Home Vulnerabilities Exploits Hacking IT Security Malware
Twitter
RSS

Archive for July 4th, 2010


Lin-dependence day!

By admin on Sunday, July 4th, 2010 | No Comments

On Friday I was honored to sit in front of a group from the Techrepublic community and talk open source. The driving force of the debate was open source vs. proprietary software. The ever-present subtext of that debate is Linux vs. Windows. The audience was pleasantly surprised when the debate never turned sour. Why is that? So many asked. The answer, although one-sided, is simple.

Linux is about embracing, about community, about acceptance. In many ways, Linux is the polar opposite of Microsoft. Naturally the first reaction to that statement is Of course, Linux is open source and Windows is not. But think about it on a much grander scale. Think about your network environment…all those Windows machines working happily side by side. The minute you put a Mac or a Linux machine into that mixture those Windows machines start wanting to know What is GOING ON????

Read the rest

Read More...

New SQL injection making the rounds?

By admin on Sunday, July 4th, 2010 | No Comments

SophosLabs has been tracking the results of what looks like a new SQL injection over the last week and updating detections to Mal/Badsrc-C to deal with it.

The script tag injected is now using port 8080 like similar campaigns recently.

< !–[0-9a-f]{32}–>

Here the src attribute here has been replaced by a regex and the HTML comment has also been replaced.

This type of construction is used legitimately as well as maliciously which makes the detection difficult!

We were alerted to this attack over the last week by seeing feedback from the Sophos Web Appliance (SWA) of Troj/ExpJS-W, Troj/PDFJs-JS, and Troj/JSRedir-AR. So on Wednesday, SophosLabs released a Suspicious detection (Sus/Badscr-C) to the SWA to gather data on this injection.

Several high profile sites are currently compromised with this injection:

  • A publicly–owned business development company in Southern US.
  • An Islamic Cultural

Read the rest

Read More...