Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
Avocatul Poporului vs European Om...

Recomandari firme pentru draperii...

Receptie Eutelsat 5 West. Este po...

Poti receptiona semnal de la mai ...
 Cabluri HDMI 2.1 de 4m-5m care sa...

Zoom comparat cu Google Meet

Monitor/Display wireless?

Pornire greoaie dupa cateva zile ...
 De la un proiect scris in python ...

Audi A4 B9 quattro 190 CP!

Tepari la pariuri pe TikTok

Banca imi cere justificativ fondu...
 schema pcb ELECTRA CIM150 PAS

Probleme stomac

Sfat achizitie bicicleta oras

Canalele Sky Showtime 1 și S...
 

Breaking news

- - - - -
Last Updated: Feb 15 2007 22:03, Started by Daisuke , Mar 06 2005 23:54  
  ·  
  • This topic is locked This topic is locked
207 replies to this topic

#37
Daisuke
Posted 16 November 2005 - 00:48

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Update : Trojan care exploateaza MS05-053 a fost gasit "in the wild"

Trendmicro recunoaste ca a facut o analiza gresita a troianului si ca acesta nu exploateaza vulnerabilitatea MS05-053.
http://www.techworld...RSS&NewsID=4781

Trendmicro zice acum asa:

Trendmicro said:

This is Trend Micro's detection for a Trojan that exhibits behavior similar to the Enhanced Metafile vulnerability of MS05-053.
http://www.trendmicr...ROJ_EMFSPLOIT.A

O veste buna deci, bad guys nu sunt inca asa de rapizi. Mai avem de asteptat pana la "zero day" exploit.

Si anul asta inca o bila neagra pentru Trendmicro.

In februarie 2005 in multe din produsele TrendMicro a fost descoperita o vulnerabilitate.
http://www.techworld...cfm?NewsID=3217

In aprilie 2005 un update al TrendMicro a creat probleme multor PC-uri.
http://www.techworld...cfm?NewsID=3548

#38
Daisuke
Posted 16 November 2005 - 23:11

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Vesti bune : Sony BMG retrage CD-urile protejate care au declansat un mare scandal

BBC: Sony recalls copy-protected CDs

Sony BMG: To Our Valued Customers


Vezi si: Sony depaseste limita ...

Backdoor.Win32.Breplibot.b

Edited by Daisuke, 16 November 2005 - 23:17.

#39
Daisuke
Posted 22 November 2005 - 00:21

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Yellow Alert

Internet Explorer 0-day exploit

Recomandari:
1. disable Javascript in Internet Explorer pana la aparitia unui patch.
2. folositi alt browser pana la aparitia unui patch.

Yellow Alert: http://isc.sans.org/...php?storyid=877

Internet Explorer 0-day exploit


Secunia: Extremely critical
Microsoft Internet Explorer "window()" Arbitrary Code Execution Vulnerability

Edited by Daisuke, 22 November 2005 - 00:30.

#40
Daisuke
Posted 22 November 2005 - 08:25

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Yellow Alert - Update

Microsoft a publicat un "Security Advisory".

Microsoft Security Advisory: vulnerability in the way Internet Explorer handles onload events may allow remote code execution

Produse afectate
Windows Server 2003 si 2003 SP1 nu sunt afectate.

Microsoft Security Advisory (911302)

Disable Javascript in Internet Explorer:
In Internet Explorer click Internet Options din meniul Tools.
Click pe Security tab.
Click Internet si apoi Custom Level.
La Settings, in sectiunea Scripting -> Active Scripting, click Disable si apoi OK.
Click Local intranet si apoi click Custom Level.
La Settings, in sectiunea Scripting -> Active Scripting, click Disable si apoi OK.
Click OK de doua ori.

si folositi alt browser pana cand MS produce un patch.

Opera si Mozilla Firefox nu sunt afectate de aceasta vulnerabilitate.

#41
Daisuke
Posted 22 November 2005 - 20:13

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
The Twenty Most Critical Internet Security Vulnerabilities (Updated) ~ The Experts Consensus

Version 6.0 November 22, 2005

http://www.sans.org/top20/

#42
Daisuke
Posted 23 November 2005 - 08:36

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Atentie la Sober - Category 3 - Moderate; Distribution: High

Symantec ofera un tool:
http://[email protected]

#43
Daisuke
Posted 24 November 2005 - 21:59

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Atentie si la MyTob

WORM_MYTOB.MX
Distribution potential: High (TrendMicro)

Se propaga via email si network shares.

#44
Daisuke
Posted 29 November 2005 - 08:21

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Adio Sygate

Symantec said:

Effective November 30th, 2005 all Sygate personal firewall products and forum support will be discontinued.

