LetsByteCode

ISC: July 9, 300 thousand infected with DNS Changer computers will be disconnected from the Network

May 17th, 2012 | Posted by synt4x in Security - (0 Comments)

There is a strong likelihood that the June 9 ISPs face a lot of calls from users with notices of unavailability of the Internet.

Company founder Paul Vixie ISC (Paul Vixie) said that according to the study conducted by the ISC, to July 9, 2012, time of disabling DNS-servers that handle user requests coming from infected malware, DNS Changer computers remain infected about 300 thousand cars . As a result, they will be disconnected from the web. According to Vixie, many users as “suspicious” and “hostile”, which expressed outrage when they point to the problem. It is reported by The Register. According to Vixie, there is a strong likelihood that the June 9 ISPs face a lot of calls from users with notices of unavailability of the Internet. founder of ISC also criticized the activities of governments of various countries that use the redirect DNS-queries as a measure of political control. As an example, Vixie leads installing filters to block pornographic resources in the UK, as well as the closure of access to offshore gambling sites in Italy. “If the lock is widely used DNS to block users access the desired content, they will begin to redirect their requests,” – said Vixie.

Google blacklist includes the most popular sites

May 17th, 2012 | Posted by synt4x in Security - (0 Comments)

According to experts, blacklisted Google Safe Browsing service includes 621 of the most popular site according to Alexa resources.

Research company Zscaler found that the black list service Google Safe Browsing has 621 web site, included in the list of world’s most popular resources on the version of the company Alexa. Note that the Google Safe Browsing service is used by browsers Firefox, Safari and Chrome in order to identify potentially hazardous areas and warn users about the threats.

Most popular resources, labeled Google as malicious, had been hacked , and contain malicious JavaScript script, or an element of IFRAME. Experts at Zscaler release that Google adds to blacklist the site itself, and not only an external resource referenced added by hackers elements.

Image Source: Zscaler

Most of the malicious sites are located in the U.S., Western Europe (Germany, France and the Netherlands), as well as in China (8%).

The list is also present the government’s share mdjjj.gov.cn, containing a JavaScript script that refers to an external domain. This script contains an exploit in Flash Player, aimed at the Mac system. Also on this site was found to exploit vulnerabilities in Internet Explorer 6 and 7 , which allows attackers to compromise a user’s system.

Notification by Zscaler can be found here.

Setup a Custom App with a Custom Tab Icon on Facebook Page

May 16th, 2012 | Posted by Aals in Custom Facebook Pages | Facebook - (0 Comments)

Setup a Custom App with a Custom Tab Icon using Woobox’s IFRAMEHOST
(This is after you have set a custom tab, if you need to add one then read Add a Custom Tab on Facebook page to learn more.)

Visit https://developers.facebook.com/apps

Then continue to the page where you will find your App ID & App Secret where you can edit the custom icon and save changes.

Copy and paste the App Id and secret to http://iframehost.com/newapp and Save app setting.

Then Install your new App to your Pages

After entering your App ID and App Secret, you will be shown an Install Page Tabs button.

You install this once on your Facebook page. Click the Install Page Tabs button to install it onto your pages.

You can also manually install your apps by going to http://iframehost.com/util/installtab/YOURAPPID (Replace YOURAPPID with your actual App Id).

Add a Custom Pinterest Tab on Facebook Page

May 16th, 2012 | Posted by Aals in Custom Facebook Pages | Facebook - (0 Comments)

Visit https://apps.facebook.com/iframehost/

& click on Install Page Tab

select the page where you want to add the page tab

The new tab will appear on your fan page.

Here you can set the tab settings according to your preferences. You can add an image to the custom tab by clicking on Change Tab Image (size of image 111px x 74px)

For Pinterest it is better to redirect the tab to your Pinterest account URL. So for that click on Redirect in Page Source & type in the URL http://pinterest.com/accountname or http://pinterest.com/accountname/boardname

Click save and then scroll to the top and select view tab.

Read how to Setup a custom Tab Icon on Facebook Page

Trustwave: Hackers are actively exploiting a vulnerability in PHP

May 15th, 2012 | Posted by synt4x in Security - (0 Comments)

If hackers compromise the system creates rules mod_rewrite, preventing the re-exploitation of vulnerability.

Specialists from the company Trustwave reported that they are aware of numerous cases of exploitation of the vulnerability of PHP (CVE-2012-1823/CVE-2012-2311), CGI-related setting . Recall that this vulnerability was discovered in the course of the competition Nullcon CTF in January this year and eliminated in early May. During the week, PHP developers have released another patch that removed the additional vectors of vulnerability, as well as another compromise vulnerable systems in branch 5.4.x.

The company DreamHost, which hosted more than 1 million websites, shared with Trustwave your event logs, analysis of which showed that during the first few days after it appeared the information about the vulnerability, there were more than 200,000 attacks on more than 150,000 domains , hosted on servers DreamHost.

The main goal of attackers exploiting the vulnerability CGI setup php-cgi, was to create a backdoor. In one example, exploits, which experts have Trustwave, contained the following code:

”. Chr (10).
‘RewriteEngine On’. Chr (10).
‘RewriteCond% {QUERY_STRING} ^ (% 2D | -) [^ =] + $ [NC]‘. Chr ( 10).
‘RewriteRule ^ (. *) $ 1? [L] ‘. Chr (10).
”.

These rules are added to mod_rewrite. Htaccess file and are the easiest way for further exploitation. Thus, the attackers are trying to make sure that the other intruder was not able to re- hack the system.

Due to the frequent use, system administrators are urged to upgrade PHP to version 5.3.13 or 5.4.3 from the manufacturer.

Notification By Trustwave can be found here

Iranian banks were denied the right to communicate with foreign customers through e-mail

May 15th, 2012 | Posted by synt4x in Security - (0 Comments)

Customers are required to start the accounts in one of three Iranian existing email service.

Ministry of Telecommunications of Iran has banned domestic banks, insurance and telephone companies to communicate with clients using the services of foreign e-mail. According to Agence France-Presse, bank customers must create an account in one of three Iranian-mail services. In addition, Iranian companies have to use the web-sites, which are located in Iran belongs to the blast zone. ir. Recall that in April 2012 Iran announced plans to create its own network and completely disconnect from the Internet. Subsequently, the authorities have denied these rumors. However, work on creating an internal network is still underway. It is worth noting that the Iranian people are often left without access to popular resources such as Facebook, MySpace, as well as some porn sites and other portals.

Even Google has to install a security update

May 15th, 2012 | Posted by synt4x in Security - (1 Comments)

The experts of the Research Center PositiveResearch discovered and helped fix a critical vulnerability in the Online Corporation Google.

The experts of the Research Center PositiveResearch discovered and helped fix a critical vulnerability in the Online Corporation Google. Existing work has been marked by a team of Google under the Vulnerability Reward Program Award and rewarded, relying for finding serious vulnerabilities.

The problem on one of the portals of the corporation, found expert Dmitry Serebryannikova Positive Technologies, allow a potential attacker to perform remote command execution on the target system – for example, download and run the program, read and modify files, retrieve data from the database. It is noteworthy that the vulnerability has arisen due to lack of recent updates to third party software “patch” for which there was in the public domain for nearly two years – though that is most often found problems with the applications of its own design.

“We are pleased to participate in a variety of open source software, in any projects that improve security of the Internet – although this is not the main kind of our work – said the head of security analysis Positive Technologies Dmitry Yevteyev. – The company Google – not a pioneer in this direction, but its Security Bounty Programs are very popular among researchers due to the high professionalism of the team, parsing treatment, and vulnerability scan speed and ease of obtaining compensation. ”

This is not the only example of fruitful cooperation Positive Technologies and Google. In 2010, Google has perpetuated the names of experts Positive Technologies in a virtual Hall of Fame Hall of Fame Security (http://www.google.com/corporate/halloffame.html ) in gratitude for their help in improving security.

ISC: July 9, 300 thousand infected with DNS Changer computers will be disconnected from the Network

Recommended Reading

Google blacklist includes the most popular sites

Recommended Reading

Setup a Custom App with a Custom Tab Icon on Facebook Page

Recommended Reading

Add a Custom Pinterest Tab on Facebook Page

Recommended Reading

Trustwave: Hackers are actively exploiting a vulnerability in PHP

Recommended Reading

Iranian banks were denied the right to communicate with foreign customers through e-mail

Recommended Reading

Even Google has to install a security update

Recommended Reading

WAIT! Is that even a REAL Anti-Virus Program? OR? Subscribe Now! to know more

More Links

Low Website Packages

LetsByteCode

Affiliate Membership

Categories

More...

Tags

Sponsor