Friday 30 September 2011

The Council on Governmental Ethics Laws (COGEL) hacked and complete database dumped


The Council on Governmental Ethics Laws (COGEL) hacked and complete database dumped Hacker With Name snc0pe claim to hack official website of The Council on Governmental Ethics Laws (COGEL). He post a message on pastebin , along with the database download link (1.88M...

Anonymous releases 25,000 records of the Austrian police


Anonymous releases 25,000 records of the Austrian police Anonymous Austria post via the official Twitter account about 25,000 records Austrian police officers. Observers suspect that the data from the Austrian section of the "International Police Association" could come. Meanwhile, the far-right Freedom Party tries to take advantage of the data leak. "This violation of the privacy of our policemen have become fair game for possible revenge attacks by criminals. Minister Mikl-Leitner,...

700,000 sites on Inmotion Hosting Server hacked by TiGER-M@TE in one shot !

700,000 websites hosted on InMotion Hosting network hacked by TiGER-M@TE including Trinity FM, Blast Magazine. It was not just a server hack, actually whole data center got hacked. List of all hacked 700000 sites are available here. Hackers copied over the index.php in many directories (public_html, wp-admin), deleted my images directory and added index.php files where they weren’t needed. 2,00,000 websites hack mirror already Submitted to Zone-H by TiGER-M@TE. We (The Hacker News) talk with hacker about the hack, He claim "I hack 700000 websites in one shot, this may be a new world Record. After submitting 200,000 domains,zone-h was going down again and again and became almost unresponsive in the end.so i was unable to submit all websites.so i've listed all domains in attachment. It was not just a server hack, actually whole data center got hacked."

Department of Homeland Security Releases Cyber Security Evaluation Tool (CSET)


Department of Homeland Security Releases Cyber Security Evaluation Tool (CSET) The Cyber Security Evaluation Tool (CSET) is a Department of Homeland Security (DHS) product that assists organizations in protecting their key national cyber assets. It was developed under the direction of the DHS National Cyber Security Division (NCSD) by cybersecurity experts and with assistance from the National Institute of Standards and Technology. This tool provides users with a systematic and repeatable approach...

Man-in-the-Middle Remote Attack on Diebold Touch-screen Voting Machine


Man-in-the-Middle Remote Attack on Diebold Touch-screen Voting Machine The Vulnerability Assessment Team (VAT) at the U.S. Dept. of Energy's Argonne National Laboratory in Illinois has managed to hack a Diebold Accuvote touch-screen voting machine. Voting machines used by as many as a quarter of American voters heading to the polls in 2012 can be hacked with just $10.50 in parts and an 8th grade science education, according to computer science. "This is a national security issue," VAT team...

Supreme Court of Pakistan website defaced by Zombie_Ksa


Supreme Court of Pakistan website defaced by Zombie_Ksa The official website of Pakistan's Supreme Court has been hacked.Visitors to the website found derogatory and abusive remarks about the court and Chief Justice Iftikhar Muhammad Chaudhry. Earlier the Supreme Court website was hacked by two boys also in the month of September last year to whom the court had granted bail on April 11 as they were less than 18 years of age. The hacker declared that his intent to deface the site was ideological...

Firefox Java update ready to stop BEAST attacks


Firefox Java update ready to stop BEAST attacks Firefox developers searching for a way to protect users against a new attack that decrypts sensitive web traffic are seriously considering an update that stops the open-source browser from working with Oracle's Java software framework. Johnath, the alias for Firefox Director of Engineering Johnathan Nightingale, weighed in: “Yeah - this is a hard call. Killing Java means disabling user functionality like facebook video chat, as well as various java-based...

"SecurityTube Wi-Fi Security Expert" (SWSE) online certification Launched


"SecurityTube Wi-Fi Security Expert" (SWSE) online certification Launched SecurityTube released their first fully online certification today - "SecurityTube Wi-Fi Security Expert" (SWSE) . The most interesting thing and key difference from other certifications, is that they are giving out the entire course material free of charge! You only pay if you need the certification. If you are a hobbyist or a causal security enthusiast, the course material is free for you :) The SWSE is based on...

