“Hundreds of WordPress blogs, particularly those hosted by Network Solutions, have been hit with an attack that cripples the blogs and redirects visitors to a URL that loads malware. The attack has been reported by both Sucuri Security Labs and Trend Micro. It works by replacing the contents of a WordPress blog’s “siteurl” field (under wp_options) with some HTML code. That field isn’t supposed to contain HTML, so it effectively breaks the blog.Security companies haven’t figured out how the blogs were exploited, although Sucuri says it was probably SQL injection or a database problem at Network Solutions. Network Solutions is investigating, and looking to blame a WordPress theme or plugin for the security hole, Trend Micro says. Trend Micro also has some info on the malware that the blogs are now redirecting to: it’s a known malware family called BUZUS, and antivirus software should be able to identify it.

If your blog was affected, change your siteurl bac k to its old value.You can find it under manage database, in the wp_option table. ”

This kind of platform attack is the most galling, because it’s something individual users of the software are powerless to protect themselves against. The onus is entirely on the hosting company, and it seems that in this case Network Solutions have a lotta ’splaining to do.

Geschrieben in link, general | Drucken | Keine Kommentare »

Link: I love Russian ransomware

2.12.2009 von matti.

Here the story from CA:

http://community.ca.com/blogs/securityadvisor/archive/2009/11/30/ransomware-blocks-internet-access.aspx

Funny, that they produce a key code generator

Geschrieben in link | Drucken | Keine Kommentare »

Link: same old same old

29.10.2009 von matti.

http://www.icann.org/en/topics/new-gtlds/high-security-zone-verification-04oct09-en.pdf

Somehow this idea sticks now around for a few years now. I think I first read about it 2 years ago.

This is just a typical example of a decision making process involving too many parties.

I think the Internet should be ruled by one person who is not interested in ruling of the Internet at all.

Douglas Adams had the idea for the whole galaxy so this should also work for the Internet.

Geschrieben in link | Drucken | Keine Kommentare »

Link: BB + PhoneSnoop = fun

29.10.2009 von matti.

http://www.us-cert.gov/current/index.html#blackberry_phonesnoop_application_used_to

here in full:

BlackBerry PhoneSnoop Application Used to Spy on Users
added October 27, 2009 at 11:59 am

US-CERT is aware of public reports of a new software application called PhoneSnoop. This software allows an attacker to call a user’s BlackBerry and listen to personal conversations. In order to install and setup the PhoneSnoop application, attackers must have physical access to the user’s device or convince a user to install PhoneSnoop.

US-CERT encourages users to only download BlackBerry applications from trusted sources and to password protect and lock BlackBerry devices.

Geschrieben in link, general | Drucken | Keine Kommentare »