Archive | August, 2006

AT&T Hack Exposes 19,000 Identities

Keep on Guard!

Ah another huge hacking resulting in a large loss of confidential information, companies really need to start getting more pro-active about aggresively testing their corporate networks and web based applications.

Information including CREDIT CARD numbers sadly.

AT&T on Tuesday said hackers broke into one of its computer systems and accessed personal data on thousands of customers who used its online store.

The information that was illegally accessed includes credit card numbers, AT&T said in a statement. The cyberattack affects about 19,000 customers who purchased equipment for high-speed DSL Internet connections through AT&T’s Web site, the company said.

“We deeply regret this incident,” Priscilla Hill-Ardoin, chief privacy officer for AT&T, said in the statement. “We will work closely with law enforcement to bring these data thieves to account.”

Companies really need to tighten up and enrole more high quality penetration testers (like me of course!).

The incident is the latest in a long string of data security breaches. Since early last year, more than 90 million personal records have been exposed in dozens of incidents, according to information compiled by the Privacy Rights Clearinghouse.

AT&T is offering to pay for credit monitoring services for customers whose accounts have been impacted because they could be at risk of identity fraud. The company also has made available a toll-free number to affected customers to call for more information.

Let’s hope we don’t see any more huge data leaks in the near future.


Posted in: General Hacking

Tags: , , , , , , , , ,

Posted in: General Hacking | Add a Comment
Recent in General Hacking:
- Why Are Hackers Winning The Security Game?
- The Dyn DNS DDoS That Killed Half The Internet
- Fully Integrated Defense Operation (FIDO) – Automated Incident Response

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,177,854 views
- Hack Tools/Exploits - 642,845 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 443,668 views

How to get Ops and takeover a channel on IRC Hack Hacking

Keep on Guard!

I’ve been spending a lot of time online lately reading all kinds of stupid text files on how to “Takeover Ops Boi!!!”, “eLeEt WaYs To gEt OpS!!!”, “HOW TO GET OPS ON SERVER SPLITS”, etc. We all know none of these things work, at least not for me. They’re either written by morons, or they were written like 10 years ago and don’t work anymore. The method I’m presenting here DOES work, but it takes practice, patience, and careful reading.

Tools needed

An IRC script that can do mass deops quickly and easily (preferibly one that lets you press an F# (function) key to do mass deops, or one that automatically mass deops once you gain ops). You don’t want to have to start going through popup menus since you have to do this quickly.

An IRC script that can do mass CTCP versioning. I’ll explain later.

A wingate scanner. These aren’t too hard to find. Check

A few ‘war’ programs to exploit irc clients, nuke, flood, etc. When I say flood, I don’t mean like a ping flood in mIRC, I mean like a real ICMP flooder. Try to find Final Fortune, it’s a program I made myself… very effective.

A lot of patience.

A brain.


Find a channel you want to takeover. This method will NOT work on Dalnet or any other networks with anything like ChanServ. Also, this won’t work if all of the ops in the channel are bots (unless they’re VERY badly programmed). OK, so once you’re in the channel, do a Version CTCP on all of the ops in there. Look for exploitable scripts (some versions of ircN, mIRC 5.3x, mIRC 5.4, etc.). Now, let’s say you find someone with nick ‘DumbOP’ and he’s using a script that you know you can exploit and disconnect him from IRC (but don’t crash him yet!).

/dns DumbOP to find his IP. Now take your handy wingate scanner. Plug in his IP and search for a similar one with the scanner. If you can’t find one in the same Class C range, try Class B if you have to, but make sure it resolves to something close to DumbOP’s IP.

Good, so now you have a wingate IP similar to DumbOP’s. If you couldn’t find an IP close to his, try this with another op with an exploitable script. Do a /whois DumbOP to find the IRC server he’s on and his ident (the thing before the @ip). So now that you have the wingate IP, what do you do with it? I’ll assume you never wingated before, and I’ll explain how to do it with mIRC. For
the example, let’s say the wingate IP is, DumbOP’s ident is ‘opident’, and DumbOP’s irc server is ‘’.

