The Shortening, Part Deux: URL Shortener Security Fail
URL Shortening services have once again come under security scrutiny; the gaze of Brian Krebs (the respected Washington Post security blogger) has graced these fundamentally flawed services, and he hath found them wanting (as have many others)… More information, including a snippet of the SecurityFix blog story appears after the jump (Aye, there can only be one… MacLeod)
From The Washington Posts’ Brian Krebs: “Spammers, Virus Writers Abusing URL Shortening Services“
“Purveyors of spam and malicious software are taking full advantage of URL-shortening services like bit.ly and TinyURL in a bid to trick unwary users into clicking on links to dodgy and dangerous Web sites. Fortunately, with the help of a couple of tools and some common sense, most Internet users can avoid these scams altogether….” “According to alerts from anti-virus vendors McAfee, Symantec and Trend Micro, the latest to abuse these services is the Koobface worm, which targets users of social networking sites like Facebook (Koobface is an anagram of Facebook) and Myspace…”
- URL Shortening XSS Vulnerability Reported (infosecurity.us)
- StumbleUpon’s Su.pr URL Shortening Service Is Now In Private Beta (250 Invites) (techcrunch.com)
- The ABCs of URL-Shortening (themoderatevoice.com)
- Setup Your Own TinyURL Like Redirection Service in 2 Minutes (labnol.org)
- Hacker cracks TinyURL rival, redirects millions of Twitter users (computerworld.com)
- How To Create Your Own Tiny URL (johnchow.com)
- Advantages and Disadvantages of URL Redirection Service (taragana.com)
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_b.png?x-id=8d2d517f-6a8f-47d3-83e3-bea055c2097d)
