Return-Path: <sentto-279987-1427-995120368-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Sat, 14 Jul 2001 07:20:08 -0700 (PDT) Received: (qmail 1605 invoked by uid 510); 14 Jul 2001 13:21:41 -0000 Received: from ci.egroups.com (64.211.240.235) by 204.181.12.215 with SMTP; 14 Jul 2001 13:21:41 -0000 X-eGroups-Return: sentto-279987-1427-995120368-fc=all.net@returns.onelist.com Received: from [10.1.4.54] by ci.egroups.com with NNFMP; 14 Jul 2001 14:19:28 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_2_0); 14 Jul 2001 14:19:27 -0000 Received: (qmail 92397 invoked from network); 14 Jul 2001 14:19:27 -0000 Received: from unknown (10.1.10.27) by l8.egroups.com with QMQP; 14 Jul 2001 14:19:27 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 14 Jul 2001 14:19:27 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id HAA04494 for iwar@onelist.com; Sat, 14 Jul 2001 07:19:27 -0700 Message-Id: <200107141419.HAA04494@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Sat, 14 Jul 2001 07:19:27 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] news Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit July 11, 2001 Lashkar web site hacked The website of the Pakistan based militant outfit Lashkar-e-Tayiba has been hacked. As you open the site www.lashkar-e-toiba.org, the home page has a banner stating 'Mera Bharath Mahan (India is great)' and he right corner has the Indian national flag flying. The hacker who calls himself 'True Indian' said that the site has been Domain Name Server hacked by him as it contained inflammatory details about India and Kashmir. Adding that he decided to deface it in order to counter the Pakistani hacker group G-force, which reportedly has the support of the Pakistani government. http://www.rediff.com/news/2001/jul/10hack1.htm Watch Your Back Thousands of Internet users could be the victims of a mass computer crime by the end of 2002. Research by Gartner Inc., shows that at least one incident of economic mass victimization may disrupt not just America, but the entire world in just a year's time. "Converging technology trends are creating economies of scale that enable a new class of cybercrimes aimed at mass victimization," said Richard Hunter, research fellow at Gartner. What this boils down to is that computer masterminds have, through the Internet, the power to steal millions from thousands of people. http://www.shopguide.com/news/article_report1_07-11-01.asp DoS risk from Zip of death attacks on AV software? Claims that anti-virus and content filtering packages may be vulnerable to a denial of service attacks through maliciously constructed compressed archives have generated a heated debate in the security industry. A discussion thread on BugTraq on the subject has prompted security consultants MIS Corporate Defence to issue an alert warning its customers of what it describes as an easy way of bringing networks to their knees. Files are available on the Internet which are as little as 42KB in size but when fully decompressed have a total size of 16GB. The exploit works by sending an email containing such a maliciously formed compressed archive to an intended victim. http://www.theregister.co.uk/content/56/20322.html Worms evolving into complex beasts The next generation of computer worms will be stealthier, more targeted and harder to defend against, a security expert predicted at the Black Hat Security Briefings Wednesday. "They are adaptive; they are evolving," Jose Nazario, a researcher for computer-security group Crimelabs, said of worms, malicious, self-replicating programs that have become a favorite tool of online vandals. Nazario, who is doing doctoral work in biochemistry at Case Western University, called today's viral code the equivalent of "primordial ooze." http://www.zdnet.com/zdnn/stories/news/0,4586,5094015,00.html http://news.cnet.com/news/0-1003-200-6548363.html ISS warns of security flaw in RADIUS servers Internet Security Systems Inc. has spotted what's believed to be the first known buffer-overflow vulnerability associated with remote-access servers, which could allow a hacker to gain control of an ISP's network. The flaw is linked to the remote- access servers used by ISPs to authenticate users logging on to gain access to Internet services. Hackers craft all kinds of buffer-overflow exploits as strings of commands that can be used to try and gain control of a server when its buffer doesn't filter the attack strings through bound-checking measures. http://www.itworld.com/Sec/2290/NWW010710radius/ Security Flaw Found With Outlook VCards Security consulting and research firm @Stake Inc. has discovered a security flaw within Microsoft's ubiquitous Outlook and Outlook Express E-mail applications. The vulnerability concerns the use of Outlook's vCards, or virtual business cards, which can fall victim to a buffer overflow attack or contain code that can attack a user's system. VCards can be created with malicious code that can either cause Outlook to crash, or even allow the E-mail application to run damaging code on a targeted victim's system. http://www.informationweek.com/story/IWK20010223S0002 ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:37 PDT