Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission Summary: 0 pending, 2 declined, 1 accepted (3 total, 33.33% accepted)

DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - Hundreds of Thousands of Microsoft Web Servers Hac (washingtonpost.com) 1

andrewd18 writes: "According to F-Secure, over 500,000 webservers across the world, including some from the United Nations and U.K. government, have been victims of a SQL injection. The attack uses an SQL injection to reroute clients to a malicious javascript at nmidahena.com, aspder.com or nihaorr1.com, which uses another set of exploits to install a trojan on the client's computer. As per usual, Firefox users with NoScript should be safe from the client exploit, but server admins should be alert for the server-side injection.

Brian Krebs has a decent writeup on his Washington Post Security Blog, Dynamoo has a list of some of the high-profile sites that has been hacked, and for fun you can watch some of the IIS admins run around in circles at one of the many IIS forums on the 'net."


Submission + - XenSource Inc. Aquired by Citrix

andrewd18 writes: "Citrix Systems, Inc. announced on Friday a definitive agreement to acquire XenSource, Inc. The press release emphasizes Citrix' continued interest in the growing virtualization market, particularly in the desktop sectors, but also touches on their strong relationship with Microsoft. Is this another embrace, extend, exterminate tactic?"

Submission + - New Tool Automates Webmail Account Hijacks (washingtonpost.com) 1

andrewd18 writes: "According to the Washington Post's Security Fix blog, a tool was debuted at the Black Hat conference that makes it simple to hijack webmail services over a wireless network. While the dangers of unencrypted data transfer on a public wireless network have been around for some time, this tool presents the first example of an automated webmail hijack. Since the tool uses a cookie based attack, it works whether or not the user changes his or her password. This tool could potentially automate the attack of any user on a wireless network, so long as the website the user logs into does not encrypt its login information."

Slashdot Top Deals

When the bosses talk about improving productivity, they are never talking about themselves.