 Virus and Bug Patch AlertNetwork World's Virus and Bug Patch Alert Newsletter, 07/23/07Security team claims successful iPhone hackBy Jason MeserveSlow weekend on the security front. Are hackers and bug catchers on summer vacation or is this just the calm before the storm? Security team claims successful iPhone hack Today's bug patches and security alerts:
Four new updates from Ubuntu: Red Hat Cluster Suite (denial of service) ********** rPath releases three patches: Firefox / Thunderbird (multiple flaws) tcpdump (buffer overflow, code execution) lighttpd (denial of service, access control bypass) ********** Today's malware news: It's not often that we get a proof-of-concept (PoC) virus, but to receive four in two weeks is completely unprecedented. The first one, which we call MEL.Odorous is a virus for the Maya 3D scripting language. It searches in the current directory for uninfected files, and prepends itself to them. After infecting files, it runs the host as usual. Symantec Security Response Weblog, 07/19/07. From Elk Cloner to Peacomm: A quarter century of malware A quarter century of malware. You’d think we would have had this problem licked by now, yeah? No, not even close. Security to the Core blog, 07/18/07. ********** From the interesting reading department: Web 2.0 vulnerabilities to watch for Web 2.0 applications such as wikis, blogs and online document editing offer nice functionality for users, but the bad guys are paying close attention as well -- and some of their tricks may be all but undetectable. Computerworld, 07/19/07. Opinion: The stalker in your pocket For most of a century, nosey people, both professional and amateur, have used microphones and cameras to listen to and watch unsuspecting targets. Computerworld, 07/20/07. FBI planted spyware on teen's PC to trace bomb threats The FBI planted spyware on the computer used by a Washington state teenager to finger him as the person behind a rash of bomb threats e-mailed to his high school, court documents revealed this week. Computerworld, 07/19/07. Wii gets Flashed by a bug too! There have been lot of rumors and discussions about the recent Adobe Flash Player Remote Code Execution vulnerability. The most interesting thing is that it is a cross-platform vulnerability. Due to the fact that Flash can run in different browsers and on many different platforms, the discovery of this one vulnerability could leave all those operating systems and devices that are Flash-enabled open (e.g., including some advanced smartphones) to the attack. Symantec Security Response Weblog, 07/20/07.
|
| Contact the author: Jason Meserve is Network World's Multimedia Editor and writes about streaming media, search engines and IP Multicast. Check out his Multimedia Exchange Weblog. Check out Jason Meserve and Keith Shaw's weekly podcast "Twisted Pair" ARCHIVEArchive of the Virus and Bug Patch Alert Newsletter. BONUS FEATUREIT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE International subscribers, click here. SUBSCRIPTION SERVICESTo subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007 |
No comments:
Post a Comment