Yousif Yalda

tag:blogger.com,1999:blog-57138121616085275852012-02-04T17:56:33.302-06:00Yousif YaldaA page about me to show up first on Google when searching for "Yousif".Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.comBlogger231100tag:blogger.com,1999:blog-5713812161608527585.post-90011482397533056822008-11-09T13:40:00.007-06:002012-02-04T17:02:24.100-06:00ProfitKingsMedia - A Scam by Yousif Yalda

Yousif Yalda The TrollYousif Yalda ScammerProfitKingsMedia ScamProfitKingsMedia Yousif Yalda Not PayingProfitKingsMedia Took My Money :(

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com2tag:blogger.com,1999:blog-5713812161608527585.post-19630398247384117562008-07-02T02:41:00.004-05:002012-02-04T17:03:24.855-06:00Yousif Yalda does not pay

Yousif Yalda paid a few affiliates very small amounts of money. They brag about him paying. What most people dont know is that ProfitKingsMedia DOES NOT PAY and IS A SCAM.

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com3tag:blogger.com,1999:blog-5713812161608527585.post-33243558839076627232008-05-11T20:49:00.005-05:002012-02-04T17:07:31.526-06:00Yousif Yalda Strikes Again

Yousif Yalda is an extremely unethical businessman in the affiliate marketing industry. He runs a dirty business called ProfitKingsMedia which is a private affiliate network in the online industry. What he does is pay 2-3 clients to gain trust of other affiliates, then quickly shaves all earnings or finds a reason why they have violated his TOS in order to not legally pay. This means

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com4tag:blogger.com,1999:blog-5713812161608527585.post-48885122315884487642008-05-01T19:01:00.006-05:002012-02-04T17:12:12.932-06:00Yousif Yalda - An Illegal Immigrant running ProfitKingsMedia

http://www.wickedfire.com/affiliate-marketing/136464-profitkingsmedia-payments.htmlhttp://www.wickedfire.com/affiliate-marketing/129668-profit-kings-media-scam.htmlhttp://www.es5.com/blackhat-seo/general-discussion/profit-kings-media-scam-251900/http://www.webmastertalkforums.com/general-marketing/84186-profit-kings-media-took-my-money.htmlhttp://forums.digitalpoint.com/showthread.php?t=2392701#

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com1tag:blogger.com,1999:blog-5713812161608527585.post-89506335401280179592008-04-23T19:19:00.004-05:002012-02-04T17:14:33.112-06:00I don't pay affiliates

It's True. I, Yousif Yalda....the 1337est h4x0r on the affiliate interwebz do NOT pay affiliates from my company ProfitKingsMedia.com.

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com3tag:blogger.com,1999:blog-5713812161608527585.post-73682383028106924622008-04-22T18:57:00.008-05:002012-02-04T17:25:42.389-06:00Web Application Security: Log & Alert 5

I hack YEAH! I scam YEAH! I'm supposed to stop but I can't.

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com2tag:blogger.com,1999:blog-5713812161608527585.post-327999653150039362008-04-19T22:58:00.016-05:002008-04-20T02:46:00.800-05:00Web Application Security: Log & Alert 4

Perhaps you want to communicate in real-time with your enemy (attacker)? Let's say that someone is navigating through your website in an attempt to attack your web application(s). The attacker is logged in through some sort of portal; otherwise known as a forum. The attacker also has the lowest privilege set for usage. You notice that very few to almost no other user on the site is active,

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com8tag:blogger.com,1999:blog-5713812161608527585.post-43953192328965874002008-04-17T17:50:00.019-05:002008-04-17T19:36:50.266-05:00Web Application Security: Log & Alert 3

Devise your own method of interest to monitor how long a token's session lasts (duration). Preferably, I don't recommend to allow a token to live for more than 2 hours, but that's completely up to you. For example, if the session lasts for 30-60 minutes, or more, be on alert and suspicious; it might just be an attacker.To confirm your suspicion, just measure how long the token has stayed alive (+

