Security Alerts & News
by Tymoteusz A. Góral

#1956 SQL Slammer comeback
SQL Slammer is a computer worm that first appeared in the wild in January 2003, and caused a denial of service condition on tens of thousands of servers around the world. It did so by overloading Internet objects such as servers and routers with a massive number of network packets within 10 minutes of its first emergence.

The worm exploits a buffer overflow vulnerability in Microsoft SQL Server 2000 or MSDE 2000 by sending a formatted request to UDP port 1434. After the server is infected, it attempts to spread rapidly by sending the same payload to random IP addresses, causing a denial of service condition on its targets. This vulnerability was discovered by David Litchfield several months before Slammer first launched. Accordingly, Microsoft released a patch, but many installations had not been patched before Slammer’s first appearance.
Read more
#1957 A hacker just pwned over 150,000 printers left exposed online
#1956 SQL Slammer comeback
#1955 Op-ed: Windows 10 0day exploit goes wild, and so do Microsoft marketers
#1954 Metasploit security kit now hacks IoT devices, hardware
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12