[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [ProgSoc] Re: [ADMIN] imap & pop




--
Nigel Sheridan-Smith
PhD research student

Faculty of Engineering
University of Technology, Sydney
Phone: 02 9514 7946
Fax: 02 9514 2435
 

> -----Original Message-----
> From: owner-progsoc@xxxxxxxxxxxxxxxxxx [mailto:owner-
> progsoc@xxxxxxxxxxxxxxxxxx] On Behalf Of Christian Kent
> Sent: Tuesday, 13 December 2005 7:06 PM
> To: Nigel Sheridan-Smith
> Cc: progsoc@xxxxxxxxxxx
> Subject: RE: [ProgSoc] Re: [ADMIN] imap & pop
> 
> 
> 
> On Tue, 13 Dec 2005, Nigel Sheridan-Smith wrote:
> 
> > fact, I remember distinctly some of the presenters at RUXCON 2005 giving
> > demonstrations of how bad Mac OS X security is, and how the *BSD
> variants
> 
> I actually had a chat to those guys (Body by Jake, and Mates, etc), and
> they seemed to be a bit incredulous that some Mac users would have all
> their services turned off, or be behind NAT;  despite the fact that the
> first was rather easy -- and a default install setting -- and that the
> second was rather common nowadays.
> 

Those guys were from SureSec:

http://www.suresec.org/ad.htm

They list 4 vulnerabilities for Mac OS X but it is not clear if they have
been patched yet from this web site... still at one point eEye Digital
Security had several Microsoft vulnerabilities that had been reported and
not fixed for 100-200 days on average only a few years ago. Thankfully, that
situation has now improved dramatically!

I finally found the news story I read, only 2-3 weeks ago (see below)...

Nigel


Hackers hit media players
Correspondents in New York
NOVEMBER 23, 2005  
 
ONLINE criminals shifted their attacks from operating systems to media
players and other software in 2005, a new study has found.

Among the software programs that attackers are now targeting are anti-virus
software as well as programs used to listen to online audio and video
programing, the non-profit SANS Institute reported. 
Attackers are changing their targets after internet service providers and
operating systems designers such as Microsoft started fixing their systems
following a barrage of worms, viruses and other online threats in recent
years. 

The group's "SANS Top20" report identifies the 20 most targeted software
flaws that criminals use to infiltrate computers. 

Top Windows vulnerabilities include Microsoft's Internet Explorer web
browser, Office and Outlook Express. The report also listed Apple's OS X
operating system as the most vulnerable Unix operating system. 

Network devices such as routers and switches also are being targeted, SANS
said. Cisco made the list with its "IOS" router product line. 

"Network devices often have on-board operating systems and can be programmed
like computers," the group said in a statement. "Compromises of network
devices can provide attackers one of the most fruitful platforms for
eavesdropping and launching targeted attacks." 

SANS released the study in cooperation with the US Department of Homeland
Security's Computer Emergency Response Team, the UK's National
Infrastructure Security Co-Ordination Centre and Canada's Cyber Incident
Response Centre. 

Reuters 




-
You are subscribed to the progsoc mailing list. To unsubscribe, send a
message containing "unsubscribe" to progsoc-request@xxxxxxxxxxxxxxxxxxx
If you are having trouble, ask owner-progsoc@xxxxxxxxxxxxxxxxxx for help.