IE E OUTLOOK CONDIVIDONO DUE FALLE
In entrambi i programmi sono state scoperte due vulnerabilita' che potrebbero essere sfruttate da un aggressore per installare malware sui PC degli utenti
URL: http://punto-informatico.it/pi.asp?i=52187

Mitnick-Chiesa due Guru a confronto (Prima parte) Al termine della IDC Security Conference 2005 abbiamo incontrato e intervistato, in un faccia a faccia unico nella storia italiana del settore, il Guru della sicurezza informatica mondiale Kevin Mitnick noto per essere stato il piu' famoso e ricercato hacker a livello mondiale (il Condor) e Raoul Chiesa, il Condor Italiano.
http://www.apogeonline.com/webzine/2005/04/04/01/200504040101

***Programmatori estremi***
Il 21 marzo, il primo giorno di Primavera, si è aperto il 18° International Obfuscated C Code Contest. Per chi non avesse la minima idea di cosa sia lasciate che vi spieghi. Il C è un linguaggio di programmazione molto complesso, talmente complesso che, nel leggere il codice di qualcun'altro, è facilissimo non capirci assolutamente nulla. Se questo avvenisse con la lingua Italiana, una persona che scrive in tale modo verrebbe considerata un
analfabeta: nel contorto mondo della programmazione ci si eleva allo stato di dio minore invece :) La competizione, per veri malati, consiste nello scrivere codice in modo talmente contorto che anche un semplice "Hello world" diventa incomprensibile! Il 21 Marzo è il primo giorno di Primavera, la temperatura si alza, la natura si risveglia e i vestiti delle ragazze si accorciano. A ognuno il proprio divertimento.
http://www.ioccc.org/main.html

Gmail a 2GB
La capacità di storage delle caselle di posta elettronica @gmail.com è stata raddoppiata, passando da 1GB a 2GB, ed il cambiamento è già effettivo, come avranno già notato tutti i possessori delle caselle email by Google.
http://www.wintricks.it/news1/article.php?ID=3718

PLUTO Journal numero 44
Annuncio l'uscita del nuovo PLUTO Journal (http://journal.pluto.it), il numero 44 - Aprile 2005, consultabile online all'indirizzo http://www.pluto.it/journal/pj0504/ e reperibile nella versione scaricabile su ftp://ftp.pluto.it/pub/pluto/journal/n44apr05.tar.gz

Packet Wizardry: Ruling the Network with Python Practical guide to advanced network attack and reconnaissance techniques using Python. Includes topics such as firewalking, port scanning, ARP poisoning, and DNS poisoning.
http://hackaholic.org/papers/blackmagic.txt

Things to do when you have r00t on your «friend»'s workstation As the title says. It shows some fun stuff you can do when you rooted a workstation, all tricks are related to X11.
http://hackaholic.org/papers/own_friend.pdf

Bastille Hardening program new version
The Bastille Hardening program locks down an operating system, configuring the system for increased security. It currently supports Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo, HP-UX, and Apple's Mac OS X.
http://packetstormsecurity.nl/linux/security/bastille/Bastille-2.2.8-1.0.noarch.rpm

Web Service Profiling
Whitepaper discussing the scope of information gathering used against web services. Second in a series of papers defining attack and defense methodologies with web services.
http://packetstormsecurity.nl/papers/web/WebServices_Profiling.pdf

Invision Power Board v2.0.3 XSS vulnerabilities found Invision Power Board version 2.0.3 is susceptible to cross site scripting attacks.
http://packetstormsecurity.nl/0503-exploits/invision203.txt

Php
Vendor: PHP Group
iDEFENSE reported a vulnerability in PHP in getimagesize(). A user can cause denial of service conditions.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2005/Mar/1013619.html

Microsoft Jet
Vendor: Microsoft
A vulnerability was reported in the Microsoft Jet database. A remote user can cause arbitrary code to be executed.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Mar/1013618.html

Linux Kernel
Vendor: kernel.org
A vulnerability was reported in the LInux kernel futex functions. A local user can cause the kernel to crash.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2005/Mar/1013616.html

Kerio Personal Firewall
Vendor: Kerio Technologies
A vulnerability was reported in Kerio Personal Firewall. A local user can bypass network access rules.
Impact: Host/resource access via network
Alert: http://securitytracker.com/alerts/2005/Mar/1013607.html

