|
Your donations keep RPGWatch running!
RPGWatch Forums » General Forums » Tech Help » This week in computer security

Default This week in computer security

February 4th, 2013, 20:09
Beware of "Superclean" and "Droidclean" from the "Google Play Store" ! : These are programs built to send EVERYTHING THEY CAN FIND to their "Masters" !
They even infect the Windows platform !

I read that they have already been withdrawn, but that there are new and similar looking "Apps" now there instead …

More about that here : http://www.securelist.com/en/blog/805/Mobile_attacks

“ Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius – and a lot of courage – to move in the opposite direction.“ (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR

#101

Join Date: Nov 2006
Location: Old Europe
Posts: 16,057

Default 

February 9th, 2013, 15:22
I just read than trying to start Linux with an UEFI-BIOS can literally destroy Samsung notebooks.

The bug, or whatever this is, is reported for Ubuntu, but is suspected to affect other Linux systems as well.

The article says that the following series is affected : 300E5C, 530U3C, 700Z3C, 700Z5C, 700Z7C, 900X4C.

“ Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius – and a lot of courage – to move in the opposite direction.“ (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR

#102

Join Date: Nov 2006
Location: Old Europe
Posts: 16,057

Default 

March 14th, 2013, 13:44
There's a new Trojan going round - this time using Skype.

The German version of it comes with Skype messages (in German language) "aren't these photos from you ?" - and links, which direct towards a site which has a name with looks similar to google - but only at first glance.

And this is the newest trend in Virus-making : Adressing people personally, with their exact personal names !

I recently had a Trojan embedded in an personally adressed ( yes, they used my personal real name ! ) billing message over several hundred Euros, together with an aggressive language ( meant to switch off pepople's Logik ! ) claiming that they would send an Inkasso bureau after me if I wouldn't pay this …
The E-Mail's attachment contained a Trojan in .com form, which was embedded twice in an .ZIP container.

Trojan makers explicitely use emotional, aggressive writings to make people literally "loose their heads".

Because in an emotionally unstable state, people not only do mass shootings, but they also klick on EVERY message link/button/attachment…

And Trojan/Virus makers are HUGE fans of the "shock moment" approach !

“ Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius – and a lot of courage – to move in the opposite direction.“ (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR

#103

Join Date: Nov 2006
Location: Old Europe
Posts: 16,057

Default 

March 16th, 2013, 05:20
I don't know if that's all THAT new. Virus programs have been poking through address books and contact lists for some years now.

In other news - hackers replace terrorists as the top security threat to the USA.
Zloth is offline

Zloth

Zloth's Avatar
I smell a… wumpus!?

#104

Join Date: Aug 2008
Location: Kansas City
Posts: 2,958

Default 

April 17th, 2013, 14:51
Well, I don't know much about it, but this sounds rather serious to me : http://www.gamasutra.com/view/news/1…eping_busy.php

In detail (as linked from within the above article) : http://www.securelist.com/en/analysi…an_just_a_game

“ Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius – and a lot of courage – to move in the opposite direction.“ (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR

#105

Join Date: Nov 2006
Location: Old Europe
Posts: 16,057

Default 

April 17th, 2013, 15:08
Just ignore it Alrik. It's impossible to steal the code that runs on a server. It's very possible however to steal, analyze and change the client code without "cyber attacks", hell ppl are doing that to cheat for years already. Take Maple Story for example, the server allows anything your client asks so you mess the data files on your PC where client is and you become a godlike character because server code has no restrictions and grants your "hero" anything client claims you should have.

The bigger problem, not addressed in that article is, if we're playing an always online DRM game, what happens if someone launches a ddos attack on game's autorization/authentication servers? The service goes down, for hours, even days and the game is unplayable. While so called f2p devs can use an excuse "so what, it's a free game", how would you explain to paying customers that they can't enjoy their singleplayer game because your DRM server can't respond to everyone because of too many fake requests?

Toka Koka
joxer is offline

joxer

joxer's Avatar
The Smoker
RPGWatch Donor

#106

Join Date: Apr 2009
Posts: 6,724

Default 

April 17th, 2013, 21:32
Yes, of course, any DDOS attack on an offline singleplayer game is quite unsuccessful.

“ Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius – and a lot of courage – to move in the opposite direction.“ (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR

#107

Join Date: Nov 2006
Location: Old Europe
Posts: 16,057

Default 

April 28th, 2013, 21:25
My sister called me and asked if I'd started using Facebook again. No, I told her. I canceled it 5 years ago. Some russian hackers had started posting on my account again. Damn, I thought. Maybe they've hacked my email. Checked the IP-log and noone had accessed it. Reverted my password for Facebook and checked. Seems Facebook had added their own email to my old account. Don't know if its this email that got hacked. Regardless, one more reason to keep away from Facebook!

You can't really delete your Facebook account. Just alter everything to something random, including your name (preferably something obscene). Remember to delete your history and remove friends etc.
hishadow is offline

hishadow

Level N+1

#108

Join Date: Mar 2008
Location: Southern parts of Norway
Posts: 1,142

Default 

April 29th, 2013, 14:16
Stolen Winnti Certificated are now used against Tibetans & Uyghurians : http://www.securelist.com/en/blog/20…_Uyghur_Groups
Now, this thing becomes political. Because everyone knows that China tries to suppress any resistance in Tibet.

“ Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius – and a lot of courage – to move in the opposite direction.“ (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR

#109

Join Date: Nov 2006
Location: Old Europe
Posts: 16,057

Default 

May 14th, 2013, 13:06
Security & Politics : http://www.reuters.com/article/2013/…9490EL20130510


Unrelated : Microsoft's Kernel quiality seems to decline !? : http://blog.zorinaq.com/?e=74

“ Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius – and a lot of courage – to move in the opposite direction.“ (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR

#110

Join Date: Nov 2006
Location: Old Europe
Posts: 16,057

Default 

May 15th, 2013, 16:03
My computer at work appears to have been hacked. Someone wrote a check to someone in Romania for a lot of money with a fictious check number. I checked my bank balance online(they aren't open yet) and nothing is missing so far. The weird thing is there are all these ads for Quickbook fraud protection opened up on the program as well so I'm not sure if it's just a campaign to get me to buy more services. I bought Quickbooks online backup protection that runs everyday.

Checking online it seems Romania is #2 in the world behind China in hacking organizations so I'm getting a bit worried. Not sure how someone got in as e-mail is never used on that computer and no browsers were running. My firewalls and browser say everything is normal.
redman5427 is offline

redman5427

redman5427's Avatar
SasqWatch

#111

Join Date: Oct 2006
Location: its kinda frozen
Posts: 859

Default 

May 15th, 2013, 22:20
Maybe you should send the vendor a request to investigate it. They might be hacked.
hishadow is offline

hishadow

Level N+1

#112

Join Date: Mar 2008
Location: Southern parts of Norway
Posts: 1,142

Default 

May 15th, 2013, 22:55
Thanks but we do our own computers. Quickbooks was able to login and see where someone got on last night and tried to write himself several checks. He also(or she)
tried to get the creit card company to issue a very large credit back to our checking account. We don't transfer money from our account electronically so we lucked out but just the fact someone got in where all our information and S.S. numbers of our employees was bad enough. We changed all our bank numbers.

I looked in that computer using the netstat command and found a port opened with an ip located somewhere in Germany. I have turned off remote desktop but don't know what else to do other than running a scan. I might have to format. Its crazy because nobody does much with that computer especially not online.

Update. Scanning the computer revealed 33 trojans and all were removed. We have decided to shut this computer off when we are not using it and not to use the internet at all unless we have to update.
Last edited by redman5427; May 16th, 2013 at 15:57. Reason: update
redman5427 is offline

redman5427

redman5427's Avatar
SasqWatch

#113

Join Date: Oct 2006
Location: its kinda frozen
Posts: 859

Default 

July 9th, 2013, 18:14
True story:
The Economic Development Administration (EDA) is an agency in the Department of Commerce that promotes economic development in regions of the US suffering low growth, low employment, and other economic problems. In December 2011, the Department of Homeland Security notified both the EDA and the National Oceanic and Atmospheric Administration (NOAA) that there was a potential malware infection within the two agencies' systems.
…
EDA's CIO, fearing that the agency was under attack from a nation-state, insisted instead on a policy of physical destruction. The EDA destroyed not only (uninfected) desktop computers but also printers, cameras, keyboards, and even mice. The destruction only stopped—sparing $3 million of equipment—because the agency had run out of money to pay for destroying the hardware.