Open a new instance of mIRC, and in the status window, do the following:

/server 23

You’ll see it say “WinGate>NICK (some nick)”

Right after you see this, type:

/quote 6667

You’ll probably then see something like

“Connecting to host USER…Host name lookup for USER 6667
Connecting to host…connected”

You might see more than this, you might see less. The important thing to watch for is:

” - *** Looking up your hostname…
- *** Checking Ident
- *** Found your hostname
- *** Got Ident response ”

Once you see that, type:

/quote user opident opident opident opident
/quote nick DumbOP1

You don’t have to use ‘DumbOP1’, just use any temporary nick you want. Also, you can use ‘/raw’ instead of ‘/quote’ if you wish.

If you did everything correctly, you’ll see the MOTD for the irc server, and you’ll be connected. If by chance is k-lined from, you’ll have to go through the whole process again with a different server. This makes your “spoofing” (it’s not REALLY spoofing) attempt less realistic looking, but if you have to use a different server, then do it.

Once you’re online, everything works like normal. Do a /whois DumbOP1 to see your info. It should be close to DumbOP’s.

You’re halfway there! The next thing to do (not necessary, but recommended) is to try to find out some info on DumbOP. I recommend trying “nbtstat -A ” at the dos prompt, that might provide you with a name or two if you’re lucky. This is just some useful information that might
come in handy. Also, try searching ICQ for his nick and check his info, you might find good stuff in there.

The next step is to disconnect DumbOP from IRC. Either use an exploit, or nuke him (Click is sometimes useful (if you don’t know what Click is, it’s a program made by Rhad to have an IRC server ‘nuke’ a person… it sometimes works)), or ICMP flood him. Do anything you have to to disconnect him. By the way, you should have your original IRC session still open, with your
wingated IRC session running as a different instance of mIRC (you should have 2 ‘versions’ of mIRC running at the same time now, one with your original nick, info, etc., and the other with the DumbOP1 stuff). While you’re attacking DumbOP, monitor the channel with your original session of mIRC and wait for DumbOP to disconnect. Immediately after you see that, rename DumbOP1 to DumbOP (/nick DumbOP) and join the channel! Don’t say anything! If you’re lucky, a stupid op will op you. Then mass deop. If nothing happens for about 5 or 6 minutes, mass message the ops, saying something like “what happened? why am I not opped?”. You might get into a conversation. Remember to keep calm, and talk like an op. Don’t freak out and demand for them to op you. The “useful information” might come in handy now. Often the ops will tell you to get ops from the bots. Just say something like you’re desynched from the bots because of your ping timeout.

If your impersonation is good enough, 9/10 times they’ll op you. Like I said before, IMMEDIATELY do a mass deop. If possible, bring AT LEAST two bots (real bots, not just simple clones) into the channel to hold it and protect it.

If you followed all these steps thoroughly, you should be able to takeover most channels as long as there are at least 2 human ops (1 of which you’ll be ‘spoofing’, the other you’ll be messaging to op you).

Good luck and have fun!

Originally by St0rmer from EFNet, updated by Darknet.

Posted in: General Hacking, Old Skool Philes, Social Engineering

Tags: , , , , , , ,

Posted in: General Hacking, Old Skool Philes, Social Engineering | Add a Comment
Recent in General Hacking:
- Why Are Hackers Winning The Security Game?
- The Dyn DNS DDoS That Killed Half The Internet
- Fully Integrated Defense Operation (FIDO) – Automated Incident Response

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,177,854 views
- Hack Tools/Exploits - 642,845 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 443,668 views

AttackAPI 0.5 – JavaScript Security Tools

Keep on Guard!

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors. The project was primary inspired by the JythonShell applet. At its very early stage AttackAPI was a single extensible web enabled python console with a few modules.

The 0.5 release of AttackAPI is purely JavaScript based. This is not a shift in the project ideologies but rather an extension. It all started with the JavaScript Port Scanner which was sort of proof of concept tool. The current release still implements the same Port Scanner but in much less code and with a lot more efficiency in mind. Among the port scanner there are a few other tools: HistoryDumper, NetworkSweeper, ExtensionScanner, to name a few.

A single module (194 lines of code) that contains the entire library set is available HERE.

Latest info is here:


Posted in: Hacking Tools, Web Hacking

Tags: , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Recent in Hacking Tools:
- Pybelt – The Hackers Tool Belt
- Github Dorks – Github Security Scanning Tool
- scanless – A Public Port Scan Scraper

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 2,020,915 views
- Brutus Password Cracker – Download AET2 - 1,593,319 views
- wwwhack 1.9 – Download Web Hacking Tool - 704,650 views

Link & Comment Spamming – A possible solution.

Outsmart Malicious Hackers

Recently one of the sites I am developing for my self was link spammed. Some unpleasant individual decided that it would be fun to post 160 ‘comments’ spread over all the blog posts. All the comments contained was URL’s. Even more stupid they used BB tags, but as I wrote the site it doesn’t use them.

Any way, obviously this isn’t some thing I want, so I deleted them all with a quick bit of SQL. No one else has posted a comment to the site because like I said, its still under development.

However, it happened once so there is no reason to think it wont happen again. I thought about the problem for a while, and the only solution is to incorporate some kind of humanity check. Because lets face it, its not like some one sat there and entered them all in. Its was some kind of bot.

Now, I don’t really like the ones that ask you to type the letters from some hard to read image. I can do that, no problem but they look ugly, and if the user was colour blind, or any other sight related issue, then you buggered.

So, I have come up with a different solution. The idea is to ask a random question, some thing that’s so easy any every one will know the answer, but unless you can read, you wont know what the answer is.

While I was busy implementing this solution, and believe me it didn’t take very long, another 20 comments of a very similar nature where posted. How annoying is that?

The solution seems to work for now. There have been no more comments since I completed the changes, but then maybe its only time until the bot gets adjusted, time will tell. But I thought other might benefit from having it so here goes, how to add random questions to your site.

Oh, one thing, I am not going to list my questions here, for a start it took me a shockingly long time to think of 30 really really easy questions, and I also don’t want to give a list of the question text and answers away.

So – on with the show. First off you will need 2 tables, one for the questions and one to keep track of what questions you have asked each user.

The questions table is easy, 3 coloums. Question_id, question and answer. The question id is just a unique number, the question and answer are both varchar.

Then we have the table used to store the asked questions. This is even less complicated. All you need is 2 fields, one for the question that was asked ID, and one to store the users Session ID.

So far, that’s all easy enough. You fill in the question table with as many questions as you can think of, along the lines of “is the sky blue” with an answer of “yes” or perhaps “What is 25 + 30” answer, obviously “55”.

Of course you can create the tables and this isn’t going to do a hell of a lot. So, you’ll need a class to deal with it all. This is a copy of the code, though you will notice the use of the functions “performQuery” and “fetchRow”, these are from my own DB layer. They replace the standard MySQL commands by using a wrapper. It makes it easy to port code from one RDBMS to the other. I personally like this solution because its light weight and simple. But it’s a bit beyond the scope of this post.

So, the class? Its got 2 methods: getQuestion and getAnswer. They both take the a single parameter of ‘sid’. This is the session id, but for compatibility it is passed in to the function so it can basically be any thing.

How do you use it? Well, when your page displays the form you make a call to getQuestion and display it. For a while I thought about putting the question ID into the page, but only for a couple of seconds as I realised any half decent attempt to beat the system would just replace the ID with one with a known answer, infact as I suspect that the form is not used, simple data “posted” to the page, then it wouldn’t even matter.

That’s why we keep that information in the database.

Any way, once the form is submitted you then ask the class to get the answer for the current session, and compare what the user entered to the correct answer. I’d suggest forcing lower case, or upper case if you want, but basically make the comparison case insensitive.

If the answers don’t match then the person is, well an idiot or a bot. If no answer is available, then some ones messed with the session, or never even used the form. Doesn’t matter which, either way its an error.

I don’t think I will bother to explain the code it self, its really not that complicated. I think maybe the only bit that might seem a bit strange is the sql used to select a question:

This simply selects a random record from the table, because its ordered by “rand”. This basically means that for each record in the table a random number is generated, and then the records are ordered by the value. Because we only want one question we use the limit to only select the first record, how ever because each time the records are selected they will be in a different order, each time you get a different record cool ha? :-)

I hope this proves to work over time. I’ll have to keep any eye on it. Just to see how it goes. If any one can see any thing wrong with it, well, let me know.

Digg This Article

Posted in: General Hacking, Spammers & Scammers, Web Hacking

Tags: , , , , , , , ,

Posted in: General Hacking, Spammers & Scammers, Web Hacking | Add a Comment
Recent in General Hacking:
- Why Are Hackers Winning The Security Game?
- The Dyn DNS DDoS That Killed Half The Internet
- Fully Integrated Defense Operation (FIDO) – Automated Incident Response

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,177,854 views
- Hack Tools/Exploits - 642,845 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 443,668 views

Sophos Offers Free Rootkit Detection Tool/Software

Keep on Guard!

Ah, here at Darknet we have always been a fan of Sophos and the way they operate, a very efficient company and good to see good technical products still coming out of the UK!

Another good move by them, they have decided to offer a free rootkit detection tool called Sophos Anti-Rootkit..Yah I know, not a very imaginative name eh?

Called Sophos Anti-Rootkit, the software will detect and remove both known and unknown rootkits, and it will warn systems administrators if removing the software might harm operating system integrity.

Rootkits are a collection of tools used by hackers to gain administrative privileges on compromised machines. They are typically used to help hide other forms of malware — keyloggers or Trojan horse programs, for example — from antivirus software.

Rootkits got a LOT of press after the whole Sony rootkit fiasco, so it’s good to see a decent free tool being offered to the general public.

Sophos Anti-Rootkit works with the Windows NT, 2000, XP and Windows Server 2003 operating systems. The software features a graphical interface to help guide users through the process of detecting and removing the malicious software.

Since the Sony fiasco, the security industry has paid more attention to the rootkit problem, and there are now a number of free utilities designed to identify this type of software. Other tools include RootkitRevealer, GMER and IceSword.

We shall try out as soon as possible, after all we’ve had chkrootkit on *nix forever…about time someone did something similar for Windows.

You can download Sophos Anti-Rootkit here.

Source: ComputerWorld

Posted in: Countermeasures, Malware, Windows Hacking

Tags: , , , , , , , , , , ,

Posted in: Countermeasures, Malware, Windows Hacking | Add a Comment
Recent in Countermeasures:
- PwnBin – Python Pastebin Search Tool
- Microsoft Azure Web Application Firewall (WAF) Launched
- mongoaudit – MongoDB Auditing & Pen-testing Tool

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,644 views
- Password Hasher Firefox Extension - 118,164 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,805 views

Anonymous Connections Over the Internet – Using Socks Chains Proxy Proxies

Outsmart Malicious Hackers


This tutorial is an attempt to help you re-route all internet winsock applications in ms windows trough a socks chain, thus making your connections much more anonymous.


The more different hops you make your data jump, the more difficult it will be to trace it back. take this route for example:

you –> socks1 –> socks2 –> socks3 –> … –> socksx –> target

People who want to trace you will have to contact x persons to ask their them for their logs. chances are one of them didn’t log… and if they logged, the ip seen by each host/socks is the ip of the previous host/socks in the chain.

This works for:

  • icq-like tools
  • ftp clients
  • mail clients
  • telnet clients
  • portscanners
  • (just about anything that uses the internet)

It doesn’t work on most irc servers since they often check for open wingates
and proxies.

