|
Plug-and-play bots worming and warring among Windows systems
A dozen different worms based on bot software have started attacking already-compromised Windows 2000 systems with the aim of creating a lasting bot net, security experts warn. Several companies, such as CNN and the New York Times, have been infected because they failed to patch in time. 2005-08-17 http://www.securityfocus.com/news/11285 Worm spreading through Microsoft Plug-and-Play flaw Dubbed Zotob, the worm infects computers using a flaw in the Windows operating system's Plug-and-Play functionality, but security experts believe that the attack won't be as significant as previous epidemics. 2005-08-14 http://www.securityfocus.com/news/11281 NIST, DHS add national vulnerability database to mix The National Institute of Standards and Technology has created a government-funded database of flaws. Will it bring more competition among vulnerability databases or just be a federally funded clone? 2005-08-12 http://www.securityfocus.com/news/11278 Microsoft's "monkeys" find first zero-day exploit The software giant continues its honeymonkey research, finding more than 750 exploits for Windows computers, including an attack using a vulnerability that had not been publicly disclosed. 2005-08-08 http://www.securityfocus.com/news/11273 Annual hacking game teaches security lessons At the DEF CON conference, the latest version of the weekend-long Capture the Flag game stresses code auditing as a measure of hacking skills, but also requires participants to think about balancing attack and defense as well as physical security. 2005-08-04 http://www.securityfocus.com/news/11269 Exploit writers team up to target Cisco routers Security researchers and hackers, angered by Cisco attempts to quash a recent flaw finder's presentation, aim to reproduce and extend attacks on the networking giant's Internet products. 2005-07-31 http://www.securityfocus.com/news/11263 Reading, rooting, 'rithmetic: Preschoolers learn programming One educator argues that kids should be taught computer programming and hacking skills from preschool to reinforce creativity and technology learning. 2005-07-30 http://www.securityfocus.com/news/11262 Settlement reached in Cisco flaw dispute A researcher who showed off a way to remotely compromise Cisco routers has to turn over all materials and agreed not to further disseminate information on the flaws or the technique he used to run code on the popular network hardware. 2005-07-29 http://www.securityfocus.com/news/11260 Cisco, ISS file suit against rogue researcher UPDATE: The two companies file a restraining against the management of the Black Hat Conference and a security expert who told conference attendees that attackers can broadly compromise Cisco routers. 2005-07-27 http://www.securityfocus.com/news/11259 3Com launches vulnerability-buying program UPDATE: Under the Zero Day Initiative, 3Com plans to pay security researchers for information on vulnerabilities and award bonuses to prolific flaw finders. 2005-07-25 http://www.securityfocus.com/news/11253 |
|
Privacy Statement |