This week in computer security - Page 18 - RPGWatch Forums
|
Your donations keep RPGWatch running!
RPGWatch Forums » General Forums » Tech Help » This week in computer security

Default This week in computer security

December 15th, 2018, 13:50
I think you are trying to express that the case of the theft being done by someone who works at the organization but perhaps I am mistaken as your statement is a bit ambiguous.

Originally Posted by SirJames View Post
Especially if they stole it themselves.
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#341

Join Date: Oct 2006
Location: usa - boston
Posts: 6,894
Mentioned: 42 Post(s)

Default 

December 20th, 2018, 08:48
https://wccftech.com/facebook-admits…s-tech-giants/
No Stopping Facebook… Company Admits Sharing Your Private Messages With Other Tech Giants
And even after this, people won't delete it.

--------------------------------------

Next spring, windows 10 pro and enterprise get a builtin sandbox. Finally!
1. No more neighbor's calls over malware installed from porn sites
2. You don't have to renew yearly subscription for sandboxie any more

Well, assuming it'll work as intended which is kinda not expected from Microsoft.
Details:
https://techcommunity.microsoft.com/…ox/ba-p/301849

No, I don't know if this new feature will help cheaters in browser games to efficiently run multiaccounts.
--
Toka Koka
joxer is offline

joxer

joxer's Avatar
The Smoker
RPGWatch Donor
Original Sin 1 & 2 Donor

#342

Join Date: Apr 2009
Posts: 20,872
Mentioned: 128 Post(s)

Default 

December 20th, 2018, 23:01
It is normally home folks who visit porn site and they typically don't have enterprise or pro…. so from your post the folks who need it don't get it….

Originally Posted by joxer View Post
[url]
Next spring, windows 10 pro and enterprise get a builtin sandbox. Finally!
1. No more neighbor's calls over malware installed from porn sites
2. You don't have to renew yearly subscription for sandboxie any more
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#343

Join Date: Oct 2006
Location: usa - boston
Posts: 6,894
Mentioned: 42 Post(s)

Default 

December 21st, 2018, 23:35
https://www.bloomberg.com/news/artic…sapp-transfers
Facebook Is Developing a Cryptocurrency for WhatsApp Transfers, Sources Say
If you're reading this. Please. When it goes live. Do not. Touch it.
--
Toka Koka
joxer is offline

joxer

joxer's Avatar
The Smoker
RPGWatch Donor
Original Sin 1 & 2 Donor

#344

Join Date: Apr 2009
Posts: 20,872
Mentioned: 128 Post(s)

Default 

December 23rd, 2018, 13:12
"When best practises are not good enough" - 2-factor-security efficiently hacked - article by Amnesty international :
https://www.amnesty.org/en/latest/re…t-good-enough/
--
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR
Original Sin 1 & 2 Donor

#345

Join Date: Nov 2006
Location: Old Europe
Posts: 18,677
Mentioned: 15 Post(s)

Angry 

February 20th, 2019, 16:14
WARNING !

Someone currently uses my e-mail adress which has the name Alrik.Fassbauer to distribute Trojans !!!

They seem to be located on google drive :
https://557.drive.google.com
https://31697.drive.google.com

From the way the copy of the two e-mails I got are worded I see someone who knows that adress is infected with Emotet or something similar !
--
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
Last edited by Alrik Fassbauer; February 20th, 2019 at 21:11.
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR
Original Sin 1 & 2 Donor

#346

Join Date: Nov 2006
Location: Old Europe
Posts: 18,677
Mentioned: 15 Post(s)

Default 

February 20th, 2019, 16:26
You sure it's not just a mask while the sender is someone else?
Perhaps your password was hacked. Change the current e-mail password or simply abandom that e-mail address and move to another.
Google drive… You can't do anything about that unless providing a proof to google it contains malware or copyright infrigment materials. Aka if there is a DMCA notice possibility you can (ab)use like removing stolen private porn vid from vimeo, do it.
--
Toka Koka
joxer is offline

joxer

joxer's Avatar
The Smoker
RPGWatch Donor
Original Sin 1 & 2 Donor

#347

Join Date: Apr 2009
Posts: 20,872
Mentioned: 128 Post(s)

Default 

February 20th, 2019, 16:37
My guess is that someone took the adress from here during that security breach, because i hadly use it elsewhere.

The contents of the copies sound as if there had been some social engineering going on.

That google drive link was much longer. I shortened here so that no-one could download something from there.
--
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR
Original Sin 1 & 2 Donor

#348

Join Date: Nov 2006
Location: Old Europe
Posts: 18,677
Mentioned: 15 Post(s)

Default 

February 20th, 2019, 16:42
Usually if you used an e-mail for registration on mmos and used the same password on those mmos, it's gonna leak sooner or later.
Same goes to social networks, if your e-mail address and social network have the same password, you're screwed.

Because this happens frequently, I've always suggested using some dummy e-mail address for registration mmos require from trash e-mail services like hotmail.com. Eventually it'll be compromised, but you won't care as that e-mail address is not your "real" one. Social networks just avoid.

I don't believe anyone "stole" both the address and password from here, IIRC some of that data is crypted. Although to be fair, the password I use to log in here is unique and I don't use it anywhere else.
--
Toka Koka
Last edited by joxer; February 20th, 2019 at 16:53.
joxer is offline

joxer

joxer's Avatar
The Smoker
RPGWatch Donor
Original Sin 1 & 2 Donor

#349

Join Date: Apr 2009
Posts: 20,872
Mentioned: 128 Post(s)

Default 

February 20th, 2019, 16:48
Yes, but thinks usually leak only if you use it elsewhere, too. I mean, if I use the same adress only for 1 purpose, it's not 100 % save, but still safer as if I was using it for 100 purposes.

And this particular one is one of those adresses. There has been only a *very* small number of occations I had been using it - 5 or so - - and registration here has been one of them.

So I'm relatively sure it must have been taken from that security breach we had here.

And, besides, I've never been on social networks anyway. Only in forums, ever.
--
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR
Original Sin 1 & 2 Donor

#350

Join Date: Nov 2006
Location: Old Europe
Posts: 18,677
Mentioned: 15 Post(s)

Default 

February 20th, 2019, 16:49
Was useful to read, thanks. Our company started using monitoring software [here] to prevent data flowing outside of company’s network. Software monitoring allows employers to observe and track computer use and prevent information theft by employees. Nowadays it's the only way to track websites visited and protect our data from online snoopers.
Spam. I recommend to ignore.
--
"Where can the horizon lie, when a nation hides its organic minds in a cellar, dark and grim? They must be very dim." David Bowie, All the Madmen (1970)
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela

#351

Join Date: Nov 2014
Posts: 8,452
Mentioned: 62 Post(s)
+1:

Default 

February 20th, 2019, 18:14
Originally Posted by Ripper View Post
Spam. I recommend to ignore.
Did you report it? They do have 54 posts.

---

https://www.businessinsider.fr/us/ne…et-2019-2?op=1

Lots of reports coming out that Google neglected to tell anyone that their Nest Secure device has a microphone.

"[It] should have been listed in the tech specs. That was an error on our part," a company spokesperson told Business Insider.
--
Developer of The Wizard's Grave Android game. Discussion Thread:
http://www.rpgwatch.com/forums/showthread.php?t=22520
Lucky Day is offline

Lucky Day

Lucky Day's Avatar
Daywatch

#352

Join Date: Oct 2006
Location: The Uncanny Valley
Posts: 4,908
Mentioned: 7 Post(s)

Default 

February 20th, 2019, 18:35
Yeah, they post a few short random comments, and then every so often slip in one of these, hawking all sorts of crap.
--
"Where can the horizon lie, when a nation hides its organic minds in a cellar, dark and grim? They must be very dim." David Bowie, All the Madmen (1970)
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela

#353

Join Date: Nov 2014
Posts: 8,452
Mentioned: 62 Post(s)

Default 

February 20th, 2019, 23:21
Originally Posted by Alrik Fassbauer View Post
Yes, but thinks usually leak only if you use it elsewhere, too. I mean, if I use the same adress only for 1 purpose, it's not 100 % save, but still safer as if I was using it for 100 purposes.

And this particular one is one of those adresses. There has been only a *very* small number of occations I had been using it - 5 or so - - and registration here has been one of them.

So I'm relatively sure it must have been taken from that security breach we had here.

And, besides, I've never been on social networks anyway. Only in forums, ever.
As I mentioned in the other thread, anyone can send an email using any email address as the sender. It is called email address spoofing. This cannot be prevented by itself, but If the receiving mailserver and the spoofed mail server both have DMARC setup correctly using DKIM keys, it can be flagged correctly as spam. This is not something you as a user can do though, only your email provider can do that.
I really doubt your email account has been hacked though, certainly not because of any security breach here on RPGWatch.
--
In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. Douglas Adams
There are no facts, only interpretations. Nietzsche
Some cause happiness wherever they go; others whenever they go. Oscar Wilde
Myrthos is online now

Myrthos

Myrthos's Avatar
Cave Canem
Administrator
RPGWatch Team

#354

Join Date: Aug 2006
Location: Netherlands
Posts: 9,141
Mentioned: 76 Post(s)

Default 

February 21st, 2019, 00:09
Originally Posted by Ripper View Post
Spam. I recommend to ignore.
Originally Posted by Lucky Day View Post
Did you report it? They do have 54 posts.
Originally Posted by Ripper View Post
Yeah, they post a few short random comments, and then every so often slip in one of these, hawking all sorts of crap.
Banned now. When did you report it, Ripper?
I checked eva89’s other postings, many of them (not all) containing spam! Yuck! That person has been active since april 2017, at a time the first seven postings were not monitored.

Edit.
Removed all postings from that darn spammer.
--
It's not what you say - it is the way you say it.
Lovely 2 minute video: 'Change your words, change your world'
Last edited by Eye; February 21st, 2019 at 00:29.
Eye is offline

Eye

Eye's Avatar
Eye Watch
Super Moderator

#355

Join Date: Aug 2015
Location: Europe
Posts: 1,986
Mentioned: 34 Post(s)
+1:

Default 

February 21st, 2019, 01:20
But this is trivial to spot if you check the full headers. Have you (er Not Myrthos but the victim(s)) checked the full headers to see where the email originated from- Here is a small example:

X-Original-To: my_email_removed
Delivered-To: my_email_removed
Received: from qmta09.emeryville.ca.mail.comcast.net (qmta09.emeryville.ca.mail.comcast.net [76.96.30.96])
^ anything after this line other than destination email could be faked
by my_email_machine_removed (Postfix) with ESMTP id 7A6ED82355
for <my_email_removed>; Sat, 7 Jun 2014 11:18:46 -0700 (PDT)
Received: from imta18.emeryville.ca.mail.comcast.net ([76.96.30.94])
by qmta09.emeryville.ca.mail.comcast.net with comcast
id BWJU1o00321qQjwA9WJmh9; Sat, 07 Jun 2014 18:18:46 +0000
Received: from sdkvoairsrfds.lilaceousgnu.info ([IPv6:2001:1608:10:25::8d13:cead])
by imta18.emeryville.ca.mail.comcast.net with comcast
id BWJP1o01A2VcWiH0JWJj6b; Sat, 07 Jun 2014 18:18:46 +0000
Received: by sdkvoairsrfds.lilaceousgnu.info id hidboc17rvob; Sat, 7 Jun 2014 21:17:58 +0300 (envelope-from <46423026572455.67492237099582633661@0437249.sdjao ijg.lilaceousgnu.info>)
Message-ID: <47522546.035304@sdjaoijg.lilaceousgnu.info>
Date: Sat, 07 Jun 2017 18:17:58 +0000
From: "Comprehend Foreign Language" <Notification@sdjaoijg.lilaceousgnu.info>
^ This is the 'fake' email address' that you see with your email program


Originally Posted by Myrthos View Post
As I mentioned in the other thread, anyone can send an email using any email address as the sender. It is called email address spoofing. This cannot be prevented by itself, but If the receiving mailserver and the spoofed mail server both have DMARC setup correctly using DKIM keys, it can be flagged correctly as spam. This is not something you as a user can do though, only your email provider can do that.
I really doubt your email account has been hacked though, certainly not because of any security breach here on RPGWatch.
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#356

Join Date: Oct 2006
Location: usa - boston
Posts: 6,894
Mentioned: 42 Post(s)

Default 

February 21st, 2019, 01:31
Originally Posted by Eye View Post
Banned now. When did you report it, Ripper?
I checked eva89ís other postings, many of them (not all) containing spam! Yuck! That person has been active since april 2017, at a time the first seven postings were not monitored.

Edit.
Removed all postings from that darn spammer.
I thought I reported that one before, and I thought maybe there was just disagreement because of the number of innocuous posts. Perhaps I didn't, though. Anyhow, gone now - thanks for your efforts.
--
"Where can the horizon lie, when a nation hides its organic minds in a cellar, dark and grim? They must be very dim." David Bowie, All the Madmen (1970)
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela

#357

Join Date: Nov 2014
Posts: 8,452
Mentioned: 62 Post(s)
+1:

Default 

February 21st, 2019, 09:32
When reading your posting above, I initially thought we had discussed this eva too, so I checked to see when this was, but in my inbox and sent box a different name was mentioned. But maybe I have overlooked one message?

Anyway, I appreciate your and anyones reports. As you can see for yourselves, sometimes the staff does not notice the spam, not even in two years time.
Myrthos overlooked evas spam despite responding in this thread (being focussed on answering Alriks question), so overlooking stuff happens to the best of us.

Though the system has changed by now, some are still smart enough to slip through the first monitoring. Letís hope this is a one time exception, it took me some time to take the necessary steps.
--
It's not what you say - it is the way you say it.
Lovely 2 minute video: 'Change your words, change your world'
Eye is offline

Eye

Eye's Avatar
Eye Watch
Super Moderator

#358

Join Date: Aug 2015
Location: Europe
Posts: 1,986
Mentioned: 34 Post(s)

Default 

February 21st, 2019, 13:33
Originally Posted by you View Post
But this is trivial to spot if you check the full headers. Have you (er Not Myrthos but the victim(s)) checked the full headers to see where the email originated from- Here is a small example:
Nice, you have an email header with smilies
--
In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. Douglas Adams
There are no facts, only interpretations. Nietzsche
Some cause happiness wherever they go; others whenever they go. Oscar Wilde
Myrthos is online now

Myrthos

Myrthos's Avatar
Cave Canem
Administrator
RPGWatch Team

#359

Join Date: Aug 2006
Location: Netherlands
Posts: 9,141
Mentioned: 76 Post(s)
+1:

Default 

February 21st, 2019, 17:12
Well the ultimate problem is that software used for rpgwatch's forum can't understand when smiles are not appropriate…..

Originally Posted by Myrthos View Post
Nice, you have an email header with smilies
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#360

Join Date: Oct 2006
Location: usa - boston
Posts: 6,894
Mentioned: 42 Post(s)
RPGWatch Forums » General Forums » Tech Help » This week in computer security
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 11:21.
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2019, vBulletin Solutions Inc.
vBulletin Security provided by DragonByte Security (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging (Lite) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
Copyright by RPGWatch