Showing posts from April, 2012

30 specialist (and super smart) search engines

Google is widely (and rightly) recognised as the mother of all search engines. But, if you need to drill down your searches by more specific details, do you trust Google to give you what you need every single time? Here’s a collection of 3o vertical search engines which you should have up your sleeve when you need some specialist power. Flights / Travel 1. – The leading flights search engine, providing information about all carriers to help you find the best deal. 2. – Very similar to SkyScanner and with an added ‘current searches’ widget to see what flights other people are searching for. (Particularly handy in Europe!) 3. Hipmunk - The San Francisco-based startup that’s swiftly revolutionizing trip-planning for savvy travelers with flights, trains and hotel search. Blogs 4. – Searches for content from blogs, Twitter, Facebook and more. 5. – Blog-specific search engine searching through more than 170 million blogs. 6. eBuzzing Lab…

VMware Source code Leaked

"VMware proactively shares its source code and interfaces with other industry participants to enable the broad virtualization ecosystem today," said VMware's Iain Mulholland. "We take customer security seriously and have engaged internal and external resources, including our VMware Security Response Center, to...investigate."

An anonymous hacker is claiming credit for stealing more than 1 terabyte of confidential source code from VMware. A hacker by the name of Hardcore Charlie is taking credit for posting the code online.
VMware said its security  team became aware of the public posting of a single file from the ESX source code, as well as the possibility that more files may be posted in the future, on Monday. The company revealed that the posted code and associated commentary dates to the 2003 to 2004 time frame.

Iain Mulholland, director of the VMware Security Response Center, was quick to say that just because source code may have been publicly shared does not…

Black Hat SEO through Hacking

Security researchers have found that a single vulnerable website may be used by a number of cybercriminal organizations, each one altering the site to serve its own purposes.
In many cases, websites are compromised and altered to lead visitors to domains that push fake antivirus programs, which lately have become a great way for cybercrooks to earn a hefty profit.

Zscaler expert explained that once they overtake the site, the attackers rely on Blackhat SEO techniques to increase traffic towards their malicious plots.

In order to do this, they set up two different pages on the compromised domain. First, they create a spam page that search engines, security scanners and blacklisting mechanisms see as harmless. This page doesn’t contain any obfuscated code and performs the redirect via a PHP or .htaccess file.
The second page is the one that contains the redirect to a site that is in charge of performing the attack on users.
More recently, researchers have identified a number of overtaken web…

DOS with the help of Google

Panos Ipeirotis, a computer scientists working at New York University, learned the hard way that Google can be used to launch successful denial-of-service (DOS) attacks against sites with minimal effort.
On his personal blog Ipeirotis explained that it all started when he saw that Amazon Web Services was charging him with ten times the usual amount because of large amounts of outgoing traffic.

“Initially I was afraid that a script that I setup to backup my photos from my local network to S3 caused that bandwidth. But then I realized that I am running this backup-to-S3 script for a few months now, and in any case all the traffic that is incoming to S3 is free. This is a matter of outgoing traffic,” he explained.

After analyzing traffic logs he was able to determine that every hour a total of 250 gigabytes of traffic was sent out because of Google’s Feedfetcher, the mechanism that allows the search engine to grab RSS or Atom feeds when users add them to Reader or the main page.

“All the URL…

Facebook, Google+ should set up servers in India

Gehlot drew the attention of those present at the Chief Ministers Conference here including Prime Minister Manmohan Singh that communal elements had posted some proactive comments on Facebook which resulted in communal tension in a region of his state.

"Effective action was taken immediately against the miscreants," he said and added that while his government complied with the idea of Freedom of expression, but it should not be misused by communal elements and needs to be dealt with all severity.

"I would appreciate if these site could develop a system which by itself prevents posting of material with communal and anti-national overtones," he said.

"As the servers of these social networking sites are located outside the country, it becomes an arduous task to obtain any information related to such incidents.

