You are currently browsing posts tagged “Security”

WordPress Brute Force Attacks on non-WordPress Sites

December 1, 2017 // Posted in Computer Tips, General, Main, Tips and Tricks (Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

There are more and more would-be hackers out there that are trying to attack WordPress Sites via a brute force attack on the wp-login.php file that is used on worpress sites to log in to the site.

The problem is that they do not know what are WordPress Sites and what are not so they try connecting to a wp-login.php file on almost every site. This can lead to hundreds of attempts on your non-wordpress by these hackers trying to find a wp-login.php file on your server. Check your server log and you will see all these attempts.

Now if as many people as possible added a wp-login.php to their non-wordpress site re-directing any call to that page back to the IP address that attempted to find it, then these idiots would perform a DOS attack on their own PC,
and stop them sending any more requests.

Here’s how to do it:

Create a file called wp-login.php in your non-wordpress site’s root folder with the following text in it (Your server must be php enabled):

 

 

 

 

Let’s hit back at these idiots together.
Steve

Norton have got it very wrong with WS.Reputation.1 detection

April 15, 2017 // Posted in General, Main, Uncategorized (Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

Norton's WS.Reputation.1 detection Notice

Norton’s WS.Reputation.1 detection Notice

The way Norton’s WS.Reputation.1 detection works is the most ridiculous thing I have ever seen in an anti-virus protection program.

 

If someone creates a new program or a new update to an existing program, and only a few people that use Norton have the file or it has only just been built, then Norton immediately deletes it and reports it as a threat without any checks on the file for malware.

Now if that isn’t ridiculous then I don’t know what is. It means that every new program that is first added to a user’s PC that is running Norton gets flagged as a threat for no reason at all.

Here is an extract from Norton’s write-up:

“WS.Reputation.1 is a detection for files that have a low reputation score based on analyzing data from Symantec’s community of users and therefore are likely to be security risks. Detections of this type are based on Symantec’s reputation-based security technology. Because this detection is based on a reputation score, it does not represent a specific class of threat like adware or spyware, but instead applies to all threat categories. 

The reputation-based system uses “the wisdom of crowds” (Symantec’s tens of millions of end users) connected to cloud-based intelligence to compute a reputation score for an application, and in the process identify malicious software in an entirely new way beyond traditional signatures and behavior-based detection techniques.”

They themselves say that Because this detection is based on a reputation score, it does not represent a specific class of threat , So they think that the file is not necessarily a threat, but delete it any way, just in case! DUH!  That IMO, is not the way antivirus protection should work. It should only identify a real threat that can be proven as a threat, that’s how all other antivirus programs work.

So it sees how many Norton users are using the file and when it was created to make it’s decission? DUH! That means that as it is deleted immediately by Norton, the number of Norton users will never increase so the ‘Reputation’ score will never change. So how can you increase the reputation score?

I myself have recently created a new small program and had this situation with users and have had to refund their purchases because Norton says my installer is a threat. My software is checked by an independent source before distribution with 61 different anti-virus engines and all report they are CLEAN. I have been developing small software applications for 25 years and have never had any issues with my programs they are all malware free and to have Norton now start saying they are a threat is deformation of my character and must be illegal to falsely claim a developer’s products are malicious.

This ridiculous identification is ruining the reputation of small developers as every new program they develop and set up on a PC running Norton, is immediately deleted and flagged as being a threat, when there is no threat at all. Most users will believe Norton and then never take the steps (which are not simple) to get around the Norton false detection.

This needs to be addressed by Norton Now! It is ruining the good reputation of small developers because Norton is saying their software is a risk when it is perfectly safe and no risk at all.

If you are experiencing these issues with Norton please comment below.

regards

Steve

WARNING – Domain Renewals

July 30, 2016 // Posted in General, Main (Tags: , , , , , , , , , , , ) |  No Comments

WARNING! If you get an email about your Domain Renewal that looks something like this below, Ignore it. It Is a Scam. It has nothing to do with your domain expiring or the renewal of it but is a scam to get you to pay for SEO services that will never be provided. Only respond to domain renewal notices from your Domain Host.
These people monitor when domains are expiring and send this notice that looks like it is to do with your domain renewal in the hope that you fall for it and pay them your money.

regards
Steve

PayPal Security changes September 2016

March 25, 2016 // Posted in General, Main, Tips and Tricks (Tags: , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

Important PayPal changes you need to be aware of if you are using PayPal on your site:

 

PayPal are updating their Merchant security in September 2016, and it means that when sending transaction data to an IPN etc it will only communicate with secure connections (https://).

This means that you will need to update any scripts that currently use a non-encrypted connection such as IPN’s and will need to install an SSL on your server, if you do not already have one.