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com5tag:blogger.com,1999:blog-5713812161608527585.post-49472440556522974652008-04-07T23:43:00.005-05:002008-04-13T13:29:21.189-05:00Web Application Security: Log & Alert 2

As I mentioned before I'd be doing some major brainstorming on the concept of IDS, bringing in some original ideas to the notification system in administrating. I thought of a method that might contribute to the security pattern of detecting intruders in any case. Although the method(s) I will be explaining might be a bit harsh, it works. If a user has a failed attempt of logging in, the next

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com2tag:blogger.com,1999:blog-5713812161608527585.post-63733121377615847902008-04-02T02:43:00.003-05:002008-04-02T19:11:46.714-05:00Microsoft RDP Priv. Escalation

::: Windows Remote Desktop :::::: Command Execution Vuln. :::::: Written by Koshi and Yousif Yalda :::heykoshi[at]gmail[dot]com // Yousif[at]vapt-sec[dot]comRDP Remote Command Execution / Priv-esc.Disclaimer:We are not to be held responsible for any use of this document other than it being educational.We found this vuln. while trying to execute a few programs and commands on a Windows XP Sp2

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com9tag:blogger.com,1999:blog-5713812161608527585.post-46786573536754032132008-03-30T23:04:00.008-05:002008-03-30T23:57:52.591-05:00Web Application Security: Log & Alert

I'm doing a continuous post this month and the following half of the next as I will be talking mainly about the theme(s) of IDS and certain notification methods. The IT administrator will no longer need coffee to jump-start the day just to watch logs. Yup, just keep a small eye out, that's all :)To differentiate if someone has accessed a directory you want to fend away from, you will make that

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com5tag:blogger.com,1999:blog-5713812161608527585.post-91765316237174449742008-03-24T17:46:00.010-05:002008-03-24T21:10:52.467-05:00WebCast: a Drizzle of HTML Purification & a Breeze of JavaScript Filterization

There is an active tropical sun of sanitization after all! We've (V.A.P.T.) noticed that out of the many web applications we've assessed, there has been a 13% decrease in the amount of websites vulnerable to XSS. While keeping basic HTML and inline CSS, our clients are still absolutely amazed at how easy it was to prevent XSS. One core mistake that is being done in a repetitive fashion is

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com1tag:blogger.com,1999:blog-5713812161608527585.post-35293267091464410832008-03-21T01:48:00.017-05:002008-03-21T03:38:46.542-05:00phpSpectre

Posts have been a little slow lately, mostly because I've been busy examining new methodologies I've sought up on the IDS sector and working on an exploit on a certain web application that I might release soon. Alright, well I've been coding a small PHP script that allows you to index through a server's files. It doesn't include many features, but it's short and sweet. The script allows you to

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com8tag:blogger.com,1999:blog-5713812161608527585.post-40663194356267878352008-03-05T21:02:00.007-06:002008-03-06T01:39:54.767-06:00Blind The Hacker

A widely used methodology to trap hackers is to simply set-up a Honeypot server. I tend to think it's quite over-rated, and needs an "add-on". This is a similar theme next to my Steganography scheme. we've all heard about Directory Listings and what juicy media they contain; strictly ethical of course. ;) Often, directory listings are left without protection, openly free as a target for

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com5tag:blogger.com,1999:blog-5713812161608527585.post-26977039755993421852008-03-04T22:55:00.008-06:002008-03-04T23:35:54.989-06:00V.A.P.T. Bin

I have developed a Secure Deletion application that I haven't released till now, and which was created a few months ago. The application is designed to implement various deletion processes to ensure that the data cannot be recovered.The method digs into all bits of data embedded within the application and forcefully deletes any trace of it. In a humorous way, I decided on top of the successful

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com7tag:blogger.com,1999:blog-5713812161608527585.post-2523650050153772402008-02-29T00:23:00.003-06:002008-02-29T01:34:39.069-06:00Google Dork Indexes IP and Bandwidth

The following Google query will allow you to search for IP's and Bandwidth match-ups that were issued by the client: [Google.com]The Web Application that finds this information descends from an out-dated version of the software created by Gambit Design Internet Services in 2002. This web application works directly through the core speed test page and uses the information submitted (IP + Bandwidth

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com4tag:blogger.com,1999:blog-5713812161608527585.post-42250265993510775942008-02-24T23:50:00.007-06:002008-02-25T00:40:56.393-06:00The Holy Steps of Security at Peace

Okay, everyone but the average user(s) can listen and enjoy, while the rest should follow and apply. Businesses with websites often want security, but they don't have the state of mind of approaching it with a good heart. People, when security is at risk, you need to look at your benefits and your losses. When a security researcher, analyst, consultant, specialist, and the like try to contact you

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com6tag:blogger.com,1999:blog-5713812161608527585.post-52346466908816759112008-02-20T19:14:00.003-06:002008-02-20T22:30:00.723-06:00Top 10 Security Presents

Ever wonder what kind of gifts people of the Web Application Security Industry want?1.) RSA SecurIDOne of the most handy tools an IT specialist could want! It generates a random six-digit numeric code based on a token assigned by a .asc 128-byte signed integer value via a ACE RSA server.This cryptographic mechanism operates on software and hardware.2.) Licensed Web Application ScannerThis is an

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com8tag:blogger.com,1999:blog-5713812161608527585.post-77223647521862742642008-02-18T22:08:00.011-06:002008-02-19T16:57:54.269-06:00Organized Crime 2.0

Digital crimes have exceedingly evolved. We have been familiar with classical attacks and languages that barely hold potential in both automation and effectiveness. The World Wide Web (WWW) has spun amazingly into a digital realm of complete chaos with a mix of graphical integration and user-generated content.The Web 2.0 is deploying technologies such as XML, XHTML, REST, JSON-based APIs, Rich

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com5tag:blogger.com,1999:blog-5713812161608527585.post-33929131165752218362008-02-14T18:06:00.004-06:002008-02-14T22:29:33.546-06:00Consumer Blindness

The normal user nowadays can barely keep up with security updates, malware prevention software, and anti-virus protection. It's not necessarily the users fault, rather how systems work.Most attacks today leverage to common sense, and the user is still lost even then. How does the average user keep up with prompts like "Some program is trying to access port 5800 on your computer, do you want to

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com9tag:blogger.com,1999:blog-5713812161608527585.post-80427763155455037902008-02-13T23:39:00.013-06:002008-02-14T00:58:14.896-06:002008 Not So Great

This year will bring upon a new change in the security realm. Slowly, but surely Microsoft's Windows Vista will be a new target as plenty of users are currently switching to it. Every computer you buy these days will include Vista's new Operating System. This may be a great innovation for the normal user, as it is quite attracting in terms of it's glossy and "hi-tech" look. Users are also bound

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com5tag:blogger.com,1999:blog-5713812161608527585.post-4957588878309532822008-02-12T22:41:00.001-06:002008-02-12T23:02:40.646-06:00DoS/DDoS Attacks by V.A.P.T.

Yes, we've release yet another Whitepaper. Grab your copy fresh today and learn how to defend against these types of attacks. It's not fair to your brand or your customers to deal with downtime! You can fend off the attackers and implement a great security strategy to eliminate flooding and disruption of service.Check it out now @ DoS/DDoS Attacks

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com5tag:blogger.com,1999:blog-5713812161608527585.post-18067813138623267382008-02-12T20:22:00.001-06:002012-02-04T16:54:56.805-06:00Steganography at it's finest

Hey.I'm Yousif Yalda, and my intelligence is a hyperbole. I run a scam network. Yousif Yalda Scammer. ProfitKingsMedia is a Scam.

Yousif Yaldahttp://www.blogger.com/profile/17130171565447829176noreply@blogger.com8