DNS attacks on popular websites

Sunday, September 4th, 2011

Keep in mind that today's DNS hacks of popular websites such as acer.com, ups.com, theregister.co.uk were just that.  A DNS hack.  The actual sites themselves have not been compromised.  For example: UPS.com was altered to point to ups.com.85621INNSns1.yumurtakabugu.com The attackers only changed the NS records for the website.  This could have been much worse. References: http://isc.sans.edu/diary.html?storyid=11503&rss http://nakedsecurity.sophos.com/2011/09/04/dns-hack-hits-popular-websites-telegraph-register-ups-etc/

Posted in Internet, Privacy, Security | No Comments

Can we believe our eyes?

Tuesday, August 16th, 2011

Several days ago, one of our customers submitted a sample (SHA1: fbe71968d4c5399c2906b56d9feadf19a35beb97, detected as TrojanDropper:Win32/Vundo.L). This trojan hijacks the hosts “vk.com” and “vkontakte.ru” (both social networking sites in Russia)and redirects them to 92.38.209.252, but achieves this in an unusual way.Source:https://blogs.technet.com/b/mmpc/archive/2011/08/10/can-we-believe-our-eyes.aspx

Posted in Internet, Linux, Privacy, Security, Windows | No Comments

OpenDNS Can Help Protect Against DNS Rebinding Attacks

Saturday, July 31st, 2010

This feature has been around for a while but I wanted to make sure everybody knows that if you are an OpenDNS customer you have a nice option in your Control Panel to help protect against DNS Rebinding attacks.  This feature is turned off by default but you can enable ...

Posted in Internet, Security | 1 Comment

Modifying The Victim’s HOSTS File In Metasploit

Saturday, January 30th, 2010

This is just a quick example of how you can quickly and easily modify the HOSTS file on a compromised Windows system using the meterpreter script called hostsedit.  As always, we start off with a basic exploit to gain a meterpreter session back from the victim's machine: msf > use windows/smb/ms08_067_netapi msf ...

Posted in Internet, Privacy, Security, Windows | 1 Comment

Bing Web Server Probe

Thursday, January 28th, 2010

This is a tool for security researchers. It allows you to search for either an IP address or a DNS name and display all associated domain names known to Bing. Download: http://bingprobe.codeplex.com/

Posted in Internet, Networking, Privacy, Software | No Comments

Copyright 2008-2024 PC Sympathy - Entries (RSS) - Sitemap