Request for Google to remove links about you

Have you ever searched for your name on Google and saw just how easy it is for people to find out personal information about you?

Do you have personal information on the web that you would like deleted or hidden from Joe Schmo trying to find out about you?

Google has created an online form in which you can ask for the links to your personal data or posts to be removed from search results.

This form is a response to a European Commission ruling that people have “the right to be forgotten” online.

The EC has administered for Google to stop linking to anything that’s “inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed.”

The landmark privacy decision by the European Union Court of Justice emerged from a number of cases coming from the Spanish data protection authority in 2011.

This ruling applies across the EU, among those are web giants Google and Facebook.

Clearing Your Name

When you submit links that you would like to be removed, Google says it will,

“assess each individual request and attempt to balance the privacy rights of the individual with the public’s right to know and distribute information.”

A statement provided to CNET by Google, Floridi called the move “an exciting initiative, which will probably require some hard and rather philosophical thinking.”

Google has pledged to consider whether or not there is public interest in information about financial scams, professional malpractice, criminal convictions, and public conduct or government officials.

In order to ask for links to be removed, you have to supply the URL and request, provide your name, contact email address, and a copy of a photo ID.

You may put in a request on the behalf of another person, like a spouse, or an associate, to have their name removed from a link.

Once Google has reviewed your request and have removed the link, it will disappear from Google search results in all site across the EU.

There is a statement saying, Google’s lawyers are arguing that applying the EU ruling to US publications in Google’s US search results would be “absurd”.

So by deleting your name from the EU, are you really being deleted from the net?
 For more information, view this EU podcast below:


Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:
Published by Trenholm, Rich
You can now ask Google to remove links about you – C|Net
http://www.cnet.com/news/you-can-now-ask-google-to-remove-links-about-you/

Pelosi Saves NSA Phone Metadata Program!

The NSA's spying program was almost terminated by congress until San Francisco Representative Nancy Pelosi stepped up and saved it.  Nancy Pelosi, California's 12th district saves the NSA phone metadate program.  Pelosi worked to kill the Amash amendment to the 2014 Defense Appropriations Bill.  The Amash's amendment took away the funds of the NSA's domestic phone record program, which collects metadata on all called within the United States.

The slim margin of 205 to 217 almost passed.  Rep. Pelosi worked undercover to convince numerous Democrats to vote against the amendment.

Foreign Policy

Foreign policy also know as foreign relations, consists of interest strategies chosen by the state to safeguard it's national interests and to achieve its goals within the international relations millieu. - Wikipedia

According to Foreign Policy, a Democrat told publication, "Pelosi had meetings and made a plea to vote against the amendment.”

The aide also said the "“Pelosi had a big effect on more middle-of-the road hawkish Democrats who didn’t want to be identified with a bunch of lefties” in their favor was the gutting of funding that the NSA insists is key to protect the national defense.

Not surprisingly, the Democrat in favor of the NSA's surveillance programs, managed to split the Congresses decision in half.  Although, this split was not along the norm of party lines.  Both of the parties; Democrats and Republicans voted for as well as against the amendment.  Rep. Pelosi's district does make her vote and lobbying efforts very curious.  Nancy Pelosi is the single representative of San Francisco, which holds a large industry of technology and it's occupants.

Please visit http://www.hyphenet.com/blog/ for more posts on the latest technology and IT security news.

References:

Hey San Francisco, Your Rep. Pelosi Saved The NSA Phone Metadata Program - TechCrunch
http://www.hyphenet.com/blog/pelosi-saves-nsa-phone-metadata-program/



Be sure to follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest security threats.

Sandboxes Application Attacks: System Keeps on Advancing

[caption id="attachment_11397" align="alignleft" width="300"] Image courtesy of [Ventrilock] / FreeDigitalPhotos.net[/caption]In computer security, a sandbox is the surveillance structure for separating running programs.  Sandbox's are used to execute untested code, or suspicious programs from unknown third-parties, suppliers, and untrusted uses and websites.  Sandbox applications are on the attack and malware systems keep advancing outsmarting these applications.  Sandbox applications usually isolate threats and protect endpoints from malware attacks, the protection is not forceful enough against advanced malware attacks.

Rahul Kashyap, chief security architect of Bromium stated, "Outlined threat vectors sandboxes could not effectively block in a Pen-Tester's Perspective".  Not to say these sandboxes are not working, but pointing out the fact that people look at these sandboxes as fail-proof, so other security measures are often not considered.

