ShyWriter
-
Posts
5,501 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by ShyWriter
-
-
.
You need to read the EULA that came with your software. It's the LICENSE.RTF file in the main Malwarebytes Anti-Malware directory. You had to AGREE with its terms when you did the install or the install would have ceased.
I think this part of the EULA might cover it.. even for the older versions..
2. Ownership. Each copy of the Software is licensed, not sold. For purposes of this Agreement, the terms “purchase,” “sell” and like terms refers to purchase or sale of a license to use the Software and not to a purchase or sale of title to or ownership of any rights or other interests in the Software. You own the media on which the Software is recorded, but you acknowledge and agree that Malwarebytes retains ownership of the Software itself and any related data or databases used by Malwarebytes or the Software (the “Database”), including all intellectual property rights therein. The Software and Database are protected by U.S. copyright law and international treaties. You will not delete or in any manner alter the copyright, trademark, and other proprietary rights notices or markings appearing on the Software as delivered to you. Malwarebytes reserves all rights in the Software and Database not expressly granted to you in this Agreement.
Steve
-
Weird.. since you changed the server IP, putting keepsthelightson.vpsboard.com in VT to do an analysis takes one to the admin page of the server (keepsthelightson.vpsboard.com) for login.?
I'll stay out of this as I haven't a clue.. I just showed what the user that originally complained to you was seeing.. Which is no longer the case.
Sorry for any insinuations my original research showed.
Malwarebytes actually is fairly fast in resolving these problems.
Steve
Who may one day learn to stay out of other peoples' business.
-
It appears that malwarebytes is triggering a false positive on our ad-server, keepsthelightson.vpsboard.com . No malware has been detected and information regarding the warning as provided to me by a forum member is less than helpful.
You are correct on being blocked. VT scan shows 0/63 *but* NoScript has a hissy fit along with MBPro.. Plus you are on 3 DNS Blacklists as a SPAMMER. (This is only research I did; I don't work here so don't yell at me
)See attachments:
Just an FYI,
Steve
-
.
‘Like Cutting Off a Limb to Save the Body’
Brian Krebs | 3 August 2015
This author has spent many years chronicling the exploits of black hat spammers who use hacked computers to relay junk email. But I’ve dedicated comparatively little time delving into ways of email marketers who technically follow U.S. anti-spam laws yet nevertheless engage in spammy practices. The latter is able to ply their trade because there are thousands of Internet hosting companies operating on thin profit margins that are happy to host spammy but lucrative clients. This is the story of how one hosting company heroically kicked out all of its email marketing customers at great expense and ended up building a stronger, more profitable company in the process.
A serial entrepreneur as a young teenager, Peter Holden founded several online companies by the time he turned 20 and started Tulsa, Okla.-based hosting firm HostWinds. The company grew modestly but steadily — relying on more than two dozen servers and bringing in revenues of about $15,000 per month.
That is, until Holden got his first email marketing client who offered to double HostWind’s monthly income in one day.
“I remember driving down from Tulsa to Oklahoma City to visit this client,” said Holden, now 25. “It was July 2012, and it was super hot in the car because I didn’t have air conditioning. But I remember thinking it was really cool to have a client who was local and interested in using our services.”That one client’s business would not only double HostWind’s income, but it gave the company much-needed funds to invest in building out the firm’s technical infrastructure. Good thing, too, because the email marketing client soon referred more e-mailers to HostWinds, which was forced to petition the American Registry for Internet Numbers (ARIN) for thousands of additional Internet addresses to accommodate its new clientele.
“Fast forward about two years, and we now have a lot of mailers on our network,” Holden said. “Throughout all of this, one client introduced me to another client, and another.”
All of them swore up and down that they were following U.S. anti-spam laws to the letter. The CAN-SPAM Act was intended to make it more expensive and difficult for email marketers and spammers to send unsolicited junk email, but critics say it is essentially toothless and rarely enforced. Under CAN-SPAM, commercial emails can’t be spoofed (i.e., the address in the “from;” field can’t be faked or obfuscated), and the messages must give recipients a simple way to opt-out of receiving future missives.
