SEARCH RESULTS
 
Showing 1-10 of 29 records
 
Expand article

Pinch Variant Embedded Within RussianNews.ru

The Article has images
2007-12-23 21:01:52 by HASH0x89b2224 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...upload/exp is serving a Pinch variant thought an MDAC ActiveX code execution exploit - CVE-2006-0003, the type of virtual Keep it Simple Stupid strategy of using outdated vulnerabilities I discussed before. Deobfuscation leads us to : russiannews.ru/arabic/data/news/upload/exp/exe.php Trojan-PSW.Win32.LdPinch.dzr File Size : 22016 bytes MD5...
 
Tags: variant, pinch variant, diy malware builders, russiannews, malware, popular news portal, web dropper, news, simple stupid strategy
 
 
 
 
Expand article

More on Hating Agents

2008-02-13 14:54:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...upload added risk: new open ports (in case of log pull) or running services (in case of upload or log push) on all systems added risk: log management system might store credentials for remote access (sometimes admin) thus exposing them for compromise (especially if you don't use appliance added hassle: you need to manage credentials for all...
 
Tags: log management tool, log management, log management system, agents, remote, management, remote agent, agent, agents evil
 
 
 
 
Expand article

Eye-Fi Adds Geotagging, Splits Up Product Line

The Article has images
2008-05-09 14:07:15 by Glennf in Wi-Fi Networking News
...uploading to photo-sharing systems ($99); and Eye-Fi Home, which is a cable-replacement service ($79). The Eye-Fi Explore will be available starting 9-June-2008 The Eye-Fi Explore product relies on Skyhook Wireless's system of analyzing the signal strength of nearby Wi-Fi networks to extrapolate latitude and longitude. Eye-Fi ties that into...
 
Tags: eye-fi, wi-fi, simple wi-fi, wi-fi networks, eye-fi ties, eye-fi home, eye-fi handles, wi-fi environment, eye-fi explore
 
 
 
 
Expand article

University of Florida student info online

The Article has images
2007-11-28 09:17:23 by Evan Francen in The Breach Blog
...upload files, though the public could download the files without a password Comfyllama] More concern around bad guys storing warez or modifying files, maybe? Unsecured FTP and HTTP sites in the late '90s were popular places for hackers/crackers to store their files for free The files were immediately removed by UF officials, who also worked...
 
Tags: florida, sensitive personal information, information, information systems, comfyllama information security, web site, services web site, independent florida alligator, files
 
 
 
 
Expand article

My Open Wireless Network

2008-01-15 03:33:22 by schneier in Schneier on Security
 
...upload and download everything from pirated movies to child pornography. As a result, I risk all sorts of bad things happening to me, from seeing my IP address blacklisted to having the police crash through my door While this is technically true, I don't think it's much of a risk. I can count five open wireless networks in coffee shops within...
 
Tags: wireless network, network, fon wireless network, public, public network, computer, computer security, wireless security, wireless security protocol
 
 
 
 
Expand article

My Open Wireless Network

2008-01-15 03:33:22 by schneier in Schneier on Security
 
...upload and download everything from pirated movies to child pornography. As a result, I risk all sorts of bad things happening to me, from seeing my IP address blacklisted to having the police crash through my door While this is technically true, I don't think it's much of a risk. I can count five open wireless networks in coffee shops within...
 
Tags: wireless network, network, fon wireless network, public, public network, computer, computer security, wireless security, wireless security protocol
 
 
 
 
Expand article

DIY Fake MSN Client Stealing Passwords

The Article has images
2008-01-17 10:06:24 by HASH0x8b6b58c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...upload the accounting data. Why did they choose FTP compared to email as the leak point for the data? From my perspective uploading the accounting data on an FTP server means compatibility from the perspective of easily obtaining the accounting data to be used as foundation for another MSN spreading malware or spim , compared to accessing it...
 
Tags: msn, percent, restore msn, malware, data, msn messenger, email, email account, publicly obtainable stats
 
 
 
 
Expand article

IP Addresses Are Considered Personally Identifiable Information in the EU

2008-01-22 15:39:31 by RSnake in ha.ckers.org web application security lab
 
...upload scripts, and maintain them. Sorry, no more embedded content, and that includes things like Youtube because that would leak the peoples IP addresses to third parties. Also, things like Gmodules which often pull in content from other domains would be a big no no without some changes. Same with Google cache, translation services, etc etc...
 
Tags: information, addresses, identifiable information, people, content, googles business model, party, log analysis software, actual protection
 
 
 
 
Expand article

What If All Vulnerabilities Had This Disclosure Timeline?

2008-02-07 02:08:33 by Chris Wysopal in Zero in a bit
 
...upload their software binary executable to our portal. We analyze the software and deliver a detailed report of the security issues we find in the code. We also generate a summary report for the customer to understand the security risks of the software A cooperative solution is a much safer way for customers to understand the risks of the...
 
Tags: vulnerability finders, vulnerability, vulnerability exists, heap overflow vulnerability, gleg realplayer vulnerability, gleg customer, customer, gleg, exploit code
 
 
 
 
Expand article

Web 2.0 SecureD. DelivereD. :)

2007-10-13 09:29:44 by RaviC in Musings on Information Security