Paul's Tech Talk

Internet Security Companies Warn about Patch Tuesday and Valentines Day.

PaulFebruary 9, 2009

With Tomorrow being released some very highly rated Remote Code Execution to become Zero day in very short time. Some researchers are speculating about more viruses will be released in conjunction to Valentines day. According to this one post it will be likely to be E-cards being sent to try to lure you into downloading Malware.
[ad#ad2-right]

Various security vendors, including CA Inc, MX Logic Inc., Trend Micro Inc., and Panda Security, have issued alerts about new Valentine’s Day-themed spam campaigns that try to dupe users into installing the Waledec bot.

Researchers note that many websites which are affiliated to Waledac e-card scam have been recently updated with content based on the Valentine’s Day theme.

Web sites distribute Trojan files which are commonly named love.exe; onlyyou.exe; you.exe; youandme.exe; and meandyou.exe and the list is not exhaustive.
[Via Express Buzz]

So which ones will likely be the exploits they will use? I have a few theories on that and One of them is the INTERNET EXPLORER vulnerability that will be patched and will try to get you to launch the link and will most likely try to launch it in Internet explorer, That would be my guess. It seems to be Internet Explorer 7 and Below which will be patched so if you want to try out the IE 8 Beta, You should be safe on that. Although the best bet is to prevent users from clicking links in emails and also warning them not to open any attachments they are not expecting. I’d also have the AutoPatcher ready to install the lastest patches for this Tuesday and schedule a time this week to update all the possible systems involved with the Databases. Although this isn’t one that tries to steal your data it is however a chance the writers to look at what you have and you know how that can be call a data breach. So if your the IT for the department I’d suggest sending out warnings so they can keep from being caught with their pants down. I’d also suggest having Anti-Virus and free Firewall installed on all the major systems and it wouldn’t hurt to have the installed on minor systems if at all possible.

ThePirateBay might be blocked in the US

PaulFebruary 8, 2009

I was looking around on Google and thought I just for giggles check out the Piratebay complaints. I tried going to the site and here’s what Popups:

[ad#ad2-right]I tried on OpenVPN and my Local ISP, It keeps saying that. I then tried on my Cricket Modem and it tells me the connection has been interrupted, like something stops the connection in the first place. I can ping it and I can Tracert the Site but I can’t even view it. I would like to know if Anyone else is having this problem also. Although I’ve not checked Thepiratebay.org complaints for quite some time because I’ve been so busy with my website. If you want to watch your favorite shows check out these sites like Hulu, CBS, NBC, ABC, ABC FAMILY and TNT.TV for free. I am just curious as to what happened and does this have anything to do with Net Neutrality? Anyway I wanted to talk about this and see what people are saying. Anyone know what is going on? Let’s talk about this and help everyone by saying what you know. I don’t know if Thepiratebay.org is down but I do wonder if someone is preventing people from getting to the website. I’ll update when I have more information.

Twitter Spammers are getting more smarter

PaulFebruary 8, 2009

I got an interesting email about someone following me. I went to go check out there profile and Guess what I see:

As you cann se this account only had one post but people seem to be following back due to the picture and the bio. I checked the account about 30 mins later and here I will show you:

[ad#ad2-right]It seems that if people see it has a picture and a bio that doesn’t sound like it is is advertising anything, they will simply follow them back. That really isn’t a good idea. Sooner or later they will start sending out spam to people who are following just because they haven’t been caught. I also checked out the Web site they have new there bio and it leads to http://www.squidoo.com/twittertipstricks. I hope the website knows their link is being used by a spammer. Although this could be a 2 for one deal for having there link also being used for spammer so they can get traffic to there site. I would be worried my ISP doesn’t cut my website due to THE TOS. Although I serious doubt it would happen I do know it could happen. So users are being fooled by spammers, and people aren’t looking hard enough into the account. Users should be warned they shouldn’t just follow back if it looks like it is a person. I know this is a robot and expect it soon to start sending out spam to all those people who are following. I just thought I’d share what I found out. If you clicked on the tinyurl.com it sends you to Partnerwithpaul.com website which talks about making money like all other spam. Just be careful you don’t end up having regrets on following people who are bots.