Now let’s do it

1) First you need to find some boxes running wingate, we look for wingates since the default installation of wingate includes a non-logging socks server on port 1080

Visit or for some wide-known wingate ips, or even better: you could try to find some yourself.

To do this, i would suggest you use ‘proxy hunter’, available for download at be sure to look for wingates (port 23) and not for socks, as we only want wingate socks.

You could also use wingatescan, available for download at

Speed is very important since we will be using multiple socks, and we don’t want our programs to time out. with the klever dipstick tool, you can find out which are the fastest ones. (get the klever dipstick program at

Just fire off Dipstick. Rightclick in the small green rectangular and choose Show main window. To import a list of wingates, just click on Advanced, choose Import List and select your file.

You can also manually ping a simple host by clicking on Manual Ping. Use those wingates with the smallest average time. *duh*

2) Second, check if the wingates from the list are actually running :)

There are a lot of programs that can help you with this.

3) Third, install a program that will intercept all outgoing networking calls.

I use the great tool sockscap for this purpose. you can get it at

In the setting, enter this as socks server : port 8000. Click on ‘socks version 5’. click ‘resolve all names remotely’. Uncheck ‘supported authentication’.

In the main window, choose new and then browse to create a shortcut for the internet client you want to give socks support.

Repeat this step for every program you want.

4) Install SocksChain

Download it at

In the service menu, click on new. enter ‘Chain’ as name and ‘8000’ as port to accept connections on.

Click on new and fill in the ips of the fastest wingates you found, but this time, use port 1080 for this (and not the port 23)

Using the ‘<' and '>‘, you can add and remove socks. be sure to test all socks one by one before adding them all to the list in once, because if one of them is bad, you chain will not work and you will not be able to locate the bad socks in the chain.

If all of them seem to work, you use the ‘<' key to add them all (mind speed problems. 4 or less is fine. i think 10 or 13 is the limit put by tcp/ip) Testing your anonymous setup

To check what socks your computer is connecting to, you can use x-ploiters totostat ( look for connections to port 1080, the remote ip found there should be the first ip found in your chain in sockschain.

use the shortcut in sockscap that points to your browser, and connect to or

Use your shortcut in sockcap to start your telnet client then telnet to

In all the above cases, the remote server should show you the ip of the last server in the sockschain. if you look at the sockschain program while surfing you should see the chain being built up.

Some final remarks

Never use internet explorer to do tricky stuff as it might reveal your ip. my personal favorite browser is opera 4.0 (, Darknet recommends Firefox.

To avoid info being sent out, we could install another proxy between the sockscap and the sockschainer proxy that would filter out those things. A4proxy is an example of a proxy capable of doing such things or Proximitron which Darknet uses.

Remember, if you want to do the real stuff, better switch to Linux like Ubuntu.

Written by Zoa_chien – EFNet – Updated with current info, lists and URL’s by Darknet.

Digg This Article

Posted in: Network Hacking, Old Skool Philes, Privacy

Tags: , , , , , , ,

Posted in: Network Hacking, Old Skool Philes, Privacy | Add a Comment
Recent in Network Hacking:
- Pybelt – The Hackers Tool Belt
- scanless – A Public Port Scan Scraper
- Ubertooth – Open Source Bluetooth Sniffer

Related Posts:

Most Read in Network Hacking:
- Brutus Password Cracker – Download AET2 - 1,593,319 views
- Wep0ff – Wireless WEP Key Cracker Tool - 515,129 views
- THC-Hydra – The Fast and Flexible Network Login Hacking Tool - 330,610 views

libtiff Vulnerability gives hope for a new GTA-less PSP exploit

Outsmart Malicious Hackers forums have been abuzz lately with the talk of a possible new exploit centered around a libtiff vulnerability. NOPx86 stating that he’d managed to crash the PSP using this method. As those of you who follow these things know, a crash doesn’t always mean an open door to an exploit.

But after a cumulative 60 hours of work and research put in by Skylark and psp250 (with a little help from Fanjita), they can confirm that NOPx86’s method is indeed valid and opens the door for a new exploit. They have confirmed that it will work on 2.0 and 2.01 PSP’s, and could potentially work on firmware as high as 2.80 – although at this moment, this is unconfirmed.