Atlanta IT Worker Hacked Ex-Employers Database


Atlanta IT Worker Hacked Ex-Employers Database An Atlanta man could receive up to five years in prison after pleading guilty Wednesday to hacking into a former employer’s patient database, stealing information and then wiping the database clean. Federal prosecutors said Eric McNeal, 37, used the patient information from a firm identified as “A.P.A.” for a direct marketing campaign at his new employer in the same building. McNeal was an information technology specialist for the perinatal...

JonDo 00.16.001 Released - Automatic error recognition and easier usability


JonDo 00.16.001 Released - Automatic error recognition and easier usability JonDos publishes a new version of the JonDo-Software, an IP changer and IP anonymization program, that you can use for anonymous surfing in the Internet with high security anonymous proxy servers. What is JonDo? JonDo is an open source and free-of-charge program for Windows, Linux and MacOS X. It hides the user's IP adress behind an anonymous IP address. In contrast to other anonymizers (VPNs, anonymous proxy servers),...

Sunday 18 September 2011

Microsoft eyeing deal for Yahoo (again)


Is "MicroHoo" actually going to happen at last? Rumor has it that Microsoft is back in the hunt to acquire Yahoo, according to a report published by Business Insider on Friday.
 
The site quotes an unnamed source affiliated with Microsoft's MSN portal as saying "definitely, people are talking about" a deal for struggling Yahoo, which dumped Carol Bartz as chief executive earlier this month and held off a takeover bid by the software giant in 2008.
 
Yahoo is "more attractive to Microsoft than AOL," according to Business Insider's source, an opinion apparently helped along by the insight of former AOL executive Ted Cahall, who joined Microsoft as a corporate vice president in charge of MSN in August 2010.
 
AOL's recent travails have included a fractious battle over the role of Michael Arrington at TechCrunch, the profitable tech news site he founded and which was acquired by AOL in 2010 for $25 million. Arrington's founding of a venture capital fund raised conflict-of-interest questions and brought him into conflict with Arianna Huffington, president and editor in chief of AOL's Huffington Post Media Group.
 
Arrington has left the employ of AOL, leaving TechCrunch without its strongest voice and core personality, according to some critics of AOL's handling of the situation.
 
"People generally expect AOL to come apart one way or another," Business Insider quoted the source as saying. "I don't think that's an interesting asset. It's just been so beaten down.
 
"Yahoo is a lot more interesting. If it comes into play, then at least their U.S. media business is a pretty interesting asset. It's complicated because of those Asian assets."
Though Microsoft has focused on developing its Bing property in the years since it was rebuffed in the Yahoo acquisition bid, the company has recently come to believe that "MSN is a critical component of helping Bing win," according to the source.
 
But it wasn't entirely clear how exactly Microsoft supposedly believed Yahoo could help MSN and Bing, even if it was "a pretty interesting asset." The Business Insider source seemed as eager to tear Yahoo down as build it up.
 
"It's not every day that you watch both of your competitors blow themselves up," the source said, referring to Yahoo and AOL. "It's like watching a train wreck.
 
"The portal space is challenged. Facebook is just absorbing more and more minutes-usage. That's having an effect on portals. The time shifting toward mobile is another factor weighing on portals. The problems AOL and Yahoo have are exacerbated by management."
 
 

Saturday 17 September 2011

Pretect yourself with a new type of security suite

Children off the streets and in the classroom? Shorter days? New security suites? Yes, it's that time of year again when most computer security suite makers implore you to update to the latest version. We've looked at nine new premium suites so far. Some have made only incremental changes, and others were so eager to ditch their dirty bathwater that they almost lost the baby, too.

