"CARLISLE, Pa., Oct. 14 (UPI) --
Authorities say computer hackers drained more than $479,000 from a Pennsylvania county redevelopment agency's bank account.
Cumberland County officials told reporters Wednesday that the intruders transferred funds from the agency's account to their own accounts at 11 different financial institutions last month.
"We were all shocked when we heard this," said Cumberland County Redevelopment Authority Executive Director Chris Gulotta.
The Carlise (Penn.) Sentinel said that less than $110,000 has been recovered thus far and the county is negotiating with two other institutions.
The hackers apparently gained access to the redevelopment authority account through a virus that records keystrokes and was able to swipe a pass code. The virus was contained in a phony Web page that said the bank's real site was down for maintenance."
This is why you always know what your banking site looks like. If it says that it's down for maintenance, call your local branch to make sure that it really is! Who knows, it could save you your entire life savings. Other Tips for avoiding Phishing are:
1) Check for a lot of misspelled words. This is a common indicator that the site is a phishing site because they are usually hastily made.
2) Look at the URL (the http://...... part). If it looks different from what you usually type in, it may be a sign of a phishing attempt.
3) If you usually see the little "lock" symbol to the left of HTTP://, or your site uses HTTPS://, make sure it's there.
4) Finally, just plain avoid those sites that make you sign up to win something or receive a free gift. On the Internet, if it looks to good to be true, it usually is. In a study done, 90% of people gave up their userID or Password for a free item, usually something small like a pen or a calculator. 70% of people gave both away for a larger prize like a DVD.
Thursday, October 15, 2009
Wednesday, October 14, 2009
Techsmith
Techsmith offers a lot of unique and high quality software for people to use in everyday life, whether it's for work or play. Some of the software packages they offer are:
1) Snagit- Capture anything you see on the screen. Edit and combine those captures. Share them via your favorite applications. Organize and find them again later. Don't waste time cropping your captures. Snag exactly what you need with just a click.
Find a free trial Here
Snagit is simple and user friendly and it also offers a lot of unique tools to help make your screen captures look beautiful. Give the trial a shot and see if you like it! You'll be surprised at what you can use it for.
2) Camtasia Studio- People don’t want a long, drawn-out explanation. They want to see what you’re talking about. With Camtasia Studio, you can record your PC screen and create professional-looking videos that clearly demonstrate a process, a product, or an idea. Some call Camtasia Studio the world's smartest screen recording software. Why? Because it adapts to your workflow, not the other way around. Here's how it works:
-Record whatever you want, right now, at any size. Decide how to use it later
-Edit and Enhance to clarify and amplify your message
-Share your creation anywhere, in multiple formats
Find a free trial download Here
I use Camtasia at work to create training videos. It records the screen beautifully and let's you record sound during video capture or place it into the file afterwards. It also has a smart zoom feature that will zoom in on a location in the video if you are typing something...this can be turned off and edited to fit your needs. A great little program and I definitely recommend the 30 day trial.
1) Snagit- Capture anything you see on the screen. Edit and combine those captures. Share them via your favorite applications. Organize and find them again later. Don't waste time cropping your captures. Snag exactly what you need with just a click.
Find a free trial Here
Snagit is simple and user friendly and it also offers a lot of unique tools to help make your screen captures look beautiful. Give the trial a shot and see if you like it! You'll be surprised at what you can use it for.
2) Camtasia Studio- People don’t want a long, drawn-out explanation. They want to see what you’re talking about. With Camtasia Studio, you can record your PC screen and create professional-looking videos that clearly demonstrate a process, a product, or an idea. Some call Camtasia Studio the world's smartest screen recording software. Why? Because it adapts to your workflow, not the other way around. Here's how it works:
-Record whatever you want, right now, at any size. Decide how to use it later
-Edit and Enhance to clarify and amplify your message
-Share your creation anywhere, in multiple formats
Find a free trial download Here
I use Camtasia at work to create training videos. It records the screen beautifully and let's you record sound during video capture or place it into the file afterwards. It also has a smart zoom feature that will zoom in on a location in the video if you are typing something...this can be turned off and edited to fit your needs. A great little program and I definitely recommend the 30 day trial.
Tuesday, October 13, 2009
Todays Threat Level
Today's Internet Threat Level: GREEN
Handler on Duty: David Goldsmith
Top Three Ports Reported:
Port 1433 : MS-SQL-Server : Reports 18989
Port 445 : MS-DS : Reports 18424
Port 51413 : BitTorrent Upload Port : Reports 7025
Handler on Duty: David Goldsmith
Top Three Ports Reported:
Port 1433 : MS-SQL-Server : Reports 18989
Port 445 : MS-DS : Reports 18424
Port 51413 : BitTorrent Upload Port : Reports 7025
Today
I spent all of today on the road for work and now I have to do my school work. Unfortunately this means that I don't have much time to post, so here are some good Geek photos for you to copy and save to your computer!! If they are hard to read, just click them or right click and open in new window. Enjoy!!
Monday, October 12, 2009
The Wonderful World of ATF-Cleaner
ATF-Cleaner is a wonderful little temp file cleaner created by Atribune, located here. This is a fairly straight forward application and once you've downloaded it, it can be run quickly and efficiently. I use ATF Cleaner all the time, at home and at work, and it's never messed up my computer. However, it is shareware, so use it at your own risk! Here is a brief tutorial on how to use it:
1) Right click the link and go to "open link in a new window" and wait for the page to load
2) Locate the red letters that read, "ATF Cleaner", which are about halfway down the page. This is the link to the download.
3) Click the red letters and save it to your computer. I would suggest your 'My Documents' folder, but feel free to save it anywhere that you'll remember where it's at.
4) After the program downloads, browse to it's saved location and double click on the icon. The icon is a blue garbage can.
5) After locating the icon, double click it. Microsoft will most likely pop-up a warning like the following:
6) Click Run and the following window will open:
7) For the first time running this, click the 'Select All' option and then deselect the 'All User Temp' item:
8) Next, click the 'Empty Selected' button and let it sit. This is a lot faster cleaner than the Windows Disk Cleanup, but it will still take a bit of time...especially if you don't delete your cookies and temp files very often. I clean mine every other day, so it goes pretty quick. However, the first time I ran it, it took a while, but it cleaned over 2Gbs of data. It may look like it's frozen, but it will eventually pop up a screen like the following:
9) Click OK on the box and then run ATF again, but this time check the 'Select All' item and leave everything selected. The reason why we didn't do this first is because it has a tendency to take hours to clean if you select everything. I'm not sure why, but it does.
10) click OK again and close ATF Cleaner. You should restart your computer after this, but you don't have to do it right away. I would recommend restarting it sometime within the next day though.
If you have questions, please feel free to post them!
1) Right click the link and go to "open link in a new window" and wait for the page to load
2) Locate the red letters that read, "ATF Cleaner", which are about halfway down the page. This is the link to the download.
3) Click the red letters and save it to your computer. I would suggest your 'My Documents' folder, but feel free to save it anywhere that you'll remember where it's at.
4) After the program downloads, browse to it's saved location and double click on the icon. The icon is a blue garbage can.
5) After locating the icon, double click it. Microsoft will most likely pop-up a warning like the following:
6) Click Run and the following window will open:
7) For the first time running this, click the 'Select All' option and then deselect the 'All User Temp' item:
8) Next, click the 'Empty Selected' button and let it sit. This is a lot faster cleaner than the Windows Disk Cleanup, but it will still take a bit of time...especially if you don't delete your cookies and temp files very often. I clean mine every other day, so it goes pretty quick. However, the first time I ran it, it took a while, but it cleaned over 2Gbs of data. It may look like it's frozen, but it will eventually pop up a screen like the following:
9) Click OK on the box and then run ATF again, but this time check the 'Select All' item and leave everything selected. The reason why we didn't do this first is because it has a tendency to take hours to clean if you select everything. I'm not sure why, but it does.
10) click OK again and close ATF Cleaner. You should restart your computer after this, but you don't have to do it right away. I would recommend restarting it sometime within the next day though.
If you have questions, please feel free to post them!
