Security

Cracker Adds PHP Exploit to WordPress 2.1.1

WordPress has issued an urgent upgrade for users who downloaded WordPress 2.1.1 within the past 3-4 days: It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP ... (read more)

2007/03/03

Sold Cell Phones Reveal Customer Secrets

A company that makes phone-security tools bought 10 phones on EBay and shared their contents with a reporter, finding evidence of marital affairs, business deals and other juicy private information. One phone surrendered the secrets of a chief executive at a small technology company in Silicon Valley. It included details of a pending deal with Adobe Systems Inc., and e-mail proposals from a potential Japanese partner: "If we want to be exclusive distributor in Japan, what kind of business terms ... (read more)

2006/08/30

Dell Recalls 4.1 Million Laptop Batteries

Dell is recalling 4.1 million batteries from its laptop computers because they have the unfortunate tendency to burst into flame, as these photos demonstrate. The recall covers four models of Dell laptops sold from April 2004 to July 2006: Potentially affected batteries were sold with the following models of Dell notebook computers or separately as secondary batteries: Latitude: D410, D500, D505, D510, D520, D600, D610, D620, D800, D810 Inspiron: 500M, 510M, 600M, 700M, 710M, 6000, 6400, 8500, ... (read more)

2006/08/15

Advertiser Sneaks Malware into Flash Ad

An underhanded advertiser trick that hit LiveJournal demonstrates a risk of accepting Flash ads -- they can pop up windows: ... the Flash ad contains code to open a popup that leads to a very different destination -- it's what I assume is an affiliate link that attempts to download and install ErrorSafe on your computer (link is to Symantec's description of it). This, of course, would be totally against any ad company's guidelines. Masquerading as a banner ad, but discreetly opening a popup -- ... (read more)

2006/06/25

Robert Scoble, Naked Conversations and Exposed PCs

Robert Scoble's departure from Microsoft is getting major-news treatment from the mainstream media this morning: Mr. Scoble's blog, called Scobleizer, is widely seen as helping to humanise Microsoft and shift its stance from arrogant and aloof to one that is more inclusive and accepting of criticism. It also commented on broader changes in the net world and how they affected the company. Scoble began his blog around the time he left UserLand Software and deserves credit for using an employee ... (read more)

2006/06/12

The Mother of All Infected Windows XP Systems

My mom has a Windows XP system with an always-on high-speed Internet connection that's occasionally used by relatives and other guests. The PC had become glacially slow, opening new web pages after a pause of 10 or more seconds, so I started looking for spyware or viruses that might be causing the problem. I brought the virus definitions in Norton Anti-Virus up to date and installed Ad-Aware to look for other junk. As they were running, shortly after midnight the PC began sending hundreds of ... (read more)

2006/06/10

Netcraft Toolbar Catches Phish

One in 20 people fall for phishing scams and provide their account information to bogus versions of PayPal, EBay and other ecommerce sites, according to a study by Rachna Dhamija of the Harvard Center for Research on Computation and Society. The study presented real online banking and fake phishing sites to subjects to see if they could tell the two types apart. ... The most sophisticated site caught out 90 percent of the 22 people participating. I began using the Netcraft Toolbar in October, ... (read more)

2006/04/05

Stopping Open Recursion Name Server Attacks

I received an ominous e-mail from my server host Thursday: The DNS service(s) on your server are currently open to recursive queries from the world, leaving them vulnerable to DNS cache poisoning attacks and allowing them to be used to attack other sites. Your server was reported participating in an outbound DDoS attack through means of this vulnerability by an attacker. Please ensure that recursive lookups are DISABLED in yournameserver's configuration to prevent future abuse. If you need any ... (read more)

2006/03/12

Spammer Messes with My Headers

A few weeks ago, I mistakenly believed that I had closed a PHP mail form vulnerability that let spammers use my web server to send mail. Another batch of penis enlargement and phentermine pitches were sent through my server last night, which I discovered when "rejected bulk e-mail" bounces found their way to me. A spammer exploited a mail script I had written that coded the recipient address like this: $recipient = "info@ekzemplo.com"; I thought the script was secure because users couldn't ... (read more)

2005/12/07

Identity Thieves Mastered My Card

I just completed a 10-day ordeal dealing with fraudulent charges on two credit cards. On Friday Nov. 18, my card donated $1.89 to the Hong Kong chapter of the relief organization Médecins Sans Frontières. The following Monday, my wife's card spent around $190 with the Ito-Yokado retailer in Japan. These charges were discovered within 72 hours as I reviewed my MasterCard account online. I had just paid for wireless Internet access at a Disney World conference center on Nov. 20, and a day later ... (read more)

2005/11/29

Read More Entries

Microsoft Bob icon

Rogers Cadenhead

Social Media

Mastodon

Mastodon

Subscriptions

Workbench RSS feed RSS Feed

Blogroll

Projects

Statistics

Line drawing of cowboy on horse

This blog has been published since Nov. 7, 1999 (a span of 8,935 days).

Thank you for visiting Workbench.

Drawing of an owl with glasses reading a book