SaferPC.info

Virus Information News

     
 Title   Date   Author   Host 

phpMyAdmin corrupted copy on Korean mirror server
September 25, 2012

On September 25th, SourceForge became aware of a corrupted copy of phpMyAdmin being served from the 'cdnetworks-kr-1' mirror in Korea. This mirror was immediately removed from rotation.

The mirror provider has confirmed the attack vector has been identified and is limited to their mirror; with exploit having occurred on or around September 22nd. Through validation we have confirmed the corrupted file (a modified copy of phpMyAdmin-3.5.2.2-all-languages.zip) was served only via the 'cdnetworks-kr-1' mirror. While we believe that only one file was modified on the 'cdnetworks-kr-1' mirror, we are conducting additional validation to confirm and will provide update once this process concludes. The mirror remains out of rotation.

5-year-old Ocean Beach exposes Microsoft Xbox vulnerability
10news.com
by Michael Chen
April 3, 2014

An Ocean Beach boy is in the spotlight after he discovered a back door in to one of the most popular gaming systems in the world.

When 5-year-old Kristoffer Von Hassel is playing his Xbox, his feet don't touch the ground. But something he did has made the smartest guys at Microsoft pay attention. "I was like yea!" said Kristoffer. Just after Christmas, Kristoffer's parents noticed he was logging into his father's Xbox Live account and playing games he wasn't supposed to be.

Trust is fragile
37signals.com
by The Way
January 16, 2012

Taylor's post about our growth in 2011 included a bunch of numbers showing how the pistons inside the 37signals engine are pounding faster, but it all got swept away by what seemed like an innocent side-note: The 100 millionth file was called cat.jpg.

Being as it is that the internet is constantly accused of being just an elaborate way of sharing pictures of cats, sharing pictures of cats, we thought that was funny. But it wasn't. We shouldn't make jokes about anything even remotely related to people's data. Because the natural train of thought from there goes: Hey, if they saw the file name cat.jpg and shared it with the world, what's to prevent them from sharing other data? Actual sensitive data, like Downsizing-Plans-2012.pdf? Hell, what if they're actually looking at my secret new logo and leak it to the press?

De-Railing Security Bugs
A List Apart
by Jeff Lembeck
February 5, 2013

Security should always be at the forefront of your mind when developing on the web, and for Ruby and Rails developers that has definitely been the case recently.

Multiple exploitations over the last month have sounded the alarms for anyone that has a Ruby or Ruby on Rails app deployed. How does this affect you? These bugs allow "attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application." To break that down: the attacker will have the full ability to run code on your system. With this security opening, they can now take over your server, and it doesn't stop there.

Dark Patterns: Deception vs. Honesty in UI Design
A List Apart
by Harry Brignull
November 1, 2011

We might not like to admit it but deception is deeply entwined with life on this planet. Insects evolved to use it, animals employ it in their behavior, and of course, we humans use it to manipulate, control, and profit from each other.

With this in mind it's no surprise that deception appears in various guises in user interfaces on the web today. What is surprising, though, is that up until recently it was something web designers never talked about. There was no terminology, no design patterns, and no real recognition of it as a phenomenon at all. If it wasn't a taboo it certainly felt like one.

Anonymous imposters: hiding behind the AntiSec identity
abc.net.au
January 1, 2012

Anyone can say they're part of Anonymous. It's the perfect cover for hackers with motives more sinister than fun and propaganda.

Could that be why private intelligence firm Stratfor was just hacked? The Operation AntiSec collaborators Anonymous and LulzSec dominated media coverage of online security through 2011, taking credit for hacks of Sony, AT&T, the UK's Serious Organised Crime Agency and News International newspapers - even though the more serious cybercriminals continued working on the money-spinners. The Stratfor hack looks like all the others. It was announced via Twitter accounts associated with Anonymous. Samples of the pilfered data were posted online as evidence. The hackers taunted the victim about its pathetic defences. And the data vandalism was dressed up as political action.

Windows phone scammers continue to try to hack into your computer
abc15.com
by Joe Ducey
March 22, 2012

They say they're calling from Windows Support and that your computer has been sending error messages. All you have to do to fix it, they say, is follow their directions.

Scottsdale resident Linda Hard answered a call like this a few months ago. "I want you to go to the start button and pull up your program list," was the first thing they told her to do. But, that's as far as they got with Hard. "At that point, I said 'this is a scam and I'm hanging up,'" she said. "But there are people out there that wouldn't know it's a scam." And lots of those people have been falling victim to it.

Hacking Their Way to a Job?
abcnews.go.com
by ABC News
April 16, 2009

17-year-old Michael Mooney, who was behind the recent Twitter worms offered a job after claiming responsibility: A black mark or the ultimate resume? Some young programmers hack to get noticed.

For the social networking darling Twitter, it was a headache and potential threat. But for the young man behind the computer worm that attacked the micro-blogging site this week, it was a fast track to a job. Called both "Mikeyy" and "StalkDaily," the pesky computer program crashed the tweet-fest for the first time over the weekend, leaving thousands of unwanted messages in its wake.

Report Finds NSA Surveillance Harming Journalism and Law
aclu.org
July 28, 2014

Because freedom can't protect itself Government Spying Undermines Media Freedom and Right to Counsel, ACLU- Human Rights Watch Shows

Large-scale U.S. surveillance is seriously hampering U.S.-based journalists and lawyers in their work, the American Civil Liberties Union and Human Rights Watch said in a joint report released today. Surveillance is undermining media freedom and the right to counsel, and ultimately obstructing the American people's ability to hold their government to account, the groups said. The 120-page report, "With Liberty to Monitor All: How Large-Scale U.S. Surveillance is Harming Journalism, Law, and American Democracy," is based on extensive interviews with dozens of journalists, lawyers, and senior U.S. government officials. It documents how national security journalists and lawyers are adopting elaborate steps or otherwise modifying their practices to keep communications, sources, and other confidential information secure in light of revelations of unprecedented U.S. government surveillance of electronic communications and transactions. The report finds that government surveillance and secrecy are undermining press freedom, the public's right to information, and the right to counsel, all human rights essential to a healthy democracy.

A Guide to What We Now Know About the NSA's Dragnet Searches of Your Communications
aclu.org
by Brett Max Kaufman
August 10, 2013

Charlie Savage of The New York Times confirmed this week what we have been warning about for years, including to the Supreme Court last fall: The National Security Agency (NSA) is "searching the contents of vast amounts of Americans' e-mail and text communications into and out of the country, hunting for people who mention information about foreigners under surveillance . . . ." The rub: If you've sent an international email or text since 2008, chances are the government has looked inside of it. In other words, the same NSA surveillance dragnet that government officials have consistently dismissed as speculative and far-fetched is very, very real. The Times's front-page story raises questions akin to those advanced by a report in The Guardian last week revealing that under a program codenamed "XKeyScore," NSA analysts use dropdown menus and filters - just like the ones we all use every single day on the web - to gain instant access to "nearly everything a typical user does on the Internet." Essentially, XKeyScore is the NSA's very own, very powerful surveillance search engine.

     

Help keep this page up-to-date. Submit a Virus Information News link for inclusion on this page.

Shawn K. Hall © 2003-2021 Powered by 12 Point Design
Professional Web Hosting and Design Services: 12 Point DesignAt Summit Chiropractic our mission is to improve your quality of life - We know that health is much more than just not feeling painReliable Answers - developer information, current news, human interest and legislative newsLocal Homeschool provides the most up-to-date support group listings in a geographical and searchable indexTwain Harte, CA - The closest you can get to Heaven on EarthSaferPC dispels security misunderstandings and provides you with a solid understanding of viruses and computer security
Google

AddThis Social Bookmark Button