-
Archives
-
Meta
Category Archives: Alert
Network Solutions Hack hit up to 5 Million Sites
According to a Tech Herald report appearing over the weekend, an attack on a widget offered by hosting company Network Solutions to customers of its hosting and domain parking services led to the distribution of malware by sites displaying the widget, through the compromise of Network Solutions’ own growsmallbusiness.com site, which distributed the widget.
http://www.thewhir.com/web-hosting-news/081610_Report_Network_Solutions_Hack_hit_up_to_5_Million_Sites?utm_source=twitter&utm_medium=feed&utm_campaign=news
Worms Attack Skype, Yahoo Messenger
Security researchers at Symantec and BKIS report worms hitting users of Yahoo Messenger and Skype via malicious instant messages.
Just another reminder to not click on links in emails from people you don’t know.
Read full story here: http://www.eweek.com/c/a/Security/Security-Researchers-Report-Attacks-on-Skype-Yahoo-Messenger-199929/?kc=rss
Russian Hacker Selling 1.5 Million Facebook Accounts
Image via CrunchBase
1242 Million Facebook Accounts tweets Million Facebook Accounts 04/23/10 by Jolie O’Dell A hacker who calls himself Kirllos has obtained and is now offering to sell 1.5 million Facebook IDs at astonishingly low prices — $25 per 1000 IDs for users with fewer than 10 friends and $45 per 1000 IDs for users with more than 10 friends — according to researchers at VeriSign’s iDefense. Looking at the numbers, Kirllos has stolen the IDs of one out of every 300 Facebook users. Information for sale includes login credentials; whether or not the e-mail addresses and passwords are legitimate is currently unknown.
Use McAfee Antivirus Software?
An update to McAfee’s antivirus software falsely identified a standard Windows file as a virus and has wreaked havoc on computers nationwide. Click on the link below to read more.
http://m.npr.org/story/126168997
Network Solutions Hack Compromises 573,000 Credit, Debit Accounts
Anyone that had an online store hosted by Network Solutions needs to read this article.
Network Solutions Hack Compromises 573,000 Credit, Debit Accounts
- Image by Jordan and Lee via Flickr
Hackers have broken into Web servers owned by domain registrar and hosting provider Network Solutions, planting rogue code that resulted in the compromise of more than 573,000 debit and credit card accounts over the past three months, Security Fix has learned.
Critical JavaScript vulnerability in Firefox 3.5
Microsoft Internet Explorer has long been criticized as ‘insecure’ and vulnerable to attack while Mozilla Firefox was touted as the browser to use to keep your web browsing and your computer safe. It doesn’t appear that this is the case any longer. Make sure you apply all available patches as soon as they become available–for all your software–to keep your computer secure and less vulnerable to attack.
07.14.09 – 10:15am
Issue
A bug discovered last week in Firefox 3.5’s Just-in-time (JIT) JavaScript compiler was disclosed publicly yesterday. It is a critical vulnerability that can be used to execute malicious code.
Impact
The vulnerability can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code. The vulnerability can be mitigated by disabling the JIT in the JavaScript engine. To do so:
- Enter
about:configin the browser’s location bar. - Type
jitin the Filter box at the top of the config editor. - Double-click the line containing
javascript.options.jit.contentsetting the value to false.
Note that disabling the JIT will result in decreased JavaScript performance and is only recommended as a temporary security measure. Once users have been received the security update containing the fix for this issue, they should restore the JIT setting to true by:
- Enter
about:configin the browser’s location bar. - Type
jitin the Filter box at the top of the config editor. - Double-click the line containing
javascript.options.jit.contentsetting the value to true.
Alternatively, users can disable the JIT by running Firefox in Safe Mode. Windows users can do so by selecting Mozilla Firefox (Safe Mode) from the Mozilla Firefox folder.
Conficker Worm Targets Microsoft Windows Systems
Original release date: March 29, 2009
Source: US-CERT
Systems Affected
- Microsoft Windows
Overview
US-CERT is aware of public reports indicating a widespread infection of the Conficker worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across a network if the host is not patched with MS08-067.
I. Description
The presence of a Conficker infection may be detected if a user is unable to surf to the following web sites:
- http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm
- http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
- http://www.mcafee.com
If a user is unable to reach either of these web sites, a Conficker infection may be indicated (the most current variant of Conficker interferes with queries for these sites, preventing a user from visiting them). If a Conficker infection is suspected, the infected system should be removed from the network. Major anti-virus vendors and Microsoft have released several free tools that can verify the presence of a Conficker infection and remove the worm. Instructions for manually removing a Conficker infection from a system have been published by Microsoft in http://support.microsoft.com/kb/962007.
II. Impact
A remote, unauthenticated attacker could execute arbitrary code on a vulnerable system.
III. Solution
DotNetNuke 5.0.0 Upgrade Warning
We have been supporters of DotNetNuke (DNN) for the past several years and offer it as a hosting option to our clients. For those not familiar with DNN, it is the Open Source ASP.NET answer to Joomla!–both being content management systems. A content management system is software that keeps track of every piece of content on your Web site, much like your local public library keeps track of books and stores them. Content can be simple text, photos, music, video, documents, or just about anything you can think of. A major advantage of using a CMS is that it requires almost no technical skill or knowledge to manage. Since the CMS manages all your content, you don’t have to.
Recently, DotNetNuke released to market (TRM) their newest version 5.0.0, and we upgraded immediately and were met with a multitude of problems–from images not showing up, users not being able to logon to their portals, and a whole host of other little issues. After visiting the DNN site forums, it turns out that we were not the only users experiencing these problems. There were some ‘fixes’ for some, but further reading found some of the developers suggesting restoring the previous version as there were a lot of problems that somehow escaped detection in the preliminary testing before the release. Additionally, they promised that there would be a version 5.0.1 that would ‘fix’ all of these issues coming out in short order. We restored our previous version of DNN and anxiously awaited the 5.0.1 version to be releases.
Domain Name Registration Fraud
A client of mine sent me a copy of a letter she received and asked if she needed to pay this ‘invoice’. As we are the domain registrar for my client’s domain name, I knew immediately it was some sort of scam. Though determining exactly what they were trying to do, besides fraudulently extract money, is still not clear in my mind and I have read the letter over several times.
You may recall when the telephone companies deregulated, the flurry of calls you received to ‘upgrade’ your service; when in reality, those calls were from other companies trying to switch your service from your chosen carrier to their service. This practice was labeled ‘slamming’. It didn’t take long for this practice to find its way into the domain name market. If you had a domain name registered, you might have noticed a flurry of calls or letters or even faxes explaining that your domain name was about to expire, or that another variant of your domain needed to be registered to protect your company name. (for example, if you owned the name ‘yourcompany.com’ the letter might say you had to order ‘yourcompany.net’). These letters were from companies that were trying to switch your domain name registration from your chosen provider over to their company, usually at a much higher price.
SQL Server Updates
We will be applying Service Pack updates on both SQL 2000 and SQL 2005 servers this evening (February 25, 2009). There will be several server reboots required which will effect both the SQL servers and any web sites that are using one of these servers for back-end data storage. SQL 2008 servers and sites using SQL 2008 will not be effected by this update.