Linux Kernel
Vendor: kernel.org
A vulnerability was reported in the Linux kernel ELF loader. A local user can cause denial of service conditions.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2005/Mar/1013602.html

Norton Anti-Virus
Vendor: Symantec
Two vulnerabilities were reported in Symantec's Norton AntiVirus in the AutoProtect feature. A user can create a file or modify a filename to cause the target system to crash.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2005/Mar/1013587.html

Norton Internet Security
Vendor: Symantec
Two vulnerabilities were reported in Symantec's Norton Internet Security in the AutoProtect feature. A user can create a file or modify a filename to cause the target system to crash.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2005/Mar/1013586.html

Microsoft Office
Vendor: Microsoft
Juha-Matti Laurio reported a vulnerability in the Microsoft Outlook Connector for IBM Lotus Domino. A user can choose to store passwords locally in violation of Group Policy.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2005/Mar/1013583.html

Telnet
Vendor: [Multiple Authors/Vendors]
iDEFENSE reported two buffer overflow vulnerabilities in Telnet, affecting several vendor implementations. A remote server can execute arbitrary code on a connected target user's client.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Mar/1013575.html

Linux Kernel
Vendor: kernel.org
A vulnerability was reported in the Linux kernel in the Bluetooth socket code. A local user can gain root privileges.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2005/Mar/1013567.html

"Nomi a dominio e Codice della Proprieta` Industriale"
Prima comparsa nella normativa italiana dei nomi a dominio. Con l'emanazione del Codice della proprieta` industriale, il legislatore cita per la prima volta i segni distintivi del web contrapponendoli ai marchi. Dopo anni di sentenze in cui i giudici hanno citato quando il regolamento della NA, quando la legge Marchi, oggi finalmente gli operatori del diritto, ma soprattutto gli utenti della rete, hanno un testo legislativo cui far riferimento per orientarsi circa eventuali registrazioni o tutele in caso di contrasto del nome a dominio con un marchio. Vediamo quindi in sintesi i passaggi in cui nel Codice compaiono i nomi a dominio ed a quali fini.
http://www.ziobudda.net/Admin/redir_news.php?id=21668
Also - http://www.siforge.org/articles/2005/04/04-nomi_dominio_cod_ind.html

"Gentoo Weekly Newsletter 4 April 2005"
La conseuta e settimanale newsletter dedicata alla distribuzione Gentoo.
http://www.ziobudda.net/Admin/redir_news.php?id=21661

"Kernel Traffic #304"
La consueta e settimanale newsletter dedicata al kernel Linux.
http://www.ziobudda.net/Admin/redir_news.php?id=21660

PARTE BIG BROTHER AWARD ITALIA 2005
Per la prima volta anche in Italia sara' assegnato il premio a coloro che hanno maggiormente contribuito a demolire la privacy. Da oggi si raccolgono le nomination. Come partecipare e gli altri dettagli
URL: http://punto-informatico.it/pi.asp?i=52209

C'E' UNA FESSURA PER SPIONI IN FIREFOX
Firefox e Mozilla condividono una vulnerabilita' di sicurezza che un sito malevolo potrebbe sfruttare per leggere una porzione della memoria di un PC.
Bastano poche righe di JavaScript
URL: http://punto-informatico.it/pi.asp?i=52216

An In-Depth Look at Metafunctions in C++
This chapter looks at a practical example from science and engineering that
can find applications in almost any numerical code. Along the way, you'll
learn some important new concepts and get a taste of metaprogramming at a
high level using the MPL.
http://www.informit.com/articles/article.asp?p=375705&rl=1

C++ Common Knowledge: Assignment and Initialization Are Different
This chapter explains the difference between assignment and initialization
in C++ in simple terms, with examples to illustrate each.
http://www.informit.com/articles/article.asp?p=376876

RFIDs: Technology Friend or Foe?
RFIDs, or Radio Frequency IDs, are poised to change the way retail
establishments keep track of inventory and pricing. But the usefulness of
RFIDs doesn't stop with retail. RFID tags for pets - and now even humans -
are available and on the market. In this article, David Gulbransen takes a
look at the technology behind RFIDs, what advances will mean in terms of
convenience to consumers, and the potential threats to privacy that have
many industry leaders concerned about the technology getting out of hand.
http://www.informit.com/articles/article.asp?p=378140&seqNum=1

