Security

Shop-2009.com Spam

Yesterday I received this email from my wife’s hotmail account:

Dear friend:

       how are you doing recently ? I would like to introduce you a very good company which i knew.They can offer you all kinds of electronical products which you need, such as motorcycles, laptops, mobile phones, digial cameras, TV LCD, xbox, ps3, gps, MP3/4, etc. Please take some time to have a look at it,there must be something you’d like to purchase.

the website:     shop-2009.com

Their Email:     shop09@188.com

Hope you have a good mood in shopping from their company!

Actually this spam was sent to everybody in her contacts.

I did let her know that someone got access to her hotmail account and urged her to change the hotmail password.

An hour later she told me that when she tries to sent an email the same text appears in all her messages.  After further investigation, it was obvious that the message was in her mail signature.

How to change your Live Hotmail signature.

What happen is that my wife logged on someone else computer that had a key logger, and her hotmail identity was stolen.  She is lucky that her password wasn’t change.

I took following steps to make sure that my wife’s account doesn’t have any foreign fingerprints left.  Please let me know if you think that I missed something.

  1. Changed Password.
  2. Changed the secure question and the secret answer.
  3. Made sure that there’s no alternate e-mail addresses that we don’t recognize.
  4. Made sure that there’s no mobile number and PIN we don’t recognize.
  5. Made sure that we recognize all emails in “Send and receive mail form other e-mail accounts section.
  6. Made sure that our “Vacation reply” wasn’t tempered.
  7. Removed tempered signature.
  8. Made sure that Reply-to address wasn’t tempered.
Advertisements
Security

Run Windows Malicious Software Removal Tool manualy.

Every month on second Tuesday Microsoft releases security patches, also known as Patch Tuesday.  Part of these patches is Windows Malicious Software Removal Tool.  This tool scans computers for malicious software and helps remove any infection found.

This tool runs in the background once a month and displays report only if any harmful software is found on your computer.  Many people have no idea that they have this protection in addition to their Anti-virus software.

What I want to share with you is that you can run this tool any time you want. 

Just type MRT in your Run dialog box or Start Search (on Vista only). 

My favorite way to lunch Run dialog is Win+R key combination.

MRT-Run

I believe that when this tool is ran by the system it does a Quick scan.  However, when you run it manually, you have a choice of Quick scan, Full scan, or Customized scan.

MRT-scanType

I would recommend to run Full scan at least once.  It even will look in your zip files and email attachments that you’ve never opened.  It might take a long time to run.  It took more than 10 hours on my system.

Keep your machine safe.

 kick it on DotNetKicks.com

 

Security

Is Logitech Harmony remote secure?

On April 8th, Adobe announced that Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier have security vulnerabilities.  They strongly recommend that you users upgrade to the newest version 9.0.124.0.

Thanks to Secunia PSI application (read my previous post), I have the latest patched.  However, I realized that latest Logitech Harmony Remote software uses Macromedia Flash Player 8.0.22.0.  If you have this software, you can find it in Program Files\Logitech\Logitech Harmony Remote Software 7\gre\plugins\NPSWF32.dll.

It’s not that bad because you don’t browse the web with their application but I still don’t feel very comfortable  by having insecure DLL on my PC.

First time I heard about (actually read about) Logitech Harmony remote control it was on Scott Hanselman blog about three years ago.  However, only few months ago I finally decided to spend some money for my Harmony 880 remote.  I love it and don’t regret a bit.

Security

Am I patched?

Do you wish to have a tool that tells you when one oroverview more of your applications have a security vulnerability, and help you install the updates that you need.

Well, you’re in luck! The very tool you need is Secunia Personal Software Inspector (PSI). You can download it from here.

Another good thing about it that it’s FREE. Actually Personal Edition is free! If you need a Business Edition, you’ll pay $32.76 per host / year. To buy / try the Business Edition go here.

I already installed Secunia PSI on all my computers. I thought that all my software were patched, yet, it turns out that I was wrong. This application downloaded and installed updates I needed.secunia_settings

By default Secunia PSI is loaded on every boot. If you like me and want to lunch it manually in order to save RAM for other needs, go to Settings and uncheck ‘Start the Secunia PSI on boot’ check box.