Miscreants have deployed a subtle variant of the well established drive-by-download attack tactics against the website of human rights organisation Amnesty International. In traditional drive-by-download attacks malicious code is planted on websites. This code redirects surfers to an exploit site, which relies on browser …
Amnesty International is just a feminist-ridden politically-correct so-called charity that deserves anything like this that happens to it.
Yes, I know, it's breaking the law. So what? Just because hackers aren't British policemen - or politicians - doesn't mean that they can't break a few laws sometimes.
Did your wife just leave you, or have you just been disciplined at work for something like being a sexist bore, sorry, for refusing to bow down to the marxist PC conspiracy ?
Did I strike a nerve?
Attack the person, not the message: that's what you politically-correct feminists always do.
Shaming behaviour doesn't work on me. You see, I'm a woman. That's right, there are women out there who despise feminists and their victimist perks for the girls theology. Dividing the world into victims and oppressors encourages spitefulness, weakness, and passive-aggressive behaviour.
Oh, and speaking of victimist theologies, I also hate political correctness. It, too, encourages the above-mentioned behaviour. It also encourages the loss of a sense of humour. The one thing it doesn't encourage, though, is the ability to think for oneself.
Re: Did I strike a nerve?
There's more than one kind of feminist.
Sex is not the determinate
Males and females can be dumber than dirt.
Thanks for the fine example.
> The Amnesty International attack ultimately relied on an Adobe Flash zero-day exploit, patched by Adobe late last week, with the ultimate aim of dropping a backdoor on compromised machines ..
> display.swf is downloaded by the browser, and the ActionScript it contains is executed. The script exploits the CVE-2011-0611 Adobe Flash 0-day, and causes the shellcode to execute ..
How exactly does this achieve 'ROOT' on Macintosh, Linux, and Solaris, give real world clickable examples ...
Why does it need root? It can do what it likes with all your personal data, spew out spam or mount DDoS attacks without needing root privileges.
"In traditional drive-by-download attacks malicious code is planted on otherwise malicious websites."
I wondered about that too (they fixed it)
"The attack on the Amnesty website, detected by security firm Armorize, relied on a different sequence of events."
Amnesty isn't a malicious web site? Apparently comment number one doesn't agree!
Not even "otherwise malicious"? I assume that's like "differently", as in "differently abled". As in, "It isn't their fault they aren't malicious, they try so hard. But they only achieve 'petulant'. We'll call that 'otherwise malicious', to give credit for their effort."
I don't think I've thought about Amnesty this week - no, wait, someone like that had something to say about goings-on in Ivory Coast. And probably Libya.
To be expected if you...
Which I think goes to show that if you are going to lock horns with some people who don't care about human rights, then you need to make sure you protect your own rights. Especially, your website.
That said, I do have reservations about the current trends in UK/EU human rights legislation, which seems to have degenerated into a charter for pampered minority-groups to demand preferential treatment, and to sue the shirt off anyone who denies them special status.
Hell, as a topical example we can't even use red or green in games anymore.
This, IMHO, is a bastardisation of the original purpose and spirit of the HRA, which set-down rights which apply to ALL citizens, without exception or predjudice.
-The maintainer of a local Amnesty website for about a decade. (hopefully, malware-free)