Friday, June 29, 2012

facebook googlebot scam linke

DO NOT CLICK ON MESSAGES IN YOUR FACEBOOK WHICH say join my travel network


FAKE >>>  I just started using Gogobot. Please join my travel network http://apps.facebook.com/gogobot/

Monday, June 25, 2012

TechRadar's user registration database has been compromised.


It has come to our attention that TechRadar's user registration database has been compromised. Unfortunately, user details including username, email address, date-of-birth and encrypted passwords have been stolen in the process. We are not aware of any misuse of this data but are taking action today to alert users as soon as has been possible.

Our IT team launched an investigation immediately and has identified the cause of the problem and taken action to rectify it. The forums have been closed and will remain closed until we are satisfied that there are no further issues and the forum can be safely restored to service.

In the meantime, although your TechRadar password is encrypted, we are contacting you today to let you know that if you use the same password on TechRadar for any other websites then we strongly advise you to change these passwords immediately.

We will contact you again shortly with instructions on how to update your password details for the TechRadar website.

We take the security of your data extremely seriously and we apologise for any inconvenience caused.

Yours faithfully,

Nick Merritt
Publisher, TechRadar

Thursday, June 21, 2012

Roundcube webmail


Roundcube webmail  is a browser-based multilingual IMAP client with an application-like user interface.


It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. More information...

amavisd-new


amavisd-new is a high-performance interface between mailer (MTA) and content checkers: virus scanners, and/or SpamAssassin. It is written in Perl for maintainability, without paying a significant price for speed.
http://amavis.org/

rbidesk.net scam email


DO NOT OPEN SUCH SCAM EMAILS

The email is blank with one attachment called RBIDESK.docx
the site rbidesk.net does not exist 




IP address: 190.220.8.197
Host name: mail.ign.gob.ar
190.220.8.197 is from Argentina(AR) in region South and Central America



IP address: 122.155.5.75
Host name: admin.in.th
Alias:
admin.in.th
122.155.5.75 is from Thailand(TH) in region Southern and Eastern Asia


----------------------------------------------------------------------------------------------------------------





Return-Path:
Received: from mail.ign.gob.ar (mail.ign.gob.ar. [190.220.8.197])
      record for domain of info@rbidesk.net) client-ip=190.220.8.197;
smtp.mail=info@rbidesk.net

Received: from mail.ign.gob.ar ([127.0.0.1])
by localhost (mail.ign.gob.ar [127.0.0.1]) (amavisd-new, port 10024)

To: undisclosed-recipients:;
Subject: PAYMENT NOTIFICATION OF YOUR FUNDS
From: RBI Transfer Info
Reply-To:
Mail-Reply-To:
X-Sender: info@rbidesk.net
User-Agent: Roundcube Webmail/0.5.4
X-Remote-Browser: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like
 Gecko) Chrome/19.0.1084.56 Safari/536.5

DO NOT OPEN

 
OPEN ATTACHMENT FOR RBI TRANSFER NOTIFICATION

Content-Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document;
 name=RBIDESK.docx
Content-Disposition: attachment;
 filename=RBIDESK.docx

Wednesday, June 20, 2012

Error 105 (net::ERR_NAME_NOT_RESOLVED): Unable to resolve the server's DNS address.

Error 105 (net::ERR_NAME_NOT_RESOLVED): Unable to resolve the server's DNS address.

This error is due to one of the DNS servers failing. You need to edit the DNS servers on your computer and then it will work fine.

Sunday, June 17, 2012

boonex dolphin Error Database connect failed


Error
Database connect failed

Fatal error: Call to a member function getRow() on a non-object in /home/xxx/public_html/community/inc/utils.inc.php on line 421



But it appears to be just Database Connect Failed which indicates dolphin cannot connect to the database at all. Which either means the database server went down for a short time or in the case of when this exact message is happening frequently could indicate the host is limiting the number of connections to the database and they are being exceed which is common among some inexpensive shared hosting providers.
http://www.boonex.com/forums/topic/I-done-update-and-getting-this-error-now.htm

Also check server status and you may see 1) disk space full 2) mysql failed

Monday, June 11, 2012

google Search quality highlights: 39 changes for May


Search quality highlights: 39 changes for May


we’re beginning to include some especially useful predictions as “Related searches” on the results page.

