Humpty
-
Posts
2,107 -
Joined
-
Last visited
Posts posted by Humpty
-
-
Yesterday we started receiving another wave of Storm e-mails, this time exploiting our love: you got it, Storm started exploiting Valentine?s Day. It looked like they missed the ball for Christmas but now they are certainly back.
The e-mails Storm is sending are same as in last couple of waves ? a subject designed to catch your attention and the body with a URL consisting of only an IP address (in other words, it should be easy to detect this with anti-spam tools).
Once a user visits the web site he is served with a nice web page (see below) and a link to download an executable ? same as with previous versions.
So is there anything new about this variant of Storm? Not really. The social engineering attack is the same as before. Actually, there are a lot of similarities with Storm?s Valentine?s attack last year (2007). The subjects are almost the same and the only difference is that last year Storm sent itself as an attachment.
Storm?s packing/obfuscation techniques are still up to the task ? when I downloaded the first variant only 4 anti-virus programs out of 32 on VirusTotal properly detected it with virtually no coverage amongst the most popular anti-virus programs. These results are not completely correct since some AV programs are able to block Storm when the user tries to execute it, due to behavior analysis. That being said, it still shows that the server side packing/obfuscation Storm uses works.
Following the pattern we can probably expect Super Bowl being exploited soon as well.
-
Haven't tried this one as yet but is supposedly a free on demand scanner from Kaspersky similar to DR Web's Cureit.
Scan Your Computer with Kaspersky SOSInstallation of Kaspersky Anti-Virus S.O.S. (Second Opinion Solution) does not require uninstalling any existing competitors antivirus products. You can then compare your current antivirus protection and a new Kaspersky solution and decide whether replacing your antivirus protection is necessary.
How to use:
1. Download and Install the kav6.0.3.837_sosen.exe package on the local machine with default settings. (Click Next on every option to accept default settings and choose the Complete button for a full install)
2. Run an Update in the Kaspersky SOS software. (This is the virus signature definitions update and needs internet connection)
3. Run a full scan to detect and remove any malware that has not been found or disinfected by the other vendor?s anti-virus.
-
A 90 day mission still going strong after 4 years?
Such is the case with NASA's investigation of the ongoing puzzle of the Martian rovers. On Jan. 4, 2004, the rover Spirit landed on Mars, followed three weeks later by Opportunity. The two robots were given an expected lifespan of 90 days to gather as much scientific data as possible. Four years later, both rovers are still going strong, much to the astonishment of NASA and scientists around the world."We never thought we'd still be driving these robots all over Mars," said Mark Lemmon, a planetary scientist at Texas A&M University and member of the rover science team. "We joked about driving Opportunity into Victoria Crater, but now we're there, and we're looking at doing even more science. Each day they still work is an amazing one."
The rovers have provided continuous surprises since the outset. When their missions began, their solar cells were providing 900 watt-hours of electricity per day. Over the months that followed Spirit's output dropped to 400 watt-hours daily, while Opportunity dropped to about 500 watt-hours. A primary reason for the drop was the accumulation of dust on the panels. But then, to the amazement of mission scientists, Opportunity's power began to INCREASE, and kept on increasing until the power peaked at just over 900 watt-hours.
Mars Rovers Article and some other good articles.
-
The original and the best, for me anyways, CCleaner.
-
The malicious program is a type of virus known as a rootkit and it tries to overwrite part of a computer's hard drive called the Master Boot Record (MBR).
This is where a computer looks when it is switched on for information about the operating system it will be running.
"If you can control the MBR, you can control the operating system and therefore the computer it resides on," wrote Elia Florio on security company Symantec's blog.
Mr Florio pointed out that many viruses dating from the days before Windows used the Master Boot Record to get a grip on a computer.
Once installed the virus, dubbed Mebroot by Symantec, usually downloads other malicious programs, such as keyloggers, to do the work of stealing confidential information.
Most of these associated programs lie in wait on a machine until its owner logs in to the online banking systems of one of more than 900 financial institutions.
The Russian virus-writing group behind Mebroot is thought to have created the torpig family of viruses that are known to have been installed on more than 200,000 systems. This group specialises in stealing bank login information.
Security firm iDefense said Mebroot was discovered in October but started to be used in a series of attacks in early December.
Between 12 December and 7 January, iDefense detected more than 5,000 machines that had been infected with the program.
-
Thanks fellas.
Will kick off with a few/many beers later this afternoon.
Coupla mates are lobbing around and I think it is going to be a humdinger, usually is, birthday or no birthday!
-
Happy Birthday DennisD, they say many great men were born on this day!
Maybe we could celebrate together one day.
Cheers mate and bottoms up.
-
You could try merging the below into your registry.
Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager]"BootExecute"=hex(7):61,00,75,00,74,00,6f,00,63,00,68,00,65,00,63,00,6b,00,20,\ 00,61,00,75,00,74,00,6f,00,63,00,68,00,6b,00,20,00,2a,00,00,00,00,00
-
Looks like a "killer" machine but I would go for 4 sticks of 1gb ram but only run 2 gb which is plenty, and keep the other 2 gb in case I decided to try out a 64 bit system.
Don't like mixing different sized ram here.Not that it will cause any probs, just a personal preference.
The 22 inch lcd seems a bargain as this Samsung 22 inch with very similar specs was near on 500 au bucks!
-
.DBX FILES
in Recuva
Was the old drive formatted.
If it wasn't you should be able to copy and paste the .dbx files and address book over to the new drive to their proper locations overwriting the existing on the new drive.
They then should open in OE.
C:\Documents and Settings\"Username"\Application Data\Microsoft\Address Book
C:\Documents and Settings\"Username"\Local Settings\Application Data\Identities\{573136D5-C434-41A4-A721-1E5C3C293657}\Microsoft\Outlook Express
-
Picked the wrong girl here.
-
I use MWsnap which seems OK.
-
Has anyone here tried Burnaware?
BurnAware Free Edition allows you to easily perform the most common disc burning tasks: write to all CD/DVD media types, including Blu-Ray; write Audio CDs and DVD-Video files; create and burn disc images; write multi-session discs and much more.BurnAware Free Edition has a modern interface and supports Windows 98/NT/2000/XP and Vista (32 and 64 bit). The application is free and contains absolutely no adware or annoying banners.
Features
* Absolutely FREE. No spyware, no adware, no banners
* Writes to all CD/DVD media types including Blu-Ray (BD-R/BD-RE)
* Writes discs from disc images
* Writes DVDs from DVD-Video files
* Writes Audio CDs from WAV, MP3, or WMA files
* Creates disc images
* Supports all current hardware interfaces
* On-the-fly writing for all image types
* Writes Multi-Session to all supported media formats
* Auto-verification of written files
* Supports unicode for multi-byte languages
* Clean, flexible, easy to use interface
* Supports Windows 98/ME/NT/2000/XP/Vista (32 and 64 Bit)
-
Bad guys use sophisticated testing to create malware that can evade even the best security programs.
If you think that the latest security suites afford complete protection against malware attacks, think again. Today's for-profit malware pushers use dedicated test labs and other increasingly professional techniques to improve their chances of infecting your computer. And the techniques they employ to outpace security software makers appear to be working.Make no mistake--a good security program can go a long way toward keeping you in control of your system. But PC World's recent tests of security suites found that new malware easily evaded the applications. In our tests of how well security software blocks unknown malicious programs, the best performer detected only one in four new malware samples. In contrast, February 2007 results from similar heuristics testing showed that the best utilities caught about half of new samples.
