NilsC

Mar 9 2005, 08:12 PM

It's OK to post both places I did, security is important and you can post in both forums if you like to.

Did you test that the new version of FF is secure? are you on that version of FF.

Nils

Reply

NilsC

Mar 9 2005, 10:02 PM

This is one exploit that don't work in IE so 1 for IE and 1 million for the rest.

Nils

Reply

CodeName_88

Mar 10 2005, 09:49 AM

Ahh, i heard about this. as soon as i found out it was basically a social enginering hack, i was happy. no one has made a real browser hijack for firefox yet

Reply

Latest Entries

1. [ Aef ] Security Update For Aef Forum Software - Highly recommended (1)
2. Mozilla: Firefox Plugin Shipped With Malicious Code - (3)

   This piece of news only affect Vietnamese users as the Vietnam language package was infected with
   malware trojan called e Xorer, and so if you downloaded this language pack in the last few weeks run
   a scan and the trojan should be picked up. Although this trojan is only a couple of months old and
   so I don't think everyone has something for it, but check at your vendors website and see if
   they have a solution for it. As for the cause of this infected plugin, they assume the authors
   computer was infected at the time when they upload this plugin to the mozilla website...

3. Web Browsers - Safest Internet Web Browsers (59)

   Ok there is a big topic going around about web browsers. The facts are web browsers are made to
   browse the web and bring back anything you tell it to no matter whats inside. This is why so many
   people get viruses. The important thing to do is learn how to use your browsers internet settings.
   If you learn the settings for your browser they apply to all. However there are safer web browsers
   the best are (Firefox) which is also faster than Internet Explorer. Then there is (Opera), this is
   the fastest and safest browser on the web. However some sites and things you do on ...

4. Cpanel Exploit - security hole in cPanel to hack the servers of a hosting company (8)

   A pair days ago I read this new on Slashdot: cPanel Exploit Used to Circulate IE Exploit
   QUOTE "In a dangerous combination of unpatched exploits, hackers have used a previously
   undiscovered security hole in cPanel to hack the servers of a hosting company and use hundreds of
   hijacked sites to infect Internet Explorer users with malware using the unpatched VML exploit.
   cPanel, whose hosting automation software is used by many large hosting companies, has issued a fix.
   It's a local exploit, meaning the attacker must control a cPanel account on the target hosti...

5. White Paper: Security Threat Report: 2008 - (0)

   I saw this white paper and I thought I bring down some interesting information that has come from
   2007 and leading into 2008. I have to say though that the information on this white paper is pretty
   darn mind blowing as I bounce some facts to everyone. Of course since I been getting into this
   since last year it is not all that surprising since I posted many topics about it as well.
   -Sophos currently sees 6,000 new infected webpages each day -One infected page every 14 seconds
   -Only about 1 in 5 of these sites is a hacker site -83 percent are hacked sites, or legitima...

6. Security Warning 2008: Top 11 Malware Threats To Watch Out For - (0)

   Before I go into this topic I have to say, stop making up these crazy names. I know I just getting
   into the security side of things but still as long as there are computer problems and ways to sucker
   someone into downloading the stuff, the crazy names will still live on. QUOTE Lieware
   ADVERTISEMENT In 2007, there was a lot of "rogue anti-virus software," which is sometimes also
   referred to as "fake anti-virus software." But these terms are confusing because there's too
   much negation going on. Fake anti-virus software is not anti-virus software at all. So what ...

7. New Security Hole Discovered In Excel - (0)

   Well I have to same I am bit surprise on this security flaw especially what it can do; in which all
   a user has to do is open a malicious Excel document and it allows the hackers to execute remote code
   on to your system. As far as how wide spread this vulnerability is, it hits every excel software
   from Excel 2000 to Excel 2003 SP2, and it also includes the Mac Version of Excel 2004 as well. OF
   course with the disappointment of Office 2007 by some people will still be running the 2003 versions
   on their computers. Right now the attacks are minimal and the question for t ...

8. Security Commom Sense - (0)

   A very good article titled "Security Common Sense" in gnucitizen.org Below is the link to that
   article http://www.gnucitizen.org/blog/security-common-sense Website Link
   http://www.gnucitizen.org "We basically train a bunch of monkeys to click the yes button for
   every security warning." Don't you think many of us fall under the category? because most of
   the time we do not see what the dialog says, but press Yes, which might not treat you well
   sometimes... A good read....

9. Symantec's Top 10 Internet Security Trends Of 2007 - (3)

   Well I saw this article and after reading it all just to find the top 10 security problems I thought
   I share them and give my thoughts about them. I know I know its horrible but what can I say, its me
   /laugh.gif" style="vertical-align:middle" emoid=":lol:" border="0" alt="laugh.gif" />. 1.) Data
   Breaches For the most part I am not surprise especially the big stories of 2007 which include the
   TJ Max breach of 45 million credit/debit cards; I believe that has been the biggest hack job ever in
   terms of stolen cards and id theft (somewhat). Oh lets not forget the al...

10. Linux Security Tools - (5)

    Hi, I've posted some security tools and links in my last posts,I preferd to post new topic and
    send he extra here : Network Sniffers # DSniff http://www.monkey.org/~dugsong/dsniff/ #
    Ethereal - full network protocol sniffer/analyzer http://www.ethereal.com/ # IPTraf - curses based
    IP LAN monitor http://iptraf.seul.org/ # TcpDump - network monitor and data acquisition
    http://www.tcpdump.org/ # KISMET - 802.11 wireless network detector, sniffer and intrusion
    detection system http://www.kismetwireless.net/ Online Tools # AutomatedScanning.com - commer...

11. Security Firm Kaspersky Lab Creates Ipod Virus - (1)

    With the flood of news coming about the .ani exploits it seems the tech world is recieve more news
    about new hacks, viruses and other bad stuff these days. Today Kaspersky Lab created a virus that
    is able to affect the Ipod, however, it is only affecting Ipod's that have linux installed and
    not the standard OS that comes with Ipod. The virus goes by the name of Podloso, although they say
    it doesn't show a current threat this virus does show the possiblity to install malware into
    devices such as the Ipod. They also mention that the virus does not copy it self...

12. Security Guidelines For Internet Users - (6)

    Security Guidelines for Internet Users 1. Install an anti-virus software, you can free ones like
    AVG Free . Ensure that it's regularly updated - this is of the utmost importance. 2.
    Anti-virus software is not enough, the security can be tightened using a firewall software which
    will help you prevent unauthorized incoming and outgoing communications from your computer while
    connected to the Internet. 3. Disconnect your computer from the Internet when not in use. The
    longer you are connected to the Internet, the more opportunity you give for persons to gain un...

13. Php Security Vulnerability - Beware From Spammers - If you notice your site becoming really slow, you may be a victim (1)

    QUOTE PHP Security If you are using PHP on your website we ask that you please read the
    following carefully. We have noticed a significant number of PHP websites are being compromised
    due to vulnerable PHP code. Spammers are scanning millions of websites on the Internet looking for
    PHP scripts that can be exploited to send spam. When they find a script that has a loophole they
    send thousands of email messages through the script, often taking down the website or severely
    impacting website performance. Generally these loopholes exploit code using paramet...

14. Major Flaw In .ani File Found In Windows 98 Through Vista Creates Major Security Risk - Vista Aint that Secure at all (9)

    I was able to browse around this and found it interesting since this vunerability is found in 4
    Microsoft Operating Sytems, Windows 2000, Windows XP, Windows Vista, Windows 2003 Server. From the
    article Microsoft stated that their is a hole in the .ani files, which happen to be related tothe
    mouse cursor, when the mouse icon changes depending on what you do. They only mention that with
    this flaw it always hackers to break into someone computer and do their thing. But in another
    article relating to this attack it was mention that in order for this to happen a user has ...

15. Brand New Security Holes Found And Patch On This Month Updates And Office Exploits - (0)

    Even though the fiasco with the .ANI exploit is still going strong microsoft released it's month
    updates this time they found 4 more critical breaches in it's systems (XP), most people should
    have gotten the update pop up screen yesterday. So here is the info on these critical flaws.
    http://go.microsoft.com/fwlink/?LinkId=84687 http://go.microsoft.com/fwlink/?LinkId=85130
    http://go.microsoft.com/fwlink/?LinkID=85163 http://go.microsoft.com/fwlink/?LinkID=85164
    http://go.microsoft.com/fwlink/?LinkId=80251 I don't know how reliable vista will be af...

16. A Very Simple Security Tip - for Windows 2000/XP (13)

    We all know the difference between a limited user and an administrator user under Win2k/XP - you
    can't/can install major software, perform system maintainence, and other stuff. But using a
    limited user on a day-to-day basis also provides you with decent protection from a bunch of threats:
    if the malware is running under your limited-rights user, it can only do as much as you can. For
    instance, a limited rights user can't edit the HKLM hive of the Registry, so any malware running
    under the same user won't be able to touch that area. It's extremely simple t...

17. List Of Security Sites - (7)

    List of security sites, I'll try to update the list as soon as I can . with compilations of
    recent security threats, Global Incident Analysis Center (GIAC), GIAC training, and Reading Room
    http://www.sans.org/ http://www.infragard.net/ http://www.cert.org/security-improvement/
    CERT Security Improvement Modules,including general information on firewalls and intrusion
    detectors. excellent set of papers on firewalls, viruses, e-commerce, etc. http://www.icsa.net/
    http://www.gocsi.com/ (Source of the annual "CSI/FBI Computer Crime and Security Su...

18. Security Not Safe - (2)

    Hi everyone!!!!!!! This is the last one!! /tongue.gif"
    style="vertical-align:middle" emoid=":P" border="0" alt="tongue.gif" /> Ok guys, I heard
    somewhere that if we protect some page with password, it is steel not safe at all, if we dont hace a
    secure connction (http s ://...) How is it true? is there a posibility that some one can see a page,
    even if it is protected by password? (the scrit in tha page don't allow IDs that didn't past
    from the login page) is that script sufficent? thanks a lot to every one /biggrin....

19. Rootkits - the security threats that no one's heard of (2)

    a security threat to be concerned with is the increasing prevalence of viruses containing advanced
    rootkits to hide their actions or data on the computer. even from the anti-stuff tools. a
    rootkit was originally a name for tools that hackers/crackers would use to maintain root on
    unix/linux machines. root is the uber user with all the permissions on a linux box. on windows
    these tools can be used to hide data on the harddrive and in the registry by manipulating the way
    the data is stored. THe windows api(the thing windows uses to communicate to the hardware) read...

20. Light To Heavy Security Tips - Some (helpful?) Suggestions (4)

    (excessively long intro, skip to 'suggestions' for immediate tips) Its almost 2 am and I
    just finished an email detailing some ideas I had to keep systems a little more secure than usual (
    tips that can be applied to most any Windows users system ). I dont feel like re-editing it so it
    doesnt sound I copied and pasted it from my email, cause I did, and its late. Please note THIS IS
    NOT SPAM. I did write all of this, just in an email before I copied and pasted it here. These are
    entirely valid and ( I hope ) helpful tips for most anyone. Of course I hate just yap...

21. Microsoft Ships First Vista Security Patches - yup, got that right -- VISTA (9)

    Microsoft Ships First Vista Security Patches http://www.eweek.com/article2/0,1895,1911406,00.asp
    QUOTE Microsoft Corp. has shipped the first critical security update for Windows Vista, the
    next version of its flagship operating system. Over the weekend, the company released patches for
    beta testers running the Windows Vista December CTP (Community Technology Preview) and Windows Vista
    Beta 1, and warned that the new operating system was vulnerable to a remote code execution flaw in
    the Graphics Rendering Engine. A Microsoft spokesperson told eWEEK that the Vi...

22. Manual Virus Removing And Security. - (0)

    Talking about manual removals of viruses I thought I better be a pioneer of this by sharing my
    knowledge about a virus. I would like to tell the effects and manual removing technique of a very
    common and irritating virus, that is HTML Redoff. First I would like to discuss its effects, HTML
    Redoff virus infects kernel32.dll file which is installed in your “WINDOWS\SYSTEM” directory in
    case you have Windows 98 and “WINDOWS\SYSTEM32” directory in case you have Windows XP and all
    the .htm, .html, folder.htt and desktop.ini files on your PC thus it slows down your...

23. Serious Mac Os Flaws - Serious security flaws (1)

    On the end of February was discovered that the first trojan (Leap) to target Apple Computer's
    Mac OS X, it was published on a new worm that exploits an 8-month-old vulnerability in the operating
    system, its know by the name of Inqtana, the worm use Bluetooth to propagate, once it infects a
    computer it searches for other Bluetooth-enabled devices and sends itself to those it finds, this
    may not be very alarm, but the source code could be easily modified by a future attacker to do
    damage like Symantec said, Symantec also says it believes the two pests were developed on...

24. Email Clients - Which One Do You Trust For Security? (23)

    Many people don't care about email account security and just go for a Hotmail account because
    it's automatically MSN compatible or a Gmail account because it has lots of space. But out of
    those of you who choose your email based on safetey and security, which client do you recommend?
    There are tons out there. Personally, I use GMX.net, it's a German service with extremely high
    security. They have a password meter to check your password for how easy or hard it might be to
    guess, encouraging you to use upper and lower case letters along with numbers. They veri...

25. Network Based Attacks - (1)

    hi friends, you know that there're lots of attacking methods in network security . Here's a
    collection of links for different kind of attacks : SYN packet manipulation -- SYN packet
    manipulation http://www.iss.net/security_center/advice/...ood/default.htm -- Syn Flood experiment
    http://www.niksula.cs.hut.fi/~dforsber/synflood/result.html -- SYN Cookie
    http://cr.yp.to/syncookies.html Smurf DOS -- ISS.com: Description
    http://www.iss.net/security_center/advice/...urf/default.htm -- GRC.com: DDOS Anatomy
    http://grc.com/dos/grcdos.htm IRC (I...

26. Evil Bit In Ipv4 Header - There's a security flag in IPv4 Header (0)

    I found this amusing. believe it or not, there is an evil bit in the IPv4 header, QUOTE   The
    bit field is laid out as follows:             0             +-+             |E|             +-+  
    Currently-assigned values are defined as follows:   0x0  If the bit is set to 0, the packet has
    no evil intent.  Hosts,         network elements, etc., SHOULD assume that the packet is        
    harmless, and SHOULD NOT take any defensive measures.  (We note         that this part of the spec
    is already implemented by many common         desktop operating systems.)   0x1...

27. System Security - Please critique my configuration (6)

    I would just like to have comments on any holes that I might have. I have been using this
    configuration for a while, but want to hear what others think. Here's my security setup: OS:
    XP Pro SP2 AV: AVG Antivirus, updates/scans automatically Firewall:
    Sygate Personal Firewall AntiSpy: Spybot Search and Destroy, manual update/scan,
    teatimer prevents unauthorized registry changes.
    Spyware Blaster, manual update, automatic scan. Backup: Norton Ghost (sys...

28. Antihack Security - reply (8)

    Hello everyone. Ive looked over all of your questions. I think some of them are pointless. Although
    they were questions so here are your anwsers. #1) Antihack was posted on a free site because its
    free why pay #2) No it is not a virus os something were you got the IDEA is beyond me All I
    am trying to do is tell everyone about antihack. I noticed people talk about computer issues here so
    I said hey I bet those guys could use antihack. The reason why I like it is that I get everything
    antivirus, antispyware, and firewall PLUS a hole crap load of security holes are...

29. Mozilla Vs Ie - The battle of browsers (1)

    I thought this is a great place to ask which is more secure and which is better? i like firefox
    because eventhough it lkoads slower and somepages dont work you can increase functionability and
    theres tabbed browsing so you only nee done window open not like 10...

30. Antihack Is Launched - Oct 14 - Antihack Security is online (8)

    Hello everyone. This is FuRy your local 1UP resident. I have great news. Antihack is now online and
    ready to serve your every need. They specialize in security and if your computer is running slow and
    this happens often do to viruses and spyware. You should check out they can make it so that you
    dont get viruses and spyware. They can even stop hacking issues. They walk you through everything
    and even test your security before and after to show you the difference. Anyway just telling yah
    have fun and later Removed link, post only made for advertising, and topic closed....