601

oh, I see you found 70 millions more ;D

602

Hi malware fighters,

Most online applications are full of holes and in the" virus and worms" section of the forums we will find the results in the form of number of sites reported to be hacked.

Using Blind Elephant to test - 100 % of phpBB forum software installations were found to be vulnerable to attacks. For other software the results were: Mediawiki (95%), Joomla! (92%), MovableType (91%), phpMyAdmin (85%), Moodle (74%), Drupal (70%) en SPIP (65%), and these results are not much better than with first mentioned software. Only Wordpress has a by far cleaner slate with only 4% versions with holes in it. Reason for this success are easy updating routines.

Blind Elephant can be found here: http://blindelephant.sourceforge.net/

pol

603

Critical vulnerabilities in TYPO3
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012
asyn

604

Hi malware fighters,

OpenDNS improperty hole: http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0412.html
Install NoScript to be better protected at the router level,

polonus

605

Android rootkit demonstrated
http://www.h-online.com/security/news/item/Android-rootkit-demonstrated-1049183.html
asyn

606

Some more info on BEā€¦
asyn

Blind Elephant paper here:
https://community.qualys.com/servlet/JiveServlet/downloadBody/1351-102-3-1577/BlindElephant_WebApp_Fingerprinting.pdf

Presentation @ BlackHat here:
https://community.qualys.com/servlet/JiveServlet/previewBody/1401-102-1-1629/BlindElephant%20-%20BlackHatUSA2010%20-%20Community.pdf

607

Hacker shows how he can intercept cell phone calls
http://mobile.venturebeat.com/2010/07/31/hacker-shows-how-he-can-intercept-cell-phone-calls-for-1500/

608

Some info already posted here: :wink:
http://forum.avast.com/index.php?topic=62445.0
asyn

609

Critical hole in Adobe Reader
http://www.h-online.com/security/news/item/Critical-hole-in-Adobe-Reader-and-nobody-wants-to-know-1050622.html
asyn

610

Cisco security products vulnerable to DoS
http://www.cisco.com/warp/public/707/cisco-sa-20100804-fwsm.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20100804-asa.shtml
asyn

611

Microsoft Security Bulletin Advance Notification for August 2010

http://www.microsoft.com/technet/security/Bulletin/ms10-aug.mspx

Looks like thereā€™s going to be a bunch of updates.

612

Hi malware fighters,

Keep an eye on this list of known attack list: http://site-scanner.com/News/kasl.php

polonus

613

Nah, only 7 Critical and 3 Important updates, nothing on dial-up, I should have those downloaded before the next patch Tuesday ;D

614

No patch for serious vulnerability in Windows XP SP2 - ever
http://www.norman.com/security_center/blog/per_olav_forland/91402/en

615

Hey David, Maybe it would be faster for MS to mail you the patches on DVD. :smiley:

616

Donā€™t feel bad David. I had to do them on 2 PCā€™s with dial-up. Talk about having a very long night and day!

617

Adobe expects to make these updates available during the week of August 16, 2010.
http://www.adobe.com/support/security/bulletins/apsb10-17.html
asyn

618

I donā€™t feel bad about it, if anything dial-up teaches you all about patience.

Or as the Vulture said, ā€œPatience my ass Iā€™m gonna kill something.ā€

619

Patienceā€¦I pay my bills, I can write an story, clean, and yesā€¦think about killing the machines on dial-up! Iā€™m glad we see eye to eye on this. ;D

620

Shiny Old VxWorks Vulnerabilities
VxWorks flaws allow access to numerous network devices
http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html
asyn