-
Here at the Microsoft Security Response Center, we investigate thousands of security reports every year. In some cases, we find that a report describes a bona fide security vulnerability resulting from a flaw in one of our products; when this happens, we develop a patch as quickly as possible to correct the error. (See "A Tour of the Microsoft Security Response Center"). In other cases, the reported problems simply result from a mistake someone made in using the product. But many fall in between. They discuss real security problems, but the problems don't result from product flaws. Over the years, we've developed a list of issues like these, that we call the 10 Immutable Laws of Security.
Don't hold your breath waiting for a patch that will protect you from the issues we'll discuss below. It isn't possible for Microsoft?or any software vendor?to "fix" them, because they result from the way computers work. But don't abandon all hope yet?sound judgment is the key to protecting yourself against these issues, and if you keep them in mind, you can significantly improve the security of your systems.
On This PageLaw #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
Law #4: If you allow a bad guy to upload programs to your website, it's not your website any more
Law #5: Weak passwords trump strong security
Law #6: A computer is only as secure as the administrator is trustworthy
Law #7: Encrypted data is only as secure as the decryption key
Law #8: An out of date virus scanner is only marginally better than no virus scanner at all
Law #9: Absolute anonymity isn't practical, in real life or on the Web
Law #10: Technology is not a panacea
-
Still using the Zune theme for XP which I think was pointed out by Rridgely ages ago.
-
Caldor, the proof is in the pudding.
Fast and sorta up to date duo core here with about ten hard drives, both ide and sata of different sizes and Widows/Linux operating systems.Plugged - Unplugged as needed.
XP Pro boots faster and was far more resposive than Vista Ultimate untril I set Prefetch parameters to 1 and Superfetch to 2 within the reg settings of Vista.
No more waiting for up to a minute to load apps into memory after desktop comes up with Vista!
After a reboot Vista seems to be nearly as fast as XP!
Can't understand why MS left both Prefetch and Superfetch at 3 which seems to me would conflict with each other.
-
Mines set at none as well which is default?
May come in handy for some to set a minimum which will save a ctrl/scroll with the mouse wheel.
-
I don't think MS will like that article.
Followed a link from one of the comments at that site.
In the meantime Microsoft has left a really bad taste in my mouth and I am feeling just a tad bit ripped off considering that a core functionality of an OS is so badly borked and they still took money from loyal customers for a faulty operating system. I hope Bill and all those shareholders are happy because I know a shirtload of customers aren?t. -
Sophos seem to state their AV can fix this so you could try a 30 day trial and see how it goes.
A scan with SuperAntispyware may be worth a shot as well.
Place Trend to on demand prior to using Sophos.
-
You could try to access the page by using OpenDNS
Or maybe your IP has been inadvertantly blocked by the site?
Copy and paste http://del.icio.us/ into the search box at PimpMyIp which will hide your ip and see if you can get access.
-
Close your browser.
Open a command prompt and run the following.Copy and paste should work.
ipconfig /flushdns
-
How about a favicon (icon on the browser address bar) so it shows up in the tabs bar or Bookmarks if saved?
A bit darker text would make it easier for this old fella.
-
Don't use adobe products here so can't confirm.
It's not all that surprising these days to hear about software companies having their software "phone home" in some manner or another, though it's often quite annoying. However, it looks like Adobe has taken this to a new level. As highlighted by Valleywag, Adobe's CS3 design software includes a system to provide your usage data quietly to a "behavioral analytics" firm named Omniture.Of course, it does this without ever asking you if you want some random company knowing every time you use this piece of software. While it may not be doing anything nefarious, this certainly has all the hallmarks of spyware, including the fact that it tries to (weakly) disguise the connection to Omniture by making it look like it's simply pinging your local network.
It's really amazing that companies keep doing this type of thing thinking that people won't catch on. There may be plenty of legitimate reasons for tracking the usage of a piece of software -- but if so, why not be upfront about it and let the user of the software opt-in to sharing his or her data? Yet another reason to use a firewall that catches these sorts of sneaky outbound connections
Malware pictures
in The Lounge
Posted
Trying to convert Twisted's binary I get an error: