Internet Anthropologist Think Tank: Ops and Intel update

  • Search our BLOG


  • HOME
    Terrorist Names SEARCH:
    Loading

    Saturday, January 05, 2008

    Ops and Intel update


    Realplayer Vulnerability DON'T USE:
    Published: 2008-01-04,
    Last Updated: 2008-01-05 20:13:55 UTC
    by Scott Fendley (Version: 5)

    Good morning everyone,

    Earlier this week, Evgeny Legerov reported a vulnerability involving Real Player which could allow an attacker to execute code on victim computers. At this moment in time, there is no patch or other work around for this vulnerability though I would expect that limiting end-user privileges would limit the potential risk.

    Until an update is available, I recommend that you limit viewing multimedia content using Real Player. It would be worthwhile to plan to add this future update into the mix with any operating system updates which are scheduled to be released soon.

    For more information on this vulnerability, please see:

    http://secunia.com/advisories/28276/
    http://www.frsirt.com/english/advisories/2008/0016

    Update 15:10 UTC: While you're at it, consider blocking access to uc8010-dot-com. If you do a Google Search for this domain, you'll understand why: Lots of injecting of a mailicious 0.js from this domain is currently going on, plenty of web sites seem to contain this booby trap. One of the IFRAMES fetched from this site, the file "r.htm" contains a RealPlayer exploit. Still the one from last month (www.kb.cert.org/vuls/id/871673) but if they happen to re-tool to the new vulnerability, things might get ugly.

    XXXXXXXXXXXXXXXXXXXXXX

    XXXXXXXXXXXXXXXXXXXXXXXXXXX

    XXXXXXXXXXXXXXXXXXXXXXXX

    Washington Post Foreign Service
    Saturday, January 5, 2008; Page A11

    MILAN, Italy -- In an age of spy satellites, security cameras and an Internet that stores every keystroke, terrorism suspects are using simple, low-tech tricks to cloak their communications, making life difficult for authorities who had hoped technology would give them the upper hand.

    Across Europe, al-Qaeda operatives and sympathizers are avoiding places that they assume are bugged or monitored, such as mosques and Islamic bookshops, counterterrorism experts said. In several cases, suspects have gone back to nature -- leaving the cities on camping trips or wilderness expeditions so they can discuss plots without fear of being overheard.

    In Britain, a man who called himself "Osama bin London" is among five people being tried on charges of operating terrorist training camps in remote areas, sometimes under the guise of paintball fights in the woods. The camps' participants included four men who later tried to set off backpack bombs on the London transit system on July 21, 2005.

    SOURCE:

    g



    .



    Labels: , ,

    0 Comments:

    Post a Comment

    Subscribe to Post Comments [Atom]

    << Home