TechBlog

The H-Online: WhatsApp Sniffer is an app able to display messages from other WhatsApp users connected to the same network as the app user. The tool diverts all data traffic on, for example, a Wi-Fi network through the user’s smartphone and seeks out WhatsApp messages, which are transferred in plain text. All the user requires is a rooted Android smartphone. The WhatsApp messaging service has established itself as an alternative to texting between smartphone users, because, unlike text messages, users only have to pay for data use. And if a user is in range of a free Wi-Fi point, then it is free to use. ...

The H-Online: As previously announced, Microsoft has released seven bulletins to close a total of 23 vulnerabilities on its May Patch Tuesday. The total number of bulletins belies the scope of the patches, however, as the combined update MS12-034 closes various holes in numerous products. The reason for this is a critical hole in the code for processing TrueType fonts that was exploited by the Duqu spyware last year. The hole was closed in the Windows kernel on the December Patch Tuesday; however, Microsoft has since used a code scanner to track down the vulnerable code in numerous other components; among them is the gdiplus.dll library, which is used by various browsers to render web fonts. ...

Hi,/ You may have noticed that part of my blog posts are copied from other source as I name them (and link them) in beginning of my posts, for example “Naked Security” (SophosLabs). Just today I noticed a message from “Graham Cluley”, one of the Authors in “Naked Security” blog which asked me to don’t re-post his articles. In the past I had checked with many of my other sources and they have always gave me permission to share their articles as long as it comes with a link to the source too and I thought “Naked Security” blog follow same rule, but seems they don’t, no problem. ...

The H-Online: The updates to PHP versions 5.3.12 and 5.4.2 released on Thursday do not fully resolve the vulnerability that was accidentally disclosed on Reddit, according to the discoverer of the flaw. The bug in the way CGI and PHP interact with each other leads to a situation where attackers can execute code on affected servers. The issue remained undiscovered for eight years. The best protection at present is offered by setting up filter rules on the web server. However, the RewriteRule workaround described on PHP.net is also, according to security expert Christopher Kunz, inadequate. He suggests a slightly modified form of the rule as an alternative. ...

The H-Online: Adobe has released a security advisory relating to an object confusion vulnerability which allows an attacker to crash the player or take control of an affected system. Adobe says that there are reports of this vulnerability being exploited in the wild as part of targeted email-based attacks which trick the user into clicking on a malicious file; this exploit only targets Flash Player on Internet Explorer on Windows, though the vulnerability exists on Windows, Mac OS X, Linux and Android versions of the player. ...

TheHackerNews: Google got Pwned ? NO Few Algerian Script Kiddies try to spread fake rumors that they Hack and Deface the Giant Search engine “Google Iranian” domain http://www.google.co.ir/ . As the screenshot shown a Algerian flag on it and Page Titles : **“**H4Ck3D By vaga-hacker dz and DR.KIM”. As mentioned by hacker, the team include hackers named : “V4Ga-Dz,Dz0ne,DR-KIM King-Dz,BroX0 aghilass elite jrojan password kha&mix wasim -dz” . It is not confirmed that, either these are member from some Anonymous Hackers but they try to use Anonymous Hackers Tag line : We Dont Forget , We Dont Forgive, Expect Us! to get some publicity. ...

Cross-posted from BetaNews: In a blog post on Wednesday, President of Microsoft’s Windows division Steven Sinofsky announced the seven-year old Windows Live brand is being retired. Do not be mistaken, there are more than 500 million users of the various Microsoft services that fall under the general classification of Windows Live. They are alive and well. The brand and the concept of Windows Live as a whole, however, is antiquated in this mobile-driven era, and Microsoft is finally halting the differentiation. ...

The current versions of the Tor Browser Bundle (TBB) include a bug that makes it possible for information about visited web sites to leak out of the anonymising layer. On version 2.2.35-9 of TBB for Windows and version 2.2.35-10 for Mac OS X and Linux, the included version of Firefox does not send DNS requests over the Tor network if the browser is using the WebSocket protocol. This means that an attacker listening in on the connection will be able to identify the servers the user is visiting. ...

SophosLabs: According to reports, Iran has started making its own anti-virus software. It is said that experts from Shiraz Computer Emergency Response Team of APA (Academic Protection and Awareness) of Iran have been working on the project to help better protect the country’s digital defenses. Of course, Iran is no stranger to malware. It found itself thrust into the spotlight in 2010 when the infamous Stuxnet worm was widely reported to have infected industrial plants (including nuclear plants) in the country with the seeming intention to target and sabotage SCADA systems. ...

The H-Online: Tor developers Arturo Filasto and Jacob Appelbaum have been working on a new tool they call the OONI-probe. OONI stands for Open Observatory of Network Interference and is designed to help map internet censorship across the global network. The open source tool gives users the ability to check their internet connection for censorship, selective bandwidth throttling, surveillance and other interferences. This data can then be shared freely with other users, creating a global overview of the state of censorship of the network. ...