Rodney Campbell's Blog

2007.02.19 Daily Security Reading

by on Feb.19, 2007, under Security

Yet Another Microsoft Word Zero-day

On the heels of Microsoft’s February patch release, another new zero-day attack on Word 2000/XP has been discovered.

(In)Secure Magazine Issue 1.10 (pdf)

Hack lets intruders sneak into home routers

Attackers could change the configuration of home routers using JavaScript code, security researchers at Indiana University and Symantec have discovered. They found that it is possible to change the DNS, or Domain Name System, settings of a router if the owner uses a connected PC to view a Web page with the JavaScript code. This DNS change lets the attacker divert all the Net traffic going through the router. For example, if the victim types in "," the request could be sent to a similar-looking fake page created to steal sensitive data.

Translation of Macrovision CEO Fred Amoroso’s response to Steve Job’s ‘Thoughts on Music’

Funny translation From PR-Speak to English of Selected Portions of Macrovision CEO Fred Amoroso’s Response to Steve Jobs’s ‘Thoughts on Music’ – WARNING – contains adult language and drug references.

Half of pirated Vista is malware

Anyone stealing software less likely to fuss about getting 0wned.

DNS attack puts Web security in perspective

With more business apps running online, it’s time to shore up DoS prevention measures.

Javascript decoding round-up

In the recent past, we’ve shown several methods on how to unravel obstinate JavaScript codes used to convey exploits. Here’s a brief round-up of the methods we commonly use. All four methods require that you get a copy of the hostile page, preferably by use of a text-only HTML tool like wget, curl or similar (since you cannot easily download a Javascript exploit with a browser that speaks Javascript without also running the Javascript code at the same time).

5 Things the Boss Should Know About Spam Fighting

The battle for your users’ e-mail inboxes probably will never end, but it’s not a failure of technology. Experienced e-mail and system administrators share the key points they really, really wish you understood.

Comments are closed.

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Copyright © 2015 Rodney Campbell

Images contained on this web site may not be used or reproduced in any way without prior permission.