Mass SQL injection
Thursday, April 24th, 2008There's another round of mass SQL injections going on which has infected hundreds of thousands of websites. Performing a Google search results in over 510,000 modified pages.
There's another round of mass SQL injections going on which has infected hundreds of thousands of websites. Performing a Google search results in over 510,000 modified pages.
SANS solves mystery of mass Web site infections
Thursday, April 17th, 2008The SANS Institute has uncovered what they've termed a "rare gem" as far as computer security investigations go that sheds new light on how up to 20,000 Web sites have been hacked since January. They found a sneaky software tool that uses Google's search engine to hunt for Web sites running ...
Yahoo moving to new Web-crawler software
Monday, April 14th, 2008Yahoo has begun indexing the World Wide Web with its third-generation software, Slurp 3.0, the company said Monday. "With everything now in place, the rollout has officially begun," Sharad Verma and Yoram Arnon said in a posting to Yahoo's search blog on Monday. Unlike top search rival Google, which on Friday revealed ...
Google Comes Knocking In Search Of Hidden Data
Monday, April 14th, 2008Google on Friday said that it has been testing ways to index data that is normally hidden to search engine crawlers, a change that should improve the breadth of information available through Google. The so-called "hidden Web" that Google has begun indexing refers to data beyond static Web pages, such as Web ...
Bot breaks Hotmail’s CAPTCHA in 6 seconds
Monday, April 14th, 2008A new bot can crack defenses erected by Microsoft to keep spammers from creating large numbers of accounts on its Live Hotmail service within seconds, a security researcher said Friday. Dan Hubbard, vice president of security research at Websense, said the bot broke Live Hotmail's CAPTCHA (Completely Automated Public Turing Test ...
Vulnerability in Google spreadsheets allows cookie stealing
Monday, April 14th, 2008Security researcher Billy Rios has discovered a vulnerability in Google Spreadsheets which attackers can exploit using links to crafted tables to steal a user's cookie. According to Rios, the victim has to follow such a link in Internet Explorer. The stolen cookie can be used to access all Google services ...
Password theft via vulnerability in Google code
Monday, April 7th, 2008Billy Rios has discovered a vulnerability in the Google Code service which could be exploited to steal passwords from developers who have registered on the site. The Google Security Team has since fixed the vulnerability. Rios succeeded in gaining cross-domain access by uploading a crafted Java applet to a project on ...
Google Maps diminishing value of homes, causing “mental suffering”?
Saturday, April 5th, 2008A couple is accusing Google of diminishing the value of their property and causing them "mental" suffering" for including their recluse home in the Google Maps Street View project. The road leading up to their house is apparently labeled "private", something the Street View operator must've missed. We checked the ...
Analysis of a Win32.Delf Variant
Friday, April 4th, 2008We have been noticing quite a few malware samples having references to or communicating with Google's SMTP servers. This post dissects one of these samples and in the process attempts to illustrate to the reader some reversing techniques and information gathering techniques, while explaining the behavior and impact of this ...
Phishers Use Google to Find Exposed Servers
Sunday, March 30th, 2008Three-quarters of phishing sites are built on hacked servers that have been tracked down using pre-programmed Google search terms, according to research from brand-protection firm MarkMonitor. Among other activities, MarkMonitor tracks phishing attacks that target brand names. Researchers compiled a list of 750 Google search terms that are used to track down ...