Last Security News

[Guttu]

I thinku were l8 and dint said anything
about the Kamasutra or FEB3 or Nemyses virus

Although there was no need of much precaution
the news regarding that wud hav warned many of members
to update their AV or stay away 4m porno or crack sites
atleast 4 dat day

But still ur news is interesting to me

[shakhe.bizhat.com]

I thinku were l8 and dint said anything
about the Kamasutra or FEB3 or Nemyses virus

Although there was no need of much precaution
the news regarding that wud hav warned many of members
to update their AV or stay away 4m porno or crack sites
atleast 4 dat day

But still ur news is interesting to me

hi,if you can please help this topic

=============
this is old but imortant
Email-Worm.Win32.Nyxem.e
Status : severe risk
Nyxem.e started spreading on 16th January 2006.

The worm checks the system date and on 3rd of every month, it will overwrite files with the following extensions:

.doc
.xls
.mdb
.mde
.ppt
.pps
.zip
.rar
.pdf
.psd
.dmp


Data in these files will be lost. Users are therefore strongly recommended to back up their data.
The worm also disables antivirus solutions.
more:
http://www.viruslist.com/en/viruses/...virusid=109064

[shakhe.bizhat.com]

- Vulnerability in Cisco IOS (1/30/06)
Cisco has reported a security problem in Cisco IOS -the operating system used by some of the most powerful networks in the world-, which could allow attackers to elevate privileges. The company has also released the updates of Cisco IOS in which this vulnerability is resolved.

- Critical update for Winamp (1/31/06)
The new version, 5.13, of Winamp, MP3 and multimedia player used worldwide, is now available. As the new version fixes a critical security flaw, Oxygen3 24h-365d recommends Winamp users to install this update.

- Personal data of 230,000 users of Ameriprise Financial compromised by the loss of a laptop (2/01/06)SecurityProNews reports about the laptop of an employee of Ameriprise Financial -a spin-off from American Express-, which was stolen from a car. The computer contained unencrypted information on more than 230,000 users.


- The Tearec.A worm activates tomorrow (2/02/06)
In February 3, the Tearec.A worm (also known as Nyxem.D, W32/MyWife.d@MM, W32/Mywife.D.worm, W32.Blackmal.D@mm and WORM_BLUEWORM.D) will carry out the action it was programmed for; delete files with the following extensions: .DMP, .DOC, .MDB, .MDE, .PDF, .PPS, .PPT, .PSD, .RAR, .XLS and .ZIP.

- Microsoft releases Service Pack 2 for ISA Server 2004 (2/03/06)
Microsoft has released ISA Server 2004 Service Pack 2, aimed at offering, among other advantages, three new features including BITS (Background Intelligent Transfer Service), HTTP compression and traffic prioritization.

[Guttu]

this is old but imortant
Email-Worm.Win32.Nyxem.e
Status : severe risk
Nyxem.e started spreading on 16th January 2006.

The worm checks the system date and on 3rd of every month, it will overwrite files with the following extensions:

.doc
.xls
.mdb
.mde
.ppt
.pps
.zip
.rar
.pdf
.psd
.dmp


Data in these files will be lost. Users are therefore strongly recommended to back up their data.
The worm also disables antivirus solutions.
more:
http://www.viruslist.com/en/viruses/...virusid=109064

This is Old. But the same virus I am talkin that spread on FEB3
Jus abit l8. But that is exactly wat I was talkin about
The virus spread wid other name called Kamasutra

[shakhe.bizhat.com]

February 6, 2006 - The Mozilla Foundation has published a security update that prevents eight vulnerabilities in version 1.5 of the popular browser Firefox.
Mozilla has assigned one of the vulnerabilities a critical severity rating, whereas three of them are considered moderate and four of them low.
The critical flaw allows an attacker to inject XML code in the localstore.rdf file, which makes the browser carry out tasks without the user's authorization at startup, allowing total control of the system.
The vulnerabilities considered moderate allow arbitrary code to be run.One of these flaws is an integer overflow in E4X, SVG and Canvas There is also a code execution problem when dynamically changing the style of an element from position:relative to position:static.
A corrected denial of service problem, reported in Oxygen3 on December 13, 2005, could be used by a malicious user to render an application unusable using a malicious website with a long title. The browser of a user that visited this website would close whenever the user tried to access it.
The updates can be downloaded using the automatic update feature in the browser or directly from the Mozilla website at
http://www.mozilla.com/firefox/
The information published by Mozilla Foundation about the flaws is
available at http://www.mozilla.org/security/announce/
source:pandasoftware

[shakhe.bizhat.com]

SecurityTracker Monday Morning Vulnerability Summary - Feb 6 2006
======================
SecurityTracker Alerts: 25

Vendors: Adobe Systems Incorporated - calendarix.com -CipherTrust - Computer Associates - farsinewsteam.com -FreeBSD - Groupee.com - HP (Compaq) - KDE.org - Kinesphere Corporation - MailEnable Pty. Ltd. - Microsoft - Mozilla.org- Netscape - Nullsoft - pmwiki.org - spip.net - subzane.com -Sun - Symantec

Products: Adobe Creative Suite - Adobe Illustrator - Adobe Photoshop - BIND - Calendarix - eXchange POP3 - FarsiNews - IronMail - KDE - MailEnable - Microsoft Internet Explorer (IE) - Mozilla Firefox - Netscape - PmWiki - Solaris - SPIP -Sun Java System Access Manager - Sygate Management Server - SZUserMgnt - TCP/IP Stack Implementation - UBBThreads - Unicenter TNG - Winamp
More:
http://secure-cyber.blogspot.com/200...y-summary.html