Blog – Page 27 – Paul's Tech Talk

Zero Day For IE7 Being used in the wild.

PaulFebruary 17, 2009

It looks like IE7 patches are being used right now in the wild. According to TrendMicro:

HTML_DLOADER.AS exploits the CVE-2009-0075 vulnerability, which is already addressed by the MS09-002 security patch released last week. On an unpatched system though, successful exploitation by HTML_DLOADER.AS downloads a backdoor detected as BKDR_AGENT.XZMS.

[Image from TrendMicro Blog]

[ad#ad2-right]As you can see this this can be very bad for the companies who wait a while. Internet Explorer is still being used 1 out of 4 users and I see it it all the time on my stats. The Good news is this isn’t as hard to get rid as the Conflicker but should be taken serious because the writers might start to want to get even more malicious and make it even harder.

This is the next step to prevent yourself from getting caught with your pants down so to speak, you need to patch all systems that have internet access. I still like the Autopatcher because it will do the job with very little input from the user. It also makes it easier for people to patch big systems. You should also consider installing some Free Anti-virus software to help protect the systems you do have.

From the looks of this virus, someone could easily make this into a botnet and you know how that can could affect your systems and your ISP. So it is best to get this months patches on the floor of your company as soon as possible.

You should also consider telling your users to start using Firefox to prevent infection from even happening. Until you patch, you are vulnerable.

People coming from Sites that don’t exist

PaulJanuary 28, 2009

So I woke up today checking out my sites, and looking outside. So As I was checking my Stats for my blog. I cam across a referring site that brought Supposedly Two people to my site. I looked at the URL for the site:

http://trojan.fiftystatesclassifiedads.com/index.php

[ad#ad2-right]So after seeing the “trojan” Prefix and I am wondering if this was an attempt by Malware to infect my domain. So I go check this domain out. I got to it and I get a 404. I then do a Cache Check with OPENDNS. I also Then decided to see if it was even Registered domain by the doing a Whois. So I am opening this up to people who might know. I did do some research and here’s wha I’ve found out so far.

According to How2hack, they talk about how people want privacy and that it might be someone who does not want to be found. I tend to agree with them, Privacy for Privacy sake is good but if you want to be private you would you even be checking out websites knowing people will want to find out who really is coming to your site. The How2Hack site also talks about how this might happen and I see where they are coming from.

This was the only site I could find that even looked like it was relevant to what I was searching for. I don’t see how someone can come to my site saying they were referred by another site and that site does not exist? Anyone want to try to answer this question and give insight as to why this would happen?

New Twitter Phishing -jannawalitax.blogspot.com

PaulJanuary 3, 2009

I read Chris Prillo’s Blog about this and wanted to investigate this even more. When you go to this site it looks like:

When you go here the web address is : http://twitter.access-logins.com/login/ and it looks like it was a redirect form the blogspot.com site. so what I did an experiment and just took off /login/ on the address and this pops up:

[ad#ad2-right]

This website looks to like a facebook website so now you have to ask where is this at: Hunan China. After I did a whois look up it looks like China is at it again. These are trying to get on to your account to either spam or use it to get people to install software. So what are things you can do? If you have a question about this always check it out. That is why I like to check everything out with these types of phishing scams. I don’t know why they want twitter accounts, I just know they are doing this now. So if you get this message:

hey! check out this funny blog about you… jannawalitax . blogspot . com

Just ignore it and possibly blog the twitter account. That is probably a bot or someone’s account been hacked and is no longer valid. I’ll leave that up to you on how you handle that account. This is to warn people about this account and warn people. Help Protect your password with Roboform, don’t just use one password for all accounts. It also seems to be possible worm, if you think your infected check out my resource on remove the worm. Here’s the link to that talks about this being a worm.

Viacom might be going to HULU

PaulDecember 31, 2008

According to some of the news post people are worried about Viacom leaving Time Warner. Now Here’s where Viacom might be going digital. What do I mean Digital, I am talking about going to HULU. If Viacom doesn’t sign a deal with Time Warner, that would leave a space ope for someone else like Hulu.

So Viacom isn’t happy with Time Warner, or They want to go IPTV. Some of the Headlines I’m seeing are:

Time Warner Cable Loses Viacom: MTV, Nickelodeon, Comedy Central To Go Dark

Dispute Between Time Warner and Viacom May Affect Cable Shows

Viacom could pull MTV off Time Warner Cable

Viacom And Time Warner Cable Play Chicken; Programmer To Pull Networks Over Fee Dispute

These are just a few that I am seeing pop up around the internet. So what does that mean to the internet user? Well On one of there show’s like Dora the Explorer on Nickelodeon will begin to stream some of the shows previews on Dec 29, 2009 for it’s next show. When you go to Nickelodeon Site you get this:

[ad#ad2-right]Although this just means they want as much money as possible this does give Hulu the chance to start streaming this type of content easier and probably be able to sign a contract with them without much of a fuss. After all Viacom wants to make money some how. So what can you do to get them to go to Hulu. Email Hulu and tell them and tell them you want Viacom to come to Hulu. If this happens so many things will happen with regards to online media.

Disaster preparation 101 — Data backup

PaulDecember 18, 2008

In this one I will talk about Disaster, it happens to all of us from time to time. A fire, a earthquake, a stolen laptop or any number of ways. So what happens to your data, is it stored on the laptop? Is it important very sensitive data? Could you get fired if you lost that data?

[ad#ad2-right]These are all questions you must ask yourself when you have laptop. How do you backup your data or even do you have a backup? Having seen this with my own clients, I must wonder if there are people out there who just don’t care. I had a client the other day who gotten a virus and this was a really mean virus. Deleted some very important files when you tried to clean the virus out. She called me in a panic because she couldn’t load up windows? I asked if she had any backups, she said “what’s a backup” . So I sat there discussing this with the client for over 20 minutes. Finally she started to understand, she said she had the OEM Backup DVD but nothing else. She also said she needed help with getting data off the computer. I told her that I would be able to come the next day and I was lucky the virus didn’t do anything else to her data. We were able to retrieve the data from her system. That is where I start my rant , Why would anyone not have backup of there most important data?

So How do you backup your data? This is controversial and somewhat depends on how much people want to spend to keep there data safe and not loose pictures or music. There are several ways to do it, each way has it’s pitfalls or short comings and requires a little more effort:

Kinds of Backup

Hard Medium – DVD, CD, External Hard drive

Wikipedia’s List of DVD backup Software — This is good for beginners who want to explore how to backup options.

Free Hard Disk Backups and Restore Software — Gives you a list of great free backups and restore software to help you backup your system.

GoodSync Backup — This isn’t free but helps you backup your software to an external drive and makes sure you have the most current files on your system.

Some other Backup Software — This is a variety of good backup software from Amazon.

Although, The hard medium is usually used that doesn’t mean you can have a backup other than hard. Here are some ways to back up on the internet.

Internet Medium:

Jungle Disk — Provides online storage through the Amazon s3 service. Only pay for what you use. It works well with most Operating system. I’ve used it on Vista so it is really nice.

Carbonite Online backup –Another good Online storage.

Some Other Online backup — Here a list from Amazon to better help you find the type of software that you might need.

These are just a few options, if you want to look for other you can. The important thing to do is BACKUP because if you need some data that gets wiped or destroyed. You will be kicking yourself for not backing up.