Facebook Fixes and Explains Logout Issue

I wrote a post two days ago about privacy issues with the Facebook logout procedure which could lead to your subsequent web requests to third-party sites that integrate Facebook widgets being identifiable and linked back to your real account. Over the course of the past 48 hours since that post was published we have researched the issue further and have been in constant contact with Facebook on working out solutions and clarifying behavior on the...

Baca Selengkapnya... Facebook Fixes and Explains Logout Issue

realwin_on_fc_binfile_a.rb

## # $Id: realwin_on_fc_binfile_a.rb 12975 2011-06-20 04:01:47Z sinn3r $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::Tcp include...

Baca Selengkapnya... realwin_on_fc_binfile_a.rb

Program:Win32/Seeearch

Aliases :Program:Win32/Seeearch is also known as Adware.VlcPlayer (Dr.Web), IsolationAware (Sophos). Explanation :Program:Win32/Seeearch is a web browser toolbar that may be bundled with a fake setup application named "Vlc Media Player".TopProgram:Win32/Seeearch is a web browser toolbar that may be bundled with a fake setup application named "Vlc Media Player".InstallationWhen run, the fake installer displays the following graphic: It also displays...

Baca Selengkapnya... Program:Win32/Seeearch

Backdoor:Win32/Darkshell.B

Aliases : There are no other names known for Backdoor : Win32/Darkshell.B. Explanation : Backdoor:Win32/Darkshell.B is a backdoor trojan that infects executable files and spreads through removable drives, as well as contacting a remote host in order to perform further malicious actions on the compromised computer. Top Backdoor:Win32/Darkshell.B is a backdoor trojan that infects executable files and spreads through removable drives, as well as...

Baca Selengkapnya... Backdoor:Win32/Darkshell.B

TrojanDropper:Win32/Vundo.L

Aliases :TrojanDropper:Win32/Vundo.L is also known as Trojan-Downloader.Win32.Wadolin (Ikarus), Infostealer.Gampass (Symantec).Explanation :TrojanDropper:Win32/Vundo.L is a trojan that is a member of a multi-component family of programs that deliver 'out of context' pop-up advertisements. It also drops files that are capable of downloading other malware.TopTrojanDropper:Win32/Vundo.L is a trojan that is a member of a multi-component family of programs...

Baca Selengkapnya... TrojanDropper:Win32/Vundo.L

Wordpress + Buddypress + Blogs Mu theme = XSS to Super Admin to Server Compromise

Wordpress + Buddypress + Blogs Mu theme = XSS to Super Admin to Server Compromise ---------------------------------------------------------------------------------- Cross-site scripting (XSS) vulnerabilities tend to be seen as one of the less serious security issues. Sometimes XSS can be serious, leading to complete server compromise... Severity: High Vulnerable setup: PHP<=5.2 (tested on CentOS 5), Wordpress<=3.1.4, Buddypress<=1.2.10...

Baca Selengkapnya... Wordpress + Buddypress + Blogs Mu theme = XSS to Super Admin to Server Compromise