News Stay informed about the latest enterprise technology news and product updates.

Security Bytes: SCO attacked … again

Also, MailEnable and Gentoo fix flaws; active phishing attacks double.

SCO Web site hacked
SCO Group's Web site was hacked and defaced Monday in a move that appeared to target the company's claims to elements of the Linux operating system, CNET reported. The site was breached sometime before 5:30 a.m. PST Monday, when a graphic was inserted atop the home page that read "we own all your code" and "pay us all your money." The spoof used the same fonts and colors employed throughout the company's site, along with a copy of the software maker's official logo. It was the latest in a string of attacks against SCO this year. In one attack, a variant of Mydoom disabled the site, forcing SCO to resort to an alternate Web address. The latest assault was aimed at SCO's long-running campaign seeking compensation from companies that sell and use the Linux operating system. The company launched a lawsuit against IBM last year, claiming it illegally incorporated into its Linux software some source code from the Unix operating system, which SCO claims to control, CNET reported.

MailEnable flaws fixed
MailEnable Enterprise Edition users should apply a hotfix that closes vulnerabilities an attacker could exploit to remotely access compromised machines, according to an advisory from Danish security firm Secunia. "The vulnerabilities are caused due to boundary errors within the IMAP service and can be exploited by either sending an overly long string (about 8,198 bytes), or sending more than 432 bytes and then terminating the connection," Secunia said. "The vulnerabilities have been reported in MailEnable Professional 1.52 and MailEnable Enterprise Edition 1.01. Prior versions may also be affected." The vulnerabilities were discovered by researcher Nima Majidi of Hat-Squad.

Gentoo fixes phpMyAdmin flaws
Gentoo has fixed multiple cross-site scripting vulnerabilities in phpMyAdmin an attacker could use to launch malicious script code and compromise the victim's browser. The Linux vendor said researcher Cedric Cochin discovered the vulnerabilities, which "can be exploited through the PmaAbsoluteUri parameter, the zero_rows parameter in read_dump.php, the confirm form or an error message generated by the internal phpMyAdmin parser." The advisory said that by sending a specially crafted request, "an attacker can inject and execute malicious script code, potentially compromising the victim's browser." Gentoo recommends all phpMyAdmin users upgrade to the latest version.

Businesses face crippling phishing attacks
Businesses face a grave and gathering threat from phishers, the Anti-Phishing Working Group warns. The industry association said active phishing sites more than doubled through October, and organized criminal organizations appear poised to launch attacks sooner rather than later. "There's a feeling that this is just a tremor," Peter Cassidy, secretary general of the Anti-Phishing Working Group, told SC magazine. "Organized crime is discovering that phishing is a way to make money and easily contain cost. What we could see in the future are very large and very painful attacks." The group warns that with increased use in specific brands, successful phishers could eventually take money away from those businesses whose name they annex. The group said it identified more than 1,000 active phishing sites in October and attributed the spread to the increased availability of automated tools, networks of compromised computers (bot networks) and skilled programmers. "There is a lot of great talent, particularly in Eastern Europe," Cassidy told the magazine.

Dig Deeper on Emerging cyberattacks and threats

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.