logo

wild

Category: news | Posted by Avatar Staff 288 days ago
Via: http://go.theregister.com | Tags: automated crack for windows live captcha goes wild comments Discuss  
Spammers's Holy GrailSpammers are using a sophisticated piece of software that can create thousands of Windows Live email addresses by cracking the protections designed to prevent the large-scale creation of fraudulent accounts.… read more »
addto Add this link to... report Bury 
Category: vulnerabilities | Posted by Avatar Staff 283 days ago
Via: http://www.symantec.com | Tags: exploit apple quicktime vulnerability wild comments Discuss  
On November 25, we blogged about a proof of concept exploit code for Apple's QuickTime RTSP Response Header Remote Stack Based Buffer Overflow Vulnerability being disclosed to the public. Now a week has passed and Symantec's DeepSight honeynet has spotted at least one active exploitation in the wild. Originally, the flaw was disclosed on November 23, 2007 by Polish security researcher Krystian Kloskowski and since then we have seen number of exploits targeting the vulnerability being released to the publ read more »
addto Add this link to... report Bury 
Category: vulnerabilities | Posted by Avatar Staff 283 days ago
Via: http://www.symantec.com | Tags: new exploit xunlei thunder wild comments Discuss  
Symantec Security Response has observed web based exploit attacks using a previously unknown vulnerability in the Xunlei Thunder PPlayer ActiveX control. This is a component of the Chinese download accelerator and file-sharing application, Xunlei Thunder 5.7.4 401. The attack originates from a server on the 522love.cn domain. If a user navigates to the site, a Web page hosted on the site employs a client detection technique to determine the appropriate exploit code that should be sent back to the requesti read more »
addto Add this link to... report Bury 
Category: blogs | Posted by Avatar Staff 233 days ago
Via: http://www.symantec.com | Tags: unpatched realplayer vulnerability exploited wild comments Discuss  
Sometime on April 1, our honeypots began finding exploits for the RealPlayer 'rmoc3260.dll' ActiveX Control Memory Corruption Vulnerability (BID 28157). Sadly, this is not surprising given that a complete exploit was published for this vulnerability around the same time. At the time of this writing, there is no patch for this vulnerability. So far impacted sites have ranged from forums, to webmail, to news agencies. Norton Internet Security 2008, Norton AntiVirus 2008, and Norton 360 version 2 customers read more »
addto Add this link to... report Bury 
Category: blogs | Posted by Avatar Staff 225 days ago
Via: http://www.symantec.com | Tags: attempt exploiting latest gdi vulnerability wild comments Discuss  
It has been less than two days since Microsoft announced a couple of vulnerabilities in graphics device interface (GDI) EMF formatted images, but our DeepSight honeypots are already showing some signs of exploitation in the wild. Although the exploits that we have seen so far do not yet appear to be functional, they appear to have the right general idea in their exploitation. It is possible that these exploits either have been leaked and are "in-work" copies, or that they are functional on some platform th read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 120 days ago
Via: http://go.theregister.com | Tags: exploit code kaminsky dns bug wild comments Discuss  
Still think threat is exaggerated?When Dan Kaminsky disclosed a critical flaw in the net's address lookup system earlier this month, he said it was crucial internet service providers and other organizations install patches immediately. He wasn't kidding.… read more »
addto Add this link to... report Bury 
Category: tools | Posted by Avatar Staff 115 days ago
Via: http://blog.metasploit.com | Tags: dns attacks wild comments Discuss  
In a recent conversation with Robert McMillan (IDG), I described a in-the-wild attack against one of AT&T's DNS cache servers, specifically one that was configured as an upstream forwarder for an internal DNS machine at BreakingPoint Systems. The attackers had replaced the cache entry for www.google.com with a web page that loaded advertisements hidden inside an iframe. This attack affected anyone in the Austin, Texas region using that AT&T Internet Services (previously SBC) DNS server. The attack itself w read more »
addto Add this link to... report Bury 
Category: blogs | Posted by Avatar Staff 112 days ago
Via: http://securitylabs.websense.com | Tags: snapshot viewer activex exploit wild comments Discuss  
This is an update to the Microsoft Access Snapshow Viewer ActiveX vulnerability announced on July 7, 2008 in Microsoft Security Advisory 955179. This vulnerability allows an attacker to gain the privileges of the logged-on user account. Working exploit code was posted to milworm on July 24, 2008: http://www.milw0rm.com/exploits/6124%20%3Chttp://www.milw0rm.com/exploits/6124%3E read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 74 days ago
Via: http://go.theregister.com | Tags: gas refineries defcon scada exploit wild comments Discuss  
At least they should beGasoline refineries, manufacturing plants and other critical facilities that rely on computerized control systems just became more vulnerable to tampering or sabotage with the release of attack code that exploits a security flaw in a widely used piece of software.… read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 74 days ago
Via: http://lists.jammed.com | Tags: isn gas refineries defcon scada exploit wild comments Discuss  
From: InfoSec News <alerts_at_private>Date: Tue, 9 Sep 2008 03:20:42 -0500 (CDT)http://www.theregister.co.uk/2008/09/08/scada_exploit_released/By Dan Goodin in San FranciscoThe Register8th September 2008Gasoline refineries, manufacturing plants and other critical facilities that rely on computerized control systems just became more vulnerable to tampering or sabotage with the release of attack code that exploits a security flaw in a widely used piece of software.The exploit code, published over the w read more »
addto Add this link to... report Bury 
Category: vulnerabilities | Posted by Avatar Staff 67 days ago
Via: https://forums.symantec.com | Tags: recent microsoft vulnerability exploited wild comments Discuss  
Not surprisingly, attackers are again targeting vulnerabilities from the latest set of Microsoft Security Bulletins. This time around, it is the Microsoft Media Encoder ActiveX overflow patched in MS08-053. This attack chronology is another example of the rapid adoption of public exploits into widely deployed exploit toolkits. read more »
addto Add this link to... report Bury