__/ [ Mark Kent ] on Saturday 18 November 2006 19:13 \__
> begin oe_protect.scr
> Doug Mentohl <doug_mentohl@xxxxxxxxxxxxx> espoused:
>> "hackers ..planted a backdoor virus program on the Website of China
>> Unionpay, the country's only national electronic payment network
>> operator, that may result in customer information being leaked"
>>
>> "The backdoor program, Backdoor.BlackHole.2005.a, is capable of
>> hijacking customer's computers when they visit the Website"
>>
>> http://english.people.com.cn/200611/18/eng20061118_322836.html
>>
>> Windows 2000 Microsoft-IIS/5.0 18-Nov-2006
>>
>> Red-Hat/Linux Apache/1.3.19 28-May-2002
>>
>> http://uptime.netcraft.com/up/graph?site=www.chinaunionpay.com
>>
>> excuses fuddie ..
>
> Oh, what stupid, stupid people would swap out LAMP for Windows/IIS -
> particularly where you need security. This is an error of such enormous
> proportion that heads should role. I mean roll.
I could not agree more. Here's my bank.
http://toolbar.netcraft.com/site_report?url=https://www.nwolb.com
Several of these are Windows 2000!!! 2 "critical" exploits in the wild.
Didn't they patch 5 "critical" flaws on Tuesday?
Royal Bank of Scotland 155.136.72.107 Windows Server 2003 Microsoft-IIS/6.0
3-Sep-2006
Royal Bank of Scotland 155.136.72.107 Windows Server 2003 Microsoft-IIS/6.0
29-Aug-2006
Royal Bank of Scotland 155.136.72.107 unknown Microsoft-IIS/6.0 16-Aug-2006
Royal Bank of Scotland 155.136.72.107 Windows Server 2003 Microsoft-IIS/6.0
4-Jun-2006
Royal Bank of Scotland 155.136.72.107 Windows Server 2003 Microsoft-IIS/6.0
7-Dec-2005
Royal Bank of Scotland 155.136.72.30 Windows Server 2003 Microsoft-IIS/6.0
7-Sep-2005
Royal Bank of Scotland 155.136.72.30 Windows 2000 Microsoft-IIS/5.0
8-May-2004
Royal Bank of Scotland 155.136.72.30 Windows 2000 Microsoft-IIS/5.0
18-May-2002
Royal Bank of Scotland 194.202.168.220 Windows 2000 Microsoft-IIS/5.0
18-Jul-2001
Natwest Online 62.172.189.210 OS/390 IBM HTTP Server/V5R1M0 21-Fe
If money goes missing, it's /my/ time that will be spent chasing it. I also
need to keep track of the balance and inform others, just in case. To make
matters worse, I imagine that interest rates and commission (among other
factor) will be negatively affected to account for extra security staff,
software licensed (Ballmer's profit), insurance and compensation for
damages. Also see:
One in ten online shoppers faces Yuletide attack
,----[ Quote ]
| Big insecurity chief, Micheal Greene, from PC Tools reckons that one in
| ten online shoppers are going to face an attack from Sypware, Adware,
| Aalware or Steal-your-indenity-ware. With online shopping reaching
| $10 billion during last years holiday season, this is prime time for
| phishers and hackers to be plying their trade.
|
| Greene continues by saying that many people simply aren't aware that
| online shopping can cause problems exposing them to indentity theft
| and infection of their PC's.
`----
http://www.theinquirer.net/default.aspx?article=35674
Pervy hacker gets ten years
,----[ Quote ]
| Thirty-six year-old Adrian Ringland of Ilkeston in Derbyshire pleaded
| guilty to forcing schoolgirls to send him explicit pictures after
| having infected their computers with a Trojan horse. The man posed
| as a teen in chatrooms and gained the trust of the girls, before
| planting malicious software onto their PCs. He masked the Trojan
| as a picture of himself, but once opened, he had full access to
| their computers and used the Trojan to blackmail the teens into
| sending explicit pictures.
|
| [...]
|
| Security folks over at Sophos are warning that it's only a matter
| of time before this happens again - "These children will not be the
| last to be abused via the internet using spyware," senior
| technology consultant for Sophos Graham Cluley said.
`----
http://www.theinquirer.net/default.aspx?article=35666
T'is the season to be ripped off...
,----[ Quote ]
| Online fraudsters are gearing up for the massive increase in consumer
| online shopping due to take place over the festive season. One in 10
| holiday shoppers can expect some form of spyware, adware, or other
| internet attack as they conduct transactions on the web, according
| to net security firm PC Tools.
`----
http://www.theregister.co.uk/2006/11/13/xmas_safe_shopping/
Needless to mention, there's also the NHS...
,----[ failed NHS project cost $12 billion ]
| The players under the microscope .. Accenture, Microsoft, iSoft
|
| http://www.baselinemag.com/article2/0,1540,2058194,00.asp
|
|
| "Microsoft .. is working particularly closely with iSOFT on the
| development of Lorenzo, the core clinical solution .. being built on
| Microsoft's .Net web services technology"
|
| http://www.e-health-insider.com/news/item.cfm?ID=700
`----
There's the BBC...
BBC Looks To Microsoft For Web 2.0
,----[ Quote ]
| However, you don't sign deals or commitments if you're a quasi-autonomous
| Public Corporation operating as a public service broadcaster, as the BBC
| is. BBC Director General Mark Thompson met Microsoft Chairman Bill Gates
| in Seattle on Wednesday to sign the non-exclusive memorandum of
| understanding and discuss the BBC's digital strategy.
`----
http://www.forbes.com/2006/09/28/bbc-microsoft-internet-cx_cn_0928bbc.html?partner=yahootix
The list goes on and on, I assure you...
Best wishes,
Roy
--
Roy S. Schestowitz | "Turn up the jukebox and tell me a lie"
http://Schestowitz.com | Free as in Free Beer ¦ PGP-Key: 0x74572E8E
Load average (/proc/loadavg): 0.49 0.77 0.95 2/148 27062
http://iuron.com - semantic search engine project initiative
|
|
