Monster.com confirmed this week that it took down a portion of its online job search service after attackers hacked the site and used it to feed exploits to visitors.
The company did not, however, explain how the hackers were able to hijack the site.
At the start of this week, researchers began reporting the attacks after detecting IFrame exploits on several Monster.com pages as well as attacks by a multi-exploit hacker tool kit originating from those pages.
By Monday evening, the Monster Company Boulevard, a section of the site that lets job hunters research firms and search for positions by company, was dark. Among the major US companies represented on the Boulevard are Boeing, Dow, Microsoft, Starbucks and Wal-Mart.
Job seekers who used that portion of Monster.com before the site was yanked were attacked by Neosploit, an exploit tool kit similar to the better-known Mpack, said Roger Thompson, chief technology officer at Exploit Prevention Labs. "A typical infective URL was http://company.monster.com/toyfs/, which is Toyota [Financial's section]," said Thompson in an instant message exchange Monday night. "Or http://company.monster.com/bestbuy, which is Best Buy's."
The injection of the malicious IFrame code into the Monster.com site probably happened Monday, he added. "It was interesting that we got five or so hits in the space of a few hours today, but none before that. I think it happened [Monday]," he said.
Like many other IFrame exploits, this one silently redirected users' browsers to another site hosting Neosploit. At least one of the exploit sites Thompson identified has a connection to the notorious Russian Business Network (RBN), the hacker and malware hosting network that recently shifted operations to China, then mysteriously abandoned the IP blocks it had acquired there.
The IP address of the exploit site is assigned to a server in Australia that is part of the "myrdns.com" domain, which, in turn, is registered to a Hong Kong Internet service provider called HostFresh Internet. Both HostFresh and myrdns.com have been linked to RBN activities, including the long-running IFrame Cash scheme, in which RBN pays website owners a commission for injecting IFrame exploits on other sites.
According to an anonymous blogger who tracks the RBN, other myrdsn.com/HostFresh IP addresses were involved in the Bank of India hack.
On Monday afternoon, Thompson said he had just started digging into the Monster.com hack. "It is not clear how many pages were affected, but it is likely that the attack was the same for all companies on the site, which might turn out to be a pretty good set of the Fortune 500," he said on his blog.
On Tuesday, Monster.com acknowledged the attacks but downplayed their extent. "A malicious attack inserted code into [some] pages, which could cause certain unprotected computer systems to download a virus," said Steve Sylven, Monster's public relations manager, in an email Tuesday afternoon.
"The virus is detectable by most major antivirus software, and this issue should not affect users running Windows with the most recent security updates from Microsoft. In addition, we believe only an extremely small percentage of those using the site this week were potentially exposed prior to those pages being cleaned."
Monster declined to answer questions about when the attack started, how many pages had been compromised or how the hackers gained entry to the site. It did, however, point a finger of sorts at the RBN, although it did not name it. "Because we believe this malware originated with an online crime group that targets leading web properties, we are providing as much information as possible about this situation to the appropriate law enforcement officials," Sylven added.
Monster.com last made security news in August, when it acknowledged that hackers had looted its database for weeks, perhaps for months, then used that information to craft and send targeted emails that pitched money laundering jobs or tried to trick recipients into downloading malware.
As it did then, Monster said on Tuesday that it is beefing up site security. "We remain committed to protecting our customers and site visitors," Sylven said. "We continue to reinforce our security systems every day as we respond to the constantly shifting security issues on the internet."
Are you a dissatisfied Airtel or Vodafone customer? Then, here is news for you. According to the latest report by the Telecom Regulatory Authority of India (TRAI), Bharti Airtel has the largest number of points of interconnection (POI) having congestion followed by rival Vodafone.Interconnection between networks not very effective, which leads to loss of calls and deterioration in service quality
Bharti Airtel and Vodafone are the most congested networks according to the Telecom Regulatory Authority of India (TRAI).
This means that users of these networks face difficulty while communicating with a user of another network. It also shows that the interconnection between the two networks is not very effective, which leads to loss of calls and deterioration in the quality of service. The areas most affected due to the congestion are Bihar, Maharashtra, Gujarat, Mumbai, UP-W, and Himachal Pradesh, according to the report.
When tried to contact to know their response, Vodafone and Airtel refused to comment.
Oa customer from Jaipur says, "I am fed up with the Vodafone network connection and am facing problems since the last two months. I have also registered a complaint with Vodafone for the same, but there is no relief as yet." He adds that the call drops lead to many problems, including financial loss when customers have to call again.
This issue is pointed out by other customers as well. They say that sometimes it feels like the network providers intentionally cause call drops as they get to charge twice for a minute if a call is dropped and a new call is made within that minute. Some even pointed out that call drops are annoying, but what is more irritating is when the call gets picked at the other end but no voice can be heard whatsoever, forcing users to make the call again.
