I’d love to hear the background story behind this one:

[CiscoWorks IPM] version 2.6 for Solaris and Windows contains a process that causes a command shell to automatically be bound to a randomly selected TCP port.

Why on earth? And why a random port?

And if you’re still wondering, yes - it’s a remote root shell with no authentication

Remote, unauthenticated users are able to connect to the open port and execute arbitrary commands with casuser privileges on Solaris systems and with SYSTEM privileges on Windows systems.

Cisco is being cruel and only disclosing the technical info. Common Cisco, share the juicy parts! We want Full Disclosure!

It’s time to look the recent state of targeted attacks. Like we already know the main attack vector in these attacks is Microsoft Office attachment. There are no many organizations that simply can filter .DOC, .XLS and .PPT files.
In mid-January Microsoft confirmed that a new, previously unknown Excel vulnerability was used in targeted attacks. On Monday this week US-CERT issued a warning about the new wave of exploitation. This extremely critical vulnerability, rated ‘10.0′ by CVSS meter BTW, was known as header information code execution vulnerability.
The fix is included to today’s Excel Bulletin MS08-014. However, Microsoft says the following now:

What causes the vulnerability?

Microsoft Excel does not properly validate macro information when loading specially crafted Excel files.

In January we had a very small pieces of information related tho this vuln and Trojan exploiting it.

Information about the characteristics of these targeted attack can be read via my FAQ documents.

A new question for you guys - you have been great answering the previous one:
—-
Hi I’m a bit new to java and socket programming.
Anyway I just wrote a client server socket program and I have an open port listening on my unix box.

I was told that this is vulnerable because now anyone could write a client side program to my open port and send in whatever command line they want.

I am not sure where to go about researching what security measures I need to put in place for socket programming.

From:
B.M
USA
—-

My wife has just received this email via linkedin:

Subject: Equity Needed

LinkedIn
[name deleted] has sent you a message.
Date: 3/01/2008
Subject: Equity Needed
May I kindly accept a donation of $100 on your behalf? [url to donation page]

Thank you for understanding.

Visiting the donation page brings up the following explanation:
“With the new status update feature on LinkedIn I thought we should have some fun and in the process help me make my first million to jump start my new companies. I would like you to set your status on LinkedIn to “wants you to help [me] make [my] 1st million via LinkedIn: [url]””