Posts by happygeek

Yep, same here. I've left the thread as it is valid, even though the OP is/was a pretty obvious sig spamming one.

James 2 will be along in a moment to confirm the details, but I understand that to be the case as well (regarding vote flooding)

Let's keep it pleasant, on all sides please...

Users of online banking services are at risk from a new 'in the wild' Trojan, Hesperbot, which has been discovered by the ESET malware research lab.

Researchers have found that infections of users in Turkey are currently most rife, with users in the Czech Republic, Portugal, Thailand and the United Kingdom also falling victim along with smatterings elsewhere. Victims in the Czech Republic, so it would seem, have been hardest in terms of financial loss with ESET claiming that people hit by Hesperbot in this region have "lost significant amounts of money as a result".

Hesperbot is spread using very credible looking phishing emails, with the primary aim of accessing bank accounts and a secondary one of attempting to install a mobile component of the malware on mobile devices running Android, Blackberry or Symbian operating systems.

Hesperbot appears to be quite a sophisticated piece of malware. Although it has the kind of key logger capabilities, desktop screen shot and video capture functionality and remote proxy set-up that you might expect of any self-respecting malware these days, Hesperbot goes the extra mile as it were. Additional tricks include creating a hidden VNC server on the infected system, and the addition of network traffic interception and HTML injection capabilities.

Researchers say that while the functionality is similar to Zeus or SpyEye, both banking Trojans that have been around for some time, Hesperbot introduces significant implementation differences and as such is a brand new malware family rather than just a new variant of …

Typo in original posting corrected, said month when I meant 12 months. Bit of a brain fart :)

A Freedom of Information request from staff at the UK offices of the Huffington Post has revealed, according to a BBC report on the story, that more than 300,000 attempts were made to access pornographic websites from the Houses of Parliament during the last 12 months. Of course, just looking at the headlines or even the figures quoted in the stories that follow them doesn't always reveal the bigger picture. Often, sadly, all you are left with is something of a blank canvas.

The original Huffington Post story reported how authorities had "acknowledged that users of the Parliamentary Network servers, including both MPs and their staff, have repeatedly attempted to access websites classed on Parliament's network as pornographic". It also went on to note that officials had explained the figures were 'inflated' by websites which automatically refreshed, and pop-ups and pop-unders, along with embedded images or video, could also increase the access attempt numbers greatly. Perhaps most confusing, and making the whole investigation somewhat pointless, was the fact that parliamentary officials refused to define what the servers classified as pornographic in the first place, and refused to do so on the good old get out of security grounds.

Philip Lieberman, CEO of security outfit Lieberman Software Corporation, reckons that the officials are right in that regard at least: pornography is a security issue. "Porn sites as bait, has been a long time vector of malware and those that seek to gain surreptitious access to systems" he says, continuing …

I wouldn't worry about it too much. Your overall post rating is 69% and you have 18 members who have uprated you compared to just 2 that have downvoted. If it keeps up, let us know and we will monitor the situation but, to be honest the anonymous nature of the post rating system (as opposed to the reputation system) makes it difficult to do much about it. Chances are you have annoyed (possibly downvoted) someone immature and they have responded by hitting the downvote button a few times. I

It's a bit of a moot discussion courtesy of the fact that you also included an obfuscated spam link, to your own blog, using keywords in the posting - and a Google search found large chunks of identical text, not just some similarities...

And don't cut and paste another article that's already all over the Internet, add your own site link into it, and then post it here...

It might not have been the purpose, but it will inevitably be the result :)

Seems fine here.

Adding a 'favourite link' to everything posted is, if you think about it, just spam. Links are allowed in your signature, but read the rules about ensuring your posts have substance and are in context rather than just being vehicles to promote that signature. Likewise, links are allowed in posts of they are genuinely helpful in the context of the thread (answering a question, providing help etc) rather than just being used as an opportunity to plug something you are connected with. It really isn't that difficult to grasp, to be honest, and the vast majority of members do get it. As I said when I unbanned you, make sure you read and absorb the rules and you will be welcomed into the community here with open arms Kamrul.

And, of course, if the OP has read the rules he/she would understand that they should not ask for help to pursue any illegal activity including, but not limited to, hacking and spamming...

