Login   |   Secure Purdue > News

More Phishing, Quicktime, and remote controlled Trains

You've probably all seen the notifications that there is a current Phishing attack targeting Purdue accounts. Over the weekend we saw some minor modifications to the message which mostly just includes changes to the address it seemed to be coming from. Check the official notification for more information: Purdue community warned of e-mail scam

In other news:
A couple of vulnerabilities showed up on Secunia today that might be of interest for people:

AOL Radio AOLMediaPlaybackControl.exe Buffer Overflow Vulnerability:

Basically this advisory says that if you are using AOL Radio you should check for updates. It may be vulnerable to a remote attack that would enable a hacker to take control of your system. Check the link above for more information.

Apple QuickTime RTSP Reply Reason-Phrase Buffer Overflow

A vulnerability has been found in Apple Quicktime that allows a remote attacker to execute arbitrary code on your system if you are tricked into opening a malicious QTL file or visiting a malicious web site. There are currently no patches available and the recommendation is to not browse unfamiliar web sites.

Remote controlling Trams in Poland

Under interesting news, it sounds like a 14 year old boy in Poland finally got his wish for a train set. Unfortunately the occupants of the public trams in the city of Lodz, Poland that he was controlling didn't enjoy it as much as he did. It seems that after examining the system for a while the boy was able to alter a television remote to allow him to switch the tracks. Luckily there were no fatalities but several of the trams were derailed causing injuries and delays to the passengers.

Posted by Douglas Couch on January 14, 2008, in Handlers Log.