Technical Tidbits

What was I just saying in my most recent blog, “Apple Mac Arrogance or Pure Stupidity?“??

Hmmm, maybe I’m psychic? Or maybe I just know security! Ya think?

In a just published article on InfoWorld and MacWorld, Johnny Evans (MacWorld UK) reports that security vendors, SecureMac and Intego are separately reporting a new Trojan exploit for the Mac.

The Trojan horse is currently being distributed from a hacker website, where discussion has taken place on distributing the Trojan horse through iChat and Limewire.

The Trojan horse runs hidden on the system, and allows a malicious user complete remote access to the system, can reportedly transmit system and user passwords, and can avoid detection by opening ports in the firewall and turning off system logging.

Additionally, the AppleScript.THT Trojan horse can log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots, and turn on file sharing. The Trojan horse exploits a recently discovered vulnerability with the Apple Remote Desktop Agent, which allows it to run as root.

My students have heard me preach and preach about the whole Limewire issue (not to mention bearshare and the others!) and I’ve stated in my referenced blog entry that Mac users are either arrogant or stupid if they believe they are exempt from these kinds of malware.

My God people, WAKE UP and smell the MALWARE!

To read the full InfoWorld Article, click the link: Full InfoWorld Article.

written by Admin \\ tags: hacker, hackers, iChat, infoworld, Intego, Johnny Evans, Limewire, Mac, MacWorld, malware, SecureMac, trojan, Trojan horse

As if we’re not busy enough with this website and our clients, our eBay account was hacked this morning.

I received an e-mail this morning from eBay confirming that they had changed my e-mail address as requested. What???? My real name was in the e-mail BUT, the ISP address and the IP address of the alleged “me” did not match!

First of all, the IP address is registered to Road Runner according to http://ws.arin.net/whois/

I have Comcast as an ISP and a Comcast IP address, not Road Runner.

Secondly,  the ISP address is part of the “Blackhole” so it’s not a valid ISP.

Now, this raises two questions.

1. How did my account get hacked when my password was not a hackable one?

2. Why did it get hacked when there is nothing in the account that would be of benefit. No checking account information, and so forth.

Now, mind you, I’m not what you would call a “Conspiracy Theorist” but I’m beginning to wonder about some strange things I’m noticing recently.

I had sent in for one of those PayPal key chain automatic password generators and never activated it. (It was more for research then anything else.)  Could PayPal have purposely hacked my eBay account because I wasn’t using it? Makes you wonder!

The reason I’m suspicious of this type of activity is because I’ve seen some activity on our web logs that bothers me.  But more on that later.

For now, make sure your eBay account has not been compromised in case this is going around.

Now, back to changing ALL my passwords on every account I have to make sure they are tighter then they were before…..

Stay safe, Debbie

Debbie

written by Admin \\ tags: ebay, ebay account hack, ebay hack, hack, hacked, hacker, password, paypal