I would like to wish you happy new year,
May this New Year bring newly found prosperity, love, happiness and delight in your life.
Wednesday, December 31, 2008
Saturday, December 6, 2008
Exploited Asterisk servers are to blame for recent vishing attacks
Recent vishing attacks have been conducted by criminal taking advantage of a known bug in older Asterisk PBX systems. According to an FBI advisory published on The Internet Crime Complaint Center the attackers exploited the known bug to gain unauthorized access to numerous Asterisk PBX systems and later used these systems as mass auto-dialers. The attackers generated thousends of calls to victims in which they attempted to extract sensitive information from the victims.
PCWorld has more information
PCWorld has more information
Saturday, August 23, 2008
FEMA phones hacked
According to EILEEN SULLIVAN with AP, unauthorized calls to the middle east were placed over the FEMA phone system causing an estimated damage of $12,000 in call charges to organization - A part of homeland security Dept.
The organization is blaming the undisclosed contractor/integrator of the newly installed voicemail system for not securing the system.
I'm just guessing here, but it sounds like someone left an unprotected DISA access or didn't enforce user PIN codes policy allowing the phreaker to user default vendor PIN codes to configure call forward to the middle eastern destination number.
The organization is blaming the undisclosed contractor/integrator of the newly installed voicemail system for not securing the system.
I'm just guessing here, but it sounds like someone left an unprotected DISA access or didn't enforce user PIN codes policy allowing the phreaker to user default vendor PIN codes to configure call forward to the middle eastern destination number.
Sunday, July 13, 2008
Trojan on http://i7san.jeeran.com/dsc[x].jpg
Recently some blogs and minor websites embed pictures from the following source: http://i7san.jeeran.com/dsc[x].jpg where x is a varying number. the picture contains malicious vbs code. it is recommended not to stop the browser from downloading the picture, not to allow unknown vbs code to run and notify the site owner.
Sunday, July 6, 2008
Yet another Windows Live Messenger scam
If you have received an instant message from one of your contact with a link to x.imagecrisp.info or x.imagecroco.info with x being your contact name, kindly disregard this message and most importantly do not enter your password and windows live credentials on that web site!
Most likely that your contact's account has been compromised and those messages are sent without his knowledge.
If you have already entered your credentials in the rouge web site, change your Windows Live password as soon as possible. Although not tested, the logic is that bad agent will no longer have your password and won't be able to send messages on your behalf.
Most likely that your contact's account has been compromised and those messages are sent without his knowledge.
If you have already entered your credentials in the rouge web site, change your Windows Live password as soon as possible. Although not tested, the logic is that bad agent will no longer have your password and won't be able to send messages on your behalf.
Monday, April 28, 2008
Deletefinder.com scam
As I'm starting to see some of my MSN contacts getting affected by a new scam, I would like to warn all readers not to submit any details to www.deletefinder.com web site.
This site claims to "...easily find out who deleted you from MSN Messenger..." if you just submit your MSN user and password. I think it goes without saying that you should not reveal your credentials to untrusted parties with invalidated identity.
You may also get promotion messages for this service from a "trusted" MSN contact, disregard it as this contact has been hijacked.
This site claims to "...easily find out who deleted you from MSN Messenger..." if you just submit your MSN user and password. I think it goes without saying that you should not reveal your credentials to untrusted parties with invalidated identity.
You may also get promotion messages for this service from a "trusted" MSN contact, disregard it as this contact has been hijacked.
Monday, April 21, 2008
יוסי בן הגיא yossi ben hagai
http://www.pc.co.il/Index.asp?CategoryID=72&VolID=531#art16565
http://quotes.walla.co.il/?w=/134/1193411
http://www.wallatrade.co.il/ts.cgi?tsscript=item&path=124&id=1193411&page=info
http://career.themarker.com/tmc/article.jhtml?ElementId=is20071111_200020&layer=career&layer2=coupon&layer3=misc
http://www.thecom.co.il/article.php?id=4738
http://www.cfb.co.il/SmarTrade/Ext/Section/Articles/ExtSecArticle_Print/1,1733,,00.html?articleId=590929
http://www.thecom.co.il/article.php?id=4738&prt=1
http://quotes.walla.co.il/?w=/134/1193411
http://www.wallatrade.co.il/ts.cgi?tsscript=item&path=124&id=1193411&page=info
http://career.themarker.com/tmc/article.jhtml?ElementId=is20071111_200020&layer=career&layer2=coupon&layer3=misc
http://www.thecom.co.il/article.php?id=4738
http://www.cfb.co.il/SmarTrade/Ext/Section/Articles/ExtSecArticle_Print/1,1733,,00.html?articleId=590929
http://www.thecom.co.il/article.php?id=4738&prt=1
Subscribe to:
Posts (Atom)