Gargantuan SQL injection infects 3.8 million URLs, installs rogue antivirus

LizaMoon SQL injection rogue AV
Over the last few days, a mass SQL injection attack has been quickly gathering speed. Just three days ago only 28,000 URLs were affected, but at the time of writing, there could be up to 3.8 million infected URLs.

Websense
has a complete write up the attack, dubbed 'LizaMoon,' but here's the basic gist: it looks like someone is exploiting a vulnerabilty (or vulnerabilities) in hundreds of thousands of websites running on Microsoft SQL Server 2003 and 2005. It's not yet known whether this is a vulnerability in SQL Server, or simply a case of outdated, unmaintained, and easily-exploitable CMSes.

The attack takes the form of an SQL injection, which then inserts a link to a JavaScript file hosted on the attacker's server. This is repeated over and over until every Web page in the SQL database has been infected -- and considering 3.8 million URLs have been infected, you can see that this is a very easy, and automated, attack.

Fortunately, the JavaScript isn't particularly malicious: it pops up a rogue AV program called Windows Stability Center, but that's it. Better yet, the rogue antivirus is already recognized by a bunch of real antivirus suites, including Avast, Panda and Microsoft Security Essentials.

The real problem with SQL injection attacks is that there's nothing we surfers can do about them. There will always be old and unmaintained websites, and thus SQL injections will remain one of the easiest and most lucrative tools of hackers and spammers alike. All you can do is keep your antivirus and anti-malware software up to date, and pray.

Gargantuan SQL injection infects 3.8 million URLs, installs rogue antivirus originally appeared on Download Squad on Fri, 01 Apr 2011 05:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/01/massive-sql-injection-infects-3-8-million-urls-installs-rogue-a/

Rockwell Automation Rf Micro Devices Red Hat Radisys Rackable Systems Quest Software

Netflix teams with eyeIO to lower bandwidth use on movie night

Netflix teams with eyeIO to lower bandwith use on movie night
Kicking up a fuss about Netflix hogging all your bandwidth? Perhaps the company's latest partnership could induce a rapid change of heart. The streaming service has paired up with eyeIO in hopes of keeping bandwidth usage during streams to a minimum, which they claim won't affect the content's overall quality. While the joint venture just became official, the startup's "ultra-low-bandwidth" encoding technology -- that allegedly can reduce usage on a 720p HD stream by more than 50 percent -- began its testing phase on the streaming-giant's offerings months ago. Although eyeIO's service has already been implemented by Netflix, it's worth mentioning this isn't an exclusive deal, thus it's possible for its competition to jump on the bandwidth conservation bandwagon in the future. More importantly, we're interested to find out if you have noticed any difference in your streams lately, so drop us a line in the comments below.

Continue reading Netflix teams with eyeIO to lower bandwidth use on movie night

Netflix teams with eyeIO to lower bandwidth use on movie night originally appeared on Engadget on Fri, 03 Feb 2012 21:44:00 EDT. Please see our terms for use of feeds.

Permalink Techland  |  sourceeyeIO  | Email this | Comments


Source: http://feeds.engadget.com/~r/weblogsinc/engadget/~3/zFXpiWW1C3o/

Dst Systems Discover Financial Services Diodes Inorated Diebold Dell Cypress Semiconductor

Tumblr Now Lets You Highlight Your Favorite Posts For A Dollar

tumblrTumblr is introducing a new feature today that lets its users pay a dollar in order to have their post featured on the Tumblr Dashboard. The option is called "Highlights," and it's now available right from the new post page on Tumblr. With Highlights, you can choose a special icon that will appear next to the post along with an optional message that points out why the post is important.

Source: http://feedproxy.google.com/~r/Techcrunch/~3/0seY_kzFNdY/

Jds Uniphase Jda Software Group Jack Henry And Associates Ixys Itron Iron Mountain Inorated

MAGIX Camera MX allows you to add photo filters in real time

 
Youtube link for mobile viewing

We all want to be photographers, right? While out and about we love to whip out the camera, snap some pics of where you are or what you are doing, but having the time to go back later and edit them can be a struggle. The ability to add real time effects to the pictures as you are about to take them would be amazing, and that is where MAGIX Camera MX steps up to the table in a big way. On iOS you have a plethora of applications that allow you to add these real time effects, but up until now Android has been left high and dry and MAGIX wanted to be the first to change that.

The application is rather simple to use, all you have to do is launch the app, select your effect and take the picture. Camera MX offers 16 various affects that can be applied with all of your common favorites such as Lomo, Sepia, Negative and various others. The editing ability does not end here, if you want to further tweak the image you can do so after the image has been captured with some more advanced abilities. Also included is the ability to adjust saturation, white balance, contrast and other image calibrations.