“Legally speaking, we didn’t have any client on our network who broke the law. My dad was a lawyer and we’d routinely terminate anyone who violated our policies,” Holden said. “Ultimately, I think the fact that these clients were able to pay their bills on time — and their bills were massive — gave them some sort of air of legitimacy.”HOW MANY SPAMS CAN A SPAMMER SPAM IF A SPAMMER CAN-SPAM SPAMS?
From the perspective of anti-spam groups, the main problem with the CAN-SPAM act is that it doesn’t require marketers to get opt-in approval from people before spamming them. Also, many large-scale junk email operations are not too dissimilar from spam campaigns run by cybercrooks — except instead of routing the mail through PCs that have been seeded with malware, commercial emailers send email from huge numbers of distinct Internet addresses that they rent from a vast network of hosting companies. (More:)
Read the rest at: https://krebsonsecurity.com/2015/08/like-cutting-off-a-limb-to-save-the-body/#more-31399
Steve
-
UUUUMmmmmm... Anybody think it's more Big Brother with M$ keeping your network password "encrypted" somewhere in their cloud if you *DO* allow access??
Shy
-
.
Compliments of Wiley Miller:
Steve
-
.
It was only a matter of time before someone would figure out how to hack TrackingPoint's Wi-Fi-connected smart rifle.
TrackingPoint makes an expensive smart rifle that easily lets novices hit targets a half mile away. It lets you digitally "tag" a target, then locks the trigger until the gun is perfectly positioned to nail it. And it connects to smartphones or tablets so a buddy can view what the shooter sees in the scope.
Now, two security researchers have discovered software flaws in the computerized rifle. Anyone near enough for a Wi-Fi connection to a rifle can remotely tinker with controls.
In the worst case, a hacker could force a police sniper to miss while shooting directly at a hostage-taking criminal -- and hit the hostage instead. Or a hacker could simply lock the rifle's controls, rendering it useless.(More)
Read the rest and see the video at: http://money.cnn.com/2015/07/29/technology/hack-smart-rifle
Steve
-
.
Windows 10 Shares Your Wi-Fi With Contacts
Brian Krebs | 29 July 2015
Starting today, Microsoft is offering most Windows 7 and Windows 8 users a free
upgrade to the software giant's latest operating system -- Windows 10. But
there's a very important security caveat that users should know about before
transitioning to the new OS: Unless you opt out, Windows 10 will by default
share your Wi-Fi network password with any contacts you may have listed in
Outlook and Skype -- and, with an opt-in, your Facebook friends! (More)Read the complete article at: http://krebsonsecurity.com/2015/07/windows-10-shares-your-wi-fi-with-contacts/
Steve
Edited to repair link
-
Thanks Steve
Some people have a lot of free time on their hands debugging all this code looking for flaws.
Heck Ron.. I don't even have to go looking for bugs.. They always seem to find me first!
On a serious note tho' I've always wished I had the skills of a master hacker (whitehat; of course) and do that kind of stuff. Kind of like Tsutomu Shimomura who caught Kevin Mitnick. (Or Walter Obrien of Scorpion Computer Services - TV show SCORPION is very loosely based on his real life)
Steve,
The master cracker (Saltine® with sea salt, of course)
-
.
Oh Gosh! Four Zero Day Vulnerabilities Disclosed in Internet Explorer
Friday, July 24, 2015 Swati Khandelwal
How many Zero-Days do you think could hit Microsoft today? Neither one nor two; this times its Four.
The Hewlett-Packard's Zero-Day Initiative (ZDI) has disclosed four new zero-day vulnerabilities in Microsoft's Internet Explorer browser that could be exploited to remotely execute malicious code on victim's machine.All the four zero-days originally were reported to Microsoft, affecting Internet Explorer on the desktop. However, later it was discovered that the zero-day vulnerabilities affected Internet Explorer Mobile on Windows Phones as well.Each of the four zero-day flaws affects different components of the browser, and all are remotely... (More)Read the rest at: https://thehackernews.com/2015/07/internet-explorer-browser.htmlSteve -
A reminder to all as I still get PMs for posting updates, etc, to the Software Forums.
Altho' I am still shown as Forum Leader in those forums, I resigned the position of Software Updater almost a year ago and cut all ties to the remaining Moderator as well as the Forums.
Anything you find there that is wrong, broken or not updated needs a PM sent to hayc59 *directly* as I am simply a regular member with no "powers" to change/update anything nor does the PM section have a "forward PM" function.
Thank you,
Steve
-
-
.
Adobe to Patch Hacking Team’s Flash Zero-Day
Brian Krebs | 7 July 2015
Adobe Systems Inc. said today it plans to issue a patch on Wednesday to fix a
zero-day vulnerability in its Flash Player software that is reportedly being
exploited in active attacks. The flaw was disclosed publicly over the weekend
after hackers broke into and posted online hundreds of gigabytes of data from
Hacking Team, a controversial Italian company that's long been accused of
helping repressive regimes spy on dissident groups.(More...)
Read more at: http://krebsonsecurity.com/2015/07/adobe-to-patch-hacking-teams-flash-zero-day/
Steve
-
.
Hackers Exploit Zero-Day Magento Vulnerability to Steal Your Credit Cards
Monday, June 29, 2015 | Swati Khandelwal
Hackers are increasingly exploiting an unknown flaw to siphon payment card information from e-commerce websites that use Magento, the most popular e-commerce platform owned by eBay.
Security researchers at Sucuri are still investigating the attack vector, but they believe that cyber criminals are injecting malicious code into the Magento core file or some widely used module/extension in order to steal payment card data. (More...)Read the rest at: http://thehackernews.com/2015/06/magento-hacking.htmlSteve -
.
Crooks Use Hacked Routers to Aid Cyberheists ...
Brian Krebs | June 29, 2015
Cybercriminals have long relied on compromised Web sites to host malicious software for use in drive-by download attacks, but at least one crime gang is taking it a step further: New research shows that crooks spreading the Dyre malware for use in cyberheists are leveraging hacked wireless routers to deliver their password-stealing crimeware.
Ubiquity Networks airRouter
Dyre (a.k.a. “Dyreza”) is generally installed by a downloader Trojan that is flagged by most tools under the name “Upatre.” The latter is most often delivered via malicious e-mails containing a link which directs unsuspecting users to servers hosting malicious javascript or a basic redirection to a malicious payload. If the user clicks the malicious link, it may serve a bogus file — such as an invoice or bank statement — that if extracted and opened reaches out to an Upatre control server to download Dyre.
According to a recent in-depth report from Symantec, Dyre is a highly developed piece of malware, capable of hijacking all three major web browsers and intercepting internet banking sessions in order to harvest the victim’s credentials and send them to the attackers. Dyre is often used to download additional malware on to the victim’s computer, and in many cases the victim machine is added to a botnet which is then used to send out thousands of spam emails in order to spread the threat. (More..)Read the rest at: https://krebsonsecurity.com/2015/06/crooks-use-hacked-routers-to-aid-cyberheists/
Steve
-
Hi again,
Wisdom-soft Screenhunter pro / free won't be removed any more once the tool is updated to 7.2.0 (soon)
Thank you for your reply, Filipos,.. and fix to JRT..
Cheers,
Steve
-
.
A Busy Week for Ne’er-Do-Well News...
Brian Krebs | 27 June 2015
We often hear about the impact of cybercrime, but too seldom do we read about the successes that law enforcement officials have in apprehending those responsible and bringing them to justice. Last week was an especially busy time for cybercrime justice, with authorities across the globe bringing arrests, prosecutions and some cases stiff sentences in connection with a broad range of cyber crimes, including ATM and bank account cashouts, malware distribution and “swatting” attacks.
Ercan Findikoglu, posing with piles of cash.
Prosecutors in New York had a big week. Appearing in the U.S. court system for the first time last week was Ercan “Segate” Findikoglu, a 33-year-old Turkish man who investigators say was the mastermind behind a series of Oceans 11-type ATM heists between 2011 and 2013 that netted thieves more than $55 million.
