Monday, December 29, 2008

birdmen in the sky


Tuesday, December 23, 2008

Another MS SQL 0-day exploit itw: Microsoft SQL Server sp_replwritetovarbin (thanks God it wont be another slammer)

3 years after slammer, probably the fastest spreading worm ever, caused mayhem, a zero-day ms-sql exploit is out there in the wild...

Microsoft Security Advisory (961040)

Anyone who have seen slammer in action wont never forget how powerful that worm is. Curious enough, more than 2 years later, in 2007 while I was helping the guys who manage one of Italy's biggest data center, the IPS there keep on detecting slammer 376-bytes packets.

I don’t think another ms sql will cause same spearding power as slammer, as these days, only ignorant people will leave UDP port 1434 open...


PS: the identity of slammer's author was never discovered, as the patient 0...


Thursday, December 18, 2008

you are heimskur!

heimskur is stupid in icelandic..
but heimskur is also means stay at home...

because stupid people should stay at home
because you are stupid if you stay a home


Wednesday, December 17, 2008

IE zero day vulnerability

something is in the air...

this is a BIG deal any IE zero day vulnerability



ORI: 10 Dec 2008


Monday, December 15, 2008

$50 billion hole in a pyramid scheme

I'm speechless.

what to say about $50 billion hole in a pyramid scheme?

when we analyze this economic crisis, we can be blame people who work in financial companies.. they earn TONS of money but creates nothing except disaster... many people lost their live savings.

it is worst than zero sum game

but nothing compares to $50 billion hole in pyramid scheme arranged by Bernard Madoff ex NASDAQ chairman...

on second thought, pension system in some countries is actually a legalized pyramid scheme...

On further note, many investors who invest in Bernard L. Madoff Investment Securities LLC KNEW Bernie had to be cheating, because the returns he was generating were impossibly good. But they thought it was insider trading, not a Ponzi scheme.

What the hell is the regulators & the auditors were doing???


Wednesday, December 10, 2008

WTF!!! another WMF vulnerability - meaning remote code execution

A vulnerability in GDI allow remote code execution...

Imagine if with IE you access a site that host malicious WMF file <~ drive by install scenario :(