74 matches found
Geek.com Hacked, Found Hosting Exploit Kit
The security geeks at Geek.com were busy this weekend, after Web security firm zScaler found evidence that an exploit kit was using malicious iframe attacks to try to attack visitors to the company’s Web site, according to a Zscaler report Sunday. A post on the web security firm’s blog indicated...
BBC music websites get hacked !
THE BBC'S MUSIC WEBSITES have been hacked to stream malware using drive-by downloads for anyone browsing the infected webpages. Hackers set the drive-by malware up at the BBC's 6 Music website and the BBC 1Xtra radio station website. Researchers at the insecurity outfit Websense found the exploit...
BBC Sites Serving Malware
The websites of the BBC’s 6 music and 1Xtra radio stations have been injected with a malicious iframe and are redirecting users to a site serving up malware according to a Websense report Tuesday. The iframe, on both the BBC 6 music and 1Xtra webpages, is loading code from a malicious website fro...
Иинформация о 100 миллионах пользователей Facebook
Некий Ron Bowes сграбил всю инфу и выложил на пиратской бухте, которая не была закрыта настройками приватности. Пост на его бложеке: http://www.skullsecurity.org/blog/?p=887 BBC быстренько подсуетились раскрутили это как громадную новость Линк на торрент:...
Inside the BBC's Chimera botnet
By Dancho Danchev, ZDNet Earlier this month, the controversial BBC purchase of a botnet and modifying the infected hosts in the name of “public interest” sparked a lot of debate on the pros and cons of their action. Condemned by certain security vendors, and naturally, at least from guerrilla PR...
BBC defends, explains botnet purchase
After taking some heat for its decision to buy a botnet and use it to send spam and launch a denial-of-service attack against a site owned by Prevx, the BBC has released an editor’s note to explain and defend the broadcast experiment. Here’s the gist of the Beeb’s defense, via BBC Click executive...
BBC paid 'a few thousand dollars' for botnet
In a statement on Monday, the BBC said that its decision to purchase and use a botnet to espose the malware epidemic had been “in the public interest”. “It was not our intention to break the law,” the BBC told ZDNet UK on Monday. “There is a powerful public interest in demonstrating the ease with...
BBC botnet buy: What were they thinking?
By Roel Schouwenberg As Dancho Danchev pointed out, the BBC leased itself a botnet zdnet.com. I couldn’t quite believe it when I read it. The BBC, arguably one of the very best TV producers in the world, surely should have known better? There are so many things wrong about this that I hardly know...
[Full-disclosure] Cross Site Scripting (XSS) Vulnerability in Web Mail platform by "Mirapoint"
·= Security Advisory =· Issue: Cross Site Scripting XSS Vulnerability in Web Mail platform by "Mirapoint" Discovered Date: 19/09/2006 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://www.mirapoint.com/ Details: Mirapoint Web Mail platform is prone to a Cross Site...
HP OpenView BBC Service Detection
Binary data 3739.prm...
HP OpenView BBC Service Detection
The remote host appears to be running an HP OpenView product. This specific service is an HTTP server. By sending special requests version, info, status, ping, services, ..., it is possible to obtain information about the remote host. C Tenable Network Security, Inc. include"compat.inc"; if...
CVE-2002-1006
The CVE-2002-1006 entry concerns a Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) versions up to 1.5.11, where an attacker could trigger script execution via parserl.pl. Affected software is Betsie 1.5.11 and earlier. The provided connected sou...
CVE-2002-1006
Cross-site scripting XSS vulnerability in BBC Education Text to Speech Internet Enhancer Betsie 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl...
CVE-2002-1006
Cross-site scripting XSS vulnerability in BBC Education Text to Speech Internet Enhancer Betsie 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl...