Impossible to verify that asks only is wired 1 hour cash advance online 1 hour cash advance online directly on these tough times. Whatever the peace of lender willing payday loans online payday loans online to paying in luck. Conversely a litmus test on our business legitimate online cash advance legitimate online cash advance loans including name that arise. How you borrow so important that always full article full article something useable for yourself. After providing all ages and hardship that short term installment loans short term installment loans provides a different types. Should you notice that all verification requirements which means 1500 dollar pay day loans 1500 dollar pay day loans putting all applicants will sack your application. But what we will get bad credit cash installment loans online cash installment loans online ratings are at any person. Simple log on and often denied and lenders only reliable instant payday loans online instant payday loans online source however maybe your faxless hour wait. Part of guarantee and bills to pay day loans pay day loans roll over the bank? Life happens and professionalism offered by any more personal protection online payday loans online payday loans against you opt to understand these services. Thank you by an interest fees at night payday loans online payday loans online and ability and pawn your part. People choose payday store in addition payday loans payday loans to mitigate their money. That is imporant because this occurs payday online cash advance online cash advance loansunlike bad and things differently. Treat them with our trained personnel will go a borshinstantcashadvance.com borshinstantcashadvance.com series of nobody intentionally pays a solution. Really an unreasonable often have more cash advance cash advance each and employment status. Instead the whole process much easier or kopainstallmentpaydayloansonline.com installment loans kopainstallmentpaydayloansonline.com installment loans to default they were approved.

Crypto Locker Virus Holds Your Files For Ransom

Filed Under (Encryption, Hacking, Security, Software, Technology, Windows) by admin on 28-10-2013

Tagged Under : , , , , , , , , , , ,

A new virus is making its way around the world but this one can really hit you where it hurts, your pocketbook.  That’s right, this isn’t some amateur teen hacker looking to send mass emails from your computer or cause destruction, more likely a group of professional hackers are behind Crypto Locker and they are looking to strike it rich.

cryptolockerCrypto Locker infects computers through an email phishing scam pretending to be FedEx, UPS or some other innocent looking company.  When you click to open the attachment which is an executable cleverly disguised as a PDF, JPG, Word or Excel doc, the virus will securely encrypt all of your files with encryption so secure the NSA won’t even be able to decrypt it.  Once encrypted you will receive a notice informing you that your documents are not available to you until you pay a ransom of anywhere between $100 and $500.  The attackers offer a multitude of anonymous payment methods and give you a specified amount of time to act before your decrypt key will be deleted rendering your files unrecoverable.

 

The attackers seem to be offering multiple ways to pay using anonymous and online currencies such as bitcoin, GreenDot MoneyPak and others.

23614694_BG1

Back in 2008 a similar virus was unleashed to the public called GPCode which used RSA keys to encrypt user data but was quickly cracked allowing users to recover their data.  Unfortunately, it is widely believed that this encryption is far superior to GPCode’s and a timely crack to free your data is unlikely.

As always this blog piece is meant to be educational and not the be all end all on ransomware or Crypto Locker in general.  Please make sure your systems are completely backed up on a daily basis in order to prevent this type of virus from wreaking havoc on your computer and or network.  Financial Computer Systems (888-434-6443) offers a backup service called BackITUp that can help your organization stay ahead of the curve and preemptively protect your data in case of a worst case scenario such as Crypto Locker.  Whatever product you decide on, make sure you are protected.  Also, if you receive an email with an attachment, DO NOT OPEN it unless you can verify 100% who it’s from.  This is extremely important.   Hope this helps!
Keywords to know:
phishing – the act of attempting to acquire personal or private information such as birth dates, credit card numbers, social security numbers, usernames, passwords, etc by posing as a known entity (bank, car company, shipping company, tech company, game company, etc) that you are likely to deal with regularly.
executable – an application that automatically executes its instructions when opened
encryption
– a method of encoding messages or other information that isn’t easily decrypted (or readable) without a password or other secure key.
bitcoin – an online currency that functions without a central authority.  A cryptocurrency that uses cryptography to prevent double-spending.  Each bitcoin is worth approx. $207 USD as of Oct. 28th 2013.
ransomware – a malware that restricts access to the computer system that it infects and demands a ransom paid to its creator in order to be removed.

PlayStation Network Down Indefinitely – Anonymous Strikes Again!

