Cyber Security

[DanPickUp]

Phishing attack from the highest level:

Mahdi - The Cyberwar Savior?

"In Islamic eschatology, the Mahdi is the prophesied redeemer of Islam who will rule for seven, nine or nineteen years before the Day of Judgment and will rid the world of wrongdoing, injustice and tyranny. In Islam Ahmadiyya, the terms "Messiah" and "Mahdi" are synonymous terms for one and the same person." -- Wikipedia

http://blog.seculert.com/2012/07/mahdi-cyberwar-savior.html

 

[DanPickUp]

Oracle's July patch day brings 87 security updates

n its planned July Critical Patch Update (CPU), Oracle has released a total of 87 security updates to fix various vulnerabilities across a number of its product families. The updates affect products including Oracle Fusion Middleware 11g, Oracle Database 10g and 11g, and MySQL. One of the holes was given the highest possible CVSS score of 10.0; it was closed in the JRockit Java Virtual Machine (JVM), which is part of Oracle Fusion.

http://www.h-online.com/security/ne...h-day-brings-87-security-updates-1644934.html

 

[DanPickUp]

If you still have older version, upgrade now. I have seen big companies which still run Mozilla on very old versions and complain about why they are so many times infected with some kind of male ware.

http://www.mozilla.org/en-US/firefox/new/

Keep the link in your bookmarks in case you do not give the permission to upgrade automatically.

 

[VJAY]

Dear Dan,
Very helpful/informative thread...thanks for sharing most valuable things for internet users...

 

[DanPickUp]

XP-AntiSpy 3.98-2

The xp-AntiSpy is a little utility that lets you disable some built-in update and authentication ‘features’ in WindowsXP.

For example, there’s a service running in the background which is called ‘Automatic Updates’. I don’t know what this service transfers from my machine to other machines on the internet, especially the MS ones. So I play it safe and disable such functions. If you like, you can even disable these functions manually, by going through the System and checking or unchecking some checkboxes. This will take you approximately half an hour. But why wast time when a little neat utility can do the same in 1 minute? This utility was successfully tested by lots of users, and was found to disable all the known ‘Suspicious’ Functions in WindowsXP. It’s customiseable, but comes up with the Default settings, which are recommended.

http://xp-antispy.org/en/

Some words from my side: Be careful when disabling the following:

- Security Center
- Access to 16 Bit Applications (You will need that for very old Excel Version)
- Script Hosting
- Starting regedit. exe

All other stuff you can disable with out any problem, that at least is my experience for the last few years.

 

[DataRam]

XP-AntiSpy 3.98-2

The xp-AntiSpy is a little utility that lets you disable some built-in update and authentication features in WindowsXP.

For example, theres a service running in the background which is called Automatic Updates. I dont know what this service transfers from my machine to other machines on the internet, especially the MS ones. So I play it safe and disable such functions. If you like, you can even disable these functions manually, by going through the System and checking or unchecking some checkboxes. This will take you approximately half an hour. But why wast time when a little neat utility can do the same in 1 minute? This utility was successfully tested by lots of users, and was found to disable all the known Suspicious Functions in WindowsXP. Its customiseable, but comes up with the Default settings, which are recommended.

http://xp-antispy.org/en/

Some words from my side: Be careful when disabling the following:

- Security Center
- Access to 16 Bit Applications (You will need that for very old Excel Version)
- Script Hosting
- Starting regedit. exe

All other stuff you can disable with out any problem, that at least is my experience for the last few years.

Very Informative. I appreciate your efforts to help TJ members in technical aspects. :clapping:

 

[DanPickUp]

How healthy is your hard disc?

They do not live for ever and if you have a little tool which can tell you in what conditions your hard disc is, this can prevent you from completely loosing your data in a worst case.

There are such little tools which give you the information and you not have to be a geck in computers to use them.

One I use now for years is the following as I was once in the past confronted with that problem. When I first time used such kind of tools, it showed me that my hard disk shortly was going to crash. I then was warned and could transfer all my data to an other hard disk.

Here a link about the technology: http://en.wikipedia.org/wiki/Self-Monitoring,_Analysis_and_Reporting_Technology

And here one such tool which is up today and very easy to use. Download, install and see how healthy or not healthy your hard disk is.

http://crystalmark.info/?lang=en

DanPickUp

 

[DanPickUp]

The prospective victim had received an unsolicited phone call, allegedly from Microsoft, informing him that notification had been received concerning a virus infection on his PC, and offering to help him to install antivirus software. When asked what antivirus software was being offered, the caller claimed that it was ESETs.

http://go.eset.com/us/resources/white-papers/Hanging-On-The-Telephone.pdf

 

[DanPickUp]

Dropbox has shown that it not can handle customer data in a proper and safe way, as even some kind of employee from them could took away the data and put it in his own drop box. Later that drop box was hacked and all the data went out and used for spam e-mails.

If you do not know what drop box is, read this: http://en.wikipedia.org/wiki/Dropbox_(service)

If you look for a qualitative alternative, check the following:

SparkleShare is Free and Open Source software and is built by people who care about privacy and freedom. Not only can you use it however you like, you are also free to modify and redistribute it when you give the recipients the same freedoms.

http://sparkleshare.org/

 

[DanPickUp]

Hi

I mentioned "Flame" in the first post of this thread and how professional and dangerous it is made. But that is not the whole story as security experts now identified an other Trojan, named "GAUSS". It seems to be made from the same group of people which created "Flame" and "Stuxnet". It was first time detected in September 2011 and in June 2012 identified as Trojan-Spy.Win32.Gauss. Here it goes:

Kaspersky experts have released the details on Gauss, a dangerous piece of banking malware – deployed in August- September 2011 – which is capable of stealing sensitive information from infected Windows computers.

The threat, which is believed to be state-sponsored, comes with a mysterious encrypted payload that is activated only on certain system configurations.

Developed sometime at the middle of 2011, Gauss has most likely been developed by the same group that’s behind the Flame malware.

http://news.softpedia.com/news/Gaus...g-Trojan-Based-on-Flame-Platform-285953.shtml

http://www.securelist.com/en/analysis/204792238/Gauss_Abnormal_Distribution