Not useful at all

Improvements to ranking for news results  [good]
Improvements to Penguin [about effing time]

Smoother ranking functions for freshness [not yet up to the mark]

Better detection of searches looking for fresh content  [not yet up to the mark]

Updates to +Pages in right-hand panel. [useless imho]

Simpler logic for serving results from diverse domains [good]

Sunday, June 10, 2012

dolphin boonex Fatal error: Cannot apply localization


Fatal error: Cannot apply localization


copy the file lang-en.php (from your installation zip file) to your /langs folder  [no idea why is does not install at certain times]


http://www.boonex.com/forums/topic/Fatal-error-Cannot-apply-localization--2009-11-19.htm

Googles Matt Cutts admits negative Seo exists

 People have asked questions about negative SEO for a long time. Our guidelines used to say it’s nearly impossible to do that, but there have been cases where that’s happened, so we changed the wording on that part of our guidelines.
http://searchengineland.com/live-blog-you-a-with-matt-cutts-at-smx-advanced-123513


Why not just be sincere and be awesome? We’re trying to stop spam so people can compete on a level playing field. -- Matt Cutts  (yes !! this is a positive thing)

Google does not use analytics in its rankings.  -- Matt Cutts 


 (personally DO NOT USE ANALYTICs ON YOUR SITE . IT will affect your ranking) [if you have tried it and it does not affect your ranking then let me know in your comments]




We want to see an earnest effort to remove the links.  -- Matt Cutts  (I would!! if you tell me how to removed all the negative seo black hat spam on the link below)
Some of our best launches have come from some of the most passionate criticism.

blog back hat seo hijackers

Military grade malware and the beginning of the end


 non-obvious warfare? Here's the paper that inspired today's  article: 
http://nation.time.com/2012/08/29/what-good-are-acts-of-war-if-you-dont-get-credit-for-them/

Obama raised concerns that the Stuxnet program, code-named Olympic Games, would embolden other countries, terrorists and hackers to use similar attacks, but concluded that the U.S. had no other options available against Iran, the Times story said.
http://www.computerworld.com/s/article/9227670/Report_Obama_ordered_Stuxnet_attacks_on_Iran

Today, for the cyber warriors, the dice are loaded towards offence and not defence.

Read more: http://www.theweek.co.uk/defence/47345/flame-and-stuxnet-show-obamas-commitment-chinese-cyberwar#ixzz1xVBUNmJT


The Stuxnet project – codenamed "Olympic Games" – was actually started by the Bush administration and accelerated by Obama in his first months in office.
One: does Obama's duplicity – publicly espousing the internet as a space that is unpolluted by cyberwar and cyberespionage while covertly sponsoring a cyberweapon like Stuxnet – fatally undermine America's credibility as a defender of internet freedoms?

http://www.guardian.co.uk/technology/2012/jun/10/stuxnet-us-internet-freedom-policy-john-naughton?newsfeed=true


“This is the first attack of a major nature in which a cyberattack was used to effect physical destruction,” rather than just slow another computer, or hack into it to steal data.
“Somebody crossed the Rubicon,” he said.


There is no reason to believe that will remain the case for long. Some officials question why the same techniques have not been used more aggressively against North Korea. Others see chances to disrupt Chinese military plans, forces in Syria on the way to suppress the uprising there, and Qaeda operations around the world.

http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=5&_r=1

Till flame and similar malware .Good programmers could create tools to protect normal users from the malware for M$ ,even some anti virus programs worked

Unlike military grade weapons like nuclear weapons ,the normal criminal cannot imagine acquiring these weapons .
Sooner or later more countries will get the technology to replicate these nuclear weapons .

But what about cyber weapons?
Unlike conventional weapons military grade malware remains exclusive till someone reverse engineers the code . Now unlike conventional nukes there are many cyber criminals who must be rubbing their hands with glee and working hard to figure out who they can use the malware for their own evil reasons.

Unless the malware is un-crack-able sooner or later variants of this malware could be seen in the wild.

The big problems all the unsupported versions of windows still attached to the internet .
I  am sure there are still some old computer with windows 95 still connected to the net.
How many law offices,government offices use Microsoft products? will they be safe?now?in the future?

The sad part is all the netziens who just want to use the net to communicate ,make a living,shop,find support,find medical help are just sadly caught in this terrible terrible mess.

I really dont know if there is a way out now...............











Important information: One June 4th, 2012, Microsoft released a number of blog posts 



and an Update for Windows which is blocking three fraudulent certificates used by Flame. 


 recommend that Windows users apply this update immediately.
Microsoft SRD blog:http://blogs.technet.com/b/srd/archive/2012/06/03/microsoft-

certification-authority-signing-certificates-added-to-the-untrusted-certificate-store.aspx
Microsoft security advisory 2718704:http://technet.microsoft.com/en-

us/security/advisory/2718704
MSRC blog:http://blogs.technet.com/b/msrc/archive/2012/06/03/microsoft-releases-security-

advisory-2718704.aspx





Saturday, June 9, 2012

remove old outdated packages from ubuntu


sudo apt-get autoremove


Reading package lists... Done
Building dependency tree      
Reading state information... Done
The following packages will be REMOVED:
 
  linux-headers-2.6.32-27-generic linux-headers-2.6.32-28
  linux-headers-2.6.32-28-generic linux-headers-2.6.32-30
  linux-headers-2.6.32-30-generic linux-headers-2.6.32-31
  linux-headers-2.6.32-31-generic linux-headers-2.6.32-32
  linux-headers-2.6.32-32-generic linux-headers-2.6.32-33
  linux-headers-2.6.32-33-generic linux-headers-2.6.32-37
  linux-headers-2.6.32-37-generic linux-headers-2.6.32-38
  linux-headers-2.6.32-38-generic linux-headers-2.6.32-39
  linux-headers-2.6.32-39-generic ubufox
0 upgraded, 0 newly installed, 22 to remove and 0 not upgraded.
After this operation, 771MB disk space will be freed.
Do you want to continue [Y/n]? y
(Reading database ... 323270 files and directories currently installed.)

Removing libvpx0 ...
Removing linux-headers-2.6.32-27-generic ...
Removing linux-headers-2.6.32-27 ...
Removing linux-headers-2.6.32-28-generic ...
Removing linux-headers-2.6.32-28 ...
Removing linux-headers-2.6.32-30-generic ...
Removing linux-headers-2.6.32-30 ...
Removing linux-headers-2.6.32-31-generic ...
Removing linux-headers-2.6.32-31 ...
Removing linux-headers-2.6.32-32-generic ...
Removing linux-headers-2.6.32-32 ...
Removing linux-headers-2.6.32-33-generic ...
Removing linux-headers-2.6.32-33 ...
Removing linux-headers-2.6.32-37-generic ...
Removing linux-headers-2.6.32-37 ...
Removing linux-headers-2.6.32-38-generic ...
Removing linux-headers-2.6.32-38 ...
Removing linux-headers-2.6.32-39-generic ...
Removing linux-headers-2.6.32-39 ...
Removing ubufox ...

ubuntu tweak Error: Dependency is not satisfiable: python-aptdaemon.gtk3widgets


this error appears only when you download the deb file from the site and try to install it .

try sudo apt-get install ubuntu-tweak


Error: Dependency is not satisfiable: python-aptdaemon.gtk3widgets


Python GTK+ 3 widgets to run an aptdaemon client

 Aptdaemon is a transaction based package management daemon. It allows
 normal users to perform package management tasks, e.g. refreshing the
 cache, upgrading the system, installing or removing software packages.

epends on:
aptdaemon-data
gir1.2-gtk-2.0
gir1.2-vte-0.0
python (>= 2.7.1-0ubuntu2)
python (<< 2.8)
python-aptdaemon (= 0.41+bzr646-0ubuntu2)
python-gobject (>= 2.27.91)
python2.7


sudo apt-get install python-aptdaemon.gtk3widgets
E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable)
E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?
[above error due to package installer being open]

sudo apt-get install python-aptdaemon.gtk3widgets
Reading package lists... Done
Building dependency tree       
Reading state information... Done
E: Couldn't find package python-aptdaemon.gtk3widgets

sudo apt-get install python-aptdaemon.gtk3widgets_0.41+bzr646-0ubuntu2_all.deb
Reading package lists... Done
Building dependency tree       
Reading state information... Done
E: Couldn't find package python-aptdaemon.gtk3widgets_0.41+bzr646-0ubuntu2_all.deb

python-aptdaemon.gtk3widgets_0.41+bzr646-0ubuntu2_all.deb

Error: Dependency is not satisfiable: python2.7



Why we do not support anonymous and the media

Recent news reports of users using guy Fawkes /anonymous masks and defacing sites to protest government blocking sites has just saddened us.

why we do not support anonymous?

1) Since the beginning we believe only script kiddies or military or government or defacers from another country making a political statement deface /block/take down sites.
All of them have their reasons.

now all of them are anonymous
who is anonymous?



2) Governments modify the law and the court uses the laws to deny citizens the freedom of expressions.Denying a whole country access to the site deny all its citizens access to legitimate information (99% of this information is not harmful/copyrighted)

site defacers are doing just what the government is doing ie blocking innocent users the right to access information. what is difference between their actions and the actions of the government?

The only difference is the media will cover the story (the media will only cover stories where sites are defaced or people are violent on the streets .denial of access to legitimate information does not make a good news story ). All media in all democratic countries now have government minders (just like china). even if the media houses deny the fact.So the media these days is not the voice of the people . And media cannot be relied to supply factual and essential news.






Friday, June 8, 2012

ALL Libre.fm user passwords have been reset


As you may have seen, both Last.fm and LinkedIn have had a number of
passwords compromised. As a precaution, ALL Libre.fm user passwords
have been reset to a random, secure password.

We know this is annoying, but a number of Libre.fm users will have
used the same password on one or more of these sites, and so we
request that you reset your password to continue using the site. And
don't worry, your music player will cache your listens, so nothing is
lost!

As ever, you can send me your direct feedback and requests for support
to Matt Lee, founder of Libre.fm — mattl@cnuk.org, or visit #libre.fm
on irc.freenode.net.

Thank you, and thanks for your support of Libre.fm

To reset your Libre.fm password, visit the site and click "Log-in"
then click on the "Lost Password" link at the bottom of the page.

---
Matt Lee
Founder, Libre.fm

Flame espionage malware designed by world-class scientists

The Flame espionage malware that infected computers in Iran achieved mathematic breakthroughs that could only have been accomplished by world-class cryptographers

http://arstechnica.com/security/2012/06/flame-crypto-breakthrough/
https://twitter.com/#!/andreisavu


Wednesday, June 6, 2012

Reset your LinkedIn password (email from linkedin)


Dear xxx,

In order to ensure that you continue to have the best experience using LinkedIn, we are constantly monitoring our site to make sure your account information is safe.

We have recently disabled your account for security reasons. To reset your password, follow these quick steps:

    Go to the LinkedIn website
    Click on "Sign In"
    Click on "Forgot Password?" and follow the directions on the website

Thank you,
The LinkedIn Team

Possible LinkedIn password breach


LinkedIn's Password Breach Draws FBI's Attention






http://www.forbes.com/sites/georgeanders/2012/06/07/linkedins-password-breach-draws-fbis-attention/



An Update on LinkedIn Member Passwords Compromised
Vicente Silveira, June 6, 2012




http://blog.linkedin.com/2012/06/06/linkedin-member-passwords-compromised/


A prick says he's posted 6.5 million LinkedIn passwords on the Web

Sophos security expert Graham Cluley is advising LinkedIn users to change their passwordsas soon as possible
http://news.cnet.com/8301-1009_3-57448079-83/millions-of-linkedin-passwords-reportedly-leaked-online/
http://www.reddit.com/r/technology/comments/unt92

https://news.ycombinator.com/item?id=4073309

Confirmed: LinkedIn 6mil password dump is real

If Linkedin Hasn't Fixed Its Massive Security Breach, A New Password May Not Be Enough
http://ericttung.visibli.com/share/KmQv1E

Two Security Firms Say They Verified LinkedIn Breach
http://blogs.wsj.com/digits/2012/06/06/two-security-firms-say-they-verified-linkedin-breach/
http://blogs.wsj.com/cio/2012/06/06/two-security-firms-say-they-verified-linkedin-breach/

Change Your LinkedIn Password Immediately. Don't Worry About LinkedIn's Calendar Sync.
http://www.forbes.com/sites/kashmirhill/2012/06/06/change-your-linkedin-password-immediately-dont-worry-about-linkedins-calendar-sync/

From linkedin twitter account
New Post: Updating Your Password on LinkedIn and Other Account Security Best Practices 

Our team continues to investigate, but at this time, we're still unable to confirm that any security breach has occurred. Stay tuned here.
https://twitter.com/#!/LinkedIn
Twitter @LinkedIn and @LinkedInNews.





If every possible password is tried, sooner or later yours will be found.
The question is: Will that be too soon . . . or enough later?
https://www.grc.com/haystack.htm

New facebook spam in the form of a request

This spam is now called verify your account
http://apps.facebook.com/310201219047196/ DO NOT CLICK ON IT

The notification request says "WARNING FROM FACEBOOK TEAM"

DO NOT CLICK ON THESE NOTIFICATION 

http://apps.facebook.com/secureverifymjk/?fb_source=notification&request_ids=249889308448875%2C316440831775056%2C233375190113307%2C353286151405571&ref=notif&app_request_type=user_to_user&notif_t=app_request

http://apps.facebook.com/secureverifymrf/?fb_source=notification&request_ids=461902177172295%2C403206189722503%2C382552818468666&ref=notif&app_request_type=user_to_user&notif_t=app_request

http://apps.facebook.com/secureverifysd/?fb_source=notification&request_ids=318712631544857&ref=notif&app_request_type=user_to_user&notif_t=app_request


Monday, June 4, 2012

Hardware Hacking With Python

Hardware Hacking With Python
http://www.devttys0.com/2012/06/hardware-hacking-with-python/
https://code.google.com/p/gumbi/

search engine Shodan public port scan directory

“Expose online devices,” the Web site says. “Webcams. Routers. Power Plants. iPhones. Wind Turbines. Refrigerators. VoIP Phones.”


SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory
http://www.shodanhq.com/
http://twitter.com/achillean

http://www.washingtonpost.com/investigations/cyber-search-engine-exposes-vulnerabilities/2012/06/03/gJQAIK9KCV_story.html

Protecting Corporate Assets with ShodanHQ – An Interview with the ShodanHQ Creator
http://www.cyveillanceblog.com/general-cyberintel/shodanhq

Mysql error: Got error 28 from storage engine




Error code 28: No space left on device  One or more partitions on your server is out of space or doesn't have enough space to complete this operation. You need to  contact your host immediately. You or your host will need to find out which partition is low on disk space and either add more space or free up some.

You might be low on disk space on your deployment server. Check the results from df -h to see if any of your filesystems are low on space (especially /tmp).

Saturday, June 2, 2012

A/V outfits were out of their league. failed to catch Flame and Stuxnet (except kaspersky)

indicating that the malware was older than 2010.
They had come through automated reporting mechanisms, but had never been flagged by the system as something we should examine closely
Stuxnet went undetected for more than a year
malware called DuQu also went undetected by antivirus firms for over a year.
attackers have access to our(anti virus company) weapons.
http://arstechnica.com/security/2012/06/why-antivirus-companies-like-mine-failed-to-catch-flame-and-stuxnet/

The malicious program, detected as Worm.Win32.Flame by Kaspersky Lab’s security products
New 'Flame' spyware could be next super cyberweapon –Kaspersky, ITU
http://www.gmanetwork.com/news/story/260375/scitech/technology/new-flame-spyware-could-be-next-super-cyberweapon-ndash-kaspersky-itu

Flaw in Google Apps/Gmail account recovery flow , Cloudflare

 Google reports that they discovered a "subtle flaw affecting not 2-step verification itself, but the account recovery flow for some accounts.

http://blog.cloudflare.com/post-mortem-todays-attack-apparent-google-app


https://twitter.com/#!/newsycombinator

UGNazi ,cosmo
The Federal Bureau of Investigation has since been involved in the ongoing investigation
 http://en.wikipedia.org/wiki/UGNazi
Hacktivist Group (UGNazi)
Cosmo is alleged to be the leader of four-man hacktivist group UGNazi 




Cosmo (Alex Irvin) & CyberZeist (Thomas Ryan)  http://ugnazi.com/  


"Cosmo," a Staten Island-based gizmodo.com/.../clueless-hackers-who-just-took-down-dc-g


http://www.h-online.com/security/news/item/Man-arrested-for-hacking-into-billing-provider-1587517.html