Dark Reading
Protect The Business - Enable Access
Do more than just cursory scans. Develop
a holistic approach to app security.
Find out how!
Learn to take the ambiguity out of managing IT so you can guide your business forward.
Download now!
Use these tips from Gartner to identify the EPP solution that best suits your business.
Download now!
Ripoff Report Shuts Out 'Reputation Management' Hacker
Consumer advocacy website now functioning normally
Earlier this year, a hacker, promising his customers "reputation management" services, had embedded code into the website to prevent search engines from recognizing certain postings. In some cases, website visitors were misdirected to a false message stating that the posting had been redacted.
A RipoffReport.com investigation revealed that the hacker had been commissioned by reputation management companies that accepted thousands of dollars in monthly fees from their clients, promising that Ripoff Report postings about the businesses could be removed from search engine results or deleted from the Internet altogether.
Although the hack was effective in interfering with public access to certain postings for several months, the RipoffReport.com website has been fully restored to normal function and all consumer postings are once again available to search engines and the public without obstruction.
RipoffReport.com website editor Ed Magedson cautions business owners that if a reputation management company makes an offer that seems too good to be true, it probably is. "Any company claiming to remove reports from RipoffReport.com, is admitting to breaking the law because Ripoff Report does not authorize the removal of reports," says Magedson.
About Ripoff Report
RipoffReport.com is one of the largest and consumer advocacy reporting websites in the United States. Privately owned and operated, it was established by Magedson in December 1998 to enable consumers to post reports detailing their experience with any company or individual within a company. Once a company has been named in a consumer's report, the company may respond by posting a rebuttal. Both reports and rebuttals are posted free of charge, and once submitted they are not removed. Before a report may be submitted, users are required to create an account by providing a valid email address and warrant that any report submitted is truthful and accurate.
Ripoff Report.com is comprised of more than 500,000 web pages and is supported, in part, by private contributions. To make a non-tax deductible donation, send a check to: Ripoff Report, P.O. Box 310. Tempe, AZ 85280 or you can make a donation online.
CA To Acquire Authentication Vendor Arcot Systems Inc. 08/30/2010
China, Taiwan Nab 450 Suspects In Biggest Fraud Raid Ever 08/30/2010
DNS DDOS Threats and Corresponding Mitigation Strategies 03/23/2010
Spoofing Server - to - Server Communication: How You Can Prevent It 03/11/2010
DIGITAL ASSETS
Understanding Web Application Security Challenges
08/24/2010
 |
To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy. |
Subscribe to RSSHow To Detect And Root Out Sophisticated Malware
Are You A Human Confirms Man Or Machine With Games
State Of Utah Fires Tech Director Over Breach
MORE KEYHOLE
- Entering the Scrum: Taking the First Steps on Your Agile Journey
- Big Data at High Speed: Complex Event Processing at 10x
- SMB Server Guide: Meeting Email, Virtualization, and Business Application Challenges
- The Dell Difference: Lessons from Dell’s Own IT Transformation
- Techniques for Next-Gen Data Protection using Next-Gen Computing
Published:2010-11-03
Severity:High
Description:Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control (Aventail.EPInstaller) before 10.5.2 and 10.0.5 hotfix 3 allows remote attackers to execute arbitrary code via long (1) CabURL and (2) Location arguments to the Install3rdPartyComponent method.
Published:2010-11-03
Severity:High
Description:Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. NOTE: some of these details are obtained from third party information.
Published:2010-11-03
Severity:Medium
Description:Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the (1) rs and (2) rsargs[] parameters.
Published:2010-11-03
Severity:High
Description:Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.
Published:2010-11-03
Severity:Medium
Description:SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006-2503, and CVE-2009-1033.
