Slashdot Mirror

← Back to Domains

Domain: incidents.org

Stories and comments across the archive that link to incidents.org.

Stories · 12

  1. IE Download.Ject Exploit Fixed

    It · Security · · posted by simoniker · from the round-and-round dept. · 421 comments
    Saint Aardvark writes "Just in time for the weekend, the Internet Storm Center is reporting that Microsoft is providing a fix for the Download.Ject vulnerability that hit IE late last month. The press statement says that it'll hit Windows Update later today..."

  2. New IE Malware Captures Passwords Ahead Of SSL

    Tech · Msie · · posted by simoniker · from the tricky dept. · 986 comments
    Ken Treis writes "SANS Internet Storm Center is reporting on a new strain of IE Malware. This one targets bank customers, which in itself is nothing new. But the catch is in the way it does it: it installs a Browser Help Object (BHO) that can capture login information before it is encrypted, and 'watches for HTTPS (secure) access to URLs of several dozen banking and financial sites in multiple countries.'."

  3. New IE Malware Captures Passwords Ahead Of SSL

    Tech · Msie · · posted by simoniker · from the tricky dept. · 986 comments
    Ken Treis writes "SANS Internet Storm Center is reporting on a new strain of IE Malware. This one targets bank customers, which in itself is nothing new. But the catch is in the way it does it: it installs a Browser Help Object (BHO) that can capture login information before it is encrypted, and 'watches for HTTPS (secure) access to URLs of several dozen banking and financial sites in multiple countries.'."

  4. Akamai DNS Outage Messes up Net

    Internet · · posted by ryuzaki0 · from the point-of-failure dept. · 522 comments
    katre writes "Checking all my favorite sites this morning, I saw that about half a dozen seem to be offline. Trying to figure out why, I found an interesting article on the front page at http://isc.incidents.org/. Seems that the problems at Akamai are screwing over Yahoo, Google, Microsoft, Fedex, Xerox, Apple, and others. Whatever happened to my decentralized net with no single point of failure?"

  5. Stop Christmas-Gift PCs From Feeding Worms

    It · Security · · posted by timothy · from the cognitive-dissonance dept. · 416 comments
    An Anonymous Reader writes "If you recently set up a new PC with Windows XP, or if you had the pleasure to do a 'reinstall from scratch,' you probably found that many XP systems as they are shipped today are not patched against common issues like Blaster. Given that these worms are still going strong, it doesn't take long for a new system to be infected. In particular, if you have to connect it to the Internet to download all the patches. Well, help is in sight. The SANS Institute released a paper entitled Windows XP: Surviving the First Day." (Read on below.) Update: 12/24 17:59 GMT by T : Thanks for reader Bill Curnow for the updated link. Update: 12/24 19:15 GMT by T : Besides the workaround suggested below, Roblimo has a good suggestion on avoiding the first-day-of-Windows altogether.

    "With many screen shots, it will walk you through the procedure to enable the XP firewall and downloading the patches without getting infected while doing so. This could be the (free) stocking stuffer that may save Christmas for your folks ;-). Given that its probably to late now to start downloading your favorite Linux distro."

    But if you do have the time and bandwidth, and you're stuck on Windows, a nice live-CD distro like Knoppix or Mepis means you can download patches without racing the worms, and install your patches while offline. (And if you have time to download 50MB, you have time to grab Damn Small Linux.)

  6. Federal NOC To Be Modeled After Incidents.org / DS

    It · Security · · posted by timothy · from the why-not-just-send-incidents-some-cash dept. · 30 comments
    An anonymous reader writes "Computerworld is covering in more detail the new Federal 'Cybersecurity Center.' The article explains that unlike some earlier rumors indicated, the center will not try to build a super-carnivore, but instead use voluntary reports. It will be similar to the SANS Institute's Internet Storm Center, which summarizes contributions submitted to DShield.org. This system of voluntary contributors has been shown to be effective in the past by issuing early warning for a number of major Internet worms, like Code Red, Ramen and SQLSnake. Unlike Symantec's 'for pay ' Deep Sight service, which publishes alerts only to paying members, Incidents.org is a free service."

  7. New "SQLsnake" Microsoft Worm

    Microsoft · · posted by ryuzaki0 · from the beware-the-worm-snake dept. · 316 comments
    sevenn writes "A new worm, targeting the Microsoft SQL daemon, has been sweeping the net. It uses massive scanning, default passwords, exploits against vulnerable versions and even attempts to brute force passwords. Here is the (vague) Microsoft bulliten, the SANS analysis, and a securityfocus article" Already over a thousand compromised system- you're apparently only vulnerable if you run MS SQL, but the worm is causing a substantial spike in traffic to port 1433 on the net.

  8. Internet Storm Center Tracks Hack Attacks

    Internet · · posted by ryuzaki0 · from the graphic-violence dept. · 55 comments
    An Anonymous Coward writes: "It looks like Incidents.org has a new offspring, the Internet Storm Center. The internet storm center uses data from DShield.org to track hack attacks all over the world. Some of the interesting trivia: While usually, China has a bad reputation for the volume of attack coming from it, the US outpaces China by a lot. Actually, China only comes in at #6. So much for the great security boost the US gets from using genuine Microsoft software."