How to Protect Yourself from Identity Theft
Identity theft is becoming easier and easier as more and more people shop
online. Find out how to protect yourself from identity thieves in this
sample chapter.
http://www.informit.com/articles/article.asp?p=374499

Policy, Personnel, and Equipment as Security Enablers
Policy plays an integral role in security effectiveness. Educating users on
their responsibility to enhance security can have a twofold effect: It
ensures that deployed equipment can perform tasks with greater
effectiveness, and it creates an environment that encourages and supports
individual responsibility.
http://www.informit.com/articles/article.asp?p=378142

Top Ten Cell Phone Security Problems
If you don't own at least one cell phone by this point in your life,
consider yourself unique. Even members of the Amish community have been seen
chatting it up while riding their tractors around in the field. While all
this communication may be a great thing, there are some major issues that
need to be understood about owing and using a cell phone before you punch in
that first number. In this section, we are going to look at the top ten
security problems cell phone users face, and how you can mitigate these
threats and keep yourself from becoming a victim.
http://www.informit.com/guides/content.asp?g=security&seqNum=89

Microsoft's Internet Explorer 7: No Points for Originality?
IE 7 has some great new features...that inspire deja vu.
http://www.developershed.com/download.php?File=PIM_200504.pdf&page=4

HUMORIX: MICROSOFT ISSUES WARNING AGAINST APRIL FOOL'S DAY JOKES
"'We've had it up to here with April Fool's Day,' said a Microsoft
spokesperson. 'This so-called holiday does not give people the right to
infringe our intellectual property for humor purposes...'" :)
http://nl.internet.com/ct.html?rtr=on&s=1,1iaq,1,kird,eq5x,85jl,7pty

INSTALLING SOFTWARE: A GNU/LINUX VS. MS WINDOWS COMPARISON
"I read a lot of reviews comparing GNU/Linux and Microsoft Windows, and
inevitably the topic of installing software comes up..."
http://nl.internet.com/ct.html?rtr=on&s=1,1iaq,1,gq40,gwy5,85jl,7pty

ADDING LINUX TO YOUR NETWORK: WHICH FLAVOR DO YOU WANT?
"Your team members are asking you for it. They want to start introducing
Linux to your data center or network infrastructure. You're already running
Windows. Is adding Linux worth it...?"
http://nl.internet.com/ct.html?rtr=on&s=1,1iaq,1,2l6w,htpx,85jl,7pty

OPTIMIZING GENTOO (PART 3)
"For a long time, I have known about prelinking, but I never actually tried
it..."
http://nl.internet.com/ct.html?rtr=on&s=1,1iaq,1,b6mk,hnla,85jl,7pty

A MOTHERBOARD UPGRADE HOWTO
"Tips and directions for replacing your computer's motherboard--from
deciding whether it's worth the hassle to tweaking the BIOS..."
http://nl.internet.com/ct.html?rtr=on&s=1,1iaq,1,hw8h,dlj0,85jl,7pty

LINUX 2.4.30
Full changelog, link within.
http://nl.internet.com/ct.html?rtr=on&s=1,1iaq,1,bwmw,2njh,85jl,7pty

THE 10 WORST SECURITY PRACTICES
Security specialists are constantly on the lookout for proven methods we can
replicate to keep our networks and data safe.
http://www.net-security.org/news.php?id=7443

BREAKING FIREWALLS WITH OPENSSH AND PUTTY
If the system administrator deliberately filters out all traffic except port
22 (ssh), to a single server, it is very likely that you can still gain
access other computers behind the firewall.
http://www.net-security.org/news.php?id=7447

LOGON TYPE CODES REVEALED
The logon/logoff category of the Windows security log gives you the ability
to monitor all attempts to access the local computer.
http://www.net-security.org/news.php?id=7455

PROTECT WIRELESS ACCESS USING MAC ADDRESS FILTERS
There are a number of basic steps you should take to protect your wireless
network and filtering MAC addresses is one more way to secure it.
http://www.net-security.org/news.php?id=7463

MALWARE COMES OF AGE: THE ARRIVAL OF THE TRUE COMPUTER PARASITE
Even though malware has been a recognised threat within the general IT
community for well over 15 years, it is effectively a bigger problem now
than it has ever been before.
http://www.net-security.org/article.php?id=778

Introducing UseModWiki
http://software.newsforge.com/article.pl?sid=05/03/25/1356227&from=rss
Wiki software implements the simple idea that Web pages should be easy, even
trivial, to create, and that anyone reading the page should be able to
correct, improve, revise and add to the page. Wikis (the word means "quick"
in Hawaiian) have become popular on the World Wide Web. With simple
formatting rules to make it easy to build well-organized hyperlinked pages,
a wiki becomes an efficient means of creating a Web site. One worthwhile
wiki for business collaboration is Clifford Adam's UseModWiki.

"Tutorial di programmazione per cellulari"
Lo so, è off-topic su tutto tranne sul fatto che è free. Se siete
interessati sul mio sito sto scrivendo un tutorial sulla programmazione dei
cellulari. E uso linux (con non poche difficoltà) come ambiente di
sviluppo...
http://www.ziobudda.net/Admin/redir_news.php?id=21692

"Webmin, strumento opensource per l'amministrazione remota"
Molto spesso l'amministratore di rete si trova nella condizione di dover
accedere ai server da remoto per modificare le configurazioni dei servizi,
controllare lo stato della macchina e molto altro ancora. Webmin è un
software opensource scritto in Perl che consente la gestione completa sia a
livello hardware che software di tutti i servizi che possono essere
installati in un server Linux.
http://www.ziobudda.net/Admin/redir_news.php?id=21686

FIREFOX: POP-UPS MUST DIE!
Questo il nome di una nuova estensione per il celebre browser: aggiunge al
blocco dei pop-up gia' integrato una serie di nuove specifiche per fermare
le finestre importune
URL: http://punto-informatico.it/pi.asp?i=52223

E-PRIVACY 2005, CALL FOR PAPER
In queste settimane si possono inviare relazioni e contributi per l'evento
annuale di Firenze che si terra' a fine maggio. Ecco i dettagli
URL: http://punto-informatico.it/pi.asp?i=52234

NON CHIAMATELI SQUATTERS
di Luddist - E' lecito aprire un sito web sotto un dominio identico al nome
dell'azienda che con quel sito si intende criticare? Negli USA ora lo e'.
Incredibili dictu
URL: http://punto-informatico.it/pi.asp?i=52231

CABIR HA DUE NUOVI CUGINI
Si tratta di due codici malevoli, un worm e un trojan, che prendono ancora
una volta di mira i cellulari basati sulla piattaforma Series 60. Il cavallo
di Troia e' particolarmente cattivo
URL: http://punto-informatico.it/pi.asp?i=52244
Also - http://www.ziobudda.net/Admin/redir_news.php?id=21713
Also - http://www.zeusnews.it/news.php?cod=4017
Also - http://www.securitypipeline.com/160500231

SCHWARTZ (SUN): FINITELA CON QUESTA GPL
Il presidente di Sun ha fortemente criticato l'uso della licenza GPL da
parte di aziende e governi, sostenendo che il vero spirito open source e'
rappresentato dalla propria licenza CDDL
URL: http://punto-informatico.it/pi.asp?i=52254

Windows 2003 SP1
Microsoft's release of Windows 2003 Service Pack 1 last week is loaded with
security enhancements, and it's a big step in the right direction.
http://www.securityfocus.com/columnists/312

Defeating Honeypots: System Issues, Part 2
This two-part paper discusses how hackers discover, interact with, and
sometimes disable honeypots at the system level and the application layer.
http://www.securityfocus.com/infocus/1828

ADVISORIES: APRIL 4, 2005
Today's advisories: MySQL (Conectiva Linux); remstats and wu-ftpd (Debian
GNU/Linux); Dnsmasq (Gentoo Linux); kernel (SUSE Linux); and sharutils
(Ubuntu Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1ifj,1,2tvm,k292,85jl,7pty

ADVISORIES: APRIL 5, 2005
Today's security advisories: gaim and mysql (Fedora Core); kernel (Trustix
Secure Linux); and php4, gaim, and ipsec-tools (Ubuntu Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1ike,1,g1fj,lcd4,85jl,7pty

