Thursday, April 3rd, 2008
Spammers are once again using web bugs to verify the validity of of email addresses. This time the trick is not done with graphics but with digital certificates. Alexander Klink from German consultants Cynops has discovered a vulnerability in Microsoft products – or possibly in the Crypto API – that ...
Posted in Coding, Internet, Privacy, Security | No Comments
Wednesday, April 2nd, 2008
Injected iframes into legitimate sites are becoming more and more common these days. One of the latest targets is a Chinese government site at www.zhangzhu.gov.cn:
Please note that while the site adminstrators have been notified, the injected iframe is still present in the site at the time of this posting.
The iframe ...
Posted in Coding, Internet, Security | No Comments
Monday, March 31st, 2008
Websense Security Labs has been tracking the use of Slide.com as a hosting site for malware for several months. The popular Web 2.0 social networking Web site, ranked 252 by Alexa (Alexa Ranking), is both the largest Facebook application developer and a free and easy place to host malware.
Having tracked the various ways malware is hosted on ...
Posted in Coding, Internet, Privacy, Security | No Comments
Monday, March 31st, 2008
A wave of April Fool's Day related Storm mails have just been sent out. Similar as the other times with a link that points to an IP address.
Posted in Coding, Internet, Privacy, Security | No Comments
Saturday, March 29th, 2008
I found a great write-up over at SANS that goes over session hijacking in amazing detail. Click the link below to read the full 49-page white paper.
Session Hijacking in Windows Networks
Posted in Coding, Internet, Networking, Privacy, Security, Windows | No Comments