penoycentral.net » Security

Phone Scam claiming from Microsoft

penoycentral — Sat, 15 Oct 2011 08:48:45 +0000

beware of this scam, i just received a call claiming they are from microsoft and said that my computer was sending malicious info in the net. Curiously, i removed my network connection(for safety reason) and followed their instruction..they asked me to go to the Event Viewer and asked if theres any error.. obviously there wil be erros in windows.they requested me to delete the error logs.. obviously i wasnt able to delete the logs.. after that he told me that a microsoft certified technician will scan my computer online by opening something which irritates me.. if theres any issues with my pc.. i will deal with it.. i can reformat anytime or use Linux.. and i dont want microsoft support to mess around with my pc.. the caller even says that if there will be any problem with my computer, it will not be Microsoft’s fault.. to hell Microsoft cares???i hung up the phone.

Did some research on this scam and found the following sites.. please be warned and this kind of modus operandi is still on the loose

http://www.computerrepairtips.net/phone-call-from-microsoft-about-virus-is-a-scam/

http://answers.microsoft.com/en-us/windows/forum/windows_vista-security/i-received-a-phone-call-from-someone-claiming-i/4489f388-d6de-416d-9158-0079764bb001

New AVG Internet Security 2011 update cause Windows 7 to crash

penoycentral — Thu, 02 Dec 2010 02:00:59 +0000

I just came from my night shift and found AVG was updated and needed for a computer reboot. To my amaze, the New AVG Internet Security 2011 update causes Windows 7 to crash. Even in Safe Mode, it wont boot at all. As of now, AVG haven’t release a quick fix yet. Or in worst case scenario, reinstall Windows.

====

Update

How to fix your computer after AVG Internet Security 2011 update windows crash

1. download and burn AVG Rescue CD http://www.avg.com/ww-en/download-file-cd-arl-iso

2. Boot thru AVG rescue CD. Go to Utilities > File Manager then navigate to /mnt/sda(x) where x depends on the partition of your computer.

3. Rename the following files

\Program Files(x86)\AVG\AVG10\avgrs*.exe >> avgrs*.exe.bak
\Program Files(x86)\AVG\AVG10\avgchsv*.exe >> avgchsv*.exe.bak

4. Press ctrl+alt+del to reboot your computer. Make sure that you remove your AVG Rescue CD.

5. Once your computer successfully booted. Download the latest AVG Internet Security 2011 Installer http://www.avg.com/ww-en/download-trial

6. Run the installer and click Repair. After the repair, reboot your computer

(or you skip step 5 and 6. Uninstall AVG and install other free Antivirus software)

You can also use Linux-based live CDs as an alternative to AVG Rescue CD

As of now, the issue is being tracked on the following sites:

AVG Official Fix: AVG FIX FOR WIN 7 64 BIT CUSTOMERS NOW RELEASED

AVG Forum : Some Windows 7 operating systems cannot be started after latest update

AVG Facebook : http://www.facebook.com/avgfree

#AVG Twitter: http://twitter.com/#!/search?q=%23AVG

Trendmico doesnt want you to buy other Antivirus software

penoycentral — Wed, 24 Nov 2010 17:04:54 +0000

I’m using Trendmicro Internet Security Pro for almost one year and my license will expire Jan 2011. Since it will be SITEX this coming weekend, its time for me to hunt and try other antivirus system. First choice is Kaspersky. When im trying to check the pricing online, i was amazed that Kaspersky’s online store was tagged as Dangerous by Trendmicro’s Web filter. Now thats what i call “killing the competition”

But i wont settle with Kaspersky as the review is not that quite good. Will try AVG or Nod32 or avast. Lets see..

Phishing attack on bloggers

penoycentral — Sun, 28 Feb 2010 10:33:14 +0000

Last week i received an email asking if I’m in posting their ads. To check out their ADS Unit, i must click a Google Picasa Web album url. Curious, I clicked on the URL from the email and it forwarded me on a Google Account authentication page.

Hmm smells fishy. Remember that my wife’s yahoo account was hacked after someone from her friend’s hacked YM asked her to check out the pictures on his flicker. In just a minute, her username and password was harvested by the hacker and we have to call Yahoo just to retrieve the credentials.

You wont notice that this is a bogus page.

http://picasaphotos21.t35.com/photoalbum.htm

hmmm, ok. Not your usual Google URL and looks like a subdomain of t35.com

Let’s check out www.t35.com

Boom!!! t35.com is a free website service. So the hacker uses a free web service to host his fake Google Picasa page. The minute you entered your Google Account username and password it will be harvested.

How will you identify if the page is bogus or not? Here are some of the basic steps that you can use:

1. Google always use webpage SSL certificates. You will notice that the URL starts with https://…. instead of http://… on its page authentication.

2. Update your internet browsers. New browsers are intelligent enough if the SSL certificates is fake or not.

3. Always check the URL of the page. Most of the hackers uses free web service hosting to host their bogus site.

Internet security awareness will always save your butt and your hard earned ADS payments.

Hacking Yahoo Mail account: How did he do it??

penoycentral — Sat, 25 Oct 2008 14:35:48 +0000

After yesterday hacking incident on my gf’s yahoo mail account, we called and emailed yahoo customer service and answered all of the security question just to prove that she owns the yahoo id. Yahoo then emailed us the new password and we were able to retrieve the account from the bastard.

So how the hacker did it???? It was just a simple page that collects username and password. But he is skilled on “social engineering”. At first you will not notice anything because the flow of conversation is friendly.

The yahoo mail phishing webpage was so simple. Last night i debug the page by using fiddler2, a free web debugging tool. So after the victim entered the username and password and clicked the fake Sign On button, the account information will be then be saved in a clear text file that the hacker then can retrieve and used to logon unto the victim’s account. After that he will change your password and 0wn your account.

Debugging yahoo mail phishing page using Fiddler2

Saves username and password on clear text

So if you are a victim of such incident, call Yahoo Customer Service, email them and never forget all information that you used during the creation of your account, alternate email, pet’s name, birthday, etc. War against cyber crime is true so always be on guard.

Yahoo Mail Account hacked

penoycentral — Fri, 24 Oct 2008 13:00:09 +0000

My gf yahoo mail account was hacked. A friend of her chatted thru yahoo messenger and asking for a load. At first you will not notice the scam because the chat was in Tagalog (native language in the Philippines). And after that the hacker asked her to check a URL for him.

http://ymphotos.my3gb.com/yahoo.html

The page looks like a yahoo mail login page. She then mistakenly entered her username and password.. and boom, her account was hacked.

The hacker then used my gf’s yahoo account and chat her friends in yahoo messenger asking again for a load. After a series of conversation on one of her friends. A former officemate in Manila called her and asked if she were in the Philippines and if she is online on YM. They were puzzled why would she then asked for a cellphone load. Rachel notified me to check her Yahoo but no avail, the hacker already changed the password.

I tried to reset the password but she forgot her alternate email. We called yahoo’s customer service but they are already closed for the day.

We spent the night changing all of our account’s password and calling friends not to chat her YM ID just to avert further damage.

PuttyTabs: putty on tabs

penoycentral — Fri, 28 Mar 2008 01:23:35 +0000

Tired of unorganized ssh putty sessions and don’t have the budget for SecureCRT??? Use PuttyTabs!!! PuttyTabs is a utility use to organize your ssh on tabs. It has its own docking window that you can hide in your desktop.

Installing Security Auditor’s Research Assistant(SARA) in backtrack linux

penoycentral — Tue, 25 Mar 2008 14:10:39 +0000

Installing Security Auditor’s Research Assistant(SARA) in backtrack linux

Install tcsh. Perl needs the csh shell to execute SARA
#wget http://mirror.muntinternet.net/pub/slackware/slackware_source/a/tcsh/tcsh-6.15.00.tar.bz2
#bunzip2 tcsh-6.15.00.tar.bz2
#tar xvf tcsh-6.15.00.tar
#cd tcsh-6.15.00
#./configure
#make
#make install
#ln -sf /usr/local/bin/tcsh /bin/csh

Download and install SARA
#wget http://www-arc.com/sara/downloads/sara-7.5.2.tgz
#tar xvzf sara-7.5.2.tgz
#cd sara-7.5.2
#./configure
#make
#make install

Add sara user
./add_user

Scan a host
./sara -a4

Run SARA in daemon mode
./sara -D

Now browse to http://localhost:666

Should i Perl or Python now

penoycentral — Tue, 25 Mar 2008 08:55:12 +0000

my 30 days lab access ended last February for the security course that im attending. Im still waiting for a May slot and extend another 30 days access. For the meantime, im struggling to learn perl and python programming needed in some of the course lab exercises.

PostgreSQL

penoycentral — Fri, 22 Feb 2008 03:42:16 +0000

[root@localhost]# postgres
“root” execution of the PostgreSQL server is not permitted.
The server must be started under an unprivileged user ID to prevent
possible system security compromise. See the documentation for
more information on how to properly start the server.
[root@localhost]#

im starting to like PostgreSql…