Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-08-11 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Libpng exploit / XP SP2 yet / New MyDoom? / More phishing / ISC Webcast / Corporate Policy

Published: 2004-08-11
Last Updated: 2004-08-11 23:40:04 UTC
by Pedro Bueno (Version: 1)
0 comment(s)
Libpng Exploit


A post today at Bugtraq Mailing List shows what suppose to be an exploit for Libpng vulnerability released a few days ago.

Reference: http://isc.sans.org/diary.php?date=2004-08-04


XP SP2 yet...


So, did you survive to the day after XP SP2? Share your experience with us at http://isc.sans.org/xpsp2.php .



Microsoft released a document with Top 10 reasons to deploy SP2. Deploy or not? Check it here? http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2top.mspx


New MyDoom ?


We received two posts asking if we were aware of a New MyDoom variant. According to the posts, the new variant would be spreading over China and would in wild in the next hours. We are not aware of any new worm variant. (YET).


More phishing


More and more phishings everyday. The example bellow was sent by Ryan Barnett. It is a phishing for UsBank and uses two techniques to obfuscate the fake urls:



http://%36%32%2E%32%34%39%2E%31%38%35%2E%31%38%39:%38%37/%63%66%6D/%69%6E%64%65%78%2E%68%74%6D

Decoded - http://62.249.185.189:87/cfm/index.htm



http://%32%32%30%2E%31%37%30%2E%36%34%2E%31%32%33:%38%37/%63%66%6D/%69%6E%64%65%78%2E%68%74%6D

Decoded - http://220.170.64.123:87/cfm/index.htm


SANS ISC Webcast


Did you miss todays ISC Webcast? Check the archive at: http://www.sans.org/webcasts/show.php?webcastid=90491

Corporate Policy...

Today you will have something extra to watch. Microsoft official MSN Messenger was released. If your corporate policy says that users are not allowed to use IM and you are already blocking the clients, watch out Web based IM. It may bypass some IM filters and allow them in your network.


Some Web Based are well known, as msn2go.com, msn2go.com.br...and now http://webmessenger.msn.com/ . Good luck...!


-----------------------------------------------------------

Handler on Duty: Pedro Bueno (bueno/AT/ieee.org)
Keywords:
0 comment(s)
Diary Archives