uTorrent.com hacked, serving scareware
The popular file sharing web sites were compromised for a brief period of a few hours.
Latest from Dancho Danchev
NASA's Goddard Space Flight Center FTP server hacked
A Romanian attacker known as TinKode has compromised a FTP server belonging to Goddard Space Flight Center.
Baidu DNS records hijacked by Iranian Cyber Army
The DNS records of China's most popular search engine Baidu were hijacked earlier today by a group known as the "Iranian Cyber Army". In response, Chinese hacktivists have already started to attack Iranian web sites.
Campaign Monitor hacked, accounts used for spamming
E-mail marketing software developer Campaign Monitor warned users today of a server compromise that took place during the weekend.The compromise allowed the attackers to gain access to customer accounts, which they abused by importing their own lists of harvested emails in order to launch spam campaigns using the clean IP reputation of their servers.
Plugins compromised in SquirrelMail's web server hack
According to a recently posted update by SquirrelMail's Jonathan Angliss, the source code of three plugins was backdoored during the web server compromise of the popular web-based email application which took place last month.The compromised plugins were embedded with code that was forwarding accounting data to a server maintained by the people behind the hack, something SquirrelMail didn't acknowledge prior to announcing the web server compromise.
Fortune 500 companies use of email spoofing countermeasures declining
Here's a paradox - a technology originally meant to verify the sender of an email message for the sake of preventing spoofed messages from reaching the network, still hasn't been embraced by the world's biggest companies despite being around for years, but is actively used by adaptive spammers increasingly abusing legitimate services in order to take advantage of their identifiable email reputations.
Georgia President's web site under DDoS attack from Russian hackers
From Russia with (political) love? It appears so according to a deeper analysis of the command and control servers used by the attackers.
DoS Attacks Using SQL Wildcards Revealed
Yesterday, Ferruh Mavituna of Portcullis released a whitepaper entitled "DoS Attacks Using SQL Wildcards", with some insightful comments on how it's possible to multiply the attack tactics discussed to the point where not even a botnet would be needed to successfully accomplish them.Summary of the paper :This paper discusses abusing Microsoft SQL Query wildcards to consume CPU in database servers.