A Cross-site scripting (XSS) vulnerability has been discovered in wp-admin/templates.php in WordPress which allows remote attackers to inject arbitrary web script or HTML via the file parameter.

Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.

All versions of WordPress are affected. WordPress has fixed this for v2.0.6 and released a patch for v2.0.5. To patch, simply overwrite the original file after taking backup.

Continue reading ‘Exploit discovered in WordPress Template.php’

Today I got a PM from a friend on my Yahoo! Messenger buddy list with a link to an image. Since it was only an image and that too from a friend, I clicked the link and was taken to an error page. This was the PM -

Do you realize who is in this image: http://thecoolpics.net/who.jpg . Just think for a moment and tell me soon

About half an hour later I got another PM from him saying -

hey. i m in a cyber cafe. this machine is loaded wid viruses. so a bad picture has been sent to every1 on my frenz list! my due apologies.

This is the second IM Virus I came across this month

Continue reading ‘Another IM Virus?’

For the past few days I have been getting funny PMs from a few people on my Yahoo! Messenger Buddy List. These are some of the messages that I got.

Breaking news : school girls are kidnapped by the terrorists !! hxxp://mytermex.com/?news_id=18388

damn, she is so cute hxxp://nsl-school.org?id=miss_world

you are virus infected . Use this tool to remove viruses from your PC : hxxp://mytermex.com/?id=virus_shield

oh my god , i’ve won a 20000 usd lottery :O hxxp://nsl-school.org/?id=winning_list . Come to my house tonight for a party !!

Luckily I was aware about this virus as I had earlier read about it on Digital Point Forum.

After you get infected by the virus, it will try to kill your AntiVirus and will instantly send a PM to all your IM buddy friends. The virus does not affect Firefox and Opera, but IE users are going to have a tough time with it.

Have you come across this IM Virus? If yes, how did you get rid of it?

Phishing attacks have increased a lot these days. Infact hackers are now using a more sophisticated method called Pharming. So what is this so called Phishing and Pharming? Keep reading to find out…

Phishing, also called as spoofing, is the act of attempting to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business with a real need for such information in a seemingly official electronic notification or message. The e-mail directs the user to visit a Web site where there are asked to update personal information, such as passwords and credit card, social security, and bank account numbers that the legitimate organisation already has.

The term ‘Phishing’ comes from the fact that these Internet scammers use sophisticated lures as they ‘fish’ for user’s financial information and password data.

Phishing is spelt with a ‘Ph’ because hackers commonly replace the letter ‘f’ with ‘Ph’.

In Pharming, the DNS server software is exploited and the hacker acquires the domain name of a site and redirects traffic from that site to another Web site. This site is then used to steal or “phish” a visitor’s account details, or even the payment information.

Ok, now you know what Phishing and Pharming is. Now how do you avoid such attacks?

Well, the easiest way to avoid being a victim of such attacks is to be cautious as to where you give out your personal details such as credit card numbers, passwords and other payment or billing information such as bank account numbers or credit card details.

You can also use a good anti-phishing software. These programs are often integrated with Web browsers and e-mail clients as a toolbar that dispalys the real domain name for the visiting Web site. This prevents the most common form of Phishing attack called spoofing.

Browsers such as Internet Explorer 7 have in-built Phishing filters that automatically checks the visited web site against a list of reported phishing websites.

A virus masquerading as a new beta version of Microsoft’s MSN Messenger has begun circulating, antivirus company F-Secure said on its blog Tuesday.

The virus, which F-Secure calls Virkel.F, comes as a file called BETA8WEBINSTALL.EXE that can be downloaded from a Web site. Running the program installs not a new MSN Messenger beta, but rather a virus that sends download links to a computer user’s MSN Messenger buddies. The virus falsely labels the link as “MSN Messenger 8 Working BETA.”

“It also connects your machine to a botnet server,” F-Secure warned, meaning that a person’s computer can be controlled remotely to attack other machines or send spam.

Malicious software that uses instant messenger programs is growing more common. A November study by Akonix Systems identified 62 examples.

And Microsoft’s instant-messenger infrastructure is the most popular conduit for attack, IMlogic said in an October study.

Source: Techbulletin

IMLogic, an Instant messaging security firm, warned of a new phishing attack making its way through the Yahoo! Messenger network on Monday.

The attack, IM.Marphish2.Yahoo, attempts to steal personal information by making a user into believing that they are in violation of Yahoo’s Terms of Service.

The user is instructed to contact the “abuse department” through a URL that points to the 2wahms.com domain (a site like snipurl.com). When visited, the page looks similar to a Yahoo login page. However, once a user enters their personal information, the site steals the users username and password.

Given that Firefox has already entered double-digit market share territory in just one year, grabbing users from Microsoft’s Internet Explorer, is it logical that hackers will increasingly target Firefox with a whole host of exploits?

Read more