You may find the full report and a video summary of the findings at: http://www.websense.com/threatreport
View the details of this alert at: Websense Alert 3475

Today, Websense released its biannual "State of the Internet" report, a deep dive into the most significant threats on the Internet during the first half of 2009.

Today, most threats to information security are leading to the Web -- either using the Internet as the attack vector, or simply the route through which stolen, confidential data is transmitted. Key findings from the Websense report include:

Websense Security Labs identified a 233 percent growth in the number of malicious sites in the last six months and a 671 percent growth over the last year.

* In the first half of 2009, 77 percent of Web sites with malicious code were legitimate sites that have been compromised. This high percentage was maintained over the past six months in part due to widespread attacks including Gumblar, Beladen and Nine Ball which aimed at compromising trusted Web properties with massive injection campaigns. Read More...

RavenNuke(tm) v2.40.00

On behalf of the RavenNuke(tm) Team I am excited and proud to announce the release of Raven CMS version 2.40.00. There way too many enhancements and changes to list them here. Please read the Change Log for specifics.

One very important announcement is the release of our new Wiki! While it does contain most all of the data that was formally contained in the HowToInstall section, it is very much a work in process. For the time being we are limiting editing to the RN Team and/or by invitation only. Once we stabilize a bit more it will be opened up Smile. Please bear with us during this transition time Smile. Access the Wiki at Raven CMS Wiki

Also, please note that we are releasing v2.40.00 as a series of Release Candidates beginning with RC1. We are doing this for several reasons. Most importantly it allows us to release our version a little sooner as we are still tweaking/adjusting some areas for conformity.

We have added some new themes and converted some old ones. We are still working on some of them.

In any event, please have fun, read the Wiki documentation, and try to find solutions before posting issues Smile

Raven Web Services LLC

SECUNIA ADVISORY ID: SA36671

CRITICAL: Highly Critical

VERIFY ADVISORY: http://secunia.com/advisories/36671/

DESCRIPTION: Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, or compromise a vulnerable system.
 Read More...

nuken writes:  

I have 2 new downloads for the RavenNuke (tm) community. The first is an improved Twitter center block which features better javascript handling and quicker load time. The second is a new CSS based theme Blue Blog. Both downloads are XHTML 1.0 compliant and tested on Firefox 3 and IE 8.

Click to view them in action
Click to download the theme
Click to download the block

Note: 

That's a very nice theme!

papamike writes:  

I have revamped my website and now I'm running all RavenNuke(tm). Before I ran a combination of various open source software all running together. I still design those types of websites just not mine.

I will be releasing my newest theme in a week or so but I will keep it to myself until I release it.

If you drop by you will find all of my RN themes in the downloads area and if you had registered at my site before you will need to register again because I ran phpBB3 before now I have pnpBB2.

Anyway, stop by and say hello.

Take Care,

Mike

Posted by Ryan Naraine @ 1:26 pm, September 8th, 2009
(Ryan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.)

[ UPDATE: Microsoft has now confirmed this vulnerability and warns of code execution risk ]
Exploit code for a remote reboot flaw in Microsoft’s implementation of the SMB2 protocol has been posted on the internet, exposing users of Windows 7 and Windows Vista to the teardrop attacks that used to be popular on Windows 3.1 and Windows 95. The demo code, published on the Full Disclosure mailing list, allows an attacker to remotely crash any Windows 7 or Windows Vista machine with SMB enabled. No user action is required.

From the advisory: SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionality. The NEGOTIATE PROTOCOL REQUEST is the first SMB query a client send to a SMB server, and it’s used to identify the SMB dialect that will be used for further communication.

The researcher who discovered the issue said Windows 2000 and Windows XP are not affected because they do not have the vulnerable driver.

The exploit has been added to the Metasploit point-and-click attack tool. Metasploit’s HD Moore believes the bug was introduced with Windows Vista SP1.

The folks at The H Online got the exploit to fire on Windows Vista but could not replicate the issue on Windows 7. In the absence of a patch from Microsoft, they suggest closing the SMB ports by un-ticking the boxes for file and printer access in the firewall settings.