Hackers have started to exploit a vulnerability whole in Apples software Quicktime. This whole is still not fixed since Apple has not yet released a patch.

So far are only Windows-users targetted, but Mac-users are not safe either. The vulnerability whole was discovered 23 November and was achieved because Quicktime doesnt validate incoming data securely. This time it’s connected with the rtsp protocol which is used for streaming video.

The hackers can with this method make a takeover of the targetted computer. Failed attacks will cause DOS (denial of service) conditions.

The hack itself is a buffer-overflow that targets the Header Content-length.

For more information of how to secure it, take a look at symantec.

The code for the hack itself can be found at milw0rm.

Chinese hackers have successfully hacked into Pentagon. It is claimed as the most successful cyber attack on the US defence department quoting american officials.

One of the US senior officials said that Pentagon had ponpointed the exact origins of the attack. Another person, familiar with the event, said that there was a “very high level of confidence.. trending towards totalt certainty”. The defence ministry in Beijing declined to comment this action (2007-09-03).

Source: Financial Times