|
News for
083199
contributed by Mikko
A simple cgi script made its way around the internet last weekend that
gave anyone with a web browser complete access to any hotmail account.
Just enter the user name and you had complete access to read, delete and
send email from someone else's account without knowing the password.
The script was posted to several web sites before it stopped working. A
MSN spokesperson claimed that the hole was fixed as soon as they were
notified. The European newspaper who first broke the story and contacted
MS said it took MS over ten hours to correct the issue.
CNN
Nando
Times
Wired
ZD
Net
Microsoft
Spin - For a laugh read the news reports first then read this.
|
contributed by McIntyre
Mindphaser (Chad Davis), from Green Bay, Wisconsin, the alleged founder
of 'Global Hell', has been arrested by federal authorities and charged
with maliciously interfering with the communications system and
violating the security of a US Army computer system. While not mentioned
in the news reports it is thought that the US Army system in question is
www4.army.mil which was attacked with a Cold Fusion exploit on June
28th, 1999. According the Attrition.org web defacement mirror the group
known as Global Hell has over 100 web defacements attributed to it.
Nando
Times
Attrition.org-
gH Breakout
HNN Defaced Pages Archive
|
contributed by Dark Tangent
Not two months after Defcon VII and the dates for Defcon VIII have been
announced. One weekend after HOPE 2OOO everyone must go to Las Vegas to
the Alexis Park Hotel. Conference organizers have secured twice as much
space for next year and have gotten discounted rooms at the Hard Rock
Hotel across the street. (I don't know about you but there is no way
I can go to two cons a week apart. I can only drink so much. Hmmmm,
decisions, decisions...)
Defcon
HNN Cons Page
|
contributed by Weld Pond
An interesting saga has unfolded within the hierarchy of the
Pennsylvania Turnpike Authority. Evidently an employee was caught
snooping around in computers he did not belong in. That employee left
the employ of the Turnpike. In the ensuing investigation nude photos of
three Turnpike employees where found, including those of the wife of
Republican legislator, Senate President Pro Tempore Robert Jubelirer.
Post
Gazette
|
contributed by Turtlex
A recently discovered virus named Toadie.exe attempts to spread by
DCCing itself to other mIRC users. If a user is infected with Toadie and
is using mIRC it will initiate a DCC transfer to new users unbeknownst
to the infectee. Toadie is a direct infector meaning it infects
executable files.
CNN
Network Associates -
Toadie Description
|
contributed by Weld Pond
Jennifer Granick, a private-practice lawyer, defends people accused of
computer-related crimes. This is a pretty decent article covering her
activities and detailing a few of her cases.
San
Francisco Chronicle
|
contributed by lamer
A nice adverticle for Ernst & Young's penetration testing team. The
author goes off to cover a few other topics but for the most part it is
just fluff for Ernst & Young and their e-security solutions group.
Chicago
Tribune
|
|
|