Hackers send flood of bogus Microsoft updates
Grok Headline matches for Hackers send flood of bogus Microsoft updates
Peep Trojan Hackers Send E-Mail Via
China
Peep Trojan Hackers Send E-Mail Via
China
06/21/2004 04:27 AMHankooki Jun 21 2004 8:48AM GMT
Microsoft tests blocking of bogus
Windows
Microsoft tests blocking of bogus
Windows
09/23/2004 09:21 PMiTnews Sep 24 2004 0:49AM GMT
Microsoft issues flood of critical
patches
Microsoft issues flood of critical
patches
04/13/2004 06:18 PMMicrosoft Corp. on Tuesday released a flood of information on new and
previously disclosed holes in a wide range of software products, many
of them rated "critical" and well-suited to use by malicious hackers
or computer virus writers, according to one security expert.
5 years ago... Fake Microsoft Office CDs
flood UK market
5 years ago... Fake Microsoft Office CDs
flood UK market
12/17/2003 08:27 AMSilicon.com Dec 17 2003 7:48AM ET
Microsoft, Yahoo send search signals
Microsoft, Yahoo send search signals
05/28/2004 10:51 AMZDNet May 28 2004 2:59PM GMT
plz send me driver of UMax DC AstraPix
380...plz send urgent!!!!
plz send me driver of UMax DC AstraPix
380...plz send urgent!!!!
07/11/2004 03:07 PMTechTree Jul 11 2004 5:49PM GMT
Microsoft asks for help from hackers
Microsoft asks for help from hackers
06/17/2005 03:58 PM“The random chatter of several hundred Microsoft engineers
filled the cavernous executive briefing center recently at the
company’s sprawling campus outside Seattle. Within minutes after
their meeting was convened, however, the hall became hushed. Hackers
had successfully lured a Windows laptop onto a malicious wireless
network. “It was just silent,” said Stephen Toulouse, a
program manager in Microsoft’s security unit. “You
couldn’t hear anybody breathe.” ” [Continue reading
Microsoft asks for help from hackers]…
Direct and Related Links for
'Microsoft asks for help from hackers'
SQL Script: Using Net Send To Send A
User A Message
SQL Script: Using Net Send To Send A
User A Message
06/20/2004 08:21 AMMicrosoft To Offer Bounty On Hackers
Microsoft To Offer Bounty On Hackers
11/05/2003 08:37 AMMicrosoft to offer bounty on hackers
Microsoft to offer bounty on hackers
11/04/2003 07:07 PMCNET Nov 4 2003 6:28PM ET
Microsoft races to deter hackers
Microsoft races to deter hackers
06/13/2004 01:29 PMThe software giant faces a new threat from hackers that may give
criminals access to computers, paper says.
Microsoft Patches Ward Off Hackers
Microsoft Patches Ward Off Hackers
04/14/2004 10:22 AMAP via ABCNEWS.com Apr 14 2004 2:09PM GMT
Microsoft to Hackers: Drop That Code!
Microsoft to Hackers: Drop That Code!
02/17/2004 10:28 PMThe company on Tuesday issued e-mails warning curious programmers to
destroy downloaded stolen Windows source code that was posted on the
Internet.
Microsoft issues a bounty for hackers
Microsoft issues a bounty for hackers
11/06/2003 11:54 PMTaipei Times Online Nov 6 2003 11:11PM ET
IE Bug Might Let Hackers Use Spoof
Sites: Microsoft
IE Bug Might Let Hackers Use Spoof
Sites: Microsoft
12/11/2003 08:32 PMAVN Online Dec 11 2003 7:10PM ET
Microsoft offers bounty on hackers
Microsoft offers bounty on hackers
11/05/2003 01:23 PMMSNBC Nov 5 2003 12:01PM ET
Microsoft puts bounty of $250,000 on
hackers
Microsoft puts bounty of $250,000 on
hackers
11/06/2003 06:28 AMIHT Nov 6 2003 5:51AM ET
Hackers take advantage of Microsoft ASN
flaw
Hackers take advantage of Microsoft ASN
flaw
02/17/2004 05:13 PMHackers have already found a way to take advantage of a critical
security hole disclosed by Microsoft Corp. last week.
Does Microsoft Show Hackers How To
Attack?
Does Microsoft Show Hackers How To
Attack?
07/19/2004 04:32 PMWebProNews Jul 19 2004 8:12PM GMT
Wanted Alive: Microsoft Hackers
Wanted Alive: Microsoft Hackers
11/05/2003 06:03 PMMotley Fool Nov 5 2003 4:27PM ET
Keystroke loggers must send Microsoft
back to firewall drawing board
Keystroke loggers must send Microsoft
back to firewall drawing board
07/02/2004 09:36 AMActually, if you're a paranoid Windows user like me, then you're
checking Windows Update every day. Because of how aggressively I
patch, and because virtually all the headline grabbers have taken
advantage of unpatched systems, most of the news wasn't scaring me to
death--until this week's reports of two keystroke loggers; one that
neither Internet Explorer nor the best anti-virus defenses were
well-prepared for, and another for which a client-side patch existed
but was alarming in the way it targeted bank accounts.
Hackers Sniffing For Vulnerable
Microsoft Servers
Hackers Sniffing For Vulnerable
Microsoft Servers
01/05/2005 06:53 PMA vulnerability within Microsoft's WINS (Windows Internet Naming
Service), a component of popular server software such as Windows
Server 2003, has been heavily exploited since the last day of 2004.
A vulnerability within Microsoft's WINS (Windows Internet Naming
Service), a component of popular server software such as Windows
Server 2003, has been heavily exploited since the last day of 2004,
several security organizations reported Tuesday.
Microsoft to offer bounty for
information on hackers
Microsoft to offer bounty for
information on hackers
11/04/2003 11:39 PMChina Daily Nov 4 2003 11:15PM ET
Leader: Microsoft gets among the hackers
and fights dirty
Leader: Microsoft gets among the hackers
and fights dirty
11/05/2003 09:49 AMSilicon.com Nov 5 2003 8:57AM ET
Microsoft confident XP update will
baffle hackers
Microsoft confident XP update will
baffle hackers
09/15/2004 02:59 PMTelegraph Sep 15 2004 6:51PM GMT
Quickfire hackers exploit Microsoft
vulnerability
Quickfire hackers exploit Microsoft
vulnerability
02/17/2004 10:26 PMComputer Weekly Feb 18 2004 2:09AM GMT
SMS-Mailbox Launched by SMSCountry: Send
receive SMS Text messages from Microsoft
Outlook
SMS-Mailbox Launched by SMSCountry: Send
receive SMS Text messages from Microsoft
Outlook
04/07/2005 03:26 AM24-7PressRelease.com Apr 7 2005 7:29AM GMT
Microsoft 64 Updates
Microsoft 64 Updates
05/10/2004 01:26 AMAMD Zone May 10 2004 5:37AM GMT
Microsoft Updates Tablet PC OS
Microsoft Updates Tablet PC OS
08/27/2004 02:03 PMAmong the input improvements is an in-place pen input panel that opens
directly below an input area such as a text input box. In addition,
the updated operating system has real-time handwriting recognition in
which the user can preview the text conversion before placing it into
a document. By Mobile Pipeline (via MyAppleMenu)
Microsoft Updates MSN Messenger for Mac
Microsoft Updates MSN Messenger for Mac
05/05/2004 08:19 AMVersion 4.0 of the instant-messaging client adds greater integration
into the upcoming Office 2004 for Mac, which is set to ship this
month.
Microsoft Updates Works
Microsoft Updates Works
08/16/2004 10:35 AMFirst there were throwback jerseys, then throwback car designs. Now
there's throwback software: Microsoft has announced Version 8 of its
Works application suite will become available later in August.
2 New Windows XP Updates from Microsoft
2 New Windows XP Updates from Microsoft
03/16/2003 04:23 AMMicrosoft Updates Roundup
Microsoft Updates Roundup
04/04/2005 06:08 AMMicrosoft updates Virtual PC
Microsoft updates Virtual PC
02/10/2004 02:43 PMMicrosoft has released Virtual PC for Mac 6.1.1, the latest version of
the popular PC emulation software...
Microsoft Secuity Updates
Microsoft Secuity Updates
04/13/2004 04:56 PMMicrosoft Updates All Flavors
Microsoft Updates All Flavors
04/13/2005 02:26 PMMicrosoft updates corporate IM
Microsoft updates corporate IM
05/05/2004 06:45 AMvnunet.com May 5 2004 10:58AM GMT
Microsoft updates Great Plains
Microsoft updates Great Plains
06/21/2004 03:26 PMZDNet Jun 21 2004 8:16PM GMT
Microsoft Releases Eight Security
Updates
Microsoft Releases Eight Security
Updates
04/13/2005 11:45 AMGrok Description matches for Hackers send flood of bogus Microsoft updates
GrokA matches for Hackers send flood of bogus Microsoft updates
Websense Is Cash Money
Websense Is Cash Money
06/15/2004 01:16 PMThanks to its subscription revenues, the company spins out the cash.