Today's Threat Level
Today's Internet Threat Level: GREEN
Handler on Duty: Mark Hofman
Top Three Ports Reported:
Port 445 : MS-DS : Reports 939015
Port 1433 : MS-SQL-Server : Reports 694904
Port 135 : DCE endpoint : Reports 323584
Handler on Duty: Mark Hofman
Top Three Ports Reported:
Port 445 : MS-DS : Reports 939015
Port 1433 : MS-SQL-Server : Reports 694904
Port 135 : DCE endpoint : Reports 323584
Sunday, October 11, 2009
Today's Threat Level
Today's Internet Threat Level: GREEN
Handler on Duty: Scott Fendley
Top Three Ports Reported:
Port 445 : MS-DS : Reports 939015
Port 1433 : MS-SQL-Server : Reports 694904
Port 135 : DCE endpoint : Reports 323584
Handler on Duty: Scott Fendley
Top Three Ports Reported:
Port 445 : MS-DS : Reports 939015
Port 1433 : MS-SQL-Server : Reports 694904
Port 135 : DCE endpoint : Reports 323584
Hacking for UFO's
Computer hacker Gary McKinnon has been refused permission to appeal to the UK Supreme Court against his extradition to the US.
The High Court ruled the case was not of "general public importance" to go to the UK's highest court.
Glasgow-born Mr McKinnon, 43, of Wood Green, London, is accused of breaking into the US's military computer system. Mr Mickinnon, who has Asperger's syndrome, insists he was just seeking evidence of UFOs.
Janis Sharp told BBC Radio 5 live that the ordeal had "broken" her son".
(http://news.bbc.co.uk/2/hi/uk/8298924.stm)
McKinnon's craziness manifested itself in obsessive hacking. With a joint in the ashtray and a can of Foster's next to the mousepad, he hacked Nasa, the Pentagon, and every US military installation he could get into. It was, he says, incredibly easy. He wrote a script that searched for network administrators who'd been too lazy to change their user names from "user name" and their passwords from "password". And when he found one he was in.
His testimony offers a compelling argument against conspiracy theories. He spent between five and seven years roaming the corridors of power like the Invisible Man, wandering into Pentagon offices, rifling through files, and he found no particular smoking gun about anything. He unearthed nothing to suggest a US involvement in 9/11, nothing to suggest a UFO cover-up. Nothing, he told me, except two things.
"I found a list of officers' names," he said during our first meeting in 2003, "under the heading "Non-Terrestrial Officers". I looked it up and it's nowhere. I don't think it means little green men. What I think it means is not Earth-based. What I saw made me believe that they have some kind of spaceship, off planet."
"Some kind of other Mir that nobody knows about?" I asked.
"I guess so," said McKinnon. "But I was smoking a lot of dope at the time. Not good for the intellect.
(http://www.guardian.co.uk/world/2009/aug/01/gary-mckinnon-extradition-nightmare)
OK. So should the British Government Extradite this man? I think so. He has been caught for breaking into multiple U.S. Government sites and the kicker is that he has admitted it! He claims to be searching for information on UFO's, but does it really matter? Either way he compromised a government system and he needs to be tried for it and sentenced.
"For the past seven years, in bedsits in Crouch End and Bounds Green, north London, the Pentagon hacker and UFO buff Gary McKinnon has – according to his family and friends – been suffering one long anxiety attack. He's prone to regular fits of fainting and thoughts of suicide. He's written that he can't look himself in his eyes when he's shaving in case the sight of himself sets the spiral off. He jumps out of his skin if someone touches him by surprise. I've met him sporadically during these years and can vouch that he's a chainsmoking, terrified shell.
"I'm walking down the road and I find I can't control my own legs," he has told me. "And I'm sitting up all night thinking about jail. About male rape. An American jail. I'm only a little nerd … My life is like walking through a world you know is probably going to end."
Is this guy fit to stand trial? Most likely not. He seems like he's a bit out there. I think one major issue with this guy is that he didn't/doesn't realize the consequences of his actions. Did he really think that if he hacked into anything, and was caught, that nothing would happen to him? He says, "...And I'm sitting up all night thinking about jail. About male rape. An American jail. I'm only a little nerd …" OK, well yes, shit happens in jail that isn't good, but really, you should have thought about that before you started doing illegal stuff. The news claims that he was one of the first to start messing around on the Internet and that he was testing it's boundaries. If that's the case, he should have stopped hacking after Mitnick was arrested and tried. In the end, I hope that he is extradited and that he stands trial. He deserves to go to jail, even if it is for a short term.
