We all know that you should back up your data periodically if you don't want to lose it in the case of an incident. This is not as trivial as it used to be. You might have some information stored remotely in online services. Most likely you will have an online email account and may want to have those emails archived on your local backup drive.
So I wasn't surprised when I saw an article last week on Jeff Atwood's blog about someone searching for a way to archive emails from Gmail. By the way, any IMAP client might be a good way. The sad part of the story was that the guy stumbled on a shareware tool called G-Archiver. After playing around with the software, he discovered that there is a hard-coded Gmail account with a password in this application. After doing some more analysis, it was evident that this tool does not only archive your emails locally, it will...
Many people don’t like flashy advertisementbanners on Web pages. But ads are a necessary thing for some pages tokeep them free and help the owners pay their hosting fees. That mighthave been one of the reasons the bad guys thought of when usingmalicious banner ads as an attack vector. I’m not talking about theannoying banners that will overlay half of your screen so that you haveto click them away manually. I’m talking about malicious ads, sometimesreferred to as "malvertisement" or "badvertisement," which contain amalicious script or a hidden redirector. Most of the time it’s a flashobject that contains an obfuscated action script which redirects theuser to a malicious site after performing some user client checks. Ifthe IP address of the requester falls into the desired geographiclocation and the IP address was not yet served, then it will beredirected to the bad site. This site can then either use one of thewell known Web attacking toolkits to exploit a...
