Comprehensive list of security and hackers conferences 2010

Recently, there is a high span of various security and hackers conferences and conventions going on.

Keeping track of them is not as easy as it seems, since there is no central point where to look up their schedules, locations, call for papers, etc.

So I decided to compile a list for my own (well it doesn’t cover 100% of security related conferences out there, but it tries to cover most of the publicly known/accessible ones).

Read more! »

It is sometimes interesting and amusing to see how even big players steal from each other

I was very surprised to see that a flash ad for Yahoo! Music has a video screenshot resembling… YouTube video… When clicking the Video section of the mentioned ad, I was redirected to Yahoo! Music

Maybe I am mistaken, but from what I understand even the flash player design is a matter of design copyright. Maybe I am wrong - then please correct me in comments.

Yahoo!Music Ad Initial - Check the player frame

Yahoo!Music Ad After Click- Check the player frame

Yahoo!Music Typical player frame

YouTube Typical player frame

Player frames compared to the one in Yahoo! Ad

Few questions arise:

• Is Yahoo!Music together with YouTube?
• Is Yahoo!Music trying subliminal user driving from YouTube to Yahoo!Music
• Is YouTube licensing somehow it’s player design to other market players?

Thoughts are welcome, as always.

PS: the link which displayed the mentioned ad was found here

Copyright disclaimer: all the trademarks mentioned here are owned by the respective owners. The same applies to the graphical designs depicted in the screenshots.

Tags: yahoo music, yahoo, youtube, copyright

eJobs.ro security hacked screwed again - execution with cool-blooded SQL injection

Yes boyz and pretty girlz, eJobs.ro gets it again into the face and gives away 1.3 Mln resumes and personal information! More - passwords in clear, not at least hashed…

My two cents on this:

1. Nice work from the guys here - HackersBlog.org

2. Some of my early whistle-blowers to the ejobs.ro here (ejobs XSS1) and here (ejobs XSS2) - seems like they have either deaf or inexistent security assesment team… Too pitty for them…

3. It seems that the method used by the guys was in one of my earliest attack methods which I left asside for some dumb reasons. eJobs.ro Attack Vectors file

The below is what I was exercising back then, and the similar attack vector is what the guys really used to SQL-inject (the below is not working already for obvious reasons… )

Code:

4. Also, if you go specifically to http://ejobs.ejobs.ro (yes, double times ejobs, it is not a typo!) you will see an internal eJobs position posting. The interesting details I have highlighted below:

eJobs job posting - hahaha

Till next time, enhance your

Knowledge of Secure Programming Best Practices

Tags: ejobs, ejobs.ro, ejobs ro, ejobs.ro sql injection, ejobs.ro sqli, ejobs.ro hacked, ejobs.ro hackuit, ejobs.ro security, ejobs.ro spart, ejobs.ro database, ejobs.ro baza de date, ejobs.ro CVuri

google.com - malware problem

As many might recall the Google’s glitch to tag every single site as malware site. More details are:
- @ Google Blogs (fcuk - I think someone will get pretty fudged up in the ase at Google for this human-error, since it was necessary for one of the biggest corporations VP to officially give explanations and appologies - those who worked or are working for some kind of corporations know this kind of price…)
- @ StopBadware.org

One of the most nicest things is

Google to tag itself (i.e. Google) as malware

.

Philosophically speaking, Google being a source of trust for a wide majority of people/systems AND in the same times tagging itself as malware (even though for a very small amount of time AND by “mistake” - I would love to believe that it was a mass-social-experiment ) - doesn’t it raises the question of old classes of computer-field (and not only) problems “Chain of trust and breaking the chain of trust?!”

Here is my screenshot :

Google tags Google as malware

Tags: google malware, google is malware, google stopbadware

Many say we live exponential times, but do we really understand the times we are living?

_______________
NEXT - VERY RECOMMENDED VIEWING!

Continue on next page…

Pages: 1 2 3 4 5