by Dave Michmerhuizen & Luis Chapetti – Security Researchers Spammers and Phishers are constantly looking for ways to convince people to type in their passwords and press “Log In”. One of the newest strategies we’ve seen them use are specially crafted login pages that appear similar to those of websites that use the increasingly popular OpenID standard. An alarming number of spammers are tailoring their phishing messages to use this new template. OpenID is way for websites to avoid having to create their own user accounts. Instead, they use authentication services offered by better known OpenID ‘providers’. You’ve very likely seen websites offering to allow you to log in using your Facebook or Google or Yahoo accountRead More...
- #infosec tools: Dan McInerney's elite-proxy-finder scrapes for good proxies, tests them including for https #infowar April 23, 2014
- discovery by @elvanderb 'suggests that the backdoor [to 24 router's firmewares] was *deliberately* [re-]introduced' April 23, 2014
- #infosec tool: NINJA PingU v1.0, high performance scanner avoids TCP stack overhead, good with plugins April 23, 2014
- Triaging with the RecentFileCache.bcf file to quickly identify a #malware infected system #infosec #incidentresponse April 23, 2014
- #infosec tools: Shodan Plugin for Chrome gives you the site location, IP owner and open services like FTP, DNS, SSH April 23, 2014
Tagsapi apple archives article browser bruce schneier business china copyright development director downloads education enterprise events facebook feeds gfi government hackers hacking industry infrastructure internet linkedin linux management microsoft network networks news opinion phishing podcasts science security social-media symantec team cyrmu technology united-kingdom united-states videos vulnerability windows