MoonPoint Support Logo

 


Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
April
Sun Mon Tue Wed Thu Fri Sat
 
25 26 27
28 29 30        
2019
Months
AprMay Jun
Jul Aug Sep
Oct Nov Dec


Sat, Jun 16, 2018 2:59 pm

Scam call from 1-800-222-2222

I received a call to my cellphone at noon Eastern time in the U.S. on Saturday June 16, 2018 with the calling number showing as (800) 222-2222. When I answered the call I heard a message stating the call was an automated call that would provide a chance to earn a $50 credit on your next bill. I was then prompted to hit "1" to continue. I did and heard the messaage "Please enter your Verizon billing password" at which point I ended the call. After I ended the call, I called the number back and heard the message "Welcome to America's hottest talk line. Guys, ladies are waiting to talk to you." I have Verizon as my provider for cellphone service. If a Verizon user goes to the Verizon Wireless webste, he or she can log into his or her account by providing either a mobile number or User ID with the password for his or her account. So anyone falling for the fraudulent call will, by providing the password, since the scammer will know the called number, provide the credentials the fraduster will need to use the person's Verizon account. When I looked up the number online, I found others reporting fraudulent activity from the calling number. E.g., 800-222-2222 | Suspected Scam Call | Whitepages. At that page, someone posted on June 14, 2018 3:10:48 PM that he or she received a "Verizon Wireless scam" call from that number. I logged into my account from a computer and opened a chat session with a Verizon representative to report the fraudster. She told me she was going to report it. I also submitted the number at the Federal Communications Commission (FCC) Stop Unwanted Calls and Texts webpage through the "file a complaint with the FCC" link on that page.

[/security/scams] permanent link

Fri, Sep 22, 2017 11:18 pm

Failed POP3 login attempts from 94.136.51.56

While checking the mail log file, /var/log/maillog, on an email server today, I noticed an attempted login from an IP address in an address range I didn't recognize. The entry in the log file contained the following text:

dovecot: pop3-login: Disconnected (tried to use disallowed plaintext auth): user=<>, rip=94.136.51.56

I checked the country associated with the 94.136.51.56 IP address (ds7247.dedicated.turbodns.co.uk) with geoiplookup (you can install the GeoIP package on a CentOS Linux system with yum install GeoIP) and found it was an address assigned to an entity in Great Britain.

$ geoiplookup 94.136.51.56
GeoIP Country Edition: GB, United Kingdom
$

[ More Info ]

[/security/attacks/pop3] permanent link

Fri, Sep 15, 2017 11:04 pm

AskPartnerNetwork Directory on a Windows 10 system

A user reported her Windows 10 Professional system was running slowly. On September 14, 2017, I checked the system with SUPERAntispyware, which reported that it found the Ask Toolbar. It reported the following items associated with the toolbar:

C:\ProgramData\ASKPARTNERNETWORK\TOOLBAR
HKCU\Software\AskPartnerNetwork\Toolbar
C:\ProgramData\AskPartnerNetwork

[ More Info ]

[/security/scans] permanent link

Sun, Jul 02, 2017 11:07 pm

SUPERAntispyware Found Ask Toolbar on 2017-07-02

I scanned a Windows 10 system used by a family member on July 2, 2017 with SUPERAntispyware Free Edtion, since the system was responding more slowly than I expected even for simple actions, though the system has other antivirus software on it. The first thing that SUPERAntispyware identified was the Ask Toolbar browser extension. It showed the following information for Ask Toolbar:

Ask Toolbar

C:\ProgramData\ASKPARTNERNETWORK\TOOLBAR
HKLM\SYSTEM\CurrentControlSet\services\APNMCP
HKCU\Software\AskPartnerNetwork\Toolbar
C:\ProgramData\ASKPARTNERNETWORK

[ More Info ]

[/security/scans] permanent link

Sun, Apr 23, 2017 11:31 pm

Phishing email leading to ridersrepublic.in

Someone notified me that she had received an email from a business contact a couple of days ago informing her that he had shared a document using Dropbox. But when she later contacted his company, she was informed that someone else was sending out email using his email address. She forwarded the message to me, which is shown below with the actual sender's address changed, though:

Subject: Blaine Watkins has shared a file with you using Dropbox
From: Blaine Watkins <blainewatkins@example.com>
Date: Tue, April 18, 2017 6:09 pm
To:

Hi, I just uploaded a Document for you to see using Dropbox. View|Download files and let me know what you think.

