Ubuntu: 2260-1: Linux kernel (Trusty HWE) vulnerabilities
Jul03
on July 3, 2014
at 8:14 am
Posted In: Uncategorized
(Jun 27) Several security issues were fixed in the kernel.
Comment
Bitcoin phishers get desperate with search engine ads
Jul02
on July 2, 2014
at 2:50 pm
Posted In: Uncategorized
More than a week after we reported
deceptive search engine ads being used in Bitcoin wallet attacks, fraudsters are still using Bing ads to trick
Blockchain users into visiting phishing sites — but this time, the ads are using some crude social engineering ploys.
Searching for “blockchain” on bing.com currently displays the following pair of phishing ads at the top of the search results:
(Page requested at 12:15 BST, 2nd July 2014)
The first ad begs the user to “click this one” and warns that all other ads are phishing sites, but clicking on the ad actually sends the victim to a Blockchain phishing site, where he is prompted
to enter his identifier and password. This phishing site is hosted in a subdirectory on a compromised website, which belongs to a web development outsourcing company in India.
Similarly, the second phishing ad warns that the other one is a phishing site; however, the fraudster behind this ad has made a mistake. When a victim clicks on this ad, it will try to send him to blockchain.lnfo (.LNFO). This link won’t work because the .lnfo top-level domain does not exist, and probably never will, because as the fraudster has so perfectly demonstrated, it could easily be confused with .info.
As we saw in previous attacks, the green display URLs shown in these ads are carefully chosen by the fraudster to look similar to the real Blockchain website, which uses the blockchain.info domain. Neither of the display URLs accurately reflect the actual location reached after clicking on the ads. Also, the blue link text on the second ad uses an i-acute character in place of the “i” in Blockchain, presumably to make it harder to detect misuse of the Blockchain brand.
The fact that these phishing ads are trying to discredit each other
suggests that there are multiple Bitcoin fraudsters competing for click-through traffic on sites which display
Bing ads. These phishing ads also appear on other search engines which use the Yahoo Bing ad network, such as Yahoo and DuckDuckGo.
Most Reliable Hosting Company Sites in June 2014
Jul02
on July 2, 2014
at 12:00 pm
Posted In: Uncategorized
| Rank | Performance Graph | OS | Outage hh:mm:ss |
Failed Req% |
DNS | Connect | First byte |
Total |
| 1 | Datapipe | FreeBSD | 0:00:00 | 0.008 | 0.121 | 0.018 | 0.037 | 0.055 |
| 2 | Netcetera | Windows Server 2012 | 0:00:00 | 0.008 | 0.064 | 0.071 | 0.156 | 0.293 |
| 3 | Pair Networks | FreeBSD | 0:00:00 | 0.008 | 0.223 | 0.081 | 0.165 | 0.560 |
| 4 | Hosting 4 Less | Linux | 0:00:00 | 0.008 | 0.196 | 0.125 | 0.247 | 0.435 |
| 5 | Hyve Managed Hosting | Linux | 0:00:00 | 0.012 | 0.241 | 0.063 | 0.125 | 0.128 |
| 6 | Kattare Internet Services | Linux | 0:00:00 | 0.012 | 0.194 | 0.126 | 0.253 | 0.530 |
| 7 | Logicworks | Linux | 0:00:00 | 0.019 | 0.146 | 0.075 | 0.154 | 0.314 |
| 8 | krystal.co.uk | Linux | 0:00:00 | 0.019 | 0.140 | 0.091 | 0.178 | 0.178 |
| 9 | Swishmail | FreeBSD | 0:00:00 | 0.023 | 0.135 | 0.073 | 0.146 | 0.194 |
| 10 | Aspserveur | Linux | 0:00:00 | 0.031 | 0.309 | 0.087 | 0.439 | 0.791 |
Datapipe had the most reliable hosting company site in June, with only two isolated failed requests. This is Datapipe’s third victory so far this year, and the company also achieved second place in May. Datapipe has accrued an outstanding 100% uptime record over the past eight years, and consistently exhibits very fast connections times, regularly being one of the fastest sites we monitor. The only other hosting company to have reached first place this year is Qube who did so three times, equalling Datapipe.
Netcetera came second in June, also with only two failed requests, giving it the most reliable Windows-based hosting company site. Netcetera has been in the hosting business since 1996 and offers a 99.9% uptime guarantee, although in practice its site actually reached 99.99% uptime over the past year and 99.96% over nine years.
Pair Networks had the third most reliable hosting company site in June. Like Datapipe, their website is served using FreeBSD. As well as hosting websites, Pair Networks recently hosted a Girl Develop It workshop in Pittsburgh, which is where their own custom-built data centres reside.
Netcetera had the only Windows-based hosting company site to appear in the top ten in June, while three sites used FreeBSD and the remaining six used Linux. Downtime is only recorded when all of Netcraft’s performance monitors simultaneously record an outage, hence why it is still possible to achieve 100% uptime even if a site fails to respond to an individual performance monitor.
Netcraft measures and makes available the response times of around forty leading hosting providers’ sites. The performance measurements are made at fifteen minute intervals from separate points around the internet, and averages are calculated over the immediately preceding 24 hour period.
From a customer’s point of view, the percentage of failed requests is more pertinent than outages on hosting companies’ own sites, as this gives a pointer to reliability of routing, and this is why we choose to rank our table by fewest failed requests, rather than shortest periods of outage. In the event the number of failed requests are equal then sites are ranked by average connection times.
Information on the measurement process and current measurements is available.
(Jun 27) Security Report Summary
Ubuntu: 2259-1: Linux kernel vulnerabilities
Jul02
on July 2, 2014
at 8:05 am
Posted In: Uncategorized
(Jun 27) Several security issues were fixed in the kernel.