Posted by chris on Thursday, January 28, 2010 – 12:57 PM
Filed under scams, virus
Tagged as e-mail, virus
Just a quick warning about a couple of e-mails that had a virus attachment. They are both pretending to be from U.S. Shipping companies.
First we have this one from “UPS”
From: UPS Manager Romeo Law [delivery@ups.com]
Subject: UPS Delivery Problem NR 08488.
Dear customer!
We failed to deliver the package sent on the 6th of January in time because the recipient’s address is incorrect.
Please print out the invoice copy attached and collect the package at our office.
United Parcel Service of America.
Dear customer!
We failed to deliver the package sent on the 6th of January in time
Read More »
Posted by chris on Wednesday, January 27, 2010 – 9:30 PM
If you follow this blog, you know that I did an article on the first stable release of Namp http://www.pccybertek.com/2010/01/nmap-5-20-released yesterday. Now that it has been out for a week, Fydor has already released another update, Namp 5.21 which is also a stable
release and not a beta. It’s mainly just a bug fix release. So I have updated the download section here with a link to the 5.21 release, which is on the right column about 3/4 of the way down the page. My download link is directly to the file on the insecure.org website or you can go to the Nmap download page yourself.
But I don’t want to just tell you about the update, I’d like to offer you some more since you took the time to stop by here. So here is a link to Iron Geek’s Baisc Nmap Tutorial video. And if already know the basics and would like to move on to some more advanced lesson, here is Iron Geek’s Nmap Video Tutorial 2: Port Scan Boogaloo Happy port knocking.
Posted by chris on Tuesday, January 26, 2010 – 10:38 PM
Some how this one slipped by me because it was published by Adobe on the 19th.
Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.2.602 and earlier versions, on the Windows and Macintosh operating systems. The vulnerabilities could allow an attacker, who successfully exploits the vulnerabilities, to run malicious code on the affected system. Adobe has provided a solution for the reported vulnerabilities. It is recommended that users update their installations to the latest version using the instructions provided above.
This update resolves a buffer overflow vulnerability that could potentially lead to code execution (CVE-2009-4002).
This update resolves multiple integer overflow vulnerabilities that could potentially lead to code execution (CVE-2009-4003).
Download Adobe Shockwave Player version 11.5.6.606 here
You can find out which version you have by going here Test Adobe Shockwave Player
Posted by chris on Tuesday, January 26, 2010 – 2:07 PM
Fydor has released Nmap 5.20. This is the first stable release, or non beta release, of Nmap since July 2009. And like usual, it has a lot of nice improvements and upgrades. If I could only have one security tool, Nmap would be it. It’s the first, and sometimes the only, program I run when I want to do any kind of security audit or if I want an inventory of the LAN and which services are running .
Read More »
Posted by chris on Thursday, January 21, 2010 – 4:09 PM
Filed under fix, WordPress
Tagged as Blog, fix, WordPress
For quite sometime, the post date format has not bee what I wanted. It was displaying day-month-year ( 21-1-10). This was confusing some of my readers. I tried to change it in the WordPress dashboard under Settings, but it never made a difference. I searched for a solution and found several people had the same problem but no one actually had a good answer. However, one of the posts refered me to Customizing the Time and Date and while this was just the formatting of the date and time, it did give me a clue of what to look for.
WordPress is written in the programming language PHP. The date formatting functions in WordPress use PHP’s built-in date formatting functions. You can use the table of date format characters on the PHP website as a reference for building date format strings for use in WordPress.
Armed with this information, I went to my WordPress dashboard and clicked on Appearance and then Editor. Then I started going through the Template Theme files. Sure enough, I found <?php the_time(‘D m-d-Y’) in the Main Index Template (index.php) file. So I went back to the Format page to see what options I had and decided on the day, month-date-year for my format. So I changed <?php the_time(‘D m-d-Y’) to <?php the_time(‘D, m-d-Y’) and then clicked on update. And as you can see, the dates of my posts, on the main page, now have the post date formatted the way I wanted.
The other place you can change the time and date format is in Single Post (single.php) which I did a little different that my main page. I decided to go with l, F jS, Y which will look like: Friday, January 22nd, 2010
UPDATE: I found a couple other places that needed to be changed in my theme. So here is a list of the files that I could change my date format in.
Archives (archive.php)
Comments (comment.php)
Main Index Template (index.php)
Single Post (single.php)
Hope this helps. If you have any questions, leave me a comment and I will try to help.
Posted by chris on Saturday, January 9, 2010 – 4:32 AM
At one time I was going to make at least one free software recommendation a week. At some point I realized that in order to do this, sooner or later I would either run dry of suggestions, or make suggestions of products I really haven’t throughly tested. So I changed my mind and decided to only write about programs I have used for quite some time and really like. One of the first was Miro
Tonight’s pick is an all in one Instant Messenger, E-mail and Social Network client called Digsby. I’ve been running Digsby for around a year and it is really nice. I’ve set it up to connect to my AIM, MSM, Yahoo Chat, Facebook, Myspace, Twitter and all my various e-mail addresses. It sits nicely in my system tray and when I click on it, it pops up a sidebar on the left side of my screen that lists all the services I have it monitoring. If I click on the MSM bar it expands so I can see who is online and if I click on anyone who is online, I’m chatting with them just like I was running MSM. Instead of having to load all those different chat programs, I just run Digsby. Of course there are other programs like this, I use to run Trillian but it felt kinda clunky me and I haven’t tried the newer version of Trillian which now also supports Twitter and E-mail. However, I see Trillian still offers a pro version which isn’t free so it doesn’t totally fall into my “Free Software” category. Digsby also has several options for notification. Mine is configured so it pops up a little alert window. This is real handy for Twitter. I see the complete tweet and have options to retweet or reply to it. If I click on the notification window it will take me to that tweets page and I will already be logged in to Twitter. The same goes for any notification window, by clicking on it. If it’s one of my webmail accounts, I will be logged in and taken to that e-mail, or if it’s a pop mail account, it will launch whatever application you have chosen for your e-mail, such as Outlook.
Read More »
Posted by chris on Thursday, January 7, 2010 – 4:13 AM
Here we go again. This isn’t news hot off the press, but I decided I should post about it here just in case some of you have missed it. There has been another Adobe Acrobat Reader exploit, CVE 2009-4324. Since it was first disclosed back in the middle of December, it has grown even nastier. The Internet Storm Center over at sans.org has a good analysis of one of the current variants.
There are still a couple days before Adobe releases a patch, which will finally be released on Jan 12. Adobe suggests you disable Java support until then. This is not the first time this has happened. What I’m suggesting is that even after this is patched, just keep Java disabled. If you open a PDF file that requires Java support, you could always turn it back on. With so many exploits in the wild, and how long it takes for the anti virus vendors to discover them, this one won’t be fixed for almost a month since it was first disclosed publicly, it’s better safe than sorry. Just disable Java support for good. Here’s how to disable Java support in Adobe Acrobat Reader
quoted from Adobe.com
SOLUTION
Customers using Adobe Reader or Acrobat versions 9.2 or 8.1.7 can utilize the JavaScript Blacklist Framework to prevent this vulnerability. Please refer to the TechNote for more information.
Customers who are not able to utilize the JavaScript Blacklist functionality can mitigate the issue by disabling JavaScript in Adobe Reader and Acrobat using the instructions below:
1. Launch Acrobat or Adobe Reader.
2. Select Edit>Preferences
3. Select the JavaScript Category
4. Uncheck the ‘Enable Acrobat JavaScript’ option
5. Click OK
Customers using Microsoft DEP (“Data Execution Prevention”) functionality available in certain versions of Microsoft Windows are at reduced risk in the following configurations:
All versions of Adobe Reader 9 running on Windows Vista SP1 or Windows 7
Acrobat 9.2 running on Windows Vista SP1 or Windows 7
Acrobat and Adobe Reader 9.2 running on Windows XP SP3
Acrobat and Adobe Reader 8.1.7 running on Windows XP SP3, Windows Vista SP1, or Windows 7
With the DEP mitigation in place, the impact of this exploit has been reduced to a Denial of Service during our testing.
Watch your docs and surf safe
