professional, he does not report what he finds to Microsoft. ... http://it.slashdot.org/article.pl?sid=06/07/24/1442238 "Sophos Reveals Latest Spam-Relaying Countries" "For the first time in more than two years, the United States has failed to make inroads into its spam-relaying problem. The U.S. remains stuck at the top of the chart and is the source of 23.2 percent of the world's spam. Its closest rivals are China and South Korea, although both of these nations have managed to reduce their statistics since Q1 2006. The vast majority of this spam is relayed by 'zombies,' also known as botnet computers." ... http://it.slashdot.org/article.pl?sid=06/07/22/1612257 "Why Popular Anti-Virus Apps 'Don't Work'" Avantare writes "ZDNet Australia has a writeup about why AV apps don't work. The reason given is because the malware authors are writing code that will get around the signatures of the application by testing their code on the most popular anti-virus software before release." This comes as a follow up to another article detailing the sad state of anti-virus software currently on the market. ... http://it.slashdot.org/article.pl?sid=06/07/20/042253 "Banner Ad on Myspace Serves Adware to 1 Million" An anonymous reader writes "Washingtonpost.com's Security Fix blog reports that a banner ad running on MySpace.com and other Web sites used a Windows security flaw to push adware and spyware out to more than one million computer users this week. The attack leveraged the Windows Metafile (WMF) exploit to install programs in the PurityScan/ClickSpring family of adware, which bombards the user with pop-up ads and tracks their Web usage." ... http://it.slashdot.org/article.pl?sid=06/07/18/0237221 "Open Source Malware Search Engine" chr0.ot writes "Metasploit creator HD Moore has released an open-source search engine that finds live malware samples through Google queries. From the article: 'The new Malware Search project provides a Web interface that allows anyone to enter the name of a known virus or Trojan and find Google results for Web sites hosting malicious executables.' The tool then searches for actual malware signatures and uses the signature output from ClamAV to find the name of the malware. This is then used in conjunction with a PE signature matching method to form a Google query. Afterwards the malware can then be downloaded directly from Google." ... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- today in the news Paul Vixie (Jul 24)
- Re: today in the news Dude VanWinkle (Jul 25)
- RE: today in the news Larry Seltzer (Jul 25)
- Re: today in the news Florian Weimer (Jul 25)
- Re: today in the news Drsolly (Jul 25)
- Re: today in the news David Lodge (Jul 25)
- <Possible follow-ups>
- today in the news Paul Vixie (Aug 28)
- RE: today in the news Richard M. Smith (Aug 28)
- Re: today in the news Dude VanWinkle (Jul 25)