Ok So we hit it off well this week now they seem to want to give us some really hard ones. So I figure we can disqus this in the forums or other in comment sections. I want to hear what you think:
Monday July 6, 2009 – (Clue : “Greedy Hermit”)
Tuesday July 7, 2009 –
Wednesday July 8, 2009 –
Thursday July 9, 2009 –
Friday July 10, 2009 –
So Let’s Start this off, There are Some good Possiblilities:
If anyone can think of something different let me know these are just a few ideas that I think they could be but if you have something different I will surely entertain the idea.
Email has to be sent through several different servers that you have no control to get to its final destination. So if your really paranoid you know that a server could be used for the man in the middle scenario. In which some server claims to be the final destination and here it is copied and sent on to the true person.
Securing your Email
As you can see email privacy is as easy as telling people everything they want to know about you. Email Security is always going to be an ever evolving technology, because those who want to listen will tend to find ways to listen. You could use PGP Email Encryption to prevent people from reading your emails but what about the files?
So I had a couple people wanting me to keep track like we did last year so I will be start by updating this daily with new clues. Look to be updated late night for those who want to keep updated for them:
Tuesday June 30, 2009 – Rhoda and The Donna Read Show (Clue: CBfWJ, zlpdl)
Wednesday July 1, 2009 – Benny & Joon And Prelude to a Kiss (Clue : pbKEf, 2MqNCV)
Thursday July 2, 2009 – Sliders Season 3 — (Clue: 10×3u9)
Friday July 3, 2009 – Dead Like Me Season 1 — (Clue : nMhKQ)
I will update daily when they put out more clues so Check back daily on my Homepage for more. I will keep this on the sticky until the next clue comes out. Feel free to discuss this on my Forums or the Disqus community. Although these seem simple they might get harder later one so I might need your help in solving these.
In One of my Previous rants I talked about Antivirus System Pro. I finally found a site that tried to scare me into downloading critical software updates.
As you can see this site is Spyware-scan-for-free.com but what is most important is that it actually tells you the truth before you install it. “Some Security Vulnerabilities detected with High probability. It May damage your files or steal you person and financial information.” This one site is trying to you make you think you are install critical updates but in reality it is probably do what it states by clicking the OK.
Although I talked about how to remove this, I would like to talk about just how bad it is to download “Critical security updates” from unknown or untrusted sites. Although most people usually do Google for keywords like “Antivirus System pro” or “Spyware-scan-for-free.com. I will tell you that if you think you have a security problem to go to the Windows update and see if there is an update that need to be applied.
As many of you know, I am a great fan of Hulu. Recently I went searching to find out how to watch Hulu without having to buy myka 1tb Network Video Player. So Here’s is what you need to watch it on your TV.
What you will need:
Video S-Video Cables — If you plan to use S-video in then this is what you will need. The good thing about this is most Laptops have S-Video Out. Although this isn’t always the case this is how I watch Hulu on TV.
VGA Adapters — Some laptops only have VGA you will be able to tell by the look of the connection but if you have this tool you can convert any VGA connection to S-video easily.
Philips 3-Way AV Selector For $9.88 –This is the cheap way for those who can only connect coaxial cable inputs. This is what you will need to use on Older TV’s.
Audio
2 RCA Male / 3.5mm Stereo Male, 25 ft — This is for the head phone jack that you will have on your laptop pipe your audio from you laptop to the TV screen. Depending on the length of the S-Video cable will also determine the Length of the the Audio cable. So you will need to look around for a 25 foot S-video cable just so you have the room.
IT Security warfare is an interesting domain. It is a never ending race between the security software developers and malware writers. And since the security software always act after the development of the malware, they are always behind in this race.
But this fact poses a serious threat to the security of your system as a user. If you are not careful and regularly updating your antivirus applications, you might be late, and if the malware might get a chance to get the entry to your system, it can play havoc there.
Today’s Intelligent Malware…
Today’s malware are much more intelligent than their predecessors. They not only do the damage intended by their developers, but also make it difficult for security software to identify them. They try to disable your antivirus applications, they modify your system files so that you are not able to access the security software websites and forums, they hijack your browser homepages, they disable the update procedure of your security software and use all such tricks, which make their detection difficult.
Bryce over at Technibble is giving away 10 licenses for this software and I couldn’t resist to talk about it here. The Rules are simple and I will walk you through them one by one:
Make a Comment on His post, anything just as long as it adds to the community. No name calling, No harassing them, and try to not cuss. I would appreciate it if you would reference back to this site so he knows who sent you to him. You see I would love a lifetime Copy of this software my self. (Hint hint Bryce)
Subscribe to his updates via Email — This one is really simple, just sign up to receive to his updates and you will be all set. And your all set, for that one.
Follow @Technibble and tweet:
Just entered the SUPERAntiSpyware Pro License giveaway. http://bit.ly/tnsas You can win by following @Technibble and retweet. @Laforge129
In the last 24 hours the spammers and scammers have begun to distribute spam with the guise to:
Harvest Email Addresses – This seems to used to ask users to respond to the email to get “top secret” information about how he died. Security experts believe this is an attempt to verify email addresses for future spam attempts. Although it isn’t wise to reply to people you don’t know about it at least has very little risk with your computer for the time being.
Fake Codecs and Hidden Trojans – Seems this is the main thing they are doing right now to get personal computers on their networks. So you should never visit a site you don’t know about without having an Anti-virus software and A firewall to better protect your system.
Extortion Ware — This one is very interesting, and According to Webroot. You should avoid sites that you don’t know anything about. With News of anything major you should keep with the trusted news sites. This one looks to be the bad guy type.
As you can tell this is spam but it got through my spam filters because the spammers are actually spoofing the email address. Upon further inspection of the headers of the message I have found this came from a Black Hole IANA.org name server. Then when I did some even more investigation on this, I found that they are seeing more and more of Email Spoofing for Skype. Which if you went to that URL (Websweetness.com) you will not like what you see. IT is an Adult site but that is besides the point. I am betting the spammers are trying to fool the spam filters to make sure this get through. I talked about the Skype Bots before and this seems to be another way they are using Skype for there spam campaigns.
Skype is getting to be used by almost everyone who has internet so this is a good bet that people will get even more spam from spammers who are trying to get around the spam filters. Until Skype fixes this problem, you can go into Email settings and uncheck “Skype can contact me when someone adds me as a contact”. Although I would like to prevent this totally until they add a way for me to only receive messages from people on my contacts through email this will always be problem until they do that.
Some of you would want to ask me why I am calling this title an usual title. In fact it is quite simple, I have been at the hospital since early this morning. While I was there I had some intriguing things happen. I was watching a person cruise the internet while they were at work. This is someone who is supposed to answer the phones and such. Then I see this POP UP, this draws my attention. “You SYSTEM Has Spyware”. This was my first thought, Scareware. The Popup said it was for “Antivirus Pro System”.
Since this was a Hospital computer, I couldn’t get a real screen shot of this but there are plenty examples out there, just like that one above. Anyways what worries me is how System Admins are allowing employees to surf the web while at work on company time. It also makes for a bad experience with their family. It also concerns me about the fact that while that computer is infected some of the patients records could be leaked online.
So we have it here right now, and it starts out really good. You can watch Stargate SG1 Season 1 through 4 the whole summer. The last of the Mohicans was the frst movie they brought out for this event. I rember last years one where we had to guess the coming week. Some of the ones that I did last year were:
Now I don’t know all that will come this summer but I would of liked to have clues like we did last year. That would of been really fun. Oh well, I will keep watch on this and see what comes from this. I also have been using the Hulu Desktop more and more, it seems to work well with A600 Cricket modem really well. For those who have it, I would suggest using the lowest quality of playback for using it. It really isn’t bad quality for watching shows and such on. You really don’t have to worry to much about buffering. Although you should check your settings on the player and change them.
More and more there seems to be a building trend with Malware writers are developing ways to find both Mac systems and PC Systems. In a diary talking about that one mans journey leads to a site that can detect which system you are on and offer up Malware for that system. He also has some other examples of this on a Mac Trojan in the wild.
Now more and more Apple users think they are not vulnerable to the types of antics that the PC users have to deal with day by day. This however proves they are “WRONG”. I will keep telling people whether PC or Mac that you need to have Anti-virus and Firewalls installed to help protect yourself from be victim to this type of stuff. Just a last week Sopho’s issued the OSX/Tored-Fam worm to their databases. Sopho’s even talks about this in detail on their blog.
I’ve been reading about this on other blogs about this user agent I have been seeing this agent trying to access an area where I know Wordpress doesn’t have anything there. Some people suspect it is scanning for any Drupal Vulnerabilities. I have to say if it is searching for Drupal, it is in the wrong place.
Now let’s get down to it. I’ve seen a lot of comments that just blocking the User is not going to prevent this from happening. You see they can always spoof the agent with out much trouble but I feel that if they are going to do use an agent that I can track. It is never a bad idea to block that type of access. If that was a true agent, I seriously doubt it would be a legitimate agent because of the name. Others have suggested this is looking to find a PHP Vulnerability and exploit your system.
It seems in anticipation of the release of Half Blood Prince the Malware authors are starting to send for the movie. For example:
As you can see they really try to fool you into think your are going to be able to watch it for free. They even put it the movie poster to try to get you to click that link. It is on a blogspot page and has a few Google followers, which I am amazed at because what I have found it. If you were to click that play link (usa-top-news.info) it will redirect your to (world-news-scandals.com) and then to the final destination (tubes-portal.com). Each site is surprisingly in the US and tries to look like it is a real site. It sends you a file called streamviewer.40018.exe, which I am surprised AVG hasn’t picked this up so I went to see if this was a virus and Virustotal showed me this:
I have been using www.GoDaddy.com as my Hosting Company for quite some time and really love the service. As you know they clam to have 99% uptime and I haven’t seen them go down for anything since I started. So Let’s Talk about this even more:
Hosting plans starting as low as $4.99 a Month. ()
You can become a Reseller for Godaddy if you want, and have a store if you want. This is also makes it even easier for you to make and sell domains for cheap.
SSL Certificates — Keep your website secure and prevent people from getting information they shouldn’t. This is good for businesses who have to sell using a credit card or registration for people information.
This is a good service for bloggers and podcasters who want to blog. I have been using this service from www.GoDaddy.com and have been really impressed. If you looking for a hosting this is the right place to go. Although the support for www.GoDaddy.com is not the best, when I went through them for tech support. They would tell me how to fix it and leave me do it myself but that is a good way to learn how to keep a website going. I still recommend www.GoDaddy.com for people who want a dependable service. Do you like or not like Godaddy? I want to hear from you! Leave a comment and let me know what you think!
I’ve been reading what Sans Internet storm has to say about twitter and how that can bring malware to Twitter. Sans argues that there is no reliable way to determine the information someone says, and that is where I am wanting to talk about the way people are creating what I call Link baiting or Blind links. You ever click on a link in twitter to find it it wasn’t what you thought it was?
I also thought of what Sopho’s blog about today where someone hijacked 2.2 Million redirect Urls using Cli.gs services to shorten links. I was reading through the Cli.gs blog about the incident and it came from Canada but I don’t think the user of the website who had all that traffic was involved in any way shape or form to the hacking of Cli.gs website. I personally think this was done to prove a point and it is a very good point.
I was on Twitter and I saw this message from someone I am following. Talking about how to make 171,161.08 a month.
Ok before we go any further you would have to see the name Oprah Winfrey (see Above for Photo of Account) just like the name of the one who just came on to twitter. Now is this a true name or just a fake account? I’ll let you decide that because it looks like it is just random tweets with the same URL. This to me is looking more and more like spam. Back to the site, it is call Maverick Money Makers.
As you can tell this is like every other get rich page I’ve seen trying to tell you will make insane amount of money in a few minutes a day. So I decide to go to another page unrelated to this page and you will get.
I was on Facebook Yesterday doing my usually just playing one of my games when all of the sudennly this pops out:
As you can see this seems to be another site which is a scareware site, the site Powerantivirusscannerv2.com is trying to scare you into buying a fake antivirus. I don’t know if it was Facebook doing this or if I got the redirect cookie somewhere else. Although if you have downloaded the program that they want you to install or even think you have this fake antivirus installed, Spywareremove has the information needed to remove off your system. It seems they are going to use social sites more and more and you should be careful. I also have some good resources like Free Anti-virus and Free firewalls that would help protect you from this threat.
Somethings to consider when you see something like this pop up are? Do you have antivirus or a firewall? If so, then you shouldn’t be worried to much. Always look to see if you can see if it is a webpage and not from the system. This is something the scammers are always trying to do to get your money. Remember these sites are not really a trustworthy site and should be avoided at all cost. I also recommend using the Hijackthis software to look for these rogue softwares in your system to better protect your system.
Have you ever wondered how they find out your Email address or even find out your name or so called shipping address. I’ve been wondering that for quite some time and have went researching online for the reason. You see I’ve been getting spam email with my name and address like this “Possible Check Pending [Last Name] [Mailing Address] Sender : Pam [Last Name]”
That email was a “Kevin Hoeffer” scam that advertise getting you money from Google, called the Cash Secret club. Suffice it to say that the Rip of Reports all say this is a scam. Seems they try to fool you into paying $1.99 and then charge an extra $98 after you give them your information. The Domain that I looked up is protected by Whoisguard.com. So I reported to them about this spam, this is a sure way to get off there list. Reporting spam will black list you from getting spam because to there major providers. That cost them money, if everyone did that the spammers would be stopped. Although I think society as a whole isn’t even trying to fight the spam this way they just try to keep it under control. I believe that if 10% of the spam is reported then we are making the spammers and scammers pay for their misdeeds.
As of Today I am making all RSS feeds go to Feedburner, so if you are having trouble by all means drop me a line. I am using FD Feedburner Plugin for WordPress, so I don’t know how well this will work. I just wanted to keep up to date on the amount of people actually viewing my feed.
In order for this to work though I had to publish a post. According to FD Feedburner Plugin Support site they say:
Known Issue
After you configure your feed, due to caching it probably won’t redirect to Feedburner until you make a new post.
So if you have problems after this post let me know and we will address them if you want to subscribe to the feedburner feed that will help prevent some of the problems.
*Update 6/12/09 9:00 pm*
I had to redirect with the .htaccess to actually do it. So from now on every Feed will go to Feedreader. So now it is fixed for permantly and should not change anything to the feed in anyway, this was just a statistical need for me to know how many people are actually subscribed to my feed. Still if there is a problem let me know!!
Wordpress 2.8 was released Yesterday morning, and by Yesterday afternoon people were complaining about it. Some of the issues seemed to steam from a minor template change in 2.8 to prevent people from editing or using Plugins.
Now I have talked about backing up important data, that includes your website. You will never know when that back up software will be valueable and when you need to restore it.
Just like everyone else I have had problems with my ability to update my blog or update my Advertising. Although unlike others who have a lot of widgets on the sidebar for there users, mine are html and not a plugin version. Although I didn’t have as much problems as others, I did however have problems with the Back up process. I used Wordpress Database Backup and I had the file that it gave me but the PHPMyAdmin would not restore the database that I was given from the plugin. So in the process of trying to fix my database, I had a few hours of downtime on my blog. If your a regular visitor you might of seen the message “Database Error” when you visted my site. I have since then fixed the problem With the help of my support team to get my website back up and running.
I was reading over at Malware Diaries, about a hacker that doesn’t secure his exploits. What gets me is that I am so surprised that he did that, then I thought about it and I read what Trend Micro had to say about it:
Creating a website is indeed a big task but, considering the present threat landscape, monitoring it and keeping it secure from attacks is a bigger one.
Website administrators have the responsibility to keep their systems malware free, secure web server files from unauthorized access, and keep their website clean of malicious codes, for their own sake and most especially, their visitors’.
Now admittedly Trend talks about the Gumblar and how they compromise websites with either a FTP password stealer or and SQL Injection. These are a common practice with hackers and thief to get the credentials to use your server for their means. So I wanted to talk about some things you can do to better protect your Wordpress blog. Since I have a Wordpress Blog this was something I know about.
Wordpress Security Scan – This is a great plugin to help you identify and also suggests how you can fix them to prevent a hacker from getting in the first place.
So I get home and here is what they updated for those who would like to keep track:
Vulnerabilities in Active Directory Could Allow Remote Code Execution (KB971055) — This update is only for Microsoft Windows 2000 Server, Windows Server 2003, Windows XP Professional and Windows Server 2003. This one is Rated critical due to Remote Code Execution, which means a program can install malware or viruses on your system and you wouldn’t know it.
Cumulative Security Update for Internet Explorer (KB969897) –This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer.
Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (KB970483) –This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication.
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (KB969462) — This security update resolves several privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object.
I got an Email that happen to get past the spam filters and wanted to talk about it. The Email goes like this:
Hi there
Hey where have you been recently ? I could not get any news from you for a long time. Anyway, I found a decent pharmacy store from google last week. I decided to give a shot because it was Canada Licensed Drugstore. Well the prices were % 65 cheaper than the local pharmacies in my region. So I took a chance. I took my medicines in my hand 3 days after i ordered and they were packed very well as they claimed that they provide full anonymity. Needless to say medicines are legit and they give me what i want If you need any medicine without any prescription, give it a try until the discount ends.
Take care of yourself. I included the url below. See you later.
http://www.guidefabledme.com
Several things makes me wonder where it stands out that this is just spam. Here are some examples:
the word Google — It isn’t capitalised and that should be capilitized.
Bad Grammar — This shows me this isn’t even close to Canada, I’ll explain later in this article.
“OMG WOW Im getting 100s of followers a day, Check out this site: http://twittertrain.net”
Now going to the site and giving out your password is always a bad idea. It seems to some people think it is easy to get followers but those who have built up your followers will know just how hard it is sometimes to get more.
I would be willing to guess this is a phishing attempt to get passwords and twitter names for later on. Some would guess this will just become another way the spammers will use this to spread Scareware. I am thinking they want to get your password and save it for later use like this or others where they can get more people to click links and buy there fake products.
Bulletin 7: Important (Elevation of Privilege): Windows
Bulletin 8: Important (Elevation of Privilege): Windows
Bulletin 9: Important (Elevation of Privilege): Windows
Bulletin 10: Moderate (Information Disclosure): Windows
It will also include one or more updates on WSUS and Windows update, and Microsoft Windows Malicious Software Removal Tool. This looks to be quite a big set of updates. Each one is very serious and will probably be a big download. If your in corporate IT you may want to get ready the Autopatcher program this will help update all the important files on each system without having to have a internet Connection.
This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC. Since this design flaw is one of the reasons you may’ve originally choosen to abandon IE in favor of a safer browser like Firefox, you may wish to remove this extension with all due haste.
As you see, this is a way to make Firefox less secure and almost like Internet Explorer. We’ve seen the problems with all the Malware exploits that people have used in the past. If you want to uninstall it, well you can’t. Microsoft as went out if its way to prevent users from uninstalling. Here is what Brad Abrams talked about on his blog:
We added this support at the machine level in order to enable the feature for all users on the machine.Seems reasonable right? Well, turns out that enabling this functionality at the machine level, rather than at the user level means that the “Uninstall” button is grayed out in the Firefox Add-ons menu because standard users are not permitted to uninstall machine-level components.
It seems that it wasn’t a Cross Site Scripting but an PDF exploit that was used to install Scareware but Virus List says it as a Fraudware.
It looks like they were trying to get people to buy fake Antivirus software called “System Security”. It looks like there was a silent download of the PDF and it tried various exploits to get this software installed.
Virus Total has stated that this looks to be the first time, in which one criminal group is looking at making money off of twitter and Facebook. This could be the beginning of the onslaught of these types of things to continue in the next few months to years.
That is why it is so important to have an Anti-virus software and a good firewall to prevent this sort of thing from happening. It is important to note to all who have a twitter account that you will need to start being more cautious when it comes to videos being put on twitter. You May never see another video virus like this or you could see a dozen in one day it depends on how people react to this and try to prevent it in the future. If you think you have the scareware installed that is System Security. I have found the Removal instrtuctions for people who want to get it off your system.
Lately I’ve been getting spam emails with the titles:
Earning thousands blogging? You could be.
Bloggers Paid for Posts
Bloggers Wanted
Learn to blog for paychecks using this freebie video.
Each link sends me to blogsuccess.com, and looks like this:
“Blog Success founders Jack Humphrey and Peter Lenkefi created this to help bloggers make money.” This is what I read in searches. I’ve got to wonder if this is so successful they why do an email spam? Most emails lately have been about scams and virus exploits. I am going to stick to the only way you should advertise by getting people to click links to come to my site.
According to Symantec:
Symantec reported that nearly 58 percent of spam is now coming from so-called botnets –networks of hacked computers that can be misused by criminals to steal financial information, launch attacks or send spam.
Some sources have started to report this and how it was being sent out. It seems to be some kind of Virus that is taking control of your Twitter account. Althought this is not unusal, what is Unusual is that some have reported this jumping from Twitter to Facebook.
Juste.Ru seems to have been designed for both platforms and someone must of been logged into both to make this happen. If you’ve gotten this message on Facebook you should just delete it and tell the person who sent it they need to do a system check. Also if you have been hit by this virus, first thing to do is clean your system before you do anything else. Then reset your password, this way you won’t be giving the virus access to the new password.
. So Here’s is what you need to watch it on your TV.
— If you plan to use S-video in then this is what you will need. The good thing about this is most Laptops have S-Video Out. Although this isn’t always the case this is how I watch Hulu on TV.
— This is for the head phone jack that you will have on your laptop pipe your audio from you laptop to the TV screen. Depending on the length of the S-Video cable will also determine the Length of the the Audio cable. So you will need to look around for a 25 foot S-video cable just so you have the room.
If you need any medicine without any prescription, give it a try until the discount ends.
Entries (RSS)