Malware: a common threat
Malware represents a common threat for all users out there surfing the web. It doesn’t have ethics or a message to spread, like viruses used to have (not all had dangerous payloads).
Secure PHP configuration
A web application written on top of an insecurely configured PHP parser is as good as an account with a weak password.
SQL Injection Junkie
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks. (Wikipedia)
Javascript/Userscript Keylogger
Some days ago while I was writing the (traffic magnet) article HYGHAAZG and mentioned the keylogger, instantly it came to mind a userscript one. Googled a bit, but didn’t seem to find any (quite amazed)…
Exploit Shield
An exploit (from the same word in the French language, meaning “achievement”, or “accomplishment”) is a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized). This frequently includes such things as violently gaining control of a computer system or allowing privilege escalation or a denial of service attack. (Wikipedia)
Bookmarklets
A bookmarklet is an applet, a small computer application, stored as the URL of a bookmark in a web browser or as a hyperlink on a web page. The term is a portmanteau of the terms bookmark and applet. Whether bookmarklet utilities are stored as bookmarks or hyperlinks, they are designed to add one-click functionality to a browser or web page. When clicked, a bookmarklet performs some function, one of a wide variety such as a search query or data extraction. Usually the applet is a JavaScript program. (Wikipedia)
Adobe Reader may doom you
In the last period of time malware authors started focusing more and more on exploiting Adobe Reader (and ultimately users computers) via maliciously crafted documents. And vulnerabilities in Adobe Reader have been quite a few lately.
Adobe Reader oriented attack was also the malicious injection on my last hosting service…
(continue)
Regain your privacy and anonymity
Hopefully as you may have noticed, on a daily basis more and more of our (users) privacy is stripped shamelessly away by almost every website out there.
And so you don’t think I am speaking in a hypocritical manner, I admit I strip as well a part from your privacy, with the simple Google tracker I have inside my web pages… but for those that do care about their anonymity this is not an issue.
Our little chinese friend…
As you may have seen, in the last couple of days this blog was inactive, or under movement… All this happened due to a possible attack on my last hosting provider. And I said possible because I imagined multiple scenarios in which it could have happened.
Firefox without NoScript
That’s what many NoScript users have claimed of doing after the recent debate about NoScript circumventing ADBlockPlus for displaying the ads from its own page. One question I kept asking myself: Are these really noscript users?