Malware spoofs AVG web site

Thursday, November 27th, 2008

A DANGEROUS new variant of malware is attacking PCs in the UK, the INQ has discovered. It hijacks the victim's browser and directs them to a fake site masquerading as AVG's own front page. THE URL which the INQ has discovered is http://0fficial-page-com/AVG1. [Note that it uses a zero not a ...

DoS vulnerabilities in Wireshark

Tuesday, November 25th, 2008

The pre-release version 1.0.5 of Wireshark, the network protocol analyser (or "packet sniffer"), has eliminated a vulnerability that could make it crash. It is reported that the error occurs during the analysis of over-long SMTP requests to a server. When the final version 1.0.5 will appear is still unknown, but ...

Gmail Security Flaw Proof of Concept

Monday, November 24th, 2008

Is it possible for someone to create a malicious filter without having access to your Gmail username and password? No, however, they can force you to create the filter without your knowledge. The blogosphere is buzzing about a Gmail Security Flaw that has caused some people to lose their domain names ...

Researchers find vulnerability in Windows Vista

Thursday, November 20th, 2008

An Austrian security vendor has found a vulnerability in Windows Vista that it says could possibly allow an attacker to run unauthorized code on a PC. The problem is rooted in the Device IO Control, which handles internal device communication. Researchers at Phion have found two different ways to cause a ...

Microsoft Communicator vulnerable to DoS attacks

Tuesday, November 18th, 2008

According to a report by VoIPshield, a VoIP security service provider, Microsoft's Office Communications Server (OCS), Office Communicator and Windows Messenger contain vulnerabilities that can be exploited for Denial of Service attacks. The applications can be crashed using specially crafted packets. VoIPshield does not want to release more detailed information until ...