JAVASCRIPT FLAW HITS MOZILLA USERS
"Russian security researcher going by the alia alias of Azafran has
discovered a flaw in Mozilla Suite and Firefox Web browsers that could
potentially put users at risk from the disclosure of arbitrary heap
memory..."
http://nl.internet.com/ct.html?rtr=on&s=1,1ifj,1,hhxw,2h03,85jl,7pty
Also - http://www.securitypipeline.com/160403611

THE END OF SOFTWARE LICENSING
"The success of open source software will, eventually, lead to the end of
proprietary software licensing as we know it..."
http://nl.internet.com/ct.html?rtr=on&s=1,1ikb,1,ch46,2sb,85jl,7pty

MALWARE
Title: MSN Messenger spreads worm, not love
Source: ZDNet Australia
Date Written: 2005-04-04
Date Collected: 2005-04-05
First discovered April 1, 2005, the Chod.B worm spreads through e-mails
claiming to be from Microsoft, Symantec, and Trend Micro and attempts to
fool victims into executing malicious files. When propagating through MSN
Messenger, Chod.B sends messages to contacts found in the victim's address
book, mimicking the behavior of a real user, according to Trend Micro senior
systems engineer Adam Biviano. Chod.B also contains a program that steals
passwords from instant messaging applications such as AOL, ICQ Lite,
Miranda, MSN Messenger, Trillian, and Yahoo Messenger. Mr. Biviano believes
that despite its clever design, Chod.B is unlikely to spread widely.
http://www.zdnet.com.au/news/security/0,2000061744,39186988,00.htm

MALWARE
Title: Database rootkit menace looms
Source: The Register
Date Written: 2005-04-04
Date Collected: 2005-04-05
Alexander Kombrust of Red Database Security, speaking at the Black Hat
conference in Amsterdam, discussed how malicious hackers are developing
malware kits -- similar to rootkits -- to compromise corporate databases.
Databases share many similarities with operating systems, including users,
processes, jobs, and executables. Rootkits make it possible for the hacker
to create users and processes under his control, hidden from database
administrators. Such rootkits can be complicated to use, and require a
professional hacker rather than script kiddies. However, no statistics
currently exist for the number of database rootkits and their use. Mr.
Kombrust argued that programmers need to learn security-conscious
programming to build better databases that can check their repository for
rootkit modifications; in the mean time, administrators will have to rely on
such products as repscan from Red Database.
http://www.theregister.co.uk/2005/04/04/database_rootkit/

VULNERABILITIES & EXPLOITS
Title: Critical flaws in IE and Outlook discovered
Source: C-Net News
Date Written: 2005-04-01
Date Collected: 2005-04-05
More highly critical flaws have been discovered in Microsoft's Internet
Explorer (IE) and Outlook programs, security company eEye Digital Security
announced April 1, 2005. Ben Nagy, eEye senior security engineer, said he
vulnerabilities can allow attackers to execute code remotely without any
actions by the victim or install backdoor Trojans without the victim's
knowledge. All it would take is for the user to visit a website carrying
malicious code, where they could be infected by surfing across a banner ad,
according to Mr. Nagy. eEye notified Microsoft of the flaws, which affect
the default installation of IE and Outlook, several days ago, and is
allowing the company time to develop patches before releasing technical
details, including which versions are affected. Microsoft has acknowledged
the flaws, and no exploit has yet been discovered.
http://news.com.com/Critical+flaws+in+IE+and+Outlook+discovered/2100-1002_3-5650238.html

VULNERABILITIES & EXPLOITS
Title: Sybase, NGSSoftware near flaw-publishing agreement
Source: Security Focus
Date Written: 2005-04-04
Date Collected: 2005-04-05
A source familiar with negotiations said April 4, 2005 that database maker
Sybase will probably drop legal threats against Next-Generation Security
Software (NGSS) in the coming week, after reaching an agreement allowing the
company to publish details on six security flaws. The agreement would end a
two-week dispute over whether NGSS can publish details of six security flaws
it discovered in 2004 in Sybase's products. Managing director of NGSS David
Litchfield said the company believes it has solved the issues with Sybase,
but that negotiations are ongoing. Sybase's legal threats against NGSS
prompted backlash in the security community, who worried about the precedent
set by blocking the release of technical details.
http://www.securityfocus.com/news/10821

