Networking

A new technique for attacking MSN Hotmail users has been discovered, the latest in a cat-and-mouse game between Microsoft [NASDAQ:MSFT] and Javascript security holes.
By adding Javascript to the "From" line of a message sent to a Hotmail user, an attacker can evade the filters Microsoft has put in place to protect the millions who rely on MSN's popular Web-based e-mail service, Newsbytes has confirmed.

Microsoft representatives said the company was investigating the new attack and declined further comment.

As an information security professional, I take an extreme interest in information warfare, as it is closely connected to the infosec field. Thus, I was excited to read Information Warfare: How to Survive Cyber Attacks, and see what it offered from the information security point of view.

Relatively short article, but shows that Social Engineering still is a legitimate threat to organizations.

"When Chris Pick and Todd Tucker want to demonstrate to a client how vulnerable its system is, they often just put on a pair of overalls and pick up a tool box.
"Socially engineering" your way into a building is one of the easiest ways breaking into a company's computer system, said Pick, vice president of product strategy at Pentasafe Security Technologies Inc. in Houston.

Cisco's Intrusion Detection System (IDS)is not the only technology that fails to protect ISS Web servers against stealth unicode attacks. An advisory by eEye Digital Security, reports that network and server sensors from ISS, Dragon Sensor 4.x, Snort (prior to version 1.8.1) and components of Cisco Secure IDS are affected by the issue. Symantec and Network Associates have stated that their products are not vulnerable.

A new Internet worm designed to attack a common flaw in Unix systems has been confirmed dead, but security experts are warning that the self-propagating worm could be the next Code Red. The X.C worm exploits a newly discovered hole in the telnet service that is run on most Unix systems. Antivirus companies are concerned that crackers will have learned from the success of the Code Red worm and its variants, and will be encouraged by the length of time that it takes system administrators to patch machines against publicized vulnerabilities.

An input validation error in the debugging functionality of all currently
released versions of sendmail can enable a local user to gain root
access. New packages that fix this problem are available for Red Hat Linux
5.2, 6.2, 7.0, and 7.1.

Here's a description of the problem:

In light of the interest in the recently discovered Linux based Remote Shell Trojan, vnunet.com has uncovered more details of the worm's functionality in a bid to dispel any fear, uncertainty and doubt.
Security experts analysing the Trojan have said that it infects Linux Executable and Linking Format (ELF) files, initially surfacing in the /bin directory.

It should be noted, however, that infected ELF files will remain fully functional so as to hide the infection.

BEIJING: Half of China's Internet users have been affected by hackers in the past year alone, according to a survey cited by the state media on Monday, with most of the country's online population knowing little about computer security.

The study showed an "alarming level of carelessness and ignorance about security among online users", the China Daily newspaper said.

A problem exists in Microsoft Exchange 2000 when running with Norton AntiVirus for
Microsoft Exchange. A host running this combination of software can be tricked into
disclosing mail directory paths to an attacker.

A flaw exists in a component of OWA on Microsoft Exchange 5.5, which could enable an
unauthenticated user to gain read access to the entire Global Address List. This issue enables
the user to perform a Find User request directly to the flawed component of OWA,
circumventing authentication to the Exchange server.

L33tdawg: The list of vulnerable machines along with the link to the patch is included in the read more.

Microsoft has released a patch which rectifies this issue:

Microsoft Exchange Server 5.5SP4: