Welcome to the AusCERT web log, where AusCERT will informally discuss current activity and interesting developments in the area of information security, Internet security and computer network attacks.
This is a channel for the timely release of unstructured information which may not be suited to our standard bulletins or other publications. A trade off of providing timely information is that it may be unverified or contain inaccuracies. However, if the accuracy of information changes or new information comes to light about an issue, we will always endeavour to update our web log.
We welcome comments and corrections of any of the information contained in the blog. Please contact email@example.com to provide feedback.
The fox resurfaced
- Don't wait to patch up!
Trojans that know where you live!
- ...well maybe not but it can seem that way for the latest runs of the Waledac trojan.
Patch will eat itself
- Plenty of patches this week, including a small one to correct a previous patch with it's very own vulnerability.
Another day... another browser vulnerability.
- This week has been a notable week for a number of reasons. One of the most common tools that we all use is the web browser, and of course, as a result it is also one of the tools which carries the greatest security risks due to its widespread use and the nature of the tool's use.
The end of February, and still more unpatched vulnerabilities...
- A number of known but unpatched vulnerabilities are still out there this week...
More vuls, but not all patched!
- A number of unpatched vulnerabilities have been discovered this week. The top of the list, a 0-day in Adobe Acrobat Reader.
Small increase in port scanning
- We have seen a small increase in port scanning of some common ports.
February patch rollouts and some tough love.
- Microsoft and Apple release their patches, will the scammers be releasing Valentines mayhem?
New Fox, Bird, Monkey and ...Squid
- Multiple Mozilla updates and AusCERT2009 registration open.
Beware the ides of... February, err... Valentine's Day!
- With Valentine's Day coming up just around the corner, as in previous years, we can all expect an onslaught of Valentine's Day related spam emails to arrive in our e-mail accounts over the course of the next few weeks.
Conficker/Downadup Worm attracts much media attention
- This week has seen a large amount of media attention given towards the spread
of the Conficker/Downadup Worm.
Back into the swing of it
- The first Microsoft and Oracle patch cycles for the year.
Large run of email account phishing
- A large run of email account phishing has been seen over the last week targeting ISP's and Universities
Block list available for the MS08-067 (Downadup/Conflicker) worm
- F-Secure have produced a list of domains used by the MS08-067 (Downadup/Conflicker) worm
Infections and Patches
- A week for Linux updates and some heavy hitting banking malware.
The Year Begins
- A quiet Christmas, A New Year
Twas the day before Christmas...
- Bugs, cut cables and a Happy New Year, oh my!
Browser Bugs Galore!
- A busy week for security professionals everywhere as multiple vulnerabilities are identified in web browsers everywhere!
Those bugs breed like rabbits!
- With multiple bugs and/or patches from Apple and Microsoft this is defiantly an interesting week from a vulnerability researchers perspective.
Mac, Windows and a little Malware
- It looks like it is that time of year again. The time where Apple users
feel smug about not having to use any AV software. After all, we know that
Max OSX is secure...
ARM, WPA cracking and more goodness
- Well the biggest news this week is that all your problems are solved!
However that may mean that some of you would be out of a job. So we decided
not to solve ALL your problems, just part of one problem.
Free AV and Computer Security Day a Success
- Microsoft announces plans for free AV and CSD 2008.
- New Microsoft initiative to clean up PCs.
Patches all round and +1 to AusCERT
- Another month of Microsoft patches done and new Linux Kernels.
Adobe vulnerabilities and a friendly reminder
- Numerous Adobe vulnerabilities were identified this week, along with continued MS08-067 activity.
Obama new President and new malware
- Malware using social engineering techniques around the US Presidential election have been reported.
ICANN cans EstDomains
- Two brief news items.
MS08-067 and the rest of the week
- I will give everyone one guess as to the first topic that I want to talk
Microsoft and Oracle with a dash of Adobe
- This week Microsoft and Oracle decided to release all their patches and
vulnerabilities on the same day. Unfortunately that means lots of bulletins
for me, and lots of patching for you :(
Are YOU LinkedIn?
- If you are LinkedIn (and of course I am talking about the social networking site www.linkedin.com) then you may have received a phishing email recently.
Malware with smaller targets
Cisco's half yearly flood of advisories, updates to Mozilla software and Kiwicon
- We didn't see much out of the ordinary in terms of incident reports this week. But Cisco have given people something with releasing 12 advisories, 11 of which for IOS issues. The Mozilla project also released versions of Firefox and SeaMonkey. And finally, Kiwicon is on this weekend.
Apple updates, more targeted phishing and another new team member.
- Apple has continued on from last week pushing updates for OSX and the iPhone.
Why Automatic Updates could be bad!
Major updates and an Aussie radiation scare?
- Patches released from the major vendors and an email claiming nuclear contamination on Australian soil.
Previous 1, 2, 3 ... 10, 11, 12, 13, 14 Next
denotes AusCERT member only content.