Search n00bz.net
Friday
Aug202010

This Celeb Gossip Site is safe says McAfee

 

This week it was revealed that Cameron Diaz has something funky going on with her.  It is malware.  I enjoy gossip.  Who doesn't?  This is why bad guys hook malware to them.  McAfee has a program called SiteAdvisor.  Well this past week it flagged a blog called ImNotObsessed.com as problematic.  I had wrote about it earlier this week. 

Vera is the site owner.  She makes her living blogging.  For her, her husband, and their 2 kids, the family of sites is their sole source of income. 

I heard the story and I told Vera, the site owner, to contact me and I would get it to the people who as @rodsoto says, "are the man!"

Well I want to thank Ryan over at McAfee for getting it to the right people.  As of today, ImNotObsessed.com is marked safe

So if you want some gossip that is safe for work and malware free, check out ImNotObsessed.com.

If not, visit anyway because she has lost so much of her traffic that she spent years building up due to this. 

 

Wednesday
Aug182010

Client Side Attacks with Metasploit Express

Today the team over at Rapid7 updated Metasploit Express today.

This inspired me to play around with the application and checked out the modules.

I know some of the fun of Metasploit is Client Side Attacks.  I figured I would test one of the modules out.  The tough part was choosing which module to use.

Lucky for me, Metasploit rates the exploits and I found one rated 5 starts.  Signed Applet Social Engineering Code Exec.

Time to fire up the browser and go to the link the exploit was waiting on.  It looks like a pop up... do I click? 

and the trap has been set... 

 

The code executed and showed me I have 1 session loaded.

Now normally when using the framework, I would be loading extensions to get some hashes and other goodies.

This time I hit a button.  Click.  Metasploit Express returned a picture of my desktop and my password hashes.

 

 

You can get a 7 day demo of the application over at http://www.rapid7.com/contact/metasploit-express-contact.jsp

To see the updates released today click here: http://www.metasploit.com/redmine/projects/pro/wiki/Updates_341

 

Tuesday
Aug172010

Top 10 Most Dangerous Things you can do online

  • Checking the "Keep me signed in" box on public PCs

Although if you do leave this checked out, expect your Facebook profile to get some custom modifications all for FREE!!!!

  • Failing to update Microsoft Windows OS /Java / Adobe Reader / Adobe Flash

You don't have to update if you want to get pwned by a script kiddie.

  • Searching for celebrity gossip, incriminating material (i.e. sex tapes)

I maybe guilty of this one.  However I tunnel everything through SSH.

  • Using BitTorrent to download copyrighted software/film/TV shows

With Hulu and all the networks allowing you to stream, very few times would one need to do this with TV.  RC4 and TOR are your friends for the other times you download LEGAL SOFTWARE ONLY.

  • Searching for free porn

This is the reason why your computer gets messed up.  Forget all the other reasons.  This is the one right here.

  • Online gaming (free to play, social games on Facebook and beyond)

This is some advice which most will ignore.  Just don't download the "secret Farmville Cheat Application." 

  • Leaving Facebook privacy settings wide open, therefore exposing personal info to all

Openbook.com-  Check out what anyone can find about you.  Hopefully you find something good and juicy.  If you do, please share!

  • Connecting to unknown wireless networks

If you are on a network that isn't yours, you play by someone elses rules.  Public networks are public.

  • Using the same password for every single online account

You don't have to tell me your Facebook account password.  What is your Myspace one?

  • Trying to get a free iPad, PlayStation 3 or similar gadgets (scams/phishing)

There is nothing free in life.  Except a Punch in the face from me.  I will not charge for that!!!

 

The folks over at Gizmodo have the list as well as the things you can do to protect yourself.  http://gizmodo.com/5614047/the-top-ten-most-dangerous-things-you-can-do-online

 

Tuesday
Aug172010

McAfee kills Celeb Gossip Site

The site, imnotobsessed.com, was blocked by McAfee Security Products if you use Firefox. Interesting to note IE is safe. (insert joke here)

Vera the site owner notes: I'm dry heaving as we SPEAK!! Can't believe this happened!! I've left a dozen messages and am still waiting on a reply. Please be patient and excuse me while I rip my hair out.

http://www.imnotobsessed.com/2010/08/17/having-major-issues-with-mcafee-users

Even though you dish celeb dirt and we dish security dirt, we all feel this way when dealing with product #FAIL. Vera, Contact me and I can provide some contact information for the folks @McAfee who can fix this immediately. My wife loves your site and I have learned, "Happy Wife = Happy Life!"

Monday
Aug162010

Convert EXT2 or EXT3 to EXT4 Without Reformatting Your Hard Drive

If you've been running Linux for a while, you're probably using the now slightly-outdated EXT2 or EXT3 file system. LifeHacker shows you how to convert those formats to the newer, faster, EXT4 without doing a clean install.

 

http://lifehacker.com/5613333/convert-ext2-or-ext3-to-ext4-without-reformatting-your-hard-drive