Networking

THE CENTER FOR Internet Security (CISecurity) has released a free tool to help plug vulnerabilities that the FBI last week warned were being exploited by Russian and Ukrainian hackers.

CISecurity, founded in October, released PatchWork, a software tool that automates the process of finding the vulnerabilities and identifying needed patches. Its purpose is to assist companies that have not secured their systems and to do so quickly, the center said in a release Saturday. The tool can be downloaded from the CISecurity Web site.

Saw this over at SNN

Saw this over at SNN

Here's the report from eWeek concerning Guardent's find of a "potentially huge problem" in TCP. It's very similar to the hole found in some of the Cisco IOS software, concerning the ISN and the assignment of the number.

Here's a little Monday humor for all those with the Monday blues *wink*. It appears that the Girl Scouts of America Web site was playfully defaced by Hackweiser Saturday night.

"We demand cookies for all the l33t hax0rs and skript kiddies out there. We need Samoas, Thin Mints, and some Tagalongs Peanut Butter Patties!!!"

"B0OB wants extra SAMOAS cause his are all gone... Hes also a fat ass... but don't tell him I said that! (he says he is not)."

Users and makers of the Microsoft and Linux operating systems have often clashed over usability and performance. Now debate rages over which system provides the tightest security.

Microsoft operating systems have often been attacked for their vulnerability, but the perception that the software titan's systems are insecure is changing as the company shores up its servers and applications. Meanwhile, supposedly stronger Unix and Linux systems have suffered security breaches of their own.

Saw this over at SNN

Urawa, Japan, 5 March: The Saitama prefectural government closed its web site Monday [5 March] after discovering that hackers had pasted on the site messages criticizing Japan over a territorial row with China, prefectural officials said.

The top page of the site had been replaced with a picture of a Chinese tank and Chinese-language messages, one of which claimed the disputed Senkaku Islands in the East China Sea - known as the Diaoyu Islands in Chinese - belong to China.

Although the "system lockout" security feature in the Palm OS should block unauthorized access through its means of password protection, it has been discovered by @stake that a loophole exists. By exploiting the debugging functions in Palm OS, one could retrieve an encoded system password, obtaining all database and record information on the device, and install or delete applications. It is recommended to encrypt sensitive data with third-party utilities as older Palm models with non-upgradeable operating systems are subject to risk.

A hacker has attacked a website belonging to Malaysia's Road Transport
Department (http://www.jpj.gov.my).

He warned that other websites will be hit if administrators are "too lazy to
do their jobs".

The attack has come nearly two months aftersimilar attacks on websites
of the Malaysian Parliament and Malaysia's University of Technology.