Networking

Saw this over at HNN :

Saw this over at HNN :

Georgi Guninski has done it again folks. He has found another hole in the Microsoft IE 5.5 browser little more then a week after he issued his initial advisory regarding the same product. It is believed this hole has the potential to allow an infiltrator complete access to all parts of the computer. Guninski released the advisory to BugTraq early yesterday.

CNET

Saw this over at HNN

The CyberSmuggling Center, a branch of U.S. Customs, has opened a permanent facility in Fairfax County Virginia. Since its inception three years ago, the group has patrolled the Net, searching for illegal activity. The group focuses mainly on putting a stop to the proliferation of child pornography on the Internet

The Washington Post

A hacker found exploits in the NASDAQ server, could have changed market info and admin passwds. Server: IIS. The article also mentions that the hacker did ethical job of providing info to fix the problem, and also mentions BugTraq and how MS didn't fix the hole when it was posted July 17.

Saw this over at HNN

Vulnerabilities discovered on financial sites Nasdaq.com, CBS.MarketWatch.com, BigCharts.com, and FTMarketWatch.com. by Gerrie Mansur, member of Dutch group Hit2000, were plugged after he notified each site's webmaster. Mansur claims to have written the exploit himself however it is believed to bear a strong resemblance to the Source Fragment Disclosure Vulnerability. Mansur has decided against publishing the exploit.

Saw this over at HNN

The Security Vision Roundtable, an event sponsored by Andersen Consulting and Purdue University's Center for Education and Research in Information Assurance and Security (CERIAS) brought together some of the best security minds in the U.S. to discuss industry trends - past and present. Quality assurance, PKI and research were among several topics covered in the group's recommendations. Dan Geer, CTO of @stake, participated in the roundtable.

According to the Chronicle of Higher Education, U.S. House of Representatives majority leader Dick Armey is on the warpath about the Illinois Institute of Technology's nascent review-in-progress of the U.S. government's Carnivore technology. Find the article on their site. 'It's a bad idea to have people with clear political ties reviewing a system under political scrutiny,' said a spokesman for Armey. In a prepared statement Armey referred to the review as 'a whitewash.'

Saw this over at HNN

Experts believe the lack of functionality seen on mobile phones and PDA's does not embody the complexity required of it to be a successful virus conduit. The more user options available, the greater the risk for viruses. Not surprising news considering how many times we've watched this same episode unfold.

ZDNet via Yahoo

Saw this over at HNN

Slashdot.org's website was infiltrated late last week by two individuals in the Netherlands. The holes were quickly patched after they called Slashdot to explain how they entered the system. Slashdot advises patrons of its website to change their passwords as a precaution.

Newsbytes

CNET

Saw this over at HNN

As if further evidence were needed, an recent posting paints a grim portrait of the state of web security. While one might question the science behind it, the FBI estimates that computer-related crime will cost the US $266 million, a more than 100% increase over last year's statistic. And the number of incidents reported to CERT reported in the first half of this year totaled 8,800, versus 9,800 for all of 1999.

USA Today via AZCentral