SEARCH RESULTS
 
Showing 1-10 of 52 records
 
Expand article

WordPress 2.5 Cookie Forging Explained

2008-04-25 21:46:49 by Chris Eng in Zero in a bit
 
...login to WordPress with your username and password, and then the login page issues you a cookie such as the one below Set-Cookie: wordpress 52440d615a927011d57374216b3ff789= admin%7C1209329209%7C7d5e9e67d8f74a2b657b2e63437a1241; path=/blog As expected, the cookie contains the username, expiration in epoch time, and an MD5 hash (the %7Cs are...
 
Tags: cookie, wordpress authentication cookie, authentication cookie, cookie integrity bug, hash, hash hmac, user, user identity, maintain cookie uniqueness
 
 
 
 
Expand article

MySpace Phishers Now Targeting Facebook

The Article has images
2008-01-07 19:20:52 by HASH0x898bea0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...login details and passwords. Some Facebook users checking their accounts Wednesday found odd postings of messages on their "wall" from one of their friends, saying: "lol i can't believe these pics got posted.... it's going to be BADDDD when her boyfriend sees these," followed by what looks like a genuine Facebook link. But the link leads to a...
 
Tags: facebook, site facebook, facebook users, genuine facebook link, login details, login, myspace, facebook-login, malware
 
 
 
 
Expand article

Phishing Tactics Evolving

The Article has images
2008-04-21 11:18:17 by HASH0x85bed5c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...login.controller user-142o3ds.cable.mindspring.com /halifax-online.co.uk/ mem bin/halifax LogIn/formslogin.aspsource=halifaxcouk stolnick-8marta-8b-r1-c1-45.ekb.unitline.ru /halifax-online.co.uk/ mem bin zux006-052-125.adsl.green.c h/onlineid/cgi-bin/onlineid.bankofamerica/sso.login.controller rrcs-74-218-5-6.central.biz.rr.com...
 
Tags: halifax-online, halifax, mem binformslogin, user, user-142o3ds, web application vulnerabilities, mem binhalifax loginformslogin, vulnerable sites, turkish defacement
 
 
 
 
Expand article

New Year's Resolutions for choosing online retailers

2007-12-20 09:31:28 by Andras Cser in Security & Risk Management
 
...login Vendors: ActivIdentity, Entrust, CRYPTOcard, Secure Computing Safeword, RSA Security, VASCO Data Security One time password software (costly, medium level of security, medium user inconvenience User has a portable device (cell phone) with software that generates OTP Vendors: ActivIdentity, Entrust, CRYPTOcard, PortWise, RSA Security,...
 
Tags: user inconvenience, low user inconvenience, users desktop, users desktop software, software, medium user inconvenience, low, imagic software, user
 
 
 
 
Expand article

Identity Framework Probable Feature List

The Article has images
2007-12-16 06:42:00 by Keith Brown in Security Briefs
...login controls (three right now FederatedPassiveSignIn (I'm guessing this is for doing traditional ADFS v1 style logons InformationCard (login control that accepts information cards SignInStatus (probably similar features to ASP.NET's LoginStatus Fx helps you build relying parties InformationCard login control You can specify whether you want...
 
Tags: informationcard login control, login control, information card serializer, information, control, user authentication methods, user, custom sts, card
 
 
 
 
Expand article

Update on the MySpace Phishing Campaign

The Article has images
2007-12-10 21:50:56 by HASH0x899feb4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...login redirector from 319303.cn/login.php to z8atr.cn/login.php , and the attached z8atr.cn's fast-flux can be greatly compared to that of Storm Worm's fast-flux networks in terms of its size. The updated campaign is also taking advantage of the following DNS servers Name Server: ns1.4980603.com Name Server: ns2.4980603.com Name Server:...
 
Tags: myspace, fast-flux networks, fast-flux, attack vectors include, campaign, server, attack, exploit content results, primary infection vectors
 
 
 
 
Expand article

Anton Security Tip of the Day #14: More accesslog Fun: What Are You Not GETting?

2008-03-12 13:35:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...login&sid=e5efaa77a777066c61f71808e9e57b19 HTTP/1.0" 200 9355 "http://www.example.com/phpBB3//////////////ucp.php?mode=login&sid=e5efaa77a777066c61f71808e9e57b19" "Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.2) Gecko/20021126 This one really is a mystery; what do we know about it? The server responded to the request OK (code 200), so the...
 
Tags: web server, server, web, web browsers, security, web discussion board, anton security tip, fun, modern apache
 
 
 
 
Expand article

Skype Phishing Pages Serving Exploits and Malware

The Article has images
2008-05-09 07:00:15 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...login.html/Login.aspx/index/Sky pe.Members/index.htmls/ where the malware and the exploit are hosted Scanners result : Result: 3/31 (9.68 VBS/Small.W.1; Exploit-MS06-014 File size : 13569 bytes MD5 ...: 4d6a559adf0602f7fd58b884e00894dc SHA1 ..: 056f75e0dd94d03daeb04ae83d1b4a1b7476c0f2 SHA256 :...
 
Tags: skype account informations, account informations, account, skype, account information, malware, informations, original login page, result
 
 
 
 
Expand article

Thwarting a large-scale phishing attack

2007-06-11 11:35:00 by Niels Provos in Google Online Security Blog
 
...login information for a dummy MySpace account. We saw that when phishers compromised a MySpace account, they added links to their phishing page on the stolen profile, which would in turn result in additional users getting compromised. Using a quirk of the CSS supported in MySpace profiles, the phishers injected these links invisibly as...
 
Tags: myspace, myspace profiles, real myspace content, myspace account, attack, dummy myspace account, phishers move, phishers, lower-value sites