A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other war zones. The name of the virus is yet to be known, as details are still emerging about how the malicious code got into the systems in the first place. Could this be a belligerent enemy to US forces attacking their main weapon in use for remote regions? Ars Technica has the story after the jump.
WordPress founder Matt Mullenweg posted on WordPress.org’s News page today that several popular WordPress plugins had changes committed to them that had been determined to not be from their developers. The commits actually added back doors that would compromise potentially hundreds of thousands of WordPress installations that utilized them. As a precautionary measure, all changes were reverted for these plugins and ALL passwords to WordPress.org, BuddyPress.org, and bbPress.org reset. There aren’t many more details as of yet, but there is sure to be a witch hunt over the integrity of WordPress.org’s security as well as all code that powers the CMS.
Be sure to check for patches and network security appliance definitions/signatures today, Microsoft has been reminded again of why people hate ActiveX; Secunia is reporting a nasty new DirectShow Buffer Overflow attack is in the wild. This one is very dangerous, as it exploits the built-in DirectShow control in Internet Explorer (msvidctl.dll) by using specially-crafted image content to create a boundary error and subsequently cause a stack-based buffer overflow allowing the attacker to execute arbitrary code on the compromised machine.
The worst part? It’s already being actively used by bad people. Although Secunia’s site currently shows Windows XP as the only OS vulnerable, I wouldn’t be surprised to see more versions of Windows tacked on in the near future.