The High Court ruled the case was not of "general public importance" to go to the UK's highest court.
Glasgow-born Mr McKinnon, 43, of Wood Green, London, is accused of breaking into the US's military computer system. Mr Mickinnon, who has Asperger's syndrome, insists he was just seeking evidence of UFOs.
Janis Sharp told BBC Radio 5 live that the ordeal had "broken" her son".
(http://news.bbc.co.uk/2/hi/uk/8298924.stm)
McKinnon's craziness manifested itself in obsessive hacking. With a joint in the ashtray and a can of Foster's next to the mousepad, he hacked Nasa, the Pentagon, and every US military installation he could get into. It was, he says, incredibly easy. He wrote a script that searched for network administrators who'd been too lazy to change their user names from "user name" and their passwords from "password". And when he found one he was in.
His testimony offers a compelling argument against conspiracy theories. He spent between five and seven years roaming the corridors of power like the Invisible Man, wandering into Pentagon offices, rifling through files, and he found no particular smoking gun about anything. He unearthed nothing to suggest a US involvement in 9/11, nothing to suggest a UFO cover-up. Nothing, he told me, except two things.
"I found a list of officers' names," he said during our first meeting in 2003, "under the heading "Non-Terrestrial Officers". I looked it up and it's nowhere. I don't think it means little green men. What I think it means is not Earth-based. What I saw made me believe that they have some kind of spaceship, off planet."
"Some kind of other Mir that nobody knows about?" I asked.
"I guess so," said McKinnon. "But I was smoking a lot of dope at the time. Not good for the intellect.
(http://www.guardian.co.uk/world/2009/aug/01/gary-mckinnon-extradition-nightmare)
OK. So should the British Government Extradite this man? I think so. He has been caught for breaking into multiple U.S. Government sites and the kicker is that he has admitted it! He claims to be searching for information on UFO's, but does it really matter? Either way he compromised a government system and he needs to be tried for it and sentenced.
"For the past seven years, in bedsits in Crouch End and Bounds Green, north London, the Pentagon hacker and UFO buff Gary McKinnon has – according to his family and friends – been suffering one long anxiety attack. He's prone to regular fits of fainting and thoughts of suicide. He's written that he can't look himself in his eyes when he's shaving in case the sight of himself sets the spiral off. He jumps out of his skin if someone touches him by surprise. I've met him sporadically during these years and can vouch that he's a chainsmoking, terrified shell.
"I'm walking down the road and I find I can't control my own legs," he has told me. "And I'm sitting up all night thinking about jail. About male rape. An American jail. I'm only a little nerd … My life is like walking through a world you know is probably going to end."
Is this guy fit to stand trial? Most likely not. He seems like he's a bit out there. I think one major issue with this guy is that he didn't/doesn't realize the consequences of his actions. Did he really think that if he hacked into anything, and was caught, that nothing would happen to him? He says, "...And I'm sitting up all night thinking about jail. About male rape. An American jail. I'm only a little nerd …" OK, well yes, shit happens in jail that isn't good, but really, you should have thought about that before you started doing illegal stuff. The news claims that he was one of the first to start messing around on the Internet and that he was testing it's boundaries. If that's the case, he should have stopped hacking after Mitnick was arrested and tried. In the end, I hope that he is extradited and that he stands trial. He deserves to go to jail, even if it is for a short term.
The Internet Storm Center
http://www.dshield.org/indexd.html
I was looking at the dshield website today and found this interesting diary entry from yesterday.
"The Internet Storm Center is focusing on IP ports for the month of October. I am going to continue the theme, but with a bit of a twist. I am going to talk about a few of the ports that are usually not desirable to appear in a traffic analysis. There are many more than I could list, the majority associated with malware. But not all of them.
Here we go:
1214 - Limewire/Kazaa (A Peer-to-Peer application. Not by definition malware, but not something desirable in an enterprise)
2773 - SubSeven (Trojan)
5631 - pcAnywhere (A commercial remote control application)
1863 - Numerous Microsoft applicationsI want to emphasize that these listed are not necessarily bad.
