Researchers have discovered a botnet consisting of web servers being used to launch devastating denial-of-service (DDoS) attacks against a Dutch ISP.

Servers provide a greater amount of bandwidth power to launch an attack than PCs. Additionally, malware can remain undetected for a longer period  on servers, since many do not have anti-virus software installed on them.

An attacker by the name of “Exeman” has infected around 400 web servers with a simple 40-line PHP script, which includes a malicious application that can be used to launch DDoS attacks.

The application provides a dashboard and control panel that can be used to input the URL of an intended target and configure the IP, port and duration of the attack. It is suspected that the attacker may have leveraged a common flaw, called a remote file inclusion vulnerability, to compromise the servers.

In nearly one out of every three attacks, hackers were able to disrupt service. Many organizations incurred millions of dollars in losses for each hour online services were down.

Ref: http://www.scmagazineus.com/servers-hacked-to-launch-more-powerful-dd...

Google, the world's largest Internet search engine, did not specify what kind of data it collected, but it is suspected that email content and passwords for many users, as well as general Web surfing activity, could easily have been caught in Google's dragnet.

Google said the collection of data was a simple mistake resulting from a piece of computer code that was accidentally included from an experimental project using Google's Street View cars which are well known for crisscrossing the globe and taking panoramic pictures of the city streets, which the company displays in its Maps product.

Collecting the WiFi data was unrelated to the Google Maps project, and was done so that Google could collect data on WiFi hotspots that can be used to provide separate location-based services.

"As soon as we became aware of this problem, we grounded our Street View cars and segregated the data on our network, which we then disconnected to make it inaccessible," Google's Eustace said.

The company said on Friday that it is currently in touch with regulators in several countries, including the United States, Germany, France, Brazil and Hong Kong, about how to dispose of the data, which they say they never used.

Ref: http://www.reuters.com/article/idUSTRE64D60E20100514

Researchers recently spotted a hacker named Kirllos selling Facebook user names and passwords in an underground hacker forum, but what really caught their attention was the volume of credentials he had for sale: 1.5 million accounts.

However they are not sure if those accounts for sale are legitimate. If they are legitimate, he has the account information of about one in every 300 Facebook users!!

The price varies from $25 to $45 per 1,000 accounts, depending on the number of contacts each user has.

Facebook has more than 400 million users worldwide, many of whom fall victim to scams each day.

In one such scam, criminals sent out messages from a compromised account, telling friends that the account's owner is trapped in a foreign country and needs money to get home. In another, they sent links that lead to malicious software, telling friends that it's a hilarious or sensationalistic video.

Ref: http://www.computerworld.com/s/article/9175936/1.5M_stolen_Facebook_I...
Ref: http://economictimes.indiatimes.com/infotech/software/15-mn-Facebook-...

A flaw in twitter allowed users to add ANYONE as a follower of their tweets.

Normally, the other person has to initiate such "following."

This is how it is done.

Many people actually went ahead and added a number of celebrities as their followers. The best part is that these celebrities actually did become their followers and received the tweets from people who had fraudulently added them as followers!!

As word of the hack spread, the panic grew increasingly high, escalating when Twitter temporarily reset everyone's followers count to zero.

Ref: http://bits.blogs.nytimes.com/2010/05/10/twitter-software-bug-exploit...
Ref: http://news.yahoo.com/s/ap/20100510/ap_on_hi_te/us_tec_twitter_glitch
Ref: http://news.softpedia.com/news/Twitter-Bug-Allowed-Users-to-Forcefull...

Splunk has 1,750 customers including BT, Cisco, LikedIn, Nasa, Visa and the US Department of Energy. 
Its software is downloaded from the web and is used as a search, monitor and reporting tool that crawls through the raw data on applications, hardware 
and network systems.

The passwords of customers on Splunk.com were revealed after some debug information leaked on to its production servers. 
The debug code exposed users passwords to Splunk.com as clear text!!

Splunk has reset all affected users passwords.

The interesting part is a survey of web users' habits in the UK alone in January found 46 per cent use the same password for most web-based accounts.

Ref:http://www.theregister.co.uk/2010/04/26/splunk_passwords_revealed/