Understanding Adsense for the Beginner

PaulFebruary 7, 2009

So you have a website and you’d like the site to pay for itself. That can be arranged it however depends on your website performance. You see you won’t make a lot of money if you don’t have several things going for you. I thought I share with you my experience with making money through Adsense. As you saw, I made enough money to pay for the website for 5 years. It isn’t hard to make money it is however very difficult to keep getting the money. Most people don’t know the tricks to making money with Google’s Adsense.

I’m here to help you out a little with understanding it and getting even more money from your adsense. So here we are 3 months into to putting Adsense seriously on my site and let’s take a look shall we:

As you can see I started off quite slowly as I figured out how to best do it but gained momentum after that. First Month I made $17.19 and the Second Month I made $45.57, the last month I made $64.99 totaling $127.75 leaving me with 16.75$ from the few previous months that I tinkered with Adsense. So where do you start? I found that to be the hardest part, because of the complexity of where I could put the ads. I tried having strips breaking up the text in my blog post that really didn’t get me hardly any clicks. Then I started to incorporate the Adsense into the posts. I learned how to do it through a great blog post and I’ll talk about that later. Here’s what you need to know right now though:

Create good content — This goes without saying that if you don’t have good content people will never find your site. There are a multitude of ways to create content. Some of the most useful for me is How-to, finding a Niche, and Also just blogging about what you passionate about. These will often draw people to your website.

Gjaylaramieet people to link to your post — This will help with search engines because they do some math to figure out if your a real site and how trustworthy your site is on the internet.

Use Microblogging — It is well known people use Twitter, Friendfeed, and others a like to tell people what they post about. It can be great place to help promote your blog and get people to come more and more to your site.

Try not to annoy the users with Ads — This is the most important if you want people to come back to your site you should make sure you don’t send people away from your site. People will not want to come back if you annoy them to much. So it is essential that you keep them happy.

Find a good blog theme — A good theme helps bring people to your site by making it easier to read and find what they are looking for. You might also consider making a sneeze page to keep people coming back to your site. This will help your readers and make it more of your own. You might also want to buy a theme for your blog sooner or later.

With These tips and tricks you too could be on your way to having a great blog. I would be willing to bet that soon I will be triple that amount if I keep up with what I am doing. I hope you tell people about this blog and let people know how good this blog is for you. Remember only you can prevent virus infections.

Upcoming Patch Tuesday for February 10, 2009

PaulFebruary 5, 2009

Microsoft Today has released the list of patches for February. Here’s the List of things they will patch:

Internet Explorer — Remote Code Execution (Require restart) [ CVE-2009-0075 CVE-2009-0076 ]

Exchange — Remote Code Execution (No Restart Required) [CVE-2009-0098 CVE-2009-0099]

SQL — Remote Code Execution (May Require Restart) [CVE-2008-5416]

Visio — Remote Code Execution (May Require Restart) [ CVE-2009-0095, CVE-2009-0096 and CVE-2009-0097]

[ad#ad2-right]

The list of affected operating configurations includes Windows 2000, Windows XP (x86 and x64), Windows Server 2003 (x86 and x64), Windows Vista (x86 and x64), and Windows Server 2008 (x86 and x64). Microsoft Exchange Server 2000, 2003, and 2007, Microsoft SQL Server 2000 and 2005, as well as Visio 2002, 2003, and 2007 are also affected.
[Via Arstechnica]

We got several Non-critical updates. Here’s the List of them, some of these are monthly updates and some are just interesting to look at:

Update for Windows Mail Junk E-mail Filter [February 2009] (KB905866)

Windows Malicious Software Removal Tool – February 2009 (KB890830)/Windows Malicious Software Removal Tool – February 2009 (KB890830) – Internet Explorer Version

Cumulative Update for Media Center for Windows Vista (KB960544)

Cumulative Update for Media Center TVPack for Windows Vista (KB958653)

Update Rollup for ActiveX Killbits for Windows (KB960715)

We got an Update to Media Center and TVPack for Windows Vista to resolve issues with software. The ActiveX Killbits issues have been identified in ActiveX controls that could allow an attacker to compromise a system that is running Microsoft Internet Explorer and gain control over it. So we don’t exactly know what what issues they are talking about. I hope this helps your system administrators get ready for this update. If I were you, I’d having Clone of Autopatcher ready for these updates. Remember to patch as soon as your company will allow, because waiting to long could make you have even more of an headache. I’ll update the others as soon as I find out the updates.