Audio/Video

LONDON--Researchers have discovered a bug that could give hackers unlimited access to any
machine running Sun's Unix operating system, Solaris. The bug, discovered by security
consultancy ISS X-Force, affects a utility designed to give remote users access to a local printer.
The line printer daemon (in.lpd), as it is called, contains a flaw in the "transfer job" routine that
could allow hackers to overflow an unchecked buffer, a common means of gaining unauthorized

To protect its customers from the threat of hackers, NTT DoCoMo (NYSE: NTT) is advising users of its i-mode mobile phones about "malicious e-mails" they may receive.
Japan's largest wireless carrier said hackers send e-mails that use special commands to make users' phones automatically dial an emergency number. The e-mails also may force handsets to make calls to large numbers of people, or they may freeze the screen of a mobile phone.

A month-old flaw in Microsoft Word has opened up PCs to attack by a new Trojan horse, antivirus researchers said Thursday. Dubbed "Goga," the malicious code poses as a Word document saved in rich text format but actually reaches through the Net to run a Word macro--a small program that runs within the application--saved on a Russian Web site.

DESCRIPTION
DoS.Storm.Worm is a worm that seeks out Microsoft Internet Information Services (IIS) systems that have not applied the proper security patches. Any such systems that it finds are then infected with the worm. The payload of this worm performs a denial of service attack on http:/ /www.microsoft.com 1(http://www.symantec.com/avcenter/venc/data/dos.storm.worm.html)

It is packed using upx packer and is written in Java.

If you get an offer to see a
video of Oklahoma City bomber Timothy
McVeigh’s execution, be careful. It probably
isn’t a video clip, just an old trick.

When the Mac
vs. PC wars start up, as
they inevitably do, on
Usenet or Web message boards or
just around the office, Mac partisans
always tout the dearth of viruses for
their chosen computer as one of the

Though there have only been 12 viruses that specifically target handheld devices like mobile phones and PDAs, the next year or two is likely to see an explosion of viruses for these platforms, said Bob Hansmann, enterprise product manager for anti-virus firm Trend Micro Inc. Speaking during a presentation at The Internet Security Conference Thursday, Hansmann said viruses did an estimated $1.5 trillion of damage in 2000.

Oh my goodness... here is the latest
'smart' trojan that was discovered in the wild on June 6th and for which the
advisory is out on June 7th. DoS.Storm.Worm is a worm that seeks out
Microsoft Internet Information Services
(IIS) systems that have not applied the
proper security patches. Any such systems that it finds are then infected with the worm. The payload of this worm performs a denial of service attack on http://www.microsoft.com ...The Full Advisory from Symantec is below...

DoS.Storm.Worm

Internet vandals have created an email-borne virus which attempts to
trick users into spreading it by promising pictures of Miss World
candidates.

The Miss World bug is yet another mass mailing worm, which uses
exactly the same tricks as the Anna Kournikova virus, Hompage bug
(et all) to spread.

A flaw in the web-based email services run by the likes of Yahoo! and Hotmail makes them conduits through which mass mailing email viruses can rapidly spread over the Internet.

That's the serious warning contained in a posting to the Bugtraq security mailing list by a security researcher who said that cross-site scripting vulnerabilities make it possible to replicate Melissa-type worms through Web mail services.