This does not affect Sygate's Enterprise firewall and endpoint compliance products, which will still be updated and supported.

http://www.symantecs...ODE=&CACHE_ID=0

#45
PreTXT
Posted 29 November 2005 - 08:45

PreTXT

    Moderator

  • Grup: Senior Members
  • Posts: 2,053
  • Înscris: 09.01.2003

View PostDaisuke, on Nov 29 2005, 08:21, said:

Adio Sygate
http://www.symantecs...ODE=&CACHE_ID=0
nu merge link-ul, Daisuke.
try this: http://news.zdnet.co...22-5974230.html

#46
Daisuke
Posted 30 November 2005 - 08:24

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Sun Java JRE Sandbox Security Bypass Vulnerabilities

Highly critical (Secunia): http://secunia.com/advisories/17748/

Produse vulnerabile:
JDK/JRE 5.0 Update 3 + versiuni anterioare
SDK + JRE 1.3.1_15 + versiuni anterioare
SDK + JRE 1.4.2_08 + versiuni anterioare
JDK + JRE 5.0 Update 3 + versiuni anterioare


Solutie: update imediat
J2SE v 1.4.2_10  JRE
JRE 5.0 Update 5

Important: Dezinstalati versiunea afectata inainte de a o instala pe cea mai noua !


10x PreTXT  :)

#47
Daisuke
Posted 02 December 2005 - 23:21

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Kerio Personal Firewall va fi cumparat de Sunbelt

Sunbelt Software to acquire Kerio Personal Firewall

Versiunea gratuita va fi mentinuta si KPF va fi dezvoltat in continuare.

#48
Daisuke
Posted 02 December 2005 - 23:41

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Apple Quicktime/iTunes Heap Overflow

Another iTunes and QuickTime flaw?

Produse vulnerabile:
Apple Quicktime 7.0.3
iTunes 6.0.1
OS X si Win32

Severity: High (Remote Code Execution)

Solutie: update imediat ce apare un patch

Ce este heap overflow ?


Flaws found in RealNetworks media player

Flaws found in RealNetworks media player

Severity: High (Remote Code Execution)

Solutie: update imediat ce apare un patch

#49
Daisuke
Posted 09 December 2005 - 08:57

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Vulnerabilitate in Firefox 1.5

Exista un "proof of concept".

Solutie: Tools -> Options --> Privacy --> History tab --> introduceti 0 --> OK
pana la aparitia unui patch.

#50
Daisuke
Posted 13 December 2005 - 21:03

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Marti 13 Decembrie, Black Tuesday

Vizitati Windows Update !

1 update - Critical
1 update - Important

Microsoft Security Bulletin Summary for December, 2005

#51
Daisuke
Posted 21 December 2005 - 22:26

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Symantec AntiVirus RAR Archive Decompression Buffer Overflow

Postul de ieri de la Security Focus: http://www.securityf...rchive/1/419853

Si confirmarea de de la Secunia: http://secunia.com/advisories/18131/

Severity: Highly critical

Solutie: update cand apare un patch; evitati scanarea arhivelor RAR cu produsele afectate (lista la Secunia).

Edited by Daisuke, 21 December 2005 - 22:27.

#52
Daisuke
Posted 21 December 2005 - 23:02

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Update: Symantec AntiVirus RAR Archive Decompression Buffer Overflow

Symantec nu sta degeaba, AV-ul poate detecta arhivele RAR "malformate":
http://www.symantec....exploit.55.html

Inca nu exista un patch.

#53
Daisuke
Posted 02 January 2006 - 12:40

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
SpywareBlaster 3.5.1.

Download:
http://www.javacools...sbdownload.html

Workaround daca aveti instalat SpySweeper cu IE Shield activ.
Dezactivati IE Shield, instalati SpywareBlaster si reactivati IE Shield.

Daca ati instalat ieri versiunea 3.5., download si instalati noua versiune.

Cu versiunea 3.4. nu mai puteti sa faceti update la baza de date.

5246 itemi in baza de date.

#54
Daisuke
Posted 02 January 2006 - 16:35

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Windows WMF 0-day exploit

Toate posturile in legatura cu acest subiect au acum un topic separat.
Feel free sa discutati despre acest exploit aici:
Windows WMF 0-day exploit

Anunturi

Chirurgia cranio-cerebrală minim invazivă Chirurgia cranio-cerebrală minim invazivă

Tehnicile minim invazive impun utilizarea unei tehnologii ultramoderne.

Endoscoapele operatorii de diverse tipuri, microscopul operator dedicat, neuronavigația, neuroelectrofiziologia, tehnicile avansate de anestezie, chirurgia cu pacientul treaz reprezintă armamentarium fără de care neurochirurgia prin "gaura cheii" nu ar fi posibilă. Folosind tehnicile de mai sus, tratăm un spectru larg de patologii cranio-cerebrale.

www.neurohope.ro
Back to Dezbateri despre securitatea IT

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Forumul Softpedia
  2. Soft Related / OS
  3. Antivirus & Security
  4. Dezbateri despre securitatea IT
Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate