Spyware Sucks

I do enjoy Google’s sense of humor…

sandi — Mon, 09 Dec 2013 04:01:45 GMT

It adds some much appreciated levity to a work day.

Misleading advertisements won't be going away any time soon...

sandi — Fri, 06 Dec 2013 22:45:00 GMT

Not when you see reference to the infamous RBN (Russian Business Network) anyway...

Check this out:
http://urlquery.net/report.php?id=8165615

And this:
http://urlquery.net/report.php?id=8165658

I'd recommend you visit this site - find out if your username and password is known to be compromised

sandi — Thu, 05 Dec 2013 10:56:00 GMT

I'd recommend you visit the website in this article, find out if you're email address and password was in a hacked database. It correctly identified the only theft of my username/password that I know of http://grahamcluley.com/2013/12/check-youre-victim-database-breach-pwned/

Malware on hospital computer impacts thousands of Seattle patients

sandi — Tue, 03 Dec 2013 07:05:35 GMT

Cite: http://www.scmagazine.com/malware-on-hospital-computer-impacts-thousands-of-seattle-patients/article/323297/

“A UW Medicine employee opened an email attachment and unknowingly downloaded malware, which led to the compromise of about 90,000 patients of Seattle-based Harborview Medical Center and University of Washington Medical Center.”

Oh. Dear.

A silver lining is that the infection was apparently discovered the following day and immediate action taken. Cite: http://www.uwmedicine.org/Global/News/Announcements/2013/Pages/UWMedicine-Notice-of-Computer-Security-Breach.aspx

ICANN has released a draft study into WHOIS misuse, and the results are not surprising

sandi — Wed, 27 Nov 2013 23:00:00 GMT

URL: http://www.icann.org/en/news/public-comment/whois-misuse-27nov13-en.htm - you can download a copy of the draft report there.

Report snippets:

"In this study, we were concerned with the .BIZ, .INFO, and .ORG gTLD thick WHOIS Registries and the .COM and .NET thin WHOIS Registries. Per the GNSO’s request for this study, we did not attempt to study domain names registered under other smaller gTLDs or under ccTLDs."

And:

"The main finding of the descriptive study is that there is a statistically significant occurrence of WHOIS misuse affecting Registrants’ email addresses, postal addresses, and phone numbers, published in WHOIS when registering domains in these gTLDs. Overall, we find that 44% of Registrants experience one or more of these types of WHOIS misuse."

And:

"Similarly, we find that the domain price is negatively correlated with the possibility of misuse of email addresses published in WHOIS (i.e., experimental domains purchased at greater cost had less email address misuse). We also discover that .COM, .NET, and .ORG domains are associated with less email address misuse, while .BIZ domains are associated with more misuse."

Fake antivirus software uses your webcam to scare you

sandi — Wed, 27 Nov 2013 22:53:00 GMT

Details here: http://www.webroot.com/blog/2013/11/27/new-rogue-now-takes-screenshots/

So, somebody has been trying to reset my Apple password

sandi — Tue, 26 Nov 2013 07:10:19 GMT

Go. Away.

Your LG TV may be phoning home, and reporting on your activities

sandi — Wed, 20 Nov 2013 22:33:00 GMT

Now, I knew about monitoring of TV shows watched (a Smart TV advertisement that shows in Australia flashes a brief, small font, warning across the bottom of the advertisement) but I didn't know about the monitoring and transmission of information about personal media files...

This is worth a read: http://grahamcluley.com/2013/11/lg-smart-tv-can-spy/

Original, detailed, article: http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html

Facebook sues alleged Justin Bieber and Selena Gomez sex tape spammer

sandi — Wed, 20 Nov 2013 22:10:00 GMT

Good news :)

"Facebook has turned to the courts for help in scraping off a pesky spammer who allegedly keeps coming back to do things like hijack victims' accounts and automatically post celebrity porn, including a fake Justin Bieber-Selena Gomez sex tape.

According to a complaint Facebook filed on Friday in the US District Court of the Northern District of California, the defendant - Christopher Peter Tarquini, of the US state of New Jersey - is allegedly a "recidivist" spammer who's inundated the site with messages purporting to link to pornographic celebrity images.

Facebook says that when users clicked on the posts or their racy images, the messages were then automatically shared with the victims' Facebook friends.

Meanwhile, Facebook users' browsers were being redirected to marketing websites that paid Tarquini and his associates for the traffic."

"Facebook says it spent thousands to track Tarquini down and stop the alleged scam.

