Rogue LinkedIn Profiles Lead To Malware

Tuesday, January 6th, 2009

LinkedIn is a popular social networking site where you can manage business contacts online. Since you can set up a profile with links to your own website, it seems to attract criminals’ attention as well. A Google search reveals that several hundred fake LinkedIn profiles from nude “Kirsten Dunst” to ...

Obfuscation: The Art of Creating Undetectable Malware

Monday, January 5th, 2009

Do not expect that your system would start misbehaving once it is infected by a malware. Malwares can perform their functions without showing any symptoms for days, months or years. New malwares are capable of hiding themselves even from powerful Antivirus scan engines. They can also perform their jobs without affecting ...

Google’s Browser Security Handbook

Sunday, January 4th, 2009

This document is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers. Insufficient understanding of these often poorly-documented characteristics is a major contributing factor to the prevalence of several classes of security vulnerabilities. Although all browsers ...

Facebook “Reset Password” XSS Flaw

Saturday, January 3rd, 2009

DaiMon has once more discovered a new critical cross-site scripting vulnerability which affects the Facebook "Reset Password" page.  Malicious users can inject code to phish credentials and other sensitive personal information from millions of Facebook members. We hope that this serious flaw gets fixed quickly as is usually the case with ...

SSL Blacklist – Firefox Plugin Detects Bad Certificates

Friday, January 2nd, 2009

This Firefox plugin was first created back during the Debian/OpenSSL scare about 6 months ago where the key pairs that were generated from an affected machine were easily guessable. Marton Anka created this plugin to help users find these bad certificates: On 12/31/2008, Marton updated this plugin to detect the ...