ESET Nod32 Antivirus | Antispyware | Console d administration
Chercher :
Newsletter :  
Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs



Abonnez vous � Nessus Professional Feed !

Sponsors :

Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- USBsploit
- Commentaires

Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs

Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Communiques

Secumail :
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS/XML :
- Articles
- Brèves
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS SecuObs :
- sécurité
- exploit
- windows
- microsoft
- attaque
- réseau

RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network

RSS Videos :
- security
- vmware
- biometric
- virus
- metasploit
- windows

RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco

RSS Comments :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Communiques

RSS OPML :
- Français
- International

Abonnez vous � Nessus Professional Feed !


Revue de presse francophone :
- End.
- securite Symantec Application HA sécuriser la virtualisation d'applications critiques
- Jean-Marc Gremy, Cabestan Consultants Et si les questions de sécurité du Cloud Computing n'étaient pas encore dans les nuages ... mais bien toujours sur terre
- Le numéro de juillet aout 2009 de Veille internationale Télécoms-Internet édité par UBIFRANCE est paru
- 9 septembre Les Universités Computerlinks
- Emerson Network Power achète Chloride
- Facebook introduit la possibilité de se déconnecter à distance de son compte
- La Hadopi met en garde contre les faux emails d avertissement
- Le niveau de sécurité des paiements sur Payline à nouveau certifié PCI DSS
- Keynectis soutient Certicorps dans la lutte contre le travail illégal
- Itway, nouveau training center pour les solutions WatchGuard
- McAfee prodigue quelques astuces pour la rentrée des classes des enfants
- Qualys lance QualysGuard PCI 5.0
- Édito Misc 51
- MISC N 51 SEPTEMBRE OCTOBRE 2010 Chez votre marchand de journaux

Dernier articles de SecuObs :
- SecurityGarden.com, un annuaire en ligne d’outils de sécurité
- BlindElephant prend les empreintes des applications web
- DFF, le metasploit du forensic
- How to install USBsploit v0.1b through SVN, the tar.gz, the .run or to work with original Metasploit
- Video: usbploit.rb and the original MSF to get all the remote USB files by extensions through Meterpreter
- Video: usbsploit.rb and the original MSF to get all the remote USB files through Meterpreter
- Video: USBsploit gets all the remote USB files by extensions through Meterpreter and a modified MSF
- Video: USBsploit gets all the remote USB files through Meterpreter and a modified MSF
- Le projet OsmocomBB, implémentation libre de la norme GSM
- Interpolique un outil visant à dé-responsabiliser en partie les développeurs sur des problématiques comme les XSS et les SQLi

Revue de presse internationale :
- Controlling the power of a flash with a tv remote
- Professor McChrystal s Lectures Navigating Politics, Media, Irony
- Facebook s response to iPhone scam hack just raises more questions
- Apple s Ping Social Network is being Exploited
- Geolocation a security technology in disguise
- HPWuSchd9.exe
- happi.exe
- okatf.exe
- Facebook boosts security by adding remote logout feature
- Automated vs. manual security
- Scammers using IM to deliver IQ Test spam
- CEA-Leti demonstrates new communication technology for smart cards
- Cyber Resiliency, Homeland Security Style
- Netflix Polls BitTorrent Habits of Leaving Customers
- Understanding and Selecting an Enterprise Firewall Application Awareness, Part 2

Annuaire des videos
- GREAT TOOL for All Versions of Windows reset remove
- Developments in Software Defined Radios Part 1
- Bill Gates Appeals to US House of Reps Sci Tech Committee
- Metasploit Remote Control Hack
- Japan Launches High Speed Kizuna Internet Satellite
- Windows Password Recovey Software Works on Any Windows Version
- VMware Global Support Services
- Block Certain Filetypes from Download Squid
- Gain access to your system on PC and Laptop EASY 3
- VMware Cloud Opening for VMworld 2010
- Chema Alonso saluda a la ekoparty
- Password Exploitation Class Part 1 Why exploit local passwords 9 9
- Password Exploitation Class Part 1 Why exploit local passwords 3 9
- Password Exploitation Class Part 1 Why exploit local passwords 4 9
- Password Exploitation Class Part 1 Why exploit local passwords 1 9

Revue Twitter
- RT @XSSniper: Uploader (without auth). Many of the params in the querystring are vuln to XSS #hackiswack
- @not_me not my ethics. I just get to do realistic security testing. If I can find or buy the 0day then so can LOTS of other ppl
- @tliston I've seen an uptick on SIP probes as well.
- HITBSecConf back with new features #Security
- Google Chrome turns 2: Can we skip the toddler years?: Now that Google Chrome is 2, are we in ... . #security , #patch
- Women did well on Defcon social engineering test #Security
- #security Women did well on Defcon social engineering test #networkworld
- RT @egyp7: There are still slots available for my Metasploit training at #sectorca.
- Uploader (without auth). Many of the params in the querystring are vuln to XSS #hackiswack
- Think I Iike my new TiVoSlide Keyboard Remote but can't try the keybd yet 'cause the 2 USB ports I have are in use.

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse
Annuaires des videos : security, vmware, biometric, virus, metasploit, windows, password, lockpicking, botnet, tutorial, attack, exploit, network

+ de mots clés pour les videos
Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter



Top bi-hebdo des articles de SecuObs
- DFF, le metasploit du forensic
- SecurityGarden.com, un annuaire en ligne d’outils de sécurité
- USBDumper 2 nouvelle version nouvelles fonctions !
- La sécurité des clés USB mise à mal par USBDUMPER
- BlindElephant prend les empreintes des applications web
- Comment changer un mot de passe perdu pour un compte WINDOWS
- Ophcrack, un cracker de mot de passe Windows basé sur des rainbow tables
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Metasploitable, une image VMWare Ubuntu 8.04 vulnérable pour l'apprentissage de Metasploit
- La DGSE va recruter 100 ingénieurs par an

Top bi-hebdo de la revue de presse
- iWep PRO 2.0.6 iOS4 released and 2.0.3 restored to Repo
- iWep PRO 2.0.5 iOS4 released
- HADOPI Chat La Tribune d Eric Walter les deux pieds dedans
- Wawa-Mania et Atild l épilogue logique
- La HADOPI va t-elle dédommager les FAI
- La pédagogie made in HADOPI
- Cracker les mots de passe Gmail, Facebook, MSN
- Second-Life Des joueurs impliqués à  leur insu dans une attaque en DDoS
- FREE Kaspersky Internet Security 2010 Activation Code Valid for 6 Months
- Insécurité Montée en puissance de la cybercriminalité au Cameroun

Top bi-hebdo de l'annuaire des videos
- install MacOSX Snow Leopard in Windows PC using Vmware Workstation as virtual machine
- ekoparty security conference reel 2010
- Certified Ethical Hacker CEH Training Cryptography
- Hacking with metasploit keylogger and screen captures
- Fun with Android Root and Monitoring your PC with Dropbox Hak5
- Hacking Windows XP with Metasploit tutorial VNC remote control
- Hacking using nmap nessus and metasploit (part 1 of 2)
- OZ7IGY on 5 7 GHz received with 7m dish
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- From Basic to Advanced password sniffing Part 3

Top bi-hebdo de la revue Twitter
- Oups - LastPass IMPORTANT : DO NOT USE Google Chrome DEV BETA Channel : Google has created a terrible bug. See Chrome bug 52096
- The dd_ssh bot is currently responsible for an increase in brute force attacks on SSH connections.
- RT @reversemode: DLL Hijacking (KB 2269637) ? the unofficial list RT @dave_rel1k: RT @corelanc0d3r: check this one out :
- RT @Ivanlef0u: Automatic Detection of Unsafe Component Loadings by Taeho Kwon and Zhendong Su DLL hell reloaded
- RT @mubix: Maltego transform for the Aircrack-NG suite:
- Metasploit Fingerprinting
- RT @botherder: YoyoDDos: A new family of DDos bots
- RT @pauldotcom: Read my post on Zen and the Art of Nessus Web Application Scanning
- RT @PortSwigger Burp Suite Pro v1.3.08 released -
- Yola hit by a massive DDoS a few hours ago. www.is.gd/emWaM Raises interesting questions about DDoS prevention for startups. Sterkte Yola

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- [IDS Snort Windows – Partie 1] Introduction aux IDS et à SNORT
- GreenSQL un proxy MySQL pour filtrer les requêtes SQL et contrer les injections

Fake Web Hosting Provider - Front-end to Scareware Blackhat SEO Campaign at Blogspot
Les derniers commentaires publiés sur SecuObs (1-5):
- ESRT @packet_storm - Novell Netware OpenSSH Remote Stack Overflow
- ESRT @DennisF - Google Releases Chrome 6 With 14 Security Updates - Paid 4337 dollars in bug bounties
- cvechecker 0.5
- Suricata TCP Evasions
- Configuring Conditional SSH Connections
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]
S'abonner au fil RSS global de la revue de presse


Fake Web Hosting Provider - Front-end to Scareware Blackhat SEO Campaign at Blogspot

Par Dancho Danchev's Blog Mind Streams of Information Security Knowledge
Le [2009-06-08] à 10:43:53


Présentation : []Just like GazTranzitStroyInfo's case, what we've got here is failure to understand that the efforts put into building legitimacy of front-ends to cybercrime, is prone to get undermined upon closer examination of the particular web hosting provider. Who, and what is Life4you .info - Free Hosting for Live (dirsite .com; 65.98.15.80; Dennis Linkor Email: admin@dirsite.com)? []"We are pleased to announce the launch of dirsite.com, the best ASP.NET host on the web. We currently offer one plan. This plan is entirely free! Free ASP.NET 2.0 hosting*! Unfortunately we have hit our quota for ad free accounts. Every new signup is now required to display a 460x60 banner ad on their content pages. We will be running another ad free promotion soon, so be sure to check back! We are currently experiencing some technical issues that are out of our control. We are suffering some server problems and as a result, slight delays in processing signups. We are working on it, and will have everything resolved as soon as possible. Thank you for your patience." []What's so special about them? Well, for starters, they've got no customers but the cybercriminals themselves maintaining a portfolio of over 7,000 adult related keywords which they have been using for blackhat SEO campaigns across thousands of automatically registered -- CAPTCHA recognition outsourced -- Blogspot accounts since February, 2009. With the Blogspot campaign still ongoing, let's assess it and expose all the participating scareware domains. Upon automatic generation of the Blogspot accounts, links like the following are included next to the bogus content, all using dirsite.com's pseudo-legitimate hosting services: goto.dirsite .com/go.php?sid=2ettds-key=erotic+bikini+babes goto.dirsite .com/go.php?sid=2ettds-key=sexe+amateur+on+my+space goto.dirsite .com/go.php?sid=2ettds-key=aunt+judy+older+women goto.dirsite .com/go.php?sid=2ettds-key=view+private+profiles+on+myspace goto.dirsite .com/go.php?sid=2ettds-key=fullmetal+alchemist+porn goto.dirsite .com/go.php?sid=2ettds-key=Asian+style+bed+throws goto.dirsite .com/go.php?sid=2ettds-key=cheerleader+candid+pictures goto.dirsite .com/go.php?sid=2ettds-key=desisexstories goto.dirsite .com/go.php?sid=2ettds-key=Hey+Arnold+porno goto.dirsite .com/go.php?sid=2ettds-key=warcraft+henrai []Upon clicking the users are redirected to tdncgo2009 .com/?uid=68etpid=3 (trdatasft .com; fra22 .net; Email: ) 64.86.17.47, Email: hmlragnsky@whoisservices.cn, where the scareware domains are randomly loaded: virusdoctor-onlinedefender .com - 64.213.140.69 Email: sebarinvert.ivus@gmail.com onlinescan-ultraantivirus2009 .com - 206.53.61.76 virussweeper-scan .net - 206.53.61.76 virusalarm-scanvirus .net - 206.53.61.76 viruscatcher .net - 64.213.140.71 Email: jeannemcpeters@gmail.com fast-antivirus .com - 64.213.140.68 The scareware attempts to phone back to update1.virusshieldpro .com/ReleaseXP.exe - 206.53.61.75 - Email: unitedisystems@gmail.com and to updvmfnow .cn - 64.86.17.9 Email: oijfsd.sd@gmail.com. ReleaseXP.exe then phones back to the following locations, naturally earning profit for the cybecriminal - []pay-virusshield .cn - 64.213.140.70; Email: unitedisystems@gmail.com; Returning the following message: "Sorry, the operation is currently unavailable, please email our support team from product's site (Error Code #150)" updvmfnow .cn - 64.86.17.9 updvmfnow .cn/reports/install-report.php (64.86.17.9) updvmfnow .cn/reports/soft-report.php updvmfnow .cn/reports/minstalls.php []The phone back location is also hosting more active scarewaredomains: ultraantivirus2009 .com - 64.86.17.9 virusalarmpro .com vmfastscanner .com mysuperviser .com pay-virusdoctor .com virusmelt .com payvirusmelt .com Not only is life4info .info or dirsite .com a bogus free hosting provider, but the campaigns hosted by them are interacting with our "dear friends" at AS30407; VELCOM .com which Spamhaus describes as "N. American base of Ukrainian cybercrime spammers" - and with a reason.[][] [] [] [] [] [] [][]

Les mots clés de la revue de presse pour cet article : provider scareware
Les éléments de la revue Twitter pour les mots clé : provider



AddThis Social Bookmark Widget



Les derniers articles du site "Dancho Danchev's Blog Mind Streams of Information Security Knowledge" :

- Dissecting a Scareware-Serving Black Hat SEO Campaign Using Compromised .NL .CH Sites
- Spamvertised Best Buy, Macy's, Evite and Target Themed Scareware Exploits Serving Campaign
- ZeuS Crimeware Serving 123Greetings Ecard Themed Campaign in the Wild
- Dissecting the Xerox WorkCentre Pro Scanned Document Themed Campaign
- Spamvertised Amazon Verify Your Email , Your Amazon Order Malicious Emails
- Sampling Malicious Activity Inside Cybercrime-Friendly Search Engines
- Exploits, Malware, and Scareware Courtesy of AS6851, BKCNET, Sagade Ltd.
- Cybercriminals SQL Inject Cybercrime-friendly Proxies Service
- Sampling 419 Advance Fee Scams Activity
- Dissecting the Exploits Scareware Serving Twitter Spam Campaign



S'abonner au fil RSS global de la revue de presse
Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]

Si vous voulez bloquer ce service sur vos fils RSS :
 - avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail





Les derniers commentaires publiés sur SecuObs (6-25):
- Compromising Twitter's OAuth security system
- Suricata 1.0.2 released
- Onapsis to release ERP vulnerability testing suite
- When bugs are forgotten
- ESRT @xanda @urlvoid - Added New Scanning Engine: DNS-BH
- ESRT @sbrabez @mwrlabs Second blog post on Linux application exploitation mitigation techniques Kernel features
- Apple patches 13 iTunes security holes
- Researcher Will Demo Bypass of Windows Service Isolation Feature
- Metasploit retrieves Apple Airport Extreme pwd and sets auto-answer to true for D-Link i2Eye video conferencing system
- ESRT @y0m @xanda @revskills @chr1x - X86 Win32 Reverse Engineering Cheat Sheet
- dos - MOAUB 2 - Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability - CVE 2010-0519
- ESRT @postmodern_mod3 - Turn your Android Phone Into a Remote Spy Camera with Ruby
- ESRT @agent0x0 @secureideas - Laudanum 0.2 has been released Includes proxy scripts to use in @timmedin's exploits
- ESRT @keith55 @jduck1337 - writing Metasploit modules
- HP Scanners exposing sensitive information
- Qubes, Qubes Pro, and the Future
- Seccubus v1.5.2 - If at first
- Microsoft issues updates to sysinternals ProcDump and Process Monitor
- ESRT @sans_isc - Diary VMWARE releases 2 security advisories for ESX Service Console
- ESRT @ChrisJohnRiley @hdmoore - Metasploit Express Update - Quicktime, Improved Search, ColdFusion, Tomcat, PDF EXE


SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Archives Failles Secunia :
- SA41268 TYPO3 The official twitter tweet button for your page Extension Cross-Site Scripting Vulnerability
- SA41262 VMware ESX Server Multiple Vulnerabilities
- SA41130 Adobe Premiere Pro Insecure Library Loading Vulnerability
- SA41183 Ubuntu update for bogofilter
- SA41256 Fedora update for socat

Archives Mailing Full Disclosure :
- Full-disclosure Jonathan Plourde est absent(e).
- Full-disclosure Claude Mercier/CLSC-CHSLD BVLV/Reg03/SSSS est absent(e).
- Full-disclosure Verizon Wireless security contact?
- Full-disclosure Vulnerabilities in CMS WebManager-Pro
- Full-disclosure MDVSA-2010:169 mozilla-thunderbird

Archives Mailing Bugtraq :
- {PRL} Novell Netware OpenSSH Remote Stack Overflow
- Vulnerabilities in CMS WebManager-Pro
- MDVSA-2010:169 mozilla-thunderbird
- USN-982-1 Wget vulnerability
- Moovida Media Player version 2.0.0.15 Insecure DLL Hijacking Vulnerability (libc.dll,quserex.dll)
- MDVSA-2010:168 openssl

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :