Create an Account
username: password:
 
  MemeStreams Logo

Curiouser and Curiouser

search

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
(Miscellaneous)
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Current Topic: Miscellaneous

Security Threat: WordPress Under Attack
Topic: Miscellaneous 4:20 pm EDT, Sep  5, 2009

Writes Lorelle on her WordPress-centric blog:

There are two clues that your WordPress site has been attacked:

First, there are strange additions to permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

TechCrunch is not great about reporting security vulns, certainly not to the level of detail you;d want if you hack in the scene. What *is* interesting is using the Http Referer (sic) header to carry the actual payload.

Security Threat: WordPress Under Attack


RFC 3205 (rfc3205) - On the use of HTTP as a Substrate
Topic: Miscellaneous 12:59 am EDT, Sep  5, 2009

Recently there has been widespread interest in using Hypertext Transfer Protocol (HTTP) as a substrate for other applications-level protocols. This document recommends technical particulars of such use, including use of default ports, URL schemes, and HTTP security mechanisms.

Advice when using HTTP as GFBP.

RFC 3205 (rfc3205) - On the use of HTTP as a Substrate


Bad Religion Live Performances/Bootlegs
Topic: Miscellaneous 11:49 pm EDT, Sep  4, 2009

MP3 and WMVs of Bad Religion live performances. My love of Bad Religion is quite well documented. See Ajax Security page 330.

Bad Religion Live Performances/Bootlegs


Come hack us! HP's 24 Hour Live Hacking Challenge
Topic: Miscellaneous 10:31 am EDT, Sep  4, 2009

Join us at the HP Application Security virtual booth for a 24 hour live web hacking challenge where you will have a chance to advance through more than 10 levels of increasing difficulty. Participants attempt to break the login protection mechanisms at each level and gain experience in conducting attacks as a hacker would. Learn how simple techniques can compromise web applications. All of the security defects in the application are based on real world mistakes web developers make.

This is 100% open to the public. Please feel free to pass this on

HP's Web Security Research Group has built hacking challenges that we use internally to test and train new employees and keep other folks sharp. They are deliberately designed to not work with automated crawling or scanning tools. We are opening this one to the public to play with and learn. People of all experience levels are welcome as everyone should be able to get through at least a few of these.

Come hack us! HP's 24 Hour Live Hacking Challenge


Solving Sudoku in SQL
Topic: Miscellaneous 9:07 am EDT, Sep  4, 2009

haha.

Solving Sudoku in SQL


Manipulation and abuse of the consumer credit reporting agencies
Topic: Miscellaneous 4:25 pm EDT, Sep  1, 2009

This paper will present a number of loopholes and exploits against the system of consumer credit in the United States that can enable a careful attacker to hugely leverage her (or someone else's) credit report for hundreds of thousands of dollars. While the techniques outlined in this paper have been used for the personal (and legal) pro fit by a small community of credit hackers, these same techniques could equally be used by more nefarious persons --- that is, criminals willing to break the law, engage in fraud, and make o with significant sums of money. The purpose of this paper is to shed light on these exploits, to analyze them through the lens of the computer security community and to propose a number of fixes which will greatly reduce the effectiveness of the exploits, by both those with good and ill intentions.

Interesting paper in this month's First Monday.

Manipulation and abuse of the consumer credit reporting agencies


British small biz falls out of love with Microsoft, heads to the Clouds
Topic: Miscellaneous 1:25 pm EDT, Sep  1, 2009

In their poll of 1,400 Microsoft customers, all small businesses in the UK, they found that 13% of them intend to switch to Google Apps within 12 months while 22% are “undecided”. In other words a healthy number are either switching or probably poised to switch. Of the remaining, 36% were Not Switching and 29% were “Not aware” of Google Apps.null

I've been looking at operational stuff recently. Google Apps is a no brainer for what I need.

British small biz falls out of love with Microsoft, heads to the Clouds


MemeStreams receives DMCA takedown
Topic: Miscellaneous 12:51 pm EDT, Sep  1, 2009

It has come to our attention that the web site www.memestreams.net contains material and/or links to material that violate the anti-circumvention provisions of the Digital Millennium Copyright Act ("DMCA"). This letter is to notify you, in accordance with the provisions of the DMCA, of these unlawful activities. Pursuant to the safe harbor provisions of the DMCA, we request that you remove any whole or partial reproductions of and/or disable links to the following:

Is this the first DMCA letter Memestreams has received? You'd think between you, me, Virgil, Mike, Rattle, deC0de and others we would have generated more of these by now...

MemeStreams receives DMCA takedown


Cloud Fail! Elance Sends Private Messages All Over The Place
Topic: Miscellaneous 12:10 pm EDT, Aug 28, 2009

Second time this Summer we write about Elance, a service that allows for companies and individuals to hire and pay independent professionals and contractors online, and once again it’s not good news but another security issue. A registered user of the service, Salma Jafri, tells us she has been receiving dozens of private messages that were erroneously sent to her account, on occasion even containing confidential information and sensitive data such as login details for Elance accounts and third-party servers.

Wow. Fail.

Cloud Fail! Elance Sends Private Messages All Over The Place


Hulu - Better Off Ted: Secrets and Lives - Watch the full episode now.
Topic: Miscellaneous 10:25 pm EDT, Aug 26, 2009

With this technology, we have finally defeated privacy!

You should be watching Better Off Ted.

Marie, where are those weaponized Pumpkins?

Hulu - Better Off Ted: Secrets and Lives - Watch the full episode now.


(Last) Newer << 6 - 7 - 8 - 9 - 10 - 11 - 12 - 13 - 14 - 15 ++ 25 >> Older (First)
 
 
Powered By Industrial Memetics
RSS2.0