  9. Internet Storm Center Tracks Hack Attacks

    Internet · · posted by ryuzaki0 · from the graphic-violence dept. · 55 comments
    An Anonymous Coward writes: "It looks like Incidents.org has a new offspring, the Internet Storm Center. The internet storm center uses data from DShield.org to track hack attacks all over the world. Some of the interesting trivia: While usually, China has a bad reputation for the volume of attack coming from it, the US outpaces China by a lot. Actually, China only comes in at #6. So much for the great security boost the US gets from using genuine Microsoft software."

  10. Slashback: Exactitude, Fortitude, Picnic

    News · News · · posted by timothy · from the sanchitha dept. · 149 comments
    Slashback tonight with another assortment of corrections, amplifications, looks backward (and even looks forward to looks backward). In this last case, it looks like you may even get fed.

    You mean we have to reprint all the invitations? Reader Ian Cowley wrote with a slight correction about the end of an era:

    "Your article on slashdot.org about the billionth second of the epoch is sort of (but not entirely) flawed.

    Yes, UNIX systems will report 1000000000 seconds at 01:46:40 on 9th September. Which of course means the 1 billionth number will be 01:46:39.

    But, these systems do not account for leap seconds. According to TAI (international atomic time), the 1 billionth second since the beginning of January 1st 1970 will occur at 01:46:17 on 9th September 2001, as 22 leap seconds have been inserted since 1970 (the first was 1972, the last 1999).

    So celebrations of the 1000000000th second should be at 01:46:17, whilst 01:46:40 can be reserved for celebrating 1000000000 displayed on UNIX system clocks."

    Errr ... thanks. We'll just have to start at "Unix Day, Observed."

    What price the capture and humiliation of virus spreaders? JayHerrick writes: "We have posted a small bit of JSP that reports the number of times our server has been queried for a 'default.ida' page. It's stylish, it's cool, and it'll probably get Pepsi all mad at us because we ripped the Code Red logo off one of the bottles." Equally stylish, despite the name, is a small tool named codeRedNeck, described by reader mindriot thus: "As CodeRed probes port 80 of a machine, CodeRedNeck first answers on that port and then goes silent, thus forcing the worm to wait until the connection times out." He advises: "Read the original idea by Tom Liston. Heise also has more on this."

    Even More Auspicious dates. No matter which date you choose to mark it, Linus' little kernel-that-could is about to mark its tenth birthday. ikluft writes:

    "The "Linux10" Linux 10th anniversary picnic and BBQ will be held on Saturday, August 25 from 11AM to 6PM at Sunnyvale Baylands Park in Sunnyvale, California. Details and directions can be found at Linux10.org. If you can attend, please use the RSVP form so the organizers know how much food and soft drinks to provide (only provided if you RSVP.)

    Linux10 is being organized as a family event -- bring the kids. In support of that goal, it is also a no-media event. Linux and Open Source enthusiasts who work for the media may attend and participate while off-duty.

    Linux10 will gladly link to other Linux 10th anniversary events. Let us know the URLs for those events."

    Reader big_drew adds: "The event is free (food, softdrinks, cds -- sorry, no free beer, but byo is ok)" and says "If you can't make it out to CA, you can still get the t-shirt (profits will be used to fund the picnic)."

    Anyone want to organize a picnic in the vicinity of Knoxville, TN? :) I can bring some pasta salad and watermelon.

    Ten candles all around here, too. Simon Spero writes: "As noted in http://www.w3.org/History.html, today, August 6th, is the 10th anniversary of the first public release of the CERN Web Software."

  11. Code Red II: Shells for the Taking

    It · Bug · · posted by CmdrTaco · from the it-keeps-getting-more-and-more-comical dept. · 602 comments
    sigurdur writes "It seems there is a new and more malicious version of Code Red out there. This one seems to try and copy cmd.exe into a position where it is accesible to us all - the scripts directory. So far I have seen it reported on the intrusions-list at incidents.org where they also just put up a notice about this third generation Code Red worm." I still think sircam is more annoying since it affects every email user, and not primarily poorly administered websites. But imagine how much bandwidth Code Red and Sircam have wasted in the last few weeks?

  12. Code Red Goes The Way Of Y2K

    It · Bug · · posted by timothy · from the code-blue dept. · 407 comments
    beanerspace writes: "In spite of Michael Hyatt-like hype, the Washington Post now reports that the 8pm EST deadline for the Code Red worm came and went without grinding the internet to a halt. Darn, I was sorta hoping it would so I could take the day off and go fishing." Why is it that Code Red gets the trumpets and klaxons, while Sircam continues to spread private documents(!) with considerably less attention? Update: 08/01 03:41 PM by T : On the other hand, incidents.org's graph shows a different picture of Code Red's progress, as several readers have pointed out. That's a pretty little curve there, isn't it?