Skip to Content

security

Zeus - The Ultimate Malware Package

Zeus or sometimes known as Zbot is a malware package that was originally sold and traded through underground forums.Basically it is a executable file with a web based front-end that helps you to control it.Zbot is a generic back door that allows full control by a remote user, the primary function of Zbot is financial gain, and stealing credentials such as FTP, email, online banking, and other online passwords.Zeus has existed at least since 2007, but has been further enhanced and honed over time. It has been rumoured that Zeus originated in Russia or Russian speaking countries as initial help files and other files in the package were written in Russian.

Drupal Multiple Vulnerabilities

Advisory ID: DRUPAL-SA-CORE-2010-001
Project: Drupal core
Version: 5.x, 6.x
Date: 2010-March-03
Security risk: Critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

Microsofts Latest Update Causes BSOD

Microsoft have announced that after installing the February security updates a limited number of users are experiencing the dreaded BSOD. There initial analysis suggests that the issue occurs after installing MS10-015 (KB977165). However, they have not confirmed that the issue is specific to MS10-015 or if it is an interoperability problem with another component or third-party software. The Microsoft team is working to resolve this as quickly as possible. They have also stopped offering this update through Windows Update as soon as they discovered the issues. However, those using enterprise deployment systems such as SMS or WSUS will still see and be able to deploy these packages.

Drupal Forward Module Security Bypass

Secunia Advisory: SA34282

Critical: Less Critical

Nuke Evolution Xtreme Cross-Site Scripting (XSS + RFI)

Title: Nuke Evolution Xtreme "defaultVisualExt" Cross-Site Scripting

SECUNIA ADVISORY ID: SA34783

VERIFY ADVISORY: http://secunia.com/advisories/SA34783/

Critical: Less critical

OpenSSL Multiple Vulnerabilities

Title: OpenSSL Multiple Vulnerabilities SECUNIA ADVISORY ID: SA34411 VERIFY ADVISORY: http://secunia.com/advisories/34411/ Critical: Moderately critical DESCRIPTION: Some vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).

Member of the botnet underground sentenced to 48 months in prison

Hacker Jailed For two Years

Concluding the first prosecution of its kind in the nation, a man associated with the “botnet underground” was sentenced to 48 months in federal prison for using his “botnets” – armies of compromised computers – to steal the identities of victims throughout the country by extracting information from their personal computers and wiretapping their communications.

phpBB "ucp.php" Cross Site Scripting Vulnerability

phpBB 'ucp.php' Cross Site Scripting Vulnerability

Verification: http://www.securityfocus.com/bid/33995/info
 

Ubuntu PHP5 vulnerabilities

Secunia Advisory: SA33939

Verification: http://secunia.com/advisories/33939/

Critical: Moderately critical

 

Syndicate content