Live – Paul's Tech Talk

Trojan.PWS.ChromeInject.A is not a Firefox plugin.

PaulDecember 5, 2008

A new type of malware designed to harvest web passwords has been detected in-the-wild by BitDefender’s antivirus research labs. This latest e-threat – called Trojan.PWS.ChromeInject.A – is intended to be delivered onto a compromised computer system by other malware for subsequent download into Mozilla Firefox’s Plugin folder. Once installed it gets to work every time Firefox is started.

[Via Bitdefender]

[ad#ad2-right]So having seen this I thought I’d come up with ways around this to better protect yourself. One way to prevent this from getting your sensitive data is to get a program like Sandboxie. You could stop using Firefox that would be silly, because right now Firefox is more secure than Chrome and Internet Explorer. I’d also suggest checking out my Anti-spyware page and Anti-Virus page and get some more protection.

The key to this virus protection is just be cautious of where you go and keep all you system update to date to prevent all this from happening. It is also advisable to not have your passwords saved on Firefox, you should use something like Roboform, it is free to download and try. It will encrypt your passwords so if they don’t know the master password then they are out of luck. Roboform is also good for coming up with some strong passwords. Just some suggestions to prevent from people seeing your sensitive data, you don’t want anyone to get that data.

Jeff Dunham and “Walter” interview

PaulDecember 5, 2008

[ad]

Although people don’t know this guy if you live outside of he US. I saw this on a HULU and couldn’t resist he is the Funniest comedian I’ve seen in a while. I absolutely love “Walter” and “Peanut“, Jeff Dunham is starting to make it on the rise. I would love to see him come to Hulu.

Some program Vulnebilities Detected!!

PaulNovember 25, 2008

Just got done looking at some of my security sites and according to SecuriTeam there are are several programs that have vulnerabilities. here are the Ones that I’ve found:

Google chrome is vulnerable to URI Obfuscation vulnerability.
An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.

[ad#ad2-right]iPhone Configuration Web Utility for Windows Directory Traversal
iPhone Configuration Web Utility lets “you easily create, sign and distribute configuration profiles using a web browser”. A vulnerability in iPhone Configuration Web Utility allows remote attackers to access files that reside outside the bounding root directory of the program’s files folder.

Streamripper Multiple Buffer Overflows
Streamripper “records Shoutcast and Live365 MP3 streams to a hard disk, creating separate files for each track. Runs under Unix and Windows.” Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user’s system.

Amaya URL Bar Stack Overflow Vulnerability
A vulnerability in Amaya browser allows remote attackers to cause it to overflow an internal buffer which in turn can be leveraged to execute arbitrary code.

These are the ones that I found and wanted to let you know about these so you can make your system even more secure. if I find any others I’ll let you know!!!

Youtube gets ready to Launch “LIVE Event!!” 5pm PST/8pm EST

PaulNovember 22, 2008

As the time approaches for the live even for Youtube. There are many confirmed and only one I want to see right now. As many people will agree that Mythbusters is the best show on Discovery Channel. They have been confirmed to be there tomorrow.

Some of the major players confirmed to be there are Mythbusters, Soulja Boy Tell’em, Katy Perry, Esmee Denters, Akon, FRED, and Will. I. Am. Now I don’t know all these stars. I do Know Mythbusters and I’ve heard of FRED. I’m just stating who is going to be there.

[ad#ad2-left]Then the Obvious question comes to my mind and I am sure this is being asked by everyone right now. Is Mythbusters shows coming to Youtube? I would say from what all is going on with Youtube, they might become a competitor to Hulu. With them adding High Defination Viewing and allowing bigger video to be uploaded. There is no question that Youtube and Google is getting ready to release a major statement, or change there direction. So be ready tomorrow at 8 PM EST/5 PM PST and let’s see what happens.

Looks like a scam to me : Personal Shopping Assistant!

PaulNovember 14, 20087 Replies

[ad#ad2-left]

Good afternoon!

We found your resume at _________________ and we would like to propose you a
position of Personal Shopping Assistant.

Imagine having an exciting job with incredible salary (up to $100,000/year) that
lets you use your creativity while being paid to shop. Welcome to the world of
personal shopping!

As we know shopping is the world’s favorite leisure activity, but in our busy
society an increasing number of people need to hire someone to do their
shopping. Thus personal shoppers are more in demand than ever before.

There are absolutely NO START-UP FEES and NO FEES for being employed at this
position. As long as you live in the USA, and you have a credit card or any
other line of credit, have 1 or 2 free hours during the day – you are eligible
for this job!

[ad#ad2-right]This is what you will have to do in short:
• Purchase the requested goods using your credit card.
• Send us receipts.
• Wait for us to issue a credit to your credit card in the amount of purchase
plus shipping fee plus your commission which comprises 10%.
• Ship out the goods.
• You are finished, come back for a new list of goods.

If you are interested in Personal Shopping Assistant position please fill in the
form below and send it to: Open2usa.job.dep@gmail.com
Our manager will contact you within two working days.

————————————————FORM————————————-
Full name ______________________
Residence country _____________________
Age _____________________
Contact phone ______________________
Availability time _______________________
————————————————FORM————————————-

This letter confirms your resume has been duly processed and your skills
completely meet our requirements for Personal Shopping Assistant Vacancy.

Thank You,
John Walker

[ad#ad2-left-1]I wanted to bring this up because of two things that I saw first off that made this look like a scam. One is they want to “CREDIT” your credit card and two they use a GMAIL account. I am going to say this is looking more and more like a scam. If anyone else has any other ideas about this just leave your comment. I don’t see how this can be real. I am thinking once they have your credit card information, they’ll start using it.