Browsing Category: Vulnerabilities

Categories: Vulnerabilities

By Georg Wicherski

As already reported by F-Secure, criminals are using the Conficker hype to push rogue anti-virus software to computer users.
Their solution will sometimes display false alerts on clean systems and try to lure their victims into buying a fake cleaning program for $39.95 from them. Opposed to what they were claiming on remove-conficker.org (website already taken down), their solution fails to detect Kido.  Read more and see video demo [viruslist.com] of this latest threat.

Read more...

Categories: Vulnerabilities

As the world prepares for the complete destruction of the Internet tomorrow when the Conficker worm makes a small change in its communication protocol, a voice of reason has emerged from the wilderness. The Honeynet Project on Monday released a paper with a detailed analysis of the worm as well as some weaknesses in its design that allow for identification of infected machines.

Read more...

Categories: Vulnerabilities

By Gunter Ollmann
It’s like one of those magic candles people place on birthday cakes that sparkle and relight themselves each time you think they’ve been blown out. That’s how I’d define the most recent ignition of the “bugs for cash” debate.

By now you’ll have probably heard that Dino Dai Zovi, Charlie Miller and Alex Sotirov have declared “No more free bugs” (Dai Zovi affirms his position and provides insight to his side of the argument over on his blog titled “No more free bugs”). 

Read more...

Categories: Vulnerabilities

By Dancho Danchev, ZDNet
Earlier this month, the controversial BBC purchase of a botnet and modifying the infected hosts in the name of “public interest” sparked a lot of debate on the pros and cons of their action. Condemned by certain security vendors, and naturally, at least from guerrilla PR perspective, applauded and encouraged as a awareness raising tactic by others, the discussion shifted from technical to moral and legal debate, leaving a single question unanswered – what is the name of the botnet that the BBC rented and what’s so special about it?

Until now. Let’s take a peek inside the BBC “Chimera Botnet” [zdnet.com] offered for rent by a Russian Cybercrime-as-a-service (CaaS) vendor.

Read more...

Just days ahead of an April 1st activation date for the Conficker worm, a pair of security researchers from the Honeynet Project have scored a major breakthrough, finding a way to remotely and anonymously fingerprint the malware on infected networks.
Now, with the help of Dan Kaminsky and Rich Mogull, off-the-shelf network scanning vendors, including the freely available nmap, have the ability to quickly detect Conficker infections.

Read more...

Categories: Vulnerabilities

By Joe Stewart, SecureWorks

If you’ve been reading any news at all on the Internet in the past week, you’ve probably heard that Conficker Armageddon is approaching, and it’s scheduled for April 1st, only a few days from now.
The truth is, there will be no April 1st outbreak, despite what some of the press stories have said so far. The only thing that will happen with Conficker on April 1st is that already-infected systems will begin to use a new algorithm to locate potential update servers. There, that’s not so scary, is it? So why all the fuss over the 1st?
Read the full essay [secureworks.com]

Read more...

Categories: Vulnerabilities

Software vendors and security officials in several countries have been working for nearly six months on a fix for a serious flaw in a number of TCP implementations that caused a lot of controversy and speculation last fall. The problem could allow attackers to consume all of the resources on a given remote server, essentially making it unusable.

Now, it appears that the release of a patch for the weakness may not come for several more months.

Read more...

Categories: Vulnerabilities

The OpenSSL Project has released new versions of its popular implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols to fix multiple security vulnerabilities.
According to an advisory [openssl.org], the update fixes three security flaws that carry “moderate severity” ratings.  The raw details:

Read more...

Categories: Vulnerabilities

When Mark Dowd and Alex Sotirov demonstrated a technique for bypassing Vista’s memory protections at Black Hat last year, the security community was stunned. Microsoft officials said at the time they were working on ways to defeat the pair’s attack and now that protection has arrived, in the form of Internet Explorer 8.

Read more...