VULNERABILITIES & EXPLOITS
Title: Red Hat patches critical hole
Source: Computerworld
Date Written: 2005-04-04
Date Collected: 2005-04-06
Red Hat is advising users of several of its enterprise versions of Linux
that a a number of flaws in XFree86 installations could allow a remote
attacker to take over a system. The most serious flaw is found in the libXpm
library for processing XPM images; a buffer overflow could allow an attacker
to execute malicious code through a specially crafted image file. The latest
XFree86 update fixes the flaw. The Sylpheed e-mail client contains a 'highly
critical' buffer overflow that could allow an attacker to execute code by
including a file attachment with a MIME-encoded file name. A format string
error and a boundary error in the ImageMagick editor could allow remote code
execution through malicious image files. SGI has released an update fixing
errors in the xpdf, squid, and kdenetwork components of its Advanced Linux
Environment, that could allow an attacker to take over a system, deny
service, or alter the contents of files.
http://www.computerworld.com/securitytopics/security/holes/story/0,10801,100860,00.html

DLL Conventions: Issues and Solutions, Part I
Learn to resolve compatibility issues between Dynamic Link Libraries
developed using different tools.
http://www.devarticles.com/c/a/Cplusplus/DLL-Conventions-Issues-and-Solutions-Part-I/

Wireless Popularity 2: Security Concerns
Michael Swanson discusses issues particular to certain environments, and
examines some of the solutions.
http://www.devhardware.com/c/a/Opinions/Wireless-Popularity-2-Security-Concerns-Continued/

"Breve recensione di openmagazine.it"
Linux in Italia ( www.linuxinitalia.m-2.it ) ha pubblicato una breve
intervista al neonato progetto editoriale di openmagazine.it
(www.openmagazine.it), che ha da poco rilasciato il numero 1.0
http://www.ziobudda.net/Admin/redir_news.php?id=21726

"Bash Translate"
Due piccoli script BASH, i quali traducono uno dall'italiano all'inglese e
l'atro dall'inglese all'italiano. Le traduzioni non si limitano a rilasciare
un solo termine di traduzione, ma offrono varie possibilita' dalle quali
scegliere la piu' adatta al proprio contesto (come i normali vocabolari). La
comodita' e' che non si deve scomodare un browser per cercare una
traduzione.
http://www.ziobudda.net/Admin/redir_news.php?id=21725

"EDemocracy: scegli la nostra prossima campagna"
L'associazione nazionale Cittadini Europei chiede al popolo della rete di
partecipare ad un sondaggio per la scelta della sua prossima campagna.
Queste le opzioni: Assenza di copertura nella rete ADSL, semplicità delle
leggi e delle normative, correttezza e chiarezza nelle offerte degli
operatori di telefonia mobile e fissa, provvedimenti giurisdizionali di
censura dell'informazione su internet, file sharing e decreto Urbani,
distorsioni del diritto d'autore ed in favore dell'Open Access, costo
eccessivo della flat ADSL in Italia rispetto agli altri Stati dell'UE,
restrizioni del decoder Sky. Per partecipare basta collegarsi al sito
www.cittadinieuropei.it
http://www.ziobudda.net/Admin/redir_news.php?id=21724

ITALIA, PRIMA CONDANNA PER UN VIRUS WRITER
Non era mai successo prima ed e' toccato all'autore di Zelig, il worm che si
mascherava da screen saver della celebre trasmissione Tv per installare un
dialer sui PC degli utenti. Una frode smascherata dalle Fiamme Gialle
URL: http://punto-informatico.it/pi.asp?i=52275

SOTTO L'OCCHIO DEL GRANDE ORECCHIO
Come vengono intercettate le comunicazioni degli italiani? E' giustificato
l'allarme per la privacy violata? Web, email, telefonini, VoIP: nulla
sfugge? Il quadro in una inchiesta di Punto Informatico
URL: http://punto-informatico.it/pi.asp?i=52273

LE REGOLE PER RIDURRE LE LICENZE OPEN SOURCE
OSI si prepara a varare alcune regole che dovrebbero frenare la
moltiplicazione delle licenze open. Lo scopo e' promuovere la diffusione
solo di quelle principali ed aumentare cosi' le certezze di chi le adotta
URL: http://punto-informatico.it/pi.asp?i=52270

LESSIG, JIHAD CONTRO MONOPOLI E BREVETTI?
Profeta del copyleft, il professore di Stanford getta anatemi sui grandi
nemici dell'open source. Microsoft additata come pericolo per l'economia
mondiale
URL: http://punto-informatico.it/pi.asp?i=52277

COME PROTEGGERE IL DESIGN DI UN SITO?
di A. Canova (Patnet.it) - Quando si puo' ricorrere contro qualcuno che ha
copiato un sito senza riconoscere all'autore alcun diritto di paternita'?
Come difendersi contro certi abusi? Il quadro normativo
URL: http://punto-informatico.it/pi.asp?i=52251

** TROVI UN BACO IN FIREFOX, TI PAGANO 500 DOLLARI **
Un tedesco si aggiudica 2500 dollari per aver snidato cinque falle nel
popolare browser alternativo
>> di Paolo Attivissimo
http://www.zeusnews.it/news.php?cod=4019

** MANDRAKESOFT CAMBIA NOME E DIVENTA MANDRIVA **
La popolare distribuzione Linux si rifà il vestito per risolvere diatribe
legali e riconoscere l'apporto di un nuovo partner importante.
>> di Paolo Attivissimo
http://www.zeusnews.it/news.php?cod=4020

Vulnerabilità di sicurezza in Linksys WET11
Kristian Hermansen ha riportato una vulnerabilità in Linksys WET11, la quale
può essere sfruttata da un utente in rete locale per bypassare...
http://www.securitywireless.info/link.asp?TOPIC_ID=1085

Astalavista Security Newsletter Issue 15-2005
Astalavista Security Newsletter Issue 15 is available in TXT, DOC and PDF at
the following URLs:
http://www.astalavista.com/media/newsletter/issue_15_2005.pdf
http://www.astalavista.com/media/newsletter/issue_15_2005.txt
http://www.astalavista.com/media/newsletter/issue_15_2005.doc

ADVISORIES: APRIL 6, 2005
Today's advisories: mit-krb5 and Gaim (Gentoo Linux); PHP (Slackware); and
gtk+2.0, gdk-pixbuf, and mysql-dfsg (Ubuntu Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1inz,1,ar9k,glnc,85jl,7pty

EMERGENCY BOOTING WINDOWS PCS: ANOTHER USE FOR LINUX
"This brief article reviews the use of Linux as a means of emergency booting
a failed Windows PC and accessing potentially lost files..."
http://nl.internet.com/ct.html?rtr=on&s=1,1inx,1,jgfn,k1tf,85jl,7pty

CYBERCRIME-HACKING
Title: New Domain Poisoning Attacks Microsoft Servers
Source: Security Pipeline
Date Written: 2005-04-06
Date Collected: 2005-04-07
The Internet Storm Center (ISC) said April 6, 2005 that Domain Naming System
(DNS) cache poisoning attacks, which started more than one month ago,
continue. The attacks, which exploit flaws in Microsoft server software,
redirect users from popular websites to malicious ones infecting their
machines with spyware. ISC has raised its color coded alert to yellow, the
same threat level given to the outbreaks of the SQL Slammer, MSBlast, and
Sasser worms. The ISC said the ongoing attack began March 25 and is
spreading spyware for profit.
http://www.securitypipeline.com/160501704

MALWARE
Title: Mobile Trojan kills smart phones
Source: The Register
Date Written: 2005-04-06
Date Collected: 2005-04-07
A new Trojan, Fontal.A, is capable of rendering an infected Symbian Series
60 mobile phone unusable. Fontal-A, a SIS file Trojan, installs a corrupted
font file on infected devices, causing them to fail when rebooted. The
Trojan spreads through Bluetooth, and has only hit people installing warez
mobile games on their phones. Security firm F-Secure says Fontal.A also
damages the application manager so that it cannot be uninstalled, and that
once a user attempts to reboot an infected phone, it must be reformatted to
disinfect it.
http://www.theregister.co.uk/2005/04/06/mobile_killer_trojan/

