| |
 |
 |
 |
|
|
|
|
Welcome to the AusCERT web log, where AusCERT will informally discuss current activity and interesting developments in the area of information security, Internet security and computer network attacks.
This is a channel for the timely release of unstructured information which may not be suited to our standard bulletins or other publications. A trade off of providing timely information is that it may be unverified or contain inaccuracies. However, if the accuracy of information changes or new information comes to light about an issue, we will always endeavour to update our web log.
We welcome comments and corrections of any of the information contained in the blog. Please contact auscert@auscert.org.au to provide feedback.
Vulnerability in Adobe Flash Player being actively exploited
- This week has seen widespread exploitation of a vulnerability in
Adobe Flash Player.
(30/05/2008)
AusCERT2008 comes to a close
- AusCERT2008 has been another success and generated lots of media interest, he's a quick wrap up of the event and some of those articles.
(23/05/2008)
Theres patches and then theres PATCHES
- Some vulnerabilities are not as easy to fix as others, as we have seen this week.
(16/05/2008)
Corporate data protection and peer-to-peer threats
- Recent media reports again highlight the need for protection of corporate data and the risks associated with peer to peer software.
(13/05/2008)
One vulnerability, hundreds of thousands of compromises.
- Many thousand sites compromised with iframes.
(09/05/2008)
Signing up to sign out
- When is phishing not phishing?
(02/05/2008)
Encrypted backups - an example in why
- Recently, there has been another public report of lost or stolen records in the US. What makes this case interesting is that the records stolen were on backup tape in the possession of a third party.
(28/04/2008)
A lower total cost of 0wn3rship
- What do you do when your website is infecting your customers and your hosting
provider won't take your calls?
(24/04/2008)
All your patch are belong to Oracle.. and Clam.. and Mozilla oh wait and Microsoft..
- This week (yesterday specifically) saw two browsers issue critical security
updates
(18/04/2008)
Windows update - the real and the scam
- Patch Wednesday has come and gone, and a few words on USB keys
(11/04/2008)
April Fools! (and some log information)
- April Fools week contained some new storm messages, and a little explanation on some messages our members may have received from us.
(04/04/2008)
All your $_SERVER variables are belong to php-syslog-ng-2.9.7.
- A newly added "feature" of php-syslog-ng leaks information back to the author. tsk tsk.
(01/04/2008)
Reminder - Windows Vista SP1 released
- Microsoft have released the first service pack for Vista, which contains a number of security fixes.
(27/03/2008)
Google AdPhish - Grow someone else's business
- A recent phishing run tries for Google AdWords accounts
(26/03/2008)
exZIPit A - A malformed archive
- The University of Oulu has found some scary vulnerabilities in the parsing of specially crafted archive files.
(19/03/2008)
More phishing news
- AusCERTs week in review.
(13/03/2008)
AusCERT is 15!
- It's time for the week-in-review and AusCERT turns fifteen.
(09/03/2008)
Conferences, Campaigns and Papers
- Small update!
(28/02/2008)
Fraud Fortnight
- Fraud fortnight aims to raise awareness about scams.
(24/02/2008)
Content Management Systems under the Microscope
- Week In Review
(21/02/2008)
Vulnerabilities Here There and Everywhere
- AusCERT week in review
(14/02/2008)
Non financial institutions at risk due to new phishing scam
- Australian universities have been targeted in a phishing email scam in the last few weeks in an attempt to steal user credentials to access email accounts.
(11/02/2008)
Firefox, QuickTime, and the Blog
- Firefox and QuickTime updates for all. Blogging and CMS Software plugin bugs.
(07/02/2008)
Following the rabbit hole
- Ever wondered just how thoroughly compromised an administrator can get with one click?
(07/02/2008)
Storm, Porn and Brawn
-
(31/01/2008)
Mobile Phone Worm and AusCERT Conference
- AusCERT week in review
(24/01/2008)
Slow and steady winning the spam race
- A relaxed pace spam run has been able to slip through spam filters hoping to lure victims into downloading malicious content.
(21/01/2008)
Major Vulnerabilities, patches and a Storm of Love
- AusCERT week in review
(17/01/2008)
Have you flashed your router?
- Updating your router via unorthodox methods.
(14/01/2008)
Everything old is new again - MBR Rootkits?
-
(13/01/2008)
Short Start to a New Year
-
(03/01/2008)
Bits and ports
- A quick blog containing a few short updates.
(30/12/2007)
Christmas malware to round out the week
- Over the last few days we have seen a large increase in the number of Storm emails. In other news, this week has seen the release of a new version a Adobe Flash Player.
(27/12/2007)
Its raining Storm
- Storm crew are being very joyous this time of year.
(26/12/2007)
Increase in RAdmin port scanning
- AusCERT has been observing significant increases in scanning on TCP port 4899. This port is used for RAdmin, a program that allows remote control of computers.
(26/12/2007)
Previous 1, 2, 3 ... , 10, 11, 12 Next
denotes AusCERT member only content.
|
|
|
|
 |
|
 |
|
|