Wow, it looks like blogshares will be com­ing back after all.

A solid agree­ment has been reached between BlogShares founder Seyed Razavi and tech­no­lo­gist Jay Camp­bell — the site is com­ing back!
Premium mem­ber­ships will be exten­ded one month to make up for this down­time. If you had 8 months left, now you have 9.
The recon­sti­t­uted BlogShares team is doing cartwheels over the pos­sib­il­it­ies that 2004 brings.
Check back for more notices, and soon a work­ing site.

Yet another Inter­net Explorer exploit has been dis­covered. This one is ripe for many of the phish­ing scams that have been going around.

Secunia have a good, detailed advis­ory.

The vul­ner­ab­il­ity is caused due to an input val­id­a­tion error, which can be exploited by includ­ing the “%01″ URL encoded rep­res­ent­a­tion after the user­name and right before the “@” char­ac­ter in an URL.
Suc­cess­ful exploit­a­tion allows a mali­cious per­son to dis­play an arbit­rary FQDN (Fully Qual­i­fied Domain Name) in the address bar, which is dif­fer­ent from the actual loc­a­tion of the page.

Steve Minutillo has an example. Andy at absob­log­gin­lutely has another example.

Remem­ber, these only ‘work’ as inten­ded in Inter­net Explorer.