Archive for January, 2008

Want to Phish HDFC BANK ? How?

Posted in Uncategorized on January 31, 2008 by ianstarkc

There has been sharp rise in Phising banking related  sites , specially targeting small nation banks.This year started with hacking of indian bank sites. but still there is no awarness in Security & disclosing of personal details.

This time HDFC bank practising weak security policy by  publishing the personal datails(email address) over their main site, still long way to go in learning security from past.

Hope HDFC Bank will take down this information, inspite of this  they have some good security features like login with  virtual keyboard to fight against keyloggers but otherside there are very smart malwares too 🙂

I was looking around the websites of Indian banks like ICICI Bank, SBI, HDFC Bank and stick to HDFC Bank website after getting the EMAILS of the its customers…
hdfc1.jpg

Advertisements

RealPlayer Exploit in the Wild

Posted in Uncategorized on January 5, 2008 by ianstarkc

Evgeny Legerov published a vulnerability for the RealPlayer which can be used to execute code on vulnerable computers.

Right now there is no patch available for this.

For more information check

http://www.frsirt.com/english/advisories/2008/0016

http://secunia.com/advisories/28276/

http://gleg.net/realplayer11.html

Now there is already malicious script for the RealPlayer and to be surprise there are lots of website having the code to execute  that script. See the below screenshot

 uc8010.com and ucmal.com 
1.jpg