You need to also check that your php server supports HTTP1.1 and OpenSSL1.0.1 or higher:

You can check this using phpinfo:

I hope you find this useful,

regards

Steve

Bye Bye Internet Explorer 8, 9, and 10 next Tuesday

January 7, 2016 // Posted in General, Main (Tags: , , , , , , , , , , , , , , , , , , , , ) |  No Comments

ieMicrosoft is ending it’s support for Internet Explorer 8, 9, and 10 next week on January 12th.

Microsoft will be releasing a final patch and encouraging users to upgrade to one of the company’s more recent browsers (11 or Edge).

The end of support means that these older versions of Internet Explorer will no longer receive security updates or technical support, making anyone who uses them much more vulnerable to hackers.

The last patch will deliver a few bug fixes, as well as announcing the  “End of Life” notification telling users to upgrade to IE 11 or Microsoft Edge. But Windows XP and Vista users will not be able to upgrade to either as they will not work with XP or Vista, more incentive to upgrade XP and Vista installations which have already seen ‘End of Life”.

There are thought to still be several hundred million users using soon to be obsolete versions of Internet Explorer. Those users are about to put their systems into security risk state.

Ransomware Operation Taken Down by Cisco

October 7, 2015 // Posted in General, Main (Tags: , , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

Computer Hi-Jacked?

Computer Hi-Jacked?

A ransomware operation that it is estimated netted $30million a year by installing ransom software on unsuspecting users computers has been disrupted by security researches at Cisco.

The Angler Exploit kit, also known as the hack-by-numbers tool is sold in underground crime forums to people who don’t want to go through the hassle of developing and testing exploits themselves. Angler has the ability to successfully infect an estimated 40 percent of the end users it targets using attack code that surreptitiously exploits vulnerabilities in browsers and browser plugins. In many cases, the security flaws have already been patched, but, in some cases the kits exploit zero-day vulnerabilities for which there is no currently available fix.

A large number of infected users were connecting to servers operated by service provider Limestone Networks. With the co-operation of Limestone and examining some of the servers they found that the single operation was targeting as many as 90,000 users a day.

“This is a significant blow to the emerging hacker economy where ransomware and the black market sale of stolen IP, credit card info and personally identifiable information  are generating hundreds of millions of dollars annually, Talos researchers wrote in a eport about the takedown.

More information at http://talosintel.com/angler-exposed/

My Experiences of Windows 10 and Privacy Issues

August 14, 2015 // Posted in Computer Tips, General, Main (Tags: , , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

The best one yet

‘The best one yet’??

 

Ok, so I have been using Windows 10 for several days now and here are some of the issues I have found.

First of all there is the Windows Updates: When Windows 10 performs updates on close down, you do not get the old familiar Windows 7 messages “Installing Update x of xx, do not switch off your PC”, instead you just get a Black Screen with continuous hard drive activity, and it is easy to just hit the power switch thinking nothing is happening.

Then theres the Memory issues: One of which cause images to become just Black Squares in apps and thumbnails and icons, some browsers just go black when there a lot of images on a page. Now whether this is a Video Card Driver that Win 10 installed, or a memory management problem in Windows 10, I have yet to ascertain,  but I keep getting an error on shutdown that is something like “Access Violation, Memory error, windows is trying to access an invalid memory location”, which I never got on Windows 7.

Then there’s the Privacy Issues:  Some Windows 10 features, such as Cortana and Bing search, continue sending data to Microsoft, even when they are turned off. Some apps and services will communicate with the Microsoft servers, even when you tell them not to by the individual software’s privacy settings.

For example: Windows 10 will periodically send data, purported to be used for OneDrive,  for reasons unknown, even on a local account that isn’t connected to a Microsoft account. Why it is being sent is a mystery.

In at least one case, it has been found that information that can identify the user is also sent.

Cortana, will send data to Microsoft, even if it is disabled, and that data contains a computer ID that allows Microsoft to determine all the Cortana requests from the same computer.

And what’s more some of these connections would connect to Microsoft’s servers through unencrypted channels.

IMO, If you disable these services as you don’t want to use them, then that should really disable them and any data they would transmit.

My Experience of Windows 10 – Part 2

August 8, 2015 // Posted in Computer Tips, General, Main (Tags: , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

 Logging Into Windows 10, Updates and Memory

One thing I do not like about Windows 10, is that many functions require you to be logged into windows using an online Microsoft Account.

  1. I do not want to log in to windows using an Internet based Account.
  2. I do NOT want my personal data stored on a ‘Cloud’ based server.
  3. What happens if it is set to an online account to login and there is no Internet connection.
  4. Why can’t it just log in to the online account just to use that function such as Cortana, which has to have login via the online account?
  5. So Cortana is useless if you have no Internet connection?
  6. There are too many security issues logging in via an online account.
  7. I prefer to log in locally where my data is secure.

