An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows.
"Flame" is the name of a newly-identified malware program which utilizes a previously unknown MD5 collision attack to successfully spoof Microsoft Terminal Services, and install itself as a trusted program using Windows Update, Microsoft has confirmed. The program appears to have targeted computers in the Middle East, and specifically Iran; analysts have alleged it is likely created by the same entity that designed Stuxnet. Flame has been live and actively spying since 2010, but went undetected until recently, due to sophisticated anti-detection measures. [more inside]
A year after the infrastructure-attacking Stuxnet worm was discovered in Iran, a new piece of malware using some of the same techniques (but apparently with different goals) has been found infecting systems in Europe. The new malware, dubbed “Duqu” [dü-kyü], appears to have been written by someone with direct access to the Stuxnet source code.
The dry, technical language of Microsoft's October update did not indicate anything particularly untoward.
Its reach is impossible to measure precisely, but more than 3 million vulnerable machines may ultimately have been infected. : The inside story on the Conficker Worm at New Scientist.
If Bruce Schneier, the expert voice of security moderation, is "worried" than so am I. Since the beginning of the year Storm, an advanced, distributed worm network has been growing quietly as its authors tweak its social engineering attack. Now it seems that it is in place and waiting. Schneier's article. Digital Intelligence and Strategic Operations Group has been monitoring Storm for a year. OWL.
New Phase for Sobig.f Expected to Hit Friday. Any . . . minute . . . now. . .
Microsoft = Megatarget. A new worm is rapidly spreading across the Internet, functioning like a massive DDOS attack and crippling ISPs in South Korea. It's host? Microsoft SQL server. (Get yor fix on, then reboot!) What impact will it have over here, I wonder...
Gartner Group recommends that IIS users look elsewhere for a better web server.
New worm doing the rounds. Great.
Seeing weird things in your website logs today? This will explain it... Running IIS and haven't patched it in over a month? Go here. 13,000 servers have already been affected.