Investigation and Reason Give Understanding
The LastPass password phishing exploit could trick users into giving away their password.
If you use LastPass check this exploit out at The Hacker Blog and IT Pro. It involves unscrupulous people phishing for LastPass passwords.
This issue is now fixed for all the latest versions of Lastpass on Chrome & Internet Explorer at least.
In December 2009 the European Union obliged Microsoft to offer a choice of browsers to their European customers when they installed new versions of Windows. This browser choice was also delivered in updates to Windows and so the Browser Choice screen was born and has been with us ever since. See my featured image of Microsoft’s browser choice screen offering Google Chrome, Internet Explorer, Safari, Mozilla Firefox and the Opera browsers amongst others.
It turns out that this requirement by the EU had a time limit of five years which has now expired. Consequently Microsoft have quietly withdrawn the option to choose other browsers and returned to providing Internet Explorer alone. People can of course continue to use other browsers with Windows as they see fit but Internet Explorer is now what comes out of the box.
Although thousands of asteroids have been discovered and their orbits determined there are thought to be many undetected ones. This asteroid will cross Earth’s orbit of the Sun every three years and is called Asteroid 2014 UR116. It was recently discovered by a Russian professor at Moscow State University, Vladimir Lipunov. It is the size of a mountain (400m across) – much larger than the 164 feet (50m) across mentioned in my post about Asteroid Day.
Having read about Asteroid 2014 UR116 in The Telegraph I can’t determine how much of a threat it is. On the one hand NASA says this Near Earth Object (NEO) doesn’t pass near enough to earth to be a threat, but on the other NASA says it will be an impact threat for the next 150 years.
Well, well, well, whose not keeping on top of things then. It looks like all the major banks. This article from ITPRO taken from Reuters points out that some major banks will not have updated their Automatic Telling Machines to Windows 7 by 8th April 2014. This is Microsoft’s published deadline after which there will be no support for the old system. Apparently 95% of the worlds 2.2 million ATMs were using Windows XP and 2/3 of them will still be using it after the MS deadline. So the banks involved will be paying some large sums of money to MS to keep their systems updated beyond the deadline.
This tells me that these banks have got all their eggs in one basket. They should diversify and have another company’s system running on alternate machines with similar geographic locations. This should be a requirement of bank regulators.
A friend found they had got MSN as their Home page and asked me how they could make Google the Home page in Windows 7.
I haven’t seen their screen but I would expect it to look like the screen shot above, when they select their Home page, with MSN showing. Here I have recreated their situation and then selected Tools on the Command Bar. In this example the Command Bar is very short and placed at the end of the Favourites Bar. Most of the commands, including Tools, show on a drop-down menu which appears when the chevrons are selected at the right-hand end of the Command Bar.
I don’t necessarily want Internet Explorer Suggested Sites on my Favourites Bar in Internet Explorer. I just want My Favourites. Yes, I’m talking about the Suggested Sites shortcut which appears on the Favourites Bar and defies all attempts to remove it permanently. Deleting the shortcut from the Favourites Bar does not prevent it from returning.
I have wanted a way to get a reduced windows 7 startup time for a while. I was concerned about the time it took from switch on to the point where all apps that start automatically were ready for use. This has generally increased over the years during the time I had previous versions of Windows and on into the time I have had Windows 7.
There are those who would say I have too many apps starting. Well I didn’t buy a cheap computer and that’s what computers are for. To have apps running that a person can use at any time without much notice.
In the hope I would get reduced Windows 7 startup time I bought a Crucial Adrenaline solid state cache in 2012. It was controlled by NVELO Dataplex v1.1.3.0. I questioned how good it was because it still took a long time to start. However if I left it for a while after starting Windows, prior to logging on to my desktop, there was a noticeable improvement on the start-up time for the multitude of programs that loaded after log-on. So I continued to use it.
Yesterday (6th March 2013) I was notified by NVELO of a new version of Dataplex v1.3.0.0. I followed the process carefully to perform the upgrade. After the upgrade, and following restart, there was a very long startup time (5mins or more) while the cache was sorted out. Everything was OK but I didn’t restart again that day.
Today (7th March 2013) I started and the logon screen appeared after 1min 25secs. I logged on by 1min 30secs and my extensive range of icons, toolbars and gadgets had all loaded within 2mins from switch on. It took at least 4mins before. There must have been a problem with the previous version. I don’t think it’s wholly due to the improvements in the new version.
For a week now it has been known that there is an IE9 Zero Day Vulnerability.
Now Microsoft have published a fix which came to me today in the form of an update as follows (for Windows 7):
Update type: Important
Security issues have been identified that could allow an attacker to compromise a system that is running Microsoft Internet Explorer and gain control over it. You can help protect your system by installing this update from Microsoft. After you install the update, you may have to restart your computer.
More information: http://go.microsoft.com/fwlink/?LinkId=255505
Help and Support: http://support.microsoft.com
Zero Day Vulnerabilities are those which have already been exploited by the time the software developer finds out about them.
END OF POST
This phishing email pretends to come from:
Tesco Personal Finance customerservice@consumercardservicing.tescofinance.com.
As you can see from the image of the email content below if you were to click on the link:
http://www.tescobank.co.uk/1/2/TESCOCAM10;&user=% colin.ride@btinternet.com %
. . . you will not go to a Tesco website. Look carefully and you will see that the real URL behind the embedded link is displayed above the hand pointer when the hand hovers over the link in the text.
In the facsimile above the obscured paragraph reads:
During our regularly scheduled account maintenance and verification
procedures, our records show your Tesco Credit Card Account registered
to email user ” < the recipient’s email address > ” has been inactive for some days.
To securely confirm and reactivate your account please click on the link bellow:
This is not somewhere I’m going and I wouldn’t advise anyone to go there. You might pick up a nasty cold. It looks like a games website in Spain (the domain is “es”). I presume the page looks like a Tesco Finance log-in page. When you enter your log-in credentials the owner of the page can save them and use them to log-in to your real Tesco Finance account and play a dirty trick on you.
This email was delivered to my MS Outlook Inbox from a btinternet.com account. It wasn’t picked up by them as spam nor was it detected by Norton Internet Security, presumably because it is a new kid on the block.
I have forwarded the email to TESCO Bank for their perusal.
So now you know how to check a suspect email. Good luck and watch out.
Malware discovered in Google Marketplace Apps by Symantec is designed to make premium rate calls from your mobile. So check your bills. See the detail here.
English
Afrikaans
Shqip
አማርኛ
العربية
Հայերեն
Azərbaycan dili
Euskara
Беларуская мова
বাংলা
Bosanski
Български
Català
Cebuano
Chichewa
简体中文
繁體中文
Corsu
Hrvatski
Čeština
Dansk
Nederlands
Esperanto
Eesti
Filipino
Suomi
Français
Frysk
Galego
ქართული
Deutsch
Ελληνικά
ગુજરાતી
Kreyol ayisyen
Harshen Hausa
Ōlelo Hawaiʻi
עִבְרִית
हिन्दी
Hmong
Magyar
Íslenska
Igbo
Bahasa Indonesia
Gaelige
Italiano
日本語
Basa Jawa
ಕನ್ನಡ
Қазақ тілі
ភាសាខ្មែរ
한국어
كوردی
Кыргызча
ພາສາລາວ
Latin
Latviešu valoda
Lietuvių kalba
Lëtzebuergesch
Македонски јазик
Malagasy
Bahasa Melayu
മലയാളം
Maltese
Te Reo Māori
मराठी
Монгол
ဗမာစာ
नेपाली
Norsk bokmål
پښتو
فارسی
Polski
Português
ਪੰਜਾਬੀ
Română
Русский
Samoan
Gàidhlig
Српски језик
Sesotho
Shona
سنڌي
සිංහල
Slovenčina
Slovenščina
Afsoomaali
Español
Basa Sunda
Kiswahili
Svenska
Тоҷикӣ
தமிழ்
తెలుగు
ไทย
Türkçe
Українська
اردو
O‘zbekcha
Tiếng Việt
Cymraeg
isiXhosa
יידיש
Yorùbá
Zulu