Archive for October, 2009

Tor Project and Censorship in China

Thursday, October 29th, 2009

In preparation for the 60th anniversary of communistic rule, China strengthens Great Firewall (GFC). Apart from pushing local ISPs to deploy more powerful technology, the chinese government used its net censorship mechanisms to attack parts of the Tor network. (more…)

Posted in Uncategorized | No Comments »

Click fraud through Bahama botnet faking Google

Thursday, October 29th, 2009

Bahama botnet, a network of thousands compromised computer, is using Google and other search engines including Yahoo and Bing to counterfeit web pages for advertising purposes.

The botnet is spreading through malware distributed through antivirus scams. Compromised PCs are having fake DNS replies for Google.com and other search engine domains, an attack known as “DNS poisoning”. As a result, affected users are visiting a fake page that looks exactly Google.com located in Canada. (more…)

Posted in Uncategorized | No Comments »

Cloud Storage: are my data safe?

Monday, October 26th, 2009

Earlier this month T-Mobile Sidekick users experienced an outage that left most of them without access to their personal data.  Contacts, calendar entries, photographs and other personal information were stored in Danger service provider, a Microsoft subsidiary. (more…)

Tags: , , ,
Posted in presentation, security news | No Comments »

The Problem of Snowshoe Spam

Wednesday, October 7th, 2009

Spamhaus, a major DNS-based Blacklist (DNSBL) provider, published, earlier this month, an article outlining the problem of snowshoe spam.

Snowshoe spam appears to be a novel tactic used by spammers to avoid detection by traditional means. In detail, unsolicited e-mail messages are sent not massively from botnets or other compromised IP address ranges but in modest volumes from unallocated addresses. (more…)

Tags: , , ,
Posted in Uncategorized | No Comments »

2nd WOMBAT Workshop sum-up

Wednesday, October 7th, 2009

The 2nd WOMBAT workshop took place on the 22th and 23rd of September. The workshop took place in Saint Malo, France. The agenda focused on the WOMBAT API (WAPI), an API for exchanging data over the SOAP protocol using SSL connections. The keynote talks and the presentations focused on explaining the reasons why the WAPI was created and the problems it is designed to solve. (more…)

Posted in Uncategorized | No Comments »

When XXS met Reddit

Wednesday, October 7th, 2009

The well-known social news website Reddit got hit from a very effective XSS (cross site scripting) attack on Sunday, September 27th.

The attack was rested on the fact that Reddit was not filtering out JavaScript in specific instances while a user was moving the mouse over the text field of the comments. (more…)

Tags: , , ,
Posted in security news | No Comments »