It's as if a dead bolt lock on the front door of your home is going to keep all away.  Even if there is a home security alarm installed, burglars can still enter and rob you.

The Attack

Bromium labs grouped these attacks into two categories:

• One that bypasses the complete sandbox


• One that exploits to succeed without breaking the sandbox

The bypass techniques focus on exposing Windows OS and the sandbox itself.  The other includes post-exploitation scenarios, like keylogging, remote access, hijacking contents, screen scraping, stealing files, and getting into networking shares.

IT and network administrators shouldn't rely completely on sandboxes.  Administrators should continue to practice other security options to keep systems from vulnerabilities.   Executing malware within a sandbox is not safe, because malware is sophisticated enough to do severe damage to systems.

 Please visit http://www.hyphenet.com/blog/ for more posts on the latest technology and IT security news.

References:
Application Sandboxes Won't Stop Advanced Attacks: Research - Security Week
http://www.securityweek.com/application-sandboxes-wont-stop-advanced-attacks-research
July 24, 2013

Be sure to follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest security threats.

America's Building Serious Cybersecurity Framework

Everyday in this country we rely on infrastructures to get us from point A to B.  The bridge we cross to get to work, the elevator we take to get to the doctors and the school we take our children to for their education and

refinement.  Critical infrastructures are made up of bridges, power supply, medical facilities, telecommunications networks, and more.   More so now, we rely on cyber infrastructures like working on our laptop from home to have a business meeting.  Or Skyping with the grandparents that are across the country so they can see how big their grandchildren are getting.

In this day, the critical infrastructure relies on digital systems of calculation and communication, most widely known as "cyber."  We've all heard of those cyber criminals hacking into our computers.  Gather our personal information, getting into our emails, stealing our identity.  Our cyber infrastructure is under attack and it seems like no one knows what to do about it or how to stop it.  We are helpless and lost, our computers are being invaded with malware and viruses while we watch.  No worries though,  America is taking charge and building a critical infrastructure cybersecurity framework.

 

Land of the Great

In February, President Obama issued an executive order to improve cybersecurity.  He intends to promote better protection of the country's infrastructure from cyber attacks that are growing in our economy and national security.  This week, that executive order is taking place here in San Diego-home of ESET North America at the University of California, San Diego (UCSD) and the National Health Information Sharing and Analysis Center (NH-ISAC) are hosting the 3rd Cybersecurity Framework Workshop today July 10 until Friday, July 12, 2013.  The intent is to work with stakeholder to organize a voluntary framework for reducing cyber risks.

 

Executive Order 13636, Improving Critical Infrastructure Cybersecurity, has directed NIST to work with stakeholders to develop a voluntary framework for reducing cyber risks to critical infrastructures. This cybersecurity framework is being developed in an open manner with input from stakeholders in industry, academia, and government, including a public review and comment process, workshops, and other means of engagement. - National Institute of Standards and Technology (NIST)

 

The San Diego event will have sessions that go into the depths of cybersecurity functions and it's workings.

• Know – Gaining the institutional understanding to identify what systems need to be protected, assess priority in light of organizational mission, and manage processes to achieve cost effective risk management goals


• Prevent – Categories of management, technical, and operational activities that enable the organization to decide on the appropriate outcome-based actions to ensure adequate protection against threats to business systems that support critical infrastructure components.


• Detect –Activities that identify (through ongoing monitoring or other means of observation) the presence of undesirable cyber risk events, and the processes to assess the potential impact of those events.


• Respond – Specific risk management decisions and activities enacted based upon previously implemented planning (from the Prevent function) relative to estimated impact.


• Recover – Categories of management, technical, and operational activities that restore services that have previously been impaired through an undesirable cybersecurity risk event.

The next chapter is to observe the key categories and subcategories for the above functions.  They will examine the standards, guidelines, and practices for each suite and lower groups alike.  The US business and government agencies are hyper focusing on criminal hacking attacks and acts of cyber warfare, which is believed to be the work of state sponsored foreign agencies and home-grown hacktivist groups.   Online registration for the San Diego workshop is closed and already under way.  You may still register today at Madneville Auditorium, University of California, San Diego, 9500 Gilman Drive, La Jolla, California.

So know that America is seeing this epidemic of cyber criminals on the rise and we are doing something about it.  We are taking charge and fighting.

