Who ever would have seen this coming? Symantec has teamed up with Snoop Dogg to set up a rapping contest on the topic of malware and cybercrime. Participants are invited to break out their mic's, and start rapping on the topic of cybercrime, malware, botnets, hacking, and the like, all for a chance to win an "all expenses paid" trip to see Snoop Dogg live, meet some of "his people", and possibly meet the Dogg himself. Also, as an added bonus, the winning entry will receive a Toshiba laptop outfitted with the latest Norton Internet Security 2011.

  London, 1st September 2010 – Acunetix, a market leader in web application security scanning technology, today announced version 7 of its popular Web Vulnerability Scanner. With the new human like vulnerability verifying techniques, revolutionary scanning engine and support for a wider variety of web applications, Acunetix re-establishes its technology lead in web application security. Acunetix WVS Version 7 also features improved performance, less false positives and detection of a wide range of new web vulnerability types.

 Scammers in late August made just over $600,000 after breaking into the bank accounts of a Catholic Diocese, claiming the funds are for victims of paedophile priests. The scammers took advantage of people to use as money mules, stealing the money from the Catholic Diocese of Des Moines, Iowa. The scammers posed as a New-York based international finance firm, "the Impeccable Group", and offered the mules a bogus work-at-home job.

 A group of Algerian Web Pirates/Hacker was in an embarrassing mixup yesterday, mistakingly hacking the website of a Castle which hosts Teddy Bear Picnics, instead of a Crusaders fortress. The hackers targeted and compromised the web page of Belvoir Castle, which is the home of the family seat of the 11th Duke of Rutland, instead of the website they were instead supposed to attack, which was that of Belvoir Fortress in Israel.

 Basically, what's going to happen in this tutorial, is you're going to use Metasploit to generate a reverse_tcp payload into a DLL, and you're also going to create a blank "VCF" file, which is a Windows Address Book contact file. We're then going to create an autorun.inf file which gets the USB drive/CD Drive to tell WAB to open the blank VCF, and when it does so, it will automatically load the DLL file as well (the malicious one you generate beforehand). So let's get to it, hey?

 A UK based Government training organisation, known as the "National Skills Academy", had it's homepage hacked and defaced, being replaced with a pro-Palestinian message stating "Virtual Protests will continue..! Everything for PALESTINE! JaCKal Ownz Your System. I came challengeing to the world THE END." It was also accompanied by an image showing a container ship, with the word "Gaza" on the side.

 In order to exploit or test applications for the new WebDAV vulnerability, which we've covered here: http://greyhat-security.com/40-220-windows-exes-vulnerable-remote-code-execution-so-far, you will need to fire up your copy of Metasploit, and type the following...

 For 6 years the Linux kernel had suffered from a largely unnoticed privelege escalation vulnerability - and now, it has finally been patched. Linus commited the patch last week, and it can be found here: http://bit.ly/a2AqMh. The vulnerability allowed unpriveleged local users to gain root access to a system.

Security researchers estimate that between 40 and 220 applications are vulnerable to a remote code-execution attack on Microsoft Windows that exploits a bug in the way that programs load binary files, in a move that is trivial to pull off.

H D Moore, the Chief Architect and CSO of Metasploit has said that the flaw is in the way that Windows loads “safe” file types from remote network locations, but however said that he was not authorised to provide any more details at this stage.

 It seems as if, earlier today, Gmail was listed on the popular Spamhaus blacklist. Supposedly, according to Sucuri Security, the reason for being blacklisted was because they were listed for hosting "Candian Pharmacy" documents on their Google Docs site. This block of IP addresses is in the same block as Gmail, and Spamhaus just decided to blacklist the whole /24. More details of the incident are here: http://www.spamhaus.org/sbl/sbl.lasso?query=SBL95011