Updated Information Below – 28 Feb 2007
This morning on ATLAS we saw a pair of hosts scanning for Telnet servers. While this may seem like a throwback to days gone by, and maybe someone is starting from scratch in their exploit activity, this is related to a recent Solaris bug, specifically CVE-2007-0882 (the telnet “-froot” [...]
A few of us have been exploring the idea of using predictive markets as a means of exploring the realm of information security. Can we predict what kinds of software attacks we’ll see in the coming weeks? Can we leverage the crowd’s wisdom to tell us something? After all, economics markets and options trading already [...]
Last week I got three separate emails about an attack that people were seeing, blending phishing, a Trojan, a backdoor, and a website hack all in one. The whole thing relies on the target user falling prey to the “phish”. In this case, they’re not after someone’s bank account, they’re after their participation in a [...]
Nothing is sacred anymore, no lines of communications are safe. After yesterday’s Microsoft Security Bulletins for February 2007, even RTF is dead. RTF, or “Rich Text Format”, was once considered to be safe, a lot safer than Word documents, but now we know that RTF files are an infection vector, just like Word docs, PDF [...]
The “things” I’m talking about are vulnerabilities in AIX’s r-commands and Solaris’ telnet daemon. In case you missed them you can read details here:
IBM AIX r-commands buffer overflow vulnerability, a brief writeup by CA. This is vulnerability CVE-2007-0670, by the way.
Solaris Telnet 0day or Embarrassment from the SecuriTeam blog.
Yeah, it’s really 2007 and yeah, these [...]