Windows 10 is also very memory hungry compared to Win 7, and even with my 4GB USB Ramdisk, is constantly buffering memory to a hard disk cache and has made some apps very slow because of this.

Windows 10 did an update Friday without asking, and I did a reboot of the machine, (that’s how I noticed it was doing something), there was no information that it was happening and on shutdown the screen went black although the hard disk was going crazy, so it was doing something. I left it for 3 hours and the hard drive had stopped being used but the screen was still black, and took a chance and switched off the machine and back on, then I got an opening message ‘Windows is configuring Updates 10%..’ etc and after another hours or so I got the welcome screen. I checked the windows update area and it says all updates were successful.

Not as clean and informative as Win 7.

More to follow

Warning – Do Not Install Winzip Driver Updater

June 27, 2014 // Posted in Computer Tips, General, Main (Tags: , , , , , , , , , , , , , , ) |  No Comments

I received an email today from WinZip asking me to download FREE their driver updater program.

Being a winzip user for many years I thought I would give it a try from what I believed to be a reputable company.

However, I soon found out that they are not as reputable as I thought.

Why? I hear you ask.

1. The download was from their own site, and following the install AVG reported that one of the files in the installation pack was Malware that installs an adware program on your PC called MalSign.Systweak.44F, AVG soon fixed and removed the malware. This is not good from what should be a trustworthy supplier.

2. I ran the program to see what drivers could be out of date, The Winzip Driver Updater reported that all 23 drivers were out of date and needed updating, this seemed a little strange as my PC is relatively new and has only had all drivers installed in the past 8-9 months. I thought I would try updating one of the drivers so I could check the version etc., but I could not as the program said I had to pay for a ‘Full’ version to update any out of date drivers. I therefore decided to uninstall the program as I wasn’t going to pay for software that wanted to update all my drivers.

Once I uninstalled it, I tried windows update to see if they found any drivers out of date : Result – No drivers out of date.

Then I tried AVG’s PC Tune Up and guess what : RESULT – ALL Drivers are up to date.

Then I tried ASC’s (Advance System Care) Driver Booster and again guess what: RESULT – You have the latest drivers – no updates needed.

So it is clear to me that Winzip send you a ‘FREE’ download of a program that no matter what drivers you have, say they are all out of date just to get you to buy a version that allegedly updates those ‘out of date’ drivers’.

This is clearly a scam and not what you would expect from what seems to be a reputable company. They clearly are NOT reputable and this type of practice should be able to be punished in law some way, as it is misleading, makes false claims and  promises and is in my opinion,  fruadulant.

You have been warned – don’t get caught out. Use AVG Pc Tune Up or ASC Driver Booster (FREE) instead.

Steve

 

 

 

 

 

Did you Know that the Internet is Controlled by 14 People with 7 Keys?

March 3, 2014 // Posted in General, Main (Tags: , , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

Keys to the internet

Keys to the internet

From a report by Business Insider.

The Internet Is Actually Controlled By 14 People Who Hold 7 Secret Keys

 

 

This sounds like something out of a James Bond Movie, but it isn’t: The whole Internet is controlled by seven actual, physical keys.

 

It all happens at a ‘Key Ceremony’.

The people conducting the ceremony are part of an organization called the Internet Corporation for Assigned Names and Numbers (ICANN). ICANN is responsible for assigning numerical Internet addresses to websites and computers and translating them into the normal web addresses that people type into their browsers.

 

For instance, type 64.27.101.155 into your browser, and you’ll be taken to Business Insider’s web page. But www.businessinsider.com is easier for people to remember. ICANN maps the numbers (easier for computers to use) with words (easier for humans to use).

 

If someone were to gain control of ICANN’s database, that person would control the Internet. For instance, the person could send people to fake bank websites instead of real bank websites.

 

On the other hand, if a calamity happened, the ICANN database could need to be rebuilt. So ICANN came up with a way to do that without entrusting too much control to any one person. It selected seven people as key holders and gave each one an actual key to the Internet. It selected seven more people to be backup keyholders: 14 people in all.

 

The physical keys unlock safety deposit boxes stashed around the world. Inside those boxes are smart keycards. Put the seven smartcards together and you have the “master key.” The master key is really some computer code, a password of sorts, that can access the ICANN database.

 

Four times a year since 2010 the seven keyholders meet for the key ceremony where they generate a new master key, i.e. a new password.

 

The security to be admitted to the ceremony is intense, and involves passing through a series of locked doors using key codes and hand scanners, until entering a room so secure that no electronic communications can escape it.

 

The group conducts the ritual, then each person files out of the room one by one, and then they all head to a restaurant and party.

See the latest ceremony here: Link to video: Who holds the seven keys to the internet?

%d bloggers like this: