I’ve been getting unrequested messages from the eBay Developer Zone site over the last couple days about email address changes. I have a Developer Zone account, but I haven’t touched it for months if not longer. I sent an e-mail to them about it, but haven’t heard anything.
I just got yet another one of these and I think I see what’s up. Check out the registered email address. Somebody found a hole.
It’s been almost five years since the release of OS X 10.0.0, and along the way there’s been very little to worry about in the way of malware. That changed last week with the announcement of a trojan that propagates via iChat in a semi-automated way, then a Java worm that attempts to disseminate itself via Bluetooth.
Both of these are relatively innocuous, but there’s not much standing in the way of copycat efforts with more dangerous payloads.
It’s long been a rule of mine to avoid broadband providers’ installer software whenever possible. (As Mos Def’s character says in “The Italian Job”: I HAD A BAD EXPERIENCE.)
The intrepid Daniel Jalkut recently posted a great dissection of a Verizon “upgrade” script gone off the tracks, explaining why it was so bad and how it could have been even worse – hard-drive-wipingly worse.
It didn’t even stuff a bunch of Verizon marketing bookmarks in there to pretty up the browser.
BoingBoing.net has an excellent Sony rootkit roundup, part II that is really worth reviewing if you’re interested in this case. Here are the opening lines:
Cory Doctorow: It’s been three days since the first roundup post on Sony’s rootkit DRM and lots of new stuff has come to light since. Below is a timeline of posts since then, but first, here’s the Sony debacle news that came in while I slept:
Does your website contain mail forms that aren’t sanitizing input as aggressively as they should? There seems to have been a recent surge in automated (or semi-automated, it’s hard to tell) probes and exploits of form mail scripts, all revolving around injecting headers into sent mail.
Here’s how it works: Let’s say you have a form that allows the user to enter their email address. The black hat’s exploit script submits a value for that field that includes a newline, followed by whatever email headers they want to insert: Bcc, for example, or even full-blown MIME-encoded parts.
Just a quick followup on the Sony malware situation: they’ve now been spanked by both Microsoft and the Department of Homeland Security. I feel the warm glow of righteousness.
