Imagine, you are in your hotel room in a foreign country, your laptop detects a wireless access. You open your browser and get a nice login screen asking you a credit card number (a captive portal). What’s next? Make your choice: fill the form with the magic numbers or try
Phising attack against a Belgian bank!
Today, I received the following mail: Date: Thu, 15 Mar 2007 12:30:04 +0100 (CET) From: “email@example.com” To: xxxxxxx Subject: Important Notice for Citibank Customers This mail has been sent from Germany and the page is hosted in Dallas,Texas (still available @ 13:15 CET). I mailed the admins over there to
New security thread
The best firewall ever will never stop terrorists! 🙁 SCOTLAND YARD has uncovered evidence that Al-Qaeda has been plotting to bring down the internet in Britain, causing chaos to business and the London Stock Exchange. The suspects, who were arrested, had targeted the headquarters of Telehouse Europe, which houses Europeâ€™s
A vulnerability in SpamAssassin has been reported by Secunia (Ref 24197). SpamAssassin has been upgraded on rootshell.be!
Every day, thousands of new blogs come to light and the same amount dies! From time to time, there are very nice initiatives like this one: securitybullshit!, like the well known Dilbert or User Friendly, offers small cartoons about security. All aspects of security is covered: virus, computers, risk assessment,
Google Safe Browsing explained
Here is a nice blog entry which explains how Google’s Safe Browsing protects you.
Second (*) WordPress upgrade this year! It fixes important vulnerabilities reported by Secunia (Advisory ID SA23595). (*) The first one occured only a few days ago.
Q1 2007 Vulnerability Challenge
Targets: Vista and IE7. Let the show begin! Source: labs.idefense.com.
RFID is a not-yet-widely-deployed technology but all security experts agree on the fact that information theft will become one of the major issue! Be prepared! Use one of those anti-RFID wallet proposed on mobileedge.com! They’ll block radio waves generated by your future ID card or passport! 😉
WordPress “file” Script Insertion Vulnerability
WordPress is a well known blogging platform. (This blog is running WordPress 😉 ). A vulnerability has been found which can be exploited to conduct script insertion attacks. See details here. After the upgrade, the following link may be usefull if you use PHP5!