Peaches

May 8, 2009 1:53 PM PDT UC Berkeley computers hacked, 160,000 at risk by Michelle Meyers "Hackers broke into University of California, Berkeley's health services center computer and potentially stole the personal information of more than 160,000 students, alumni, and others, the university announced Friday. At particular risk of identity theft are some 97,000 individuals whose Social Security numbers were accessed in the breach, but it's still unclear whether hackers were able to match up those SSNs with individual names, Shelton Waggener, UCB's chief technology officers, said in a press co

May 7, 2009 5:43 PM PDT Google issues, then reissues Chrome security fix by Stephen Shankland "Google fixed security holes with a new release of its stable version of Chrome--then released a replacement shortly afterward to prevent a batch of crashes that turned up as well. Chrome 1.0.154.64 emerged Tuesday and was intended to fix one critical security problem and one high-severity one. On Thursday, came 1.0.154.65 to fix a crash during startup that affected "a small percentage of users," said Chrome Program Manager Mark Larson. With the first problem, an attacker under some circumstances

DBAN - Darik's Boot and Nuke - a free software to completely erase your hard-drive. Can be saved to a CD. http://www.dban.org/ "Darik's Boot and Nuke ("DBAN") is a self-contained boot disk that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction. DBAN is a means of ensuring due diligence in computer recycling, a way of preventing identity theft if you want to sell a computer, and a good way to totally clean a Microsoft

Our author's profile shows age 25 & a female avatar but has had a job for 30 years & now unemployed - hmmmm???

Lazy boy recliner ... http://vimeo.com/1803735 - I want one of those.

7 May 2009, 15:50 Security update for Visual Basic 6.0 SP6 "Microsoft has released an update for Visual Basic 6.0 Service Pack 6. The "cumulative" security update was needed as Microsoft has identified attacks on the security of Windows systems where Service Pack 6 of Visual Basic 6.0 is running. The Visual Basic 6.0 IDE is no longer supported, but the Visual Basic 6.0 Runtime Extended Files are supported by Microsoft for the life time of the current Windows operating systems." (djwm) Heise security - http://www.h-online.com/security/Security-...6--/news/113236

7 May 2009, 10:41 Google's Chrome browser vulnerable Google has released security update 1.0.154.64 for its Chrome browser, which is aimed at fixing two security vulnerabilities. The first of these is an error when processing bitmap data in the render process. By manipulating information on the number of pixels, it is apparently possible to overwrite memory. Attackers could exploit this to inject and execute code with the user's privileges. Since, according to Google, the data for this must originate from the render process itself, an attacker would have had to first manipulate this via anoth

7 May 2009, 15:39 F-Secure's anti-virus software fails with ZIP and RAR archives 'F-Secure has released updates for its anti-virus products which fix a ZIP and RAR archive scanning bug. Due to the bug, the software fails to detect malware within infected archives. This allows attackers to circumvent virus filters, in particular on gateways – the problem is less significant on clients, as malware will still be detected when it is unpacked from the infected archive. Affected versions are: F-Secure Anti-Virus for Microsoft Exchange 7.10 and earlier versions F-Secure Internet Gatekeeper for Windo

Nintendo Controller Helping Disabled Persons 7 May 2009, 4:27 pm Sometimes, what we understand as “simple” is not exactly the same way for everyone. Take the NES controller, for example. I'm pretty sure everyone has heard about it and at least 99 per cent of those of you reading my lines have used an NES controller or one similar to such a device (like Sony’s PlayStation 3 controller). And I'm pretty sure most of you are thinking about how easy those things are to control. Well, in the past, Nintendo decided to ... (read more) - Source: Softpedia Gadgets News - Global - http://gadgets.softped

Windows 7 RC's Flaw Puts Users at Risk Gregg Keizer, Computerworld Windows 7 Release Candidate (RC) continues a long-running Microsoft practice that puts users at risk, a security researcher said Wednesday. The new operating system's Windows Explorer file manager still misleads users about the true extension of a file, said Patrik Runald, chief research advisor at Helsinki-based F-Secure Corp. Rather than reveal the full extension for a filename, Windows Explorer hides the extension for known file types, giving hackers a way to disguise malware by using those file types' extensions and icons.

