Skip to main content

Web Attack Blackhole ToolKit

By [email protected] and EM @QUE.com
I received an email with the following message:

"Dear Bank Account Operator, WIRE TRANSFER: WRE-7258418863703165 CURRENT STATUS: PENDING
Please REVIEW YOUR TRANSACTION as soon as possible. " Note: I already removed the linked in review your transaction for this post. See the captured screen after clicking the malicious code.


DO NOT visit the URL Address if you don't have a protection on your computer. And here's the noticed from Symantec Anti-Virus. "Web Attack Blackhole Toolkit Website (random number) detected.


I'm not expecting any wire transfer transaction, so I know this is one of the malicious code out there trying to take control of your computer. I'm surprise that Google Apps anti-virus tool did not detect this type email. I already reported (tagged) this as spam in my Google email.

How do you protect your computer against this type of viruses. Here's my suggestions.

  1. Install anti-virus software to your computer. Here's some software to choose. ( http://www.blocklist.com/category/antivirus/)
  2. If you're using a Windows Operating System, visit Microsoft Security Essential to download a free anti-virus software.
  3. Always keep your computer up to date of security patches.
  4. Separate your Admin and User account. If you bought a computer, it's not too late to create a standard user to use for daily use, and Admin for administration tasks e.g. install new software, updates security patch, etc.
If you are using a standard User account. This will not allow to install new software, including malicious codes, cookies, etc. The Step-4 using Standard User will minimize risk of infection when browsing the Internet.

I hope this help. Don't hesitate to post your feedback or comments.
Thank you.


Labels:

Comments

Post a Comment

Popular posts from this blog

Alternative Social Networks

By [email protected] and EM @QUE.com
If you are planning to create your  social network  e.g. similar to Facebook. Here's a short list of alternative software's: Open Source and Free​ http://buddypress.org/  - Wordpress (Open Source and Free) http://elgg.org/  - (Open Source and Free) Commercial Social Networks software http://www.socialengine.com/  ($299 Stand Alone, $29/mo Cloud) http://www.jomsocial.com/  (run with Joomla, need to know CMS) http://www.boonex.com/  (very expensive, $399 for Standard) http://www.anahitapolis.com/ http://www.oxwall.org/ http://sharetronix.com/ http://www.moosocial.com/ http://www.jcow.net/ http://phpdolphin.com http://www.grou.ps  (from free to Commercial, I left my networks and they are selling it  http://www.phpfox.com/  (I used this before, it's hard to maintain. I moved to NING but left too after it was sold to another company) http://www.ning.com  (I don't recommend using this service, it's hard to export your data when it's time to move) S
3 comments
Whaddya know more?

Learning Vulnerability Scanning by KING.NET

By [email protected] and EM @QUE.com
Learning Vulnerability Scanning is fun and easy. So I hope you enjoy reading this short how to guide on how to use vulnerability scanning to secure your servers and networks. NMAP is the swiss tool that you need to learn if you're serious in Cyber Security profession. The NMAP tool can be use with NSE scripting (Nmap Scripting Engine) to automate your tasks. For example using NSE Script using a  single vulnerability (cold fusion)  to scan our test lab machine. root@kali:~# nmap -v -p 80  --script http-vuln-cve2010-2861  10.11.1.220 Starting Nmap 6.47 ( http://nmap.org ) at 2016-07-22 17:34 EDT NSE: Loaded 1 scripts for scanning. NSE: Script Pre-scanning. Initiating ARP Ping Scan at 17:34 Scanning 10.11.1.220 [1 port] Completed ARP Ping Scan at 17:34, 0.04s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 17:34 Completed Parallel DNS resolution of 1 host. at 17:35, 13.01s elapsed Initiating SYN Stealth Scan at 17:35 Scanning 10.11.1.220 [1 port] Comp
Post a Comment
Whaddya know more?