http://www.techworld.com/security/news/index.cfm?newsID=102222By Robert McMillan
IDG news service
24 July 2008
Hackers have released software that exploits a recently disclosed DNS
flaw.
The attack code was released Wednesday by developers of the Metasploit
hacking toolkit.
Internet security experts warn that this code may give criminals a way
to launch virtually undetectable phishing attacks against Internet users
whose service providers have not installed the latest DNS server
patches.
Attackers could also use the code to silently redirect users to fake
software update servers in order to install malicious software on their
computers, said Zulfikar Ramizan, a technical director with security
vendor Symantec. "What makes this whole thing really scary is that from
an end-user perspective they may not notice anything," he said.
[...]
_______________________________________________
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting.
http://www.blackhat.com
