IE7 0day expanded to include IE6 and IE8(beta), (Fri, Dec 12th) - Microsoft has updated Security Advisory (961051) to include Microsoft Internet Explorer 6 and Window ...(more)... [SANS Internet Storm Center]

Ugh.

Previous updates on this threat make this very grim. The exploit is being spread via SQL injection attacks too: MSIE 0-day Spreading Via SQL Injection

Spam Levels Creep Back Up 2 Weeks After McColo Shutdown - InfoSec News: Spam Levels Creep Back Up 2 Weeks After McColo Shutdown: http://www.eweek.com/c/a/Security/Spam-Levels-Creep-Back-up-Two-Weeks-After-McColo-Shutdown/

By Brian Prince
eWEEK.com
2008-11-25

Spam levels appear to be rising again after a steep decline.

According to researchers at MessageLabs, now part of Symantec, spam
volumes have doubled since last week. [...] [InfoSec News Mailing List]

MS - new malware using an ms08-067 exploit gained momentum, (Wed, Nov 26th) - In Tuesday's blog More MS08-067 Exploits Microsoft said that new malware using an ms08-0 ...(more)... [SANS Internet Storm Center]

... that said, if you haven't patched, and/or you are allowing random TCP/139 and TCP/445 traffic through your perimeter from untrusted networks, then you probably have bigger problems to worry about than a bit of malware hitting MS08-067.

BREAKING -- The Julie Amero horror is over - "After 4 years and 2 months, Julie Amero is now free. You ll recall that Julie Amero was convicted of 4 felony counts, each count carrying a maximum of 10 years, for exposing school children to pornography.

Grendel-Scan got a quick mention on Paul Asadoorian's webcast on penetration testing (unfortunately, it was "pentesting for dummies") and I wonder if that will make sitting through - ok, I multitasked (read: didn't pay attention) - the webcast worthwhile.

Microsoft Announces Plans for No-Cost Consumer Security Offering

A bit of administrivia, with little likely impact: the name of this site (and the domain under which it lives) are changing.

www.securedaemon.net -> security.cluebat.ca

Please change any bookmarks or links you might have, the old domain (i.e., any URL like http://securedaemon.net ot http://www.securedaemon.net) will be automatically redirected to the new FQDN.

Chris

US Government Moves Fast on DNSsec - I honestly didn’t think I would live to see it, and this interview with Mockapetris about DNSsec adoption didn’t help.

Simply put, it has been a good week for the good guys. McColo, identified as responsible for over 75% of spam, was shutdown earlier this week thanks to the hard work of Brian Krebs at the Washington Post.

Study shows how spammers cash in - InfoSec News: Study shows how spammers cash in: http://news.bbc.co.uk/2/hi/technology/7719281.stm

BBC News
10 November 2008

Spammers are turning a profit despite only getting one response for
every 12.5m e-mails they send, finds a study.

By hijacking a working spam network, US researchers have uncovered some [...] [InfoSec News Mailing List]