Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2009-02-12 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Australian Bushfires

Published: 2009-02-12
Last Updated: 2009-02-13 04:13:03 UTC
by Mark Hofman (Version: 1)
0 comment(s)

As many of you may know the state of Victoria in Australia has seen the worst bushfires ever.  The final death toll is expected to be over the 300 and sadly it looks like a number of these fires were lit deliberately. 

Whenever an event like this occurs the internet is a place where things move quickly.  Domains are registered, sites appear and donations are taken.  So we've been keeping an eye on the domains being registered that are relevant to the bushfires.   

Sadly there have already been arrests of people trying to profit from this event, by posing as colectors for charities, etc. 

So here is a break down of what we've found so far:

  • Legit** - Sites that provide support for victims, or information and either do not ask for financial donations or redirect donations to the red cross or Salvation Army.
    • victorianbushfire.com, victorianbushfireforum.com, bushfireappeal.com, bushfirehousing.org, vicbushfiresgivehelp.com, victorianbushfires.com, bushfireforum.com, bushfires729.com, bushfiresanta.com
  • For Sale - Domains which an enterprising "entrepreneur" has reserved in order to make a buck on the potential demand for the domain.  Although to be fair there may be someone who reserved it in order to donate it to an organisation that would like to use it.
    • bushfireappeal.org, bushfireblog.com, bushfirerelief.com, victorianbushfireappeal.com, australianbushfires.com, australiabushfire.com, bunkerbushfire.com, bushfirebunkersaustralia.com, bushfirebunkersdownunder.com, thebushfirebunker.com, victorianbushfirereliefvolunteers.or
  • Suspect - Currently has no page visible so can't determine the intent
    • bushfirebunker.com, bushfirebunkers.com, bushfirerelief.info, bushfirerelief.net, bushfireshelters.co, au-bushfires.com, bushfireactionplan.com, bushfireaid.com, bushfirehomes.com, bushfirehomes.net, bushfirehomes.org, bushfirehousing.com, bushfirehousing.net, bunkerbushfires.com, bushfiresafety.net, bushfiresafety.org, victorianbushfires.info
  • Potentially Bad/Misguided - A site asking for financial donations to be submitted to them and they will pass it on.   Possibly someone trying to the right thing, but going about it the wrong way. 
    • bushfireappealqld.org - Not sure what this site is about, but they are asking for donations.
    • bushfirevictims.com - Sellling cds and will donate $10 from each to bushfire.  Nice idea but donate directly

If you come across domains that are asking for donations that I haven't covered please let us know (markh.isc (at) gmail . com) or via the contacts form.   If people want to donate encourage them to use the redcross.org.au site or the salvation army web sites. 

Mark H

**legit as in looks like a site trying to do the right thing.  It is by no means a guarantee that they are or will remain so.

0 comment(s)

Apple Security Updates

Published: 2009-02-12
Last Updated: 2009-02-12 23:37:34 UTC
by Johannes Ullrich (Version: 2)
0 comment(s)

Apple today released a number of security updates:

1 - Safari for Windows.

This update will bring Safari up ot version 3.2.2. It fixes a vulnerability within Safari which allows for the execution of Javascript in "feed:" URLs.

2 - OS X Update 2009-001

The first security update from Apple for 2009. It fixes a huge number of issues (I counted 45 CVE numbers). Many of them are in X11, perl and python. This patch includes the Safari patch mentioned above.

3 - Java update for OS X

And lastly: Apple also released a patched version of java, which will bring Java up to version 8 for OS X 10.4 (Tiger... not Leopard). For Leopard (OS X 10.5), Java update 3 was released today as well.

See:

http://support.apple.com/kb/HT1222
http://support.apple.com/downloads/

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute                                                        

Keywords:
0 comment(s)
Diary Archives