Technical Tidbits

Currently breaking news!

Never under-estimate the power of hackers!

Governor Palin’s Yahoo e-mail was hacked by an activist group called “anonymous,” best known for its joustswith the Church of Scientology according to a bulletin put out by Network World!

Get your copy of the evidence at WikiLeaks.org before they close the site down!

The group accuses Palin of using private email accounts to conduct government business and in the process avoid transparency laws.

Now, what was I saying about security and it will never happen to you???

written by Admin \\ tags: email hacked, Palin, sara palin, Security

I just received a notice from Cert about an advisory for an Apple Mac OS X vulnerabilty.  You know that software and computer that doesn’t need anti-virus because it’s so secure? Yeah! Those guys! (And yes, I’m in one of my smart a** moods today!)

The systems affected are:

• Apple Mac OS X versions prior to and including 10.4.11 (Tiger) and 10.5.4 (Leopard)
• Apple Mac OS X Server versions prior to and including 10.4.11 (Tiger) and 10.5.4 (Leopard)

Apple has released a security update for those computers that are so secure and never have any issues with security here: http://support.apple.com/kb/HT3137

But I’m sure the majority of Mac users won’t need this because after all, they are already secure.

The security update fixes several vulnerabilities that Mac users don’t really have.  The Cert Advisory claims that:

Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.

Among the list of fixes listed at Apple, we see the following vulnerabilities being fixed:

• Viewing a document containing a maliciously crafted font may lead to arbitrary code execution.
• Multiple vulnerabilities exist in ClamAV 0.92.1, the most serious of which may lead to arbitrary code execution.
• A person with access to the login screen may be able to list user names
• A local user may obtain the server password if an OpenLDAP system administrator runs slapconfig.
• An attacker with access to the local network may cause a denial of service.
• Viewing a maliciously crafted TIFF, PICT, or JPEG image may lead to an unexpected application termination or arbitrary code execution. (Is unexpected application termination another name for a crash? No, it can’t be! Everyone knows Mac’s don’t crash!)
• Files may be accessed by a local user who does not have the proper permissions.
• A weakness in the DNS protocol may allow remote attackers to perform DNS cache poisoning attacks.
• A user may log in without providing a password.
• A person with access to the login screen may be able to change a user’s password.
• mDNSResponder is susceptible to DNS cache poisoning and may return forged information.
• Multiple vulnerabilities exist in OpenSSH versions provided with Mac OS X v10.4.11 and Mac OS X v10.5.4, the most serious of which allows a local user to control another user’s X11 session.
• A local user may obtain the PPP password.
• Users may be misled into believing their passwords are stronger than they are.
• Authenticated users may have unexpected remote access to files and directories.
• Backing up a system with Time Machine may lead to the disclosure of sensitive information.
• Videoconferencing with a malicious user may lead to an unexpected application termination or arbitrary code execution.
• A remote attacker may cause persistent JavaScript injection on a Wiki server.

Welcome to the REAL world Mac users! The real world PC users are familiar with where nothing is taken for granted in terms of security.

You know what? You folks are looking more and more like a PC in terms of security! I’m sure glad I didn’t spend big money on your really secure machine that doesn’t need Antivirus because it’s SO secure! DANG! That would’ve really ticked me off!

And for those of you who are wondering why I’m being such a smart a**, you have no idea how many times I’ve been told in our courses that Apple Mac users don’t need to know about security because their machine is so secure it doesn’t even need Antivirus. And if I had a dollar for every Mac user in my security courses that have told me that the sales staff at the Mac store have told them this is so, I wouldn’t be looking at employment options right now!

In fact, if all PC and Mac users would realize that security is THEIR responsibility, I’d sell out every one of our courses we’ve offered during our Anniversary special! Am I in a bad mood? Yes I am. And the reason? Because I’m sick and tired of people telling me that nothing is every going to happen to them until it does. And then they come crying to me to fix their computer after the hack or malware attack, or the identity breach!

In fact, just this week, I had two family members inform me their identity has been breached! Which p*sses me off even more! This is what I teach! But not even my own family thinks it will happen to them after they hear me talk about it! But that’s a conversation for tomorrows blog entry.

Go update your MAC!

written by Admin \\ tags: apple, leopard, Mac, mac os x, mac security, mac vulnerabilities, pc security, Security, tiger

On September 5, I published the first Too Many Trojan’s post about TrendMicro reporting windows files and program files as Trojan’s and quarantining them.

Well, it happened again! Today!

I sent my analysis files to TrendMicro via our PartnerNet but I think I have the culprit found! I wanted to put this out there so you know and I did alert Trend to this possibility.

I believe the running of TeaTimer from Spybot Search and Destroy is the problem. I just tested my theory and so far the problem seems resolved.

1. Turn off TeaTimer.

2. Delete the files under C:\Program Files\Trend Micro (and then your software - mine was under Internet Security) named: lpt$vpn. There will be at least one if not more. Any file starting with that name delete.

3. Reboot your computer.

4. Update Trend again.

5. It will require you to reboot one more time.

6. Re-scan and you should find that it does not quarantine any other files.

If you cannot reboot in normal windows mode, Trend has the directions to reboot in safe mode here:

http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1038089&id=EN-1038089

And if this does become the reason for the problem, remember it was posted here first! We always keep you ahead of security!

written by Admin \\ tags: infected system files, Internet Security Pro, spybot, spybot S&D, spybot search and destroy, system files, TeaTimer, Trend Micro, trendmicro, TROJ_Generic, TROJ_Generic.adv, TROJ_Generic_adv

Forget about that Nigerian e-mail scam that is fading in popularity! There’s a new Nigerian scam with a US twist. From Craig’s List to online classifieds, the new scam targets people looking for housing rentals.

I could go on, but this article says it all so distinctly:
http://abcnews.go.com/Business/story?id=5783260&page=1

As a side note to this information, keep in mind that Craig’s list does not police their ads! Knowledge is the key to power folks! LEARN TO PROTECT YOURSELF!

written by Admin \\ tags: ABC, ABC News, classifieds, Craigs list, houses, houses for rent, Internet, internet scam, nigeria, online classified, scam

I get a diverse amount of e-mails and newsletters and sometimes I come across something that’s not being posted anywhere else. This is one of those items.

I subscribe to Promo Magazine because we do marketing as a company. They recently published an interesting article that I thought I should make you aware of.

Verizon has issued a statement that there appears to be a mailing coming from them that tells you you’ve won $750,000. This mailing also includes a fake check from Verizon Financial.

According to the Promo Magazine online article:

The company notified law enforcement agencies late last month that the letters state that to collect the prize, consumers must first pay a $3,200 “processing fee,” Verizon said. Each letter contains a fake $4,500 check “to trick consumers into believing that they will be more than reimbursed for the fee,” the company said.

Further, the article states:

Another twist to the scam is instructions in the letter that tell the recipient to call a “claims agent” to claim the promised $750,000, a likely attempt at illegally collecting consumer information, Verizon said.

I know this is economic hard times for some of you, but please, don’t be duped by this scam!

To read the full article and Verizon’s statement, go here: http://promomagazine.com/contests/news/verizon_warns_sweepstakes_scam_0904/

written by Admin \\ tags: claims agent, Promo Magazine, sweepstakes, sweepstakes scam, verizon, Verizon financial