Waledac Turns to Cash and Vaccines by Jonell Baltazar (Advanced Threats Researcher) Riding on the ongoing global economic recession, Waledac updates its spam messages with email subjects related to earning a fortune through Google cash. Other spam email subjects we’ve seen so far: Be your own boss with Google Earn cash using Google today Google System that really works Make a fortune online Make thousands a month from home Start your home business today Use Google to earn extra cash As of this writing, the hyperlink found in the email body redirects to an advertising link which current

PandaLabs: Cybercriminals Creating Search Engines To Lure Victims Search engines lead users directly to pages designed to infect or defraud them, according to PandaLabs May 06, 2009 | 04:09 PM GLENDALE, Calif., May 6 /PRNewswire/ -- PandaLabs, Panda Security's malware analysis and detection laboratory, today announced that it has uncovered evidence that cyber-criminals are starting to create their own search engines and use them to lead users to malicious pages, often created for distributing malware. This new trend underlines how cyber-crime is becoming increasingly professional. Previousl

6 May 2009, 12:13 McAfee plugs hole in its own security certification page According to an old proverb 'The cobbler has the worst shoes'. It's now been reported that Secure, McAfee's security portal, has had poor shoes or rather poor security, because until recently it displayed a vulnerability to cross-site request forgery (CSRF). McAfee Secure is a service that lets clients use the Hacker Safe tool to check their sites or online shops for security vulnerabilities and for compliance with the PCI Data Security Standard, which is important for credit-card transactions. If the check shows site

May 6, 2009 3:52 PM PDT Cybercriminals use fake search engines to spread malware by Elinor Mills Cybercriminals have moved on from search engine optimization techniques and are now creating fake search sites designed solely to direct Web surfers to pages hosting malware, Panda Security warned on Wednesday. Previously, attackers resorted to sending e-mails with malicious code in attachments and with links to malicious Web sites and took measures to push those Web sites higher in search engine rankings. Now, they're also creating fake search engines that are showing up in Google search result

Intel Reportedly Plans Core i7 975 for Computex Launch Following the introduction of AMD's 3.2GHz Phenom II X4 955 in late April, Santa Clara, California-based Intel is also expected to unveil a new processor of its own, part of the chip maker's line of Nehalem-based Core i7 processors. The upcoming model will be clocked at an increased 3.33GHz and will be made available as the Core i7 975, designed to boost the performance enabled by the company's Core i7 965 processor. On that note, recent reports appear to indicate that Intel is planning to launch the 975 alongside another new Nehalem CPU,

Adobe to close Acrobat and Reader holes on May 12 "Adobe plans to release a security update for Adobe Reader and Acrobat on the 12th of May. The update will remove the recently announced critical buffer overflow in the JavaScript function getAnnots(). Attackers could prepare PDF documents which could crash either application and potentially allow them to take control of the affected system. The updates will be available for Windows versions 7.x, 8.x, 9.x and UNIX and Mac versions 8.x and 9.x of Adobe Reader and Acrobat. The update of the UNIX version will also close a second hole in the JavaS

McAfee Report: Bot Infections Jump 50 Percent Over Last Year Botnets have added nearly 12 million new IP addresses since January, with Conficker malware representing only around one percent of all infections May 05, 2009 | 10:15 AM By Kelly Jackson Higgins DarkReading "The number of bot-infected machines has jumped nearly 50 percent over last year, with the U.S. now home to the most zombies in the world, according to a new McAfee report released today. And the Conficker worm -- which grabbed mainstream media attention last month -- is not a major factor in the bot infection counts nor over