Java vulnerabilities have hardly been out of the news during the last year. Here at DaniWeb we've covered a number of the stories as they surfaced: Java in the cross-hairs: the security debate rolls on, Is Java 7 still insecure? Oracle Patch doesn't fix underlying vulnerability, Update my insecure Java plug-in? Meh, say 72% of users and WARNING: New zero-day for Java 6u41 and Java 7u15. It's the latter two that are pertinent as to why I'm covering the whole Java exploits story again. It would appear that the CVE-2013-2463 vulnerability in the Java 2D subcomponent is still problematical, even though it was addressed in an Oracle patch for Java 7 back in June. Why so? Those previous stories give the clue: updating an insecure version of Java. In this case, Oracle has admitted that the same vulnerability exists for Java 6 but as it went end of life in April 2013, it's no longer supported and that means no patch.

This is what Wolfgang Kandek, CTO of Qualys, calls an implicit zero-day vulnerability. Think of this as being where a vulnerability is known but there is no available patch to prevent its exploitation. No surprise then, that security vendors have seen this Java 6 zero-day exploit in the wild and even, according to F-Secure, an inclusion for it in the Neutrino exploit kit. The trouble being, as Qualys points out, that instances of Java 6 installations are …

Code tags removed by me for clarity, not that it helps much :)

Dani, profanity filter posts it as scunthorpe as it sees something after the s and before the h. I'm trying not to spell it out here, but:

S C U N T H O R P E :)

I only emailed him this morning...

Dani, you may want to do the same for some others. Daniweb is currently doing the same thing that AOL did in 1996 and filtering S C U N T H O R P E as being profane, when irt is actually just a rather run down town in Lincolnshire here in the UK.

Scunthorpe! Revealing my age here, as I can recall when AOL filtered the town as being profane and prevented people joining from there :) Must have been 1995/1996 or thereabouts...

[later] Look, we do the same!!! The town is S C U N T H O R P E in Lincolnshire.

I've sent him an (off DaniWeb) email to check he's OK and let him know people are missing him.

FireEye Labs has released a set of tools with the sole purpose of helping organisations detect and examine infections by the Poison Ivy RAT. Cleverly called Calamine, this collection of free tools promises to give security professionals the opportunity to identify the indicators of a Poison Ivy attack including the process mutex and password, decoded command and control traffic and a malware activity timeline.

By connecting these facets of the attack, and correlating them with multiple attacks displaying similar identifying features, FireEye hopes that the bad guys can be better profiled and combining big-picture intelligence with granular evidential detail organisational IT defence can be enhanced.

Now you might be thinking that Poison Ivy is old news, after all this particular Remote Access Trojan is not only considered the stuff of script kiddie n00b hackers but at eight years of age it's also been around long enough to be well and truly in the detection radar. Yet FireEye Labs research suggests quite the opposite, having discovered it to be at the heart of such big breaches as a RSA SecurID data attack in 2011 and insisting it has evidence of Poison Ivy being involved in "hundreds of attacks" that target very high profile enterprises.

Attacks involving several ongoing nation-state threat 'actors' identified by FireEye such as:

• admin@338: Active since 2008, this actor mostly targets the financial services industry. FireEye has also observed activity from this actor in telecom, government, and defense sectors.
• th3bug: First detected in 2009, FireEye …

Why now using a different account? Admins can see the IP address you know...

I interviewed a bug hunter at the end of last year for PC Pro magazine, so you might find some of what he had to say of interest. The interview is here, and a broader feature about zero-day bounty hunters is here.

The AR.Drone is what is known as a quadricopter device, and the Parrot drones are probably responsible for kick-starting the whole consumer drone industry. Unpacking the box you immediately notice how light it is, and how little you get by way of stuff to assemble or plug-in. Beyond the couple of hulls, one for indoor use (it has rotor damage protection) and one for outside, the battery packs and the charger, there's precious little else. Well, you get some stickers for playing augmented reality and target games, and rather worryingly some double sided tape for making repairs to the drone itself. There's no remote controller to pilot the drone, for that you use your smartphone or tablet. In my case I used an iPad with the relevant piloting apps from the App Store, but there are apps for Android available from Google Play as well.

Stick the bits together, fire up the app and start flying. It really is as simple as that. The AR.Drone uses Wi-Fi for piloting control, which provides an effective range of about 50 meters or 165 feet and comes with a built-in stabilization system to make flying as easy as possible. The addition of a 1280x720 HD camera for taking both stills and recording video adds enormously to both the fun and function of the drone and elevates it above being just a toy. As well as the recording capability, you also get real time video feedback through your smartphone …

I'm sure everyone would like to join me in welcoming the newest member of the DaniWeb moderating team, and a much deserved appointment it is too:

JorgeM

Yay! BitBit is back.

Within days of the New York Times website suffering an outage which was widely reported as being down to another cyber attack, although the NYT itself insists it was actually an internal issue following system maintenance, media sites belonging to CNN, Time and the Washington Post have been attacked by the Syrian Electronic Army (SRA) in support of President Bashar al-Assad. All three sites concerned apparently used a single link recommendation service called Outbrain, and it seems that a social engineering attack there led to the successful breach.

Outbrain announced yesterday that "we have fully secured the network and resumed service. If you have additional questions about the incident, please do not hesitate to contact us" and stated that it would be "compiling a fuller brief on the episode to share with anyone who would like more information. If you want to receive the brief, please email publishersupport@outbrain.com".

The Washington Post has apparently also come under attack using targeted social engineering and advanced phishing tactics earlier in the week, before the Outbrain plug-in breach, and the SEA had some success in compromising account password security. Managing Editor Emilio Garcia-Ruiz admits "the attack resulted in one staff writer’s personal Twitter account being used to send out a Syrian Electronic Army message." The SEA have had quite some success in compromising the social media accounts of the media, with the New York Post also seeing Facebook and Twitter accounts posting similar messages.

Darien …

Just a heads up, noticing a small number of duplicate posts with the same time stamp since the changeover (only mentioning it as it's pretty rare otherwise - this is not an epidemic, just a handful of doubles) - see http://www.daniweb.com/members/1087776/Aiswarya1/posts for example.

Interestingly, I note there's also a bit of lag with the system catching up to what's happening after something is deleted: delete one of the duplicates and it still shows in the forum thread display even though I have refreshed it - for between 10 and 30 seconds. Wonder if this display lag is causing people to double post, thinking they have not successfully posted in the first place?

Yep :)

Fast food chain KFC has had more than its fair share of Kentucky Fried WHAT? myths busted over the years. However, some of the stories turn out to be genuine such as the breaded and deep fried kidney that was discovered by Ibrahim Langoo in a KFC in Colchester, England recently.

I was therefore intrigued to learn that a worm had been found inside a KFC product. When I spotted that the press release detailing this came from the PR people at Internet security specialists McAfee I kind of started to realise that this was no food story, but rather an IT one. But that doesn't make it any the less disturbing, just disturbing from a different angle.

Yep, the labs team at McAfee have identified a Windows worm residing in each Android device that has installed the ‘KFC WOW@25 Menu’. McAfee insists that although the malware poses no security danger for Android devices, the same application has been proven to be dangerous to other mobile and PC platforms and as such is of concern.

Apparently, the generic 'Malware.og!ats' worm was found to be embedded within an APK file and replicates itself via network shares. Although there is no auto-execution option for the malware itself on a Windows PC, McAfee warns that a user could run the malicious application by opening the APK (in Zip format) and then running the program.

OK, so it's a bit of a stretch that this worm is going to do …

Not the most desperate bug to fix, after all the pop-up notification is working when you first log in so members will see if they have new PMs at the start of a session, just not throughout a session.

Nope, the message count doesn't update on the top toolbar (Articles Watching | Private Messages | Log Out) - I have your unread PM but no notification that it has arrived unless I check ther inbox itself.

Send me a PM and I can confirm if notifications are working here or not. I may have just missed the message count on the toolbar this morning, what with the new interface and all. I read my inobx as a first action on DaniWeb, so it's clear at the moment.

It has happened a couple of times during the last week, appeared then disappeared. Put it down to something you were doing with testing the new site. Can't be more specific though, sorry.

The pop-up notification box re-appeared today with the new site launch but the actual message count in the top menu bar still appears to be AWOL.

