ATTENTI, VIRUS, Ehi, finalmente posso vedere chi visita il mio profilo! Scoprilo anche tu, clicca qui sotto!!
Si tratta di :Exploits
attenzione pericoloso virus su facebook
Ehi, finalmente posso vedere chi visita il mio profilo! Scoprilo anche tu, clicca qui sotto!!
NON CLICCAE SU QUESTO LINK, L’INDIRIZZO DEL COMPUTER A CUI VI COLLEGHERETE APPARTIENE A QUELLO DI UN SERVER PORNO 73.45.102 59 E SARETE INFETTATI DA UN VIRUS .
SECOND SECURITY ALERT IN GLENAVY DECLARED A HOAX
Si tratta di :Bufale e Hoax
The PSNI said the alert began when staff spotted a bag outside a local shop shortly before 10am
It was later declared an elaborate hoax.
It follows an alert in the village on Friday night, which was also subsequently declared a hoax.
SOURCE:
http://www.lisburntoday.co.uk/news/SECOND-SECURITY-ALERT-IN-GLENAVY.4652030.jp
Ocean Bank security measures – Only A Spammer Phishing Measures
Si tratta di :Phishing e Truffe
Attention Ocean Bank consumers!
This update is for customers who use Ocean Business and/or Personal online banking in North America.
Update your system through this official site if your account has been created before October 22, 2008.
There is no guarantee of proper operation with NOT UPDATED consumer systems.
Read more>>
Sincerely, Lila Gustafson.
2008 Ocean Bank, Florida.
http://oceanbank. webcashmgmt. wcmfd.wcmpw.memberverify .onlineupdatemirror. nwsrga11b. gineehg. com/ 103541.html?/ viewcontent/ portalserver/OSL.htm? LOB=46455940&refer=9SsvMoVdNwsRga1
Apple Security Update 2008-007
Si tratta di :Sicurezza
Descrizione del problema
Apple ha rilasciato il Security Update 2008-007 per correggere
varie vulnerabilta’ che affliggono il sistema operativo Mac OS X
ed alcune applicazioni distribuite insieme al sistema stesso.
:: Software interessato
Apple Mac OS X
:: Impatto
Security Bypass
Cross Site Scripting
Spoofing
Manipolazione di dati
Esposizione di dati sensibili
Esposizione di informazioni sul sistema
Privilege escalation
Denial of Service
System access
:: Soluzione
Applicare il Security Update 2008-007:
http://www.apple.com/support/downloads/
:: Riferimenti
Apple – About Security Update 2008-007:
http://support.apple.com/kb/HT3216
Secunia:
http://secunia.com/advisories/32222/
Mitre’s CVE ID:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4850
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0227
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3912
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3913
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3914
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3646
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4211
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4212
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4215
MS Windows Wormable Vulnerability, Out-of-Band Patch Released (MS08-067)
Si tratta di :Sicurezza
Threat Type: Malicious Web Site / Malicious Code
Websense® Security LabsTM has received reports of exploits circulating in the wild that take advantage of a serious Windows vulnerability. Microsoft just released an out-of-band patch to address this just hours ago (see MS08-067).
The remote code execution vulnerability is found in netapi32.dll, and carries a severity rating of “Critical” by Microsoft, affecting even fully patched Windows machines. This vulnerability (CVE-2008-4250) allows malicious hackers to write a worm (self-propagating malicious code without need for any user interaction), by crafting a special RPC request. A successful exploitation would result in the complete control of victim machine.
To date, we have seen attacks installing a Trojan (Gimmiv) upon successful exploitation. At the time of this alert, only 25% of 36 anti-virus vendors could detect this malicious code. Blocking TCP ports 139 and 445 at the firewall is only a partial solution because most desktops have file/printer sharing turned on. The out-of-band patch release by Microsoft testifies to the severity of this vulnerability and the urgency for an immediate fix.
Websense is monitoring the development of this attack, and has classified the corresponding Web sites and malicious code that the exploit downloads.
More information:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4250
http://blogs.technet.com/mmpc/archive/2008/10/23/get-protected-now.aspx
http://blogs.technet.com/swi/archive/2008/10/23/More-detail-about-MS08-067.aspx
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
Vulnerabilita’ in Microsoft Windows Kernel (954211)
Si tratta di :Sicurezza
Descrizione del problema
Questo aggiornamento di sicurezza risolve tre vulnerabilita’
relative al Microsoft Kernel.
Le vulnerabilita’ consentono ad un attaccante locale di ottenere
il controllo completo del sistema.
:: Software e Sistemi affetti
Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows XP SP3
Microsoft Windows XP Professional x64
Microsoft Windows XP Professional x64 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 x64
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 per Itanium SP1
Microsoft Windows Server 2003 per Itanium SP2
Microsoft Windows Vista
Microsoft Windows Vista SP1
Microsoft Windows Vista x64
Microsoft Windows Vista x64 SP1
Microsoft Windows Server 2008 per sistemi 32-bit
Microsoft Windows Server 2008 per sistemi x64
Microsoft Windows Server 2008 per sistemi Itanium
:: Impatto
Esecuzione di codice arbritario con privilegi superiori
:: Soluzioni
Applicare la patch segnalata nel bollettino Microsoft MS08-061
http://www.microsoft.com/technet/security/Bulletin/MS08-061.mspx
:: Riferimenti
Microsoft Security Bulletin MS08-061
http://www.microsoft.com/technet/security/Bulletin/MS08-061.mspx
FrSirt:
http://www.frsirt.com/english/advisories/2008/2812
Secunia:
http://secunia.com/advisories/32247/
SecurityFocus:
http://www.securityfocus.com/bid/31653
CVE Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2250
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2251
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2252
