Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: PHP Worm, Winace exploit, new toys - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
PHP Worm, Winace exploit, new toys

PHP Worm spreading

We have received reports that yet another variant of the phpworm has started to spread, from the beginning analysis it appears that current antivirus vendors do not recognize this variant. Note that we have not received many reports of this worm spreading.

Canada's Security Report Card has been released

The best summary is a direct quote from the report. "two and a half years after revising its Government Security Policy, the government has much work to do to translate its policies and standards into consistent, cost-effective practices that will result in a more secure IT environment in departments and agencies."

The folks over at k-otik released an advisory on a buffer overflow issue, which could allow arbitrary code execution.

Sysinternals has released a new utility which detects windows based root kits.

Its functions by looking for Registry and file system API discrepancies that may indicate the presence of a root kit.

18 Posts
Feb 24th 2005

Sign Up for Free or Log In to start participating in the conversation!