According to prosecutors, Findikoglu organized the so-called “ATM cashouts” by hacking into networks of several credit and debit card payment processors. With each processor, the intruders were able to simultaneously lift the daily withdrawal limits on numerous prepaid accounts and dramatically increase the account balances on those cards to allow ATM withdrawals far in excess of the legitimate card balances. (More...)
Read the rest at: https://krebsonsecurity.com/2015/06/a-busy-week-for-neer-do-well-news/
Steve
-
So after doing my scan i found the trojan named localcytozko_Zg.exe and im wondering if anyone recognizes this? If so do you know if its a R.A.T. or a keylogger? And if it is a keylogger is there anyway to locate the text documents?
Go to Virus Total and upload the actual file to their scanner. ( https://www.virustotal.com/en/ ) The random name is irrelevent as 56+ anti-virus engines will do a complete scan and tell you if it's good or bad.
Steve
-
Here's a larger version Pete:
A Firefox extension called THUMBNAIL ZOOM PLUS comes in very handy for situations like this..
Steve
-
Not particularly fond of JRT as there are no user options, that is it does not give you any control on what it deletes. In my mind this is a not good as the user should have control over what any program deletes from their system. Hopefully the MBAM guys will remedy this and make it an even better tool.
Amen.. It did a great job on my whole system until it deleted my paid version of Wisdom-soft SCREENHUNTER 5.1 Pro (the program I use to screen clip photos for various reasons) Thankfully I still has a backed download of the original program, *Phew* ,big time.Perhaps the program can generate a list of the PUPs, allow the user to check/delete in a text file, then run the JRT which uses the now generated file to only delete those on the list.. Just a thought because I'll never use it again... as is..
Steve
-
Thanks everyone for the warm welcome.. I'm not sure how often, or how much, I can participate but my days of 8-12 hours a day on the forums is long gone. I'll try to visit when I can and I hope when I do visit I can offer something of value.
Thanks people/friends,
Steve
-
.
By Charlie Osborne for Zero Day |
June 24, 2015 -- 16:03 GMT (09:03 PDT)
Symantec
A security researcher has casually revealed 15 vulnerabilities which impact on Microsoft Windows and Adobe Reader.
On Tuesday, Google Project Zero hacker Mateusz Jurczyk outlined a total of 15 critical vulnerabilities discovered within font management systems.
The research, also presented at the REcon security conference in Montreal in a talk called "One font vulnerability to rule them all: A story of cross-software ownage, shared codebases and advanced exploitation," (.PDF), reveals a set of nasty remote code execution and privilege escalation flaws which can be exploited through Adobe Reader or the Windows Kernel.
Jurczyk discovered a number of low to critical-severity security flaws, but the worst two, CVE-2015-3052 and CVE-2015-0093, which exist in both 32-bit and 64-bit systems, are found within the Adobe Type Manager Font Driver. (more...)
Read the rest at: http://www.zdnet.com/article/security-researcher-casually-drops-adobe-reader-windows-critical-vulnerability-bomb
Steve
-
Don't be winking at me boy :-) haha Hope life is treating you well there Steve. Please drop by any time
Ron
Hey sailor; new in town??
I think you still owe me a box of
/K
-
Hey, stranger!
Welcome back!
Don't be a stranger!
Cheers,
Thanks DD.
You know me; last time I didn't read everything before I questioned it I wound up doing 8 years in the USAF.. *grin*
I'm around but between viewing 3-6 years of a TV series at a time on NETFLIX or SHO-GO or HBO-GO or Amazon Prime and reading my eyes out, I'm turning into a vegetable. *snort* (i.e.; couch potato)
I miss you "guys" (G, D & R) but don't miss a few others.. *wink*
Cheers.. and see you in another 8 months..
Steve
)
Take your mind off Win10; See a hacked rifle track you by phone
in General Chat
Posted
@DD,
They now make bullets that can penetrate duct tape as well as Saran Wrap, even if used together..
@FF
I've seen that particular rifle setup in several action movies.. It's sweet.. And if you have enough enemies, well worth the $27,000.
*grin*