Подписаться Бесплатная «Серебряная» новостная рассылка . Подписчиков 8.345 RSS

←   Март 2014   →
					1	2
3	4 04.03.2014 06:15:46 17:16:19	5	6	7	8	9
10	11	12	13 13.03.2014 06:15:41 17:16:33	14	15	16
17	18	19	20 20.03.2014 06:15:21 17:16:07	21 21.03.2014 06:15:35 17:15:56	22	23
24	25 25.03.2014 06:15:45 17:16:28	26 26.03.2014 06:15:36 17:16:14	27 27.03.2014 06:15:27 17:15:51	28 28.03.2014 06:15:20 17:16:10	29	30
31

За последние 60 дней ни разу не выходила

Сайт рассылки: http://av-host.net
Открыта: 09-03-2012

Автор

kmm

Статистика

8.345 подписчиков
0 за неделю

• Выпуски
• Статистика

←   Все выпуски   →

Naked Videos of Your Facebook Friends - Translation: MALWARE

2014-03-13 06:01 Naked Videos of Your Facebook Friends – Translation: MALWARE 2014-03-13 06:24 WordPress Sites Used for DDOS Attacks 2014-03-13 11:31 Стартует девятнадцатый аукцион ВебIQметра 2014-03-13 16:42 Братья по разуму: «Лаборатория Касперского» о том, связаны ли создатели кампаний кибершпионажа между собой

