The popular file sharing web sites were compromised for a brief period of a few hours.
Latest from Dancho Danchev
A Romanian attacker known as TinKode has compromised a FTP server belonging to Goddard Space Flight Center.
The DNS records of China's most popular search engine Baidu were hijacked earlier today by a group known as the "Iranian Cyber Army". In response, Chinese hacktivists have already started to attack Iranian web sites.
E-mail marketing software developer Campaign Monitor warned users today of a server compromise that took place during the weekend.The compromise allowed the attackers to gain access to customer accounts, which they abused by importing their own lists of harvested emails in order to launch spam campaigns using the clean IP reputation of their servers.
According to a recently posted update by SquirrelMail's Jonathan Angliss, the source code of three plugins was backdoored during the web server compromise of the popular web-based email application which took place last month.The compromised plugins were embedded with code that was forwarding accounting data to a server maintained by the people behind the hack, something SquirrelMail didn't acknowledge prior to announcing the web server compromise.
Here's a paradox - a technology originally meant to verify the sender of an email message for the sake of preventing spoofed messages from reaching the network, still hasn't been embraced by the world's biggest companies despite being around for years, but is actively used by adaptive spammers increasingly abusing legitimate services in order to take advantage of their identifiable email reputations.
From Russia with (political) love? It appears so according to a deeper analysis of the command and control servers used by the attackers.
Yesterday, Ferruh Mavituna of Portcullis released a whitepaper entitled "DoS Attacks Using SQL Wildcards", with some insightful comments on how it's possible to multiply the attack tactics discussed to the point where not even a botnet would be needed to successfully accomplish them.Summary of the paper :This paper discusses abusing Microsoft SQL Query wildcards to consume CPU in database servers.