Websense: Growth and Cash
Websense: Growth and Cash
07/30/2004 03:17 PMThe company is growing a cash hoard while its business grows rapidly.
RE: Websense Blocked Sites XSS
RE: Websense Blocked Sites XSS
12/05/2003 05:23 PMGreg Meehan (Dec 05 2003)
Re: Websense Blocked Sites XSS
Re: Websense Blocked Sites XSS
12/05/2003 01:53 PM3APA3A (Dec 05 2003)
Websense Blocked Sites XSS
Websense Blocked Sites XSS
12/03/2003 03:51 PMMr. P.Taylor (Dec 03 2003)
Akamai or Backdoor?
Akamai or Backdoor?
10/28/2003 11:07 PMRecently my brother contacted me via IM to ask about some strange
network behavior on his machine. He was using sysinternals
tcpview, and noticed that svchost.exe was opening connections to two
IP addresses; one on 80.66.x.x subnet, and another somewhere beneath a
different 80.x.x.x subnet. He was concerned because the IP
addresses in question showed up as "unassigned EU block" in the RIPE
database. The closest assigned block to one of the addresses
showed up as being assigned to a company in the Netherlands, and the
other to a company in Germany (and GeoIP returned the same information
using the original IP addresses).
More interesting was the traceroute. The address that GeoIP
reported being in Germany routed to Hurricane Electric in Fremont,
California; with the last hop before 80.x.x.x being a 64.x.x.x router
in Fremont. Could someone in Germany actually be within one hop
of a router in Fremont?
After more investigation, we found a google news posting pointing
the finger at Windows Update; and particularly to Akamai servers in
the 80.x.x.x range. With a bit more coaxing, we were able to get
the RIPE database to reveal that some small subnets within the
unassigned blocks were actually assigned to Akamai. I knew that
Windows Update and many other MSFT sites contract to Akamai for
edge-caching services, so this was a very plausible resolution.
However, I am left with a few nagging questions:
- Are there any better tools or techniques to find out exactly what
chunk of code is accessing the network? Knowing that svchost.exe
is initiating the connection is not very useful. More useful
would be the exact DLL.
- Akamai works by configuring DNS to resolve differently depending
on geographic location (ping download.windowsupdate.com to see this in
action). This is a common architecture for our large globally
distributed customers' sites who use routing products like Cisco
Global Director and F5 3DNS to accomplish this. However, it
leads to a problem -- using reverse DNS from an IP address is
rather unlikely to return the same FQDN that was used to resolve the
address in the first place. So starting with an IP address like
80.67.66.16, you have no way of finding out if that was initiated by a
call to download122.windowsupdate.com or
spywareupload22.gator.com. And considering the way that Akamai
provides services to spyware vendors as well as to MSFT, you can't
necessarily trust a network connection just because it is connecting
to a block owned by Akamai. It would be ideal if Akamai offered
an IP address lookup service that could be used to verify which of
Akamai customers was being serviced by a particular IP.
Without at least one of the two above requests, the only way to
verify that the connections were indeed made on behalf of Windows
Update was to bounce the service and watch the connections die (and
assume Windows Update DLL hadn't been hacked of course).
~
When I first heard that McDonald's was planning to launch a new ad
campaign themed "Lovin' It", I immediately got visions of the
horribly tacky "Mentos, the Freshmaker!" commercials. I
envisioned some German ad agency telling hapless McDonald's
executives, "We know how to make more teens go to McDonald's;
we'll use some real groovy stuff and say the words Lovin' It because
then kids will think you are cool!" So today I saw one of
the new ads for the first time, and it wasn't all that bad.
Actually it was kind of nice. It's kind of a feel-good, "happy
memories of carefree times" theme, kind of like the Pepsi spots a few
years back.
US bars backdoor pop-up adverts
US bars backdoor pop-up adverts
08/10/2004 06:56 AMA US company exploiting a little-known Windows feature has been banned
from sending pop-up ads to PC users.
FTC Bars Popup Backdoor Ads
FTC Bars Popup Backdoor Ads
08/10/2004 12:21 PMSlashdot Aug 10 2004 4:15PM GMT
Backdoor program gets backdoored
Backdoor program gets backdoored
06/13/2004 04:51 PMBackdoor.Autoupder Removal
Backdoor.Autoupder Removal
08/12/2004 03:56 AMDynalink routers backdoor?
Dynalink routers backdoor?
09/03/2004 02:29 PMfabio (Sep 02 2004)
Qwest's Backdoor Enterprise Strategy
Qwest's Backdoor Enterprise Strategy
11/04/2003 09:23 PMBoston.Internet.com Nov 4 2003 8:40PM ET
Netgear's Amusing "fix" for WG602v1
Backdoor
Netgear's Amusing "fix" for WG602v1
Backdoor
06/08/2004 10:40 AMLinux kernel backdoor blocked
Linux kernel backdoor blocked
11/07/2003 08:52 AMHints at smarter hacks
New Bagle opens another spam backdoor
New Bagle opens another spam backdoor
07/16/2004 03:26 AMZDNet UK Jul 16 2004 7:47AM GMT
Re: Backdoor in Fortinet´s firewall
Fortigate
Re: Backdoor in Fortinet´s firewall
Fortigate
06/05/2005 11:39 PMPosted by Derek Martin, Friday, 3 June
Backdoor in X-Micro WLAN 11b Broadband
Router
Backdoor in X-Micro WLAN 11b Broadband
Router
04/10/2004 03:27 PMRISKO Gergely (Apr 10 2004)
Re: Backdoor in X-Micro WLAN 11b
Broadband Router
Re: Backdoor in X-Micro WLAN 11b
Broadband Router
04/16/2004 01:02 PMMariano Firpo (Apr 16 2004)
NEW backdoor in X-Micro WLAN 11b
Broadband Router
NEW backdoor in X-Micro WLAN 11b
Broadband Router
04/17/2004 04:43 PMRISKO Gergely (Apr 16 2004)
'DVD Jon' reopens iTunes backdoor
'DVD Jon' reopens iTunes backdoor
03/23/2005 10:20 AMApple Computer's music store is once again exposed to
copy-protection-free sales.
Re: APC 9606 SmartSlot Web/SNMP
management card "backdoor"
Re: APC 9606 SmartSlot Web/SNMP
management card "backdoor"
02/18/2004 04:09 PMFredrik Björk (Feb 18 2004)
backdoor menu on conexant chipset dsl
router (Zoom X3)
backdoor menu on conexant chipset dsl
router (Zoom X3)
07/06/2004 06:36 PMAdam Laurie (Jul 06 2004)
Zindos enters MyDoom backdoor to attack
Microsoft
Zindos enters MyDoom backdoor to attack
Microsoft
07/28/2004 09:37 AMComputer Shopper Jul 28 2004 2:17PM GMT
APC 9606 SmartSlot Web/SNMP management
card "backdoor"
APC 9606 SmartSlot Web/SNMP management
card "backdoor"
02/17/2004 01:04 PMDave Tarbatt (Feb 16 2004)
Kerry: Bush army plan is "backdoor
draft"
Kerry: Bush army plan is "backdoor
draft"
06/03/2004 03:26 PMFw: APC 9606 SmartSlot Web/SNMP
management card "backdoor" - MORE
PROBLEMS
Fw: APC 9606 SmartSlot Web/SNMP
management card "backdoor" - MORE
PROBLEMS
02/17/2004 05:11 PMthiago.vazquez_at_light.com.br (Feb 17 2004)
Sophos warns of new backdoor trojan
security threat, Uproot-A
Sophos warns of new backdoor trojan
security threat, Uproot-A
01/05/2004 07:28 AMComputer Buyer Jan 5 2004 6:43AM ET
Re: Fw: APC 9606 SmartSlot Web/SNMP
management card "backdoor" - MORE
PROBLEMS
Re: Fw: APC 9606 SmartSlot Web/SNMP
management card "backdoor" - MORE
PROBLEMS
02/18/2004 05:19 PMThomas M. Payerle (Feb 17 2004)
Special Report: Beware of backdoor
planted by Bagle/Beagle worm
Special Report: Beware of backdoor
planted by Bagle/Beagle worm
01/23/2004 02:19 PMCNET Jan 23 2004 8:47AM GMT
APC 9606 SmartSlot Web/SNMP management
card "backdoor" - Telnet can't be
disabled.
APC 9606 SmartSlot Web/SNMP management
card "backdoor" - Telnet can't be
disabled.
02/19/2004 03:30 PMDavid Monosov (Feb 19 2004)
Hackers send flood of bogus Microsoft updates
