Gargantuan SQL injection infects 3.8 million URLs, installs rogue antivirus

LizaMoon SQL injection rogue AV
Over the last few days, a mass SQL injection attack has been quickly gathering speed. Just three days ago only 28,000 URLs were affected, but at the time of writing, there could be up to 3.8 million infected URLs.

Websense
has a complete write up the attack, dubbed 'LizaMoon,' but here's the basic gist: it looks like someone is exploiting a vulnerabilty (or vulnerabilities) in hundreds of thousands of websites running on Microsoft SQL Server 2003 and 2005. It's not yet known whether this is a vulnerability in SQL Server, or simply a case of outdated, unmaintained, and easily-exploitable CMSes.

The attack takes the form of an SQL injection, which then inserts a link to a JavaScript file hosted on the attacker's server. This is repeated over and over until every Web page in the SQL database has been infected -- and considering 3.8 million URLs have been infected, you can see that this is a very easy, and automated, attack.

Fortunately, the JavaScript isn't particularly malicious: it pops up a rogue AV program called Windows Stability Center, but that's it. Better yet, the rogue antivirus is already recognized by a bunch of real antivirus suites, including Avast, Panda and Microsoft Security Essentials.

The real problem with SQL injection attacks is that there's nothing we surfers can do about them. There will always be old and unmaintained websites, and thus SQL injections will remain one of the easiest and most lucrative tools of hackers and spammers alike. All you can do is keep your antivirus and anti-malware software up to date, and pray.

Gargantuan SQL injection infects 3.8 million URLs, installs rogue antivirus originally appeared on Download Squad on Fri, 01 Apr 2011 05:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/01/massive-sql-injection-infects-3-8-million-urls-installs-rogue-a/

MICROCHIP TECHNOLOGY METHODE ELECTRONICS MENTOR GRAPHICS IMS HEALTH IMATION

Altaro Hyper-V Backup beta launched, only 250 places available

hyper-vbackupbeta
This one's for the sysadmins in the audience: Altaro, makers of our favorite "time machine for Windows" back solution, OopsBackup, have just announced a new product entering beta called Hyper-V Backup.

It's a backup solution for virtual machines running on Microsoft's Hyper-V virtualization solution. If that sentence just seemed like a bunch of buzzwords crammed together, Hyper-V backup is not for you. But, if you actually use Hyper-V and are hankering for a good backup solution, Altaro might be worth checking out.

The beta run is limited - Altaro are looking for just 250 testers. All participants will get a free license key to the final, production version. So if you're interested in helping test Hyper-V Backup, get yourself over to Altaro now and join the beta.

Altaro Hyper-V Backup beta launched, only 250 places available originally appeared on Download Squad on Wed, 02 Mar 2011 05:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/03/02/altaro-hyper-v-backup-beta-launched-only-250-places-available/

PEROT SYSTEMS PALM OSI SYSTEMS ORACLE OPENWAVE SYSTEMS

Galaxy Tab 2 7.0 Student Edition expected at Best Buy: $249 with bundled keyboard and USB adapter

Galaxy Tab 2 70 Student Edition spotted at Best Buy $249 with bundled keyboard and USB adapter

If you're looking for something -- anything -- to lessen the burden of summertime studies, then a trip to Best Buy may soon be in order. We've just heard from a helpful tipster that a student edition of the Galaxy Tab 2 7.0 is due to be stacked on shelves around August 19th, which keeps the regular $249 selling price of the 8GB WiFi-only model but bundles a keyboard dock and USB peripheral connector. If you've been weighing the Samsung up against the Nexus 7 (which we've ranked higher in our back to school tablet guide), then factor this into your research.

[Thanks, Anon.]

Filed under:

Galaxy Tab 2 7.0 Student Edition expected at Best Buy: $249 with bundled keyboard and USB adapter originally appeared on Engadget on Thu, 09 Aug 2012 04:43:00 EDT. Please see our terms for use of feeds.

Permalink   |   | Email this | Comments

Source: http://www.engadget.com/2012/08/09/samsung-galaxy-tab-2-7-0-student-edition/

INTERNATIONAL RECTIFIER INTERNATIONAL GAME TECHNOLOGY INTERNATIONAL BUSINESS MACHINES (IBM) INTERDIGITAL COMMUNICATIONS INTEL

This is the Modem World: Curiosity Killed the Fanboy

Each week Joshua Fruhlinger contributes This is the Modem World, a column dedicated to exploring the culture of consumer technology.

DNP This is the Modem World

Usain Bolt is fast. Really fast. So fast, in fact, that we all revel in his quirky personality and dig the fact that he comes from Jamaica. We're all Bolt fanboys.

The Olympics, born as a celebration of the human body and spirit, bring the world together every two years in a peaceful competition and allow us to transform nationalism into a spirited, peaceful chant for our own countries. Usain Bolt displayed the Olympic spirit during a post-race interview when he stopped the affair to wait for the American national anthem to finish as another athlete received her gold medal. Respect.

Continue reading This is the Modem World: Curiosity Killed the Fanboy

Filed under: ,

This is the Modem World: Curiosity Killed the Fanboy originally appeared on Engadget on Wed, 08 Aug 2012 18:00:00 EDT. Please see our terms for use of feeds.

Permalink   |   | Email this | Comments

Source: http://www.engadget.com/2012/08/08/curiosity-killed-the-fanboy/

HYPERCOM HEWLETT PACKARD CO HEARTLAND PAYMENT SYSTEMS GOOGLE GOOGLE

Windows 8 App Store images leaked?

windows 8 app store
Windows 8 images continue to leak onto the Internet, despite Microsoft's wallpaper-based pleas to those with access to the early releases. Today's installment courtesy CNBeta shows the upcoming Windows App Store, which will likely feature prominently in Windows 8.

We've got our doubts about the authenticity of the image. In addition to showing several of the built-in games which already ship with Windows, Opera is listed -- and a competing browser seems like an odd inclusion this early on. Of course, with the browser ballot still in place in the EU for quite some time, Microsoft would probably need to include rivals like Opera and Firefox to stay out of trouble. We're also not sure why Clickgamer is shown beneath Angry Birds instead of Rovio -- the game's actual publisher.

It's still early, of course, so it's entirely possible that the Windows App Store image is genuine but merely using placeholder images and text for now. Anyone else thinking Windows Marketplace might be a more logical name? You know, to keep things consistent with Windows Phone and keep Apple's legal eagles at bay.

Windows 8 App Store images leaked? originally appeared on Download Squad on Mon, 11 Apr 2011 10:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/11/windows-8-app-store-images-leaked/

TNS TIBCO SOFTWARE TIBCO SOFTWARE THQ TEXAS INSTRUMENTS

Square?s International Starbucks Expansion Is Up To Jack Dorsey, Says Starbucks CEO

AzyJjt1CEAAVXx7The payments space was even further shaken up last night, with the news that Square will take over all U.S. credit and debit card transactions for Starbucks. And those who use the Pay with Square app (iPhone and Android) will be able to pay for their sugary caffeinated drinks with nothing more than their phone. This morning in New York, a handful of journalists sat down with Square CEO Jack Dorsey and Starbucks CEO Howard Schultz to discuss the "epic" partnership. Before we get into the nitty gritty, it?s important to note the direct impact this partnership has on Square as a business and its plans for the future.

Source: http://feedproxy.google.com/~r/Techcrunch/~3/XhHlDyo6NPg/

TRIQUINT SEMICONDUCTOR TRIMBLE NAVIGATION LIMITED TRIDENT MICROSYSTEMS TRANSACTION SYSTEMS ARCHITECTS TOTAL SYSTEM SERVICES

Disney Research's Botanicus Interacticus adds capacitive touch to ordinary plants, we go hands-on

Disney Research's Botanicus Interacticus adds capacitive touch to ordinary plants, we go handson video

Sure, you spend plenty of time talking to your plants, but have you ever made them sing? In partnership with Berlin-based Studio NAND, Walt Disney's experience development arm, coined Disney Research, has found a way to take human-plant interaction to an almost freakish level. The project's called Botanicus Interacticus, and centers around a custom-built capacitive sensor module, which pipes a very low current through an otherwise ordinary plant, then senses when and where you touch. Assuming your body is grounded, the device uses more than 200 frequencies to determine exactly where you've grabbed hold of a stem. Then, depending on how it may be programed, the sensor can trigger any combination of feedback, ranging from a notification that your child is attempting to climb that massive oak in the yard again, to an interactive melody that varies based on where your hand falls along the plant.

Because this is Disney Research, the company would most likely use the new tech in an interactive theme park attraction, though there's currently no plan to do much more than demo Botanicus Interacticus for SIGGRAPH attendees. This week's demonstration is giving the creators an opportunity to gather feedback as they try out their project on the general public. There's four different stations on hand, ranging from a stick of bamboo that offers the full gamut of sensitivity, including the exact location of touch, to an orchid that can sense an electric field disruption even as you approach for contact. While interactive plants may not have a role in everyday life, Botanicus Interacticus is certainly a clever implementation of capacitive touch. You can see it action just past the break.

Continue reading Disney Research's Botanicus Interacticus adds capacitive touch to ordinary plants, we go hands-on

Filed under: ,

Disney Research's Botanicus Interacticus adds capacitive touch to ordinary plants, we go hands-on originally appeared on Engadget on Wed, 08 Aug 2012 14:58:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourceDisney Research  | Email this | Comments


Source: http://feeds.engadget.com/~r/weblogsinc/engadget/~3/mOnHFITGA64/

HEARTLAND PAYMENT SYSTEMS GOOGLE GOOGLE FORMFACTOR FISERV

Chocomize personalized chocolate: giveaway and discount code

chocomize
Okay, I know what you're thinking: chocolate on Download Squad? That's right! That's because Chocomize is one of the nerdiest ways to get chocolate online: it's a website where you customize your own bar using a multi-step process.

We've covered Chocomize before in our holiday gift guide, so when they reached out to us offering to do a giveaway, we really couldn't resist.

Chocomize is giving away ten gift certificates, each worth $50, for you to create your own customized chocolate. They sent us some pictures of their recent creations, which you can find in the gallery below.

Regardless of the giveaway, you can use the discount code switched to get 10% off any Chocomize order. The code is valid through April 20th - just in time for Easter!

To participate, simply leave a comment. Fine print is after the jump.

Continue reading Chocomize personalized chocolate: giveaway and discount code

Chocomize personalized chocolate: giveaway and discount code originally appeared on Download Squad on Wed, 06 Apr 2011 09:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/06/giveaway-and-discount-code-chocomize-personalized-chocolate/

EASTMAN KODAK CO EARTHLINK DST SYSTEMS DISCOVER FINANCIAL SERVICES DIODES INORATED