Join the God Side, Jesus is Coming…….

Archive for August, 2008

“Unable to start processing Services” on MS Outlook

If you received and error “Unable to start processing Services” after you open MS Outlook.  Some of the things to troubleshooting the problem would be:

  1. Use the commands: Ipconfig /release and then ipconfig /renew
  2. Try to create a new profile
  3. Reinstall MS Outlook

Any of this would help you.

Advertisements

Malware Circulating via Russia/Georgia Conflict

Malware circulating via spam email messages related to the Russia/Georgia conflict. These messages contain factual information about the conflict. The messages also contain download instructions for the user to watch a video that is attached to the message. If a user opens the attachment, malware may be downloaded and installed onto their system.

For more info

HTTPS: Surf jacking makes it vulnerable

Cookies and redirection seem to be this year’s “attack vector du jour.” At DefCon, Mike Perry gave a rather disconcerting talk about surf jacking and how it can be used to capture SSL session cookies. Michael Kassner would like to explain how surf jacking compromises HTTPS security.

More info: techrepublic

Microsoft Releases August Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, Internet Explorer, Outlook Express, Windows Mail, and Windows Messenger as part of the Microsoft Security Bulletin Summary for August 2008. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information.

so update your Machine.

From: US-CERT

Joomla! Password Reset Vulnerability

The Joomla! Project has released an advisory to address a password reset vulnerability in the Joomla! content management system. This vulnerability, which may allow non-validating tokens to be forged, is
due to a flaw in the reset token validation mechanism. Exploitation of this vulnerability may allow an unauthenticated attacker to reset the password of the first enabled user, which is typically an
administrator user.

From: US-CERT

A Good Reason To Go Full-Time SSL For Gmail

“A tool that automatically steals IDs of non-encrypted sessions and breaks into Google Mail accounts has been presented at the Defcon hackers’ conference in Las Vegas. Last week, Google introduced a new feature in Gmail that allows users to permanently switch on SSL and use it for every action involving Gmail, not just authentication. Users who did not turn it on now have a serious reason to do so, as Mike Perry, the reverse engineer from San Francisco who developed the tool, is planning to release it in two weeks.”

By: Ashik Ratnani

Airline E-ticket Email Attack

This attack uses email messages that appear to be from
legitimate airlines and contain information about a bogus e-ticket.
These email messages instruct the user to open the attachment to
obtain the e-ticket. If a user opens this attachment, a file may be
executed to infect the user’s system with malicious code. Read more…

Tag Cloud