Technical Tidbits

I get a diverse amount of e-mails and newsletters and sometimes I come across something that’s not being posted anywhere else. This is one of those items.

I subscribe to Promo Magazine because we do marketing as a company. They recently published an interesting article that I thought I should make you aware of.

Verizon has issued a statement that there appears to be a mailing coming from them that tells you you’ve won $750,000. This mailing also includes a fake check from Verizon Financial.

According to the Promo Magazine online article:

The company notified law enforcement agencies late last month that the letters state that to collect the prize, consumers must first pay a $3,200 “processing fee,” Verizon said. Each letter contains a fake $4,500 check “to trick consumers into believing that they will be more than reimbursed for the fee,” the company said.

Further, the article states:

Another twist to the scam is instructions in the letter that tell the recipient to call a “claims agent” to claim the promised $750,000, a likely attempt at illegally collecting consumer information, Verizon said.

I know this is economic hard times for some of you, but please, don’t be duped by this scam!

To read the full article and Verizon’s statement, go here: http://promomagazine.com/contests/news/verizon_warns_sweepstakes_scam_0904/

written by Admin \\ tags: claims agent, Promo Magazine, sweepstakes, sweepstakes scam, verizon, Verizon financial

If you have TrendMicro Internet Security Pro and have done a scan to find that you have far too many TROJ_Generic and/or TROJ_Generic.adv files in your quarantine - and you look at the list finding Windows Systems files, you DO NOT have a Trojan in your computer system. This is a newly discovered problem in TrendMIcro pattern file updates and you need to fix the problem.

The fix currently may or may not work in all cases. If this fix does not work for you, you must call customer support to get additional assistance.  Home / Home Office Users: +1 (800) 864-6027, SMB +1 (888) 762-8736

The Fix:

1. Go to MY COMPUTER and double-click to open the C Drive.

2. Go to PROGRAM FILES and find the TREND MICRO folder.

3. Find all files named: lpt$vpn (they will also have a dot (.) and a 3-digit number after them. As in, lpt$vpn.521 or similar.

4. Delete all files named in this manner.

5. Reboot your machine.

6. Open Trend and click the UPDATE NOW button. (You may have to reboot again.)

7. Run a scan.

If the false Trojan files do not appear again, you have fixed the problem.

If the false Trojan’s appear again, the problem is still there and you must call customer support.

written by Admin \\ tags: infected system files, Internet Security Pro, system files, Trend Micro, trendmicro, TROJ_Generic, TROJ_Generic.adv, TROJ_Generic_adv

I just received one of my newsletters and it pointed me to an article at InfoWorld disclosing that Microsoft confesses to posting a flawed update. (Imagine that!) Perhaps they’ve been spending too much time courting Jerry Seinfeld?

Anyway, the article’s subheading states:

The admission was the third time in the past two months that Microsoft has had to re-issue a security-related update

The reason I’ve put this in the alerts category is because the security update was marked critical and the re-release is critical.

You can read more about the re-release here: http://www.microsoft.com/technet/security/bulletin/MS08-051.mspx

and read the full InfoWorld Article here: Microsoft confesses…

As a side note, the critical update states:

“This security update resolves three privately reported vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint Viewer that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

That made me think about all the Power Point attachments I’ve been getting in my e-mails lately. (Which I don’t open, btw.) Wonder how many of you are being controlled remotely since you’ve opened them?

Sort of makes you wonder……

written by Admin \\ tags: email attachment, flawed update, infoworld, Microsoft, microsoft update, powerpoint, powerpoint viewer, powerpoint vulnerability, pps

Microsoft has revised two Security Bulletins dealing with DirectX and upgraded them to CRITICAL.

What is extremely important about this and the reason why I felt the need to issue an alert is that their bulletin MS07-064 was originally issued in December 2007!

For Microsoft to revise this now means that it IS CRITICAL!

Why is this important?

DirectX handles WAV and AVI files among others. We all watch YouTube videos and pass around videos in e-mails. That’s why this is important!

If you do not want to wait for the updates to come automatically, you should go to the Windows Update site at: http://www.update.microsoft.com/windowsupdate/v6/default.aspx

PATCH NOW!

written by Admin \\ tags: Avi, critical alert, DirectX, Microsoft, Updates & Maintenance, video, Wav, youtube

What was I just saying in my most recent blog, “Apple Mac Arrogance or Pure Stupidity?“??

Hmmm, maybe I’m psychic? Or maybe I just know security! Ya think?

In a just published article on InfoWorld and MacWorld, Johnny Evans (MacWorld UK) reports that security vendors, SecureMac and Intego are separately reporting a new Trojan exploit for the Mac.

The Trojan horse is currently being distributed from a hacker website, where discussion has taken place on distributing the Trojan horse through iChat and Limewire.

The Trojan horse runs hidden on the system, and allows a malicious user complete remote access to the system, can reportedly transmit system and user passwords, and can avoid detection by opening ports in the firewall and turning off system logging.

Additionally, the AppleScript.THT Trojan horse can log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots, and turn on file sharing. The Trojan horse exploits a recently discovered vulnerability with the Apple Remote Desktop Agent, which allows it to run as root.

My students have heard me preach and preach about the whole Limewire issue (not to mention bearshare and the others!) and I’ve stated in my referenced blog entry that Mac users are either arrogant or stupid if they believe they are exempt from these kinds of malware.

My God people, WAKE UP and smell the MALWARE!

To read the full InfoWorld Article, click the link: Full InfoWorld Article.

written by Admin \\ tags: hacker, hackers, iChat, infoworld, Intego, Johnny Evans, Limewire, Mac, MacWorld, malware, SecureMac, trojan, Trojan horse