Home Vulnerabilities Exploits Hacking IT Security Malware
Twitter
RSS

Archive for July 21st, 2010

« Older Entries

Microsoft warns of Windows shortcut drive-by attacks

By admin on Wednesday, July 21st, 2010 | No Comments

Computerworld - Microsoft on Tuesday said that hackers could exploit the unpatched Windows shortcut vulnerability using drive-by download attacks that would trigger an infection when people simply surf to a malicious Web site.

A noted vulnerability researcher today confirmed that such attacks are possible.

In the revised security advisory published yesterday Microsoft acknowledged the new attack vector.

“An attacker could also set up a malicious Web site or a remote network share and place the malicious components on this remote location,” the company said in the advisory. “When the user browses the Web site using a Web browser such as Internet Explorer or a file manager such as Windows Explorer, Windows will attempt to load the icon of the shortcut file, and the malicious binary will be invoked.”

That language was a change from earlier statements by Microsoft, which had said that

Read the rest

Read More...

Conquering Large Web Apps With Solid Methodology

By admin on Wednesday, July 21st, 2010 | No Comments

This is one of those weeks where I’m trying to wrap up as much as possible before I’m out of the office for Black Hat, BSides, and DEFCON. One of those things is a Web application assessment for a client that’s a monstrous, open source beast with sub-applications bolted on from all over the place and tons of places for vulnerabilities to hide.

To get a handle on this particular Web app has been a challenge because there are regular updates coming down from the open source project’s developers and being applied by the developers without notificationto me. So, one day, I’m working on a cross site scripting (XSS) flaw to demo to the client showing them just how damaging an XSS attack can be, and the next day, it’s been patched.

Honestly, except for them killing the live demos I had planned, I can’t fault them… Read the rest

Read More...

Update: Dell warns of malware on server motherboards

By admin on Wednesday, July 21st, 2010 | No Comments

IDG News Service -

Dell is warning customers that “a small number” of its server motherboards may contain malicious software.

“The potential issue involves a small number of PowerEdge server motherboards sent out through service dispatches that may contain malware,” according to post on a Dell support forum. “This malware code has been detected on the embedded server management firmware.”

The malware issue affects a limited number of replacement motherboards in four servers, the PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410 models, wrote Forrest Norrod, vice president and general manager of server platforms at Dell, in an e-mail.

It only potentially manifests itself when a customer has a specific configuration and is not running current antivirus software, Norrod wrote.

“Dell is aware of the issue and is contacting affected customers. This issue does not affect systems… Read the rest

Read More...

Mozilla patches 16 security bugs in Firefox 3.6

By admin on Wednesday, July 21st, 2010 | No Comments

Computerworld - Mozilla on Tuesday patched 16 vulnerabilities, nine of them critical, in Firefox 3.6, the largest update for the open-source browser since March.

At the same time, the company patched 12 flaws in the older Firefox 3.5.

More than half — nine out of 16 — of the vulnerabilities in Firefox 3.6 were rated “critical,” Mozilla’s highest threat ranking, indicating that hackers may be able to use them to compromise a system running Firefox, then plant other malware on the machine. Of the remainder, two were pegged as “high” risks, while the other five were labeled as “moderate.”

Five of the vulnerabilities were reported to Mozilla by HP TippingPoint’s Zero Day Initiative (ZDI), one of the two leading commercial bug bounty programs, while two were handed to Mozilla’s developers by researchers who work for Google.

Earlier this month, Mozilla had said it was

Read the rest

Read More...

Certain Dell Server Parts Coming Pre-Bundled With Malware

By admin on Wednesday, July 21st, 2010 | No Comments

The job of many infrastructure operations professionals is to keep ne’erdowells from slipping spyware and other harmful software into their network. Some Dell server owners, however, might be finding out that they’ve installed it themselves.

Server giant Dell is warning its customers that a handful of motherboards were shipped with embedded spyware. The issue, first reported in The Register, does not affect all servers. The malware does not come pre-packaged from Dell’s factories.

The exact malware type, and how it managed its way onto motherboards, is yet unclear. Dell says the damage is limited to replacement motherboards for four Dell server products — PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410.

A Dell representative says the issue only affects a “specific” server configuration that does not run anti-virus software. The company’s calculation pegs the “maximum potential exposure” at 1% for all four

Read the rest

Read More...
« Older Entries