Wednesday, May 7th, 2008
A loyal ISC reader, Rob, wrote in to point us at what looks to be a SQL Injection worm that is on the loose. From a quick google search it shows that there are about 4,000 websites infected and that this worm started at least mid-April if not earlier. Right ...
Posted in Coding, Internet, Privacy, Security | No Comments
Wednesday, May 7th, 2008
Since version 4.2.0 PHP automatically seeds the random number generators on the first usage of rand() and mt_rand(). This is done with the help of the GENERATE_SEED() macro.
Unfortunately it was discovered that the GENERATE_SEED() macro contains several problems that can lead to a weaker seed than expected. In the worst ...
Posted in Coding, PHP, Security | No Comments
Tuesday, May 6th, 2008
You've heard the threat before: A virus or Trojan could infect your PCs and wreck their hard drives. But how often does it really happen -- and how bad is the damage?
A new university study suggests that hard-drive-killing attacks launched by hackers are actually pretty rare -- but when they ...
Posted in Hardware, Privacy, Security | No Comments
Monday, May 5th, 2008
Researchers have discovered a new, complex spam attack that uses a sophisticated ruse to fool users into downloading malware.
The exploit, which researchers at BitDefender call "a spam-sending scheme of Byzantine complexity," features spam messages that claim to contain links to videos. When users try to click and see the video, ...
Posted in Internet, Privacy, Security | No Comments
Monday, May 5th, 2008
Nowadays, who understands Di-Di-Di-Da-Da-Da-Di-Di-Dit (S.O.S., Save Our Souls)? Few people do, but your web browser just might. In his blog, security expert Nathan McFeters has reported the discovery of a cross-site scripting (XSS) vulnerability on an Italian website that allows attackers to inject malicious JavaScript encoded in Morse code in ...
Posted in Coding, Internet, Privacy, Security | No Comments
