Rodney Campbell's Blog

Archive for January, 2008

2008.01.30 Daily Security Reading

by on Jan.30, 2008, under Security

Report – 51 Percent Of Malicious Web Sites Are Hacked

The number of legitimate Web sites that have been hacked and seeded with code that tries to infect visitors PCs with malware now exceeds the number of sites specifically created by cyber criminals.

Drive-By Pharming In the Wild

Symantec reported Tuesday that the first case of drive-by pharming, in which a hacker changes the DNS settings on a customer’s broadband router or wireless access point and directs the link to a fraudulent Web site, has been observed in the wild. The first drive-by pharming attack has been observed against a Mexican bank.

Spies In the Phishing Underground

Security researchers Nitesh Dhanjani and Billy Rios, who recently managed to infiltrate the phishing underground. What started as a simple examination of phishing sites turned into an extraordinary tour through the ecosystem that supports the business of phishing.

Comments Off on 2008.01.30 Daily Security Reading more...

2008.01.16 Daily Security Reading

by on Jan.16, 2008, under Security

Retrospective: 10 Security Blunders

Every year gets its share of major, jaw-dropping security blunders. This is a retrospective for the 21st century so far, with special attention on 2007.

Zero-Day Exploit For Apple’s QuickTime Posted

Vulnerability affects both Windows and Mac OS X versions of Apple’s QuickTime software.

Polish teen derails tram after hacking train network

The 14-year-old modified a TV remote control so that it could be used to change track points.

Malware Distribution Through Physical Media a Growing Concern

In the past month, at least three consumers have reported that photo frames – small flat-panel displays for displaying digital images – received over the holidays attempted to install malicious code on their computer systems.

Most Home Routers Vulnerable to Flash UPnP Attack

GNU Citizen have been researching UPNP Vulnerabilities in home routers, and have produced a flash swf file capable of opening open ports into your network simply by visiting an unfortunate URL.

Comments Off on 2008.01.16 Daily Security Reading more...

2008.01.10 Daily Security Reading

by on Jan.10, 2008, under Security

Thinking fast-flux: New bait for advanced phishing tactics

Years ago, attackers would often have one or two really important machines that were the centerpiece of their criminal money-making schemes. The bad guys, thus, often faced one or more single points of failure in their criminal infrastructures. So, how have today’s enterprising bot-herders, making millions of dollars from their criminal empires, responded to the single points of failure? Two words: fast flux.

Eavesdropping on Bluetooth headsets

Few users realize that Bluetooth headsets can be exploited granting a remote attacker the ability to record and inject audio through the headset while the device is not in an active call.

New iPhone Trojan Spreading

Seen more as a prank than an actual threat, a Trojan horse for the Apple iPhone, has already come and gone. Still, users should be on the look out for a package called “iPhone firmware 1.1.3 prep,” described as something you need to install before updating to the new 1.1.3 firmware.

Master Boot Record rootkit

Matt Richard from Verisign’s iDefense sent us some information regarding the Master Boot Record (MBR) rookit that’s been found in the wild in the past weeks.

Comments Off on 2008.01.10 Daily Security Reading more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Copyright © 2015 Rodney Campbell

Images contained on this web site may not be used or reproduced in any way without prior permission.