Image Search Referrer-Based Malicious Websites

Websense Security Labs research has uncovered a case where a museum’s compromised Web server is serving malicious code based on the referrer making the request. A referrer could be, for example, a search engine such as images.google.com.

As interesting as the fact that they’re doing this, however, is which referrers trigger the delivery of malicious content, when others do not. In this case, the malicious content is served only when the referrers for the request are certain high-profile image search sites.

In the course of researching this attack, Websense Security Labs discovered that when searching with one of these high-profile sites for images that reside on another site, attempting to view one of the images would provide malicious content rather than the intended page content. If, however, another search engine was used to look for the same image, the proper content was delivered.

For example, if a browser attempted to load a page with the desired image through images.google.com, malicious content was delivered. However, if a normal Google search (www.google.com) was used for the same image with the same URL, the result was the proper page, without the malicious redirect.

So far, the list of image search sites that are used as affected referrers by the attacker are among the most high-profile image searches on the web:

• images.google.com
• images.search.yahoo.com
• www.altavista.com/image/default
• search.live.com/images/

The attackers do not appear to be doing this based on any referrer that contains the word ‘image’, because sites such as images.websense.com, or other image search sites that contain that word, do not produce the same results. It appears that the attacker is targetting certain image search engines, and obfuscating their activity in cases when the request is coming from anywhere else.

Read the rest of the story…

Posted in Internet, Security | No Comments

Red Hat to focus on enterprise market, not consumer Linux

Once upon a time when you mentioned Linux to non-Linux users, the first thing they thought of was Red Hat. That’s because the company was one of the first and most successful to get its desktop Linux onto retail shelves. But in a blog post today, the Red Hat team notes that they will not be working on a consumer version of their Linux product in the foreseeable future, instead focusing on enterprise software.

In a nutshell, the company has concluded that while Linux has come to be popular as an operating system for servers, it’s hard to build a business model around Linux desktop software. If you look at the desktop OS field, Linux is starting to make mild gains on Windows and OS X, but desktop Linux users are still few and far between when compared with users of the two more dominant platforms. And most of the popular Linux desktop operating systems are not just open source, they’re free as in beer.

The Fedora desktop Linux operating system is based on Red Hat and will continue to be developed. But all of Red Hat’s commercial software will now be designed to compliment the company’s server and middleware software.

Source: Download Squad

Posted in Linux | No Comments

How to make a Sawed-off USB Key

It’s no secret that there are a lot of strange USB devices out there, particularly flash drives. Not a comprehensive list, but we’ve sure seen Lego, twigs, action figures, bowling balls, sushi, anatomical parts, transparent drives, erasers, cassette tapes and on and on and on.

Despite all that, the picture above is a little surprising– because yes, it’s a working USB flash drive. Here, we give the step by step walk through of how to make your own.

Read the rest of the story…

Posted in Hardware | No Comments

SANS solves mystery of mass Web site infections

The SANS Institute has uncovered what they’ve termed a “rare gem” as far as computer security investigations go that sheds new light on how up to 20,000 Web sites have been hacked since January.

They found a sneaky software tool that uses Google’s search engine to hunt for Web sites running certain kinds of vulnerable applications, wrote Bojan Zdrnja, on the institute’s blog.

“While we had a general idea about what they do during these attacks, and we knew that they were automated, we did not know exactly how the attacks worked, or what tools the attackers used,” Zdrnja wrote.

When the tool finds a site that is vulnerable, it kicks into action. “The exploit just consisted of an SQL statement that tried to inject a script tag into every HTML page on the web site,” Zdrnja wrote.

That SQL statement was crafted to target Web sites running Microsoft’s Internet Information Server and SQL Server. Once compromised, the Web sites were then rigged to serve malicious software to visitors using JavaScript, which tried various exploits based on known software vulnerabilities.

Read the rest of this story…

Posted in Coding, Internet, Security, Software | No Comments

Quick Vista Hack to Get You Browsing at High-Speed Again

I’m not a Windows Vista fan. In fact, my new PC runs on XP, but uses OpenSource applications for most of my business needs. So why do I even care about a trick to get sluggish Vista browsing back to an acceptable speed? My mom uses Vista, and I love my mom.

I’m also no techie, so I’ll preface this piece by acknowledging that this won’t work for everyone. There are lots of reasons why Vista is a good choice for some; my mom has few qualms with the operating system, and I’ve even adjusted to using her PC for quick tasks when I’m away from home. One thing that just wouldn’t do for me or my mother, however, was the horribly slow browsing in Vista. Sites that should have taken little time to load were met with the white screen of death, or a notoriously lingering blue circle that signaled the page was still loading. A check of the connection supported my theory that it wasn’t anything else but Vista. Here’s how we fixed it – for good.

PC Magazine’s May 2008 issue held the key to our problems. Its Ask Neil column featured our problem, and the answer was simple: Disable Vista’s “Auto-Tuning” feature, which may not be (in our case it wasn’t) compatible with certain routers and networking devices. To turn it off:

Read the rest of this story…

Posted in Internet, Networking, Windows | No Comments