Archive for the ‘Coding’ Category
Wednesday, June 4th, 2008
Just over 4% of all Web sites are dangerous, according to a new report. But all bad sites aren’t created equal: Cyber bad guys are more likely to build their sites where it’s easy to do so.
The report out today from McAfee, a tech-security company that’s trying to position itself ...
Posted in Coding, Internet, Privacy, Security | No Comments
Tuesday, June 3rd, 2008
Goosh.org hosts an unofficial Google interface which “behaves similar to a unix-shell,” as the author Stefan Grothkopp explains. For instance, entering n disney will result in a Google News search for the keyword “disney”. Type help to see some of the other available commands, like lucky (an “I’m feeling lucky” ...
Posted in Coding, Internet | No Comments
Tuesday, June 3rd, 2008
Most malware tends to store stolen credentials and information in make-shift text files, which are then forwarded to the author via email or another protocol. However, the use of scalable and robust solutions is becoming more popular in the malware community. In fact, it is becoming increasingly popular for malware ...
Posted in Coding, Internet, Privacy, Security | No Comments
Monday, June 2nd, 2008
Yesterday's post discussed a mystery PDF file that was boopytrapped to drop a backdoor.
Today we'll look at how these documents are created.
Here's an example of a tool called Y08-04 aka GenMDB.
When run, it displays this user interface:
The apparent purpose of this tool is to create trojanized PDF files. You select ...
Posted in Coding, Internet, Security, Software | No Comments
Sunday, June 1st, 2008
XSS (Cross-Site Scripting) Very Much Alive and Kicking
We were about to investigate further on malicious activities related to banner82(dot)com/b.js but the URL was already inaccessible around Tuesday. Soon enough the malicious script in www(dot)adw95(dot)com caught our interest. A rough survey of the sites compromised by this script reveal that the ...
Posted in Coding, Internet, Security | No Comments
Sunday, June 1st, 2008
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of ...
Posted in Coding, Internet, Linux, Privacy, Security, Software | No Comments
Friday, May 30th, 2008
We’ve been folowing the development of sqlninja since the early days, it’s growing into a well matured and more polished tool with advanced features.
Sqlninja is a tool written in PERL to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal ...
Posted in Coding, Internet, Privacy, Security | 1 Comment
Thursday, May 29th, 2008
Web developer Aza Raskin knows we visit Digg, Del.icio.us, Reddit and Facebook without even having to ask.
No, he isn't employing privacy violating hackery, but he is exploiting a "cute" information leak in CSS that traditionally displays visited links differently than those that have yet to be visited. By loading in ...
Posted in Coding, Internet, Privacy, Security | No Comments
Tuesday, May 27th, 2008
An unpatched bug in Adobe Systems' Flash Player software is being exploited by online criminals, Symantec reported Monday.
Few details on the bug are available, but the flaw lies in the latest version of the Adobe Flash Player browser plugin, which is widely used by Internet surfers to view animated Web ...
Posted in Coding, Internet, Security, Software | No Comments
Saturday, May 24th, 2008
Mozilla has identified 10 high-priority bugs in Firefox 3.0, three of them pegged "critical," but won't decide until next week whether to release the browser anyway or restart the final stretch by issuing a second release candidate (RC2).
"We are making a go/no go decision early next week, as we are ...
Posted in Coding, Internet, Security, Software | No Comments
