Crafty Syntax Live support Help - Free download and open source:
"A multi-user, multi-operator, multi-department live Help support chat system that allows the operators of the websites to monitor their visitors as they are browsing the site and proactively open a chat session with the visitor. Is in PHP and uses either Mysql or Text based database . Other features include AUTO INVITE!, referer tracking, page tracking, chat notification, user is typing message, multiple chat sessions, sound alert, leave a message if offline, push urls, quick responses, and multiple operators. runs on your server and is open source GPL."
http://www.craftysyntax.com/CSLH/
Saturday, March 27, 2004
Thursday, March 25, 2004
Online Swindlers, Called 'Phishers,' Lure Unwary:
"EarthLink, the big Internet access provider, went hunting for phishers.
It started a campaign to track down people who were sending e-mail messages that pretended to be from EarthLink but were actually fraudulent attempts to steal customers' passwords, credit card numbers and other information. What it found was that of the dozen or so people it could clearly identify as engaged in the practice known as phishing, more than half were under 18."
http://www.nytimes.com/2004/03/24/technology/24PHIS.html?pagewanted=all&position=
"EarthLink, the big Internet access provider, went hunting for phishers.
It started a campaign to track down people who were sending e-mail messages that pretended to be from EarthLink but were actually fraudulent attempts to steal customers' passwords, credit card numbers and other information. What it found was that of the dozen or so people it could clearly identify as engaged in the practice known as phishing, more than half were under 18."
http://www.nytimes.com/2004/03/24/technology/24PHIS.html?pagewanted=all&position=
Hotmail, Yahoo Users at Risk of PC Takeover:
"A potentially serious security flaw found in Web-based e-mail services offered by Microsoft and Yahoo could put millions of PCs at risk of takeover, an Internet security research firm warned Tuesday.…"
The vulnerability only affects Hotmail and Yahoo running on Microsoft's Internet Explorer (IE) browser.
"When the victim attempts to read this email, the code executes and may result in severe consequences," the company said. Successful exploit could lead to theft of a user's login and password, disclosure of the content of any e-mail in the mailbox and disclosure of all contacts within the address book.
Additionally, GreyMagic said the attacker could manipulate the system to automatically send e-mails from the mailbox and to exploit vulnerabilities in IE to access the user's file system and eventually take over his or her machine.
The company said Microsoft reacted to its warning with a fix for the flaw. However, GreyMagic said all attempts to contact Yahoo's security department failed, meaning that Yahoo's users are still vulnerable. Efforts by internetnews.com to contact Yahoo at press time were unsuccessful.
…the vulnerability makes use of an IE technology called HTML+TIME (based on SMIL), which is meant to add timing and media synchronization support to HTML pages.
One of the features of HTML+TIME is the ability to manipulate any attribute on an element via special control elements.…
http://www.internetnews.com/dev-news/print.php/3329821
"A potentially serious security flaw found in Web-based e-mail services offered by Microsoft and Yahoo could put millions of PCs at risk of takeover, an Internet security research firm warned Tuesday.…"
The vulnerability only affects Hotmail and Yahoo running on Microsoft's Internet Explorer (IE) browser.
"When the victim attempts to read this email, the code executes and may result in severe consequences," the company said. Successful exploit could lead to theft of a user's login and password, disclosure of the content of any e-mail in the mailbox and disclosure of all contacts within the address book.
Additionally, GreyMagic said the attacker could manipulate the system to automatically send e-mails from the mailbox and to exploit vulnerabilities in IE to access the user's file system and eventually take over his or her machine.
The company said Microsoft reacted to its warning with a fix for the flaw. However, GreyMagic said all attempts to contact Yahoo's security department failed, meaning that Yahoo's users are still vulnerable. Efforts by internetnews.com to contact Yahoo at press time were unsuccessful.
…the vulnerability makes use of an IE technology called HTML+TIME (based on SMIL), which is meant to add timing and media synchronization support to HTML pages.
One of the features of HTML+TIME is the ability to manipulate any attribute on an element via special control elements.…
http://www.internetnews.com/dev-news/print.php/3329821
Wednesday, March 24, 2004
Netsky.P Spreads Through Ancient Security Hole:
"McAfee's Avert labs is reporting that a new variant of the Netsky worm, Netsky.P, is spreading quickly. Both McAfee and Trend Micro Inc. rate Netsky.P as a 'medium' threat and Symantec Corp. has rated it a '2' (for 'Low,' on a scale of 1 to 5). This is the first new variant of Netsky seen in about a week, a long hiatus for recent times. "
This new variant is very much like other Netsky versions with two differences, according to Vincent Gullotto, vice president of the McAfee Avert Virus and Vulnerability Emergency Response Team. The initial seeding of the worm, referring to the initial group of users to whom the virus author distributed it, appears to have been in Australia. It's not clear whether or how this would facilitate spreading of the worm, but it is unusual.
The other interesting and unusual characteristic of this worm is that is utilizes a very old vulnerability in Internet Explorer, the Incorrect MIME Header (MS01-020) bug. This bug, patched almost three years ago, allowed a hostile HTML e-mail to execute arbitrary code if viewed in the preview pane of a mail client.
Once very much in vogue among virus writers, it has fallen into disuse in recent times.…
http://www.eweek.com/article2/0,1759,1552315,00.asp?kc=EWNWS032204DTX1K0000599
"McAfee's Avert labs is reporting that a new variant of the Netsky worm, Netsky.P, is spreading quickly. Both McAfee and Trend Micro Inc. rate Netsky.P as a 'medium' threat and Symantec Corp. has rated it a '2' (for 'Low,' on a scale of 1 to 5). This is the first new variant of Netsky seen in about a week, a long hiatus for recent times. "
This new variant is very much like other Netsky versions with two differences, according to Vincent Gullotto, vice president of the McAfee Avert Virus and Vulnerability Emergency Response Team. The initial seeding of the worm, referring to the initial group of users to whom the virus author distributed it, appears to have been in Australia. It's not clear whether or how this would facilitate spreading of the worm, but it is unusual.
The other interesting and unusual characteristic of this worm is that is utilizes a very old vulnerability in Internet Explorer, the Incorrect MIME Header (MS01-020) bug. This bug, patched almost three years ago, allowed a hostile HTML e-mail to execute arbitrary code if viewed in the preview pane of a mail client.
Once very much in vogue among virus writers, it has fallen into disuse in recent times.…
http://www.eweek.com/article2/0,1759,1552315,00.asp?kc=EWNWS032204DTX1K0000599
Fast-Moving Worm Crashes Computers:
"Witty, a new worm that hit the Internet Saturday, looked late Monday to be running down. It corrupts the hard drives of machines running vulnerable versions of ISS' BlackIce products."
The Witty worm, which took hold of the Internet for a short time during the weekend, appears to have peaked thanks to its habit of destroying the machines it infects.
Witty made a dramatic entrance Saturday morning, quickly infecting more than 6,000 computers, which then began scanning the Internet for other machines to attack. But within 24 hours, the number of Witty-infected PCs scanning the Internet had dropped to around 2,000. That number dropped even further, to around 1,000 machines by Monday morning, according to data compiled by The SANS Institute, based in Bethesda, Md.
Unlike most worms, which exist for the lone purpose of spreading themselves, Witty is capable of corrupting the hard drives of infected machines, preventing normal operation of the PC and eventually causing it to crash. The worm attacks via random UDP ports; however, it always comes from UDP source port 4000, according to various analyses of the code by security experts. Infected machines will begin sending out large amounts of UDP traffic as the worm attempts to infect other machines.
Rebooting an infected machine appears to remove the worm, experts said on the weekend.
The main reason for the drop-off seems to be that Witty gradually corrupts the hard drives of infected machines, eventually causing them to crash and preventing them from scanning any longer. At the peak of the outbreak Saturday, SANS was seeing as many as 300,000 Witty-related packets per hour. Witty exploits a flaw in a component of Internet Security Systems Inc.'s BlackIce protection software. The vulnerable component also is found in several other ISS products, but the Atlanta-based company said they are not susceptible to the worm.
Once it infects a given machine, the worm generates a random IP address and sends its payload to that PC. It repeats this process 20,000 times, then turns its attention back to the local machine it's on. Witty opens a random drive on the PC and writes 65 kb of data to a random location.…
http://www.eweek.com/article2/0,1759,1552000,00.asp?kc=EWNWS032204DTX1K0000599
"Witty, a new worm that hit the Internet Saturday, looked late Monday to be running down. It corrupts the hard drives of machines running vulnerable versions of ISS' BlackIce products."
The Witty worm, which took hold of the Internet for a short time during the weekend, appears to have peaked thanks to its habit of destroying the machines it infects.
Witty made a dramatic entrance Saturday morning, quickly infecting more than 6,000 computers, which then began scanning the Internet for other machines to attack. But within 24 hours, the number of Witty-infected PCs scanning the Internet had dropped to around 2,000. That number dropped even further, to around 1,000 machines by Monday morning, according to data compiled by The SANS Institute, based in Bethesda, Md.
Unlike most worms, which exist for the lone purpose of spreading themselves, Witty is capable of corrupting the hard drives of infected machines, preventing normal operation of the PC and eventually causing it to crash. The worm attacks via random UDP ports; however, it always comes from UDP source port 4000, according to various analyses of the code by security experts. Infected machines will begin sending out large amounts of UDP traffic as the worm attempts to infect other machines.
Rebooting an infected machine appears to remove the worm, experts said on the weekend.
The main reason for the drop-off seems to be that Witty gradually corrupts the hard drives of infected machines, eventually causing them to crash and preventing them from scanning any longer. At the peak of the outbreak Saturday, SANS was seeing as many as 300,000 Witty-related packets per hour. Witty exploits a flaw in a component of Internet Security Systems Inc.'s BlackIce protection software. The vulnerable component also is found in several other ISS products, but the Atlanta-based company said they are not susceptible to the worm.
Once it infects a given machine, the worm generates a random IP address and sends its payload to that PC. It repeats this process 20,000 times, then turns its attention back to the local machine it's on. Witty opens a random drive on the PC and writes 65 kb of data to a random location.…
http://www.eweek.com/article2/0,1759,1552000,00.asp?kc=EWNWS032204DTX1K0000599
Subscribe to:
Posts (Atom)
Posts
