lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Sun, 18 May 2008 08:28:53 -0500
From: "Nate McFeters" <nate.mcfeters@...il.com>
To: "Stuart Dunkeld" <stuartd@...il.com>
Cc: full-disclosure@...ts.grok.org.uk,
	Dancho Danchev <dancho.danchev@...il.com>
Subject: Re: Redmond Magazine SQL Injected by Chinese
	Hacktivists

So far from what I've read I've only heard talk of this as SQL
injection to update tables and put in these malicious links, but I've
heard no talk of data exfiltration... Has anyone heard about data
being stolen as a result of this widespread attack?

Nate

On 5/17/08, Stuart Dunkeld <stuartd@...il.com> wrote:
> Funnily enough, I noticed this yesterday when looking for some info on
> Virtual Server. Google has ~ 45,000 hits for wowyeye.cn/m.js but only
> a small minority are marked as malicious sites..
>
> Other pages on redmondmag.com - for example
> http://redmondmag.com/columns/article.asp?EditorialsID=1166&page=3 -
> reference www.qiqigm.com which is currently alive and attempting MDAC
> and RealPlayer exploits
>
> -- stuart
>
> On Fri, May 16, 2008 at 11:29 PM, Dancho Danchev
> <dancho.danchev@...il.com> wrote:
>> Hello,
>>
>> It appears that Redmond - The Independent Voice of the Microsoft IT
>> Community, formerly known as Microsoft Certified Professional Magazine
>> is currently flagged as a badware site, and third-party exploit
>> detection tools are also detecting internal pages as exploit hosting
>> ones, in this particular case Mal/Badsrc-A. Redmond Developer News and
>> Redmond Channel Partner Online are also affected.
>>
>> An analysis is available at :
>>
>> http://blogs.zdnet.com/security/?p=1118
>>
>> Regards
>> --
>> Dancho Danchev
>> Cyber Threats Analyst/Blogger
>> http://ddanchev.blogspot.com
>> http://windowsecurity.com/Dancho_Danchev
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