RSSIndia high on Internet vulnerabilities - Orkut, Mozilla on List
Categories: Featured, Firefox, Firefox Hacks, Microsoft, Social Networking India
Written By: Vardaan
India along with nations across the globe is high on internet vulnerabilities through various medium, highest being malicious codes, phishing and unauthorized scanning. Recent trend is that hackers now turning to websites, servers from their previous choice of emails, cheap apps etc.
Recently India’s premier technology institute IIT’s website has been hacked (source), although this is not single case in India, a total of 612 Indian websites were defaced during March 2008 as reported by CERT-In (Computer Emergency Report Team India), which has increased by more than 50% in India, comparing to just previous month.
Social networking is also a victim of hackers in a recent study, as per CERT-In, a worm called Scrapkut is spreading like a cold (human virus) among Orkut users, how it works?, well, a malicious scrap message is posted to victim’s scrapbook containing a fake link to YouTube video purporting to be from a known member of its friend list. When the victim clicks on the link, it redirected to some malicious website which prompts to download the file flash executable file (.exe) disguised as a Flash upgrade. The execution of which results in malicious scrapbook entry in all victims’ friends. So… DO NOT CLICK on any YouTube link on your Orkut scrapbook. For more details and preventions see - Here.
Mozilla and Microsoft Office products isn’t untouched by this, Mozilla products like Firefox, Thunderbird & SeaMonkey are among high vulnerability threat list, according to which this could be exploited by remote attacker to execute arbitrary code with the privileges of the current user.
In Firefox, a borderless XUL pop-up is created in front of the active tab in the user’s browser from a background tab to misguide/ mislead the form elements such as a login prompt for a site opened in a different tab and steal the user’s login credentials for that site (phishing attack). and poke into your security fences. for this one solution (unavoidable though) is to disable javascript. For more Details and solutions for Mozilla products see - Here and for Fireofox - Here
The list of vulnerabilities threats are as -
High vulnerabilities - MS Office, Excel, Outlook, Mozilla Products, Real Player, Sun Java
Medium vulnerabilities - PHP, GNOME, OpenSSH
Malicious Code Threat - ScrapKut (Orkut)
May 25th, 2008 at 12:53 am
[…] View Original Article Blogged with the Flock Browser […]