This Metasploit module exploits a memory corruption flaw in Internet Explorer. This flaw was found in the wild and was a key component of the Operation Aurora attacks that lead to the compromise of a number of high profile companies. The exploit code is a direct port of the public sample published to the Wepawet malware analysis site. The technique used by this module is currently identical to the public sample, as such, only Internet Explorer 6 can be reliably exploited.
.::anti-abuse.com::.
Security Revealed
Author Archive
The Real War At SXSW: AT&T Versus 15,000 Data-Crazed Geeks
Posted in March 12th, 2010
We’ve talked a lot this week about the so-called “Location War” brewing at the SXSW festival in Austin, Texas starting tomorrow. That war will happen, but actually, there are likely to be a lot of winners because a few of the location-based services should be able to leverage the exposure to gain usage after the conference. Those with real bloodlust should probably be watching another war: AT&T versus everyone in Austin on their network.
AT&T’s struggles to stay up last year are well-documented. CNN recently ran a piece about how AT&T hopes to avoid a similar fate this year. But actually, “struggles” is way too kind of a word. If you were at SXSW last year and happened to be on AT&T’s network — like, say, if you had an iPhone, like many festival-goers did — it was an absolute nightmare. You couldn’t make a call. You couldn’t send a text. Data? Ha. At a few points early on I seriously wondered if I had forgotten to pay my bill and AT&T had simply shut my phone off — except that it was happening to everyone.
AT&T has a funny word for the failure, they like to say “unprecedented.” As in, the usage of its network was at level previously unseen as a strong percentage of the over 10,000 festival goers (just the interactive part) were using iPhones. Well guess what? Word is that is year, there will be some 15,000 people there for the interactive part. As Samual L. Jackson’s character, Mr. Arnold, says in Jurassic Park, “Hold on to your butts.”
Comments Off
And It Begins: Foursquare Shatters Its Check-In Record The Day Before SXSW
Posted in March 12th, 2010
The official Foursquare account just sent out a tweet letting everyone know that today is already the service’s biggest day ever. This is interesting since it’s actually the day before the SXSW conference kicks off in Austin, Texas.
According to the tweet, Foursquare broke 275,000 check-ins (the previous record, set last Friday) for the day “hours ago.” This means they’re very likely well past 300,000 now and perhaps even higher. To put that in some perspective, just a month ago, Foursquare set a record with 1.2 million check-ins for the entire week. And that was double was it was the month prior. At today’s rate, Foursquare would be doing well over 2 million check-ins a week.
Comments Off
Check-In For Charity During SXSW With CauseWorld And TechCrunch
Posted in March 12th, 2010
There are no shortage of location-based services launching this week at SXSW in Austin, Texas. Many of them allow you to “check-in” places to let others know you are there. So how do you differentiate between then and decide which to use? Well, here’s one good way.
CauseWorld, is a free iPhone and Android app that lets you check-in places, but it has an added real-world bonus: big brands give money to charity when you do so. And this week at SXSW, CauseWorld is teaming up with TechCrunch to offer double point (which they aptly call “karma”) when you check in to one of over 50 venues around Austin (I’ll paste the full list at the bottom of the post), including the Austin Convention Center (where SXSW is held).
Comments Off
Earthquakes and automobiles dominate spam picture
Posted in March 12th, 2010
Shaun Nichols in San Francisco, V3.co.uk, Friday 12 March 2010 at 02:23:00
Localized attacks rise in popularity amongst criminals
Current events and a rise in phishing attacks were among the big issues in
the spam world last month, according to Symantec.
The security firm said in its latest monthly report
(PDF)
the February saw a rise in phishing attacks by some 16 per cent, while malware
writers increasingly looked to the news wires to lure victims.
Much of the increase in spam was from localized and non-English attacks,
which were up 12 per cent. Among the most popular were Italian and French
language phishing operations stemming from recent banks.
“The increase in Italian language phishing was attributed to a rise in
attacks on three Italian banks,” the company said in the report.
“Phishing on one Canadian financial institution and one French bank led to
the rise in attacks in French.”
For malware writers, sites promising video and information on the recent
earthquakes in Haiti and Chile as well as the recent Toyota automobile recall
were the attack tools of choice.
The United States was once again the country of choice for both sending spam
and hosting attacks. The report found that in February US systems originated 23
per cent of all spam messages and were the hosts for 48 per cent of phishing
sites.
UK systems accounted for three per cent of all spam messages, a one per cent
increase from last month and eighth-highest amongst all nations.
Comments Off
41 Senators Support Public Option Amid Wacky Washington Antics
Posted in March 12th, 2010
By Lauren Reichelt. Crossposted from Tikkun Daily.
The delightfully wacky HCR (Health Care Reform) circus caravan rolls on.
As of March 11, 41 Senators had either signed or issued statements of support for a letter to Harry Reid initiated by Alan Grayson and the PCCC urging passage of the Public Option through reconciliation. For [...]
Comments Off
Allaple malware author jailed for online attack
Posted in March 12th, 2010
Iain Thomson in San Francisco, V3.co.uk, Friday 12 March 2010 at 02:09:00
Estonian man gets nearly three years for revenge denial-of-service assault
An Estonian man has been jailed for two years and seven months after being
found guilty of using malware to launch a distributed denial-of-service (DDoS)
attack on a local insurance company.
The court ruled that Artur Boiko, 44, created the Allaple malware to get
revenge on IF Insurance after the company disputed a claim for a car accident.
The Allaple code spreads via network shares and by modifying local HTML
files, which spread the infection further when uploaded to public web sites.
The code attempted to launch a DDoS attack on the insurance company’s site
and its internet service provider (ISP).
“We detected several variants of Allaple during 2006-2007,” said Mikko
Hyppönen, chief research officer at security firm F-Secure.
“The problem is that this is not a botnet. These worms have no command and
control channel. The infected machines will attack their targets until they are
cleaned.
“There are still thousands of active infected computers around the world, and
they are still attacking. And the worm is still spreading further.”
Boiko had denied the charges, but the court found him guilty and sentenced
him to jail. He will also have to pay damages of $450,000 (£297,000) to IF
Insurance and $130,000 (£86,000) to the ISP.
“Two and a half years in prison and $580,000 [£383,000] in damages sounds to
me like a really good reason not to write malware,” said Graham Cluley, senior
technology consultant at Sophos.
“I think Boiko would have been wiser to take his complaint with the insurance
company on the chin (or to an ombudsman) rather than make life much worse for
himself by writing and releasing malware.”
Comments Off
Advertisments
Popular Tags
Recent Entries
- ms10_002_aurora.rb.txt
- skype-input.txt
- atutor-xss.txt
- eroserotikwebkat-sql.txt
- Bugtraq: Vulnerabilities in Abton
- Bugtraq: Skype URI Handler Input Validation
- The Real War At SXSW: AT&T Versus 15,000 Data-Crazed Geeks
- ZDI-10-028.txt
- Commercial Gaming, Coming Soon to Linux?
- And It Begins: Foursquare Shatters Its Check-In Record The Day Before SXSW
Recent Comments
- Keine Kommentare vorhanden.
Social Network
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | 31 | ||||