papamike writes:  

I spent a whole bunch of years as a Network Engineer (retired PhD). And in all of that time one thing I pushed was strong passwords.

I violated my own goldplated rule and allowed one of the people I host to have a 'weak' password because of his physical condition.

Now today I'm paying the price for violating my rule in the number of hours spent weeding out implanted code within php and html files scattered all over the site in question.

Please, for your own sake, keep the passwords strong and don't give them out to anyone. Your friend today just could be your enemy tomorrow.

southern writes:  

BackTrack is a Live Linux distribution based on SLAX that is focused purely on penetration testing. Distributed by remote-exploit.org, BackTrack is the successor to Auditor. It comes prepackaged with security tools including network analyzers, password crackers, wireless tools and fuzzers. Although originally designed to Boot from a CD or DVD, BackTrack contains USB installation scripts that make portable installation to a USB device a snap.

pendrivelinux

floppydrivez writes:  

Clan Themes has finally released a new version of Clan Roster.

Whats New?
Multiple Games Added
Multiple Member Images (4 total)
Simplified User Interface
Added a Division system
Added a Clan Tag system
Switched to a template system for ease of use and customization.
Per-Domain Licensing System
Auto-Status Mod
Ribbon / Award Forum Intergration
Scrolling-side block

Fixed all the errors from 1.7
Tested on the latest versions of RavenNuke, Evolution, and Platinum. Read More...

Websense® Security Labs has been tracking a recent development of the malicious JavaScript injection that compromised thousands of domains at the start of this month, just 2-3 weeks ago. The attackers have now switched over to a new domain as their hub for hosting the malicious payload in this attack. We have no doubt that the two attacks are related as our brief analysis in our blog will detail. In the last few hours we have seen the number of compromised sites increase by a factor of ten.

This mass injection is remarkably similar to the attack we saw earlier this month. When a user browses to a compromised site, the injected JavaScript loads a file named 1.js which is hosted on http://www.nihao[removed].com The JavaScript code then redirects the user to 1.htm (also hosted on the same server). Once loaded, the file attempts 8 different exploits (the attack last April utilised 12). The exploits target Microsoft applications, specifically browsers not patched against the VML exploit MS07-004 as well as other applications. Ominously files named McAfee.htm and Yahoo.php are also called by 1.htm but are no longer active at the time of writing.

There are further similarities too between the two mass attacks. Resident on the latest malicious domain is a tool used in the execution of the attack. An analysis of that tool can be found in the ISC diary entry here. Mentioned in that diary entry is http://www.2117[removed].net. Our blog on that attack can be found here. It appears that same tool was used to orchestrate this attack too.

The number of sites affected is in the hundreds of thousands. Casualties of the previous attack include various US news web sites, a major Israeli shopping portal, and numerous travel sites.

Websense® security customers are protected from this attack.

SECUNIA ADVISORY ID: SA29852

VERIFY ADVISORY: http://secunia.com/advisories/29852/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE:
OpenOffice.org 2.x http://secunia.com/product/6157/
OpenOffice 1.1.x http://secunia.com/product/302/
OpenOffice 1.0.x http://secunia.com/product/303/

DESCRIPTION: Some vulnerabilities have been reported in OpenOffice, which can be exploited by malicious people to potentially compromise a user's system. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in versions prior to 2.4.  Read More...

SECUNIA ADVISORY ID: SA29846

VERIFY ADVISORY: http://secunia.com/advisories/29846/

CRITICAL: Highly critical

IMPACT: Cross Site Scripting, DoS, System access

SOFTWARE:
Safari 3.x http://secunia.com/product/17989/
Safari for Windows 3.x http://secunia.com/product/17978/

DESCRIPTION: Some vulnerabilities have been reported in Safari, which can be exploited by malicious people to conduct cross-site scripting attacks or potentially to compromise a user's system. Successful exploitation may allow execution of arbitrary code e.g. when a user visits a malicious web page. The vulnerabilities are reported in versions prior to 3.1.1.
 Read More...