But even if this only works on lower firmwares, it will usher in the age of GTA-less homebrew for 2.01+ PSP’s, which will be a welcome change for homebrew enthusiasts.

Work and research on applying this exploit into a publicly usable form will take some time, and it will take even more time to put this to use on PSP’s with higher firmware, but there definitely are possibilities. As always, we’ll keep you up to date on this developing story as soon as more information becomes available.

Posted in: Exploits/Vulnerabilities, Hardware Hacking

Tags: , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- WannaCry Ransomware Foiled By Domain Killswitch
- Intel Finally Patches Critical AMT Bug (Kinda)
- Shadow Brokers Release Dangerous NSA Hacking Tools

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 238,055 views
- AJAX: Is your application secure enough? - 120,644 views
- eEye Launches 0-Day Exploit Tracker - 86,214 views

Bot Herders Go After MS06-40 Exploit

Outsmart Malicious Hackers

Malware herders are speeding up, the first wave is already here for MS06-40.

It’s basically a variant of some old malware suited to the new vulnerability. Same old story then, same packer, technique, new exploit.

Same as the days of autorooters.

It’s basically the Mocbot trojan that was used in the Zotob worm attack in August 2005.

The first wave of malicious attacks against the MS06-040 vulnerability is underway, using malware that hijacks unpatched Windows machines for use in IRC-controlled botnets.

The attacks, which started late Aug. 12, use a variant of a backdoor Trojan that installs itself on a system, modifies security settings, connects to a remote IRC (Internet Relay Chat) server and starts listening for commands from a remote hacker, according to early warnings from anti-virus vendors.

I hope the AV first are on top of things, people are patching their machines in a timely fashion (especially in corporate environments – come on people, get SUS!) and awareness is going up.

“Amazingly, this new variant of Mocbot still uses the same IRC server hostnames as a command-and-control mechanism after all these months. This may be partially due to the low-profile it has held, but also may be due to the fact that the hostnames and IP addresses associated with the command-and-control servers are almost all located in China,” LURHQ said in an advisory.

Historically, Chinese ISPs and government entities have been less than cooperative in taking action against malware hosted and controlled from within their networks, the company said.

On Aug. 13, a second variant of the Trojan was detected, confirming fears that botnet herders are already playing cat-and-mouse with anti-virus vendors.

Quite surprising in a way, but also not really as it’s China and they are notoriously un co-operative.

Source: Eweek

Posted in: Exploits/Vulnerabilities, Malware

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Malware | Add a Comment
Recent in Exploits/Vulnerabilities:
- WannaCry Ransomware Foiled By Domain Killswitch
- Intel Finally Patches Critical AMT Bug (Kinda)
- Shadow Brokers Release Dangerous NSA Hacking Tools

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 238,055 views
- AJAX: Is your application secure enough? - 120,644 views
- eEye Launches 0-Day Exploit Tracker - 86,214 views Security ‘Insufficient’

Outsmart Malicious Hackers

It seems people are turning some attention towards the security of Open Office finally, I for one say this is a good thing as it means it’s making inroads, it’s becoming popular, it’s getting to be a contender.

If people are seriously considering the security implications of using Open Office it means they are actually really interested in using it.

With Microsoft Corp.’s Office suite now being targeted by hackers, researchers at the French Ministry of Defense say users of the software may be at even greater risk from computer viruses.

“The general security of OpenOffice is insufficient,” the researchers wrote in a paper entitled “In-depth analysis of the viral threats with documents.”

“This suite is up to now still vulnerable to many potential malware attacks,” they wrote.

The paper describes four proof-of-concept viruses that illustrate how maliciously encoded macros and templates could be created to compromise systems running the open-source software. “The viral hazard attached to is at least as high as that for the Microsoft Office suite, and even higher when considering some … aspects,” they wrote.

This is an interesting paper, I’m glad someone did take a rather more in-depth look at the flaws in the Open Office suite.

At least they patch the flaws almost instantly.

A number of the problems described in the report have to do with the basic design of the software. For example, does not perform adequate security checks on the software it runs, the researcher said. And because of the extreme flexibility of the free office suite, there are many ways for writers to create malicious macros, the researchers found.

The team has already fixed a software bug discovered by the French researchers, and the two groups are in discussions about how to improve the overall security of the software, said Louis Suarez-Potts, an community manager.

“The one real flaw in the programming logic has been fixed,” Suarez-Potts said. “The others are theoretical.”

I’d be interested to see some more focus on OpenOffice.Org and it’s security architecture, and of course following this to see all the flaws fixed to make it a strong contender.

Source: InfoWorld

Posted in: Exploits/Vulnerabilities, General News

Tags: , , , , ,

Posted in: Exploits/Vulnerabilities, General News | Add a Comment
Recent in Exploits/Vulnerabilities:
- WannaCry Ransomware Foiled By Domain Killswitch
- Intel Finally Patches Critical AMT Bug (Kinda)
- Shadow Brokers Release Dangerous NSA Hacking Tools

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 238,055 views
- AJAX: Is your application secure enough? - 120,644 views
- eEye Launches 0-Day Exploit Tracker - 86,214 views

Microsoft Takes an Effort at Cutting Down Blogspam – Splogs

Keep on Guard!

Splogs are becoming a huge problem, half the stuff you search for nowadays returns a splog, mostly auto syndicated content.

I find a lot of my own entries on there, surrounded by Adsense ads.

New age scrapers I guess.

Technorati returns a lot of results from splogs too, but at least they have made some efforts to clean that up and Google and being making sign-ups for blogspot much stricter so people are having to resort to their own domains, like the scrapers.

Microsoft today released new research on the epidemic of spam blogs — or “splogs” — as well as the “comment spam” that dodgy marketers splatter all over blogs in a bid to improve their sites’ search-engine rankings. Redmond’s research team found that splogs hosted on Google’s appear to be widely spammed and fairly effective at jacking up the search results for the spammers’ Web sites.

Comment spam is also getting pretty bad, I can get a couple of hundred a day on some sites.

I’m glad they are making some kind of effort to sort it out.

Yi-Min Wang, manager of Microsoft’s cybersecurity and systems management research group, told me that the goal of Search Defender is to help the software giant automate the filtering of splogs and comment spam links in search results returned on

“We now have a method to identify spammers so that before they get indexed into search results, we can block them,” Wang said. “When this is fully automated, the spammers will need to spend a lot more effort trying to get into our search results.”

We ourselves as writers also have to take measures to curb the comment spam, I use Akismet and find it extremely effective!

But that’s just a start: Sitepoint has some excellent tips on fighting comment spam. Also, most of the major blogging sites now include pointers on how to use antispam features. lets users require commenters to follow a verification process — essentially a captcha — to help weed out automated processes. WordPress has its own tips here, or users can outsource their blogspam patrol (well, sort of) with Akismet, a free (for personal use) tool that compares any link, trackback or comment left on your WordPress blog to a service “which runs hundreds of tests on the comment and returns a thumbs up or thumbs down.” SixApart, which runs TypePad and LiveJournal, also lists a number of tips for users fed up with blogspam.

At least everyone is aware of it now, we just need to get back to fighting it.

Source: Washington Post

Posted in: General News, Spammers & Scammers

Tags: , , , , , , , , , , ,

Posted in: General News, Spammers & Scammers | Add a Comment
Recent in General News:
- Security Vendor Trustwave Bought By Singtel For $810M
- Teen Accused Of Hacking School To Change Grades
- Google’s Chrome Apps – Are They Worth The Risk?

Related Posts:

Most Read in General News:
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 125,534 views
- eEye Launches 0-Day Exploit Tracker - 86,214 views
- Seattle Computer Security Expert Turns Tables On The Police - 45,324 views