blog trackingRealtime Web Statistics itself Archives - Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘itself’

When the protection scheme for the witness hacked itself

It has been claiming that the identities of the people, who were put into the witness protection, re disclosed to self-confessed phone hacker Glenn Mulcaire. After that the matter was known to everyone but the Scotland Yard took no action of it. Read More….

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post When the protection scheme for the witness hacked itself appeared first on National Cyber Security.

View full post on National Cyber Security

Godaddy Defends itself in RamshackleGlam Hacking case

 http://www.digitaltrends.com/wp-content/uploads/2011/12/godaddy-boycott11.png

Who Got Hacked [WHG] had reported the day before that the owner of RamshackleGlam.com, Jordan Reid had accused GoDaddy of not helping her to get her hijacked website back. 

Reid’s website was hijacked two days before and was being auctioned on flippa.com by someone going with the nickname of Bahbouh. She ultimately got her website back, but she lashed out at both HostMonster and GoDaddy for not being better prepared to handle such situations. GoDaddy maintains that there have been a number of misconceptions about how the process works. 

They highlight the fact that GoDaddy was not the “losing registrar” in this case. Instead, the losing registrar, a term used for the registrar that holds the domain name before being transferred, is FastDomain, HostMonster’s domain registrar. FastDomain could have asked GoDaddy to simply transfer the domain name back, but the company hasn’t made such a request.

 GoDaddy says it’s highly responsive to such requests, but it hasn’t received one for the RamshackleGlam.com domain from FastDomain. 

Furthermore, if after five working days they don’t get a response, losing registrars can turn to the Transfer Emergency Action Contact (TEAC), a contact which each registrar must provide to ICANN. 

Registrars are required to respond to inquiries made through this channel within four hours, even if the final resolution takes a bit longer. Laurie Anderson, director of domain services at GoDaddy, told, “Every day, we receive reports domain names have been stolen.

 In order to protect our customers and other users of the Internet from having domain names maliciously taken, we have developed best practices,” “Part of these practices include verifying theidentity of the complainant. For increased security, we require multiple forms of identification and if we are unable to receive that data , we are unable to provide access to the domain,” Anderson added. “While this is no doubt a frustration for some people in some cases, it has saved countless domain names from being transferred incorrectly.”

View full post on Who Got Hacked – Latest Hacking News and Security Updates

FICO Hacks Itself to Prevent Cybercriminal Attacks

FICO, EBay, and Peets are using penetration-testing tools to find computer system weaknesses before the bad guys do it

View full post on computer security alerts – Yahoo! News Search Results

View full post on National Cyber Security

CloudFlare aims to differentiate itself with DDoS protection service

Startup aims to provide affordable cloud-based website protection and acceleration.


View full post on SearchCloudSecurity: RSS Feed

View full post on National Cyber Security

How LulzSec kept itself safe during the summer of ‘lulz’

The infamous hackers sought protection from online security service CloudFlare. The company's boss, Matthew Prince , reveals why

View full post on lulzsec hacker – Yahoo! News Search Results

View full post on National Cyber Security

Why Your Company Needs To Hack Itself

Computer security expert Jeremiah Grossman thinks that traditional cybersecurity doesn't have what it takes to fight off today's wired intruders; he advocates companies and governments invite hackers to find weak spots in their systems. Although the year has just started, 2012 is turning out to be an annus horribilis for cyberattacks. Shortly after the New Year, 24 million Zappos customers found …

View full post on america cyber attack – Yahoo! News Search Results

View full post on National Cyber Security

Central Texas bids to make itself commercial hub of cyber security industry

Central Texas bids to make itself commercial hub of cyber security industry

View full post on cyber terrorism – Yahoo! News Search Results

View full post on National Cyber Security

Avira anti-virus labels itself as spyware

Avira anti-virus detected components of its own application as potentially malign on Wednesday following a dodgy signature update.

Avira detected its own AESCRIPT.DLL library file as the previously obscure “TR/Spy.463227” strain of malware.

The dodgy AntiVir virus definition file was quickly pulled and replaced with a new version – 7.11.16.146 – that resolves the problem, as explained in an official post on Avira’s support forum here.

Avira’s own stats suggest 4,000 to 5,000 rogue detections, suggesting that the problem was caught before it affected the vast majority of the user base of the freebie security scanner software, which has a user base of million. This is just as well because users hit by the false detection would have been left with hobbled systems.

False positives involving anti-virus software are all too common. Normally these involve application files or, more damagingly, Windows components. Avira’s auto-immune false detection is worse still, but not unprecedented. CA had similar problems two years ago, for example. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/10/26/avira_auto_immune_false_positive/

View full post on National Cyber Security » Spyware/ Cyber Snooping

Google busts itself for distributing malware

Google is under fire in Washington for favoring its own properties. This week, I ran across proof that on at least one front it doesn’t discriminate.

The company’s Safe Browsing service uses Google’s wide-ranging spiders to look for evidence of malware distribution on the network at large; the findings are used to block potentially dangerous sites.

So what happened when Google inspected Google.com? Here’s the Safe Browsing Diagnostic page:

Oh my. Here are some results:

  • “Part of this site was listed for suspicious activity 3 time(s) over the past 90 days.”
  • “Of the 2321615 pages we tested on the site over the past 90 days, 50 page(s) resulted in malicious software being downloaded and installed without user consent. … Malicious software includes 296 trojan(s), 35 scripting exploit(s), 15 worm(s). Successful infection resulted in an average of 5 new process(es) on the target machine.”
  • “Over the past 90 days, google.com appeared to function as an intermediary for the infection of 11 site(s)…”
  • “[T]his site has hosted malicious software over the past 90 days. It infected 172 domain(s)…”

This shouldn’t be a surprise to anyone who follows distributors of malware. As I’ve demonstrated here and here, the bad guys love to target Google search results. And Google search results were the primary vector for the Mac Defender attack that plagued Mac users in May and June of this year.

The notion that malicious software can be downloaded and installed without user consent is chilling, but to put things into perspective, that count represents about 1 dangerous page for every 50,000 in Google’s index.

I asked a Google spokesperson for an explanation and received this response:

Google’s automated malware scanning systems don’t play favorites when searching for malware – they scan and flag Google sites just like any other site. Many Google properties are designed for user-generated content – like Google Sites, Google Docs, YouTube, etc. So Google has developed sophisticated systems to help ensure user-generated content is safe, including our dynamic malware detection system which feeds data to the the Safe Browsing Diagnostic pages.

Whenever we find malware on a Google property we’re committed to protecting users. Yes, that may mean adding a Google property to the malware list. But the best way to protect users is to remove the malicious content. Google’s Anti-Malware team works closely with other Google teams to quickly clean up user-generated content on Google properties.

Battling malware is a difficult and on-going task. Google’s priority is protecting users, and we hold ourselves to a very high standard. Google’s Safe Browsing API protects millions of users every day as proof of our commitment.

And how did Microsoft’s properties fare? Here are the Safe Browsing Diagnostic pages for Microsoft.com and Bing.com. When I checked earlier today, both sites were found to have hosted malicious software, just as Google did. Microsoft.com showed no evidence of having allowed malicious software to be downloaded and installed without consent. For Bing, however, the result was less than perfect:

Of the 17068 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent.

In Bing’s case, the last detection of malicious software was on August 29. By contrast, Google found malicious software on its own properties as recently as this morning.

The moral of the story: Keep your guard up when you search.

Article source: http://www.zdnet.com/blog/bott/google-busts-itself-for-distributing-malware/4001

View full post on National Cyber Security » Virus/Malware/Worms

Get The New Book By Gregory Evans

Everyone Is Talking About!

Are You Hacker Proof?
$15.95

Find Out More, Click Here!