The Mariposa botnet was shut down on 23 December 2009. Now the spanish police published more information on the botnet consisting of 12,7 million computers in 190 countrys worldwide. They found login credentials, banking accounts and more than 800,000 e-mail logins at the computers of the three alleged kingpins who built and ran the botnet. [...]
The design of the German law on Internet and telephone data collection is unconstitutional. Today the Bundesverfassungsgericht (German Constitutional Court) delivered his judgment ( 1 BvR 256 / 08, 1 BvR 263 / 08, 1 BvR 586 / 08). The complainant saw the secrecy of telecommunications and the right to informational self-determination injured by the [...]
The Microsoft Security Response Center (MSRC) confirmed a new 0-day exploit for Internet Explorer. According to H-Online the hole is caused by the ability of VBScript’s MsgBox function to retrieve arbitrary online help files (.hlp) and execute arbitrary commands via macros these files may contain. “However, this requires some user interaction: The user has to [...]
At Feb. 25. and 26. some Linux distributors patched the included sudo-Command. According to a bug report reported 2010-01-29 version 1.6.9 was vulnerable for privilege escalation: Ubuntu Security Notice USN-905-1 Mandriva Security Advisory Red Hat Security Advisory Sudo Security Alert
Secunia announced its Secunia 2009 Report. It contains highlights about 0-day vulnerabilities of 2009, Software Inspection results, web applications security and an aggregate overview of the past year. Who wants to get the report has to go to this site: http://secunia.com/company/annual_report. You will see the following form: (Screenshot: secunia.com) If you fill in all required [...]
