Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2005-03-12 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

phpBB Problems Continue, Ethereal Update Released, FTC Shuts Down Fake Anti-Spyware Vendor

Published: 2005-03-12
Last Updated: 2005-03-13 04:48:46 UTC
by Dave Brookshire (Version: 1)
0 comment(s)
phpBB Problems Continue

Had two different reports today about an increase in attacks against phpBB. One reader reported that he's seen an increase on the order of 70 unique IPs scanning his network for phpBB exploits. Another reader sent us to <A href="http://www.zone-h.org/en/defacements/filter/filter_defacer=Garzt3/page=1/">Zone-H with an archive on attacks from Garzt3 who seems to be exploiting these servers by hand. It appears this is the same exploit we've seen before and the only thing new is the increased frequency.

Ethereal Update Released

Ethereal 0.10.10 has been released fixing several buffer overflow problems and other bug fixes. More information is available at:

http://www.ethereal.com/news/item_20050311_01.html

FTC Shuts Down Fake Anti-Spyware Vendor
http://story.news.yahoo.com/news?tmpl=story&cid=569&ncid=738&e=1&u=/nm/20050311/tc_nm/tech_spyware_dc

A US Court has ordered Spyware Assassin to suspend activities for selling what is allegedly bogus anti-spyware software. It would routinely not clean up spyware and warn users that there was spyware when there wasn't in attempts to drum up sales. As the spyware threat is not something that is known well enough, these kind of things will keep happening. Spyware is where it is at right now. It allows attackers to either control a large number of machines quickly, or make money for their efforts by spamming, selling marketing information, or outright identity theft. User education and better tools are needed to combat this threat.

John Bambenek

for Dave Brookshire

bambenek /at/ gmail -dot- com
Keywords:
0 comment(s)
Diary Archives