Dani, really loving the new look. It's freindly and welcoming, and importantly encourages contribution. For example, the 'be the first to reply' button is a great idea. I've not checked it out on the iPad yet, so may come back with a bit more negativity after that :)

At the moment, the only design downside would be the rounded/square mix. I agree with those who have already commented on this, one or the other but not both should be the order of the day. I'm all for a little anarchy, but this particular mix just leaves me reminded of the first time someone got to play with DTP software unsupervised ;)

Could be related to current system tweaking efforts, but just in case: PM notifications are broken on-site. Email notifications coming through OK, but there are now no indications on-site of new messages without actually dropping into the Private Messages section itself.

Hello and welcome

Welcome!

Goodbye more like, payday loan spammer

Looking increasingly like b...

Was that:

a) a failed attempt to ask a question

or

b) a failed attempt to post some spam

???

I are agree with that :)

Create some software that will randomly suggest titles for final year projects.

The whole culture of Bring Your Own Device (BYOD) in the workplace has reignited the mobile device security debate. Although there are many ways to protect data, the first line of defence when a mobile device (be it a tablet or smartphone) is lost or stolen is almost always going to be a password of some kind. I'm not going to get into the relative merits of PINs and passwords against more robust methods of data protection, that's for another time, instead let's just focus on the use of passwords. Have you ever wondered how many people are actually using them at all, how many businesses require their BYOD employees to password protect them at the very least?

Fibrelink secures more than a million business devices worldwide, and has tapped into the data it gets from these to examine password usage in the enterprise and provide some answers to those questions. Unfortunately, the answers are not particularly comforting on the whole. The data reveals, for example, that the majority of businesses still only require a weak password and a surprising number require none at all.

OK, so how was the data obtained? Well, the password information was determined by analysing a random sampling of 1,000 of Fiberlink’s 5,000 customers or, put another way, 200,000 or so of the one million smartphones and tablets under Fibrelink management. A simple password was defined as being either a PIN or a string of letters, whereas a complex one contains a combination …

The Onion Router, better known as the Tor Network, is often thought of as being the dark-side of the web. Not least as the anonymity provided by Tor meant that sites hosted on so-called hidden service servers were free to trade in just about anything from drugs and guns through to child pornography. In amongst the depravity and illegal excess, of course, were political activists and dissidents looking for an online safe haven in order to escape persecution, prosecution and potentially death. Revelations that the FBI would appear to have been behind the takedown of Freedom Hosting, apparently responsible for a bunch of hidden services which included alleged child pornography image servers, could be very bad news indeed. Not just for drug dealers, arms dealers and paedophiles but for anyone who has relied upon the multi-layered and encrypted onion network to retain their anonymity.

Reports as to the extent of the FBI operation fallout on the Tor Network vary, with some claiming as many as half of all Tor sites could have been compromised as a result. And that includes The Silk Road. This infamous site, only accessible through a Tor connection using the Tor browser, has been the online underground drugs marketplace of choice for some years now. Indeed, IT security investigative journalist Brian Krebs recently documented how cybercriminals had used The Silk Road to purchase heroin and have it sent to his home address in a failed attempt to frame him …

DaniWeb rules quite clearly state: Do not ask for help to pursue any illegal activity including, but not limited to, hacking and spamming.

Please think carefully before going any further down this line of questioning, Arnel.

So, while I was away from the office last week a parcel arrived. A parcel containing the latest incarnation of the Parrot AR Drone for me to review for DaniWeb. Not mine to keep, just to play with for a few days. Which is probably just as well because, to be absolutely honest, I can't think of what the heck I would use it for beyond the obvious filming of people in their gardens or through the bedroom window.

What would you use an iPad controlled drone, complete with HD video recording, for?

(DaniWeb review will appear in a week or so, once I've exhausted the 'what can I do with this thing' possibilities)

You are lucky, it is twistin' my melon.

Well that's a really clear question. Not.

If you are asking for a commercial activation code for a product you have illegally downloaded instead of purchased, then not only can we not help you, we will not help you and your request is in breach of DaniWeb rules.

If you are asking something else, then you really are going to have to go back to your keyboard, engage your brain this time, and try again...

W? T? F?

Seriously...