 

Image courtesy of [Victor Habbick] / FreeDigitalPhotos.net

References:
A cybersecurity framework to protect digital critical infrastructure
http://www.welivesecurity.com/2013/07/08/a-cybersecurity-framework-to-protect-digital-critical-infrastructure/
Published July 8, 2013

3rd Cybersecurity Framework Workshop, July 10-12, 2013, San Diego, CA
http://www.nist.gov/itl/csd/3rd-cybersecurity-framework-workshop-july-10-12-2013-san-diego-ca.cfm

What Jay-Z and Beyonce don't want to share with you.

The list of top celebrities and important political figures keep growing as their financial information is being compromised.  Jay Z, Beyonce, Britney Spears, Donald Trump, Kim Kardashian, Hillary Clinton, Joe Biden, and LAPD Chief Charlie Beck are among those unfortunate accounts.  This hacker posted detailed information about these VIP's giving up personal information and financial status.  The website in which all of the juicy info appeared with their social security numbers, mortgage amounts, credit card info, and other banking info available for the world to see.

The LAPD has already launched an investigation. The FBI is looking into it. - LAPD

They are giving viruses too

If you search for these celebrities watch out, they are giving out viruses too.  Cameron Diaz is the celebrity most likely to give you a computer virus.  You have a one in ten chance of stumbling upon these sites.  Here is a list of dangerous celebrities to research:

1. Cameron Diaz - 19% of sites and screensavers were identified as malicious.


2. Julia Roberts - 20% chance of downloading a photo or wallpaper burdened with malware.


3. Jessica Biel - Last years Most Dangerous Celebrity to look up.


4. Gisele Bundchen - Worlds highest paid supermodel, 15% results in spyware, malware or computer viruses.


5. Brad Pitt - Files can put adware or spyware on your computer.


6. Adriana Lima - Directs you to red-ranked sites.


7. Jennifer Love Hewitt - Risky downloadable websites.


8. Nicole Kidman - Take your chance if you want to but I wouldn't.


9. Tom Cruise - After Knight and Day, he's trouble to look up.


10. Heidi Klum - Cybercriminals used her to lure people to risky sites.


11. Penelope Cruz - Be aware of red sites if you search for Penelope.


12. Anna Paquin - Searching screensavers can lead you to tons of malware.

Please visit http://www.hyphenet.com/blog/ for more blog posts on the latest technology and IT security news.


Image courtesy of [chanpipat] / FreeDigitalPhotos.net

[via:Buzzfeed, TMZ]

Super Malware that Attacks Android Discovered

Android and security threats go almost hand in hand as new and imminent threats are discovered on almost a weekly basis in today’s market. However, there was no threat that could potentially uproot Google’s Android as one of the most popular mobile operating systems in the world. But all that is set to change now, as a new virus has been detected that is very advanced and attacks the Android operating system in a new and innovative way. Also, the code is a little hard to completely remove, and can potentially detract users from using Android in the future.

Deadly Characteristics of the Virus

When a security researcher performs an assessment of any malicious software, he or she considers the most dangerous traits of that malicious software. From that viewpoint, this is one of the most dangerous Android malware discovered. Firstly, the code is so complex that it looks almost like a code that is written for a Windows computer, or even more advanced. The code also uses obfuscation techniques to confuse the OS about its true nature, thus evading detection. But the most dangerous trait of this malware is that it has been programmed to resist attempts of uninstallation by the user.

Kaspersky Labs behind the Discovery

Kaspersky, a leading security products company, detected this malware in Android and said that is has the capability of single handedly bringing down the Android operating system. They also reported that this malware exploits vulnerabilities in the Android OS that were previously, quite literally unknown.

References:
Android super-malware discovered – Is Google's platform in peril ...

virusfreephone.com/.../android-super-malware-discovered-is-googles-pla...‎

View shared post

4 days ago – Android super-malware discovered – Is Google's platform in peril? ... Android Mobile Attacks Spreading Across The Globe, McAfee Finds ›.

Android super-malware discovered – Is Google's platform in ..

malware.rsspump.com/?...android-super-malware-discovered--is...‎

View shared post

4 days ago – Android super-malware discovered – Is Google's platform in peril? ... and anti- malware software in light of the recent malicious attacks across  ...

Security Flaw Found in Facebook Pages Manager App for Android

Facebook Patches Privacy Flaw In Pages Manager For Android ...

Over the weekend, Android Police received a tip about a serious privacy hole in Facebook Pages Manager for Android that made some privately uploaded photos public.   Shortly after  the details of this  issue went  public, Facebook Security got in touch ... a fix had been rolled out server-side, and noapp update was necessary.

 

Serious Privacy Flaw In Facebook Pages Manager ... - Android Police
www.androidpolice.com/.../serious-privacy-flaw-in-facebook-pages-man...‎

2 days ago – Update 5/26/13 11:30pm PT: Rory from Facebook Security has informed .... Facebook Pages Manager App Updated To 1.4 With Photo Albums, ...

Privacy Flaw Found in Facebook Pages Manager ... - Softpedia News
news.softpedia.com › News › Telecoms › Mobile Blog‎

1 day ago – Privacy Flaw Found in Facebook Pages Manager for Android. ... Facebook Messenger and Facebook Apps Updated on Android · Oppo Find 5 ...

Flaw in Facebook Pages Manager for Android makes your private messages public
http://tech2.in.com/news/android/flaw-in-facebook-pages-manager-for-android-makes-your-private-messages-public/874420

If you have Facebook’s Pages Manager application installed onto your Android devices to access your pages at any time of the day, you need to beware. If you plan on sending an image as a private message to a fan of your page, chances are that the image will get posted onto your wall for all your fans to see.

 

Malware Threat to ATMs

Malware has been a big threat to computers and there have been a lot of problems caused by this type of malicious software. As if that was not enough, a forensics and security threat firm has announced a threat that malware can be used to target ATMs. Group-IB, the firm that announced these findings, said that malware can be used to collect data from the ATMs or swiping machines, and hack into the bank accounts. According to the study, the malware stores the data and sends it to the hacker who planted the malware whenever a network connection is available for transmission.

A Few Researchers Disagree

While Group-IB discussed their findings, the Director of Research at the University of Alabama, Gary Warner, said that malware cannot be used in the way Group-IB is announcing. He said that ATM networks are secured at multiple levels and something as simple as malware cannot get through the layers of encryption and firewalls. Typically, malware tries to exploit the weaknesses in the security that protects a system.

Bank Networks Vulnerable from Inside

Warner added that banks don’t have to worry about the attacks from the outside. He said that banks should worry more about someone from the inside planting malicious software into the bank networks as that is where the vulnerability is at its highest. He said that an auto load malware can be inserted as easily as plugging in a USB drive into the computer.The jury is still out on whether malware can affect banks from the outside or not, but the question is how severe the repercussions will be in case malware does attack a bank network.

[via Bank Info Security]

Check Your WordPress Plugins: Social Media Widget Found to be Injecting Spam into Websites

WordPress website masters are being advised to update (or remove) the Social Media Widget plugin following the discovery that it was being misused to inject spam into websites it was installed on.

According to Sucuri Security, the malicious code that calls the URL, hxxp://i.aaur.net/i.php to inject “Pay Day Loan” spam links on the affected website was added to version 4.0 of the plugin, which was launched about 2 weeks ago.

A thread on plugin’s support forums reveals that the compromise was a result of the owner trusting the wrong developer.

The Social Media Widget plugin was removed from the WordPress Plugin repository after it was found to have been tampered with, but has since been reinstated following removal of the bad code in version 4.0.1.

However, the plugin is quite popular, and there’s no telling how many of the 900k websites it had already been installed upon were still at risk.

If you have the Social Media Widget plugin installed on your WordPress website, it is strongly advised that you:

• Update or remove the plugin immediately.


• Run your site through Sucuri’s SiteCheck scanner (free) to verify that your website is clean.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Old "Is Human" WordPress Plugin Still on Cybercriminals' Hit List

Just because something isn’t readily available anymore doesn’t necessarily mean that someone isn’t out there searching for it.

Take the “Is Human” WordPress plugin, for example.

It’s no longer available for download, no longer supported by its developers, and yet cybercriminals are still scanning websites hoping that someone still has it installed.

Why? Because versions 1.4.2 and earlier suffer from a remote command execution vulnerability. Below is a write-up from the corresponding exploit-db entry:

The vulnerability exists in /is-human/engine.php.

It is possible to take control of the eval() function via the 'type' parameter, when the 'action' is set to log-reset. From here we can run out own code.

