Sunday, June 29th, 2008
Spybot - Search & Destroy detects and removes spyware, a relatively new kind of threat not yet covered by common anti-virus applications. Spyware silently tracks your surfing behavior to create a marketing profile for you that is transmitted without your knowledge to the compilers and sold to advertising companies. If ...
Posted in Internet, Privacy, Security, Software | No Comments
Thursday, June 26th, 2008
An unpatched cross-domain vulnerability in Microsoft’s flagship Internet Explorer browser could expose Windows users to cookie hijacks and credentials theft attacks, according to a warning from security researchers.
The zero-day flaw, which has been reported to Microsoft, is a variation of Eduardo Vela’s IE Ghost Busters talk:
Do you believe in ghosts? ...
Posted in Coding, Internet, Privacy, Security, Windows | No Comments
Thursday, June 12th, 2008
Another new development in the malware arena, this new version of Zlob will actually log onto your router and change the DNS settings to hijack your traffic.
Pretty interesting approach and it will work because 99% of people won’t change the default password on their routers. Let’s face it, have you ...
Posted in Internet, Privacy, Security | No Comments
Friday, June 6th, 2008
Due to a problem in the way Apache binds itself to port 80 on Windows machines allows the PHP environment running under Apache to gain access to the information being sent to port 80, which in turn can be leveraged to preform man-in-the-middle attacks.
This problem is exploited by the PHP ...
Posted in Coding, Internet, PHP, Windows | No Comments
Wednesday, June 4th, 2008
Just over 4% of all Web sites are dangerous, according to a new report. But all bad sites aren’t created equal: Cyber bad guys are more likely to build their sites where it’s easy to do so.
The report out today from McAfee, a tech-security company that’s trying to position itself ...
Posted in Coding, Internet, Privacy, Security | No Comments
Sunday, June 1st, 2008
XSS (Cross-Site Scripting) Very Much Alive and Kicking
We were about to investigate further on malicious activities related to banner82(dot)com/b.js but the URL was already inaccessible around Tuesday. Soon enough the malicious script in www(dot)adw95(dot)com caught our interest. A rough survey of the sites compromised by this script reveal that the ...
Posted in Coding, Internet, Security | No Comments
Friday, May 30th, 2008
The computer attackers who took down Comcast's homepage and webmail service for over five hours Thursday say they didn't know what they were getting themselves into.
In an hour-long telephone conference call with Threat Level, the hackers known as "Defiant" and "EBK" expressed astonishment over the attention their DNS hijacking has ...
Posted in Internet, Privacy, Security | No Comments
Friday, April 25th, 2008
In the old days, as our parents frequently love to remind us, life was much simpler. You bought a computer, and when you finally figured out what you wanted to do with it, you assembled a list and went down to your local Egghead for some software. It was straightforward, ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, April 16th, 2008
Security researchers on Monday spotted malicious code that triggers a critical vulnerability in the Chinese version of Windows 2000, and warned users of other editions to expect attacks.
Symantec confirmed that the proof-of-concept code publicly posted to the milw0rm.com site earlier in the day successfully attacks Chinese editions of Windows 2000 ...
Posted in Coding, Internet, Security, Windows | No Comments