5 May 2009, 11:32 Vulnerability in libwmf graphics library "A critical vulnerability in the open source library libwmf has caused Linux distributors Red Hat and Canonical (Ubuntu), to publish updated packages. Libwmf is used to process Windows Metafile Format (WMF) images and is used by applications such as GIMP and ImageMagick. The cause of the problem is a "use-after-free" error in the function gdClipSetAdd in src/extra/gd/gd_clip.c in the GD graphics library embedded in the libwmf library. According to the reports, this could allow the execution of code hidden in images. The standalone GD

If your brain works normally this is neat. This is another example of an amazing illusion!!! The last sentence is so true. If your eyes follow the movement of the rotating pink dot, The dots will remain only one color, Pink. However if you stare at the black + in the center The moving dot turns to green. Now, concentrate on the black + in the center of the picture; After a short period, all the pink dots will slowly disappear, And you will only see only a single green dot rotating.It's amazing how our brain works. There really is no green dot, And the pink ones reall

A Chinese couple named Wong had a new baby.The nurse brings them over a lovely, healthy, bouncy, definitelyCaucasian, white baby boy! "Congratulations," says the nurse to the new parents. "What will you name the baby?" The puzzled father looks at his new baby boy and says.........."Well, two Wong's don't make a white, so I think we will name him Sum Ting Wong."

10+ reasons why people write viruses 4 May 2009, 6:25 pm Why do people write viruses and other mobile malicious code? The answer isn’t as simple as it used to be. Here are some possible motives suggested by security expert Chad Perrin and several TechRepublic members. The image of virus writers as intelligent kids with too much time on their hands resorting to digital vandalism to entertain themselves persists. Years ago, making such a guess about why people write viruses might have been accurate most of the time, but the world has moved on. The writers of viruses and other mobile malicious co

4 May 2009, 15:14 Study says silent updates enhance security Updating browsers without first asking users is apparently the most successful way of ensuring wide distribution for the latest version – thus minimising the number of vulnerable browsers. A joint study by Google Switzerland and the ETH (Swiss Federal Institute of Technology) in Zurich concludes that, if an update requires too much user interaction or effort, users will either abort the process or fail even to run it. Updating Opera requires a manual download and the subsequent installation involves several dialogues, so only 24 per

4 May 2009, 10:20 Security Update for Adobe Flash Media Server Adobe have issued a security bulletin referring to a vulnerability in Flash Media Server. Adobe says that the problem could allow an attacker to execute remote procedure calls (RPC) within a server side ActionScript file running on the server. The issue affects both Windows and Linux versions of the Flash Media Streaming Server 3.5.1 and Flash Media Interactive Server 3.5.1 and earlier versions. The company classifies the problem as important, and recommends that users update to version 3.5.2 or 3.0.4. Heise security - http://www

Koobface Tries CAPTCHA Breaking by Joey Costoya (Advanced Threats Researcher) Early this week, we’ve encountered a new Koobface spam campaign which involved links that eventually led users to this Youtube copycat web page. The scheme uses the old flash player trick (see Figure 1) where the user is told that they need to download the latest version of Adobe Flash Player to view a certain video. In this case, the Flash Player in the page is an actual Flash .SWF file, which will redirect users to a file named setup.exe detected by Trend Micro as TROJ_KOOBFACE.DU through the Smart Protection Netw

IBM Tivoli Storage Manager Multiple Vulnerabilities MODERATELY CRITICAL "Some vulnerabilities have been reported in in IBM Tivoli Storage Manager (TSM), which can be exploited by malicious people to bypass certain security restrictions or compromise a vulnerable system. 1) A vulnerability is caused due to a boundary error in the IBM Tivoli Storage Manager Agent Client (dsmagent.exe) in a generic string handling function. This can be exploited to cause a stack-based buffer overflow via a string longer than 1025 characters contained in a specially crafted request packet. 2) A vulnerability is ca