iDEFENSE has reported a vulnerability in Adobe Acrobat Reader, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to a boundary error in the “mailListIsPdf()” function when checking input files. This can be exploited to cause a buffer overflow by e.g. sending an e-mail with a malicious PDF document attached or a link to one. Successful exploitation allows execution of arbitrary code.
Read more…
Singapore – Companies in Singapore sending e-mail advertisements will have to tag their messages with an “ADV” label and allow e-mail users to unsubscribe from the messages starting next Friday. Under the new law aimed at curtailing unsolicited commercial electronic messages, those who continue to send spam to people who have opted out will face penalties of 25 Singapore dollars (16 US dollars) for each message, up to a total of 1 million Singapore dollars (658,000 US dollars).
Read more…
NEW YORK – In Cambridge, Mass., not too far from the Charles River, which cuts near Harvard and M.I.T., David Pearson is attempting to build an un-hackable network. Pearson is a division scientist at BBN Technologies, a private research company in Cambridge, Mass., which is most famous for building, in 1969, the first few nodes of a computer network connecting its headquarters to Harvard University and Boston University that over time would evolve into the Internet. Now the firm has built a network it says is impervious to hackers.
Read more…
Symantec has released a free public beta of Norton AntiBot, which uses behaviour analysis to detect malware. The software is based on existing technology from Sana Security, with a few minor additions from Symantec’s SONAR behavioural scanning technology that is now included in Norton products.
Read more…
A Chilean gay rights group claims its Web site was hacked by a Chilean skinhead group. Calling itself the Skinheads from Pitana, the supremacy group allegedly removed from the gay right’s Web site a banner featuring actors supporting the group known as the Movement for Homosexual Integration and Freedom, or MOVILH, the Santiago Times reported Wednesday. In its place, the hackers pasted a large picture of skinheads.
Read more…
Robert Alan Soloway, described as one of the world’s most prolific spammers, was arrested Wednesday. Despite the arrest, millions of junk e-mails continued to surface the mailboxes. He was once on a top 10 list of spammers kept by The Spamhaus Project, an international anti-spam organization. Others have since topped him, mostly based in Russia and other countries out of reach of U.S. or European law.
Read more…
IronPort Systems has announced the introduction of the IronPort X1050 e-mail security appliance. The IronPort X1050 offers a significant increase in performance, scanning more than 2.5 million messages per hour. This is 400% more processing power than IronPortâs previous generation of carrier-class appliances, the IronPort X1000, and as much as 10 times the performance of competing systems.
Read more…
An email apparently sent by Marks & Spencer, offering ÂŁ100-worth of vouchers if you forward it on to friends, is a hoax. The email asks you to send it on to at least eight other people, while copying in a legitimate email address from Persimmon Homes, which it also says is involved with the offer. Both Marks & Spencer and Persimmon Homes have denied any involvement but there is a worry that people who benefited from a Threshers voucher, which circulated mistakenly before Christmas last year, will believe it to be genuine and pass it on.
Read more…
MICROSOFT IS showing all comers how to hack into its Internet Information Server and is not giving any hints how to work around the problem. The Vole says an exploit, which was discovered on December 15, 2006, and made public at the end of May, is actually a feature. Apparently versions 5.x allow bypass of basic authentication by using the “hit highlight” feature. The hit-highlighting feature can be used by an unauthorised user to nick documents.
Read more…
One of the most popular mail solutions on the Internet, Google’s Gmail, was again affected by a vulnerability that can permit an attacker to view or delete some of the messages stored into an account. The Mountain View company’s employees were quite quick in fixing the flaw and managed to repair it in a few hours since it was reported. Basically, the vulnerability could be exploited through a malicious page that provided the attacker the access to the Gmail account. As The Hacker Webzine reports, it is extremely dangerous because the giant Google keeps all its web-based services such as Calendar, AdWords and Gmail on the same sign-on technology. Using a simple vulnerability discovered in the mail solution, the hacker would be able to access all these services.
Read more…