This week in computer security

https://wccftech.com/facebook-admits-sharing-private-messages-tech-giants/
No Stopping Facebook… Company Admits Sharing Your Private Messages With Other Tech Giants
And even after this, people won't delete it.

--------------------------------------

Next spring, windows 10 pro and enterprise get a builtin sandbox. Finally!
1. No more neighbor's calls over malware installed from porn sites
2. You don't have to renew yearly subscription for sandboxie any more

Well, assuming it'll work as intended which is kinda not expected from Microsoft.
Details:
https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Windows-Sandbox/ba-p/301849

No, I don't know if this new feature will help cheaters in browser games to efficiently run multiaccounts.
 
Joined
Apr 12, 2009
Messages
23,459
Joined
Nov 5, 2006
Messages
21,915
Location
Old Europe
WARNING !

Someone currently uses my e-mail adress which has the name Alrik.Fassbauer to distribute Trojans !!!

They seem to be located on google drive :
https://557.drive.google.com
https://31697.drive.google.com

From the way the copy of the two e-mails I got are worded I see someone who knows that adress is infected with Emotet or something similar !
 
Last edited:
Joined
Nov 5, 2006
Messages
21,915
Location
Old Europe
You sure it's not just a mask while the sender is someone else?
Perhaps your password was hacked. Change the current e-mail password or simply abandom that e-mail address and move to another.
Google drive… You can't do anything about that unless providing a proof to google it contains malware or copyright infrigment materials. Aka if there is a DMCA notice possibility you can (ab)use like removing stolen private porn vid from vimeo, do it.
 
Joined
Apr 12, 2009
Messages
23,459
My guess is that someone took the adress from here during that security breach, because i hadly use it elsewhere.

The contents of the copies sound as if there had been some social engineering going on.

That google drive link was much longer. I shortened here so that no-one could download something from there.
 
Joined
Nov 5, 2006
Messages
21,915
Location
Old Europe
Usually if you used an e-mail for registration on mmos and used the same password on those mmos, it's gonna leak sooner or later.
Same goes to social networks, if your e-mail address and social network have the same password, you're screwed.

Because this happens frequently, I've always suggested using some dummy e-mail address for registration mmos require from trash e-mail services like hotmail.com. Eventually it'll be compromised, but you won't care as that e-mail address is not your "real" one. Social networks just avoid.

I don't believe anyone "stole" both the address and password from here, IIRC some of that data is crypted. Although to be fair, the password I use to log in here is unique and I don't use it anywhere else.
 
Last edited:
Joined
Apr 12, 2009
Messages
23,459
Yes, but thinks usually leak only if you use it elsewhere, too. I mean, if I use the same adress only for 1 purpose, it's not 100 % save, but still safer as if I was using it for 100 purposes.

And this particular one is one of those adresses. There has been only a *very* small number of occations I had been using it - 5 or so - - and registration here has been one of them.

So I'm relatively sure it must have been taken from that security breach we had here.

And, besides, I've never been on social networks anyway. Only in forums, ever.
 
Joined
Nov 5, 2006
Messages
21,915
Location
Old Europe
Was useful to read, thanks. Our company started using monitoring software [here] to prevent data flowing outside of company’s network. Software monitoring allows employers to observe and track computer use and prevent information theft by employees. Nowadays it's the only way to track websites visited and protect our data from online snoopers.

Spam. I recommend to ignore.
 
Joined
Nov 8, 2014
Messages
12,085
Joined
Oct 19, 2006
Messages
5,212
Location
The Uncanny Valley
Yeah, they post a few short random comments, and then every so often slip in one of these, hawking all sorts of crap.
 
Joined
Nov 8, 2014
Messages
12,085
Yes, but thinks usually leak only if you use it elsewhere, too. I mean, if I use the same adress only for 1 purpose, it's not 100 % save, but still safer as if I was using it for 100 purposes.

And this particular one is one of those adresses. There has been only a *very* small number of occations I had been using it - 5 or so - - and registration here has been one of them.

So I'm relatively sure it must have been taken from that security breach we had here.

And, besides, I've never been on social networks anyway. Only in forums, ever.
As I mentioned in the other thread, anyone can send an email using any email address as the sender. It is called email address spoofing. This cannot be prevented by itself, but If the receiving mailserver and the spoofed mail server both have DMARC setup correctly using DKIM keys, it can be flagged correctly as spam. This is not something you as a user can do though, only your email provider can do that.
I really doubt your email account has been hacked though, certainly not because of any security breach here on RPGWatch.
 
