Scareware, Black Hat SEO and You

The scareware and rogue AV problem that initially appeared a few years ago and has since found its way onto thousands and thousands of legitimate Web sites, including The New York Times home page, has now reached epidemic levels. The scams are mostly boilerplate and well-understood, but it’s not...

Moscow Bombings, TJX Hacker Spur Black Hat Campaigns

Spammers and malware writers have wasted no time in taking advantage of Monday’s bombings in Moscow, opening up a campaign on Twitter to point users to malicious sites. The pair of suicide bombings that hit the Metro system in Moscow Monday morning inevitably led to a flood of messages on Twitter...

Attackers Targeting .Edu Sites in SEO Poisoning Campaigns

Having mastered the art of poisoning search engine results for .com sites, attackers are now turning their attention to .edu sites, linking their keyword campaigns to educational institutions as a way of lending their malicious sites more credence in the eyes of Google. The goal of these attacks ...

Unfixed XSS vulnerability at brookstodo.com

Security researcher www.nullcode.com.ar, has submitted on 04/10/2007 a cross-site-scripting XSS vulnerability affecting brookstodo.com, which at the time of submission ranked 492768 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/10/2007. It...