In order to avoid any errors we point the $is_hum->get_* array variable into $is_hum->get_ih and to close the execution without error we point it to php stored function error_log(). In between we may place our own php code and use the passthru() function to execute commands.

Execution running the linux whoami command:

http://server/wp-content/plugins/is-human/engine.php?action=log-reset&type=ih_options();passthru(whoami);error

We recently experienced attempts to exploit said vulnerability on our website, all of which failed because we don't use this plugin - not to mention they used the incorrect filepath. All attempts originated from the same (U.S.-based) IP address:

/blog/2013/02/01/hackers-still-scanning-for-vulnerable-timthumb-scripts/wp-content/plugins/is-human/engine.php?action=log-reset&error&eval(base64_decode(JHM9cGhwX3VuYW1lKCk7Cm
VjaG8gJzxicj4nLiRzOwoKZWNobyAnPGJyPic7CnBh
c3N0aHJ1KGlkKTsK))&type=ih_options()

The  base64_ decoded text is:

$s=php_uname();
echo '<br>'.$s;

echo '<br>';
passthru(id);

Obviously this post serves as a warning to anyone that may still have this plugin installed on their WordPress website. Cybercriminals will attempt to exploit any vulnerability – old or new – to cause mischief and mayhem.

WordPress is a popular CMS, and it’s important that anyone running it keeps the platform and any installed plugins up-to-date.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

Is The PICA Photo Gallery Plugin for WordPress Leaving Your Website Vulnerable?

It seems as though our post warning users about the old TimThumb vulnerability caught a lot of attention as we noticed an uptick in the number of site scans.

Now, this could simply mean that the scripts used to automatically scan for TimThumb files have a difficult time distinguishing a URL path mentioned in a blog from an actual file. However, there was one Russian-based IP that seemed to try harder than others to find a vulnerability to exploit, and one file path in particular happened to catch my eye:

/wp-content/plugins/pica-photo-gallery/picaPhotosResize.php

As you can see, the attacker was looking for a file by the name of picaPhotoResize.php, which is associated with the PICA Photo Gallery Plugin for WordPress. (Not installed)

It turns out that the PICA Photo Gallery Plugin for WordPress suffers from not one, but two vulnerabilities that can be exploited to disclose sensitive information or upload malicious files.

These security flaws were discovered back in June of 2012, and there’s no indication that they were ever fixed - a disappointment considering this is a $50 plugin!

From Secunia Advisory SA49467:

1)  Input passed to the "imgname" parameter in wp-content/plugins/pica-photo-gallery/picadownload.php is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks.

2) An error due to the wp-content/plugins/pica-photo-gallery/picaPhotosResize.php script allowing the upload of files with arbitrary extensions to a folder inside the webroot can be exploited to execute arbitrary PHP code by uploading a malicious PHP script.

The above vulnerabilities were confirmed in PICA Photo Gallery version 1.0, but later versions may be affected. The latest version is 1.3 at the time of writing.

Solutions

To protect their site, PICA Photo Gallery users are advised to:

• Edit the source code for picadownload.php to ensure that input is properly verified.


• Restrict access to the wp-content/plugins/pica-photo-gallery/picaPhotosResize.php script (e.g. via .htaccess).

Or just remove the plugin altogether.

I’ve reached out to the developers of this plugin to find out if these vulnerabilities were ever addressed, and when users can expect a patch if not. I’ll update this post when I hear back. Until then, watch out for hack attempts!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

(Updated) Hackers Still Scanning for Vulnerable TimThumb Scripts

If you have a website running on WordPress, make sure you check your themes and plugins for the TimThumb script, and if you find it make sure you’re running the latest version (2.8.11 at time of this writing).

For the uninitiated, TimThumb is a PHP script used to resize images, and is integrated into hundreds of WordPress themes.

Unfortunately, a security flaw was discovered within TimThumb in 2011, leaving millions of WordPress powered websites vulnerable to attack. The vulnerability was fixed (in version 1.33, I believe); however, some websites may still be at risk if they were never updated.

