SEARCH RESULTS
 
Showing 1-10 of 26 records
 
Expand article

Pinch Variant Embedded Within RussianNews.ru

The Article has images
2007-12-23 21:01:52 by HASH0x89b2224 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...upload/exp is serving a Pinch variant thought an MDAC ActiveX code execution exploit - CVE-2006-0003, the type of virtual Keep it Simple Stupid strategy of using outdated vulnerabilities I discussed before. Deobfuscation leads us to : russiannews.ru/arabic/data/news/upload/exp/exe.php Trojan-PSW.Win32.LdPinch.dzr File Size : 22016 bytes MD5...
 
Tags: variant, pinch variant, diy malware builders, russiannews, malware, popular news portal, web dropper, news, simple stupid strategy
 
 
 
 
Expand article

More on Hating Agents

2008-02-13 14:54:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...upload added risk: new open ports (in case of log pull) or running services (in case of upload or log push) on all systems added risk: log management system might store credentials for remote access (sometimes admin) thus exposing them for compromise (especially if you don't use appliance added hassle: you need to manage credentials for all...
 
Tags: log management tool, log management, log management system, agents, remote, management, remote agent, agent, agents evil
 
 
 
 
Expand article

Eye-Fi Adds Geotagging, Splits Up Product Line

The Article has images
2008-05-09 14:07:15 by Glennf in Wi-Fi Networking News
...uploading to photo-sharing systems ($99); and Eye-Fi Home, which is a cable-replacement service ($79). The Eye-Fi Explore will be available starting 9-June-2008 The Eye-Fi Explore product relies on Skyhook Wireless's system of analyzing the signal strength of nearby Wi-Fi networks to extrapolate latitude and longitude. Eye-Fi ties that into...
 
Tags: eye-fi, wi-fi, simple wi-fi, wi-fi networks, eye-fi ties, eye-fi home, eye-fi handles, wi-fi environment, eye-fi explore
 
 
 
 
Expand article

Oklahoma State University Parking Services server is compromised

The Article has images
2008-05-15 15:08:54 by Evan Francen in The Breach Blog
...upload and distribute illegal and inappropriate content Evan] I wonder if I am getting this right. Was there a direct network path from the public Internet through a firewall to the compromised database server running http, ftp, or some other file transfer protocol? That's not cool. A database server storing confidential information should...
 
Tags: server, sensitive personal information, personal information, information, server administrators, server immediately, server prior, database server, confidential information
 
 
 
 
Expand article

DIY Phishing Kits Introducing New Features

The Article has images
2008-05-15 14:11:43 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...upload capabilities as well DIY Phishing Kit as automated updating of the latest phishing page, and the second one taking advantage of plugins under a .phish file extension Read the entire post - DIY phishing kits introducing new features
 
Tags: features, kits, image grabber features, kits trend, diy, core features, proprietary kits, kit, simple kit
 
 
 
 
Expand article

University of Florida student info online

The Article has images
2007-11-28 09:17:23 by Evan Francen in The Breach Blog
...upload files, though the public could download the files without a password Comfyllama] More concern around bad guys storing warez or modifying files, maybe? Unsecured FTP and HTTP sites in the late '90s were popular places for hackers/crackers to store their files for free The files were immediately removed by UF officials, who also worked...
 
Tags: florida, sensitive personal information, information, information systems, comfyllama information security, web site, services web site, independent florida alligator, files
 
 
 
 
Expand article

Ch-Ch-(Ex)Changes

The Article has images
2008-01-03 06:57:26 by Mike Rothman in Mike Rothman's blog
...upload a file to your site and Google finds it), and then pointing my MX records to Google. The change hit almost instantly and I started getting email in my spanking new Gmail account. Then I used IMAP to move all the mail from Exchange to Gmail. That took a bit of time, but I needed to clean out Exchange (no need to keep it around anymore)...
 
Tags: google apps, google apps premium, business server, server, product, mobile sync product, sync, gmail, gmail web interface
 
 
 
 
Expand article

My Open Wireless Network

2008-01-15 03:33:22 by schneier in Schneier on Security
 
...upload and download everything from pirated movies to child pornography. As a result, I risk all sorts of bad things happening to me, from seeing my IP address blacklisted to having the police crash through my door While this is technically true, I don't think it's much of a risk. I can count five open wireless networks in coffee shops within...
 
Tags: wireless network, network, fon wireless network, public, public network, computer, computer security, wireless security, wireless security protocol
 
 
 
 
Expand article

My Open Wireless Network

2008-01-15 03:33:22 by schneier in Schneier on Security
 
...upload and download everything from pirated movies to child pornography. As a result, I risk all sorts of bad things happening to me, from seeing my IP address blacklisted to having the police crash through my door While this is technically true, I don't think it's much of a risk. I can count five open wireless networks in coffee shops within...
 
Tags: wireless network, network, fon wireless network, public, public network, computer, computer security, wireless security, wireless security protocol
 
 
 
 
Expand article

DIY Fake MSN Client Stealing Passwords

The Article has images
2008-01-17 10:06:24 by HASH0x8b6b58c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...upload the accounting data. Why did they choose FTP compared to email as the leak point for the data? From my perspective uploading the accounting data on an FTP server means compatibility from the perspective of easily obtaining the accounting data to be used as foundation for another MSN spreading malware or spim , compared to accessing it...