Mikko posted earlier about how the domain generation algorithm in Conficker works. Just to make it clear to everyone – this has now started.

Infected computers use the local time as the trigger of when to start generating the list of 50,000 domains so in places where the local time is already April 1st, these computers are now actively polling for domains.

And, until the GMT date is April 1st they are in fact polling for domains for 31st March. So far there hasn’t been any updates available on those sites.

In summary: Conficker has activated. So far nothing has actually happened.

On 31/03/09 At 07:08 PM

continue reading.....

[DSECRG-09-013] IBM WebSphere Application Server 7.0 Multiple XSS Vulnerabilities

continue reading.....

[security bulletin] HPSBMA02416 SSRT090008 rev.2 – HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code

continue reading.....

[DSECRG-09-016] SAP SAPDB Multiple XSS

continue reading.....

[DSECRG-09-030] PrecisionID Datamatrix ActiveX control – Arbitrary File overwriting

continue reading.....

Vulnerability Summary for the Week of March 23, 2009

continue reading.....

The popular Linux distribution Ubuntu has it latest Beta version released, version 9.04. This Beta is running fine on several Netbooks, as both Liliputing.com & the Ubuntu Mini Blog are reporting.

continue reading.....

As Linux sysadmins, many of us still need to deal with Windows worms and how they affect our networks. Tomorrow is April 1st, and the Conficker worm will be activating on vulnerable computers everywhere. Here’s a quick HOW-TO showing how you can detect compromised and/or vulnerable computers on your network:

read more

continue reading.....

IBM last week filed a patent application for an offshore outsourcing methodology that is intended to help companies minimize the financial risks associated with sending work overseas. The patent application describes a computer-driven approach for putting values on both the quantitative and qualitative attributes of a “global resource sourcing strategy.” For instance, the methodology takes into account the language skills and morale of offshore workers, as well as a list of the hard numbers involved in setting up an offshore operation, including labor rates and currency valuations. In short, IBM is attempting to reduce offshoring considerations to a mathematic model — or, in the words of the application, “a robust and reusable sourcing template” for identifying and analyzing “global resource pools.”

continue reading.....

I personally hope that the Conficker/Downup/Downadup/Kido computer worm — that surfaced in October 2008 and targets the Microsoft Windows operating system, that activates on April 1st — shows Windows users just how insecure the Windows operating system is, and how slow Microsoft is to react to it, and “patch” it. … businesses stop production because of this worm … become spam websites, displaying advertisements and sending out thousands of spam and denial of service emails. … GNU/Linux might actually become mainstream, maybe even over night.

continue reading.....

(Posted 31 Mar 2009 by solrac)

continue reading.....

(Posted 31 Mar 2009 by falko)

continue reading.....

Cisco ASA5520 Web VPN Host Header XSS

continue reading.....

[Positive Technologies SA 2009-09] Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege Escalation Vulnerabilities

continue reading.....

webEdition 6.0.0.4 Local File Inclusion

continue reading.....

[Matthew] has completed this Dreamcast tablet modification. That’s right, you’re looking at a Dreamcast laid out in tablet format. We’re not really sure what advantages the tablet layout has, since it’s not touch screen and you probably need to put it down to play anyway. The laptop or clam shell might have been a smart [...]

continue reading.....

Fundamental Logic is selling a Bus Pirate kit and bare PCB based on our universal serial interface tool. They started with our serial port-based v1a hardware, and modified it to use all through-hole parts.  8pin DIP LP2951ACN/-3.3 switchable voltage regulators replace the surface mount TPS79650/33 that we used. The PIC is pre-programmed with our latest [...]

continue reading.....

Unlike U.S. companies, most large Japanese corporations balance short-term opportunities with long-term needs.

continue reading.....

Unlike U.S. companies, most large Japanese corporations balance short-term opportunities with long-term needs.

continue reading.....

The investigative journalist for The New Yorker explains his recent bombshell revelation about Dick Cheney’s "executive assassination" squads.

continue reading.....

Currently 6 million gallons of crude oil sit at the base of a volcano that has erupted 19 times in the last eight days.

continue reading.....

The investigative journalist for The New Yorker explains his recent bombshell revelation about Dick Cheney’s "executive assassination" squads.

continue reading.....

Currently 6 million gallons of crude oil sit at the base of a volcano that has erupted 19 times in the last eight days.

continue reading.....

Last week marked the release of the Ubuntu 9.04 Beta and this week there is the planned release of the Fedora 11 Beta. Both distributions are similar in the respect they will be upgrading several common packages like GNOME 2.26, but in Fedora 11 are more upstream (and experimental) bits like kernel mode-setting, the EXT4 file-system by default, and various other features. Being the Linux benchmarking fanatics that we are, we set out to run a few performance tests comparing the Ubuntu 9.04 Beta to the latest Rawhide packages that will make up today’s Fedora 11 Beta release.

continue reading.....

[SECURITY] [DSA 1760-1] New openswan packages fix denial of service

continue reading.....

Re: Family Connections 1.8.1 Multiple Remote Vulnerabilities

continue reading.....

aspWebCalendar Free Edition bug

continue reading.....

Re: [ECHO_ADV_103$2009] taifajobs <= 1.0 (jobid) Remote SQL Injection Vulnerability

continue reading.....

The show masks a deep fear among the global elite that it really doesn’t know the direction in which the world economy is heading.

continue reading.....

The shift in emphasis will be outlined in new field guidelines issued to ICE agents as early as this week.

continue reading.....