Judging by scans we’ve seen on our own blog, it would appear that cybercriminals are still hunting for websites with plugins or themes using outdated versions of TimThumb:

Plugins

/wp-content/plugins/cac-featured-content/timthumb.php
/wp-content/plugins/category-grid-view-gallery/includes/timthumb.php
/wp-content/plugins/category-list-portfolio-page/scripts/timthumb.php
/wp-content/plugins/cms-pack/timthumb.php
/wp-content/plugins/dp-thumbnail/timthumb/timthumb.php
/wp-content/plugins/extend-wordpress/helpers/timthumb/image.php
/wp-content/plugins/islidex/js/timthumb.php
/wp-content/plugins/kino-gallery/timthumb.php
/wp-content/plugins/lisl-last-image-slider/timthumb.php
/wp-content/plugins/really-easy-slider/inc/thumb.php
/wp-content/plugins/rent-a-car/libs/timthumb.php
/wp-content/plugins/verve-meta-boxes/tools/timthumb.php
/wp-content/plugins/vk-gallery/lib/timthumb.php
/wp-content/plugins/wp-marketplace/libs/timthumb.php

Themes

/wp-content/themes/13Floor/timthumb.php
/wp-content/themes/advanced-newspaper/timthumb.php
/wp-content/themes/Aggregate/thumb.php
/wp-content/themes/Aggregate/timthumb.php
/wp-content/themes/AmphionPro/script/timthumb.php
/wp-content/themes/aperture/thumb.php
/wp-content/themes/aperture/timthumb.php
/wp-content/themes/arras/library/timthumb.php
/wp-content/themes/arras-theme/library/timthumb.php
/wp-content/themes/Avenue/timthumb.php
/wp-content/themes/backstage/thumb.php
/wp-content/themes/backstage/timthumb.php
/wp-content/themes/Basic/timthumb.php
/wp-content/themes/biznizz/thumb.php
/wp-content/themes/biznizz/timthumb.php
/wp-content/themes/Bold/timthumb.php
/wp-content/themes/boldnews/thumb.php
/wp-content/themes/boldnews/timthumb.php
/wp-content/themes/broadcast/thumb.php
/wp-content/themes/bt/includes/timthumb.php
/wp-content/themes/bueno/thumb.php
/wp-content/themes/bueno/timthumb.php
/wp-content/themes/busybee/thumb.php
/wp-content/themes/busybee/timthumb.php
/wp-content/themes/c3/thumb.php
/wp-content/themes/cadabrapress/scripts/timthumb.php
/wp-content/themes/canvas/thumb.php
/wp-content/themes/canvas/timthumb.php
/wp-content/themes/CFWProfessional/timthumb.php
/wp-content/themes/Chameleon/timthumb.php
/wp-content/themes/city/scripts/timthumb.php
/wp-content/themes/cityguide/timthumb.php
/wp-content/themes/coda/thumb.php
/wp-content/themes/coffeebreak/thumb.php
/wp-content/themes/coffeebreak/timthumb.php
/wp-content/themes/coffeedesk/includes/timthumb.php
/wp-content/themes/comfy%20pro/thumb.php
/wp-content/themes/continuum/thumb.php
/wp-content/themes/continuum/timthumb.php
/wp-content/themes/crisp/thumb.php
/wp-content/themes/crisp/timthumb.php
/wp-content/themes/cruz/scripts/timthumb.php
/wp-content/themes/dailyedition/thumb.php
/wp-content/themes/dandelion_v2.6.1/functions/timthumb.php
/wp-content/themes/dandelion_v2.6.3/functions/timthumb.php
/wp-content/themes/dandelion_v2.6.4/functions/timthumb.php
/wp-content/themes/dcric/scripts/timthumb.php
/wp-content/themes/DeepBlue/timthumb.php
/wp-content/themes/deep-blue/timthumb.php
/wp-content/themes/DeepFocus/thumb.php
/wp-content/themes/DeepFocus/timthumb.php
/wp-content/themes/delegate/thumb.php
/wp-content/themes/delegate/timthumb.php
/wp-content/themes/delicate/thumb.php
/wp-content/themes/delicate/timthumb.php
/wp-content/themes/DelicateNews/timthumb.php
/wp-content/themes/deliciousmagazine/thumb.php
/wp-content/themes/deliciousmagazine/timthumb.php
/wp-content/themes/delight/scripts/timthumb.php
/wp-content/themes/develop/thumb.php
/wp-content/themes/diarise/thumb.php
/wp-content/themes/digitalfarm/thumb.php
/wp-content/themes/directory/timthumb.php
/wp-content/themes/dualshockers2/thumb.php
/wp-content/themes/duotive-three/includes/timthumb.php
/wp-content/themes/EarthlyTouch/timthumb.php
/wp-content/themes/eBusiness/timthumb.php
/wp-content/themes/ecobiz/timthumb.php
/wp-content/themes/editorial/thumb.php
/wp-content/themes/ElegantEstate/thumb.php
/wp-content/themes/ElegantEstate/timthumb.php
/wp-content/themes/eNews/thumb.php
/wp-content/themes/eNews/timthumb.php
/wp-content/themes/envision/thumb.php
/wp-content/themes/ephoto/thumb.php
/wp-content/themes/ePhoto/timthumb.php
/wp-content/themes/equator/timthumb.php
/wp-content/themes/eStore/timthumb.php
/wp-content/themes/Event/timthumb.php
/wp-content/themes/Feather/timthumb.php
/wp-content/themes/flashnews/thumb.php
/wp-content/themes/freshnews/thumb.php
/wp-content/themes/G6Feature/includes/thumb.php
