"There is a new technique for luring unsuspecting users into installing viruses on their systems. Criminals will use a combination of Search Engine Optimization (SEO) techniques and common redirects that can be found on Microsoft.com and the IRS.gov websites. Here is how it works. When users are on the IRS website...
"Google this week admitted that its staff will pick and choose what appears in its search results. It's a historic statement - and nobody has yet grasped its significance. Not so very long ago, Google disclaimed responsibility for its search results by explaining that these were chosen by a computer algorithm....
"Google's search bots, which scour the web constantly for new pages, have begun a new, more active phase of their indexing jobs. In a blog post last week, Jayant Madhavan and Alon Halevy of Google's crawling and indexing team said the company has begun an experiment in which its indexing software...
"Last week's massive IFRAME injection attack is slowly turning into a what looks like a large scale web application vulnerabilities audit of high profile sites. Following the timely news coverage, Symantec's rating for the attack as medium risk, StopBadware commenting on XP Antivirus 2008, and US-CERT issuing a warning about the...
"If last November you googled one of thousands of innocuous and common search terms, such as "Microsoft excel to access" or "how to teach your dogs to fetch," you were in line for an Internet attack that infects PCs with spam senders, password stealers, and other kinds of nasty malware. Beginning...
"Attackers have hacked the servers of Australian Web hosting provider MD Web Hosting (mdwebhosting.com.au), embedding malicious code to spawn "link farms" on its customers' sites, according to news site, Australian IT (australianit.news.com.au)." "The hackers gained access to about five servers which failed to have the correct security profiles. To make matters...
From the nypost " A hacker faces up to three years in prison for making the Polish president's Web page turn up in searches for the slang word for "penis." Marek W., 23, has been charged with insulting President Lech Kaczynski. Marek created a program that caused the official home page...
I research whitehat and blackhat SEO in my spare time (however not on this domain :), and was thinking about some additional uses for Cross-site Request forgery from the blackhat SEO perspective. * Publishing/Spamming links: People spamming forums with links is nothing new. By utilizing CSRF on the otherhand you could...
Wikipedia's founder has announced a search engine allowing users to control the search results in a way similar to how digg works. I dabble in Search Engine Optimization (SEO) and I expect a huge shift if the other major search engines such as google and yahoo adopt similar models. Typically people...
There's been a big fuss that with CSS you can identify if someone has visited a certain link. I started to think about expanding this and came up with a neat little trick you can do involving online advertising. You run www.sitea.com and www.siteb.com and www.sitec.com are competitors of yours. Now...
Rsnake has an interesting blog entry (yes it's a few days old, I don't read it daily, so whatever) regarding utilizing XSS to steal auto form fill values. "Some (not all) automated input automation tools do so blindly. That is, they don't ask for user input when they input data. In...
