Monthly Archives: May 2008

Google "I'm Feeling Lucky" Spam Update

These guys don’t give up do they.

New phrase:
inurl:expressmediroad

They are trying to get you to visit expressmediroad.com, not a good idea to go there by the way. As usual they will be trying to sell you fake pills, usually sugar pills.

Spammers Abusing Google’s “Im Feeling Lucky”

Debian/Ubuntu OpenSSL Vulneribility

Well if you use Debian or Ubuntu is would suggest looking into that conf, apparently PRNG (Pseudo Random Number Generator) is predictable and installing a patch isn’t good enough to fix this problem. After installing the patch you will need to regenerate your keys.

All OpenSSH and X.509 keys generated on such systems must be considered untrustworthy, regardless of the system on which they are used, even after the update has been applied.

USN-612-1: OpenSSL vulnerability
DSA-1571-1 OpenSSL – Predictable Random Number Generator

Google Adwords Phishing

Someone is now targeting Google Adwords users in an attempt to gain access to their accounts. I Received the following email today:

Dear Google AdWords Customer,

We were unable to process your payment.
Your ads will be suspended soon unless we can process your payment.
To prevent your ads from being suspended, please update your payment information.

Please sign in
to your account at http://adwords.google.com/select/login,
and update your payment information.

This message was sent from a notification-only email address that does
not accept incoming email. Please do not reply to this message.

Just a word to the wise it’s old fashioned phishing using a subdomain when you click on the URL in the message. When you lick the link it takes you to:
http://www.adwords.google.com.aoplk.cn/select/Login

The above URL presents a page that looks like the Google Adwords login. So watch out for it webmasters cause they are just trying to own your account.