Thereâs a new Facebook worm out there. However, it doesnât seem to be doing anything else than posting a message to peopleâs Facebook walls. The message that the worm posts is âtry not to laugh xD http://www.fbhole. com/omg/allow.php?s=a&r=[random number]â If you follow the link, you end up to a page looking like this: ...
You might avoid looking for photos of Miss USA Rima Fakih for a while. There is a controversy about a certain pole-dancing incident in her past that is stirring up the talk show circuits and the adolescent inside every male on the planet. It also has stirred up a massive number of SEO poisoned links to photos. In 2007, Fakih won a âStripper 101â contest sponsored by a Detroit radio show âMojo in the Morning.â And, of course, she was no sooner crowned Miss USA than somebody resurrected the âStripper 101â video. And, of course, everybody is searching for âRima Fakih pole dancing.â ...
A variety of sources are reporting that blog hosting sites with WordPress-created sites and php-based management systems such as Zen Care eCommerce are being infected with malicious scripts. Websites hosted by ISP DreamHost, GoDaddy, Bluehost and Media Temple have been found with the malcode, according to H-Online.com. The malicious scripts download malcode and block Googleâs Safe Browsing API from alerting users. Story here: âLarge-scale attack on WordPressâ ...
When consumer electronics shopping site Retrevo prepared for Motherâs Day by conducting a survey of parentsâ social media practices, it found that nearly half (48%) of parents add their children as friends on Facebook. Parents admitted that âit can be awkward at timesâ when they follow their kidsâ Facebook updates, but think that itâs probably worth it to keep tabs on them. Of course, savvy teens could easily exclude their parents from seeing potentially incriminating updates using Facebookâs advanced privacy features. ...
PayPal users are at risk of getting their credentials stolen if they follow instructions given in a scam email. âWe have reason to believe that your account was accessed by a third partyâŠ. PayPal will verify it with your bank records for your own protection. If you provide a wrong PIN your account will be suspended or limited for unauthorized account access.â ...
When I was a child, I was fascinated by ATM machines. I had a savings account which my mother would deposit money regularly and I waited for the day that I could raid the account with the ATM card for frivolous spending on console games and fast food. Nigerians have developed a cunning method to transfer millions of dollars to lucky winners worldwide. Yes, it is indeed the humble ATM card. ...
Spam emails such as the one below have been doing the rounds on the Internet hoping to lure recipients into downloading a Facebook toolbar. If you download the file by clicking on âDownload Hereâ, youâll see a file with the icon shown below: If you take a closer look at the icon, âdarkSectorâ is shown inside of it. How strange. Is this actually a Facebook toolbar? Letâs take a look at the property of the file since the file looks a bit fishy. In the file properties, youâll see the following in the Details tab. ...
The Telegraph, one of the biggest newspapers in the UK, hasnât had a good time of it lately where their website is concerned. There were vulnerabilities found in relation to the site back in March involving database access, and it seems a hacking group has gone in and defaced two subdomains. These are the two subdomains in question: shortbreaks(dot)telegraph.co.uk wine-and-dine(dot)telegraph.co.uk/site/index.php They appear to have been compromised by âR.N.S. â Romanian National Securityâ. Hereâs a screenshot, both defacements are identical: ...
In an excellent blog, the people from Apache did a very good job analyzing and documenting how a security breach happenedâgoing through all the stages of the attack and drawing conclusions. Should you ever become the unfortunate victim of an attack, this blog offers an example of how to document it! I quote:âIf you are a user of the Apache-hosted JIRA, Bugzilla, or Confluence, a hashed copy of your password has been compromised.â So if you are a user, please act accordingly after reading this blog đ ...
On April 9th, Tavis Ormandy published a proof of concept about how to use the latest version of Java to compromise a pc. You can read about it here. He notified Sun, but they werenât concerned enough to break their patch cycle, so he published the code. The problem is that when Sun released Java 6, update 10 in April 2008, they introduced a new feature (itâs not a bug, itâs a feature folks) called Java Web Start. In order to make it easier for developers to install software, they created a method to execute a program from a website. ...