Dancho Danchev

Contributor

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis.ggMore details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile. You can also follow him on Twitter

More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile.

Latest from Dancho Danchev

Show search filters
Four XSS flaws hit Facebook

Four XSS flaws hit Facebook

Project XSSed, the clearing house for cross site scripting flaws has just released details on four flaws affecting Facebook's developers page, iPhone login page and the new users registration page, potentially assisting malicious attackers into adding more legitimacy to their campaigns.

December 15, 2008 by in Social Enterprise

Spammers targeting Bebo, generate thousands of bogus accounts

Spammers targeting Bebo, generate thousands of bogus accounts

The concept of building a fraudulent ecosystem by abusing legitimate services only is nothing new, and as we've already seen numerous times throughout the year, malicious attackers are actively embracing it. Bebo, the popular social networking site is currently under attack from spammers that are automatically registering thousands of bogus accounts advertising fake online pharmacies, with the campaign owners receiving revenue through an affiliate based program.

October 31, 2008 by in Social Enterprise

Attacker: Hacking Sarah Palin's email was easy

Attacker: Hacking Sarah Palin's email was easy

A college student identified as Rubico has claimed responsibility for hacking into Sarah Palin's personal email, and provided a detailed 1st person account of how he hacked into the email account using the password "popcorn" which he managed to reset by successfully answering her security question “Where did you meet your spouse?

September 18, 2008 by in Social Enterprise

Facebook introducing new security warning feature

Facebook introducing new security warning feature

With Facebook persistently under attacks from phishers and malware authors, looking for creative ways to efficiently exploit its users base, Facebook's security team has silently introduced a new "security warning feature" alerting its users on the potential maliciousness of the third-party site they are about to visit. Is the newly introduced featured a PR move, and how applicable is this approach during an ongoing attack?

September 15, 2008 by in Social Enterprise

Inside India's CAPTCHA solving economy

Inside India's CAPTCHA solving economy

No CAPTCHA can survive a human that's receiving financial incentives for solving it, and with an army of low-waged human CAPTCHA solvers officially in the business of "data processing" while earning a mere $2 for solving a thousand CAPTCHA's, I'm already starting to see evidence of consolidation between India's major CAPTCHA solving companies.

August 29, 2008 by in Social Enterprise

Storm Worm's Independence Day campaign

Storm Worm's Independence Day campaign

A Storm Worm's Independence Day campaign is circulating online using email as propagation vector, attempting to trick users into visiting a Storm Worm infected host, where a multitude of what looks like over five different exploits attempt to automatically infect the visitors next to the malware binary fireworks.exe.

July 4, 2008 by in Social Enterprise