Year: 2009

Microsoft Updates the Autorun Patch KB967715

Paul

The updates offered in this article correctly disable the Autorun features. These features were not correctly disabled if you followed previously published guidance. The updates that are offered in this article have been distributed to the following systems through the Windows Update and Automatic update distribution channels:

* Microsoft Windows 2000
* Windows XP Service Pack 2
* Windows XP Service Pack 3
* Windows Server 2003 Service Pack 1
* Windows Server 2003 Service Pack 2

[ad#ad2-right]This will help with the Conflicker Worm, also known the new variant Conflicker B++. Microsoft released this patch to better help the Administrators deal with the problem at hand. That the Conflicker worm exploits the autorun feature in most system. The Administrators need to disable the Autorun feature the right way, or it will not prevent infections.

Microsoft releases the necessary registry keys to edit and how want updates are needed to make this work. This will make it much harder for any program to exploit the Autorun feature in Windows.

This information is provided to help the Admins prevent from getting infected and should not be done by anyone who isn’t comfortable with editing the registry. If you’re not sure how to do it, please take it to someone who can do it. You could potentially make the system unstable messing with registry.

TINYURL being used by scammers and hackers — How to prevent it!!

Paul

With Phishing attempts going on with the TINYURL redirect website, I thought I would show you how you could prevent from going to a site you don’t want. Tinyurl.com has a great little feature, although it is a feature based on your cookies. It however will help prevent you from going to a site that you don’t know anything that about. It’s called the Preview Feature, and is available to any user who wants to use it.

previewtiny

As you can see if you enable it and you go to a click on a tinyurl, you will see this:

http://tinyurl.com/6t7ukk

previewtiny1

[ad#ad2-right]As you can see, if you click any TINYURL links you will automatically be told where that link is redirecting you to. This however only works with there being a cookie left behind in your system to let tell Tinyurl that is has to show the link first. So if you clean your cookies out from time to time, you will need to enable it every time after you clean the browser cookies. This will help prevent you from being phished because you will be able to tell if it is the right site in the first place. If not then you don’t have to visit that site. This should be enabled on all Short URL Sites, I hope they make it a mandatory for any site that redirects. This would help stop phishing and scammers because they can’t hide behind unknown url. Only time will tell though, these sites are always going to have problems but this would solve so many problems.

Oh My I got the Presidents Attention!!

Paul

I just got an email telling me:

Barack H Obama (PresidentBarak) is now following your updates on Twitter.

So I go to the click the link and I see this:

barakobamspam

Wow, I didn’t know I was this influental to get the Presidents attention(NOT).

barakobamspam1
http://www.economygrantprogram.com/

After checking out the profile I see that it has a link to a site that basically asking for your personal address and your email account. After I go check the site I see in really small catch you have to pay 3.95 for Shipping and Handling. Well You know what they say, nothing ever is Free. This looks to be a way to get email addresses to spam in the long run. I wouldn’t give them any information because this is looking to be a scam and I hate scams. You best bet is to go on with your life and report this spam to twitter. This however got my attention because of the who it was, and that is probably why they chose the name. It is however quite funny. 🙂

Days like today, I want to take off : GMAIL Down!!

Paul

gmaildown

It looks like they are having some troubles with Google MAIL today. This is one of those days I would love to actually go into work to day. If you want to check the status of Gmail You should visit there support page. I have checked it out and it does appear to have a problem with HTML and JAVASCRIPT, but the IMAP functionality seems to work just fine. I have been able to to receive email through IMAP although being kind of slower then normal but It is at least working. SO “DON”T PANIC”, the service will be up and running sometime today!!

*Update*

As Of 7:30am EST the service is back up on my network. So like I said no worries. Good Job Google!!

And the Oscar goes to . . . Not these guys!

Paul

Sans Internet Storm is reporting on Anti-virus Scareware tactic. I’ll quote from them:

[ad#ad2-right]

ISC reader Gary wrote in to let us know that searching for “oscar presenters” and “oscar winners” with Google brings up a prominently ranked result on a web server in Poland, on a subdomain of “beepl”, which – surprise, surprise – includes a malicious JavaScript. The end result currently seems to reside on stabilitytracewebcom, and is yet another incarnation of the “Fake Anti-Virus Program” malware that we have covered repeatedly. Watch out, the EXE has a meager 6/39 on Virustotal.
[Via Sans]

I did my own research and it is true they are at least 3 sites with the .pl Domain that are used to send you to these fake sites. You should consider checking your system for possible viruses if you been to these sites and are worried. You should also report any site like this to Phishtank to fight this type of scare tactics. Please remember if you are worried about your system this is the best time to install software to prevent these types of scare tactics. Remember you don’t always have to buy software to be safe. There are free anti-virus and Firewall solutions at your fingertips, use them well. It is also a good idea to make sure you have the latest updates from Microsoft while your at it.