To all my friends, may I wish you a very holy happy Christmas.
May all your needs be met and your dreams come true over this
most Holy of seasons. Below is a link for you to find a gift.
Your friend Jeff.
http://www.pusher.com.au/clients/pusher-christmas-2011
Wednesday, December 5, 2012
Tuesday, November 20, 2012
Malware targetting Windows does damage in a novel way
Backdoor.Makadoc -- a trojan that has been floating in the wild for a while now, attacking Windows, and has recently been updated to target Windows 8 and Windows Server 2012 -- is a clever piece of malware. What makes this malware clever, you ask? Simply the way it goes about attacking your PC.
Actually, it isn't the attack-vector that is unique -- infections of Backdoor.Makadoc (and its variants) are spread through infected RTF and Word documents. Rather, what is novel about the malware is how it gets your data out of your PC, and how it communicates with malware's command and control servers.
You see any competent firewall will block outgoing connections of a suspicious process. However, most firewalls will not (and do not) block a connection made to Google Docs. As such, Backdoor.Makadocs utilizes Google Docs as the medium of communication between your infected PC and the command and control server. What happens is Makadocs uses the "viewer" functionality in Google Docs to transmit info back adn forth between your PC and the command and control server. Since Google Docs is typically a trusted source by firewalls and Google Docs encrypts all traffic, using this method not only helps the malware go around security measures of a firewall but also to help prevent the detection of the command and control server IP address/URL.
Google, of course, prevents the use of Google Docs for such purposes via its terms and conditions, and provides the ability in every Google Doc file to report abuse:
Using any Google product to conduct this kind of activity is a violation of our product policies. We investigate and take action when we become aware of abuse.
Still, however, there is no real automated way to prevent such attacks via Google Docs because, as TheNextWeb points out, these types of vulnerabilities make use of social engineering and not system exploits. In its official statement on this matter, Microsoft echos this idea of fallibility to social engineering:
Social engineering is an industry-wide issue and we are aware these types of problems occur. We are committed to helping consumers have a safe, secure and positive online experience. Our general guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources and install and regularly update anti-virus software.
As I type this on a Google Doc, I'm hoping Google and Microsoft sort this out as soon as possible. For what it is worth, Backdoor.Makadocs is a known vulnerability (and not a zero-day attack) so any competent anti-virus should protect you against it.
dottech.org
Actually, it isn't the attack-vector that is unique -- infections of Backdoor.Makadoc (and its variants) are spread through infected RTF and Word documents. Rather, what is novel about the malware is how it gets your data out of your PC, and how it communicates with malware's command and control servers.
You see any competent firewall will block outgoing connections of a suspicious process. However, most firewalls will not (and do not) block a connection made to Google Docs. As such, Backdoor.Makadocs utilizes Google Docs as the medium of communication between your infected PC and the command and control server. What happens is Makadocs uses the "viewer" functionality in Google Docs to transmit info back adn forth between your PC and the command and control server. Since Google Docs is typically a trusted source by firewalls and Google Docs encrypts all traffic, using this method not only helps the malware go around security measures of a firewall but also to help prevent the detection of the command and control server IP address/URL.
Google, of course, prevents the use of Google Docs for such purposes via its terms and conditions, and provides the ability in every Google Doc file to report abuse:
Using any Google product to conduct this kind of activity is a violation of our product policies. We investigate and take action when we become aware of abuse.
Still, however, there is no real automated way to prevent such attacks via Google Docs because, as TheNextWeb points out, these types of vulnerabilities make use of social engineering and not system exploits. In its official statement on this matter, Microsoft echos this idea of fallibility to social engineering:
Social engineering is an industry-wide issue and we are aware these types of problems occur. We are committed to helping consumers have a safe, secure and positive online experience. Our general guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources and install and regularly update anti-virus software.
As I type this on a Google Doc, I'm hoping Google and Microsoft sort this out as soon as possible. For what it is worth, Backdoor.Makadocs is a known vulnerability (and not a zero-day attack) so any competent anti-virus should protect you against it.
dottech.org
Sunday, November 18, 2012
Online Surveys Scams
SCAMwatch is warning people to beware of online scams – surveys, emails and social-media posts – offering fake gift vouchers or other bogus inducements in return for disclosing credit card and other personal information.
While many online surveys are legitimate and may be backed by some reward, the Australian Competition and Consumer Commission and Woolworths have received an increased number of complaints about possible scams misusing the Woolworths name and logo, going under such titles as ‘Customer Satisfaction Survey to get $50’.
Scams such as these often ask people to provide credit card or other personal details, which criminals can use to commit identity theft and other fraud.
Woolworths is advising people that all its official competitions are listed at www.woolworths.com.au on its Promotions and Competitions page.
How these scams work
These scams abuse the brand names and logos of well-known companies and products to make them look legitimate.
As with many legitimate offers and online posts, you might be asked to complete a survey and/ or pass on an offer to others before you can claim a voucher or other inducement or enter a competition. But the scams will take your valuable information and give you only disappointment in return – products will never arrive or vouchers will be fakes that retailers won’t honour.
Recent scams have related to supermarkets, coffee shops, smart phones and tablets, including offers featured on Facebook.
Protect yourself
Be very wary when, for example, filling in surveys linked from social networking sites – being asked to provide such detailed information as Medicare numbers or credit-card security codes should ring alarm bells.
You should check whenever you can whether offers are legitimate, even ones passed on from people you know. If the offers are represented as coming directly from a particular retailer, check they are listed on the retailers’ official websites – or call a business’ official customer-service line. Don’t click on links or call numbers listed in the offers – they can link to fake websites and even fake call centres.
If you think you have provided your account details to a scammer, contact your financial institution immediately and report the scam to The Australian Communications and Media Authority http://www.acma.gov.au/WEB/STANDARD/pc=CONTACT_COMPLAINTS_OVIEW
Thursday, November 1, 2012
Advanced-Tokens-Manager
Normally, you can use Windows 7 serial key during installation on the same machine for activating Windows but online activation have some limits. If you install Windows on your system many times due to reasons like virus threats, system files corruption, etc. then online activation is a great problem. 7Tokens Manager is a freeware tool which will back up the Windows 7 Retail, OEM and MAK licenses (your genuine license) and then restore it.
Features:
Backup’s RETAIL / OEM / MAK licenses
Backup Certificate / Serial / Tokens.dat
Backup license files
Dynamic interface
Very lightweight and fast
Programmed with security features
5 min is estimated time required to restore your activation
http://forums.mydigitallife.info/threads/27341-Advanced-Tokens-Manager-The-Activation-Backup-Solution
Tuesday, October 30, 2012
Advanced PDF Utilities Free
For Easy PDF Creation, Conversion & Distribution! 100% FREE!
Multi-purpose Free PDF Toolkit - Preview, Convert, Merge, Split, OCR, Scan...
PDF has been widely used for electronic documents in our daily life, either in work or personal file exchange. To expand your PDF abilities, Advanced PDF Utilities Free combines most
practical PDF functions to carry out a number of activities to preview, merge, split, remove password & restrictions and convert images to PDF, PDF to images, PDF to TXT or PDF to Word.
It also includes printer & scanner support to print out the PDF and scan the paper document to PDF. Additionally, the PDF OCR function allows you to change images and PDF into editable text.
http://www.pdfcore.com/
Monday, October 8, 2012
New malware ransomware locks your computer - asks for $200
Ransomware is a type of malware that locks your computers, encrypts your files, etc. to prevent you from accessing your data and asks for money if you want to regain access. In other words, your data is held ransom, hence the name ransomware.
A new ransomware is floating around the internet pretending to be from the United States government, claiming the target computer has been locked because the user either illegally downloading copyrighted content, software, or child pornography. The randsomware uses the well-known but extinct Stop Online Piracy Act (the act that was never made law) as cover, claiming your computer has been put on the 'S.O.P.A. Black List' and your computer is being locked by the 'Stop Online Piracy Automatic Protection System'.
In classic ransomware style, anyone affected by this ransomware is asked to make a payment of $200 within 72 hours (by purchasing a MoneyPak prepaid voucher) or else risk all their data being erased. Interestingly enough, people who don't have access to MoneyPak stores (aka everyone outside United States and Canada -- MoneyPak is a legitimate business who is unfortunately abused for these types of schemes), you can send a 200 euros through Western Union. I guess us North Americans get a discount since this is our law.
Aside from for money, the ransomware claims that users can be provided with one decrypted files as proof that the hackers can, and will, unlock your files after you pay. I wouldn't suggest taking them up on that offer -- who knows what they will e-mail you back as an attachment.
What makes this ransomware different than others is it tries to create an aura of legitimacy by pretending to the be the American government. Many people will probably think twice before giving into the demands of a ransomware attack if the attack is obvious ransomware. However, this ransomware makes it look like it is the United States government that is locking your computer, which is likely to persuade more people into giving in demands -- thanks to fear or otherwise. The media attention given to SOPA/PIPA earlier this year only magnifies this effect.
It isn't entirely clear how users are being infected by this particular ransomware but it does look like only Windows machines are being infected.
If you are infected, as with most competent ransomware, there really isn't any way to unlock your computer unless you know how to break the encryption (which likely isn't going to happen). It is recommended to not pay the thieves because there is no guarantee that they will actually unlock your files and they could very well simply target you again because they know you will pay. The best thing to do when infected is simply wipe your computer and restore your data from backups, assuming you have some. Once you are up and running, make sure to install the appropriate security measures -- including but not limited to a competent anti-virus -- and avoid shady files and websites.
Thursday, October 4, 2012
Computer cold call virus scam – scammers outsmarted!
Joint action between three international regulators has thwarted a massive global phone scam, with US authorities winning court orders to close down and freeze funds of imposters posing as Microsoft employees offering to fix PC viruses.
The Australian Communications and Media Authority (the ACMA), the US Federal Trade Commission and the Canadian Radio-television and Telecommunications Commission collaborated to share key intelligence about the operations of the Microsoft imposters.
This scam was one of the most commonly reported scams in 2011, with computer hacking scams contributing more than 23 per cent to the total scam reports to the ACCC.
SCAMwatch urges you to remain alert – this type of scam continues to do the rounds, with scammers impersonating other well known and trusted companies or government agencies to slip under your radar.
If you receive a call out of the blue from a stranger requesting access to your computer, money or your personal details, just hang up.
How these scams work
You receive a call out of the blue from someone claiming to be from (or have a relationship with) Windows or Microsoft and that they have detected a virus on your computer.
To confirm the diagnosis, the caller asks you to open Windows Event Viewer on your machine to check if it is infected. Several error messages are listed and this reinforces their claims, even though errors are common and usually harmless. The caller tells you that these are of significant concern and offers to refer you to a ‘technician’ who could fix the problem—for a fee.
At this point, you’re offered a number of solutions that seem to make perfect sense. Depending on the intent of the particular scammer involved, the ‘technician’ might:
Install an antivirus program on your computer—typically the kind that you can download for free from reputable companies—and charge up to $250 for the service.
Ask for your credit card details but install nothing. Your details might then be sold to other parties or used for fraudulent purposes.
Install malware on your computer—this enables your computer to be controlled remotely for other illegal and harmful activities.
Access and steal personal and financial details from your computer.
Follow-up scam
Scammers have also been known to make follow-up calls to people who initially fell victim to the scam. In these calls the scammer falsely claims to be from a foreign government, foreign law enforcement body, or from your bank, and offers to recover the money that you initially lost— in return for a fee.
Protect yourself
Suspect: Don’t accept anything at face value—if it sounds unlikely or too good to be true, it probably is.
Think: Recognise the signs—if you’re being pressured to act, disclose personal details or send money to a stranger, it’s almost certainly a scam. For example, Microsoft never makes unsolicited phone calls about its products.
Report: Act quickly—tell SCAMwatch and stop scammers in their tracks.
Ignore: Never respond. Just hang up, or delete the SMS or email after reporting.
Report
You can report scams to the ACCC via the SCAMwatch report a scam page [ https://www.scamwatch.gov.au/content/index.phtml/tag/reportascam ] or by calling 1300 795 995.
Subscribe to:
Posts (Atom)