Joined
Aug 30, 2006
Messages
11,223
Spam. I recommend to ignore.
Did you report it? They do have 54 posts.
Yeah, they post a few short random comments, and then every so often slip in one of these, hawking all sorts of crap.
Banned now. When did you report it, Ripper?
I checked eva89’s other postings, many of them (not all) containing spam! Yuck! That person has been active since april 2017, at a time the first seven postings were not monitored.

Edit.
Removed all postings from that darn spammer.
 
Last edited:
But this is trivial to spot if you check the full headers. Have you (er Not Myrthos but the victim(s)) checked the full headers to see where the email originated from- Here is a small example:

X-Original-To: my_email_removed
Delivered-To: my_email_removed
Received: from qmta09.emeryville.ca.mail.comcast.net (qmta09.emeryville.ca.mail.comcast.net [76.96.30.96])
^^^^^^^^^ anything after this line other than destination email could be faked^^
by my_email_machine_removed (Postfix) with ESMTP id 7A6ED82355
for <my_email_removed>; Sat, 7 Jun 2014 11:18:46 -0700 (PDT)
Received: from imta18.emeryville.ca.mail.comcast.net ([76.96.30.94])
by qmta09.emeryville.ca.mail.comcast.net with comcast
id BWJU1o00321qQjwA9WJmh9; Sat, 07 Jun 2014 18:18:46 +0000
Received: from sdkvoairsrfds.lilaceousgnu.info ([IPv6:2001:1608:10:25::8d13:cead])
by imta18.emeryville.ca.mail.comcast.net with comcast
id BWJP1o01A2VcWiH0JWJj6b; Sat, 07 Jun 2014 18:18:46 +0000
Received: by sdkvoairsrfds.lilaceousgnu.info id hidboc17rvob; Sat, 7 Jun 2014 21:17:58 +0300 (envelope-from <46423026572455.67492237099582633661@0437249.sdjaoijg.lilaceousgnu.info>)
Message-ID: <47522546.035304@sdjaoijg.lilaceousgnu.info>
Date: Sat, 07 Jun 2017 18:17:58 +0000
From: "Comprehend Foreign Language" <Notification@sdjaoijg.lilaceousgnu.info>
^^^^^^^^^^^^^^^ This is the 'fake' email address' that you see with your email program


As I mentioned in the other thread, anyone can send an email using any email address as the sender. It is called email address spoofing. This cannot be prevented by itself, but If the receiving mailserver and the spoofed mail server both have DMARC setup correctly using DKIM keys, it can be flagged correctly as spam. This is not something you as a user can do though, only your email provider can do that.
I really doubt your email account has been hacked though, certainly not because of any security breach here on RPGWatch.
 
Joined
Oct 20, 2006
Messages
7,758
Location
usa - no longer boston
Banned now. When did you report it, Ripper?
I checked eva89’s other postings, many of them (not all) containing spam! Yuck! That person has been active since april 2017, at a time the first seven postings were not monitored.

Edit.
Removed all postings from that darn spammer.

I thought I reported that one before, and I thought maybe there was just disagreement because of the number of innocuous posts. Perhaps I didn't, though. Anyhow, gone now - thanks for your efforts.
 
Joined
Nov 8, 2014
Messages
12,085
When reading your posting above, I initially thought we had discussed this eva too, so I checked to see when this was, but in my inbox and sent box a different name was mentioned. But maybe I have overlooked one message?

Anyway, I appreciate your and anyones reports. As you can see for yourselves, sometimes the staff does not notice the spam, not even in two years time. :)
Myrthos overlooked evas spam despite responding in this thread (being focussed on answering Alriks question), so overlooking stuff happens to the best of us. :)

Though the system has changed by now, some are still smart enough to slip through the first monitoring. Let’s hope this is a one time exception, it took me some time to take the necessary steps.
 
But this is trivial to spot if you check the full headers. Have you (er Not Myrthos but the victim(s)) checked the full headers to see where the email originated from- Here is a small example:
Nice, you have an email header with smilies :)
 
Joined
Aug 30, 2006
Messages
11,223
Back
Top Bottom