Once you have the image tweaked to your liking you are then able to share the photo from the application to your favorite social networks such as Twitter and Facebook or you can upload it directly to their site. Each user is given 500MB of free storage on the MAGIX website where you can store and organize your photos and even create slideshows. With all of the power that this application has to offer you are probably left waiting for the price tag and how much it is going to hurt your bank account, but you will be pleased to know it can be downloaded from the Android market for free. Be sure to hit the break for download links and get yourself ready to enter the next photo contest!

read more

Source: http://feedproxy.google.com/~r/androidcentral/~3/Hy_pSjBhIro/story01.htm

Adobe Systems Advanced Semiconductor Engineering Alliance Data Systems Alltel Amazoncom America Movil

Facebook Valued at Just Under $100 Billion [Facebook]

In a private market auction yesterday, Facebook was valued at $94 billion, which is squarely in the ballpark of the $100 billion valuation that financial pundits have been tossing around. Don't read much more into it than that; there's plenty of time for the valuation to change slightly before the actual IPO (sometime in May), and either way, it's not going to affect you in the slightest. [Bloomberg BusinessWeek] More »


Source: http://feeds.gawker.com/~r/gizmodo/full/~3/ykvTyhSGrfg/facebook-valued-at-just-under-100-billion

Teletech Holdings Technitrol Taketwo Interactive Software Syntel Syntaxbrillian Synopsys

Report: Apple Reaching Out to TV Component Suppliers

Rampant speculation says Apple has a full-fledged, big-screen TV project in the works -- an iTV, if you will. Now Piper Jaffray analyst Gene Munster says Apple has been contacting component makers for its set, leading him to believe it will almost definitely land in 2012.

Source: http://www.wired.com/gadgetlab/2012/02/report-apple-tv-components/

Tibco Software Thq Texas Instruments Teradata Teletech Holdings Technitrol

Edit Videos, Play a German Board Game, and Kick a Football FTW [App Deals Of The Day]

Back in my day we would edit videos on a large table with razor blades, white gloves, and grease pencils. Ok, I'm not that old. But, if you told me 15 years ago you could edit video on a phone, I'd have called you a witch and burned you at the stake. Well, today we have two video editing apps on sale, and no one is lurking around the corner with sticks and lighter fluid. If you still fear fire, we have a German board game and a field goal kicking app in today's app deals. More »


Source: http://feeds.gawker.com/~r/gizmodo/full/~3/D-tdtTrnowU/edit-videos-play-a-german-board-game-and-kick-a-football-ftw

Avnet Bharti Airtel Bt Group Canon Memc Electronic Materials Microsoft

Deal of the Day – Logitech Z623 2.1 THX-Certified Speaker System

LogicBUY’s Deal for today is the Logitech Z623 2.1 THX-Certified speaker system for $119.99.  Features:  200W (RMS) of power, integrated controls, and subwoofer. $149.99 – 20% coupon code = $119.99 with free shipping. This is the lowest price found by LogicBUY. This deal expires February 8, 2012 or sooner. Check the above link for more [...]

Source: http://the-gadgeteer.com/2012/02/02/deal-of-the-day-logitech-z623-2-1-thx-certified-speaker-system/

Fair Isaac Factset Research Systems F5 Networks Epicor Software Emulex Ems Technologies

Adblock Plus developer pokes holes in Mozilla's new add-on performance tests

Wladimir Palant, developer of the most popular add-on in the world, Adblock Plus, is also an active contributor to the Planet Mozilla blog community. Over the last few days, in response to Mozilla's new name and shame list of slow add-ons, Palant has been investigating whether Mozilla's testing methods are actually accurate.

Rather surprisingly, it turns out that Mozilla's numbers could be significantly wrong -- and if they're not wrong, the factors that Mozilla uses to tabulate an add-ons final score should definitely be made more transparent.

In the first set of tests, Palant shows that FlashGot's position in the top 10 is probably due to a fault in Mozilla's testing setup, and that add-ons can perform very differently depending on which operating system they're being tested on. In the second analysis, Palant uncovers an irregularity that doesn't seem to have an obvious cause -- but it could be due to an I/O bottleneck on Mozilla's test machines. Basically, even though performance testing of Read It Later is disabled because of a bug, it still (somehow!) manages to record a 14% slow-down on Windows 7.

Palant concludes both analyses by scolding Mozilla for going public with the performance data before its testing methods had been confirmed accurate. It definitely looks like Mozilla has been more than a little reckless, considering the importance of Firefox's add-on ecosystem.

Adblock Plus developer pokes holes in Mozilla's new add-on performance tests originally appeared on Download Squad on Fri, 08 Apr 2011 05:20:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/08/adblock-plus-developer-pokes-holes-in-mozillas-new-add-on-perfo/

Earthlink Dst Systems Discover Financial Services Diodes Inorated Diebold Dell

Jawbone Big Jambox packs on the pounds, rears its fat head at the FCC

Despite occupying a questionable space on the scale of must-have audio goods, Jawbone's little Bluetooth speaker that could managed to win us over with its ample range. Now, that stylish peripheral is about to get shunted out of the spotlight, making way for a plus-sized sibling. As recent FCC documents have revealed, the company has a Big Jambox in the works which is, presumably, bigger than its diminutive kin. Aside from ports for micro-USB, audio-in and power, not much else could be gleaned from the filing. Given its larger-than-life moniker, however, we'd expect this new offering to be more of a standard dock than kitschy accessory.

Jawbone Big Jambox packs on the pounds, rears its fat head at the FCC originally appeared on Engadget on Fri, 03 Feb 2012 09:57:00 EDT. Please see our terms for use of feeds.

Permalink Wireless Goodness  |  sourceFCC  | Email this | Comments

Source: http://www.engadget.com/2012/02/03/jawbone-big-jambox-packs-on-the-pounds-rears-its-fat-head-at-th/

Amazoncom America Movil Amkor Technology Amphenol Anixter International Apple Computer