We’ve heard of emails spamming links to download a worm, now we have a WORM link being spammed through AIM. This link is currently being spammed on AIM, http://{blocked}rs.i989.net/indx.php, which is actually a copy of WORM. We already gave the downloaded file to the service team for detection, ill update this later for the name.Update…

Microsoft and Yahoo have made an announcement to make MSN Messenger and Yahoo! Messenger compatible. They estimate this to be done by the second quarter of 2006. Here are some features that will be available for the two Instant Messsenger ApplicationsExchang messages between MSN and Yahoo!Compatible friends lists, emoticons and features of each IM. Read…

PoCs to exploit three of the new MS Vulnerabilities have already been released byImmunitysec. Below are the dates of release and the vulnerability which has been exploited October 11, 2005: MS05-046 (Netware) PoC remote exploit for the Netware bug https://www.immunitysec.com/downloa{BLOCKE}artners/ms_netware.tar.gz October 11, 2005: MS05-051 (MS DTC) Trigger for the bug in MS DTC on Windows…

We’ve just gotten hold of an exploit for WinRar and we’ve tested/created our own POC (based on the original one) and yes, it works (tested on WinXPSp2, Winrar v.3.41).How it works The POC works by submitting a loong string (~530 bytes) as an argument to WinRar.exe. WinRar crashes on this, we get our buffer overflow,…

Note: Data below are based on the Virus Encyclopedia entry for SYMBOS_COMWAR.C which has been available since October 16, 2005. Some very interesting twists have been added to this new variant…looks like its evolving and are learning new tricks and social engineering skills.:) Aside from spreading through bluetooth it also sends itself as an MMS…