dcsimg

Search:

Type: Posts; User: omalakai; Keyword(s):

Page 1 of 2 1 2

Search: Search took 0.05 seconds.

  1. Replies
    22
    Views
    5,130

    Another site where you can go to not get malware,...

    Another site where you can go to not get malware, but to get videos of the malware being installed, is the site of Ben Edelman. He's got some videos of this exact same thing: going to a web site and...
  2. Replies
    11
    Views
    2,906

    Bropha.K

    On the blog from F-Secure, their latest post mentions a new version of this one, called Bropha.K that came out Sunday.
    The link to their blog for a little more info is here.
  3. Replies
    15
    Views
    1,826

    W32.Spybot.Worm

    For me, Symantec came up and listed it as W32.Spybot.Worm. Maybe it's a new version???
  4. Thread: Win XP SP2

    by omalakai
    Replies
    11
    Views
    2,463

    XP SP2 RC1 Available

    Service Pack 2 Release Candidate 1 for Win XP is out. Info and to download it is here:
    http://www.microsoft.com/technet/prodtechnol/winxppro/sp2preview.mspx
  5. Replies
    14
    Views
    2,759

    IE Exploit Found Using Windows Source Code

    A proof-of-concept for a new IE exploit has been released. The person who found the problem used the relently leaked Windows source code to find this. You can see it here
    It is a Bitmap file with a...
  6. Replies
    29
    Views
    2,825

    SCO.COM has removed their WWW A record from DNS...

    SCO.COM has removed their WWW A record from DNS to stop the onslaught. Take a look at this article, just posted, on Netcraft:...
  7. On vacation

    It looks like the guy who makes CWShredder at Merijn.org has been on vacation from Jan 9 to Jan 19. So, that is probably why it does not take care of this new version.
    But he is back tomorrow, I...
  8. Replies
    2
    Views
    1,256

    Well, here...

    Well, here is Symantec's write up of this one. It lists the REgistry key in the Run portion this spam relay trojan sets up.
    Check it out.
  9. Replies
    14
    Views
    2,653

    I will take a stab at this. First, NMAP is...

    I will take a stab at this.

    First, NMAP is now on version 3.48, so running this older version could impact the OS detection. Version 3.00 has a datestamp of July 28, 2002. So, right there, I do...
  10. Replies
    12
    Views
    1,426

    New built-in popup blocker in IE?

    The article is here.
  11. Replies
    46
    Views
    3,509

    Here is my most embarrassing story. It is not...

    Here is my most embarrassing story. It is not very security related, but it is fun!
    I once worked at a small long-distance phone company as a junior IT tech guy. One day, there was a power blackout...
  12. Replies
    24
    Views
    2,666

    thanks

    TH13, thanks for the warning.
    I've already talked to my company's security officer, and we are gonna send out an alert on this. We have had 4 offices that had Welchia outbreaks, and I know some...
  13. Replies
    10
    Views
    1,331

    Command.com

    Oh, you already reinstalled? Rats!
    For future reference, here is one trick you can use. When the Default value for HKEY_CLASSES_ROOT\exefile\shell\open\command gets changed, thereby preventing any...
  14. Replies
    6
    Views
    1,845

    yes

    Yes, Yahoo! Inc. has registered both of those domains, in addition to their real one. Here is the registrant info:

    Registrant:
    Yahoo! Inc.
    (DOM-269234)
    701 First Avenue Sunnyvale
    CA
    ...
  15. Thread: Net Send

    by omalakai
    Replies
    25
    Views
    4,504

    In Event Viewer

    Open up the Event Viewer on any Windows NT/2K/XP/2K3 machine.
    Select the System log.
    The Event ID number for Net Send messages is #26, from the "Application Popup" source.
    And you will see 1 popup...
  16. Replies
    18
    Views
    2,958

    Hopefully, this information will not be abused in...

    Hopefully, this information will not be abused in any way.

    The K-Otik French security site has the exploit code. There are also compiled versions of the code bouncing around.
  17. Replies
    5
    Views
    2,829

    There are cleaning tapes

    I have been working with Tivoli Storage Manager running on Win2K for almost 2 years now. 1 year ago, we migrated from a IBM Magstar 3570 tape library (which is really a dinosaur!) to the IBM 3584...
  18. Thread: Ms03-39

    by omalakai
    Replies
    15
    Views
    2,070

    Also patching

    I started patching some "non-critical" machines last night. I checked their Event Viewer logs after the reboot, and there was nothing abnormal. Full functionality was available. I ran this on an IIS...
  19. Thread: Ms03-39

    by omalakai
    Replies
    15
    Views
    2,070

    New scan tool

    CXGJarrod, you posted:



    The Technet article on this one says that this situation is true, that scanners that scan for MS03-026 will not detect it being patched if you have this new patch only...
  20. Replies
    14
    Views
    1,820

    winpup32.exe

    There is a virus that is farily recent called WINPUP32.EXE that your friend might have.
    It can load a trojan file on the target system. I had a user who had a problem with this.
  21. I had patched about 30 servers for this the last...

    I had patched about 30 servers for this the last week in July. Due to the firewall settings and the patches, I have not had any problems at work.

    But from a personal level, 9 people so far have...
  22. Replies
    27
    Views
    1,839

    Automatic Updates already can be auto

    Win2K SP3 added the new Automatic Updates process that ships with XP.
    With this version, you can currently set it to "Automatically download the updates, and install them on the schedule that I...
  23. Replies
    19
    Views
    1,991

    Event log errors?

    Is there anything in the Event Viewer logs that relates to the failed install of these apps? You could post what the logs say.
  24. Thread: Nachi Worm

    by omalakai
    Replies
    22
    Views
    2,595

    Cat 4 now

    Symantec just upgraded W32.Welchia.Worm to a Category 4 "Due to an increase in submissions."

    It exploits RPC/DCOM over port 135. Plus, the new twist to this one that I think warrants a brief...
  25. Replies
    1
    Views
    856

    What is your problem????

    What is wrong with you that you have to post these meaningless statments that do nothing but demean the work we are trying to do here. This new Msblaster.EXE RPC worm is flying everywhere causing...
Results 1 to 25 of 48
Page 1 of 2 1 2