Archive for March 3rd, 2010

Barack's Donor Data May Be Safe, But Site Was Not Properly Secured

By Jerry J. Jansen On March 3, 2010 No Comments

I recently reported on donate.barackobama.com being hacked. While Blue State Digital and the Democratic Nationinal Committee may disagree, I stand by the statement. It was clear that something was incorrectly configured, whether the data that was exposed belonged to Obama’s team or not.

In his report for the Washington Post, Brian Krebs called the hack a “hoax. The best analysis I can find on what Unu encountered when he stumbled upon Roosevelt University’s calendar database was posted at the Praetorian Prefect blog.

So what actually happened? It appears that the secure areas of barackobama.com (those that use HTTPS:/) had an open redirector that could be used to proxy all traffic through the Obama website.

While the site’s data itself may not have been compromised, the site was still not properly secured. As the folks at Praetorian pointed out, there are several ways to exploit this flaw that could affect the security of my.barackobama.com users.

Web browsers protect cookies by allowing only the originating domain to read those cookies later. When you log in to my.barackobama.com, the site sets a cookie to remember who you are

Click here to continue reading


How To Remove Trojan Horse

By Jerry J. Jansen On March 3, 2010 No Comments

What is Trojan Horse?

Trojan Horse, short for W32/Sasser.worm, is an infective worm that affects WinNT/Win2000/WinXP/Win2003. If getting infected with Trojan Horse, your PC will crash or reboot itself without any reason. You will be fed up with the deathly slow running and CPU may be taken over 100%! To be surprise, you should be able to find a process named avserve.exe running. This is how Trojan Horse acts once it has lurked into your system. Here comes the question that how to remove this virus easily?

How to remove Trojan Horse?

Actually, Trojan Horse destroys your laptop by downloading avserve.exe and then infects your PC. Differ from other virus infection way, it uses avserve.exe to attack Lsass Bug; block your internet connection and make your PC run like a crawl eventually. If your laptop is in this trouble, you need to take the following action to get rid of it.

#1 Update your system to the latest version, including the browser you are using, such as Internet Explorer or Firefox.

#2 Block some ports of your Fire Wall which aims to stop the attacks from avserve.exe. They are 445, 5554 and 9996 port.

#3 Delete avserve.exe

Click here to continue reading


  • Blog Sponsors

    ZoneAlarm Antivirus 50% Off
    Protect your privacy with CyberScrub Privacy Suite
    Norman Security Suite
    CA Anti-Virus 2009
    Avast! Internet Security 5
    Trend Micro's Internet Security 2010
    Kaspersky Lab E-Store
    #1 in Identity Theft Protection
  • Advertise on this active blog for only $27.00/mo. Send us an email for more information.

  • Archives

    July 2010
    S M T W T F S
    « Jun «-»  
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

  • Categories

  • MY WEBSITES

  • Login / RSS

  •  

PHP Optimization by PHP Speedy PHP Optimization by PHP Speedy