Just a quick security alert for anyone running UnrealIRCd 3.2.8.1, I recieved an email this morning stating that for the past 8 months the UnrealIRCd download has been tainted. It has been tampered with and included a backdoor trojan which allows a person to execute ANY command with the privileges of the user running the ircd. The [...]
Mozilla has released Firefox 2.0.0.18, Firefox 3.0.4, and SeaMonkey 1.1.13 to fix arbitrary code execution, privilege escalation, security bypass, cross-site scripting, denial of service, and information disclosure vulnerabilities. Some of these vulnerabilities may also affect Thunderbird.
A zero-day vulnerability in Apple’s newly patched software is in the wild, reports Information Week.
On WyldRyde all our users’ IP addresses and host masks are privatized upon connection to prevent others from determining your IP address or full hostmask. Only WyldRyde Staff and YOU can see your own IP address and full host. So when YOU “/whois your-own-nick” you will see it. However, when others whois you they will [...]
No, we strongly recommend that you do not group your nick with another nick that belongs to any other person, even your wife or husband. Over the years we’ve witnessed too many instances when a boyfriend, girlfriend, wife, or husband had grouped nicks or shared their password with their partner and then they used them [...]
A security researcher has posted an extensive list of vulnerabilities that he alleges exsist in Ircu, the open source IRC server that Undernet and other networks use. None of these bugs can be abused for arbitrary code execution. Two are about crashing a server, one about exposing IP adresses, and the effect of the others [...]
Symantec has posted an interesting article that describes the continuing evolution of botnets and their new malicious uses such as click fraud. With a conservative botnet size of say, 10,000 computers, what else can an attacker use it for? One popular approach (understandably so) is to use the botnet to make easy money. Advertising networks, [...]
CNet reports that a Tor server admin in Germany was arrested back in July. The police were investigating a bomb threat posted to an online forum for German police officers. The police traced one of the objectionable posts on the forum to the ip address for Janssen’s server. Up until his arrest, Alex Janssen’s Tor [...]
Jacob Vincent Green-Bressler of Tucson, Arizona will be jailed for seven years after pleading guilty to aggravated identity theft and conspiracy offences. Green-Bresseler bought stolen credentials on rouge IRC networks that were obtained through phishing scams from countries including Vietnam, Pakistan, Egypt, The Philippines, Macedonia, Romania, Estonia, Canada, Russia, the UK, Mexico, Australia and France.
Wouter Coekaerts has posted an alert to various Security mailing list last month alleging vulnerabilities in multiple “Now Playing” scripts and IRC clients that display the current music track being played. While he admits that bug would be very difficult to exploit he warns that every script and chat client with “now playing” he tested [...]
