Information Security Bulletin

Apple Video iPods shipped With Windows Virus

18 Oct 12:22

On their web site Apple Computers warn that a small number of iPods available for purchase after September 12 have been shipped with a virus on board. The virus only affect users connecting their iPod to a Windows computer.

Myspace Music Fan Phishing Fraud

13 Oct 01:36

Many readers have probably experienced, and now Sophos has warned of, an aggressively distributed spam campaign that uses the name of the popular MySpace social networking site in an attempt to phish information from music lovers. The emails have been spammed out to hundreds of thousands of computer users around the globe in the last week, luring them into clicking on links to a website posing as an online music store.

New Day Zero Exploits PowerPoint Vulnerability

29 Sep 11:49

As Microsoft issued an out-of-cycle patch for the much discussed VML vulnerability a new vulnerability in PowerPoint is being exploited in what looks like targeted attacks.

Microsoft Issues Critical VML Patch Out of Synch

27 Sep 11:49

A patch fixing a recently exploited vulnerability in the company's implementation of the Vector Markup Language, which could lead to complete system compromise, has been issued between normal updates. It should be applied immediately.

Beware of Yahoo! Greeting Cards

26 Sep 11:20

A new phishing scam using a fake greeting card notification message lures users to spoofed site that contains a Trojan. This is one of several scams implementing VML IE exploits.

New Stration Worm Version Spreads Quickly

25 Sep 01:01

The Stratio-AN worm has been aggressively distributed by its author since the early hours of Monday morning (September 25th).

New IE Attack Code Posted on Xsec

18 Sep 05:30

A cracker has discovered another new vulnerability in IE 6 and posted sample exploit code.

Serious AOL ICQ IM Client Vulnerabilities

09 Sep 12:51

Core Security Technologies has released an advisory describing a serious vulnerability in older version of this client software. If exploited, the vulnerability can lead to full system compromise. Users should urgently upgrade to the latest version of the software though they will lose this 'classical look'.

New Zero-Day in MS Office 2000

07 Sep 11:30

On their web site Symantec has reported a new zero day exploit in Word 2000 running under Windows 2000.

ALERT: Microsoft Security Bulletin Scam

29 Aug 11:37

Websense Security Labs has received reports of a new wave of email scams disguised as Microsoft Security Bulletins. Users receive an email message which urges the immediate installation of a cumulative security patch for the "plug and play" vulnerability. Although the Microsoft patch number is similar to a previous alert issued in June, the website and the code that gets downloaded and installed are different.

Next 10 articles

Search ISB News:

Not yet sure you want to subscribe? Download a free sample copy!

Download the much quoted October Editorial

Portal Frontpage
Web Editorial
About This Portal
Contact Info

IS Alerts •
General News
Product News
Vendor News
People News
Literature
Events
CHI News

Subscribe Online
About ISB
Publishing in ISB
Advertising in ISB
PR Information

In the current issue:

Security Management
The Importance of Adaptability
Steve Purser

From the Trenches
Reversing Perimeter Defences – a Case Study
Søren Maigaard

Security Architectures
The Self Defending Network: New Trends In ICT Security Infrastructures
Drs. Ing. René Pluis

Subscribe Online!