But even after Facebook notified Tarquini that he was breaking Facebook's rights, and even after it yanked his Facebook account and told him he was no longer authorized to access the site and services, he kept right on doing what he was doing, Facebook said in the complaint."

http://nakedsecurity.sophos.com/2013/11/20/facebook-sues-alleged-justin-bieber-and-selena-gomez-sex-tape-spammer

FTC Settlement and Default Judgment Impose Permanent Ban on Marketers of Scam 'Recovery' Kits

sandi — Wed, 20 Nov 2013 22:05:00 GMT

It kind of adds insult to injury. Imagine being bilked once, then being bilked again by somebody who promises to help you get your money back from the first bilking if you give them up to $499...

The judgment against the miscreants was for $5.2 MILLION (suspended upon payment of $90,000).

http://www.ftc.gov/opa/2013/11/brs.shtm

Tech support scheme participant settles FTC charges

sandi — Wed, 20 Nov 2013 22:03:00 GMT

He has to hand over all the money he made, and promise to be a good boy from now on :)

http://www.ftc.gov/opa/2013/11/pccare.shtm

Windows XP update locks machines with SVCHOST redlined at 100%

sandi — Wed, 20 Nov 2013 02:12:31 GMT

Some of my virtual machines were impacted by the problem described in the article below, and the recommended fix seems to work (well, it works in that SVCHOST pegs CPU at 100% for only half an hour or so instead of indefinitely – patience is certainly needed).

http://www.infoworld.com/t/microsoft-windows/windows-xp-update-locks-machines-svchost-redlined-100-fix-it-kb-2879017-230733

Update your install of Silverlight please...

sandi — Fri, 15 Nov 2013 23:24:00 GMT

Why?

This: http://news.softpedia.com/news/Hackers-Find-Flaw-in-Microsoft-Silverlight-Millions-of-Users-Now-at-Risk-400666.shtml

An excellent security article about Revive Adserver (previously known as OpenX)

sandi — Fri, 15 Nov 2013 00:00:18 GMT

Source: https://blog.avast.com/2013/11/14/malvertising-and-openx-servers/

Now I really have read everything...

sandi — Tue, 05 Nov 2013 10:03:00 GMT

http://www.theregister.co.uk/2013/10/29/dont_brew_that_cuppa_your_kettle_could_be_a_spambot/

"Russian authorities have claimed that household appliances imported from China contain tiny computers that seek out open WiFi networks and then get to work sending spam and distributing malware."

Print or edit dialogue boxes may not appear in IE

sandi — Fri, 25 Oct 2013 23:36:00 GMT

Fix: http://support.microsoft.com/kb/329134

PHP.NET compromised

sandi — Fri, 25 Oct 2013 23:10:00 GMT

Details:
http://www.csoonline.com/article/742051/php.net-confirms-server-breach-after-google-flags-them-for-malware

And here:
http://php.net/archive/2013.php#id2013-10-24-2

This is interesting:

"It turned out that by combing through the access logs for static.php.net it was periodically serving up userprefs.js with the wrong content length and then reverting back to the right size after a few minutes. This is due to an rsync cron job. So the file was being modified locally and reverted. Google's crawler caught one of these small windows where the wrong file was being served, but of course, when we looked at it manually it looked fine. So more confusion." [emphasis added]

If you spend some time surfing the net reading comments about this incident you'll commentary criticizing Google, disbelieving the alert etc, and even a person or two recommending that such alert services be turned off! I also find the way that information is presented by the Safe Browsing webpage to be confusing, as I think a lot of us may do (I wish Google would redesign/recompose the way they present the information) but I would never recommend that such services be turned off.

A very brief hijacking of google.rw

sandi — Fri, 25 Oct 2013 23:04:00 GMT

Details here - a very interesting read

http://labs.umbrella.com/2013/10/25/google-rw-hijack-nobody-else-noticed/

Did you know Google has an MVP type programme? I didn't.

sandi — Thu, 10 Oct 2013 22:20:00 GMT

http://www.google.com/get/topcontributor/

AOL email settlement–finally

sandi — Wed, 09 Oct 2013 00:27:22 GMT

Cite: http://www.mediapost.com/publications/article/210775/aol-email-settlement-moves-forward.html

“A federal judge has granted preliminary approval to a deal calling for AOL to donate around $100,000 to five organizations, including the Electronic Frontier Foundation and Information Technology and Innovation Foundation, in order to settle class-action litigation about ads in emails.

If approved, the deal will resolve two class-action lawsuits by AOL members that complained about the company's former practice of placing ads in footers of emails. One lawsuit alleged that the ads were "annoying, confusing, intrusive and misleading," while the second alleged that the ads violated a federal privacy law.

AOL began inserting the footers in 2006. Two years later, the company decided to allow paying subscribers to opt out of the ads. The following year, AOL changed its policy to allow everyone to opt out of the ads. The settlement agreement allows AOL to start sending the footers again, but only if the company also provides opt-out links to all members.”