Free Republic

Some troubling observations & "Jonesian" similarities. (video)

9/11: Stories of Courage, Heroism and Generosity We are pleased to announce 9/11: Stories of Courage, Heroism and Generosity with an introduction from Tim Zagat, Co-founder and CEO of Zagat Survey, along with contributions from former New York City Mayor Rudy Giuliani and former New York Governor George Pataki. Upon reflection of the 9/11 attacks, the random acts of kindness displayed by selfless individuals are too often overlooked. As the 10-year anniversary of this fateful day approaches, Zagat honors these heroes for their contributions to rebuilding and uniting a country in the wake of destruction. Order Now: Regular Price: $24.95...

"Here You Have" Virus Email spreading. DHS US-CERT Computer Emergency Readiness Team looking into issue. will issue bulletin.

The upcoming Black Hat security conference in Las Vegas offers an annual parade of security researchers revealing new ways to break various elements of the Internet. But few of the talks have titles quite as alarming as one on this year's schedule: "How to Hack Millions of Routers."Craig Heffner, a researcher with Maryland-based security consultancy Seismic, plans to release a software tool at the conference later this month that he says could be used on about half the existing models of home routers, including most Linksys, Dell, and Verizon Fios or DSL versions. Users who connect to the Internet through...

Malware-infected USB key the culprit. Delegates to AusCERT, Australia's premier information security event held this week on the Gold Coast, have taken home a little of the stuff they spent the week agonising over - a virus. In an email this afternoon, IBM advised visitors to its AusCERT booth that its complimentary USB key was infected with a virus. An IBM spokesman and conference organisers confirmed the email was genuine. It is the second time in two years that clumsy exhibitors have infected their customers with viruses. "At the AusCERT conference this week, you may have collected a complimentary USB...

The co-founder of progressive blog The Huffington Post, Arianna Huffington, has attributed the West Virginia mining disaster, along with virtually every other accident under the sun, as a direct result of small-government and corporate greed in the April 13 Huffpo column "The West Virginia Mining Disaster and the Financial Crisis Have the Same Root Cause." "Officials say it's too soon to pinpoint the exact cause of the tragic explosion at the Upper Big Branch mine in West Virginia that took the lives of 29 miners, but we certainly know enough to identify the root cause," Huffington began. "It's the same...

Democratic Socialists of America (DSA) is an highly influential organization. While only 6,000 strong, DSA has considerable strength in the labor movement, non profits, education and inside the Democratic Party. While Marxist based, DSA’s innocuous sounding name, allows the organization to operate in ways and places that their allies in the the Communist Party USA cannot. After using its clout to push through “healthcare reform” DSA is now using its influence in the giant union SEIU, to promote “immigration reform”.

Say, Charles -- it's been awhile! But we're pleased as punch to see that you're back to your old ways, poking around within OS X's mainframe just looking for ways to remotely control the system, snag credit card data and download a few interoffice love letters that are carefully stashed 15 folders down within 'Documents.' The famed Apple security expert is planning yet another slam on OS X at CanSecWest, where he'll reveal no fewer than 20 zero day security holes within OS X. According to Miller, "OS X has a large attack surface consisting of open source components, closed...

The Holocaust only gets media coverage because of affluent Jews' financial backing, military might and lobbying fronts, presenting a skewed version of events to the world, a high-ranking Polish bishop told a Catholic news portal on Monday. Tadeusz Pieronek, a Polish bishop and professor and a friend of the last pope, John Paul II, claimed that "the Holocaust as such is a Jewish invention" promoted in the press by Jews to gain support for Israel. Pieronek told the Web site Pontifex.roma that while the Holocaust was not exclusively Jewish, Jews had monopolized it in lieu of encouraging "serious historical debate,...

Security researchers yesterday said they'd discredited Microsoft's claim that the year's first critical Windows vulnerability would be "difficult and unlikely" to be exploited by attackers. On Tuesday, Immunity Inc. updated a working exploit for the TCP/IP flaw spelled out Jan. 8 in Microsoft's MS08-001 security bulletin, and posted a Flash demonstration of the attack on its Web site. The exploit, which was released to customers of its CANVAS penetration testing software -- but is not available to the public -- was a revised version of code first issued two weeks ago. "This demonstrates conclusively that the MS08-001 IGMPv3 vulnerability is...

Fourteen-year-old Cara and her 15-year-old cousin, Stacy (not their real names) walked out of their homes in Toledo, Ohio on a rainy May day in 2005 to get milkshakes. A few blocks away, a couple driving a Lincoln Continental pulled alongside the cousins and asked if they wanted a lift. Believing the man’s claim to be a schoolmate’s father, the girls stepped into the car — and entered a nightmare world of sexual slavery. The couple drove the girls to a house and locked them in. As their families frantically searched for them, the teens were sold over and over...