Bitdefender Internet Security 2012

Note that as other suites gets released, we'll be updating this story. And for those of you who like the wayback machine, here's last year's roundup.
So far this year, we've looked at nine premium suites: Panda Global Protection 2012, ZoneAlarm Extreme Security 2012, Bitdefender Total Security 2012, Kaspersky Internet Security 2012, Trend Micro Titanium Maximum Security 2012, Lavasoft Ad-Aware 9.5 Pro Internet Security, AVG Internet Security 2012, ESET Smart Security 5, and Norton Internet Security 2012. There are still a few more suites to come.
In terms of security, so far the new Bitdefender is the newest suite that will keep you safest. It outperformed last year's leader, Norton Internet Security, blocking more malware and viruses, and detecting fewer false positives, than any suite this year. Determining which suite will keep you safest is an imperfect science, especially because CNET uses multiple third-party sources to ensure that our results aren't skewed by a single test. However, Bitdefender consistently scored at the top or among the top four suites tested, and so we're confident in recommending it above all others if security is your only determination.
In terms of system performance, as you can see on the chart below, Norton Internet Security remains the suite with the lightest impact on your performance. (Read more on how CNET Labs tests security programs.) However, this year it under-performed on two key metrics: boot time impact, which is the time you have to wait to use your computer after turning it on; and scan time, the amount of time it takes to run a scan. Bitdefender's impact on start up and shut down times leave much to be desired, but its affect on your computer as you use it turned out to be minimal.
It's also $10 more than Norton Internet Security, so we strongly advise you check out the free 30-day trials and be sure you're comfortable with the price you'd be paying for the protection and ancillary features you'd be getting.
Overall, we're comfortable at this point with recommending Bitdefender as the best high-end security suite so far this year. That may change as the last few suites get released, but
How the Fall 2011 security suites impacted system performance
Security Program Boot time Shutdown time Scan time MS Office performance iTunes decoding Media multitasking Cinebench
Unprotected system 40 6 n/a 395 120 342 17,711
Average of all tested systems (to date) 63.0 15.8 1,136 416 125 348 17,112
Panda Global Protection 2012 46.8 22.3 1,191 432 126 373 16,912
ZoneAlarm Extreme Security 2012 66.5 17.4 1,825 423 125 348 17,310
Bitdefender Total Security 2012 61.6 31 920 402 127 346 17,363
Kaspersky Internet Security 2012 61.3 18 1,320 429 125 345 17,122
Trend Micro Titanium Maximum Security 2012 88 11.3 502 437 125 345 17,290
Lavasoft Ad-Aware 9.5 Pro Internet Security 54.4 16.9 2,080 405 125 347 16,884
AVG Internet Security 2012 69.9 11.3 792 416 124 344 17,259
ESET Smart Security 5 57.2 14 658 401 124 343 17,148
Norton Internet Security 2012 51.8 10.3 1,066 410 123 343 17,386

*All tests measured in seconds, except for Cinebench. On the Cinebench test, the higher number is better. Times in bold are the best in that category. Tested on Windows 7 64-bit Service Pack 1.

AMD chips top 8.4 GHz, a new speed record


 
AMD said Tuesday that the company's FX processors had been overclocked to an astounding 8.429 GHz.
 
AMD said in a blog post that the eight FX processors had been overclocked at speeds up to 8.429 GHz, beating the prior record of 8.309 GHz, using a third-party team of overclocking enthusiasts.
 
More importantly to the average consumer user, however, AMD found that the company's FX chips could reach over 5 GHz using normal air cooling or water-cooling rigs that cost less than $100.
 
"Based on our overclocking tests, the AMD FX CPU is a clock eating monster, temporarily able to withstand extreme conditions to achieve amazing speed," Simon Solotko, a senior manager with AMD, wrote. "Even with more conservative methods, the AMD FX processors, with multiplier unlocked throughout the range, appear to scale with cold. We also achieved clock frequencies well above 5GHz using only air or sub-$100 water cooling solutions."
 
Guinness is expected to certify the record, an AMD spokesman said Tuesday.
 
