Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

New worm crawling trough blogs?!

from [blog . worm] Network Security [Permanent Link]
Subject: New worm crawling trough blogs?!
Date: 27 Jan 2006 11:49:23 -0000 
I spotted it on Christopher Boyd's Vital Security blog. Chris is a Microsoft 
security MVP and security research manager at FaceTime, an instant messaging 
security company. However, this worm appears to have spread much further and 
has slithered around the world.

The worm is actually an animated GIF image. Bloggers all over have embedded it 
in their blogs and link to the creator's Web site.To infect your blog, you have 
to copy and paste a piece of HTML code into your blog.

http://www.moox.nl/blogworm/

This is funny, but on the flipside, however, there could be some security 
implications if the hoster of this "worm" decided to upload a malicious image 
that took control of the PC's that visit sites that show it. (Or if the 
hoster's site was hacked.)

"There are no malicious plans with the blog worm," said Robin Schuil, its 
creator, in an e-mail. "However, it is a self mutating worm. From day to day it 
will say different things."

Still, as a precaution, we're hosting Thursday's version of the worm on our own 
servers. If you want to see it mutate, you will have to go to Robin's page. 

Source: http://news.com.com/2061-10789_3-6031795.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • New worm crawling trough blogs?!, blog . worm <=
Previous by Date:  Re: Winamp 5.12 - 0day exploit - code execution through playlist, Chris Wysopal
Next by Date:  Re: [Full-disclosure] ashnews Cross-Site Scripting Vulnerability, Dan B UK
Previous by Thread:  [ MDKSA-2006:026 ] - Updated bzip2 packages fix bzgrep vulnerabilities, security
Next by Thread:  [ MDKSA-2006:027 ] - Updated gzip packages fix zgrep vulnerabilities, security
Indexes:  [Date] [Thread] [Top] [All Lists]