E-mails containing malicious PDF files have been putting computers at risk since Friday, Finnish security software firm F-Secure said on Saturday. "The e-mails sent in bulk looked like credit card statements, and contained an attachment called 'report.pdf'," its Chief Research Officer Mikko Hypponen said in a statement. When such PDF files are viewed on vulnerable machines, they start downloading software from servers in Malaysia or Sweden, which are now being cleaned, he said. "There will be more such attacks." "We are worried about this case, as PDF attachments are typically not filtered at e-mail gateways." A security update for Adobe...

There is a major zero day bug announced in solaris 10 and 11 with the telnet and login combination. It has been verified. In my opinion NOBODY be should running telnet open to the internet. Versions of Solaris 9 and lower do not appear to have this vulnerability. The issue: The telnet daemon passes switches directly to the login process which looks for a switch that allows root to login to any account without a password. If your telnet daemon is running as root it allows unauthenticated remote logins. Telnet should be disabled. Since 1994 the cert.org team has recommended...

Exploits against the unpatched vulnerability in Microsoft's Internet Explorer are increasing and attackers are gathering momentum, researchers said Thursday. They warned that the problem would become worse if cyber criminals attack via e-mail next. "It might come to nothing, but it feels like a storm's coming," said Roger Thompson, the chief technology officer at Exploit Prevention Labs. "The potential is there. Call it a storm watch, not a storm warning." At least two different exploits have appeared this week, said Thompson, one linked to the Russian-made hacker exploit kit called WebAttacker, the other posted early Thursday on the xSec gray-hat...

Although Microsoft has acknowledged that in-the-wild exploits are taking advantage of an unpatched flaw in Internet Explorer, the developer has not committed to cranking out a fix before next month's regularly-scheduled update on Oct. 10. Users who want to protect themselves now, however, do have options. Disable the vulnerable .dll: In the security advisory posted yesterday, Microsoft suggested that users can disable the vulnerable "Vgx.dll" from the command line. -- Click Start, choose Run, and then type -- regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll -- Click OK, then click OK again in the confirmation dialog that appears. To undo the command,...

An unpatched vulnerability in all editions of Microsoft's Internet Explorer browser is being exploited, security researchers said Tuesday, with the attack dumping a broad range of adware, spyware, and Trojans onto PCs whose users simply surf to an infected or malicious site. First reported by Sunbelt Software -- although rival Internet Security Systems claimed it was the first to discover the bug -- the vulnerability is in how IE renders VML (Vector Mark-up Language), an extension of XML that defines on-the-Web images in vector graphics format. The previously unknown -- and thus unpatched -- bug inside IE is already being...

Attack code for a new security hole in Excel has surfaced on the Internet, just as Microsoft is scrambling to respond to a separate bug in the spreadsheet program. The latest vulnerability could cause Excel to crash after a malicious file is opened, according to an alert Symantec sent to customers on Monday. The security company also said there was a risk that an intruder could commandeer a PC. "Attackers may also be able to execute arbitrary code…but this has not been confirmed," it said. The security hole exists because Excel fails to properly check user-supplied input before copying it...

A dangerous new exploit in Internet Explorer could put PCs and data at risk, Microsoft has admitted. The flaw, for which code has already been published on the internet, could be exploited to set an email-borne virus free on the unsuspecting public. Potential viruses could come as an attachment that conceals the code, or could possibly redirect users to a site that will unleash the code on the user's machine, leaving the computer open to remote attack. Once the PC is being controlled by a malicious user, it can then be used to launch attacks on other PCs. Even supposedly...

Windows Vista won't have a backdoor that could be used by police forces to get into encrypted files, Microsoft has stressed. In February, a BBC News story suggested that the British government was in discussions with Microsoft over backdoor access to the operating system. A backdoor is a method of bypassing normal authentication to gain access to a computer without to the PC user knowing. But Microsoft has now quelled the suggestion that law enforcement might get such access. "Microsoft has not and will not put 'backdoors' into Windows," a company representative said in a statement sent via e-mail. The...

This is a transcript from a show Steve Gibson did with Leo LaPorte. The link to the audio is at the above link. Also, I will excerpt a little of the relevant information here.Steve: And so, you know, because I'm a developer when I'm not being a hacker, I wanted to understand - oh, and the other thing is, I want to write a robust testing application, you know, that always works all the time. So I wanted to know, like, okay, what bytes have to be set which way, what matters, what doesn't. Because, you know, that's the way...