03-11-07

how yahoo.com is destroying its core business - mail

yahoo was known to have one of the best - if not the best online webmailservice around since long. It has adopted this service several times to new functions and possibilities but the change to web2.0 has fucked up their mailservice for good. You effectively can't use it and what is even more surprising there is no reaction whatsoever from whoever from Yahoo or the support service. If you google for the different problems with yahoo mail new (and for not being able to open attachment the old version also) than you see tens of tens of questions in all kinds of support groups but without any other response that they are aware of it and are working on it.

This is during for months now and you can't expect from your users that they will wait for much longer. Luckily for Yahoo we are a bit hostage because it would be nearly impossible to transfer everything to another account.

Meanwhile the business image of yahoo has been damaged.

16:35 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Number of Belgian sites being hacked is going up fast

http://be-hacked.skynetblogs.be  indicates that the number of Belgian sites .be that were being hacked the last couple days has been going up even if we don't see any political proclamation as was the case last week. Nonetheless we see that the number of compromised sites and servers is going up.

Now that we are also working with a Turkish directory of defaced sites aside from other sources, we see more clearly that Turkish hackers are like bees to a compromised flower (site). If a site is defaced it will be defaced over and over again by different groups that sometimes are trying different techniques. Some websites that were/are defaced we see being reworked - in the same place or on another directory of the site - 5 times or more.

it is for this reason incredible that hosters and ISP's are not keeping more under control and that it is as if they don't care. Not only takes it sometimes days for the hack to be noticed or to be taken offline - even after the publication at http://be-hacked.skynetblogs.be  but some older websites that were hacked are still hacked online.

It is time maybe for Google or dns.be or the ISP's to take some action. This could be

* a mail warning that the website is compromised and published as such and that they have 48 hours to take the website or the pages offline

* if they don't answer than dns.be can receive a message to change the website by a "404  under construction" (now I hear dns.be telling me that this would be enormous work, euh we are talking about 5 to 20 sites a week in normal circumstances. I am not sure how many would stay hacked after 2 days if they would be effectively blocked otherwise).

a leaking oiltanker is also repaired or taken to habor or emptied into another tanker..... Here nobody cares about the infection spills from leaking boats and tankers on the WWW

13:14 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Belgium still an attacking cybernation thanks to skynet

According to this service - public indicator some of our networks have very infected - or remotely controlled servers or users - that are attacking in such a way other networks that belgium is being indicated as a dangerous network. Only the problem on skynet.be network seem to worsen as now 3 botnet servers are active.

Hey guys at skynet, waken up - take it down - before it spreads and takes you down

by the way TELENET network is hosting 6 phishing sites

http://atlas.arbor.net/cc/BE  you can both become member to have the detailed information to take them down.

10:56 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Storm worm is industrialised automated infecting

The storm worm is making more binaries and infecting sites than any company can keep up with. During the first ten days of october they made 1400 different binaries (that is 140 variants a day) making it for the botnet hunter a total of 43,897+ unique binaries  for the storm worm.

This means you will have to set your antivirus updates for critical machines to less than an hour and in fact limit your network traffic and email use to the strict business use. Sorry folks, this is an avalanche.

http://www.disog.org/2007/10/some-more-cme711storm-ips-an...

10:46 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Perl attacks are for every computer (Mac and UNix too)

http://www.disog.org/2007/11/mac-codec-trojan.html  this is the discussion about a perl script that adapts the download to the OS of the machine and that after installation connects to a control server of a botnet ( a number of infected computers under the control of the corruption company or hacker).

so stop having stupid 'which is saver' discussions and get your act together or do I have to remind that Macintosh does for the moment next to nothing to educate its users about security - just luring them into the stupid and dangerous believe that they are safe because they use a Mac....

more about this mac malware http://isc.sans.org/diary.html?storyid=3595

10:34 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Google publishes its list of badware sites through an API

http://code.google.com/apis/safebrowsing/

The Safe Browsing API is an experimental API that enables client applications to check URLs against Google's constantly updated blacklists of suspected phishing and malware pages. Your client application can use the API to download an encrypted table for local, client-side lookups of URLs that you would like to check.

Here are some of the things you can do with the Safe Browsing API:

  • Warn users before clicking on links that appear in your site when they lead to malware-infested pages.
  • Prevent users from posting links to phishing pages from your site.
  • Check a list of pages against Google's lists of suspected phishing and malware pages.

10:16 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

how to defend your apache against spammers and spyware

For those of us running Apache, htaccess rewrite rules provide an
excellent way to block spammers, scrapers, and other scumbags easily
and effectively. While there are many htaccess tricks involving
blocking domains, preventing access, and redirecting traffic, Apache's
mod_rewrite module enables us to target bad agents by testing the user-
agent string against a predefined blacklist of unwanted visitors. This
was passed the original was at "Perishable Press" with a few tested
mods.

This is well tested, and even though a large file, no noticable loss
of speed, but big improvement in bandwidth (note for BadWareAvenger)!
For all copy paste to .htaccess and enjoy the STOP :-)  source

10:02 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |