Microsoft says some of its MSN Hotmail servers were infected with a Code Red virus... [Read on]

That must have been heard to admit, I wonder how long it took to admit tho

10-08-2001
In the wake of the Code Red virus, security watchers have pointed out that millions of IT administrators and web users are now in possession of an exhaustive list of web servers vulnerable to attack... [Read on]

20/08/2001
Some bright empiricist from Root-Core has discovered that anyone can log into their Hotmail account and then call messages from any other Hotmail account by crafting a URL with the second account's username and a valid message number.

Finding a valid message number is of course total guesswork, but they all follow a consistent format and always have the same number of digits (i.e., a time stamp), so with the help of a little brute-force progie one can try numerous combinations in the background rather than type them in... [Read on]

Tuesday 21st August 2001
Another Hotmail vulnerability exposed...

Hackers have developed a tool to exploit a fault in Hotmail security that allows them to read private messages, speeding up a traditionally slow manual hacking process.

Covert hacker site, rootcore.com, has released the tool, named Hobo, which simplifies the hack of Hotmail accounts by scanning message numbers individually, at a rate of one per second. Each Hotmail message is identified by a number displayed by the URL, plus the username.

Immediate threats to personal security are limited, as hackers and script kiddies are unable to target specific addresses, alter messages or get access to an entire inbox.

Microsoft is aware of the hole so rootcore.com members do not expect Hobo to be of use for much longer.

http://www.silicon.com/public/door?REQUNIQ=998403139&6004REQEVENT=&REQINT1=46703&REQSTR1=newsnow