SecurityRatty: tag: credentials

Finjan uncovers database storing more than 8,700 stolen FTP credentials

2008-02-27 14:00:00 by Editor in Computerworld Security News

Security vendor Finjan has uncovered a data hoard containing more than 8700 stolen FTP server credentials, including information from more than 2,500 American companies

Tags: security vendor finjan, ftp server credentials, data hoard, american companies, information

Another Fake Twitter Profile Spreads Malware That Harvests Orkut Credentials

2008-09-09 19:06:55 by CyberInsecure in CyberInsecure.com

According to Chris Boyd, director of malware research at IM security firm Facetime, miscreants are using a fake Twitter profile in a bid to spread malware that harvests login credentials for Orkut. Updates to the fake Twitter profile are supposedly being followed by 17 punters, but theyre all fake. The profile is designed to trick would-be

Tags: fake twitter profile, fake, profile, security firm facetime, harvests login credentials, orkut, spread malware, malware research, chris boyd

New Tool To Be Released Can Steal Authentication Credentials Through Encrypted Secure Channels

2008-09-11 03:31:44 by CyberInsecure in CyberInsecure.com

New tool that can steal users authentication credentials makes websites used for email, banking, e-commerce and other sensitive applications less secure, even when theyre sent through supposedly secure channels. The toolkit, named CookieMonster, is used in a variety of man-in-the-middle scenarios to trick a victims browser into turning over the...

Tags: secure, supposedly secure channels, users authentication credentials, sensitive applications, victims browser, named cookiemonster, tool, gain access, authentication cookies

Backdoor in G-Archiver

2008-03-11 14:02:11 by Chris Wysopal in Zero in a bit

...credentials baked in, but is was sending the Gmail credentials of every user of the program to the author This is an example of an unintended network activity backdoor where information leakage occurs. Here is the code public static void CheckConnection(string a, string b try MailMessage message = new MailMessage...

Tags: mailmessage message, message, backdoor, smtpclient client, client, gmail, gmail credentials, credentials, people

Increased Interest in Device-Specific Strong Authentication

2007-09-14 00:00:00 by Sean Kline in Speaking of Security, the RSA Blog and Podcast

...credentials and new support models. Some of the drivers for this are longstanding, such as increased proliferation of mobile devices to remote employees, partners and consumers Ericsson 1 predicts that global mobile subscriptions will reach 5.5 billion by 2012. Since people are used to carrying phones, these mobile devices become very...

Tags: mobile devices, credentials, strong authentication credentials, mobile phones, secure remote access, global mobile subscriptions, strong authentication mechanisms, phones, two-factor authentication

Identity Framework Probable Feature List

2007-12-16 06:42:00 by Keith Brown in Security Briefs

...credentials (you need this to generate the claim set User authentication methods (an STS needs to authenticate the user before issuing a token Kerberos X509 Certificates SAML from personal cards Username/Password Fx helps you expose your STS using WCF Fx supplies a custom ServiceHostFactory (currently called...

Tags: informationcard login control, login control, information card serializer, information, control, user authentication methods, user, custom sts, card

Turning on cruise control

2008-01-18 07:26:00 by Keith Brown in Security Briefs

...credentials to download files from our subversion repository, didn't have permissions to write those files to the working directory or deploy to the deployment folder. So here's the key: instead of debugging all of this using ccservice, just use runas to run a command prompt under the same user account that you plan to use for the service....

Tags: cruisecontrol, cruisecontrol logs, account, cruisecontrol log file, log, low-privilege account, ccnet configuration, ccnet, files

More on Hating Agents

2008-02-13 14:54:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...credentials for remote access (sometimes admin) thus exposing them for compromise (especially if you don't use appliance added hassle: you need to manage credentials for all the servers on the log management system Finally, please don't use the combination "remote agent" as it is deeply confusing. When people say "remote agent", they really...

Tags: log management tool, log management, log management system, agents, remote, management, remote agent, agent, agents evil

Embedding Malicious IFRAMEs Through Stolen FTP Accounts

2008-03-03 10:14:01 by HASH0x8b0b9bc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...credentials , with additional tools available to help a buyer confirm he's making a smart purchase on the other side of the universe on Neosploit's "purpose in life The information was available for blackmarket trade, along with the NeoSploit version 2 crimeware toolkit, a malicious application specifically designed to abuse and trade...

Tags: ftp accounts, ftp, iframes, malicious iframes, web service, service, ftp account credentials, demand service, data

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo