|
Post by What Hat on Apr 6, 2014 11:30:02 GMT -5
Has anyone had a popup asking them to update JAVA today? The one I just got was definitely malevolent. I quickly exited the tab to which my browser took me.
|
|
|
Post by What Hat on Apr 6, 2014 11:39:30 GMT -5
Here is more information .. support.proboards.com/thread/507268/java-updateAccording to this support thread, this is malware, pretending to be a JAVA update, and appears to be coming in through one of the banner ads. A few other proboards sites have been hit with this.
|
|
|
Post by snow on Apr 6, 2014 13:38:55 GMT -5
Thanks What Hat. The other day a friend of ours turned on his laptop and had a red screen with a message that they were holding all his files hostage and he had pay them a fee to get them back. A lot of downtown Calgary businesses seem to have been hit with this one. It appears to be very difficult to get into your computer and even after it's been accessed and the files returned, it is not rid of the virus. There have been people getting only some of their files back and then they are asked for more money to get the rest of them. Also, the computer guy that worked on our friends laptop took 2 hours just to get into the computer in order to clean it and it still wasn't right. Have you run across this one?
|
|
|
Post by StAnne on Apr 6, 2014 13:39:40 GMT -5
Thanks for the warning!
|
|
|
Post by faune on Apr 6, 2014 13:50:09 GMT -5
Has anyone had a popup asking them to update JAVA today? The one I just got was definitely malevolent. I quickly exited the tab to which my browser took me. What Hat ~ Not that one, but an ad that said it could speed up your computer 4X and I accidently hit the button in trying to get out of the window. Within minutes my laptop was crawling with all kinds of nasty viruses and I had to take it into the shop to get it thoroughly cleaned. There were over a 1,000 malware viruses introduced accidently from that hit of the button and it resulted in a costly repairs for me. That was just last week, too! I'm usually very careful about things popping up and hopefully I won't make that mistake again any time soon?
|
|
|
Post by snow on Apr 6, 2014 15:14:24 GMT -5
I just got that invitation What hat. I just hit the return to last page button and got out of it. There is no close button on it that I could see so people will likely click on it to get rid of it and that will be how they get you.
|
|
|
Post by Mary on Apr 6, 2014 16:18:54 GMT -5
I was just now able to log into this site and other proboard sites for the first time in 3 days.
|
|
|
Post by What Hat on Apr 6, 2014 21:57:55 GMT -5
Thanks What Hat. The other day a friend of ours turned on his laptop and had a red screen with a message that they were holding all his files hostage and he had pay them a fee to get them back. A lot of downtown Calgary businesses seem to have been hit with this one. It appears to be very difficult to get into your computer and even after it's been accessed and the files returned, it is not rid of the virus. There have been people getting only some of their files back and then they are asked for more money to get the rest of them. Also, the computer guy that worked on our friends laptop took 2 hours just to get into the computer in order to clean it and it still wasn't right. Have you run across this one? I have heard of it and similar cons. These usually start with a message saying that some of your files are infected, when in fact, they are fine. You then press a button to "clean" your files, and you've actually allowed malicious software onto your computer which locks up files, or actually does install a virus. Now they've got you. There has also been a scam where someone pretending to be from "Microsoft" phones you, and asks you to go to your computer, and access a certain web page, in order to correct a security vulnerability. At that point they install software that messes up your computer, and then the "Microsoft tech" works with you on a billable basis to get rid of the virus. I could go on all night.
|
|
|
Post by snow on Apr 7, 2014 9:35:25 GMT -5
Thanks What Hat. The other day a friend of ours turned on his laptop and had a red screen with a message that they were holding all his files hostage and he had pay them a fee to get them back. A lot of downtown Calgary businesses seem to have been hit with this one. It appears to be very difficult to get into your computer and even after it's been accessed and the files returned, it is not rid of the virus. There have been people getting only some of their files back and then they are asked for more money to get the rest of them. Also, the computer guy that worked on our friends laptop took 2 hours just to get into the computer in order to clean it and it still wasn't right. Have you run across this one? I have heard of it and similar cons. These usually start with a message saying that some of your files are infected, when in fact, they are fine. You then press a button to "clean" your files, and you've actually allowed malicious software onto your computer which locks up files, or actually does install a virus. Now they've got you. There has also been a scam where someone pretending to be from "Microsoft" phones you, and asks you to go to your computer, and access a certain web page, in order to correct a security vulnerability. At that point they install software that messes up your computer, and then the "Microsoft tech" works with you on a billable basis to get rid of the virus. I could go on all night. Yes, I've had those phone calls several times. I just start asking their names and phone numbers and they hang up on me. go figure!
|
|
|
Post by rational on Apr 7, 2014 12:07:20 GMT -5
I have heard of it and similar cons. These usually start with a message saying that some of your files are infected, when in fact, they are fine. You then press a button to "clean" your files, and you've actually allowed malicious software onto your computer which locks up files, or actually does install a virus. Now they've got you. There has also been a scam where someone pretending to be from "Microsoft" phones you, and asks you to go to your computer, and access a certain web page, in order to correct a security vulnerability. At that point they install software that messes up your computer, and then the "Microsoft tech" works with you on a billable basis to get rid of the virus. I could go on all night. Yes, I've had those phone calls several times. I just start asking their names and phone numbers and they hang up on me. go figure! It is interesting to let them show you what they are saying they can correct. They will show you the MS log file which is filled with error messages of one thing or another. The specific ones that were pointed out to me were things like WWW site time-outs, typos (not shue who would make those), etc. There was not one error that could have been fixed. You can thank me for keeping one of their agents tied up for about 20 minutes, unable to call any of you! Given that they say they can see errors building up on your machine, say you ave several systems and ask the IP of the one they are talking about. That usually will free up your phone line.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Apr 7, 2014 14:28:35 GMT -5
I managed to get out of the problems that this created for me as follows: 1. Control panel; 2. Backup and restore; 3. Recover system settings on your computer; 4. Restore this computer to an earlier period in time.
Whether this would work for everyone, I really don't know.
|
|
|
Post by rational on Apr 7, 2014 14:42:22 GMT -5
I managed to get out of the problems that this created for me as follows: 1. Control panel; 2. Backup and restore; 3. Recover system settings on your computer; 4. Restore this computer to an earlier period in time. Whether this would work for everyone, I really don't know. This is one of the uses for a backup. Unfortunately some of the viruses do not immediately manifest their presence and restoring from an infected backup does little good. Others infect the resident backup copies as part of their process. It is difficult to know if the backup is good though. If the one you had is good you should save it off-line, if it isn't already. Some malware has been known to infect backups that reside on the computer. Restoring from read-only media is a good idea.
|
|
|
Post by rational on Apr 7, 2014 14:50:48 GMT -5
Has anyone had a popup asking them to update JAVA today? The one I just got was definitely malevolent. I quickly exited the tab to which my browser took me. Given the YouTube and online video viewing I see here I am surprised that there are not more problems with people's computers. Of course, the problems are not always apparent so who knows.
|
|
|
Post by snow on Apr 7, 2014 14:51:49 GMT -5
Yes, I've had those phone calls several times. I just start asking their names and phone numbers and they hang up on me. go figure! It is interesting to let them show you what they are saying they can correct. They will show you the MS log file which is filled with error messages of one thing or another. The specific ones that were pointed out to me were things like WWW site time-outs, typos (not shue who would make those), etc. There was not one error that could have been fixed. You can thank me for keeping one of their agents tied up for about 20 minutes, unable to call any of you! Given that they say they can see errors building up on your machine, say you ave several systems and ask the IP of the one they are talking about. That usually will free up your phone line. haha, you sound like my husband. He asks all these questions and ties them up for a long time. Then he asks which computer they see having the problem because we have several running. You're right, they usually leave at that point!
|
|
|
Post by snow on Apr 11, 2014 10:38:56 GMT -5
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Apr 11, 2014 18:39:06 GMT -5
this is true my yahoo account got hacked and i had a mailer daemon explosion! took me awhile to get it all deleted over the whole day
|
|
|
Post by snow on Apr 11, 2014 20:26:56 GMT -5
Yikes Wally that doesn't sound like fun. Sometimes things like this makes me want to be off the grid. But then how would I come here then lol. Ah well, such is life with technology!!
|
|
|
Post by rational on Apr 12, 2014 1:11:10 GMT -5
this is true my yahoo account got hacked and i had a mailer daemon explosion! took me awhile to get it all deleted over the whole day The OpenSSL flaw described was most likely not the source of your problem.
|
|
|
Post by What Hat on Apr 12, 2014 9:43:22 GMT -5
this is true my yahoo account got hacked and i had a mailer daemon explosion! took me awhile to get it all deleted over the whole day The OpenSSL flaw described was most likely not the source of your problem. It's important for people to know that there is yet no evidence that anyone exploited the "heartbleed" opening. From what I've read about it, it would take a fair bit of work to take advantage of this exploit. Mailer daemon explosions unfortunately are very wide spread. Another problem I just saw the other day was a duplicate Facebook account. I received a friend request from a cousin who I thought was already a friend. Turns out that a hacker had spoofed her Facebook account down to the profile picture and other details. The duplicate account was shut down by Facebook but it took a few days.
|
|
|
Post by snow on Apr 12, 2014 9:58:26 GMT -5
The OpenSSL flaw wasn't done intentionally either apparently. It was in a patch done by a German company. So if it wasn't known about until it was caught, it likely hasn't done a lot of harm. Hopefully they fixed it before it was announced? Or maybe that wasn't possible? Whathat and Rational would no the answer to that.
|
|
|
Post by What Hat on Apr 12, 2014 10:39:26 GMT -5
The OpenSSL flaw wasn't done intentionally either apparently. It was in a patch done by a German company. So if it wasn't known about until it was caught, it likely hasn't done a lot of harm. Hopefully they fixed it before it was announced? Or maybe that wasn't possible? Whathat and Rational would no the answer to that. It's what is known as an exploit or vulnerability, kinda like a chink in the armour. It's akin to having a very secure alarm system, steel doors and so on in your house, locking up for vacation, then coming home and finding you left a back window open an inch. A flaw like this is always done inadvertently by the "good guys" and never intentionally. Malevolent hackers and cyber-thieves could have taken advantage of this "opening" or exploit, but perhaps no one did. There is in fact, no evidence yet of anyone taking advantage of the exploit. First of all, a hacker or malevolent programmer would have had to find the opening; second it would take quite a bit of work to take advantage of it, since the exploit, at least as I understand it, only exposed account, password or account information on an intermittent and random basis. And virtually within a day of finding this vulnerability, all the banks, major software vendors and so on, corrected it and released updates. It probably was a 3 line fix. It is rather shocking that this vulnerability existed in such widely used software for so long. A big part of the issue is that we software developers tend to rely on systems and methodologies provided by outside security experts, partly just to avoid liability, partly because the area is so complex we don't want to get in to it. But that means the people working on the security features are a relatively small pool of experts. We don't evaluate the security features we use in our software, we just assume they work.
|
|
|
Post by faune on Apr 12, 2014 10:59:42 GMT -5
Thanks What Hat. The other day a friend of ours turned on his laptop and had a red screen with a message that they were holding all his files hostage and he had pay them a fee to get them back. A lot of downtown Calgary businesses seem to have been hit with this one. It appears to be very difficult to get into your computer and even after it's been accessed and the files returned, it is not rid of the virus. There have been people getting only some of their files back and then they are asked for more money to get the rest of them. Also, the computer guy that worked on our friends laptop took 2 hours just to get into the computer in order to clean it and it still wasn't right. Have you run across this one? I have heard of it and similar cons. These usually start with a message saying that some of your files are infected, when in fact, they are fine. You then press a button to "clean" your files, and you've actually allowed malicious software onto your computer which locks up files, or actually does install a virus. Now they've got you. There has also been a scam where someone pretending to be from "Microsoft" phones you, and asks you to go to your computer, and access a certain web page, in order to correct a security vulnerability. At that point they install software that messes up your computer, and then the "Microsoft tech" works with you on a billable basis to get rid of the virus. I could go on all night. What Hat ~ Well, I recently had my laptop infected by accidently hitting a button to rid me of an infection while trying to get out of the screen to do a scan on my computer. The add claimed to be some Pro-cleaner by Microsoft and had nothing to do with my actually computer Microsoft Essentials virus protector. It was a costly mistake on my part, but my laptop is back and running again after being in the shop for three days. One thing for sure, there are certainly a lot of scans out there and we all need to be on our guard against being taken in by them ~ even accidently.
|
|
|
Post by snow on Apr 12, 2014 13:14:15 GMT -5
The OpenSSL flaw wasn't done intentionally either apparently. It was in a patch done by a German company. So if it wasn't known about until it was caught, it likely hasn't done a lot of harm. Hopefully they fixed it before it was announced? Or maybe that wasn't possible? Whathat and Rational would no the answer to that. It's what is known as an exploit or vulnerability, kinda like a chink in the armour. It's akin to having a very secure alarm system, steel doors and so on in your house, locking up for vacation, then coming home and finding you left a back window open an inch. A flaw like this is always done inadvertently by the "good guys" and never intentionally. Malevolent hackers and cyber-thieves could have taken advantage of this "opening" or exploit, but perhaps no one did. There is in fact, no evidence yet of anyone taking advantage of the exploit. First of all, a hacker or malevolent programmer would have had to find the opening; second it would take quite a bit of work to take advantage of it, since the exploit, at least as I understand it, only exposed account, password or account information on an intermittent and random basis. And virtually within a day of finding this vulnerability, all the banks, major software vendors and so on, corrected it and released updates. It probably was a 3 line fix. It is rather shocking that this vulnerability existed in such widely used software for so long. A big part of the issue is that we software developers tend to rely on systems and methodologies provided by outside security experts, partly just to avoid liability, partly because the area is so complex we don't want to get in to it. But that means the people working on the security features are a relatively small pool of experts. We don't evaluate the security features we use in our software, we just assume they work. Interesting for sure. thank you for explaining it What Hat.
|
|
|
Post by rational on Apr 13, 2014 8:35:55 GMT -5
The OpenSSL flaw wasn't done intentionally either apparently. It was in a patch done by a German company. So if it wasn't known about until it was caught, it likely hasn't done a lot of harm. Hopefully they fixed it before it was announced? Or maybe that wasn't possible? Whathat and Rational would no the answer to that. The problem has been around for at least 2 years. While it could have been exploited there is nothing to show that it was. Unfortunately in that length of time most most servers were updated with the faulty software and to correct the problem the servers will have to be updated again, something that administrators do not look like with delight. From what I have seen, the possible leak of information requires multiple 'hits' on the server and the information returned may or may not contain security information. A worse case possibility would be that all of the SSL certificates would have to be reinstalled but that is doubtful. Fortunately most systems store passwords in an encrypted form that prevents instant access to the data. And, of course, most administrators will be changing their passwords once the patch is installed. It's what is known as an exploit or vulnerability, kinda like a chink in the armour. It's akin to having a very secure alarm system, steel doors and so on in your house, locking up for vacation, then coming home and finding you left a back window open an inch. Sort of like this but it would be a steel window and the items accessed are in the dark and can be reached only by casting in with a fishing pole/line and hoping to snag something of value.The fact that it has not been exploited speaks to its obscurity and then the difficulty in using it to get any useful data. The software involved is at the lower end of the pile of software running on servers. It is system software and is presently in use on millions of servers. What even makes it more difficult to find is that this code is found in Apache and nginx Web server applications (delivers web pages as requested)and represents about 2/ 3s of the web servers in use.
|
|
|
Post by rational on Apr 13, 2014 8:55:07 GMT -5
What Hat ~ Well, I recently had my laptop infected by accidently hitting a button to rid me of an infection while trying to get out of the screen to do a scan on my computer. The add claimed to be some Pro-cleaner by Microsoft and had nothing to do with my actually computer Microsoft Essentials virus protector. It was a costly mistake on my part, but my laptop is back and running again after being in the shop for three days. One thing for sure, there are certainly a lot of scans out there and we all need to be on our guard against being taken in by them ~ even accidently. ;) When a pop-up is generated by someone who is trying to compromise your system you need to remember that they have programmed the window and that little "X" at the upper right hand corner may just as easily be the " Go To The Virus Site" button as the " Exit" button. In many cases no matter where you click on the pop-up window it will be bad news for you. One simpler/safer way around it is to use "ALT-F4" to close the window.
|
|
|
Post by snow on Apr 13, 2014 10:46:42 GMT -5
Is it possible servers are having problems in certain areas? My server has been slow the last couple of days. Especially in it's email section and not consistently.
|
|
|
Post by rational on Apr 13, 2014 11:08:59 GMT -5
Is it possible servers are having problems in certain areas? My server has been slow the last couple of days. Especially in it's email section and not consistently. It is, or course, possible but but not caused by the OpneSSL issue. There is a program to do a simple test to see how your server is responding. Find out the name of your mail server. (assume it is mail.verizon.com) Click on the start button and in the search field enter: ping -t mail.verizon.com A new window will open displaying something like: Pinging e5956.g.akamaiedge.net [23.56.66.24] with 32 bytes of data: Reply from 23.56.66.24: bytes=32 time=23ms TTL=250 Reply from 23.56.66.24: bytes=32 time=36ms TTL=250 Reply from 23.56.66.24: bytes=32 time=12ms TTL=250 Reply from 23.56.66.24: bytes=32 time=12ms TTL=250 Reply from 23.56.66.24: bytes=32 time=13ms TTL=250 Reply from 23.56.66.24: bytes=32 time=99ms TTL=250 Reply from 23.56.66.24: bytes=32 time=11ms TTL=250 Reply from 23.56.66.24: bytes=32 time=30ms TTL=250 Reply from 23.56.66.24: bytes=32 time=29ms TTL=250 Reply from 23.56.66.24: bytes=32 time=11ms TTL=250 Reply from 23.56.66.24: bytes=32 time=10ms TTL=250 Reply from 23.56.66.24: bytes=32 time=13ms TTL=250 Reply from 23.56.66.24: bytes=32 time=13ms TTL=250 Reply from 23.56.66.24: bytes=32 time=39ms TTL=250 Times under 50ms are good. Over 100ms not so good. CTRL-C will stop ping from running.
|
|
|
Post by snow on Apr 13, 2014 11:19:51 GMT -5
Is it possible servers are having problems in certain areas? My server has been slow the last couple of days. Especially in it's email section and not consistently. It is, or course, possible but but not caused by the OpneSSL issue. There is a program to do a simple test to see how your server is responding. Find out the name of your mail server. (assume it is mail.verizon.com) Click on the start button and in the search field enter: ping -t mail.verizon.com A new window will open displaying something like: Pinging e5956.g.akamaiedge.net [23.56.66.24] with 32 bytes of data: Reply from 23.56.66.24: bytes=32 time=23ms TTL=250 Reply from 23.56.66.24: bytes=32 time=36ms TTL=250 Reply from 23.56.66.24: bytes=32 time=12ms TTL=250 Reply from 23.56.66.24: bytes=32 time=12ms TTL=250 Reply from 23.56.66.24: bytes=32 time=13ms TTL=250 Reply from 23.56.66.24: bytes=32 time=99ms TTL=250 Reply from 23.56.66.24: bytes=32 time=11ms TTL=250 Reply from 23.56.66.24: bytes=32 time=30ms TTL=250 Reply from 23.56.66.24: bytes=32 time=29ms TTL=250 Reply from 23.56.66.24: bytes=32 time=11ms TTL=250 Reply from 23.56.66.24: bytes=32 time=10ms TTL=250 Reply from 23.56.66.24: bytes=32 time=13ms TTL=250 Reply from 23.56.66.24: bytes=32 time=13ms TTL=250 Reply from 23.56.66.24: bytes=32 time=39ms TTL=250 Times under 50ms are good. Over 100ms not so good. CTRL-C will stop ping from running. Ok, thanks I will try that.
|
|