There’s been a lot of talk about the DNS vulnerability (CVE-2008-1447) discovered by Dan Kaminsky. The exploit, as detailed by the Common Vulnerabilities and Exposures Database, allows remote attackers to spoof DNS traffic enabling the poisoning of DNS caches in order to send systems to malicious websites. This greatly increases the risk of phishing attacks [...]
Archive for July, 2008
DNS attack in the wild
31Jul08Botnet infiltration and ethics
23Jul08Tippingpoint, a company providing Intrusion Prevention Systems, has published a post on their site detailing how they successfully infiltrated the Kraken botnet and took control of over 25,000 unique bots. The Kraken botnet is arguably the world’s largest botnet with estimates ranging up to 400,000 bots under its control.
Security researchers at TippingPoint infiltrated the botnet [...]
Jeff Jones, a security strategy directory for Microsoft, has published a report on the number of security vulnerabilities during Q1 of 2008 for workstation operating systems including Windows Vista, Windows XP, Mac OS X, Red Hat and Ubuntu. The results are surprising in that Vista had the least reported vulnerabilities while Mac OS X 10.5 [...]
