Lenovo's Pre-Installed Adware Might Let Hackers Hijack Your Browser

Leave a Comment

Lenovo's Pre-Installed Adware Might Let Hackers Hijack Your Browser

Lenovo's getting into a new vertical: delivering you Adware that can let hackers access your browser! :  The Computer manufacture company Lenovo's pre-installed Adware  actually intercepts to your Web Traffic to your web traffic to insert more advertisements in the page you are accessing.

And even if you visit highly secured websites it uses self signed certificate to decrypt your web traffic to insert more relevant advertisements without your permission.

And now the attackers can abuse this Adware and can hijack victim’s web traffic. And The mozilla firefox is most effected in the Lenovo's New Computers.

Installing New Operating system on your Lenovo laptop/machine should remove this Adware entirely.

The Company Super fish is just breaking https just to serve targeted ads to targeted customers!!!!! But little did they know they hackers can abuse this to hack victim’s Web Traffic.

13000+ Passwords of Amazon and Walmart Users leaked by Hackers

Leave a Comment
Anonymous have leaked more than 13000 Passwords of the most famous websites like Amazon, Xbox and PlayStation network

Passwords of Amazon, Walmart and PlayStation Users leaked by Hackers

13000+ Passwords of Amazon, Walmart and Brazzers Users leaked by Hackers
 Passwords of Amazon, Walmart and Brazzers Users leaked by Hackers  
Hackers have published the passwords on the text document on GhostBin (its removed now). And that text document contains sensitive information like Username, passwords and Credit cards details.

Somehow 13000+ passwords is not the big passwords leak compared to the millions passwords leak. 

Here is the list of the websites whose passwords has been leaked.

Amazon
Dell
PlayStation
XboxLive 
etc..

How to secure yourself from this kind of leaks ?

To be safer from this kind of passwords leaks make sure you change your passwords at least once a week and don't use the same passwords for social media, Banking and online shopping sites.
Be Secure Be Happy! 

100,000+ WordPress Websites infected By SoakSoak Malware

Leave a Comment

More than 100,000+ WordPress Websites infected By Malware

More than 100,000 WordPress Websites infected By SoakSoak Malware
More than 100,000 WordPress Websites infected By SoakSoak Malware

WordPress is the Best Content Management System (CMS) and number of bloggers and internet marketers uses WordPress CMS for their blog because of its simplicity and awesomeness.

But Recently more than 100,000 WordPress websites/blogs are affected by the SoakSoak Malware. And millions of websites on the internet are currently using WordPress and this Malware can be the great threat.

How to know whether your WordPress websites are infected by SoakSoak Malware ?

Once you are infected with this Malware then you might experience some unexpected redirection to SoakSoack.ru and you will end up downloading malicious files in your computer without your knowledge. 

Google (The Search Engine giant) has added more than 10,000+ WordPress websites to their blacklisted sites to protect the users and that can effect the revenue of the website owners.

What dose SoakSoak Malware do to your WordPress Website/blog ?

SoakSoak Malware do to your WordPress Website/blog


The SoakSoak Malware simply modifies the php file located at wp-includes/template-loader.php and then it will add malicious JavaScript code named "swobject.js"and it will load everytime the user opens your site.

Critical CSRF flaw in Blogger that allows to write posts on any Blog [Fixed]

Leave a Comment

Critical CSRF flaw in Blogger

Critical CSRF flaw in Blogger that allows to write posts on any Blog
Critical CSRF flaw in Blogger that allows to write posts on any Blog 

Blogger is the most famous Blogging platform and almost all the bloggers starts blogging from the blogger platform. But One Egyptian security expert have found the most critical Vulnerability in the Blogger.com!

Egyptian security expert Mazen Gamal Mesbah have Found Cross Site Request Forgery (CSRF) in Publishing the new articles on any blog powered by blogger. All the blogger blogs where vulnerable to this critical CSRF flow.

Checkout GitHub Bug Bounty Program 

By Exploiting this Critical CSRF in Blogger an attacker can publish any type of content on on blog that runs on blogger platform.

The only thing needed to publish a content on any blog is blogger id and its very easy to get blogger id of any blog.

Video Proof of concept of this Critical Blogger Vulnerability




Blogger is owned by the Google and Google have a Bug Bounty Program using which information security researchers can submit the vulnerability and get rewarded by them.

Timeline Of Vulnerability Reported to Google.


2/9/2014 - Vulnerability was found by the information security researcher
2/9/2014 - Got positive response from Google Security team.
3/9/2014 - Critical CSRF on Blogger fixed by the Google Security Team
4/9/2014 - Security Researcher Received $3133.7 reward from Google.

How to Create Password Protected post in WordPress

Leave a Comment
Hey, if you are a blogger having blog on WordPress and if you want to share the content with only selected person then you have to set the password for that post and all you have to do is to share your password with whom you want to share your post! Sounds interesting right ? so, in this article i am going to show you how to create password protected posts (articles) in WordPress.


Follow the simple steps to create password protected posts in WordPress.

1. login into your WordPress blog
2. Go to Posts –> Add New
3.  Now click visibility and change it to password protected.
Create-Password_protected-post in wordpress 4. Now just Hit ok and you have done!


5. Just share the link and the password with those people you want to share your content. If you have any question then feel free to ask!