Reliable Answers - News and Commentary

Virus Information News

How To Master CSS

How To Master CSS

"With How To Master CSS, you'll discover how to read stylesheets, how to recognise the best solution and how to translate a graphical design to a real website, simply by watching my fun and sophisticated training videos. Hundreds of people, just like you, worldwide have used my unique multimedia course to fast-track their Stylesheet learning, while having piles of fun in the process. Will you be next?"

It doesn't matter what level you are at now (beginner or intermediate), How to Master CSS is packed full of quality step-by-step lessons, video files, an editor and other resources to get YOU results fast!

      
 Title   Date   Author   Host 

EWeek

by Ryan Naraine

June 10, 2005

Tech Ed conference attendees get a behind-the-scenes look at how Redmond handles the creation of software patches—and an explanation for long delays in fixing known vulnerabilities.

Anxious to shed the company's image as having a lax attitude about software security, officials at the Microsoft Security Response Center are using the Tech Ed conference here to provide a rare glimpse at the step-by-step process used to create, test and roll out security patches. The software maker trained the spotlight on the operations of the MSRC during breakout sessions and one-on-one discussions with customers, stressing that all publicly and privately reported vulnerabilities are thoroughly investigated to determine whether customers are at risk. "We're on all the [security mailing] lists, just like you are, and we investigate everything, even if it's a post about a simple weird behavior in a product," said MSRC program manager Stephen Toulouse. By monitoring the public lists and underground hacker sites, Toulouse said the company is able to keep track of discussions about vulnerabilities that may not have been reported to Microsoft.

EWeek

by Ryan Naraine

June 4, 2005

Anti-virus experts have detected signs of a massive, well-coordinated Trojan attack capable of creating botnets-for-hire. Is it the work of organized crime?

Anti-virus researchers are sounding the alert for a massive, well-coordinated hacker attack using three different Trojans to hijack PCs and create botnets-for-hire. According to Thompson, the wave of attacks start with Win32.Glieder.AK, dubbed Glieder, a Trojan that downloads and executes arbitrary files from a long, hardcoded list of URLs. Glieder's job is to sneak past anti-virus protection before definition signatures could be created and "seed" the infected machine for future use. At least eight variants of Glieder were unleashed on one day, wreaking havoc across the Internet.

Security Focus

by Robert Lemos

May 17, 2005

Researchers at Microsoft are creating their own version of a million monkeys to crawl the Internet looking for threats in an effort to secure the Web for Windows.

The software giant's Cybersecurity and Systems Management (CSM) research group are building a system of virtual Windows XP computers that crawl the Web looking for sites that use unreported vulnerabilities to compromise customer's PCs. Dubbed "honeymonkeys," the virtual machines run a full version of Windows XP with monitoring software and crawl high-risk areas of the Web looking for trouble. "Just by visiting a Web site, (if) suddenly an executable is created on your machine outside the Internet Explorer folder, it is an exploit with no false positive -- it's that simple," Yi-Ming Wang, senior researcher with Microsoft Research, said during a presentation at the IEEE Security and Privacy conference in Oakland last week.

CNet

by John Borland

May 13, 2005

Software giant plans subscription service offering antivirus help, automatic computer checkups.

It's not news to Microsoft that many, if not most, average Windows users have gripes about their PC experiences. In response, the software company is unveiling on Friday a new subscription-based computer fix-it service, aimed at automatically patching security holes, blocking viruses and spyware, and generally automating the chores of maintaining a computer's health. Dubbed Windows OneCare, the service will draw in part on existing tools like the company's anti-spyware software , as well as on basic PC management functions inside Windows. But it will add a more powerful firewall, ongoing antivirus protection, and the right to get a live support person on the phone without paying extra, the company said.

The Register

by John Leyden

May 12, 2005

Web server attacks and website defacements rose 36 per cent last year, according to an independent report. zone-h, the Estonian security firm best known for its defacement archive, recorded 392,545 web attacks globally in 2004, up from 251,000 in 2003.

