Welcome to the AusCERT web log, where AusCERT will informally discuss current activity and interesting developments in the area of information security, Internet security and computer network attacks.
This is a channel for the timely release of unstructured information which may not be suited to our standard bulletins or other publications. A trade off of providing timely information is that it may be unverified or contain inaccuracies. However, if the accuracy of information changes or new information comes to light about an issue, we will always endeavour to update our web log.
We welcome comments and corrections of any of the information contained in the blog. Please contact firstname.lastname@example.org to provide feedback.
ARM, WPA cracking and more goodness
- Well the biggest news this week is that all your problems are solved!
However that may mean that some of you would be out of a job. So we decided
not to solve ALL your problems, just part of one problem.
Free AV and Computer Security Day a Success
- Microsoft announces plans for free AV and CSD 2008.
- New Microsoft initiative to clean up PCs.
Patches all round and +1 to AusCERT
- Another month of Microsoft patches done and new Linux Kernels.
Adobe vulnerabilities and a friendly reminder
- Numerous Adobe vulnerabilities were identified this week, along with continued MS08-067 activity.
Obama new President and new malware
- Malware using social engineering techniques around the US Presidential election have been reported.
ICANN cans EstDomains
- Two brief news items.
MS08-067 and the rest of the week
- I will give everyone one guess as to the first topic that I want to talk
Microsoft and Oracle with a dash of Adobe
- This week Microsoft and Oracle decided to release all their patches and
vulnerabilities on the same day. Unfortunately that means lots of bulletins
for me, and lots of patching for you :(
Are YOU LinkedIn?
- If you are LinkedIn (and of course I am talking about the social networking site www.linkedin.com) then you may have received a phishing email recently.
Malware with smaller targets
Cisco's half yearly flood of advisories, updates to Mozilla software and Kiwicon
- We didn't see much out of the ordinary in terms of incident reports this week. But Cisco have given people something with releasing 12 advisories, 11 of which for IOS issues. The Mozilla project also released versions of Firefox and SeaMonkey. And finally, Kiwicon is on this weekend.
Apple updates, more targeted phishing and another new team member.
- Apple has continued on from last week pushing updates for OSX and the iPhone.
Why Automatic Updates could be bad!
Major updates and an Aussie radiation scare?
- Patches released from the major vendors and an email claiming nuclear contamination on Australian soil.
An exploit for the CitectSCADA vulnerability has been posted on Milw0rm
- An exploit for the CitectSCADA vulnerability that AusCERT helped to co-ordinate the release of earlier this year, has been posted on Milw0rm. The module has been created to be included in the Metasploit framework.
The week that was...
- A new staff member and new vulnerabilities.
Google Chrome - How shiny is it?
- Google has today released the first public beta of their new web browser, known as Google Chrome, as an alternative to other popular browsers. Chrome introduces a number of new and innovative features, but with these new features come some potential security concerns.
Malicious Flash Sites Taking Over the Clipboard
- Through the use of a standard flash function attackers are attempting to lead viewers to malicious sites.
A new threat
Somebody hit the internet 'snooze' button
Fedora infrastructure issue
- Fedora are currently recommending that "you not
download or update any additional packages on your Fedora systems" at the moment.
To Patch or Not to Patch
- I am sure you are all expecting me to mention something about Microsoft
and how you should patch your systems now. And then I would go on to say
how you should patch all systems with patches as soon as you can. After
all I am a good little security professional.
Friday - at least for now...
- We are still seeing DNS patches coming out - so for the last time (now
that the BlackHat presentation has come and gone) check your DNS are belong
to us - I mean are patched.
An unquiet week
Active Exploitation of...
- We just discovered exploitation of recent vulnerability of a popular media program.
Delivering Bad Packages
- Another trojan mail run was made this week - this time claiming to be a message regarding a package that could not be delivered
A slower week that was!
- The AusCERT week in review for week ending 18/07/2008.
DNS Spoofing means war! or not!
- Big week, big vuls lots of crappy emails.
AusCERT Coffee Machine and the rest of the week
- Thankfully our coffee machine at AusCERT is one of those old fashioned, NON Internet connected ones. So our coffee will remain strong.
- While looking over the long list of vulnerabilities that were reported to
us today - one of them came across as slightly amusing, but put a new
spin on the idea of whitelisting.
Storm Hooks China and Browser Releases
- Another large spam run has seen the Storm malware using the Chinese earthquake and Beijing Olympics as hooks.
Zero day Firefox vulnerability
- A zero day vulnerability has been announced in Firefox.
Port Scanning increase
- Massive increase in some ports.
- For a while now we have seen some malware authors attempt to use digital
certificates to help the infection process. Looking further this could
have larger consequences. However I am rushing forward a little too fast,
so let me start from the beginning...
Previous 1, 2, 3 ... 10, 11, 12, 13, 14 Next
denotes AusCERT member only content.