|
News for
061799
|
contributed by Marc
The major hole publicly announced yesterday by eEye Digital Security Team
in Microsofts Internet Information Server is continuing to make news.
Internet
News
ZD
Net
eEye Releases Fix
Microsoft has issued a workaround for this bug however it does break
functionality such as /iisadmpwd/. eEye Digital Security Team has
released their own fix that resolves the problem and preserves
functionality. It limits .htr requests to 200 characters, and logs the IP
address of the person trying the overflow. This is a great deal better
then the current recommendation from Microsoft which is to just remove the
.htr ISAPI filter.
eEye
Digital Security Team
Microsft
CERT Advisory Released
A day late and a dollar short CERT (Computer Emergancy Responce Team) has
released an advisory concerning this major problem. Unfortunatly they
forgot to credit who found the problem.
CERT
Irresponsible Security Companies
This article on C|Net questions whether eEye did the right thing by
releasing their advisory before Microsoft was ready with their patch. A
quote in the article from a Microsoft representative called this "contrary
to all of the normal rules of responsible security professionals." [rant
on] Bullshit. The company that has shown the public how irresponsible they
are is Microsoft. Microsoft knew about this problem for a week but did
nothing until it was released to the public. It is extremely likely that
someone else found this hole and did not tell anyone. They could have used
this problem to install back doors on most of the servers in the world
without anyone knowing. Microsoft could have stopped this action a week
earlier and didn't. Microsoft is the one who is not acting like a
'responsible security professional'.[/rant off]
C|Net
|
|
contributed by barbie
Officials in Australia and around the world are bracing for International
Day of Action on June 18th known as J18. June 18 is also the same day as
the G8 meeting in Cologne, Germany. J18 organizers are calling for
disruption of financial centers, banking districts and multinational
corporate power bases. Examples of possible activities include picketing,
street parties, leafleting, rallies, marches, strikes, carnivals, and of
course 'hacking'.
Australian
Financial Review
Australian
Financial Review - Yes, there are two stories
|
|
contributed by stealth
The people at Electronic Civil Disobedience are planning a virtual
'sit-in' in protest of the treatment of the Zapatistas by the Mexican
government. The sit-in will basically be a DoS attack against several
Mexican government internet sites. This demonstration is planned to take
place on June 18 from 10:00am to 4:00pm Mexico City time.
Electronic Civil
Disobedience
|
|
contributed by Code Kid
The Australian Computer Emergency Response Team (AusCERT) is claiming that
cyber attacks in Australia have doubled over the last year. They claim
that there has been a sharp rise in DoS attacks and recommend that
companies have strong security and policies in place.
Sydney
Morning Herald
Australian Computer Emergency
Response Team
|
|
contributed by chippy
The Australian Institute of Criminology has released a report that claims
that SmartCards will be the next stop for high-tech criminals. These new
crimes will force officials to develop new forensic processes and tool to
be able to extract data from such small storage devices.
Australian
Financial Review
Australian Institute of
Criminology
|
|
contributed by Weld Pond
Why are viruses and 'evil hackers' seemingly running rampant all over the
internet? Because in the beginning it was designed that way. Take a romp
through the early formative years of the net, all in six or seven
paragraphs.
Washington
Post
|
|
contributed by Cuda
What is being called the first Apple I ever sold will soon be sold via
auction. The Auctioneers are expecting bids to go well over $40,000. One
of of approximately 200 that where ever built this one includes original
documentation including the original 8-page manual. The auction company
will accept absentee bids online. Better hurry. The live bidding starts on
Tuesday June 29, at 11 a.m
La Salle
Auctions
|
|
contributed by Anonymous
Cracked
The following sites have been reported as cracked.
http://data3.gmu.edu
http://www.highplaces.org
http://ellzeymarine.com
http://multilinkcom.com
http://orion.web-hosting.com
http://www.exo2060.com
http://www.justmark.com
|
|
|