Thanks

Blaine

She was concerned that her system might have been infected by malware when she viewed the message. I scanned her system with SUPERAntiSpyware Free Edition, but SUPERAntiSpyware didn't find any malware recently placed on her system. McAfee Total Protection is the real-time antivirus software on her system, but I've found that using additional tools, such as SUPERAntiSpyware, can sometimes detect malware missed by a user's antivirus software. I performed a full scan of the system using McAfee Total Protection after running the SUPERAntiSpyware scan, but it didn't find anything, either. I also checkd the system with Malwarebytes Anti-Malware Home (Free), but it didn't find any malware, either, except for a zip file I created containing files associated with malware I found on the system quite some time ago.

[ More Info ]

[/security/phishing] permanent link

Thu, Mar 16, 2017 10:30 pm

Outlook 2016 unspecified encryption certificate message

After resolving a problem with my laptop not reading certificates stored on my Personal Identity (PIV) card. I've been able to decrypt email messages from others with Outlook 2016 on my MacBook Pro laptop running OS X El Capitan (10.11.6) by using my PIV card in the SCR331 card reader, but when I attempt to send an encrypted email, I see a message stating (image):

You have not specified an encryption certificate for this account. Once you send this encrypted message, you will not be able to read it. Do you still want to send this encrypted message?

If I click on Continue the email will be sent encrypted so that it is readable by the recipients when their email clients decrypt it using their private keys, but I am unable to read the message I sent when it is placed in my Sent folder. To resolve the problem, I clicked on Tools on the Outlook menu bar, then selected Accounts, then clicked on the Advanced button. I then clicked on the Security tab and selected a certificate in the Encryption section. It had been set to "None Selected".

[ More Info ]

[/security/encryption] permanent link

Sun, Mar 12, 2017 10:57 pm

Let's Encrypt certificate expired

A couple of days ago, a user showed me a message she saw on her system about a security certificate issue. When I looked at the message, I realized it was due to the expiration of the Let's Encrypt certificate on the email server used by her system. I logged into that system and queried the server with the openssl command to check the expiration date. I saw it had expired that day, March 10.

# echo "quit" | openssl s_client -connect pop3.moonpoint.com:995 -quiet
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = imap.moonpoint.com
verify error:num=10:certificate has expired
notAfter=Mar 10 19:53:00 2017 GMT
verify return:1
depth=0 CN = imap.moonpoint.com
notAfter=Mar 10 19:53:00 2017 GMT
verify return:1
+OK Dovecot ready.
#

From the root account, I renewed the certificate using the command letsencrypt renew.

[ More Info ]

[/security/encryption/openssl] permanent link

Wed, Mar 08, 2017 10:54 pm

Unable to read certificates from PIV card

I'd been having problems using a Personal Identity Verification (PIV) card with my MacBook Pro laptop running OS X El Capitan (10.10.5). I need the system to be able to access certificates on the PIV card in order to be able to decrypt email from some individuals. I have an SCR331 card reader, which attaches to the system via a Universal Serial Bus (USB) port.

SCR331 PIV card reader

If I attached the PIV card reader and clicked on the Apple icon at the top, left-hand corner of the screen and selected About This Mac then clicked on System Report, if I clicked on USB under Hardware, I would see the system recognized the card reader was attached. E.g., I saw "SCRx31 USB Smart Card Reader" for an SCR331 (that is a number on the underside of the device which appears to be its model number with a part number of 904875 listed there, also) PIV card reader I attached to the system via a USB port.

[ More Info ]

[/security/encryption] permanent link

Wed, Mar 01, 2017 10:42 pm

Discarding configuration changes for a Juniper SRX router/firewall

If you've been entering commands for configuration changes on a Juniper Neworks SRX router/firewall, which runs the Juniper Network Operating System, Junos OS, but haven't committed those changes to make them active, you can discard them using the command rollback 0. which will replace the "candidate config", i.,e., the one you've been editing, with the active configuration, which is also the boot configuration.
root@Alder# rollback 0
load complete

[edit]
root@Alder#

The device can store multiple prior configurations and you can revert to one of those other prior configurations, instead, using rollback n where n is the number for the prior configuration. You can also rollback to a saved "rescue" configuration with rollback rescue. You an see a list of the stored configurations to which you can revert using the command rollback ?.

[ More Info ]

[/security/firewalls/SRX] permanent link

Fri, Feb 24, 2017 10:10 pm

Allowing UltraVNC server connectivity through BullGuard Firewall

If you are using BullGuard Firewall, which is part of the BullGuard Internet Security and Antivirus protection software, if you install UltraVNC for remote desktop management, you will see a message stating "VNC server is asking for access to the internet" whenever someone attempts to connect remotely to the system on which BullGuard Firewall is running.

BullGuard Firewall VNC server

[ More Info ]

[/security/firewalls/BullGuard] permanent link

Once You Know, You Newegg AliExpress by Alibaba.com

Shop Amazon Local - Subscribe to Deals in Your Neighborhood

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo