Idiocracy Alert – Phone to Human virus

Some people in the middle eastern parts of the world including Pakistan have been shaken by phone SMS messages warning them about the existence of a phone to human virus. This hoax, just like many we JUNK in Outlook, had forced public figures to release … “Idiocracy Alert – Phone to Human virus”

Read More

Every cloud has a Silverlight

Look out Flash, here’s come another ray of light, called Silverlight. Silverlight is Microsoft’s answer to rich web applications which previously dominated by Macromedia Flash. I tried some of the samples, looks like it can do pretty much what Flash can, like, play games, watch … “Every cloud has a Silverlight”

Read More

W32.Rinbot – Exploitation of Windows DNS and other vulnerabilities

It comes as no surprise that the exploitation of the MS DNS issue is out and around. According to Symantec, this particular worm executes several vulenrability checks (much like a security scanner) and exploits those that are vulnerable. In short, the process is completely automated … “W32.Rinbot – Exploitation of Windows DNS and other vulnerabilities”

Read More

WARNING – DNS Zero day exploit code is public

My previous post talks about the DNS vulnerability and now the exploit codes are available and are being used already to VERY EASILY EXPLOIT DNS servers especially within an organization (typically). No one in their right mind would publish RPC over the internet, right.., right..!!?? … “WARNING – DNS Zero day exploit code is public”

Read More

Windows 2000/2003 DNS Server Service Zero Day Exploit

A new buffer overflow vulnerability with the RPC protocol for managing the DNS service in Windows 2000 (all SPs) and Windows 2003 (all SPs) has been discovered by hackers. Upon successful execution of this exploit, the attacker can run code with the security equivalent of … “Windows 2000/2003 DNS Server Service Zero Day Exploit”

Read More

Spam Storm

Some sources have confirmed a highest number of spam since 12 months ago containing security related messages and request users to patch files etc. Please be very careful, i do not know any klutzy security companies that send updates via emails. WELL THEY DON’T. Have … “Spam Storm”

Read More

Checklist for designing Active Directory

Well, i walked the web for a while now and finally i had to make a checklist myself of designing Active Directory. I hope this super simple guide helps presales, consultants and other enthusiasts out there.. 10 Hot-checklist for Implementing/Designing Active Directory:NOTE: Please know AD … “Checklist for designing Active Directory”

Read More

Vista updates

Yesterday (Apr 10, 2007), Microsoft released 4 to 5 updates for Vista. I downloaded and patched the CSRSS manually and got 4 updates on WindowsUpdate program. Also, there’s a couple of high criticality vulnerabilities on Windows and anyone running Windows should immediately run Windows update. … “Vista updates”

Read More

Active Directory Bulk Editing GUI

What do you want to bulk modify today? Tired of writing VB scripts to modify Active Directory object attributes (users, groups, etc) then try out Microsoft Exchange team’s ADModify.net. This is a cool tool do perform bulk modification of attributes of Active Directory and / … “Active Directory Bulk Editing GUI”

Read More