AMD's announcement opens the Intel Developer Forum here in San Francisco, a developer conference hosted by AMD's arch-rival and much larger competitor, Intel.
 
What is overclocking? Historically, overclocking was a practice begun in the early days of the 486 and Pentium where a microprocessor was pushed past its rated speeds. Microprocessors are generally "binned," where each chip is tested to determine the fastest speed at which it can operate before it starts generating electrical faults and/or incorrect results due to the heat it itself produces. Within a PC, notebook computer or phone, these chips are generally either air-cooled using a series of "fins" that distribute the chip's warmth to the outside air via a fan. A sealed network of tubes, filled with water, can also be connected to a copper-based "heat sink," which thermally conducts heat away from the CPU.
 
Overclocking a chip can void its warranty, however, meaning that it's generally a risky practice even for enthusiasts. An overclocked chip that fails can essentially be destroyed, as can the motherboard or chipset components.
 
Extreme overclocking uses liquid helium and nitrogen to cool the chips; liquid nitrogen can push the chip's temperature down to less than negative 180 degrees centigrade. The risk here is a "cold bug," which can also prevent the chip from working. Fortunately for AMD, the team of overclockers found no such bug.
 
AMD's FX chips represent its enthusiast line of high-end chips, which are "unlocked," allowing users to set its operating voltage and clock speed multiplier in order to overclock the chips.
 

Friday 16 September 2011

HP introduces new enterprise security suite

HP has expanded its Enterprise Security Solutions portfolio to protect businesses from security risks emanating from cloud computing and increased use of mobile devices and social media. HP says the new security suite will help enterprises manage risks with a balanced approach and systematically review the persistent security threats.
HP says it has merged its security products and acquisitions into modules “"designed to help enterprises establish and execute a comprehensive security strategy that addresses threats and potential liabilities resulting from the rise of mobility, cloud computing and social media.” The risk management platform developed by HP combines ArcSight, Fortify Software and TippingPoint. According to HP, the platform will end the fragmented security practices in the enterprise. 
HP has also launched several security tools. ArcSight Express 3.0 helps detect and ward off cyber threats. HP Reputation Security Monitor keeps an eye on malicious IP (Internet Protocol) and DNS (Domain Name System) addresses. Fortify Software Security Center keeps check on vulnerabilities. TippingPoint Web Application Digital Vaccine can be used for detecting malicious traffic and for real-time identification of vulnerabilities in Web apps.
Tom Reilly, vice president and general manager of HP enterprise security products, says enterprises are building infrastructures that are "a patchwork of unrelated security products and processes." In a video explaining the new security tools, Reilly adds "the result is a proliferation of point solutions with no coordination across silos, business units or functionaries."
HP has also unveiled new Information Security Management services, Enterprise Cloud Service threat management software and Application Security Testing-as-a-Service to detect vulnerabilities in the app layer

Chrome Web Store gets desi, with India-specific content and apps

Not long after kickstarting its YouTube Partner program in India, Google has officially brought the Chrome Web Store to the country, along with 23 others across the world. While users globally had access to the Chrome Web Store before this (it was launched back in December 2010), users in India will now find local content on the web app store, such as regional music and infotainment, as well as themes, and extensions.
To begin with, the India’s Chrome Web Store kicks-off with such region-specific content as ESPN Cricinfo, Midday, Saavn, TurboCricket, BookMyShow, Jagran, and Midday. Unfortunately, there’s no way to sort for India-specific content, and so far, no such themes or extensions were visible. More will follow soon presumably, and hopefully, more search filters.

Undoubtedly, Google perceives India as fertile ground to build a strong Chrome/web app developer base.
We wonder if the browser-based "open" Chrome platform is wide enough to inspire much interest from Indian firms, and if things like extensions might just be too generic for country-specific interest. With its apparent confidence in these, and its numerous other browser-independent online products and services however, Google might have a big hand in ushering Indian consumers to e-commerce maturity.


