Many people have faced the DDoS attacks and HTTP flooding. No, this is not just another tutorial on setting up nginx, but I would like to introduce my module that works as a quick filter between the bots and backend during L7 DDoS attacks, as well it allows filtering the garbage requests.
The module can do:
• To set cookies in a standard way through HTTP header Set-Cookie. After the cookies are set it redirects the user using the response code 301 and Location header.
• After the cookies are set it redirects the user using the response code 200 and HTML tag Meta refresh.
• To count the number of attempts to set the cookies and to direct the user to a specified URL after exceeding the maximum number of unsuccessful attempts.
Hello, UMumble users!
Recently, Dr. Web’s researchers have discovered a botnet of more than 550 thousands infected Mac’s machines. Probably, you may say "it is started all over again”. Presently, more than 670 thousands the infected computers were found around the world (see map):
Once again, we will try to debunk the myth about the platform impregnability and to help some people to understand this process.
I used to work for a long while in the field of banking software, in particular with all kinds of electronic payments. At that time, I made together with my colleagues a mini-FAQ about the banking plastic cards. There many questions are obvious and some may be very vague. The plastic cards are getting very popular around the world, and it is better to know some important things about that.
Here are 10 most common delusions:
1. The certain amount of money is kept on the card.
A regular credit or debit card (even with the chip) does not have any money register. The card itself is just a simple identifier. There are some exceptions in the form of special add-on application-purses on the cards with the chip. Usually, they can be discounted promos, virtual money (e.g., gallons of gasoline), etc. In general, it could be something that does not relate directly to the regular usage of the card. However, these special applications are only accepted in retail outlets involved in supporting this particular type of cards.
Skype security lapses allow identifying the user’s IP address, even if user is not using Skype, but it is running in the background, an attacker could still get the IP address.
The study's author Keith Ross, a professor of computer science at NYU-Poly explains the essence of vulnerability, which allows setting up a direct connection (P2P) between the attacked computers and a hacker’s computer in order to get a Skype ID and the user’s IP address.
The organization has invited potential applicants to solve a visual code posted at website.
The challenge has also been "seeded" to social media sites, blogs and forums.
A spokesman said the campaign aimed to raise the profile of GCHQ to an audience that would otherwise be difficult to reach.
"The target audience for this particular campaign is one that may not typically be attracted to traditional advertising methods and may be unaware that GCHQ is recruiting for these kinds of roles," the spokesman said.
"Their skills may be ideally suited to our work and yet they may not understand how they could apply them to a working environment, particularly one where they have the opportunity to contribute so much."
The competition began in secret on November 3rd and will continue until December 12th.
The beginning of a detective story
What if our smartphones are watching us? It turns out that the user activities can be watched virtually by any phones. This is not just another movie plot about "big brother", this is our reality.
Accidentally, I was browsing the web and came across an interesting topic on Xda-developers. Trevor Eckhart, the developer delved into the programming codes of Android phone from HTC and found an interesting thing. The user phone firmware contained a program that was running in stealth mode.
It turns out that HTC Company builds into its devices programs that allow collecting various statistics. There is the U.S. company, Carrier IQ (CIQ), which provides tools for the providers to collect and analyze data from the cell phone subscribers (according to the online counter: 141 million devices already have this feature). Here is what written on their website:
We often pass different messages through the network, for example: forums, social networks, ICQ, e-mail, etc.
Often we want to hide the contents from the prying eyes (the messages can be read in the mail services and social networks, if it falls into the results of an internal search reports).
Therefore, it is tedious and difficult to install some encryption software for that purpose.
Here appears a very useful Encipher.it.
Once I have watched a movie about the computer hackers who have received an access to control the power system, water system and the road navigation of some city (or country). As far as I remember, the attackers nearly destroyed the control system of the entire country, because they had all the controls. The movie was shown at the beginning of 2000, so all that was interpreted as a science fiction. But the ideas that were shown in the movie gradually begin to be embodied by the real criminals. Thus, recently it became known that the unknown people managed to take control of U.S. public water system by remotely accessing one of the water treatment facilities and controlled the equipment.
Two researchers from the University of California at Davis Hao Chen and Lian Cai found a way to determine, which keys have been pressed on the screen’s keypad of OC Android by measuring the shift of vibration and wobbliness of the device that were measured by the built-in accelerometer. This is important, because the data from the accelerometers were not considered as a potential vector of attack, and thus freely available to any application on any Smartphone or pad.
Eavesdropping of keylogging on a desktop or laptop computer with Windows or Mac is incredibly simple: install the appropriate program (or Trojan virus it will do for you), set up where it should be saved or sent the stolen key’s codes, and that is all! When it comes to Smartphones, however, the complex systems of access restrictions make this approach almost impossible unless the side-channels will be used. Strictly speaking, a side-channel is open source of information, which helps the attacker to crack the cryptographic system. In a broader sense, a side-channel may be a light indicator on the router that blinks during the data being transferred, or the keylogging’ sounds of a keypad. [Note: here were mention the real variety of attacks] In other words, the side-channels are characteristics of the system, which potential danger is overlooked.
Clickjacking is the mechanism that misleads users when they follow a link to any site; it redirects the user to a malicious webpage. Clickjacking has become very effective. It is often used to spread through the Facebook links to the malicious websites. Recently, these techniques proved their effectiveness to breach the anonymity of website’s visitors. Also, following a sly link may lead to an attacker that will gain an access to the OAuth data. Let us see how it happens.
Classic application of clickjacking - spreading links through the Facebook
The attacker hides the “Like” or “Share” buttons in a transparent iframe in the classic scenario of clickjacking. This iframe is located above the element of page, which should be clicked by the user; also iframe can follow the mouse cursor. When we click on the element it is redirected to the invisible “Like” or “Share” buttons. Such operations are not limited to the Facebook, the attacker only needs to hide the elements of another website in the iframe.
Below is shown a typical message that can be seen in the net of Facebook, if one of our connections were intercepted by clickjacking: