lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ae1c8e460805171722i27871b69g59653acef5a15c64@mail.gmail.com>
Date: Sun, 18 May 2008 01:22:46 +0100
From: "Stuart Dunkeld" <stuartd@...il.com>
To: "Dancho Danchev" <dancho.danchev@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Redmond Magazine SQL Injected by Chinese
	Hacktivists

Funnily enough, I noticed this yesterday when looking for some info on
Virtual Server. Google has ~ 45,000 hits for wowyeye.cn/m.js but only
a small minority are marked as malicious sites..

Other pages on redmondmag.com - for example
http://redmondmag.com/columns/article.asp?EditorialsID=1166&page=3 -
reference www.qiqigm.com which is currently alive and attempting MDAC
and RealPlayer exploits

-- stuart

On Fri, May 16, 2008 at 11:29 PM, Dancho Danchev
<dancho.danchev@...il.com> wrote:
> Hello,
>
> It appears that Redmond - The Independent Voice of the Microsoft IT
> Community, formerly known as Microsoft Certified Professional Magazine
> is currently flagged as a badware site, and third-party exploit
> detection tools are also detecting internal pages as exploit hosting
> ones, in this particular case Mal/Badsrc-A. Redmond Developer News and
> Redmond Channel Partner Online are also affected.
>
> An analysis is available at :
>
> http://blogs.zdnet.com/security/?p=1118
>
> Regards
> --
> Dancho Danchev
> Cyber Threats Analyst/Blogger
> http://ddanchev.blogspot.com
> http://windowsecurity.com/Dancho_Danchev
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