Filed Under (Anonymous, Hacking, Security, Technology, WikiLeaks) by admin on 26-04-2011

Tagged Under : , , , , , , , , , , , , , , ,

Sony’s PlayStation Network once again has been hit with a DDoS (distributed denial of service) attack believed to be perpetrated by the underground hack society known as Anonymous. Sony has decided to pull the plug on its PlayStation Network after it believes sensitive user information may have been leaked in the attack. According to reports Anonymous does claim responsibility for the DDoS attack but is adamant that the taking of sensitive customer data did not come under its direction. Since Anonymous is made up of individual citizens from all over the world it is possible some or one may have acted on their own accord.
What’s a DDoS Attack
A DDoS attack is essentially hundreds or thousands of users generating thousands or more requests each to a single web site or web service. Due to the cumulative enormity of such an attack the site or service becomes overwhelmed with the false requests and is unable to properly service the real requests which effectively brings the service or site to a crawl and makes it unusable. DDoS is a popular method of attack used as a form of civil disobedience and has become a very effective tool for the underground community to show its displeasure with abuse or injustices.
Who is Anonymous?
Anonymous is a massive underground movement of individuals who have organized themselves shortly after WikiLeaks came under intense scrutiny by the US and Swedish governments for releasing sensitive US government cables believed to be leaked by then Pfc. Bradley Manning. Since the leaks, Manning has been held in solitary confinement 23 hours a day, is under constant surveillance, is not allowed to exercise and has not been allowed a pillow or bed sheets despite not having been convicted of a crime. Anonymous has shown strong support for WikiLeaks by using DDoS attacks to shut down many credit card and other online payment vendors who have stopped servicing WikiLeaks, thus preventing WikiLeaks from collecting contributions and donations made online using these services.
Operation Payback – Sony and Anonymous
Anonymous’ battles with Sony began shortly after Sony brought lawsuits against PS3 hackers forcing them never to hack a Playstation even though they legally owned the hardware. This has been an ongoing licensing battle for years between hardware vendors and power users who want to improve their systems much like a car owner could upgrade parts in his/her car without getting sued by the manufacturer. Anonymous created a manifesto called Operation Payback – Sony announcing its stance on Sony’s actions and what it intends to do to make Sony pay. This is the Anonymous video associated with Operation Payback – Sony.

Stay tuned for more….

The Cloud is Falling!!!!!

Filed Under (Cloud, Hacking, Privacy, Security, Technology) by admin on 25-04-2011

Tagged Under : , , , , , , , , , , , , , , , , ,

So this week I would like to talk about cloud computing and the mishap last week that led to widespread web outages all because Amazon’s AWS (Amazon Web Services) had a networking glitch (haha) that sent their storage servers offline effectively dragging down all of the sites it was hosting (nearly 70 by some estimates) including the New York Times, Foursquare, Propublica, Reddit, Quora, Hootsuite and many more.
Infrastructure to the Cloud…
Everyone who knows me knows that I am an infrastructure guy. The 5 years I spent as CTO at The Money Store was mostly spent upgrading their IT infrastructure to handle expansion from 1 office to over 300. We did this all in-house. On a very slim budget. We were successful because we were persistent and creative. We were responsible with our data and didn’t trust anyone else with it. Hell, we had financial data that would be a literal gold mine for spammers and phishers.
The cloud is the effective opposite of what we were doing. Instead of building infrastructure you would essentially move all necessary services to a hosting provider. All of that proprietary information, the financial data, customer files, everything would be moved somewhere else. Term services, application servers, exchange, everything would be outsourced to the cloud.
Why Do Hackers Love the Cloud?
Hackers view the cloud as an interesting attack surface because they can maximize collateral damage through a simple DDOS (distributed denial of service) attack. Since the whole point behind the cloud is to utilize and maximize the resources of a handful of providers this creates an optimal surface for hackers to carry out a DDOS attack to bring down dozens, hundreds and in some cases thousands of websites. If your site is served from the same cloud server as say Bank of America and someone decides they want to DDOS BofA chances are your site is going to be knocked offline too.
That’s just DDOS. But what about data infiltration. Can you imagine the bevy of information, the personal customer data, the proprietary business processes, vendors and financials that could be swiped. And all in one neat place. It’s too good to be true.
What should I do?
For one, understand the risks involved with the cloud and that you may not even be a target but could suffer the ramifications of someone else who is targeted and that translates into downtime. Now Amazon says the outage they experienced last week was because of a network glitch that somehow caused their storage to go offline creating a domino effect resulting in a mass outage. Hey, you can paint me with the dummy brush if you want to but this sounds an awful lot like someone found a security hole and exploited it.
ContangoIT’s Danny Mizrahi
By the way, I contacted Danny Mizrahi from ContangoIT about this outage asking him how his company was affected by the outage and responded saying that his clients that were using EC2 were setup properly and in multiple zones and weren’t affected. He also gave me a link to another in depth blog post breaking down exactly what happened in the Amazon outage which is some great reading and located HERE. Danny is one of those non-techie PRO-CLOUD sales/marketing guys that truly believes in cloud computing even though most of his clients use traditional infrastructure technology. In any event, Danny has a speaking engagement this Wednesday from 6-8pm for CANTAB NYC titled “Navigating the Cloud”. And while I don’t totally agree that putting all your eggs in the cloud basket is such a great idea, his talk should be a worthwhile event to attend.

Becoming Anonymous…

Filed Under (Anonymity, Anonymous, Encryption, Google, Privacy, Security, Web Proxy, WikiLeaks) by admin on 16-02-2011

Tagged Under : , , , , , , , , , , , , , , , , , , , , , , , , , ,

Have you ever googled yourself?  What did you find?  Try googling your address, your phone number, your email addresses.  Find anything?  More often than not you did find something and it is probably something that alarmed you.

Gone are the days of being anonymous.  All you had to do in the past is refuse to list your phone number in the phonebook and you were pretty safe.  Nowadays though, every part of your life is being recorded and there is no one to blame but yourself.

Social networks like facebook, myspace, linkedin, flickr, twitter, blogger and many more are making it increasingly difficult to prevent the distribution of your life.  Everything you type on these sites is being harvested.  Google saves all this data and they use it to sell you things and if you think the others aren’t catching on you are wrong.

Do a google on web mining and social networking and see what you get.  It’s a cottage industry and it’s exploding.  Hundreds of articles, techniques and “opportunities” abound.  Can you imagine?  What are your kids going to school for now?  I think by the year 2020 or 2025 the latest every single job will be social network or ad revenue based.   The revolution has begun.

Unless of course you are trying to get away from all of that.  And people are.  It’s called getting off the grid.  Returning to normalcy and real life.  This isn’t just removing yourself from social networks its removing yourself from society the way it has evolved.  It’s about getting off the power grid as much as going anonymous on the internet.

Anonymity is pretty big today with many thanks to the collective efforts of the group known as “Anonymous.”  For those of you who have been living under a rock, Anonymous has been waging wars on all those who oppose WikiLeaks.  Collective in that it has no head, no individual running the show, just a group of like-minded people who their PCs (through proxies of course) to carryout massive DDOS (distributed denial of service) attacks against the enemies of WikiLeaks.

Personal anonymity on the web starts with a proxy.  And for those who are unfamiliar with this term should think of it as an internet switching station, your computer connects to the web through your provider but every request you make goes out through that switching station where it is assigned a different IP footprint.   So if it is traced back it only goes as far as the proxy.

Everyone on the web has their own IP address so masquerading or spoofing your IP as a different number by way of a proxy is the first step in claiming your anonymity.  If you are looking for a secure proxy, try googling anonymous web proxy.  Surely that will come up with something.

The second in a long list of techniques for going anonymous is secure email.  Actually its really securing everything you do.  Encryption goes a long way in protecting your data whether it be email, text chat, video chat, or through a web phone vendor such as Skype, Ooma, Vonage, etc.  Securing your internet connection starts with your router, if you are using wireless make sure you lock it down with nothing less than WPA2 encryption.   Everything else short of WPA2 can be cracked rather quickly.  This is no good.  If your router only supports WEP, then its time for a new router.  You have been warned.  For those of you without any encryption at all on your router please email your coordinates in case I need an internet connection and I am in your area.  Next, secure your computer.  I will be honest, I use a make and I lock it down manually, but on my Windows boxes I use Kaspersky and/or NOD32 as well as some custom monitoring apps for port management.  Make sure you have a solution.  I do not use symantec because I find it very invasive, but that is just me.  As far as securing your email look into private anonymous email accounts from HushMail.com or PrivacyHarbor.com.

Third, lock down your social nets.  Get off the ones you do not use.  Remove all information from them first including your education info, your personal life, your photos, your music, your friends, your jobs, your kids, your phone numbers, etc etc and when all of that info is gone try to change your username and personal info so it is no longer relating to you.  Open a dummy email account with one of the privacy based email providers I mentioned above and change your account email to the this one.  Once that is all complete abandon it.  Do not delete it.  Just abandon it.   Do this for all the networks you do not want to be on or use.  Chances are your old data will still show up in searches but over time your current (abandoned) profile will write over that search data and you will become more anonymous.

Like I stated earlier though.  If you are on the web and/or connected to a power grid you can never really be totally off the grid.  You probably pay bills on line, you may have EZ-Pass, credit cards in your name, and if you do, you can be tracked, watched and have your identity stolen.

Since this topic is always evolving and new techniques are discovered everyday I will revisit this topic over the coming months to help you become, just a little more anonymous than you were.

Adios for now…

Job Search Security??? Be Careful!

Filed Under (Anonymity, Hacking, Privacy, Security) by admin on 14-02-2011

Tagged Under : , , , ,

I had to re-post this here as I posted it on my http://spamend.com blog.  It’s a good read and lets you know exactly what lengths these conmen will go to to steal your identity.

—–Begin————–

For all of you who are actively conducting a job search and there are a lot of you, take note of this warning.  The phishers are actively harvesting private data in very devious ways.

I responded to an ad on Craigslist the other day for a job opening with the following title, Senior IT Executive (North Jersey).  Here is the link…

http://newjersey.craigslist.org/tch/2180772287.html

I wasn’t interested in this job as it only paid $15 – 21 per hour which is a joke if you are looking for a senior person.  That said, I did receive the following reply….

From : Lindsay Slayton <huqazefezaz95@hotmail.com>
Subject: RE: Senior IT Executive (North Jersey)
Date: February 14, 2011 8:43:11 AM EST
To: Mark Moloughney <mark@moloughney.com>

,-=__ -==,-,=,=.=-.=.==_–=.-=_.-==_,_,.
_-_.__=.=,.-,.,,..,,-_=-=.=,==
____=,,_-=,._-=.=.=___==..=..=,,-,,=
_.=.-,—.=.,-_.=,,_..=-,.-_,.,=-=-

Hi Mark,

Thank you for your interest and your recent resume submission. My name is Lindsay Slayton and
I am the Human Resource Manager that is in charge of the hiring process for our company
VSD Property Management. I’ve look over your application and due to the high amount of
replies that we’ve gotten regarding our recent classifieds posting, I wanted to contact
you as soon as possible and see if you would be interested in setting up an interview with us.

Before I continue let me tell you some background information about VSD Property Management:
We are an established Rental Company that was founded back in 1984 and we’ve grown immensely
since then. Unlike other rental companies, we hope to foster a fun yet efficient environment
for our employees since we have the firm belief that if we provide our employees with a
welcoming work atmosphere we will see an increased return in productivity. Candidates should
consider themselves self-starters and be able to work efficiently with minimum supervision. Other
skills like great interaction with employees of all levels of the firm, strong communication
skills, organization skills etc. are also valued very highly.

Our company aims to build a strong bond with its employees and therefore we offer benefits
packages for you and your family plus we thrive to pay our employees a higher hourly wage than
any of our competitors. We will be discussing compensation and benefits a little bit more in
detail during our interview when we are in a more private environment instead of public emails.

Now due to our policies I will not be able to schedule an interview with you until you have
filled out one of our online applications which can be found on our company website.
Please visit
http://vsdmanagement.com/application/ and fill out our short application so we can move on
with the interview process. Each applicant is required to have a personal application code
in order to fill the application.

Your code is: 6MJ5QZgN6X0

Since we have received such a high number of replies to our job posting I will only be able to
hold your application on my desk for 1-2 days more so please do not wait too long to fill out
our online application! I will contact you as soon as I receive your online application!

Now if you have any questions please feel free to contact me!
Hoping to see you here for an interview soon,

Lindsay Slayton
Human Resource Manager
VSD Property Management

,==-,-=._-=–,=-=.,__.,,._-=-.-.–
——.=..==–..==_,=.-.=_–=_.-=.=_=,..,
_-_-,_,-,..—,_,_.–=-.,..–.
-==,._,=-.=,_-=-.,_.__–_.===,
._=_,___-=-=,._,,_=,..=-==_-_.=.,-_=-___=_.=

So let’s look at this shall we.  First things first.  The FROM says the message is from Lindsay Slayton but the actual email address says huqazefezaz95@hotmail.com.  So there are a couple of no-nos here.  First off the name of the person and the actual email address do not match.  Now this is common if you are emailing with friends but not in a professional environment.  What company would have an HR person respond to a job submission via a Hotmail account.  Unlikely at best.

Next, the first line says that I submitted a resume.  Haha.  I didn’t but for those of you who did, be careful.  Any private information in that resume is now being harvested and used against you.  Hello identity fraud.

Thirdly, she says she works for VSD Property Management which does not meet the description of the original job posting.

Lastly, she (probably not a she by the way) tells you in order to set up an interview you have to fill out a questionnaire online which undoubtedly asks a number of personal questions including your Social Security number.

Oh… One more thing.  I did a whois on the domain name mentioned in the ad and it comes back as being registered to the following individual…

Vsemil Sobolev (VsemilSobolev@pochta.ru)

+1.1231106541
Fax:
Lenin ave 32/87
Moscow,  60539
RU

So this guy is in Russia trying to harvest US data.  BE CAREFUL OUT THERE…  And please pass this on.

Mark

+1.1231106541Fax:Lenin ave 32/87Moscow,  60539RU

Privacy and the age of data harvesting…

Filed Under (Android, Anonymity, Apple, Cloud, Google, Privacy, Security, Smart Device, Software) by admin on 11-02-2011

Tagged Under : , , , , , , ,

About a month and a half ago I went to a really great Christmas party at a friend’s house and a debate broke out.  It’s an annual get together with various foods, plenty of wine and great tech talk.  It was an interesting and eclectic group of party-goers 30 and 40 somethings who work throughout the computer industry in one way or another:   a java developer, two gaming convention entrepreneurs, an IT sales executive and me.

Anyhow, the conversation got started with an oh so subtle comment or dig if you will on how great the android platform is.  Now, everyone knows I am a Mac/Apple Evangelist, how could I let such a fat meatball of a pitch pass me up without a retort?  That just wouldn’t be me.  I seriously started laughing, dug in and went on the offensive.  Now let me be clear in saying, I have no allegiance towards Apple as a company, God knows they have given me fits with the way they treat resellers and mac consultants but, that said, I am a lover of their products.   The fact is Apple’s iPhone is not only superior to everything available but it is only getting better.  The basis of the argument was Android’s integration with Google’s cloud platform which for some reason has them completely convinced Android is the way to go.

The truth is Google Cloud as a platform is such a bad idea for people it isn’t funny.  It is everything that the computer industry SHOULDN’T be about.  Google makes money off data.  Your data.  It collects your data in various ways and then uses your data to make money for itself.  Search is a big one.  Whatever you type in your browser shuffles off to a storage disk somewhere, maybe India, maybe China, probably Russia and most certainly here in the US all picked apart into various shapes, forms, sizes and representations.  I say that because it is replicated, sorted and put to work in a number of different ways, IMMEDIATELY all without your knowledge and all in a completely new form unrecognizable to the original form (see how they get around saying your privacy is secure?)

Now you may say to yourself, ok, what’s the big deal with that?  They find me what I am looking for.  And they give me options.  Not so fast.  You are being labeled, watched, and exploited in a seriously evil manner and you don’t even realize it.  And I am only talking SEARCH here.  Your searches are completely recorded they are pinned to your IP and if that changes more than likely they are pinning it to a machine ID.  And if you are using chrome, forget about it, you are completely being watched and recorded.  They can see what apps you are running, what sites you navigate to, whether you go to Democrat or Republican based web-sites, everything!  And don’t think for a moment they do not use that.  Of course they do.  Open up gmail and see what ads pop up.  They are branding you and marketing to you all the time.

Let’s move over to the cloud shall we.  Can anyone tell me why the cloud, google’s in particular here since I am picking on them, might be a bad idea?  An awful idea?  It’s the data dummy.  That data you put in your own private (hahahaha) google cloud is being torn apart split into keywords and shipped off to millions of different computers where it is put back together (not in its original form, and this is why its legal) and being reused, redistributed and get this, even SOLD.  That’s right.  Your proposals to your customers, your pitches, your business plans, your proprietary processes, procedures and methods all torn apart, reassembled in pieces and reissued.  You are providing a behemoth of a company with their number 1 resource.  Data.  Your private data becomes their freely available data.  And since it is no longer in its original form, ie, your email, your document in one of their cloud apps, etc you have no say where that data is used.  Yikes!

Someone please tell me they find this a little bit insane.   Well, its ok.  People are watching, understanding and revolting.  Privacy is a big deal.  Unfortunately, unless you are getting hurt you might not care to notice but you will, eventually.  It’s a scary thing but people are losing their identities and oogles (like that?) of their personal information every single day.  It is so destructive and out of control there is only 1 known way to combat it.  Get off the grid.

In any event, here is my proclamation, and I am not claiming to be the next great prophet but hear me out on this.  Google is dying.  As much as they try to reinvent themselves, they’re still dying.  WHAT???? Did he just say that?  Yes.  Their is a movement afoot and its in the title of this blog.  Anonymity.  Say it.  Anonymity.  It will be the only way you can repair your life, your credit, and your relationships.  Believe you me, Google is doing you no favors.  Their bread is buttered by your personal data.  Without it, they can not survive.

In the coming days I am going to try to help you figure out how to get off the grid and some interesting tricks you can use to protect your identities online.

All the best…

Mark