Hello, welcome to the Tuesday, August 8th, 2017 edition of the Sanctored Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

Xavier today wrote about the increase in scanning for PHP My Admin in his honeypots.

Now, PHP, my admin, is a PHP application that can be used to administer

my SQL database and aside from it being often not properly secured, it often also suffers

from unpatched vulnerabilities. Now, in the case that Xavier observed the attacker was actually

quite aggressive in trying to find a PHP My Admin using a variety of different URLs. Now a lot of

administrators try the security through obscurity trick and hide php my admin personally i don't really see a

great reason why you need to have php my admin installed in the first place there are a lot of

gooey applications that you can use to administer my sequel if you don't like the command line.

And these GUI applications are really just declined applications that do not require a web

interface.

You just connect across the network, hopefully via SSL, to that MySQL database.

Now, I have reported in the past about cases where VPN applications didn't actually

provide much security or privacy.

For example, there have been some Android applications that claimed to provide VPN service

but didn't actually encrypt the data.

The latest case here is Anchor Free's Hot Spot Shield.

Now, Hot Spot Shield does claim to provide free VPN services.

And of course, whenever something is free, you have to look closely to figure out how are they actually paying their bills.

In this particular case,

apparently they are injecting ads into your browsing stream. They will also inject JavaScript as part of these ads and essentially de-anonymize your browsing session to the advertiser.

...