you can block most of the ads and pop ups from sites by blocking them in local DNS file simply open terminal and edit thisfile $ sudo vi /private/etc/hosts
The problem arises when someone other than me makes a folder in this shared directory. No one but the person who made that folder can write into it, not even
Cairo-Dock is a Mac OS X Dock-like application for Linux and BSD distributions that supports OpenGL and freedesktop standards. It provides a desktop interface for launching applications and accessing running
[root@ajay ~]# traceroute 22.214.171.124 traceroute to 126.96.36.199 (188.8.131.52), 30 hops max, 38 byte packets 1 196-47-64-59 (184.108.40.206) 0.918 ms 0.948 ms 0.652 ms 2 196-47-64-66 (220.127.116.11) 1.223 ms 2.747 ms
A Serious vulnerability has been discovered in the Android default browser(AOSP) that allows a malicious website to bypass "Same Origin Policy(SOP)" and steal user's data from other websites opened in other tabs. AOSP browser is the default browser in Android versions older than 4.4.
What is Same Origin Policy?
SOP plays an important role in the Web Security, restricts a website from accessing scripts and data stored by other websites. For example, the policy restricts a site 'Y' from accessing the cookies stored by site 'X' in user's browser.
Same Origin Policy Bypass:
Rafay Baloch, a security researcher, found a security flaw in the "Same Origin Policy" system used by the AOSP browser. The bug allows the website 'Y' to access the scripts and user's data stored by website 'Y'.
Imagine You are visiting attacker's website while your webmail is opened in another tab, the attacker is now able to steal your email data or he can steal your cookies and could use it to compromise your mail account.
Proof of Concept:
<iframe name="test" src="http://www.example.com"></iframe>
<input type=button value="test"
"Its because when the parser encounters the null bytes, it thinks that the string has been terminated, however it hasn't been, which in my opinion leads the rest of the statement being executed." Rafay said in his blog.
Rafay published the poc on his blog in August. However, it remained largely unnoticed until rapid7 released a metasploit module that exploits the vulnerability.
This browser also known for the remote code execution vulnerability, has been discontinued by Google. But older versions of Android do come with this browser.
What you should do?
Stop using the default android browser, Use Google Chrome or Mozilla.
The vulnerability allows a malicious user to easily gain super admin privilege. With the Super Admin access, the hacker has full control of the website.
Sucuri removed the technical details about the bug after receiving a request from the developer of VirtueMart.
"VirtueMart uses Joomla’s JUser class “bind” and “save” methods to handle user accounts information. That’s not a problem in it of itself, but this class is very tricky and easy to make mistakes with." Researcher wrote in Sucuri's blog post.
VirtueMart has claimed the bug is in Joomla. Researchers at Sucuri also believe the problem is on the Joomla class itself. However, few Joomla experts disagree with the VirtueMart and Sucuri.
"The vulnerability is in VirtueMart's amateurish use of JUser, not the JUser class itself. JUser is a low level API in Joomla! which expects filtered input." Nicholas Dionysopoulos, a contributer to Joomla Project, posted in a Facebook post.
"The modus operandi of programmatic user account creation in Joomla! is to first filter the input using JInput (typically through JFactory::getApplication()->input, not a new object instance), construct an array with only the keys you need and the pass this to JUser. "
The bug was discovered last week and have been fixed in the latest version of VirtueMart(v2.6.10).
Is Google got hacked?
No, the leak was not the result of a security breach of Google systems. The dump is said to have been obtained from other websites.
So, if you have used the same password used anywhere else, your gmail account could be compromised.
"We found that less than 2% of the username and password combinations might have worked, and our automated anti-hijacking systems would have blocked many of those login attempts. We’ve protected the affected accounts and have required those users to reset their passwords." Google wrote.
What You should do?
- There are few websites available online to check whether your gmail ID have been compromised or not. My suggestion is don't use them. I suggest everyone to change the password.(I believe most of the people keep the same password for years, so it's better to change now).
- If you have not enabled 2-step-factor feature, it is good to enable it.
- Never use the gmail password in any other websites.
The malicious network, uncovered by Cisco Researchers comprise of over 700 domains. They observed nearly 10,000 connections to the malicious domains.
The operation has been dubbed "Kyle and Stan" because most of the domains used in this campaign for distributing malicious software contain "kyle" and "stan" strings in the sub-domain name.
The users website who visit the websites containing malicious ad will be redirected to another website. Users will then be redirected to another page that will serve mac or windows malware based on their user agent.
"The attackers are purely relying on social engineering techniques, in order to get the user to install the software package. No drive-by exploits are being used thus far" Armin Pelkmann, Cisco researcher, wrote in a blog post.
Hackers managed to breach a server which is part of HealthCare.gov and managed to upload a malicious software.
The server in question is a test server that was not meant to be connected to the Internet, it reportedly doesn't contain consumer personal information.
The incident was originally reported by the Wall Street Journal. The attackers broke into the server in july but the security breach was only detected on August 25 during routine review of security logs.
Department of Health and Human Services said the website was not specifically targeted. The malware used in this attack was likely to perform denial of service attacks on the other websites.
The malware has been removed from the server.