SecurityFeed.info » C.I.S.R.T.

Feeds

23797 items (23797 unread) in 97 feeds

• Aviv Raff On .NET (18 unread)
• Bugtraq (bugtraq) Mailing List (605 unread)
• CGISecurity.com: Your Web Site and Application Security Resource (74 unread)
• christian's weblog (25 unread)
• Irongeek's Security Site (125 unread)
• Jeremiah Grossman (74 unread)
• Heorot.net (11 unread)
• milw0rm.com (440 unread)
• Nmap Hackers (nmap-hackers) Mailing List (7 unread)
• Packet Storm Security Advisories (373 unread)
• Packet Storm Security Exploits (461 unread)
• Packet Storm Security Headlines (376 unread)
• Packet Storm Security Last 100 (1841 unread)
• Packet Storm Security Last 20 (833 unread)
• Packet Storm Security Last 50 (1441 unread)
• Packet Storm Security Last Files (544 unread)
• Packet Storm Security Miscellaneous Files (109 unread)
• Packet Storm Security Tools (113 unread)
• Rootsecure.net (691 unread)
• SecuriTeam.com (184 unread)
• Security Vulnerability Research & Defense (36 unread)
• SecurityFocus News (139 unread)
• SecurityFocus Vulnerabilities (802 unread)
• Securityvulns news channel (336 unread)
• SecWatch - Latest Exploit Alerts (10 unread)
• Taking Network Security to the Streets (28 unread)
• The One And Only Matt Parnell.com (34 unread)
• The Register - Security (388 unread)
• The Register - Software (456 unread)
• VulnWatch (vulnwatch) Mailing List (19 unread)
• Web App Security (webappsec) Mailing List (88 unread)
• IceСμbeς (15 unread)
• Linmagazine (186 unread)
• ‫netcraft Bytes :) (38 unread)
• Digg (4021 unread)
• Blonde 2.0 (51 unread)
• The Microsoft Security Response Center (MSRC) (40 unread)
• (IN)SECURE Magazine Notifications RSS (17 unread)
• 0x000000 Security (78 unread)
• ----- Anti-Malware ----- Analysis and Defense (15 unread)
• Apple Fun (25 unread)
• Technorati Search for: aviv.raffon.net (201 unread)
• C.I.S.R.T. (10 unread)
• Determina Zero-Day Protection (6 unread)
• Didier Stevens (47 unread)
• eEye Digital Security - Research Blog (10 unread)
• Ryan Naraine's Security Watch (96 unread)
• Security - RSS Feeds (179 unread)
• Exploit Prevention Labs (28 unread)
• Software Vulnerability Exploitation Blog (22 unread)
• F-Secure Antivirus Research Weblog (74 unread)
• Full Disclosure (290 unread)
• George Ou (10 unread)
• GNUCITIZEN Media Portfolio (65 unread)
• ha.ckers.org web application security lab (35 unread)
• heise security (342 unread)
• invisiblethings' blog (35 unread)
• Jeff Jones's blog (12 unread)
• JScript Blog (16 unread)
• Matasano Chargen (38 unread)
• McAfee Avert Labs (66 unread)
• Michael Howard's Web Log (26 unread)
• PandaLabs (35 unread)
• Zero Day (273 unread)
• SANS Internet Storm Center, InfoCON: green (231 unread)
• Latest Secunia Security Watchdog Blog Entries (24 unread)
• SecuriTeam Blogs (65 unread)
• Security Fix (115 unread)
• HP ASC Portal (30 unread)
• Strike Center (12 unread)
• Sunbelt Blog (216 unread)
• Sunnet Beskerming Security Advisories (29 unread)
• Technobabylon
• The Recurity Lablog (31 unread)
• Wired: Threat Level (454 unread)
• TrendLabs | Malware Blog - by Trend Micro (158 unread)
• Uninformed Journal (44 unread)
• WabiSabiLabi's blog (22 unread)
• WatchGuard Wire (48 unread)
• Latest Blog Entires From WebSense Security Labs (42 unread)
• Hackszine.com (151 unread)
• DVLabs: Blogs (63 unread)
• Errata Security (81 unread)
• Robert Hensing's Blog (71 unread)
• PaulDotCom Community Blog (10 unread)
• David LeBlanc's Web Log (20 unread)
• Billy (BK) Rios (19 unread)
• David Litchfield's blog (21 unread)
• Farfromr00tin (23 unread)
• aut disce, aut discede (17 unread)
• pwn* (16 unread)
• hackademix.net (42 unread)
• SecurityDot Vulnerabilities (421 unread)
• Vulnerabilities & Exploits (29 unread)
• Malicious Code (26 unread)
• Security Risks (21 unread)
• Digg / Security / upcoming (4162 unread)

C.I.S.R.T. (10 unread)

• April 09, 2008
• 15:13

  Really No Storm Codec on Your PC?

   » ‎ C.I.S.R.T.
  Zhelatin gang has updated its tactic again today. We've received its new spams. In the latest spams, a malicious domain "sup<removed>eas.com" was contained. Besides spams, we also found this malicious domain was posted on lots of blogs.
  
  Two files, "StormCodec.exe" and "StormCodec8.exe", will be downloaded. Kaspersky detects them as Email-Worm.Win32.Zhelatin.wt.
  
  Here is the screenshot of this malicious site:
  ............
  
  Tags - email-worm.zhelatin , stormcodec.exe , stormcodec8.exe , zhelatin.wt
• 14:30

  Adobe Flash Player Bulletin: APSB08-11

   » ‎ C.I.S.R.T.
  Adobe released a security bulletin: APSB08-11.
  
  According to Adobe summary:
  Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. It is recommended users update to the most current version of Flash Player available for their operating system.
  
  Affected software versions:
  Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier
  
  ............
  
  Tags - adobe , flash , player , vulnerability , 9.0.124.0
• 14:15

  Microsoft April 2008 Patch Day

   » ‎ C.I.S.R.T.
  It's April 2008 Microsoft patch day today.
  
  Microsoft released 8 bulleins for this month. Five of them are Critical, three of them are Important. Please update at once.
  
  MS08-018:Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)
  
  MS08-019:Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)
  
  MS08-020:Vulnerability in DNS Client Could Allow Spoofing (945553)
  
  ............
  
  Tags - vulnerability , microsoft , bulletin , patch
• April 07, 2008
• 14:41

  Storm Worm, Blogspot.com

   » ‎ C.I.S.R.T.
  Storm Worm changed its tactic again. It began using Blog tactic now.
  
  We received its latest spams which contained the links that point to Blogspot.com.
  
  Here is the sample of spams body:
  
  
  Open in new window
  http://www.cisrt.org/enblog/attachment/200804/zh...
  
  
  ............
  
  Tags - email-worm.zhelatin , withlove.exe , love.exe , zhelatin.ww
• April 01, 2008
• 14:00

  April Fools Day, Storm Worm Comes Back

   » ‎ C.I.S.R.T.
  Today is the April Fool's Day. More friends like joking on this day. The Storm Worm gang also like this day, and they come back after being inactive for a long time.
  
  The new spams began being spread earlier today. We've received lots of spams in our mailbox. The subject lines are as the following:
  April Fools' Day
  Happy All Fools!
  Doh! April's Fool.
  I am a Fool for your Love
  Gotcha! All Fool!
  Happy April Fool's Day.
  
  ............
  
  Tags - funny.exe , kickme.exe , foolsday.exe , email-worm.zhelatin , foolday , email-worm.win32.zhelatin.wt
• March 03, 2008
• 14:19

  Storm Worm Began Reactive

   » ‎ C.I.S.R.T.
  The last time Storm Worm active was Valentine Day.
  
  Today, we monitored the Storm Worm gang began reactive. The file "postcard.exe" or "e-card.exe" will be downloaded automatically in a few seconds after users visit these websites.
  
  The spams are like the following:
  ............
  
  Tags - email-worm.zhelatin , postcard.exe , e-card.exe , zhelatin.vg
• February 27, 2008
• 6:31

  Rising Antivirus Online Scanner Insecure Method Flaw Exploit

   » ‎ C.I.S.R.T.
  A exploit about Rising Antivirus Online Scanner Insecure Method Flaw was published on milw0rm.com.
  
  - Rising is a popular anti-virus product around China.
  - there's an insecure method flaw inside its free online scanner.
  - it's quite easy to exploit the bug which leads to a remote execution.
  - clsid:E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153
  
  Rising company released a bulletin last night to fix the vulnerability in Chinese. The users of  Rising Antivirus Online Scanner should visit the Rising Antivirus Online Scanner webpage to install the latest ActiveX control.
  
  
  Tags - rising antivirus online scanner
• February 16, 2008
• 13:20

  Fake Hizer Mills Video

   » ‎ C.I.S.R.T.
  In recent two days, we found similar spams to the Hillary Clinton video spams. The following malicious URLs are inaccessable now:
  http://bibber.bi.funpic.de/test/bild<removed>/images/gallery/susy/rdown.php?ugeih
  http://www.neufeld-media.de/Neufeld-Media/Re<removed>/news/rdown.php?lEtEmwn
  http://bibo1981.bi.funpic.de/b<removed>/movie/rdown.php?ojfbG
  
  We received another spam about Hizer Mills video today. The subject lines are such as "Sensation.Video New - make haste to look!!!".
  
  The screenshot of spams:
  ............
  
  Tags - pousadarecantonatureza.com.br , news m.exe , vshost.exe , loca.exe , trojan.win32.agent.exq , trojan.win32.agent.epo
• February 13, 2008
• 8:57

  Hillary Clinton Full Video?

   » ‎ C.I.S.R.T.
  The United States 2008 presidential election is underway. Hillary Clinton and Barack Obama already eyeing another Super Tuesday - March 4,2008.
  
  As while, the bad guys also eyeing the United States 2008 presidential election. We received a new trojan spam about it today. The subject lines of these spams are such as "Hillary Clinton Full Video !!!".
  
  The screenshot of spams body:
  ............
  
  Tags - mpg.exe , inst526.exe , hillary clinton , barack obama , trojan.win32.agent.epo , canotajetrilly.com
• 7:52

  Microsoft February 2008 Bulletin

   » ‎ C.I.S.R.T.
  Today Microsoft released its biggest batch of monthly patches, releasing 11 security updates to patch 17 vulnerabilities, six of which are Critical, five of which are Important.
  
  The critical bulletins are include the following:
  MS08-007: Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution(946026)
  
  MS08-008: Vulnerability in OLE Automation Could Allow Remote Code Execution(947890)
  
  MS08-009: Vulnerability in Microsoft Word Could Allow Remote Code Execution(947077)
  
  MS08-010: Cumulative Security Update for Internet Explorer(944533)
  
  MS08-012: Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (947085)
  
  MS08-013: Vulnerability in Microsoft Office Could Allow Remote Code Execution (947108)
  ............
  
  Tags - vulnerability , microsoft , bulletin , patch