VULNERABILITIES & EXPLOITS
Title: CA's Intrusion Detection Software Vulnerable to DoS Attack
Source: EWeek.com
Date Written: 2005-04-07
Date Collected: 2005-04-07
Security firm iDefense posted an advisory April 5, 2005 describing a
recently discovered flaw in Computer Associates' (CA) eTrust intrusion
detection software that could allow remote attackers to execute
denial-of-service attacks. iDefense said the vulnerability results from
insufficient value checking on data passed to Microsoft's Crypto API
function CPImportKey. An attacker could manipulate CPImportKey to allocate
buffers exceeding mapped memory size, causing an exception and locking
memory. Michael Sutton, director of iDefense, said the company did not give
deep details on the vulnerability because it is exploitable, but that a
savvy hacker could still exploit it. CA has created a workaround, which is
available only for versions 3.0 and 3.0 Service Pack 1.
http://www.eweek.com/article2/0,1759,1783330,00.asp?kc=EWRSS03129TX1K0000614

VULNERABILITIES & EXPLOITS
Title: Browser bugs sprout eternal
Source: The Register
Date Written: 2005-04-06
Date Collected: 2005-04-07
Mozilla has patched a security vulnerability in its Firefox browser that
could allow an attacker to access potentially sensitive information in
memory. The flaw, which affected Firefox versions 1.0.1 and 1.0.2, was
discovered by Russian bug hunter Azafran and is complicated to exploit.
Security firm Secunia has classified the heap buffer overflow vulnerability
as moderately critical, and users are advised to download the update.
Security firm eEye also says it has reported a bug to Microsoft that allows
code to be executed with minimal user interaction. Microsoft is
investigating the bug, which allegedly affects unspecified versions of
Internet Explorer and Outlook.
http://www.theregister.co.uk/2005/04/06/browser_bugfest/

Beware unplanned SP2 downloads on April 12
http://newsvac.newsforge.com/article.pl?sid=05/04/06/2214226&from=rss
SarsSmarz writes "Beware the MS-worm!" On Tuesday, April 12, Microsoft will
turn off the blocking feature that has made it possible for some enterprises
to block Windows XP Service Pack 2 downloads by employees who use Automatic
Update. That means in companies that used the blocking tool, SP2 will be
downloaded automatically to desktop computers that use Windows' Automatic
Update feature.

Falsa e-mail di update
Gira in questo momento una e-mail che pretenderebbe di provenire dalla MS ed
in particolare al suo sistema di update. Invita a seguire il link che
rimanda ad una pagina del tutto simile a windows update, ma cliccando sulla
presunta patch non si fa altro che installare Troj/DSNX-05, un trojan. La MS
stessa: ribadisce che le e-mail non sono la sua prassi per il rilascio degli
update ricorda di fare sempre riferimento a windows update conferma di non
sapere nulla dell'e-mail incriminata
http://www.wintricks.it/news1/article.php?ID=3740
Also - http://www.theregister.co.uk/2005/04/08/fake_windows_update_ruse/

"Ubuntu 5.04 is here!"
Rilasciata in questo momento anche la versione 5.04 di Ubuntu.
http://www.ziobudda.net/Admin/redir_news.php?id=21743

"Rilasciato Kubuntu!"
E' stato appena rilasciato Kubuntu 5.04 basato sulla relativa versione di
Ubuntu. Correte a scaricarlo
http://www.ziobudda.net/Admin/redir_news.php?id=21742

Absolute Security is a Myth
No operating system is completely immune to security threats, and that
includes Apple's OS X.
http://www.securityfocus.com/columnists/313

ADVISORIES: APRIL 7, 2005
Today's advisories: gftp (Fedora Core); sharutils (Gentoo Linux); and
sharutils, gtk+2.0, and gdk-pixbuf (Mandriva Linux/Mandrakelinux).
http://nl.internet.com/ct.html?rtr=on&s=1,1isk,1,i8sf,ehvc,85jl,7pty

g00d reading! 'n' bye
Security News MainTainer:

The Jackal a.k.a. jAcKallO < jackal [at] capitanlug.it >

(AreaSessantuno Member) / (SpiPPolatori Collaborator)
(HackerAlliance Member) / (Security News MainTainer)
(Socio fondatore e Presidente del CapitanLUG.iT)