Friday, April 18th, 2008
The e-mail message addressed to a Booz Allen Hamilton executive was mundane—a shopping list sent over by the Pentagon of weaponry India wanted to buy. But the missive turned out to be a brilliant fake. Lurking beneath the description of aircraft, engines, and radar equipment was an insidious piece of ...
Posted in Internet, Privacy, Security | No Comments
Friday, April 18th, 2008
A demonstration of a security hole in the Microsoft Works Image Server (WkImgSrv.dll) ActiveX module contained in the Microsoft Works office suite has appeared on the Bugtraq mailing list. The demo appears to only cause a system crash. McAfee, however, has already found fully functional exploits which allow attackers to ...
Posted in Coding, Security, Windows | No Comments
Friday, April 18th, 2008
One of the things I love about cutting-edge technology is the way we get to invent fun, new terminology. It seems to have been around before, but I just came across my first reference to "whale phishing." It describes a phish where the target is a very important person, such ...
Posted in Internet, Privacy, Security | No Comments
Friday, April 18th, 2008
A bot is a computer program installed on a compromised machine which offers an attacker a remote control mechanism. Botnets, i.e., networks of such bots under a common control infrastructure, pose a severe threat to today’s Internet: Botnets are commonly used for Distributed Denial-of-Service (DDoS) attacks, sending of spam, or ...
Posted in Internet, Privacy, Security | No Comments
Friday, April 18th, 2008
Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2 and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. Customers who allow user-provided code to run ...
Posted in Security, Windows | No Comments