/wp-content/themes/gallant/thumb.php
/wp-content/themes/gazette/thumb.php
/wp-content/themes/gazette/timthumb.php
/wp-content/themes/Glow/timthumb.php
/wp-content/themes/GrungeMag/timthumb.php
/wp-content/themes/headlines/thumb.php
/wp-content/themes/headlines/timthumb.php
/wp-content/themes/headlines_enhanced_v2/thumb.php
/wp-content/themes/idris/images/timthumb.php
/wp-content/themes/impacto/thumb.php
/wp-content/themes/insignio/images/timthumb.php
/wp-content/themes/InterPhase/timthumb.php
/wp-content/themes/kingsize/timthumb.php
/wp-content/themes/lifestyle/thumb.php
/wp-content/themes/LightBright/timthumb.php
/wp-content/themes/Linepress/timthumb.php
/wp-content/themes/livewire/thumb.php
/wp-content/themes/mademan/scripts/timthumb.php
/wp-content/themes/Magnificent/thumb.php
/wp-content/themes/manifesto/scripts/timthumb.php
/wp-content/themes/Max/thumb.php
/wp-content/themes/Memoir/thumb.php
/wp-content/themes/mimbo/scripts/timthumb.php
/wp-content/themes/mimbopro/scripts/timthumb.php
/wp-content/themes/minecraftapps.com/scripts/timthumb.php
/wp-content/themes/mini-lab/functions/timthumb.php
/wp-content/themes/Modest/thumb.php
/wp-content/themes/Modest/timthumb.php
/wp-content/themes/modularity/includes/timthumb.php
/wp-content/themes/modularity2/includes/timthumb.php
/wp-content/themes/multidesign/scripts/timthumb.php
/wp-content/themes/muse/scripts/timthumb.php
/wp-content/themes/myjourney/thumb.php
/wp-content/themes/myjourney_3.1/thumb.php
/wp-content/themes/MyProduct/timthumb.php
/wp-content/themes/NewsPro/timthumb.php
/wp-content/themes/Nova/timthumb.php
/wp-content/themes/Nyke/timthumb.php
/wp-content/themes/ocram_2/thumb.php
/wp-content/themes/optimize/thumb.php
/wp-content/themes/optimize/timthumb.php
/wp-content/themes/OptimizePress/timthumb.php
/wp-content/themes/overeasy/timthumb.php
/wp-content/themes/pearlie_14%20dec/scripts/timthumb.php
/wp-content/themes/PersonalPress/timthumb.php
/wp-content/themes/photoria/scripts/timthumb.php
/wp-content/themes/photo-workshop/includes/timthumb.php
/wp-content/themes/Polished/timthumb.php
/wp-content/themes/postcard/thumb.php
/wp-content/themes/premiumnews/thumb.php
/wp-content/themes/premiumnews/timthumb.php
/wp-content/themes/productum/thumb.php
/wp-content/themes/profitstheme/thumb.php
/wp-content/themes/prosto/functions/thumb.php
/wp-content/themes/PureType/timthumb.php
/wp-content/themes/purevision/scripts/timthumb.php
/wp-content/themes/Quadro/timthumb.php
/wp-content/themes/redlight/includes/timthumb.php/coffeebreak/thumb.php
/wp-content/themes/Reporter/timthumb.php
/wp-content/themes/retreat/thumb.php
/wp-content/themes/rockstar/thumb.php
/wp-content/themes/rockwell_v1.5/scripts/timthumb.php
/wp-content/themes/rt_crystalline_wp/thumb.php
/wp-content/themes/rt_panacea_wp/thumb.php
/wp-content/themes/rt_syndicate_wp/thumb.php
/wp-content/themes/sealight/thumb.php
/wp-content/themes/SimplePress/timthumb.php
/wp-content/themes/simplicity/thumb.php
/wp-content/themes/simplicity/timthumb.php
/wp-content/themes/skeptical/thumb.php
/wp-content/themes/skeptical/timthumb.php
/wp-content/themes/snapshot/thumb.php
/wp-content/themes/snapshot/timthumb.php
/wp-content/themes/spectrum/thumb.php
/wp-content/themes/spectrum/timthumb.php
/wp-content/themes/telegraph/scripts/timthumb.php
/wp-content/themes/TheCorporation/timthumb.php
/wp-content/themes/themorningafter/thumb.php
/wp-content/themes/TheProfessional/timthumb.php
/wp-content/themes/therapy/thumb.php
/wp-content/themes/TheSource/timthumb.php
/wp-content/themes/thestation/thumb.php
/wp-content/themes/thestation/timthumb.php
/wp-content/themes/TheStyle/timthumb.php
/wp-content/themes/tma/thumb.php
/wp-content/themes/Transcript/thumb.php
/wp-content/themes/Transcript/timthumb.php
/wp-content/themes/tribune/scripts/timthumb.php
/wp-content/themes/typebased/thumb.php
/wp-content/themes/typebased/timthumb.php
/wp-content/themes/u-design/scripts/timthumb.php
/wp-content/themes/vibrantcms/thumb.php
/wp-content/themes/vulcan/timthumb.php
/wp-content/themes/watercolor/includes/timthumb.php
/wp-content/themes/waves/functions/timthumb.php
/wp-content/themes/welcome_inn/timthumb.php
/wp-content/themes/WhosWho/timthumb.php
/wp-content/themes/widescreen/includes/timthumb.php
/wp-content/themes/wootube/thumb.php
/wp-content/themes/wp-clear-prem/scripts/timthumb.php
/wp-content/themes/WPCMS2/scripts/timthumb.php
/wp-content/themes/zenko/scripts/timthumb.php

Not Sure If Your Site is Vulnerable?

There are two methods you can use to check your site:

• Use the TimThumb Vulnerability Scanner plugin to check if your site is running a vulnerable version of TimThumb. This plugin will scan your entire wp-content folder, including plugins, themes and uploads.


• Manually scan your wp-content folder for any 'timthumb.php' or 'thumb.php' files.

How to Update TimThumb

Should you happen to find a vulnerable version of TimThumb on your site, here are some easy-to-follow instructions that will guide you through the update process.

As a side note, I recommend doing a little research to beef up the security on any WordPress websites you may be running. Here’s a pretty good list of 25 Essential Security Plugins + Tips.

List last updated: 2/7/2013

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

Hackers Use Exploit Tool to Compromise Joomla and WordPress Websites

The Internet Storm Center is advising Joomla & WordPress website administrators to keep their CMS installations up-to-date as cybercriminals are attacking sites using a tool “that's basically firing a bunch of Joomla and Wordpress exploits at a given server and hoping something hits.”

“Right now it seems the biggest pain is around Joomla users, particularly with extensions which greatly increase the vulnerability footprint and the one thing helping WordPress is the really nice feature of 1-button upgrades (and upgrades which don't tend to break your website).”  John Bambenek wrote on the ICS blog.

Malicious iframes are injected into compromised websites, putting site visitors at risk of having fake antivirus software installed on their machine.

For the uninitiated, fake antivirus allows the attackers to generate revenue by pretending to scan the affected system & produce a list of non-existent malware infections that it offers to remove for a fee.

The domains loaded in the injected iFrames change frequently, but they typically end in "/nightend.cgi?8". Two IP addresses identified to be frequent offenders in this attack are 78.157.192.72 and 108.174.52.38.

That being said, if you have a website running on WordPress or Joomla, it is strongly recommended that you upgrade to the latest version and do your best to keep your CMS current. You may also want to search the web for tips on how to improve website security & minimize the chances of an attacker successfully breaking into your site.

If your site has already been hit, these sites offer instructions on how to clean up the mess:

• Is Your Joomla Site Hacked? & How to Fix It!


• FAQ My [WordPress] site was hacked

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+