Bloggerbowling - the downside of the Google "Flag" feature
posted at 09:52 AM - Category: Spam, Security and Virus

Black Hat SEO's will be targeting random blogs using bots to report blogs as spam. The end goal being to make the "Flag" feature have so many false positives that the system will be removed. I don't think they have to bother. As I mentioned before, this feature will see wide spread abuse from users in general and
Duncan seems to agree. It's human nature that will be the undoing of this lame attempt to solve blog spam, not the efforts of the black hat crowd. However, if they can help usher in the demise sooner rather than later, I'll actually pat them on the back for a job well done.

Nucleus 3.22 released
posted at 02:10 PM - Category: Spam, Security and Virus

A new version of Nucleus is available and is mainly a security release. It is highly advised that you upgrade to the latest version which plugs a rather nasty hole in the XML-RPC library.

Read what the Nucleus team has to say and download the update.

Security Alert: XML-RPC bug found in Nucleus CMS 3.21
posted at 01:30 PM - Category: Spam, Security and Virus

Security Alert from Nucleus:

Another XML-RPC security issue

After a vulnerability was discovered in our bundled XML-RPC library earlier this year, the Hardened-PHP project did a code audit and found another security issue. They worked together with the library authors to solve the issue.

We'll be wrapping the fixed library files together with some other bugfixes into a Nucleus v3.22 release later this week. For now, a temporary fix is available:

1. Download this file: nucleus-xmlrpc-patch.zip
2. Extract both the files (xmlrpc.inc.php and xmlrpcs.inc.php) into your /nucleus/libs folder.

Make sure you patch up until the new version is out next week. Thanks to the quick response from the Nucleus team. Those guys are on top of their game.

Adsense scam floating around
posted at 01:39 PM - Category: Spam, Security and Virus

Via Jensense:

A warning to all AdSense publishers. It makes good business sense to dump all your cookies and take a spin around your website and see if any AdSense ad units pop up where you did not place any.

It looks like a 3rd party provider that lets you use their service to send pages to your friends. "Tell a Friend" scripts have been popular for years and offer an easy way for people visiting your site to send a page to a friend.

Recently an announcement went out asking members to switch their code out to a new version of the code. The new code uses cookies and shows an adsense ad to your visitors. The cookie tells the code to only show the ad ever two days. The ad that is shown is from the 3rd party and you do *not* get credit for it. Keep on the look out. Good catch Jenstar!

phpBB upgrade 2.0.17 - minor security and bug fixes
posted at 10:51 PM - Category: Spam, Security and Virus

For those of you who run a forum with phpBB you need to upgrade. A few bug fixes and security fixes (minor) in this new version. Read the announcement over at phpBB.com.