Another customer from Mumbai says, "The government should have rules for this and punish these companies very heavily if standards are not met. Having a bad network is as good as not having a network at all. If they are not following proper standards of network, they should not be allowed to charge even these rates as their service is sub-standard."
Another important point was highlighted by a customer from Mumbai who says that the only solution to these network issues is to implement the rule that one will have the same number even if he changes the operator. He adds that this was supposed to happen in October last year, but nothing has materialized as yet.
The Hottest gadget of year 2008 was a table top computer with 30 inch touch screen. the touch screen is made up of acrylic. It has 5 cameras that can sense nearby objects. User can interact by touching or dragging their hand. the touch is awesome like iPhone. The price tag is between 5000$-10000$. It can even extract photos from digital cameras and spread it over the screen like photos spread over a table. All the animation looks real and a cool water effect screen saver is given which works on sense of touch. The water movement is very cool when a user interacts with the screen.
Check out the cool video of Microsoft’s Table top computer.
Place a comment if you like.
Satyam might be facing the heat right but the Satyam saga has clearly dealt a blow to the Indian IT dream.
The IT industry represents modern India. They are the ones who have created brand ‘India’ on Wall Street.
But Raju's fraud might change the Indian IT dream forever.
After all, the fourth largest Indian IT company, Satyam has fallen off the cliff, in what unfolds as the most dramatic frauds of recent times.
Now, the clients would think twice before engaging with an Indian IT vendor.
The reason is simple—they would ponder over whether the law of the land can be trusted anymore.
However, Narayan Murthy, the founder of Infosys, said "One apple is bad doesn’t meant everyone is bad."
Well, even as Murthy calls it a one off case, Infosys has already started promising more disclosures to its investors and whatever it takes to keep the clients’ trust.
Also, industry body Nasscom has swung in action, asking companies to switch to the top gear so as to retain their clients.
Som Mittal, President of Nasscom, said,"We are asking companies to make more disclosures on governance issues to their clients."
It’s certainly going to be tough ride for the Indian outsourcing industry with the recessionary pressure of the west on one hand and now, an image crisis.
Meanwhile, the international biggies like IBM and HP will benefit directly, unless the industry leaders go all out to defend their credibility.
Satyam Fraud : Here is the Full text Letter of Raju to Board
Following is the text of the letter Raju wrote to the Satyam board:
"It is with deep regret and tremendous burden that I am carrying on my conscience, that I would like to bring the following facts to your notice:
1. The Balance Sheet carries as of September 30, 2008,
a) Inflated (non-existent) cash and bank balances of Rs 5,040 crore (as against Rs 5,361 crore reflected in the books);
b) An accrued interest of Rs 376 crore, which is non-existent
c) An understated liability of Rs 1,230 crore on account of funds arranged by me;
d) An overstated debtors' position of Rs 490 crore (as against Rs 2,651 reflected in the books);
2. For the September quarter(Q2) we reported a revenue of Rs 2,700 crore and an operating margin of Rs 649 crore(24 per cent of revenue) as against the actual revenues of Rs 2,112 crore and an actual operating margin of Rs 61 crore (3 per cent of revenues). This has resulted in artificial cash and bank balances going up by Rs 588 crore in Q2 alone.
The gap in the balance sheet has arisen purely on account of inflated profits over several years (limited only to Satyam standalone, books of subsidiaries reflecting true performance).
What started as a marginal gap between actual operating profit and the one reflected in the books of accounts continued to grow over the years.
It has attained unmanageable proportions as the size of the company operations grew significantly (annualised revenue run rate of Rs 11,276 crore in the September quarter, 2008, and official reserves of Rs 8,392 crore).
The differential in the real profits and the one reflected in the books was further accentuated by the fact that the company had to carry additional resources and assets to justify a higher level of operations thereby significantly increasing the costs.
Every attempt made to eliminate the gap failed. As the promoters held a small percentage of equity, the concern was that poor performance would result in the takeover, thereby exposing the gap. It was like riding a tiger, not knowing how to get off without being eaten.
The aborted Maytas acquisition deal was the last attempt to fill the fictitious assets with real ones. Maytas' investors were convinced that this is a good divestment opportunity and a strategic fit.
One Satyam's problem was solved, it was hoped that Maytas' payments can be delayed. But that was not to be. What followed in the last several days..."
Firefox has a cool little easter egg, just type in about:robots in the address bar & you will find robots greeting you with a special message. The title of the page reads Gort! Klaatu barada nikto!, wondering what it means. According to wikipedia Gort! Klaatu barada nikto! originates from the Cold War-era science fiction film The Day the Earth Stood Still (1951). In the film, the phrase, Klaatu barada nikto, was used by Helen Benson to stop the robot Gort from destroying the Earth. Klaatu is the name of the humanoid alien protagonist in the film. Here is a quick view of the page..
How to Chat with yourself In your Browser address bar just type: Change yourid with your own email, now you can send, recieve messages, & you can see what you are typing. Desktop Icons for GTalk Contacts Right click on the Desktop select New>Shortcut & type this: gtalk:chat?jid=id@gmail.com Please replace id with the id of your contact. If you like to call your friends just replace chat with call. Keyboard Shortcuts:
gtalk:chat?jid=yourid@gmail.com
Ctrl + F4 - It closes the current window.
Alt + F4 - It closes the current window.
Alt + Esc - It Minimize all the windows.
Windows + Esc - Open Google Talk (if it’s minimized, or in the tray)
F9 - Open Gmail to send an email to the current contact.
F11 - It initiates a telephonic call with your friend.
F12 - It cancels a telephonic call.
Esc - It closes the current window.
Change the font size - While holding the control key, move the scroll wheel on your mouse either up or down. Insert line breaks - If you want to have a message that spans multiple paragraphs, just hold shift and hit enter.
Switch windows - Pressing tab will cycle through open windows. It will select minimized conversations, to expand them just hit enter. If you just want to cycle through IM’s and don’t care about the buddy list, control-tab will do that and will automatically expand a minimized conversation if you settle on one.
Invitation Tips - You don’t need to say Yes or No when someone wants to add you as a friend; you can simply ignore it, the request will go away. (On the other hand, someone with whom you chat often will automatically turn to be your friend, unless you disable this in the options).
Bold Text - To write something bold, you can use an asterisk before and after the word, like *this* .
Run multiple instances of gtalk for multiple login of google ids
A shortcut is already placed on the desktop when gtalk is installed.
Right click on the shortcut and goto properties -> shortcut tab
There will be a target address like
C:\Program Files\Google\Google Talk\googletalk.exe
just add this word at the end of this line (give a space before) and save it
C:\Program Files\Google\Google Talk\googletalk.exe /nomutexApply and Ok
Now when you want a new instance of gtalk for a new id simultaneously, then just again double on the desktop icon and a new instance of gtalk will open.
On this page I will list all the Official Blogs of various Web based companies and big market players , you will find here official blogs for Google,Microsoft,Yahoo,Adobe,Sun Microsystems and others.This page also contains links to Official blogs of various programming/web development languages like PHP, Java, .Net, Ruby etc. More to come
Official Google Blogs - A comprehensive List:
The Official Google Blog - Insights from Googlers into our products, technology and the Google culture.
AdWords Agency Blog - The latest from Adwords from you and your client.
AdWords Retail Tips - Adwords tips for the retailers
AdSense Blog - A look inside Google AdSense. With newbie, optimization, AdSense features, and more.
Adwords API Blog - The official source of information about the AdWords API from Google.
Adwords Blog - Google’s official blog for news, information, and tips on AdWords.
AJAX Search API Blog - At this Blog Google gives info about how to use the AJAX Search API.
Google Affiliate Network Blog - News, views and product information for Google affiliate network advertisers and publishers.
Analytics Blog - Here you can get the latest news, tips, and resources from the Google Analytics team.
Android Blog - Blog for developers working with Android, An Open Handset Alliance Project.
Base Blog - Get news, tips, and resources straight from the Google Base team.
Blogger Blog - The Official buzz from blogger.
Checkout Blog - The official Checkout Blog with news for sellers using Google Checkout.
Code Featured Projects - Blog about featured projects on Google Code.
Code Updates Blog - Read all about the latest Google Code updates at the Code Blog.
CPG Blog - News and notes from Google’s Consumer Packaged Goods (CPG).
Custom Search Blog - The latest news, updates and tips from the Custom Search Engine team.
Data APIs - Official Google Data APIs blog.
Desktop APIs - Your official source on the Google Desktop APIs.
Docs Blog - News and notes from the Google Docs team at the official Docs Blog.
Enterprise Blog - A blog about enterprise information, search, and the users that live there.
Feedburner Blog - The Official Feedburner blog of burning questions.
Finance Blog - News and views from the Google Finance team.
Gadgets API Blog - Intended for people who use the Google Gadgets API to write gadgets.
Gears API Blog - Keep up to date on Google Gear’s progress with Gears API Blog.
Gmail Blog - News, tips and tricks from Google’s Gmail team and friends.
Grants Blog - We started this Blog as a place to read about the latest Google Grants news and information
Let’s Take it Offline - The latest news form Google’s TV, Print and Audio Ads team
Lat Long Blog - News and notes by the Google Earth and Maps team.
Mac Blog - Macs inside Google. The official Google Mac Blog.
Maps API Blog - Official Google Maps API blog.