Mass defacements (322,188) were by far the largest category in 2004. More targeted cyber graffiti attacks numbered 70,357. zone-h also recorded 186 attacks on US governmental servers out of 3,918 attacks on government domains worldwide. Separately the security consultancy recorded 49 assaults on US military servers. zone-h estimates that 2,500 web servers are successfully hacked each day out of a total population of 45m servers...

Security Focus

by Keith J. Jones and Rohyt Belani

May 11, 2005

In part one, we began investigating the intrusion of the Docustodian document management server hosting a law firm's data. The server appeared to have been compromised by a group of hackers who were using it as a repository for their MP3s, MPEGs, and pira

We also performed a review of the Internet Explorer history and cached files on the system used by Joe Schmo, the primary suspect of the intrusion. Analysis of the web browsing history revealed Internet searches for license cracks and hacking books; however, all this malicious activity appeared to have been performed while Joe was on vacation with his family in Florida. In part two we now set out to determine who used Joe's machine while he was on vacation. We will proceed by examining further investigative leads that involve performing an in-depth review of the web activity of all other browsers installed on Joe's hard drive...

Security Focus

by Keith J. Jones and Rohyt Belani

March 30, 2005

Introduction Electronic evidence has often shaped the outcome of high-profile civil law suits and criminal investigations ranging from theft of intellectual property and insider trading that violates SEC regulations to proving employee misconduct resultin

Critical electronic evidence is often found in the suspect's web browsing history in the form of received emails, sites visited and attempted Internet searches. This two-part article presents the techniques and tools commonly used by computer forensics experts to uncover such evidence, through a fictitious investigation that closely mimics real-world scenarios. While you read this article, you may follow along with the investigation and actually analyze case data...

J/R/S

March 29, 2005

A certain institution of higher learning has discovered that fleets of their OS X boxes have been compromised. They do not yet know the vector of attack, meaning it is officially a 'zero day exploit'. They do however have several theories - all of which h

The OS X boxes, when compromised, end up running rogue IRC bot controllers and FTP servers. Naturally these rogue processes are capable of accessing sensitive data - which can be destroyed, modified, or stolen. Some of the victimised boxes were exploited through weak passwords for SSH-enabled accounts; still others through their Apache servers. Apache needs to be patched too and Apple have the patches out there for their contribution to the Apache community and they should be downloaded. Worse: if the holes in Apache are publicised and the sysadmins do not download them, the script kiddies will know how to attack.

DVForge

March 26, 2005

Please... Infect Our Computers!

Contest goal: To lay to rest, once and for all, the myths surrounding the lack of spreading computer virii on the Macintosh OS X operating system. Please... Infect Our Computers!

IDefense

by Tyler Hawes

March 21, 2005

Local exploitation of a buffer overflow vulnerability within the Core Foundation Library included by default in Apple Computer Inc.'s Mac OS X could allow an attacker to gain root privileges.

The vulnerability specifically exists due to improper handling of the CF_CHARSET_PATH environment variable. When a string greater than 1,024 characters is passed via this variable, a stack-based overflow occurs, allowing the attacker to control program flow by overwriting the function's return address on the stack. Any application linked against the Core Foundation Library can be used as an exploit vector for this vulnerability. Some of the setuid root binaries that are vulnerable include su, pppd and login.

      

Help keep this page up-to-date. Submit a Virus Information News link for inclusion on this page.

Carschooling by Diane Flynn Keith
Carschooling

Take me to the top

We invite you
to visit:

Professional Web Hosting and Design Services: 12 Point Design Local Homeschool provides the most up-to-date support group listings in a geographical and searchable index Budget Homeschool Kidjacked -- To seize control of a child, by use of force SaferPC dispels security misunderstandings and provides you with a solid understanding of viruses and computer security Reliable Answers - developer information, current news, human interest and legislative news Twain Harte Times - Twain Harte, CA - The closest you can get to Heaven on Earth Cranial Laser & Neurolymphatic Release Techniques (CLNRT) - Experience dramatic pain reduction At Summit Chiropractic our mission is to improve your quality of life - We know that health is much more than just not feeling pain Visit UniveralPreschool.com to learn about your preschool options.
Reliable Answers.com/virus/news.asp
Google