Cyberoam launches NetGenie router with inbuilt internet security and controls

Cyberoam has launched its NetGenie range of internet access control products for the home, small office, and home office. Essentially 3G and Wi-Fi routers with built-in internet access controls, internet security, firewalls and antivirus mechanisms, the NetGenie appliances have been ‘entirely developed in India.'



NetGenie is available in two editions, with varying degrees of administrator control – NetGenie Home is priced at Rs. 7,999, and NetGenie SOHO (Unified Threat Management) for small offices, at Rs. 10,999. On the home front, NetGenie allows for advanced GUI-based parental and internet access control options that can also be implemented age-wise, and across a range of devices from laptops to smartphones.
In the case of small offices, administrators will be able to control levels of access, including restriction-based and schedule-based access. The device’s built in Intrusion Prevention System, internet security, antivirus and firewall features also obviate the cost of deploying such a solution independently. The NetGenie appliance also has an in-built IPSec VPN feature, allowing for secure remote access to central or vendor offices.



Friday 9 September 2011

Google tells Iranians to Change their Gmail password





Google is advising all its users in Iran to change their Gmail passwords, and check that their Google accounts have not been compromised.In a blog post, Google said that it was directly contacting users in Iran who may have been hit by a man-in-the-middle attack.

The move follows the compromise of Dutch SSL certificate authority DigiNotar. Hackers created fake SSL certificate credentials for Google.com and many other domains. These fake Google credentials were used to run man-in-the-middle attacks against Gmail users in Iran, according to an examination of authentication look-ups logs at DigiNotar and other evidence.

Specifically, Google recommends that users in Iran change their passwords; verify their account recovery options; check the Web sites and applications that are allowed to access their Google account; check Gmail settings for suspicious forwarding addresses or delegated accounts; and pay attention to warnings that appear in the Web browser and don't click past them.

Norton Cybercrime Report 2011




For the first time a Norton study calculates the cost of global cybercrime: $114 billion annually.Based on the value victims surveyed placed on time lost due to their cybercrime experiences, an additional $274 billion was lost. With 431 million adult victims globally in the past year and at an annual price of $388 billion globally based on financial losses and time lost, cybercrime costs the world significantly more than the global black market in marijuana, cocaine and heroin combined ($288 billion).
Read more on Norton

FBPwn : A Cross-Platform Facebook Profile Dumper tool



FBPwn is an open source, cross-platform, Java based Facebook profile dumper. It can send friend requests to a list of Facebook profiles, and poll for their acceptance notification. Once the victim accepts the invitation, it dumps all their information, photos and friend list to a local folder. It supports a lot of modules that can expand its current functionalities. It has a well documented Wiki page explaining the process of building a FBPwn module. Though it has a lot of available modules prebuilt for your use.
All modules work on a selected profile URL (we’ll call him Bob), using a valid authenticated account (we’ll call him Mallory).
AddVictimFriends: Request to add some or all friends of Bob to increase the chance of Bob accepting any future requests, after he finds that you have common friends.
ProfileCloner: A list of all Bob’s friends is displayed, you choose one of them (we’ll call him Andy). FBPwn will change Mallory’s display picture, and basic info to match Andy’s. This will generate more chance that Bob accepts requests from Mallory as he thinks he is accepting from Andy. Eventually Bob will realize this is not Andy’s account, but probably it would be too late as all his info are already saved for offline checking by Mallory.
CheckFriendRequest: Check if mallory is already friend of Bob, then just end execution. If not, the module tries to add bob as as a friend and poll waiting for him to accept. The module will not stop executing until the friend request is accepted.
DumpFriends: Accessable friends of Bob is saved for offline viewing. The output of the module depends on other modues, if mallory is not a friend of Bob yet, the data might not be accessable and nothing will be dumped.
DumpImages: Accessable images (tagged and albums) are saved for offline viewing. Same limitations of dump friends applies.
DumpInfo: Accessable basic info are saved for offline viewing. Same limitations of dump friends applies.

So you can see, you can do almost everything that you could do manually with Facebook. People might use it for malicious purposes too like cloning a Facebook profile. In addition to reading the Facebook official security guide, you need to avoid friend requests from un-known people.
Download FBpwn

Google Web History vulnerable to new Firesheep Addon

Two researchers have shown how a modded version of the Firesheep Wi-Fi sniffing tool can be used to access most of a victim’s Google Web History, a record of everything an individual has searched for.

The core weakness discovered by the proof-of-concept attack devised by Vincent Toubiana and Vincent Verdot lies with what is called a Session ID (SID) cookie, used to identify a user to each service they access while logged in to one of Google’s services.Fortunately, the latest exploit does not allow attackers to take over Google Accounts, but obviously, it can be used to expose private data. "While the direct access to users' data is subject to a strict security policy, using personalized services (which may leak this same personal information) is not," wrote Vincent Toubiana and Vincent Verdot, the creators of the modded Firesheep.

To be sure, the compromised cookies are deployed across more than 20 websites including Google Search, Google Maps, YouTube and Blogger. Every time the user accesses an application, the same SID cookie is sent in the clear, which the Firesheep captures from the data sent to and from a PC connected to a non-encrypted public Wi-Fi hotspot.A Google spokesman sent a statement :
We consider the concerns raised by these researchers to be fairly academic in nature and not a significant risk to users. Google Web History and our Web Search suggestion service are served over HTTPS, and we have encrypted the back-end server requests associated with the suggestion service as well. We look forward to providing more support for SSL technologies across our product offerings in the future, including changes that will specifically protect hijacked cookies from being used to access search data.
The researchers said users can protect themselves by logging out of their Google accounts while connecting over networks they don't trust. Another countermeasure is to disable Google's “visited” and “social” search filters.

Microsoft's Hotmail, other cloud services go offline due to a technical snag

Millions of users of Hotmail and other Microsoft services across the world could not access their online accounts Friday morning after the firm's cloud services suffered a major technical snag. Microsoft's Office 365, Hotmail, SkyDrive and other Live cloud-based products remained offline for several hours before the company restored the access.
While Microsoft analyses the reason behind the glitch, it is being speculated that the problem occurred in the DNS address system. The unprecedented outage is certainly going to raise questions about the preference of cloud computing over traditional local storage. The glitch is also quite embarrassing for Microsoft, which has been pitting its Office 365 against Google's online apps. It's learnt that it was the second such technical snag in less than a month.
The latest snag is reported to have lasted for nearly two and a half hours, between 0300 GMT and 0530 GMT. In a blog, posted at 0649 GMT, Microsoft said: "We have completed propagating our DNS configuration changes around the world, and have restored service for most customers."
"If you've been trying to use Hotmail, SkyDrive, or our other Live properties in the last couple of hours you may have noticed problems accessing our services. We're aware of these issues and actively working to resolve them. We apologize for the inconvenience and appreciate your patience," wrote blogger Chris Jones.

Twitter accomplishes 100 Million active users milestone

Twitter has announced that it has now 100 million active users across the world. The micro-blogging site says half of its users log on to the site everyday and 40 percent of them simply read what others are posting, without tweeting themselves. Twitter also discloses that nearly five billion tweets are posted every month and that the site gets 400 million unique visitors every month. It further revealed that half of its active users are mobile users.

Announcing the milestone, Twitter says in its blog that it is going to support 17 more languages in addition to Hindi, Filipino, Malay and Simplified and Traditional Chinese. To illustrate its popularity, Twitter also cites some of the prominent celebrities, politicians and sports stars using its services. It further disclosed that some 40 percent of British legislators were on Twitter.
Even though the figures put up by Twitter is quite high but it still trails far behind Facebook, which has more than 750 million active users worldwide. Google+, Google's latest social networking experiment, is also reported to be growing rapidly. Earlier this year, LinkedIn had announced it had 100 million users.
Twitter's latest figures come a week after it announced a new record for tweets per second. Twitter said that nearly 9,000 tweets were posted each second soon after Beyonce announced she was pregnant.
Twitter CEO Dick Costolo at a press conference in San Francisco said that the company is aiming for more improvements in Twitter, including furnishing more relevant content for users and making it easier for users to find content from people whom they know.

Nokia to Update its Symbian Belle Platform with Microsoft Apps

Nokia will soon update its Symbian Belle platform with a suite of business-based applications called Microsoft Apps. The Microsoft Apps suite is free and features Microsoft PowerPoint and OneNote. Nokia believes the update will “add some serious business productivity tools” for those buying Symbian Belle device or those seeking to upgrade from Symbian Anna to Symbian Belle.
The Microsoft Apps suite includes Microsoft Lync 2010 Mobile, Microsoft PowerPoint Broadcast, Microsoft OneNote and Microsoft Document Connection. The Apps will include Microsoft OneNote sync with SharePoint update in early 2012. Nokia and Microsoft also plan to include Microsoft Word, Excel and PowerPoint as native applications in the second update. The first batch of the apps is expected to be rolled out by fourth quarter of this year.
Nokia says on its blog that the launch of Microsoft Apps for Symbian shows Nokia has not halted development of its Symbian platform. And more updates will be made in 2012. “We will provide software support to Symbian until at least 2016. Symbian is hugely important to our future ambitions and this latest announcement is just another example of the role that Symbian will play,” says Nokia.
The Microsoft Apps will be delivered via software update over the air or via PC download and will function on the Nokia N8, Nokia C7, Nokia C6-01, Nokia E7, Nokia E6, Nokia X7, Nokia 700, Nokia 701, Nokia 600 and Nokia Oro. Additionally, the Finnish giant is working with Microsoft to provide mobile device management of Symbian Belle devices through Microsoft System Center Configuration Manager 2012.
Earlier, Nokia had announced its Symbian Belle-based phones namely Nokia 700,701 and 600. All three phones are expected sometime in third quarter of this year. Nokia also talked about making its new operating system compatible with previous generation Symbian^3 and Symbian Anna platforms. 

Google brings its Music Beta to iOS devices via Safari browser


Google's cloud-based music service Music Beta is now available on iOS devices as well. The app can be accessed via Safari browser at music.google.com. The advent of Google Music Beta on iOS gives Google a chance to impress the iOS users before Apple launches its own cloud-based music service called iCloud. Google made the announcement via its Twitter feed.
 
The Music Beta runs music in the background even when you exit Safari. Users can swipe left and right to shuffle between categories such as Artists, Albums and Songs etc. The features can be controlled by the iOS music controls as well. However, it's pertinent to mention here Google Music is still in Beta phase and is free to invited guests for the time being. Check out our previous coverage on Google Music Beta here.
It's learnt that the service had been rumored for months before the official launch and is Google's first attempt to compete with Amazon's Cloud Player and Apple's upcoming iCloud. It is being speculated that Google will soon come up with a dedicated iOS App store app to popularise its music service among the iOS users.

Friday 2 September 2011

Persistent XSS vulnerability in eBuddy Web Messenger Discovered By Warv0x

Persistent XSS vulnerability in eBuddy Web Messenger Discovered By Warv0x A team member from Virtual Luminous Security, Russian Federation, has discovered a persistent XSS vulnerability in eBuddy (the biggest web IM solution in the world) by transmitting messages with embedded encoded javascript code. In-depth detail eBuddy Web Messenger suffers from an encoded-Persistent XSS vulnerability in the messaging function. (while sendingA message with embedded code to another authorized user in eBuddy...



Share This news with your friends on Facebook/Twitter/Forums
Persistent XSS vulnerability in eBuddy Web Messenger Discovered By Warv0x : The Hacker News ~ http://www.thehackernews.com/2011/09/persistent-xss-vulnerability-in-ebuddy.html

Twitter Delicious Facebook Digg Stumbleupon Favorites More