Great Reviews!Need help setting up your website, installing Apache, PHP, MySQL, or RavenNuke(tm)?Need help customizing or designing scripts?Please contact us via the Contact Us option for further details and pricing.
Massive comment spam attack on Digg.com leads to malware
According to PandaSecurity, the social news site Digg.com is among the very latest Web 2.0 services to be targeted by cybercriminals on their way to acquire legitimate traffic to their malware serving domains. The ongoing attack is far more widespread the originally stated, with +500,000 bogus comments leading to 15 currently active malware domains, where the end user is enticed to install a fake video codec in order to view the video. Once executed, the codec attempts to trick the user that they’re infected with malware, and in order to get rid of it, a rogue security software has to be purchased.
Despite the obvious similarities with last month’s Google Video keywords poisoning attack, the comment-spam campaign at Digg.com is unique in the sense that it appears to have been active for over an year now. Let’s dissect the campaign, and explain how it works.
Microsoft today shipped four bulletins with patches for at least 8 documented security vulnerabilities affecting Windows users and warned that "consistent exploit code could be easily crafted" to launch attacks via the Internet Explorer browser. The Patch Tuesday batch includes fixes for a pair of code execution holes in IE, two bugs in the Microsoft Exchange Server, a remote code execution issue in the Microsoft SQL Server, and three separate flaws haunting users of Microsoft Office Visio. The Microsoft warning that consistent exploit code was likely suggests that it’s very easy for an attacker to host a specially crafted Web site and attack unpatched users who surfed to the rigged Web site. The attacker could also take advantage of compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability. This security update is rated Critical for Internet Explorer 7 running on supported editions of Windows XP and Windows Vista. For Internet Explorer 7 running on supported editions of Windows Server 2003 and Windows Server 2008, this security update is rated Moderate.
The Internet Explorer bulletin (MS09-002) should be treated with urgency because the flaws can be exploited to launch drive-by download attacks.
Posted by Raven on Wednesday, February 11, 2009 @ 18:45:14 EST (689 reads) ( | Score: 0)
SitePoint supports victims of the Australian bush fires
To support the victims of the Australian bushfires we've created our best book deal ever. For the next 3 days, you can pick any 5 books (in PDF format) and pay for only 1. That's about $150 worth of books for just $29.95!
SOFTWARE: Google Chrome 1.x - http://secunia.com/advisories/product/20760/
DESCRIPTION: A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system.
Posted by Raven on Monday, February 09, 2009 @ 18:21:28 EST (1021 reads) (Read More... | 1411 bytes more | Score: 0)
Battlefield 2 Theme
papamike writes "I just released my rendition of Battlefield 2. I designed this theme last year and it's been sitting in my folder collecting dust. I brushed it off and now you can download it free right HERE.
I used flash in the header and navigation and also added some extras. Go to my site (click the link above) and look in the themes download area. I have an oversized thumbnail of it on my homepage.
Help me support RavenNuke™ in 2009.
What's coming soon:
>> Call Of Duty theme
>> Database backup utility (this one actually works) I'll be releasing it as a RN module which you can run from your admin panel."
Posted by Raven on Friday, February 06, 2009 @ 00:16:59 EST (1400 reads) ( | Score: 0)
IMPACT: Security Bypass, Cross Site Scripting, Exposure of system information, Exposure of sensitive information, System access
SOFTWARE: Mozilla Firefox 3.x - http://secunia.com/advisories/product/19089/
DESCRIPTION: Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious, local users to potentially disclose sensitive information, and by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose sensitive information, or potentially to compromise a user's system.
Posted by Raven on Wednesday, February 04, 2009 @ 23:24:26 EST (871 reads) (Read More... | 3138 bytes more | Score: 0)
Mozilla Thunderbird Memory Corruption Vulnerabilities
SOFTWARE: Mozilla Thunderbird 2.x - http://secunia.com/advisories/product/14070/
DESCRIPTION: Some vulnerabilities have been reported in Mozilla Thunderbird, which can potentially be exploited by malicious people to compromise a user's system. For more information see vulnerabilities #1 and #2 in: SA33799 - The vulnerabilities are reported in versions prior to 2.0.0.21.
Posted by Raven on Wednesday, February 04, 2009 @ 23:14:35 EST (919 reads) (Read More... | 1151 bytes more | Score: 0)
Testers wanted for Tricked Out News Module
nuken writes "I need some people willing to give me some feed back on a News Mod I have been working on. Most of the bugs have been worked out. The News Mod has the following enhancements:
* NukeSEO Social Bookmarking * Posters Avatar in News Comment * News in Two Columns on home page * PDF export * Images and links for Printer Friendly, Email to Friend and PDF in home * And a few other small cosmetic changes. * XHTML compliant * RavenNuke(tm) 2.30.00 Tested
Posted by Raven on Monday, February 02, 2009 @ 19:39:38 EST (869 reads) ( | Score: 0)
PHPBB.com Hacked!!
Thanks to Testy1 for alerting me to this!
If you go to http://phpbb.com you will be greeted with this:
Maintenance
We are sorry to report that we have been attacked through a vulnerability in an outdated PHPList installation. phpBB.com and related sites will remain unavailable while we work to recover. No vulnerabilities have been found in the phpBB software itself.
You can download phpBB here: http://www.ohloh.net/p/phpbb
You can get support at the temporary support forums or on IRC: chat.freenode.net #phpbb
– the phpBB team
Read how it was done ...
Posted by Raven on Monday, February 02, 2009 @ 10:15:29 EST (13873 reads) (Read More... | 8668 bytes more | Score: 0)
Call of Duty 5 World at War Theme Released!
Mars writes "PortalThemes - Call of Duty 5 Theme Released
CoD5 is a gorgeous fast loading PHPNuke Theme designed for a Call of Duty Squad site.
Preview the CoD 5 Theme at the PortalThemes PHPNuke Themes test site (Select cod5 in the top left dropdown list.)
Includes a matching forum theme.
PSD file included for the header.