Email Changes

Ran across a site where if one changes the email address associated with the account, it sends the confirmation email to the new address. Say, I am a Blackhat and used a phishing attack to get the password for the account. Having legitimately logged in, I then change the email address associated with it from victim@outlook.com… Continue reading Email Changes

Just Get Rid of Java

Apparently there are security flaws in the current version of Java allowing the installation of malicious software through web browsers unknown to the user. The known attacks using this flaw work on Windows, OSX, and Linux. According to Reuters: Java was responsible for 50 percent of all cyber attacks last year in which hackers broke… Continue reading Just Get Rid of Java

DDoS of Social Media

Twitter, Facebook, LiveJournal and other sites all admitted to suffering from a DDoS attack. It seem to me the purpose of a Denial-of-Service attack (DoS) against a web site is to flood it with so much traffic the site becomes unusable. The DDoS is where multiple other computers are coordinated into launching the attack. All… Continue reading DDoS of Social Media

LMS Security

This morning there was a flurry of effort to locate an article called “Hacking WebCT.” My coworker was able to locate it. We were disappointed.  The main points of the article were: Lazy administrators make compromising user accounts easy. Lazy instructors make getting questions for assessments easy. These apply to any LMS. So, here is some… Continue reading LMS Security

Recovering Pictures

William borrowed my camera to go on his honeymoon. He also lost the photos with a poorly timed crash & drive reformat. So he wants to borrow the card and recover the data. Thankfully I have not used the camera since he returned it despite thinking I should. Luckily I ran across A Computer Repair… Continue reading Recovering Pictures

Blackboard Learn Password Changes

Normally when presenting the opportunity to change a password, a user is required to provide the current password in addition to the new. It ensures the one changing the password already knows the password.  According to Olaf Ritman, Blackboard Academic Suite 6, 7, 8 and Learn 9 ignore asking for the current password. Can anyone with… Continue reading Blackboard Learn Password Changes

Recap of Vista Stuff

It has been a hectic week. A recap… Java certificate fix – Yesterday, August 23rd, the certificate distributed in various Java applets expired. The community discovered the issue and informed Blackboard who put out a fix for the more current products on August 15th. Many customers are leery of having such little lead time to… Continue reading Recap of Vista Stuff

Pointless

So I wanted to open a support ticket. However, in thinking about what I can ask for the company to do arrayed against what they are willing to offer for support, I realized… I am not going to get a resoultion for the ticket. It is functioning as designed. They are just going to tell… Continue reading Pointless