Archive for the ‘Security’ Category

August 10 Microsoft Monster Patch

August 11th, 2010 in English, Microsoft, Security | No Comments »

Like you can see in August 2010 Security Bulletin Release and

Microsoft Security Bulletin MS10-052 – Critical

there are some serious problems we sysadmin have to deal with!

 

CLICK to zoom

 

CLICK to zoom

 

 

Sources:

  1. August 2010 Security Bulletin Release
  2. Microsoft Security Bulletin MS10-052 – Critical

Trust, but verify!

November 1st, 2009 in English, Malware, Security, Twitter | 4 Comments »

Everyone of you knows this..- “Trust, but verify!” – but only a few of you follow this golden rule.

I follow a couple (of hundred) of people on Twitter and on Saturday night I did see this Tweet:

 

Tweet from @securitypro2009

 

So… I clicked on the link and…   WTF??  I got this window popping up

 

FAKE Anti Virus warning!

 

Sure… NOT!

This is a classic case of malware 

Why? An Ethiopian goverment site would never ever link to some commercial site to check “your” computer.

 

Now we are going to investigate this. I changed browser – I was so lazy to use Google’s Chrome because it is fast (but insecure!) – to Firefox because it’s has some nice (security) plug ins

I visited the url again and this is what I got

 

url moved?

 

URL moved? Hmm   let me check that..

 

 

link to sellbit.cn

 

Linked to sellbit.cn   Hey? A clue! Let me (temporarily) allow this to happen…

 

 

link to traflab.cn

 

Look! A link to… traflab.cn  Hmm we will follow this one too..

 

 

link to whale-tale.cn

 

Another one! A link to whale-tale.cn this time..   Again we will follow this one to see where we get..

 

 

link to 009antivirus.com

 

WATCH IT!!  NOSCRIPT is blocking all this and as you can see, again we are linked to some other site. This time it’s 009antivirus.com and they try to run a program

Who and/or what is 009antivirus.com?   We check this and see the following info

 

 

snag-20091101033936

 

Hmmm Created 2009-10-28 ??   Just 3 days ago!

We could e-mail Mr Foi M Summer and ask him to explain all this, because it is weird that a link to his site is placed on an Ethiopian goverment site.

But.. we don’t have to…  malwareurl.com has some nice info about 009antivirus.com and what do we see?

009antivirus.com is a well know malware site!!

 

I will not contact him.

What I will do is publish all this info, to share this with you. So you can see that even trustworthy links can be bad.

And… of course… contact the webmaster of http://www.addisababacity.gov.et

 

and… remember…  “Trust, but verify!

KUTGW Twitter admins

April 13th, 2009 in English, Security, Twitter | No Comments »

Keep Up The Good Work Twitter admins!  Yes, I know how this must feel. The whole Twitterverse is bitching at you because of the worm problems and of course you tech guys are the one who are responsible, right?

 

Hell no!!

As we all know, it what the 17-year old Mikeyy Mooney who all started this. He did it because of “boredom” and because he “needed a way to make money” as he told BNOnews

 

Q: But why are there so many “infected” users?

 

Ah! There we go!
A: Because we are talking about..  (l)users!

 

You are all so busy “making money fast” and “getting rich while blogging” or just following everything and everyone because it looks so cool when you follow over 10,000 people..

Of course you had no time to follow @spam, read Twitter’s blog or even follow the news, didn’t you? Not to mention all those fine people who did ReTweet the warning messages.
Let me tell you this… even your computer thinks you are an idiot!

computer-idiot

Of course…  for those fine sysadmins at Twitter HQ, I have something else to say:

Remember guys!  This or this (NSFW) is why you are doing it! KUTGW!

Get Adobe Flash playerPlugin by wpburn.com wordpress themes

Meta