Антивирусный "хостинг" Клуб пользователей антивирусных услуг (Saas, Cloud) Антивирусы и безопасность (SaaS, Cloud ...) Naked Videos of Your Facebook Friends – Translation: MALWARE 2014-03-13 06:01 KMM поделился ссылкой Naked Videos of Your Facebook Friends – Translation: MALWARE A new Facebook malware scam uses one of the oldest advertising tricks in the book to infect user’s computers: Sex appeal.  According to initial reports, a series of provocative ads are circulating the social network and spreading malware.  The ads reel users in with promises like “See [Your Friend]’s Naked Video” and “[Your Friend]’s Private Video”, accompanied by actual profile pics. How It Works You log onto Facebook, and an ad pops up.  It says something like “See [Your Friend]’s Naked Video” or “[Your Friend]’s Private Video.”  Ads also feature real profile pics from actual friends. Users who click on the ad are led to a fake Youtube webpage.  The page contains a warning about Adult Content and asks for age verification.  Meanwhile, an automatic, drive-by malware download begins. The downloaded malware is a malicious browser extension.  Once installed, it proceeds to hijack your Facebook account, accessing photographs and automatically creating a new “See [Your Friend]’s Naked Video” ad with your name and face. After verifying your age, the supposed video initiates – only to display a broken Adobe Flash notification.  Once again, this notification is a fraud.  Users who click UPDATE will initiate a second malware download, which can infect the computer with various types of spyware. Preventing Infection: Cover Up with Emsisoft Emsisoft Anti-Malware prevents both strains of malware involved in this scam as Trojan.FakeFlash.A.  Reports have also indicated that up to date versions of Firefox and Google Chrome will prevent infection of the malware involved in Step 3 above, but not Step 4. Reports have also indicated that the Naked Friend Facebook Scam has already affected 2 million users.  No doubt part of this propagation has something to do with the scam’s worm-like component (Step 3), but social engineering also plays its part.  Internet scams tend to work best when they tempt the user to do something they know they shouldn’t, and naked is just one of those words that makes us click.  More coverage on this emerging threat is sure to follow as soon as more technical details are revealed.  In the meantime, Have a Great (Malware-Free) Day!     Related Posts: Take care of this new Facebook scam: Amy Winehouse SHOCKING… Scammers profit from Whitney Houston’s death on… Fraud attempts on social networks How Facebook scams work Emsisoft warns: Zbot trojan spreads by fake Facebook friend… Emsisoft Alert: Netflix Tech Support Scam WordPress Sites Used for DDOS Attacks 2014-03-13 06:24 KMM поделился ссылкой WordPress Sites Used for DDOS Attacks Here’s an interesting one for you bloggers: Your favorite WordPress pingback feature can be used to carry out DDOS attacks.  This Monday, Internet security company Sucuri published a blog post detailing the technical specifics of a distributed denial of service attack on a client who runs a popular WordPress website.  After a bit of investigation, they found that the site had been incapacitated by “162,000 different and legitimate WordPress sites.” What is a DDOS? When you visit a website, you are essentially using your computer to request packets of information from another computer.  The computer that “serves” you those requested info-packets is called the server.  In essence, a distributed denial of service attack, or a DDOS, works by sending a server more requests than it can handle, until it is overwhelmed and breaks down. Another good way to think about a DDOS attack is to compare it to an overwhelmed waiter at a restaurant.  For most waiters, handling a few tables at once is just fine; but, after a certain point too many customers and too many orders will inevitably overwhelm them.  Like the human brain, a computer can only handle so many tasks at once.   DDOS attacks intentionally take advantage of this limitation to incapacitate servers, and in turn shut down the websites they are serving.  This can be very problematic for owners of large websites that engage in eCommerce because every minute their website is down equates to a minute where they could have made a sale. The WordPress Vulnerability The DDOS attack reported by Sucuri leverages WordPress vulnerability CVE-2013-0235, which was first identified in July 2013.  Normally, WordPress pingbacks allow bloggers to generate cross references between websites.  These cross references allow bloggers to give credit where credit is due and also track who is referencing their own website.  All of this requires communication between the servers hosting each website involved and the transmission of data packets.  CVE-2013-0235 allows an attacker to create fake pingbacks from one website to another.   This means that Website A can be remotely commanded to ping Website B for a data packet.  Command Websites C-Z to do the same, and suddenly Website B is getting a lot of requests.  Command 100,000+ Websites to send requests as well, and now Website B is out of commission. Preventing False Pingbacks The problem with WordPress pingbacks is that they are vulnerable by design.  In fact, web developers have known that XML-RPC – the technology that allows for pingbacks – has been vulnerable to DDOS attacks for years.  As such, there’s currently a bit of debate over how to resolve the issue. One potential solution posited by Sucuri is to disable XML-RPC entirely, by inserting a short bit of code into your WordPress website’s theme file.  While this will work, many developers have been quick to point out that it will also remove cross referencing from your blog entirely, which is an essential marketing feature for many business websites.  Many, including WordPress founder Matt Mullenweg himself, have also pointed out that “there are cheaper, easier, and more effective ways to DDOS sites” and that pingback pros far outweigh pingback cons. The good news is that WordPress is a versatile CMS and that CVE-2013-0235 – and most other bugs – can usually be remedied through custom workarounds implemented by knowledgeable developers.  Accordingly, anyone with questions or concerns about this vulnerability is encouraged to comment below, as this very blog runs on WordPress and is maintained by a talented team.  The XML-RPC debate may be ongoing and officially “unsolved”, but if you’re running a website with WordPress and feel you may be vulnerable, Emsisoft is always here to offer support. Have a Great (DDOS-Free) Day! Related Posts: DDoS Attacks Affect Cloudflare and Bitcoin Exchange Application Vulnerabilities? Put Your Computer on the… Caphaw Trojan Found in Youtube Ads Caphaw Trojan Found in Youtube Ads What’s with all the Point of Sale Data Breaches? Стартует девятнадцатый аукцион ВебIQметра 2014-03-13 11:31 KMM поделился ссылкой Стартует девятнадцатый аукцион ВебIQметра 13 марта 2014 года В рамках очередного аукциона интерактивного образовательного проекта ВебIQметр созданы привлекательные условия для сертифицированных пользователей Dr.Web для Android, а для ставок на спецлоты принимаются только баллы. Первый весенний розыгрыш состоится 26 марта 2014 года. В этот раз мы предлагаем побороться за множество приятных и полезных вещей — МР3-плеер, пылесос для клавиатуры, беспроводные наушники, подставки для мобильного телефона, ключницы и кружки. Все призы брендированы Dr.Web. Компания «Доктор Веб» продолжает награждать сертифицированных пользователей Dr.Web для Android. Чтобы получить возможность делать ставки на спецлоты, нужно пройти курс DWCERT-030-12 «Dr.Web для Android» и сдать сертификационный экзамен. Для ставок на спецлоты в этом аукционе принимаются только баллы. Специальными призами девятнадцатого аукциона станут внешний жесткий диск 1 ТБ, кожаное портмоне и настенные часы. И не забывайте про традиционный сюрприз! Уже совсем скоро будет известно, какой лот стал «котом в мешке» на этот раз. Торопитесь! Делать ставки можно уже сейчас. Братья по разуму: «Лаборатория Касперского» о том, связаны ли создатели кампаний кибершпионажа между собой 2014-03-13 16:42 KMM поделился ссылкой Братья по разуму: «Лаборатория Касперского» о том, связаны ли создатели кампаний кибершпионажа между собой «Лаборатория Касперского» проанализировала связь программы Turla, которая также известна как Snake или Uroburos, с другими известными кибершпионами.

---

В избранное

{#template MAIN} <div id="loginForm" style="display:none;" class="subscriberu_popup"> <div class="popup_register"> {#include js_tmpl_auth_reg_tab} {#if $P.login_register_tab == 1} <form class="authentication-form" method="post" action="/MEMBERLOGIN_authen_cred"> <dl class="rg_block_options"> <dt id="js_tap_panel_auth"> <h1>Войти на сайт</h1> {* {#include js_tmpl_auth_reg_button} *} {#include js_tmpl_auth_reg_action} <hr class="logreg_line noPhones"> <div class="logreg_descr noPhones"><p>{#include js_tmpl_auth_reg_descr} </p></div> <div class="logreg_advice noPhones"> Если вы еще не с нами, то начните с <a href="#" onclick="rgNav('js_tab_reg');return false;" class="dashed" data-func="registr">регистрации</a> </div> <br><br> <a class="dashed auth-enter" href="/manage/author/"><b>Вход для авторов</b></a> </dt> </dl> </form> {#/if} {#if $P.login_register_tab == 2} <div class="rg_block_options"> <div id="js_tap_panel_auth"> <h1>Регистрация</h1> <div class="social_reg"> {* <div class="rg_description">{#include js_tmpl_soc_auth_reg_descr}</div> *} {#include js_tmpl_auth_reg_soc} <div class="rg_soc_auth_agree">{#include js_tmpl_auth_reg_agree}</div> </div> <div class="subscribe_reg"> {* <div class="rg_description"> #include js_tmpl_auth_reg_descr </div> *} {#include js_tmpl_auth_reg_action} </div> {* {#include js_tmpl_auth_reg_button} *} <div class="clr"> </div> <hr class="logreg_line noPhones"> <div class="logreg_descr noPhones">{#include js_tmpl_auth_reg_descr} {#include js_tmpl_soc_auth_reg_descr} </div> </div> </div> {#/if} </div> {* <div class="gray_bg register_shadow"></div> *} </div> {#/template MAIN} {#template js_tmpl_auth_reg_tab} <ul class="rg_nav"> <li id="js_tab_auth" class="{#if $P.login_register_tab == 1} rg_active_nav {#/if} rg_first_nav"><a onclick="rgNav('js_tab_auth');return false;" href="">Вход на сайт</a></li> <li id="js_tab_reg" class="{#if $P.login_register_tab == 2} rg_active_nav {#/if}"><a onclick="rgNav('js_tab_reg');return false;" href="">Регистрация </a></li> </ul> <span onclick="hidebo();" class="rg_closed"> </span> {#/template js_tmpl_auth_reg_tab} {#template js_tmpl_auth_reg_action} {#if $P.login_register_tab == 1} {#include js_tmpl_auth_reg_soc} {#/if} <div class="rg_forms"> <input type="hidden" id="login_register_destination" value="{$P.login_register_destination}"/> {#if $P.login_register_tab == 1} <div class="rg_for_input"> <span class="rg_text_inner">E-mail или код подписчика</span> <input id="credential_0" class="js_keydown_selector rg_input_text" data-js_submit="no" data-js_next_input_name="credential_1" name="" type="text" /> </div> <div class="rg_for_input"> <span class="rg_text_inner">Пароль</span> <input id="credential_1" class="js_keydown_selector rg_input_text" data-js_submit="yes" data-js_action="js_loginFormBut" name="" type="password" onkeyup="showAttention(this,!!window.event.shiftKey)" /> <span class="pswd_attention" id="attention_pswd"> <span class="icon_attention"></span> <span class="pswd_attention-text" id="attention-text_pswd1">Русская раскладка клавиатуры!</span> <span class="pswd_attention-text" id="attention-text_pswd2">У вас включен Caps Lock!</span> <span class="pswd_attention-text" id="attention-text_pswd3">У вас включен Caps Lock и русская раскладка клавиатуры!</span> </span> </div> <div class="rg_for_input input-alien"> <span class="chk noPhones"><input id="chk_alien" name="" type="checkbox" /></span><label for="chk_alien" class="noPhones"> Чужой компьютер</label> <a class="forgot_pass" href="/member/totalrecall">Забыли пароль?</a> </div> <div class="rg_for_input"> <em id="auth_msg" class="reg_error"></em> <input id="lf_typeauthid" value="email" type="hidden"> <input type="submit" class="button button-red logreg_submit" id="js_loginFormBut" value="Войти"> <!--</a>--> <div class="loading loading-cover" style="display: none;"><div class="loader"></div></div> </div> {#/if} {#if $P.login_register_tab == 2} <div class="rg_for_input"> <span class="rg_text_inner">E-mail</span> <input id="arfemail" class="js_keydown_selector rg_input_text" name="" type="text" data-js_submit="yes" data-js_action="js_regFormBut"/> </div> <div class="rg_for_input rg_set_lineh rg_for_input_wide"> <label class="js_tap_panel_checkbox"> <span class="chk"><input name="" id='js_tap_panel_checkbox_terms' type="checkbox" data-js_submit="yes" /></span> Я ознакомился и согласен с <a class="link_txd logreg_accLink" href="/faq/vereinbarung.html">условиями сервиса Subscribe.ru</a> </label> <br /> <label class="js_tap_panel_checkbox"> <span class="chk"><input name="" id='js_tap_panel_checkbox_personal' type="checkbox" data-js_submit="yes" /></span> Нажимая на кнопку "Готово!", я даю <a class="link_txd logreg_accLink" href="/faq/persverordnung.html">согласие на обработку персональных данных</a> </label> </div> {* <div style="float: left;position: absolute;left: 11em;"> <img src="http://www.kupivip.ru/images/vip/logo.png?1604" style="width: 86px; vertical-align: middle;display: block;"> </div> <div class="rg_for_input rg_set_lineh"> <label class="js_tap_panel_checkbox"><input name="" id="js_tap_panel_checkbox_kupivip" type="checkbox" data-js_submit="yes"> Я хочу получать новости о скидках на одежду</label> </div> *} <div class="rg_for_input"> <em id="reg_msg" class="reg_error rg_for_input_wide"></em> <em id="reg_msg2" class="reg_error rg_for_input_wide"></em> <input id="rf_typeauthid" value="email" type="hidden"> <a class="button button-red logreg_submit" id="js_regFormBut" href="#">Готово!</a> <div class="loading loading-cover" style="display: none;"><div class="loader"></div></div> </div> {#/if} </div> {#/template js_tmpl_auth_reg_action} {#template js_tmpl_auth_reg_agree} <div class="rg_for_input rg_set_lineh rg_for_input_wide"> <label class="js_tap_panel_checkbox"> <span class="chk"><input name="" id='js_tap_panel_checkbox_terms_reg' type="checkbox" data-js_submit="yes" /></span> Я ознакомился и согласен с <a class="link_txd logreg_accLink" href="/faq/vereinbarung.html">условиями сервиса Subscribe.ru</a></label> <em id="reg_msg_soc" class="reg_error rg_for_input_wide"></em> </div> {#/template js_tmpl_auth_reg_agree} {#template js_tmpl_auth_reg_button} <div class="rg_butons_socials"> {#if $P.login_register_tab == 1} <a class="rg_btn_soc rg_bs_01 js_tap_panel_selector" action="auth_email" href="#"><span><i></i>Email</span></a> <a class="rg_btn_soc rg_bs_01 js_tap_panel_selector" action="auth_openid" href="#"><span><i></i>OpenID</span></a> <a class="rg_btn_soc rg_bs_02 js_tap_panel_selector" action="auth_vkontakte" href="#"><span><i></i>Вконтакте</span></a> <a class="rg_btn_soc rg_bs_02 js_tap_panel_selector" action="auth_mailru" href="#"><span><i></i>Mail.Ru</span></a> {#/if} {#if $P.login_register_tab == 2} <a class="rg_btn_soc rg_bs_01 js_tap_panel_selector" action="reg_email" href="#"><span><i></i>Email</span></a> <a class="rg_btn_soc rg_bs_01 js_tap_panel_selector" action="reg_openid" href="#"><span><i></i>OpenID</span></a> <a class="rg_btn_soc rg_bs_02 js_tap_panel_selector" action="reg_vkontakte" href="#"><span><i></i>Вконтакте</span></a> <a class="rg_btn_soc rg_bs_02 js_tap_panel_selector" action="reg_mailru" href="#"><span><i></i>Mail.Ru</span></a> {#/if} </div> {#/template js_tmpl_auth_reg_button} {#template js_tmpl_auth_reg_descr} {#if $P.login_register_tab == 1} Для оформления подписки на выбранную рассылку, работы с интересующей вас группой или доступа в нужный вам раздел, просим авторизоваться на Subscribe.ru {#/if} {#if $P.login_register_tab == 2} Для регистрации укажите ваш e-mail адрес. Адрес должен быть действующим, на него сразу после регистрации будет отправлено письмо с инструкциями и кодом подтверждения. {#/if} {#/template js_tmpl_auth_reg_descr} {#template js_tmpl_soc_auth_reg_descr} Или зарегистрируйтесь через социальную сеть. {#/template js_tmpl_soc_auth_reg_descr} {#template js_tmpl_auth_reg_soc} <div class="rg_soc"> {#if $P.login_register_tab == 1} <a onclick="return _checkSocConfirm(event)" href="https://oauth.vk.com/authorize?client_id=3954260&scope=wall,offline,photos,groups,video,audio,email&redirect_uri={location.protocol+'//'+location.host}/member/login/vk/&response_type=code&v=5.15" class="login_register_vk_button"> <span class="login_register_vk_icon"></span> </a> {#/if} {#if $P.login_register_tab == 2} <a onclick="return _checkSocConfirm(event)" href="https://oauth.vk.com/authorize?client_id=3954260&scope=wall,offline,photos,groups,video,audio,email&redirect_uri={location.protocol+'//'+location.host}/member/join/vk&response_type=code&v=5.15" class="login_register_vk_button"> <span class="login_register_vk_icon"></span> </a> {#/if} </div> {#/template js_tmpl_auth_reg_soc}

{#template MAIN} <div id="loginForm" style="display:none;" class="subscriberu_popup"> <div class="popup_register"> {#include js_tmpl_auth_reg_tab} <dl class="rg_block_options"> <dt id="js_tap_panel_auth"> <p class="rg_description">{#include js_tmpl_auth_reg_descr}</p> <div class="clr"> </div> {#include js_tmpl_auth_reg_action} <div class="clr"> </div> </dt> </dl> </div> <!-- <div class="gray_bg register_shadow"></div> --> </div> {#/template MAIN} {#template js_tmpl_auth_reg_tab} <ul class="rg_nav"> <li id="js_tab_reg" class="rg_active_nav rg_first_nav"><a href="" onclick="return false;" >Регистрация</a></li> </ul> <span onclick="hidebo();" class="rg_closed"> </span> {#/template js_tmpl_auth_reg_tab} {#template js_tmpl_auth_reg_descr} <strong>Пожалуйста, подтвердите ваш адрес.</strong><br><br>Вам отправлено письмо для подтверждения вашего адреса {$P.register_confirm_mail}.<br>Для подтверждения адреса перейдите по ссылке из этого письма. {#/template js_tmpl_auth_reg_descr} {#template js_tmpl_auth_reg_action} <div class="rg_forms confirm_code_from_letter"> <div class="rg_for_input"> <span class="rg_inp_descr" style="width:15em;">Или введите код из письма:</span> <input type="text" value="" id="confirm_code" name="" data-js_submit="yes" data-js_action="js_confirmFormBut" class="js_keydown_selector rg_input_text_conf" > </div> <div class="rg_for_input"><label>Не пришло письмо? <b>Пожалуйста, проверьте папку Спам</b><br /> (папку для нежелательной почты).</label><br />  <a href="" onclick="ajax_recall_code();return false" >Вышлите мне письмо еще раз!</a></div> <div class="rg_for_input"> <em class="reg_error" id="confirm_msg"></em> <a href="#" class="button button-red" id="js_confirmFormBut">Готово</a> <div class="loading loading-cover" style="display: none;"><div class="loader"></div></div> <br> </div> </div> {#/template js_tmpl_auth_reg_action}