The point here is awareness. Knowledge, and management, of the ports required and permitted in the enterprise, and at home, will lead to an overall improvement of the security posture of a network. This is where syslogs, traffic analysis, and documentation will tie everything together." (tony d0t carothers @ isc d0t sans d0t org)
Also, to help promote Internet security and awareness, I'm going to start posting the Internet Security Threat Level and 'On-Duty' Handler for the Internet Storm Center(ISC). If you get time, check out their site at http://www.dshield.org/. This site has a lot of interesting information including the amount of malware that is being distributed and reported. Check out the image below:
I was looking at the dshield website today and found this interesting diary entry from yesterday.
"The Internet Storm Center is focusing on IP ports for the month of October. I am going to continue the theme, but with a bit of a twist. I am going to talk about a few of the ports that are usually not desirable to appear in a traffic analysis. There are many more than I could list, the majority associated with malware. But not all of them.
Here we go:
1214 - Limewire/Kazaa (A Peer-to-Peer application. Not by definition malware, but not something desirable in an enterprise)
2773 - SubSeven (Trojan)
5631 - pcAnywhere (A commercial remote control application)
1863 - Numerous Microsoft applicationsI want to emphasize that these listed are not necessarily bad.
The point here is awareness. Knowledge, and management, of the ports required and permitted in the enterprise, and at home, will lead to an overall improvement of the security posture of a network. This is where syslogs, traffic analysis, and documentation will tie everything together." (tony d0t carothers @ isc d0t sans d0t org)
Also, to help promote Internet security and awareness, I'm going to start posting the Internet Security Threat Level and 'On-Duty' Handler for the Internet Storm Center(ISC). If you get time, check out their site at http://www.dshield.org/. This site has a lot of interesting information including the amount of malware that is being distributed and reported. Check out the image below:
Adobe Zero Day Flaw
"Adobe has alerted users to a zero day flaw in its PDF and Reader formats and has said it is already being exploited by malware writers.
The company has issued an alert and said it will release a patch for the flaw on Tuesday. In the meantime users are advised to disable JavaScript, although Adobe warned this may not be a complete solution."
“Adobe Reader and Acrobat 9.1.3 customers with DEP enabled on Windows Vista will be protected from this exploit. Disabling JavaScript also mitigates against this specific exploit, although a variant that does not rely on JavaScript could be possible. In the meantime, Adobe is also in contact with Antivirus and Security vendors regarding the issue and recommends users keep their anti-virus definitions up to date.”
So, it should be common sense to keep your antivirus up to date, but it is surprising how often I talk with people who say that they don't. As an IT guy, I really can't stress how important it is to keep your Antivirus current. In a later post I will be describing the differences between an Antivirus suite and an Internet Security Suite. Most people believe that they are perfectly protected and safe with just Antivirus. However, they really need to understand the added benefits of a firewall. Well, like I said, that will come later.
As for this flaw, I'm glad that Adobe is aware of it and making it's users aware. "Security through Obscurity is Never the Answer." This is a very important thing for companies to realize. Obscuring security flaws leads to a false sense of security for the company and for the end users.
The company has issued an alert and said it will release a patch for the flaw on Tuesday. In the meantime users are advised to disable JavaScript, although Adobe warned this may not be a complete solution."
“Adobe Reader and Acrobat 9.1.3 customers with DEP enabled on Windows Vista will be protected from this exploit. Disabling JavaScript also mitigates against this specific exploit, although a variant that does not rely on JavaScript could be possible. In the meantime, Adobe is also in contact with Antivirus and Security vendors regarding the issue and recommends users keep their anti-virus definitions up to date.”
So, it should be common sense to keep your antivirus up to date, but it is surprising how often I talk with people who say that they don't. As an IT guy, I really can't stress how important it is to keep your Antivirus current. In a later post I will be describing the differences between an Antivirus suite and an Internet Security Suite. Most people believe that they are perfectly protected and safe with just Antivirus. However, they really need to understand the added benefits of a firewall. Well, like I said, that will come later.
As for this flaw, I'm glad that Adobe is aware of it and making it's users aware. "Security through Obscurity is Never the Answer." This is a very important thing for companies to realize. Obscuring security flaws leads to a false sense of security for the company and for the end users.
Subscribe to:
Comments (Atom)