tag:blogger.com,1999:blog-52998070962431828652011-07-08T01:46:14.549-07:00This is not rox at all!C0r3noreply@blogger.comBlogger21100tag:blogger.com,1999:blog-5299807096243182865.post-41442662933788977312009-10-21T22:28:00.000-07:002009-10-22T06:14:10.277-07:00<div>Yeah, Mamak Style's geng have found something bad about Malaysia (.MY) again, and they had "highlight" it in the <a href="http://www.security.org.my/">Mamak Style</a>. Luckily the wording use is correct "unintentionally hosting malicious or unsafe <b>LINKS</b>"</div><div><br /></div><div>Nothing more can I say, <b>MOST</b> of them caused by unpatched/vulnerable plugins or modules. I'm not saying that keeping a website secure is easy, but at least please do subscribe to some mailing-list or RSS that can highlight you (webmaster) vulnerabilities in your current version of CMS, plugins or modules.</div><div><br /></div><div>In Un-Mamak Style, we don't just critic, we share and try to solve the problem (although no one can hear my voice)</div><div><br /></div><div>.MY Webmaster, before the <a href="http://www.security.org.my/">Mamak Style</a> geng found new ideas for their posts, kindly subscribe to these RSS:<br /><ul><li><a href="http://feeds.feedburner.com/HelpNetSecurity-Vulnerabilities?format=xml">http://feeds.feedburner.com/HelpNetSecurity-Vulnerabilities?format=xml</a></li><li><a href="http://twitter.com/statuses/user_timeline/22233993.rss">http://twitter.com/statuses/user_timeline/22233993.rss</a></li><li><a href="http://php.opensourcecms.com/general/rssfeed.xml">http://php.opensourcecms.com/general/rssfeed.xml</a></li></ul>Update/upgrade/patch vulnerable CMS/addons/plugins/modules is required </div><div><br /></div>Here we go again:<br /><blockquote>Users aren't the only ones that have to stay vigilant when it comes to security. On the other side of the fence, keeping a website secure is a challenge for even the best webmasters.<br /><br />We recently came across lots of websites under the ".my" domain that were compromised and unintentionally hosting malicious or unsafe links.</blockquote><br />Here's a screenshot of .my domain serving cracked software:<br /><br /><center><img src="http://www.f-secure.com/weblog/archives/mydomain_hack_searchresults.jpg" alt="" height="450" width="450" /></center><br /><br />Read the rest of the posting <a href="http://www.f-secure.com/weblog/archives/00001798.html" style="color: rgb(0, 51, 102); text-decoration: underline;">here</a>.<br /><br />[The Mamak Style: <b><a href="http://security.org.my/index.php?/archives/F-Secure-Weblog-.my-Websites-Compromised.html">HERE</a></b>]<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/5299807096243182865-4144266293378897731?l=security-unmamak-style.blogspot.com' alt='' /></div>C0r3noreply@blogger.com1tag:blogger.com,1999:blog-5299807096243182865.post-37153956297311764312009-10-20T08:26:00.000-07:002009-10-22T06:16:28.516-07:00Due to the vulnerability in the Joomla component(s) that has been used, halal.upm.edu.my has been compromised.<br /><br />Somehow it is not hosting any malware, but most of the links are pointing to a .CN website and gonna return you malware as the reward for clicking it<br /><ul><li>Filename: crack.45155.exe</li><li>SHA256: d1aba4ba4afe3153985c9a5515d9f3d8c6220152a427972b3e78f6ab74aa8ae1</li><li>Anubis Task ID: 17ef11e831070b784e5fb135f75072c57</li><li>Virustotal Analysis ID: d1aba4ba4afe3153985c9a5515d9f3d8c6220152a427972b3e78f6ab74aa8ae1-1256053002</li></ul>Ethically, for geng of <a href="http://www.security.org.my">Mamak Style</a>, this incident should be informed to the following contact person(s):<br /><ul><li>azhar[+at+]upm{dot}edu{dot}my</li><li>mycert[+at+]cybersecurity{dot}my</li></ul>Here are some screenshots:<br /><br /><center><a href="http://www.security.org.my/uploads/halal.upm.edu.my.png"><img src="http://www.security.org.my/uploads/halal.upm.edu.my.png" alt="" width="450" /></a></center><br />The "anti-malware" page when you visit http://www.halal.upm.edu.my/index.php?option=crack&amp;name=abc&amp;net=1<br /><br /><center><a href="http://www.security.org.my/uploads/halal.upm.edu.my-source.png"><img src="http://www.security.org.my/uploads/halal.upm.edu.my-source.png" alt="" width="450" /></a></center><br />The Google search query "site:halal.upm.edu.my crack" yields the the following results:<br /><br /><center><a href="http://www.security.org.my/uploads/halal.upm.edu.my-google.png"><img src="http://www.security.org.my/uploads/halal.upm.edu.my-google.png" alt="" width="450" /></a></center><br />This website belongs to <a href="http://www.halal.upm.edu.my/index.php">Institut Penyelidikan Produk Halal</a> (Halal Product Research Institute), which is under <a href="http://www.upm.edu.my/">Universiti Putra Malaysia</a>, Malaysia's Leading Research University.<br /><br />[The Mamak Style: <a href="http://www.security.org.my/index.php?/archives/halal.upm.edu.my-Hacked-and-Possibly-Serving-Malwares.html">HERE</a>]<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/5299807096243182865-3715395629731176431?l=security-unmamak-style.blogspot.com' alt='' /></div>C0r3noreply@blogger.com0