Slashdot post: Botnet Herders Attack MS06-040 Worm Hole. "Laljeetji writes "eweek reports that the first wave of malicious attacks against the MS06-040 vulnerability is underway, using malware that hijacks unpatched Windows machines for use in IRC-controlled botnets. The attacks, which started late Aug. 12, use a variant of a backdoor Trojan that installs itself on a system, modifies security settings, connects to a remote IRC (Internet Relay Chat) server and starts listening for commands from a remote hacker. On the MSRC blog, Microsoft is calling it a very small, targeted attack that does not (yet?) have an auto-spreading mechanism. LURHQ has a detailed analysis of the backdoor."
Sounds nasty. An auto-spreading mechanism will turn this one into an epidemic. Patch now, if you haven't already.
8:17:51 PM comment []
Joho the Blog points out Authorial authoritative provenance. "Jon Udell blogs about Lorcan Dempsey's blogging of the OCLC's fuzzy matching service that searches the Library of Congress Name Authority File, finding misspelled authors' names, etc. Jon discovered that his own name was misspelled in the Authority File, and he explains the process for getting it corrected. And, Jon says, we should be making provenance and ways to correct provenance more explicit."
8:52:26 AM comment []
