Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
Info Coronavirus/Vaccinare vs Fake News

probleme mașina de spalat rufe

Magazine care vand bere la keg

Proiect ciudat legat de metaverse...
 Daniel Fenechiu: Nu vom aște...

Transfer in acelasi pc cu FTP

Și daca industria europeana ...

Alimentare camera ip distanta 50m
 Nelamurire instalare internet

Cheie licenta Windows11

Sfat plantare arbori pentru o mic...

rachiu din gemuri si dulceturi
 Bara de cautare sa o mut jos?

Accesorii multitool Black and Dec...

Suma maxima.

Pilonul II - date de piata, tendi...
 

Breaking news

- - - - -
  • This topic is locked This topic is locked
207 replies to this topic

#1
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Aici puteti posta informatii despre virusi noi aparuti, despre noi vulnerabilitati si pericole.

Stirile mai vechi pot fi gasite aici:
Vulnerabilitati

Virusi

#2
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Record - 65 MB de software instalati fara permisiune

Toata povestea aici: 65MB Malware Install

Pana acum recordul era detinut de Xpire/Splitinfinity.info (Server Hack) cu "doar" 8 MB
Major Hack Attack Discovered: 8MB of infections and DOS Attack.

Edited by Daisuke, 07 March 2005 - 02:25.


#3
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
W32.Kelvir.A
aka
Backdoor.Win32.IRCBot.y
IM-Worm.Win32.Kelvir.a
Win32/Bropia.Variant!Worm

Circula via MSN Messenger. Incearca sa downlodeze o varianta W32.Spybot.Worm. Apare ca un mesaj de la alta persoana cu titlul "hot pic!!" sau "OMG look at this!!!". Daca se face click pe link se va downloada un fisier PIF (parishilton.pif, cute.pif).

Detalii aici: Symantec W32.Kelvir.A


Windows Server 2003 si XP SP2 (cu Firewall off) vulnerabile la un LAND attack

Se pare ca SP2 Home edition nu este vulnerabil la acest atac.

Solutie: Windows firewall sau alt firewall on

LAND attack este un atac de tip DOS (denial of service) cauzat de trimiterea unui pachet avand sursa host/port identica cu destinatia host/port.

#4
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
A aparut SpywareBlaster 3.3

http://www.javacools...sbdownload.html

Se recomanda dezinstalarea versiunii vechi inainte de a o instala pe cea noua.


1.) Deschide SpywareBlaster si click "Disable All Protection".
2.) Inchide SpywareBlaster.
3.) Din Add/Remove Programs se dezinstaleaza "SpywareBlaster v3.2"
4.) Download versiunea 3.3 si instalare.
5.) Deschide SpywareBlaster 3.3 si click "Enable All Protection".

Nou in versiunea 3.3:
- Detectie si suport Mozilla/Firefox imbunatatite
- Suport pentru Netscape 7.x imbunatatit
- Update imbunatatit
- Rezolvate diverse probleme cu firewall si alte programe
- Cosmetizare
- Optimizari diverse
- Setup file este semnata digital
- Multe buguri fixate

Edited by Daisuke, 11 March 2005 - 12:44.


#5
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Spyware infecteaza Internet Explorer via Firefox / Mozilla, in colaborare cu Sun Java Runtime Environment

Alternative browser spyware infects IE

Firefox Spyware infects IE?


Solutie: enable Java in FireFox / Mozilla numai pentru site-uri in care aveti incredere

FireFox 1.x
Tools --> Options ... --> WebFeatures --> se debifeaza "Enable Java"

Mozilla 7.x
Edit --> Preferences --> Advanced --> se debifeaza "Enable Java"

Netscape 8 (beta)
Enable sau disable Java pentru fiecare site via "Site Controls"

Edited by Daisuke, 12 March 2005 - 12:11.


#6
UNBREAKABLE

UNBREAKABLE

    Member

  • Grup: Members
  • Posts: 802
  • Înscris: 07.12.2004
Nu o consider o reala problema de securitate, deorece necesita interactiunea utilizatorului. Si acest exploit afecteaza toate browserele cu suport java, nu este strict legat de Firefox...

Am facut si eu acest test pe Firefox 1.0.1 / JRE 1.5.0_01...
[ http://img212.exs.cx/img212/9770/firefoxwarning8qe.th.png - Pentru incarcare in pagina (embed) Click aici ]
Prostia se plateste... Firefox avertizeaza clar utilizatorul asupra posibilului risc.

Quote

It still requires user interaction, so it is not that much different from tricking the user to download and install an exe.

You clicked "Yes" when it asked you to install something that you had no idea what it was and did not request... That's not "browseritis," that's stupidity. You got what was coming to you.

Aceasta "amenintare" (si altele viitoare din aceeasi sursa) poate fi blocata cu ajutorul extensiei ***** (cu filtrul ysbweb.com)...

Edited by UNBREAKABLE, 12 March 2005 - 13:19.


#7
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004

Quote

deorece necesita interactiunea utilizatorului
:D multe spyware se instaleaza cu un click facut de utilizator. Problema e reala, poate mai putin grava.

Quote

acest exploit afecteaza toate browserele cu suport java
Da, am subliniat Firefox pentru ca multi il considera "un browser sigur".

#8
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
7sir7 Mass Hack Update / DNS Cache Poisoning

http://isc.sans.org/...date=2005-03-13

Nu mai e chiar breaking news, am uitat sa o postez cand era o stire fierbinte :).

SANS Internet Storm Center said:

Entire web farms hacked to serve up the 7sir7 redirect

We have received reports and evidence that a number of companies that provide shared hosting web servers have had their servers exploited and all of the customer homepages modified so that visitors are attacked. In one case, a Perl script was used to modify each customers homepage with the additional IFRAME snippet that fellow handler Lorna had already reported in the diary two days ago. The Perl script reads in the web server configuration (httpd.conf) on a compromised server, and then appends the malicious iframe code to all the index.html pages of all the virtual hosts available on this server. The same reader who managed to isolate this script has also contributed a script written by himself to clean up the affected pages. If you shout loud enough, we might include it in tomorrow's diary :-)

The page at 7sir7 is making use of several recent vulnerabilities in order to download and install malware on the PC of whoever visits the site.

- Exploits the .ANI cursor vulnerability (MS05-002)
- Exploits the HTML Help Cross Domain Vulnerability (MS05-001)

If successful, the exploits drop either of two files "mhh.exe" or "sr.exe", both of which so far are only recognized by Kaspersky and called (not-a-virus:AdWare.ToolBar.SearchIt.h). The files have been submitted to the other AV vendors.

DNS Cache Poisoning

The second attack vector involves DNS poisoning. We are not quite sure yet how this is being done, as the files that we've received so far "only" install the ABX toolbar and do not seem to contain DNS/DHCP poisoning code. One submission stated that the whole problem started when he added an ip helper-address on the router to one of the VLANs that had infected PCs on it. The DNS server was running W2K and Symantec Web Security, and once it was open to broadcasts from the affected subnet, all systems that made DNS requests got redirected to 7sir7.

Edited by Daisuke, 15 March 2005 - 01:55.


#9
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Bube aka Win32.Beavis aka isrvs ataca Mozilla FireFox

(am testat doar Firefox 1.01)

Instaleaza extensia "ISearch plugin 1.0.9" in FireFox 1.01. Adauga "ISearch" la FireFox search box si il seteaza ca default search engine.

Curatare:
Tools --> Extensions --> right click ISearch plugin si selectati dezinstalare

In folderul:
C:\Program Files\Mozilla Firefox\searchplugins\ se sterg 2 fisiere:
isearch.gif
isearch.src

Se editeaza urmatoarele doua linii in fisierul prefs.js (FireFox Profile):
Se inlocuieste "ISearch" cu Google sau altceva.
user_pref("browser.search.defaultenginename", "ISearch"); -->
user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "ISearch"); -->
user_pref("browser.search.selectedEngine", "Google");

Se sterge aceasta linie in fisierul prefs.js:
user_pref("keyword.URL", "http://www.isearch.com/?q=");

Despre virusul Bube aici: http://forum.softped...ndpost&p=503811
si aici: http://forum.softped...ndpost&p=510417

Analiza de la Kaspersky: http://www.viruslist...logid=159054634

#10
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Ad-Aware Update 16.03.2005

LavaSoft said:

SE1R33 16.03.2005

New Definitions
============================================

    * VoiceIP
    * Dialer.PrivateAccess
    * Win32.Worm.Agobot.E


Updated Definitions
============================================

    * Abox +2
    * AsianRaw Dialer
    * EGroup Dialer +2
    * IMSDialer +2
    * Win32.Backdoor.Agobot
    * Generic Dialer
    * ClickSpring
    * CoolWebSearch +2
    * eSyndicate BHO
    * eZula
    * IST.Slotch
    * MidAddle +2
    * Statblaster +2


MD5 for the defs.ref file: 390045468f18afed6ca0f94d3cd8b200


#11
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Trei vulnerabilitati eliminate in Firefox, Thunderbird si Mozilla Suite

Drag and drop loading of privileged XUL
Severity: Low
Risk: Moderate
Produse afectate: FireFox  /  Mozilla Suite
Solutie: Disable Javascript. Instalare FireFox 1.0.2 /  Mozilla Suite 1.7.6


Arbitrary code execution from Firefox sidebar panel
Severity: Critical
Risk: Moderate
Produse afectate: FireFox
Solutie: Nu adaugati "sidebar panels". Instalare FireFox 1.0.2


GIF heap overflow parsing Netscape extension 2
Severity: Critical
Risk: High
Produse afectate: FireFox   /  Mozilla Suite / Thunderbird
Solutie: Blocare imagini. Instalare FireFox 1.0.2 /  Mozilla Suite 1.7.6 /  Thunderbird 1.0.2

Download
Firefox: http://www.mozilla.o...oducts/firefox/
Thunderbird: http://www.mozilla.o...ts/thunderbird/
Mozilla Suite: http://www.mozilla.o...cts/mozilla1.x/

[edit]
Vulnerabilitati cunoscute ale produselor Mozilla: http://www.mozilla.o...rabilities.html

Edited by Daisuke, 24 March 2005 - 13:02.


#12
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Microsoft Windows Server 2003 Service Pack 1 (32 bit)  released

31.03.2005

Microsoft said:

Install Microsoft Windows Server 2003 Service Pack 1 (SP1) to help secure your server and to better defend against hackers. Windows Server 2003 SP1 enhances security infrastructure by providing new security tools such as Security Configuration Wizard, which helps secure your server for role-based operations, improves defense-in-depth with Data Execution Protection, and provides a safe and secure first-boot scenario with Post-setup Security Update Wizard. Windows Server 2003 SP1 assists IT professionals in securing their server infrastructure and provides enhanced manageability and control for Windows Server 2003 users.

Download: http://www.microsoft...&displaylang=en

Edited by Daisuke, 01 April 2005 - 10:41.


#13
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Ad-Aware Update 31.03.2005

Lavasoft said:

SE1R35 31.03.2005

Updated Definitions
============================================

    * AdIntelligence.Apropos Toolbar +3
    * BarginBuddy
    * Begin2Search
    * Claria
    * ClearSearch +5
    * CommonName
    * CometSystems
    * CoolWebSearch +7
    * IEHijacker.Hotoffers
    * IntexusDial
    * Marketscore(Netsetter)
    * MediaMotor +2
    * NavExcel +2
    * Prutect +3
    * TIB Browser
    * Win32.TrojanDownloader.Swizzor.br +7


MD5 for the defs.ref file: ccceb757adfec87414244aebb49120bc

Additional Information
============================================
You can use Webupdate to install the new reference file, or download it manually from:
http://download.lava...public/defs.zip


#14
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
PIE (Persistent Identification Element) - Cookie care nu se sterge usor

Credeati ca ati scapat de cookies ? Ei bine, nu ati scapat ...

Toata povestea aici:
http://msmvps.com/ha...4/03/40802.aspx

#15
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Microsoft Security Bulletin Advance Notification Announcement

Marti 12, 3 ceasuri rele - noi vulnerabilitati si petice

Microsoft said:

On 12 April 2005 the Microsoft Security Response Center is planning to release:

- 5 Microsoft Security Bulletins affecting Microsoft Windows. The greatest aggregate, maximum severity rating for these security updates is Critical. Some of these updates will require a restart.

- 1 Microsoft Security Bulletin affecting Microsoft Office. The greatest aggregate, maximum severity rating for these security updates is Critical. These updates will not require a restart.

- 1 Microsoft Security Bulletin affecting MSN Messenger. The greatest aggregate, maximum severity rating for these security updates is Critical. These updates may require a restart.

- 1 Microsoft Security Bulletin affecting Microsoft Exchange. The greatest aggregate, maximum severity rating for these security updates is Critical. These updates will not require a restart.

In addition, Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS).

Finally, Microsoft will release two NON-SECURITY High-Priority Updates for Windows on the Windows Update site. These will be distributed to Software Update Services and are not required to install the security updates.


Adio XP SP1 - XP SP2 la Windows Updates

Microsoft said:

April 12th is also the date all copies of pre-SP2 XP with automatic updates enabled will receive Service Pack 2. The blocking tool stops working after this date.


#16
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Microsoft Security Bulletin Summary for April 2005

http://www.microsoft...n/ms05-apr.mspx

Vulnerabilitati:
Critical = 5
Important = 3

Vizitati Windows Update !

Edited by Daisuke, 12 April 2005 - 23:49.


#17
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Firefox security update

What's New 1.0.3

Download: Mozilla Firefox 1.0.3

#18
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
RealPlayer - Buffer Overflow Vulnerability - Highly critical (Secunia)

RealNetworks, Inc. Releases Update to Address Security Vulnerabilities.



Malware Evolution: January - March 2005

O excelenta analiza de Alexander Gostev, Senior Virus Analyst, Kaspersky Lab
http://www.viruslist...pubid=162454316

Anunturi

Chirurgia endoscopică a hipofizei Chirurgia endoscopică a hipofizei

"Standardul de aur" în chirurgia hipofizară îl reprezintă endoscopia transnazală transsfenoidală.

Echipa NeuroHope este antrenată în unul din cele mai mari centre de chirurgie a hipofizei din Europa, Spitalul Foch din Paris, centrul în care a fost introdus pentru prima dată endoscopul în chirurgia transnazală a hipofizei, de către neurochirurgul francez Guiot. Pe lângă tumorile cu origine hipofizară, prin tehnicile endoscopice transnazale pot fi abordate numeroase alte patologii neurochirurgicale.

www.neurohope.ro

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate