I was checking out the various RFI (Remote File Inclusion) exploits thrown at my site when I saw an exploit file that was heavily obfuscated. I meddled with the code a bit and got it to reveal the C&C servers:
I just noticed some weird HTTP requests on my site. It seems that someone is trying to exploit a remote file inclusion in some software. Normally I wouldn’t blink my eyes on these, but it seems that the vulnerability is in the PHPSESSID variable. I’ve got no idea which software these belong to though. Here are some examples:
I spotted a nice incoming link regarding The Onion Router (TOR). This time an exit-node was caught modifying SMTP server capabilities, stripping out the TLS capability (encryption) so that connecting clients will be forced to send out everything as clear-text.
The MBR rootkit has been in the news a bit lately. Packing ancient evil, the beast modifies the MBR (Master Boot Record) to bootstrap itself and to rootkit the whole Operating System. (more…)
[quote]
TV presenter Jeremy Clarkson has lost money after publishing his bank details in his newspaper column.
The Top Gear host revealed his account numbers after rubbishing the furore over the loss of 25 million people’s personal details on two computer discs.
He wanted to prove the story was a fuss about nothing.
But Clarkson admitted he was “wrong” after he discovered a reader had used the details to create a £500 direct debit to the charity Diabetes UK.
[/quote]
You can view the whole article here.
The last weeks of the last year were very busy which was seen in lack of posts. I decided to take a little look back at last year to see what all happened. (more…)