ArsTechnica.com: US agency baffled by modern technology, destroys mice to get rid of viruses
hishadow is offline

hishadow

Level N+1

#114

Join Date: Mar 2008
Location: Southern parts of Norway
Posts: 1,142

Default 

October 31st, 2013, 00:16
The 25 update of Firefox now has a new neat security feature under the Firefox -> Add-ons menu. I recommend you set Ask to Activate on all add-ons (Flash included). Then you can use the address bar to allow which sites can use each particular addons.
hishadow is offline

hishadow

Level N+1

#115

Join Date: Mar 2008
Location: Southern parts of Norway
Posts: 1,142

Default 

October 31st, 2013, 22:29
Thank you. Just did the Update.

“ Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius – and a lot of courage – to move in the opposite direction.“ (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR

#116

Join Date: Nov 2006
Location: Old Europe
Posts: 16,057

Lightbulb 

November 28th, 2013, 01:02
Firefox tip: If you set browser.link.open_newwindow.restriction to 0, all popup-windows will open in a new tab. This also removes the webpage ability to resize the window and remove menus. Type about:config in the address bar to find the option.
hishadow is offline

hishadow

Level N+1

#117

Join Date: Mar 2008
Location: Southern parts of Norway
Posts: 1,142

Default 

December 7th, 2013, 21:06
Got just another Battle-net related scam mail.

This is the WHOIS result I did of the domain "us.battle.net.long.ggmneg.info" :

ggmneg.info registry whois
Updated 9 minutes ago - Refresh

Domain ID50390975-LRMS
Domain Name:GGMNEG.INFO
Created On:04-Aug-2013 08:10:24 UTC
Last Updated On:03-Oct-2013 20:30:26 UTC
Expiration Date:04-Aug-2014 08:10:24 UTC
Sponsoring Registrar:Wild West Domains, LLC (R213-LRMS)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT RENEW PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Registrant ID:CR148410509
Registrant Name:cccd ss
Registrant Organization:
Registrant Street1:beijing
Registrant Street2:
Registrant Street3:
Registrant City:beijing
Registrant State/Province:beijing
Registrant Postal Code:100000
Registrant Country:CN
Registrant Phone:+1.3200903320
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:email@foxmail.com
Admin ID:CR148410511
Admin Name:cccd ss
Admin Organization:
Admin Street1:beijing
Admin Street2:
Admin Street3:
Admin City:beijing
Admin State/Province:beijing
Admin Postal Code:100000
Admin Country:CN
Admin Phone:+1.3200903320
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:email@foxmail.com
Billing ID:CR148410512
Billing Name:cccd ss
Billing Organization:
Billing Street1:beijing
Billing Street2:
Billing Street3:
Billing City:beijing
Billing State/Province:beijing
Billing Postal Code:100000
Billing Country:CN
Billing Phone:+1.3200903320
Billing Phone Ext.:
Billing FAX:
Billing FAX Ext.:
Billing Email:email@foxmail.com
Tech ID:CR148410510
Tech Name:cccd ss
Tech Organization:
Tech Street1:beijing
Tech Street2:
Tech Street3:
Tech City:beijing
Tech State/Province:beijing
Tech Postal Code:100000
Tech Country:CN
Tech Phone:+1.3200903320
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:email@foxmail.com
Name Server:F1G1NS2.DNSPOD.NET
Name Server:F1G1NS1.DNSPOD.NET
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:

“ Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius – and a lot of courage – to move in the opposite direction.“ (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR

#118

Join Date: Nov 2006
Location: Old Europe
Posts: 16,057

Default 

December 7th, 2013, 23:16
How kind of the chinese grinders. Not only will they steal your virtual gold, but sell it back to you.
hishadow is offline

hishadow

Level N+1

#119

Join Date: Mar 2008
Location: Southern parts of Norway
Posts: 1,142

Default 

December 10th, 2013, 15:56
I'm not surprised : http://www.pcworld.com/article/20583…d-captcha.html

“ Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius – and a lot of courage – to move in the opposite direction.“ (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR

#120

Join Date: Nov 2006
Location: Old Europe
Posts: 16,057
RPGWatch Forums » General Forums » Tech Help » This week in computer security
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 05:30.
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Copyright by RPGWatch