"I would suggest that the Government of India should develop a system which can help in obtaining the information from these servers on real-time bas…

Robotic Hand That Uses Tact

It may be difficult to imagine, but pouring juice into a plastic cup can be a great challenge to a robot. While one hand holds the glass bottle firmly, the other one must gently grasp the cup. Researchers at Saarland University together with associates in Bologna and Naples have developed a robotic hand that can accomplish both tasks with ease and yet including the actuators is scarcely larger than a human arm. This was made possible by a novel string actuator, making use of small electric motors to twist strings. The robotic hand is thus powerful yet delicate and could one day be deployed as a helper around the house or in catastrophic scenarios."We wanted to impart our robotic hand with a broad spectrum of human traits. Its artificial muscles should be able to deliver enormous forces by simple and compact means," explains Chris May, scientist at Saarland University's Laboratory of Actuation Technology. The robotic hand was recently presented during a meeting at the For…

Help Microsoft and Get Free Software in Return

With Windows 8 getting ever closer to its release date, Microsoft today announced that it is looking for volunteers to join its invite-only feedback program for active Windows 7 and Windows 8 Consumer Preview users in the U.S. In return for providing feedback to Microsoft – both by sending the company data or by filling out surveys – participants who stay in the program for more than four months will be eligible for “free software and Xbox games such as Microsoft Office 2012, Kinect Disneyland, and Forza Motorsport 4.” In the announcement today, Microsoft communications manager Brandon LeBlanc stresses that this is not meant to be a way to submit bug reports. Instead, the idea here is to help Microsoft “build better software by getting a broader understanding of your perceptions and experiences with our products.” It’s somewhat odd that Microsoft would choose this time to highlight this program. The Windows Feedback Program, after all, has been running for years already. Indeed, the …

China blocks all foreign websites

China's internet censorship system known as "the Great Firewall of China" intensified briefly today when all foreignwebsites blocked as users were unable to access them. 

Observers speculated that the system could be being upgraded to further tighten the regime's control over foreign sites. 

Users in BeijingShanghai and elsewhere in China reported that they were unable to access any foreign sites at all, The Daily Mail reports. 

China had already restricted access to many foreign sites including Twitter, FacebookYouTubeciting a need to maintain social stability. 

The change in the service came as China faced renewed attack from Western 'hacktivists' for its restrictive internet policies and human rights violations. 

Hacker group Anonymous has said it intends to launch a full-scale attack against the 'Great Firewall of China'. 

Anonymous, a loosely knit group that has attacked financial and government websites around the world, hacked into Chinese govern…

New Kernel Vulnerabilities in Ubuntu 11.04

Canonical announced last evening, April 12th, in a security notice, that a new Linux kernel update for its Ubuntu 11.04 (Natty Narwhal) operating system is now available, fixing four security vulnerabilities discovered in the Linux kernel packages by various developers.  These are the three kernel vulnerabilities found in the kernel packages for Ubuntu 11.04:CVE-2011-4347, CVE-2012-0045, CVE-2012-1097, and CVE-2012-1146.
As usual, you can click on each one to see how it affects your system, or go here for in-depth descriptions.
The security flaws can be fixed if you upgrade your system(s) to the linux-image-2.6.38-14 (2.6.38-14.58) package(s). To apply the update, run the Update Manager application.
Note: Don't forget to reboot your computer after the upgrade!
ATTENTION:Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-re…

Power of Linux

This part of the  guide shows you how to scan for infected files by booting into SystemRescueCD and running ClamAV, a virus checker.
SystemRescueCD constitutes a Swiss army knife of Linux based tools for system recovery.
ClamAV is one of the useful tools that it includes in a preconfigured, ready to run state. It is possible to boot from SystemRescueCD, mount a Windows partition and then scan it for virus infected files. As you don't have to boot the infected system, this approach offers some advantages over that of running a Windows-based tool.

Boot into the SystemRescueCD desktop in the normal way by accepting the default options and then typing “wizard” when prompted. Once you're at the desktop, open a command line terminal.

The first thing to do is to start the ClamVA demon by typing


After a few moments, control of the command line should return to the user. The next thing we need to do is t…

PBS Website Hacked by Anonymous

Anonymous hackers claim to have breached the website of the Public Broadcasting Service(, leaking large amounts of sensitive information from its databases.
“PBS is just another example of mainstream media, feeding lies to the public. Therefore PBS could very well be a target of Anonymous,” the hackers wrote on the Anonymous Wiki Twitter account.

“Wouldn't attacking PBS be like attacking Fox? Their news sources are unreliable and irrelevant to the population,” they explained.

One of the dump files, published on Pastebin, contains around 300 usernames and password hashes that can allegedly be used to access the site’s database.

Another post holds close to 200 record sets that represent “stations and password.” It’s uncertain at this time what the passwords access, but the file also contains TV station names, website URLs, email addresses, physical addresses and contact details.

A number of 1,600 usernames, clear-text passwords and email addresses that belong to the members of th…