The first case of "drive-by pharming" has apparently been observed in the wild:
http://www.networkworld.com/news/2008/012208-drive-by-pharming.html
Friday, 25 January 2008
Friday, 18 January 2008
Personal data found on roundabout...
What is going on in the U.K.?
http://news.bbc.co.uk/1/hi/england/devon/7197048.stm
Is it that incidents like these are being reported more openly or that they are occuring more often?
http://news.bbc.co.uk/1/hi/england/devon/7197048.stm
Is it that incidents like these are being reported more openly or that they are occuring more often?
Is there something in the air in the UK?
To quote the article:
"West Midlands police are investigating the theft of a laptop from a Royal Navy officer which held personal details of 600,000 people, it has been confirmed."
However, it is really not much to worry about; there were only a few NI numbers, passport and a few bank details for good measure.
All of that on a laptop kept in a car overnight??
http://news.bbc.co.uk/1/hi/uk/7197045.stm
"West Midlands police are investigating the theft of a laptop from a Royal Navy officer which held personal details of 600,000 people, it has been confirmed."
However, it is really not much to worry about; there were only a few NI numbers, passport and a few bank details for good measure.
All of that on a laptop kept in a car overnight??
http://news.bbc.co.uk/1/hi/uk/7197045.stm
Monday, 14 January 2008
Only 5% of Windows PCs are fully patched?!
Surprising! However Double D cannot help but wonder if:
1. Windows users still have not turned on automatic update or notification,
2. The users who are "generous" enough to submit their personal machine to a scan from a website (not doubting secunia's reputation in any way, but I would not do it...) are probably not going to be patched and "security" aware anyway?!
http://www.theregister.co.uk/2008/01/09/secunia_insecurity_survey/print.html
1. Windows users still have not turned on automatic update or notification,
2. The users who are "generous" enough to submit their personal machine to a scan from a website (not doubting secunia's reputation in any way, but I would not do it...) are probably not going to be patched and "security" aware anyway?!
http://www.theregister.co.uk/2008/01/09/secunia_insecurity_survey/print.html
Tuesday, 8 January 2008
Firefox dialog box authentication spoofing
It looks like it is possible to craft a dialog box with a realm value appearing to be from a "trusted" web site:
http://aviv.raffon.net/2008/01/02/YetAnotherDialogSpoofingFirefoxBasicAuthentication.aspx
http://aviv.raffon.net/2008/01/02/YetAnotherDialogSpoofingFirefoxBasicAuthentication.aspx
Dear Jeremy Clarkson...
This one shows Jeremy really is in top gear:
http://news.bbc.co.uk/1/hi/entertainment/7174760.stm
The Double D says Jeremy you're a prat!
http://news.bbc.co.uk/1/hi/entertainment/7174760.stm
The Double D says Jeremy you're a prat!
Is this the 80's? - Deja Vu at its finest!
Holly crap 2008! And this sounds like a considerable amount of fun. http://www2.gmer.net/mbr/
Basically, hack the MBR on any NT based machine hide you code in a few sectors of disk (really hard to delete something that is not a file), execute code before passing control to ntldr, patch the kernel and then you are done pretty much. And all this from the fun park that is userland. I think!
This is straight out of the DOS days. MBR virus' and attacks. Have OS developers learned nothing since the 80's. Get a grip MS people and sort this out!
Cool site tho. Will have to take a look at GMER and let all you wonderfull people know what the double D thinks. I like the way the site actually goes into assembly, it appeals to my inner (and outer) geek.
DD
Basically, hack the MBR on any NT based machine hide you code in a few sectors of disk (really hard to delete something that is not a file), execute code before passing control to ntldr, patch the kernel and then you are done pretty much. And all this from the fun park that is userland. I think!
This is straight out of the DOS days. MBR virus' and attacks. Have OS developers learned nothing since the 80's. Get a grip MS people and sort this out!
Cool site tho. Will have to take a look at GMER and let all you wonderfull people know what the double D thinks. I like the way the site actually goes into assembly, it appeals to my inner (and outer) geek.
DD
Subscribe to:
Posts (Atom)