Post List  Post Summary

February 8,2007

VirusTotal (2007.2.8 update)

01.29.2007 加入Symantec
02.07.2007 加入F-Secure
目前有30套av囉,心血來潮用大陸寫的加殼軟體去加一個原本大都掃得到的spyware
結果幾乎掃不到就是誤判... 連號稱可以解上千種殼的kaspersky也是...
(Read More...)
sylphidsu at PIXNET | 12:08 PM | Comments(0) | Trackback(0) | Hits(2122) | Security

January 24,2007

zone-h 又被黑了 @@


這次是domain註冊端被黑,dns被改掉
延伸閱讀: http://www.theregister.co.uk/2007/01/23/zone-h_defaced/

sylphidsu at PIXNET | 06:21 PM | Comments(0) | Trackback(0) | Hits(1651) | Security

January 11,2007

acer notebook 出廠附贈後門一隻@@


有acer notebook的朋友 福氣啦~ 原廠附贈後門一隻
檢查硬碟裡有C:\windows\system\LunchApp.ocx的話,就恭喜囉..

(Read More...)
sylphidsu at PIXNET | 06:05 PM | Comments(0) | Trackback(1) | Hits(2935) | Security

December 29,2006

Gmail 信件大量消失?

Gmail Disaster: Reports Of Mass Email Deletions
Lost Everything in My Account..email,contacts,sent mail..
Gmail problem limited, Google says
GMail 備份無效一記
(Read More...)
sylphidsu at PIXNET | 06:03 PM | Comments(2) | Trackback(0) | Hits(1776) | Security

December 20,2006

Secunia Software Inspector 統計報告

Followup on the Secunia Software Inspector Release這篇看到:

1. 在超過40萬次的掃描結果裡,有超過35%裝有不安全版本的軟體。
2. 有趣的是,裝不安全的Firefox比IE的多很多(35.47%:4.12%),我猜是Windows Update的效果吧。
(Read More...)
sylphidsu at PIXNET | 06:11 PM | Comments(0) | Trackback(0) | Hits(1412) | Security

December 18,2006

IThome首頁也被植入惡意程式

大砲開講 | IThome首頁也被植入惡意程式 … :-(
看起來12.17以前就被黑了,今天早上移掉了12.17被植入的..
剛剛(12.18 15:53)發現又被植入了(from Outian)@@

(Read More...)
sylphidsu at PIXNET | 03:54 PM | Comments(0) | Trackback(0) | Hits(1454) | Security

December 15,2006

word第三個0day@@

Third MS Word Code Execution Exploit Posted
Third Word hole in ten days
Microsoft Word Document (malformed pointer) Proof of Concept
屋漏偏逢連夜雨 Word再現第三漏洞
(Read More...)
sylphidsu at PIXNET | 06:42 PM | Comments(2) | Trackback(0) | Hits(817) | Security

December 14,2006

PHP security 近來兩三事

1. Stefan Esser 12.9 宣佈離開 PHP Security Response Team
原因看來是PHP社群對他提出的security advisory及建議的反應,讓他無法接受..
所以未來可直接從他的PHP Security Blog看到PHP security的最新消息囉(作者表明不會等PHP出了patch才公佈)
2.
(Read More...)
sylphidsu at PIXNET | 03:39 PM | Comments(1) | Trackback(0) | Hits(367) | Security

December 11,2006

[轉貼] Hinet直播網首頁被植入惡意程式碼 !! (12.13 update)

Hinet直播網首頁被植入惡意程式碼 !!
不知道被黑了多久,可怕哦@@

剛剛(12.12 13:08)檢查那段javascript還在,越來越可怕囉!!
(Read More...)
sylphidsu at PIXNET | 07:57 PM | Comments(0) | Trackback(0) | Hits(229) | Security

December 8,2006

Word又有0day攻擊,還沒有release patch,怎麼辦? (12.12 update)

微軟拉警報 Word零時差攻擊再起
http://cpro.com.tw/channel/news/content/?news_id=53202&cid=A0503
微軟警告:新的Word零時差攻擊再度出現 http://www.informationsecurity.com.tw/news/view.asp?nid=2913

(Read More...)
sylphidsu at PIXNET | 02:17 AM | Comments(2) | Trackback(0) | Hits(459) | Security

December 12,2006

OfficeCat

OfficeCat可以檢查Microsoft Word®, PowerPoint®, and Excel® 檔案是否含有exploit,包含929433那隻word 0day。

只是我測試發現,掃word會hang住@@
再來個有圖有真相吧:
(Read More...)
sylphidsu at PIXNET | 12:48 PM | Comments(2) | Trackback(0) | Hits(366) | Security

December 12,2006

原來12.10又有新的Word 0day vuln.@@

Microsoft Word 0-Day Vulnerability II
New Report of A Word Zero Day
Another new Word 0-day, information & dat released by McAfee
Word Unspecified Exploit(2)
(Read More...)
sylphidsu at PIXNET | 11:16 AM | Comments(0) | Trackback(0) | Hits(228) | Security

December 11,2006

Secunia Software Inspector

Secunia 12.6 推出的線上掃描服務Secunia Software Inspector可以檢查安裝的軟體是否patch到安全版本,還有patch下載的link。

一樣來個有圖有真相:

(Read More...)
sylphidsu at PIXNET | 06:03 PM | Comments(0) | Trackback(0) | Hits(316) | Security

December 9,2006

Zero-Day Tracker


Zero-Day Tracker
eEye新推出的zero-day觀察網站,我猜很多人當下的反應是以為是"黑的"。其實是for zero-day vulnerabilities啦。
沒關係,下一篇會講到真的"黑的"0day。
(Read More...)
sylphidsu at PIXNET | 04:12 PM | Comments(0) | Trackback(0) | Hits(240) | Security