Mashup Editor Blog - The official source of information about the Google Mashup Editor.
Mobile Blog - News and views from the Google Mobile team.
News Blog - The official blog from the team at Google News.
Notebook Blog - At the Notebook Blogs you can read news and tips from the Notebook team.
Open Source Blog - Open source at Google with news about Google’s open source projects and programs.
OpenSocial API Blog - OpenSocial provides a set of APIs for social applications across multiple websites.
Orkut Blog - Your official guide to staying beautiful on Orkut.
Orkut Developer Blog - Learn about APIs, changes and events related to the Orkut developer platform.
Google Online Security Blog - The latest news and insights from Google on security and safety on the internet.
Picasa Blog - News, tips and tricks from the Picasa team at Google.
Public Policy Blog - Google’s view on government, policy and politics.
Reader Blog - News, tips and tricks from the Google Reader Team.
Research Blog - Google research blog where Googlers write about their public research.
Security Blog - The latest news and insights from Google on security and safety on the Internet.
SketchUp API Blog - All about the ins and outs of the SketchUp API.
SketchUp Blog - News and notes from the SketchUp folks.
Students Blog - Google news and updates especially for students
Talk About Blog - A blog about voice, IM and open communications with Google Talk.
Testing Blog - If it ain’t broke, you’re not trying hard enough.
Google Traditional Media Ads Blog - News form Google’s TV, Print and Audio Ads team.
Video Blog - Celebrating creative works from the many contributors to the Google Upload Program
Webmaster Central Blog - Official news on crawling and indexing sites for the Google index.
Web Toolkit Blog - About the open source Java software development framework for AJAX applications.
Website Optimizer Blog - The most up-to-date product news, industry insights, and testing strategies.
YouTube API Blog - For developers using the YouTube API.
YouTube Blog - Official YouTube blog for latest features and happenings.
Official Yahoo Blogs
Yahoo Search Blog :- The Yahoo! Search blog began in 2004, the year we debuted Yahoo! Search technology which powers search across Yahoo! Here on this blog, we post news and insight on all things search.
Yahoo! Search Marketing :- Yahoo! Search Marketing blog connects you to the people and products that can help you make sense of the ever-changing world of online marketing, and offers a community forum for sharing news, tips and strategies.
Yahoo! Publisher Network Blog :- This blog is Yahoo! Publisher Network’s resource for publishers, by publishers. Here, you’ll find not only what you might expect from a product-focused industry blog—the latest on issues, new releases, hacks and tips—but also in-depth how-to’s, publisher interviews, industry trends, links to articles and other news and information you can use
Yodel Anecdotal : - A look inside the big purple house of Yahoo!, where we’ll provide insights into our company, our people, our culture, and the things we think about in the shower.
Next.Yahoo :- Tasty bits of hacker goodness, A steady stream of small delights. Ideas, experiments and the people behind them,Brought to you by the folks at Yahoo! Brickhouse
del.icio.us Blog :- Delicious is a social bookmarking service that allows users to tag, save, manage and share web pages from a centralized source. With emphasis on the power of the community, Delicious greatly improves how people discover, remember and share on the Internet.
FlickrBlog :- The companion blog to Flickr, almost certainly the best online photo management and sharing application in the world.
Yahoo! Video Blog :- We think Yahoo! Video is the best place to view and upload video on the Web. It’s the perfect pop-culture mashup, the best of the best—all video from across the Yahoo! network in one place.
Yahoo! Answers Blog :- This is the place to come for product updates, announcements, community guideline features, and staff picks as well as quirky, timely, anecdotal, and (we hope) informative posts highlighting the topics we find in our meanderings through the Answers community.
Yahoo! Buzz Log :-Our crack team of editors takes a closer look at the hottest trends on Yahoo! Buzz.Yahoo! Buzz brings together the Web’s most remarkable stories, determined by people like you.
Yahoo! Developer Network Blog :- Yahoo! Developer Network offers Web Services and APIs that make it easy for developers to build applications and mashups that integrate data sources in new ways, making the web a more useful and fun place for everyone.
Yahoo! User Interface Blog :- This blog is the companion blog for two libraries we’re proudly releasing today. The new Yahoo! Design Pattern Library offers our thinking on common interface design issues for traditional and rich Internet applications. The new Yahoo! User Interface Library is a collection of industrial-grade JavaScript utilities and widgets that enable you to efficiently get the most out of today’s powerful browsers.
Get 5 $ of Calls n sms .. Yup..all this for free.. njoyyy tongue.gif
CODE
https://secure.tabrio.com/User/Signup.aspx
Step 1 : Signup for an Free Account.
Step 2 : Verify your Phone Number
Step 3 : Use your free 5 $credit
Tabrio Communications, Inc. is a team of digital media professionals whose passion
is connecting everyone with the people they care about.
