Most Dangerous Top Level Domain Name ( TLDs )

McAfee found the most dangerous domains to navigate to are .hk, .cn, and .info. Of all .hk sites McAfee tested.

Our domain name is theos.in and TLD is .IN. The letters which follow the final dot of any domain name is called TLD (Top Level Domain Name). Management of top-level domains is handled by the ICANN.

Now McAfee has published the list of most dangerous TLDs in the world used by spammer and to install virus / other dirty stuff on your computer without authorization.

From the article:

McAfee found the most dangerous domains to navigate to are “.hk” (Hong Kong), “.cn” (China) and “.info” (information).

Of all “.hk” sites McAfee tested, it flagged 19.2 percent as dangerous or potentially dangerous to visitors; it flagged 11.8 percent of “.cn” sites and 11.7 percent of “.info” sites that way.

A little more than 5 percent of the sites under the “.com” domain — the world’s most popular — were identified as dangerous.

Download ZoneAlarm Anti-Spyware for FREE

From the ZoneAlarm web site:

The security experts behind ZoneAlarm urge you to always patch your operating systems and browsers whenever an update is available. More importantly, take extra precautions to protect your PC for those times when a patch may not be available. That’s why we are offering you ZoneAlarm Anti-Spyware for FREE today (Nov 14, 2007), Patch Tuesday, only. Don’t miss out on this incredible opportunity to protect your PC and stay safe online!

=> Download here

Gmail and Yahoo webmail hacked

Robert Graham, the CEO of errata security, surprised attendees by hijacking a Gmail session on camera and reading the victim’s email. He went even further by demonstrating the attack to us in person, taking over another journalist’s Gmail account and then sending us sheep-loving emails.

Now you know why it’s dangerous to check your web emails in public hotspot or through open wi-fi connections. You can try https session and only use secure wifi connection to avoid problems.

From the article:

The attack is actually quite simple. First Graham needs to be able to sniff data packets and in our case the open Wi-Fi network at the convention fulfilled that requirement. He then ran Ferret to copy all the cookies flying through the air. Finally, Graham cloned those cookies into his browser – in easy point-and-click fashion – with a home-grown tool called Hamster.

The attack can hijack sessions in almost any cookie-based web application and Graham has tested it successfully against popular webmail programs like Google’s Gmail, Microsoft’s Hotmail and Yahoo Mail. He stressed that since the program just uses cookies, he only needs an IP address and usernames and passwords aren’t required.

Point and click Gmail hacking at Black Hat

Cyber criminals using stolen credit cards to make donations

No these thieves are not modern-day Robin Hoods, but they’re really just cyber-robbers. They are using this method to see if credit card is valid or not:

The verification method has become popular because the monitoring software at credit-card companies may not question donations to charities, according the Symantec blog. Santoyo said the schemers usually donate less than $10.

American Red Cross spokeswoman Carrie Martin said, “This happens all the time. We have people at the Red Cross who deal with this type of activity.”

Last month alone, the Red Cross refunded 700 fraudulent credit-card transactions, Martin said. That figure doesn’t include the transactions the charity blocked because they appeared fraudulent.

Read more

Windows Vista File System Virtualization

This looks neat and claver solution for Windows Vista.

One of the security features within Windows Vista that is not evident is file system virtualization. This type of virtualization allows an application a silo’d virtual store where it can read and write to without compromising the system.

Let’s say you have an appication that attempts to write to System32. Instead of allowing the application to do so, Vista creates a virtual System32 in the user’s profile that the application will use. Application developers can code their applications to automatically run virtualized or you can set this manually. IE7 running in protected mode utilizes this functionality so when you visit a webpage that tries to insert a file into the Startup folder, it instead is placed in the virtual startup folder and will not execute upon the next boot. Let’s look at a simple example.

File System Virtualization

Download of the day: Windows Server 2003 Service Pack 2

Microsoft Windows Server 2003 Service Pack 2 (SP2) is a cumulative service pack that includes the latest updates and provides enhancements to security and stability. It includes updates, fixes and enhancements to a Windows oses. Service packs are the means by which product updates are distributed.

If you are using any one of the following version, you need to use this service pack:

  • Windows Server 2003 with SP2
  • Windows Server 2003 R2 with SP2
  • Windows Server 2003 x64 Editions with SP2
  • Windows Server 2003 R2 x64 Editions with SP2
  • Windows Server 2003 for Itanium-based Systems with SP2
  • Windows XP Professional x64 Edition with SP2

Download link

This is a released to market (RTM) only. You can download service pack by visiting this site. (release note, found via MSDN blog)

Understanding Apple’s iTunes Store DRM – Digital Rights Management

DRM (Digital Rights Management) is a technology (or several technologies) to give content providers control over redistribution and access to material.

Apple’s iTunes Store, as well as many e-books vendors, have adopted DRM schemes in recent times.

This article provides some details about Apple DRM:

Understanding how Apple’s FairPlay DRM works helps to answer a lot of questions: why it hasn’t been replaced with an open, interoperable DRM that anyone can use, why Apple isn’t broadly licensing FairPlay, and why the company hasn’t jumped to add DRM-free content from indie artists to iTunes.

Read more: How FairPlay Works: Apple’s iTunes DRM Dilemma

Microsoft Windows Vista Crack by Paradox

There is news everywhere about Windows Vista Crack called “BIOS Emulation Toolkit For Windows Vista x86”. It claims that it bypass the product activation requirement of Microsoft Windows Vista.

Here is how it works:

Microsoft allows large hardware manufacturers (e.g. ASUS, HP, Dell) to ship their products containing a Windows Vista installation that does NOT require any kind of product activation as this might be considered an unnecessary inconvenience for the end-user. Instead these so-called ‘Royalty OEMs’ are granted the right to embed certain license information into their hardware products, which can be validated by Windows Vista to make obtaining further activation information (online or by phone) obsolete.
This mechanism is commonly referred to as ‘SLP 2.0’ (‘system-locked pre-installation 2.0’) and consists of the following three key elements:

Download info

Your WordPress blog may get hacked if you are using 2.1.1 version

I’ve updated my blog few days back. But in case if you are still running 2.1.1 makes sure you get updated version.

This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.

Read more