Archive for May, 2014
scam Chris and Colin Weir -Donat​ion*SCAM
Beware of the email scam going around that falsely uses the name of famous EuroMillion winners, Chris and Colin Weir.
Remember, if it sounds too good the be true it probably is.  If Chris and Colin Weir did donate money it would not be via an email asking you for you contact information.
Here is the email below***********************************************************************
COLIN CHRIS WEIR

jackmc@embarqmail.com

With Great Honor, the family of  Chris and Colin Weir announces

their donation of 800,000.00 Great British Currency to you. Send
Name—
Address—
Mobile #—–
Age—–
Occupation—–

Congratulation to you.

***************************************************************************

The real story of of Chris and Colin Weir:

chris colin donation

chris colin donation

But the First Minister did suggest the Prime Minister would be in a “difficult position” if it was judged he did not “try his hardest” in the campaign.

The comments came after it emerged the pro-independence side had received £2.5 million in the past year from EuroMillions lottery winners Chris and Colin Weir.

Both campaigns also claimed a new poll showed the momentum was with them.

In a radio interview, Mr Salmond refused to say that Mr Cameron would have to resign if he became the prime minister who presided over the breakup of the Union.

More from HeraldScottland

*Scam United Nations Fund Verification Department*

*SCAM**

Subject: United Nations Fund Verification Department

You have been approved to receive a Grant/Donation of 800,000.00 GBP from the UN Development Programme 2014.

 TO FILE FOR YOUR CLAIMS

CONTACT;-

(United Nations Fund Verification Department)
Email: undevprogramme@e-mail.ua

****************************************************

These UN Fund Scams usually try to gather more and more information from you and attempt to earn your trust until they get bold enough to ask for money.

1.FULL NAMES OF DONATION BENEFICIARY:……………
2.RESIDENTIAL ADDRESS:…………………………
3.DATE AND PLACE OF BIRTH:………………………..
4.WINNING EMAIL:………………………………
5.PHONE/FAX NUMBERS:……………………………..
6.NAME AND ADDRESS OF NEXT OF KIN:…………………
7.SEX:………………………………………….
8.OCCUPATION:……………………………………
9.MARITAL STATUS:………………………………..
10.COUNTRY:……………………………………..
11.NATIONALITY:…………………………………..

scam paypal-customerfeedback.com

scam paypal – customerfeedback.com

**SCAM PayPal**

If you received on email with a paypal-customerfeedback.com link, its a scam.  Do not follow the link, do not respond:

As part of PayPal’s commitment to excellence, we invite you to share your experience about your interaction with our email customer support on May 19, 2014.
We place great value on your time, so this survey should take less than 5 minutes to complete. All feedback in addition to other information collected will be used in accordance with PayPal’s Privacy Policy. Survey answers may be tied back to respondents. In the survey, you will have the opportunity to opt out from being contacted regarding feedback.
Please visit the following website to complete the survey. Simply click on the web address below (or copy and paste the link into your browser):
https://www.paypal-customerfeedback.com/?cdxs4fym3t332f5&lng=en_US
We appreciate your participation and look forward to hearing from you.
John McCabe
Senior Vice President
Customer Service and Operations
HP0-M54 ArcSight ESM Security Analyst

History of ArcSight ESM Security Analyst Certification:

HP0-M54 ArcSight ESM Security Analyst (aka HP Technical Certified II – ArcSight Security Analyst 2012) took the place of ArcSight Certified Security Analyst (ACSA) aka ArcSight ESM Security Analyst (AESA).  The confusion on certification names comes from the acquisition of ArcSight by HP in 2010.  ArcSight had already created a certification for the ESM (admin and analyst), but once HP took it, they started to integrate it into their ExpertOne certifications.

I have noticed that companies look for the old ACIA/ACSA when they want an ArcSight certified professional not knowing that that cert no longer exists.

reference:  http://h10120.www1.hp.com/expertone/view_certifications.html

HP ArcSight ESM ArcSight Prerequisites:

To pass this exam, you should have at least 6 months experience using ArcSight ESM or successfully completed ArcSight ESM Security Analyst training. Exams are based on an assumed level of industry-standard knowledge that may be gained from the training, hands- on experience, or other pre-requisite events. You should also be knowledgeable about Common security devices and their functions, such as IDS & firewalls; network device functions, such as routers, switches, hubs, etc.; TCP/IP functions, such as CIDR blocks, subnets, addressing, communications, etc.; Basic Windows operating system tasks & functions; Possible attack activities, such as scans, man in the middle, sniffing, DoS, etc and possible abnormal activities, such as worms, Trojans, viruses, etc.; SIEM terminology, such as threat, vulnerability, risk, asset, exposure, safeguards, etc.; Security directives, such as Confidentiality, Integrity, Availability.

HP ExperOne does not list the Objectives for this cert for some reason (standard LACK of HP taking on too much business with too little staff IMHO).  Anyway, after taking this certification just make sure you have experience with each of the ArcSight Console Resources.  You should use each until you understand them because questions are about the resources.

How to take the HP0-M54 ArcSight Admin Cert

That certification can be taken through Pearson VUE.  You have to get an account with HP ExpertOne first.  HP issues an “HP Learner ID”

The test cost about 250USD and has about 75+ questions.

There are so many braindumps articles and “products” for this certification.  Its really unfortunate that HP has not done more to make this certification more relevant since ArcSight is the top SIEM in the world (circa 2014).  HP is trying but sometimes it seems they have more products and services than they can handle.  They did recently update HP0-M54 so thats positive.

If you are planning on taking this certification, you should think about NOT doing braindumps.  Get some actual experience with the product.  You can downloaded it for a free trial and play with it.  If you want to make money in as an ArcSight subject matter expert you will have to put in some real time and effort.  The test will not do anything for you without experience.

 

 

 

 

 

HP0-M55 HP0-M68 ArcSight ESM Administrator

History of ArcSight ESM Administration Certification:

HP0-M54 ArcSight ESM Security (aka HP Technical Certified II – ArcSight Security Administrator 2012).  Due to the acquisition of ArcSight by HP in 2010 and the recent move away from an Oracle backend, ArcSight ESM certifications have gone through almost yearly, back to back name changes.  What is now HP Technical Certified II – ArcSight Security Administrator used to be ArcSight Certified Integrator/Administrator (ACIA) aka ArcSight ESM Integrator/Administrator (AEIA).   And NOW, HP Technical Certified II – ArcSight Security Administrator expires 2 June 2014.  This certification cannot be acquired as of 2nd June 2014. The new certification is HP ATP – ArcSight ESM 6.5 Administrator V1 which is HP0-M68.

reference:  http://h10120.www1.hp.com/expertone/view_certifications.html

HP ArcSight ESM Objectives include:

  • Identify functions of ArcSight ESM components and perform steps to verify status and restart component services
  • Illustrate ArcSight connector basics
  • Identify primary types of storage in ESM and key components of event storage area, and understand retention policies
  • Describe how to use the ArcSight Console and how to configure the console preferences, and navigate within ESM resources
  • Depict how to use the Web Management Console to manage users and the CORR Engine (for NEW HP0-M68)
  • Identify files/folders that need to be backed up
  • Understand ESM authentication mechanisms and guidelines
  • Perform core ArcSight ESM administrative tasks
  • Identify stock content dashboards
  • Illustrate how to manage connectors (status, operation commands, dashboards, import/export configurations, upgrades)
  • Describe basic event management tasks
  • Identify basic troubleshooting tools, logs, and processes

 

How to take the HP0-M54 ArcSight Admin Cert

That certification can be taken through Pearson VUE.  You have to get an account with HP ExpertOne first.  HP issues an “HP Learner ID”

The test cost about 250USD and has about 75+ questions.

There are so many braindumps articles and “products” for this certification.  Its really unfortunate that HP has not done more to make this certification more relevant since ArcSight is the top SIEM in the world (circa 2014).  HP is trying but sometimes it seems they have more products and services than they can handle.  They did recently update HP0-M54 so thats positive.

If you are planning on taking this certification, you should think about NOT doing braindumps.  Get some actual experience with the product.  You can downloaded it for a free trial and play with it.  If you want to make money in as an ArcSight subject matter expert you will have to put in some real time and effort.  The test will not do anything for you without experience.

 

 

 

 

iTunes 11.2 Security hole
itunes sophos security issue

itunes sophos security issue

Sophos has discovered a security issue with iTunes 11.2.  Apple has is fixed the issue over the weekend.

According to Apple’s security bulletin:

The security issue has to do with a permissions issue that could allow anyone to modify local user accounts on a machine with Apple’s OS X.

 

 

Net Neutrality in the US: Now What?

Net Neutrality Explained:

 

Here is a direct link to the form –http://apps.fcc.gov/ecfs/upload/displ…

Here is a walkthrough if anything on the form is confusing to you –http://gizmodo.com/how-to-yell-at-the…

Let them know via Twitter as well – https://twitter.com/fcc

http://gizmodo.com/watch-this-net-neu…

Check me out on Facebook – www.facebook.com/alphaomegasin

Check me out on Tumblr – www.alphaomegasin.tumblr.com

My AlphaOmegaSin Subreddit – www.reddit.com/r/AlphaOmegaSin/

Check me out every week on the Hate Bit Podcast – www.youtube.com/hatebitpodcast

e-mail spoofing

Someone is sending an email to people on your contacts list claiming to be you.  They are trying to get your contacts to click a link or send personal information.  You are sure that you did not send the message.  This is called e-mail spoofing.  

What attackers do is to use some email spam software to anonymously send out emails to all the contacts on exploited email accounts.  This is sometimes done with an “anonymous remailer” reference: http://en.wikipedia.org/wiki/Anonymous_remailer

Why e-mail Spoof?

The motivation behind it is to conceal the emails original point of creation while at the same time using a list of your contacts (some of whom trust you) to get them to go to a site.  That site can have a variety of intentions.  Its not always about malware, the site can also be used as an aggressive blackhat marketing campaign to get people to go to a site or sell products and/or service.

But its also used for phishing attacks, network infiltrations, gathering insider information, and getting malware on systems.  Whether its advertising or malicious, e-mail spoofing is counting on the user to be unaware of the true nature of the email.

Taking Action

See if you account is just spoofed or hacked AND spoofed.  There is a difference.  If they are spoofing and somehow got all your contacts.. Honestly, SMTP (email) is not very secure by itself.  So there is not much you can do if your email gets spoofed except notify your contacts.  Imagine trying to stop someone from sending snail mail to your contacts with a return address that says its from you.. how do you stop that?  How would you even find out where they sent it from?

If you account is being actively infiltrated and THEN spoofed there is something you can do.

The first thing you should do is change your password.

If you changed the password and they still got in, then it may be that they changed your alternate email address.
A spammer may have altered your account information, allowing them to access your account again even after you change your password.
Visit your Account Information page. — yahoo
Go to Yahoo Account Page:
Click Choose how Yahoo contacts you under “Contact Information.”
Change the email address on file if you don’t recognize it.
– For help, see adding an alternate email address to your account.
How to check to see who recently accessed your account:

 

 

UNFCCC scam

There is a fraudulent document / phishing attack using UNFCC as a way to get people’s personal information.

The REAL UNFCC.

The United Nations Framework Convention on Climate Change (UNFCC) is a treaty that is developed at United Nations Conference on Environment and Development (aka Earth Summit).  There goal is to reduce the potential adverse affects that humans have on the Earth’s climate.  

FAKE UNFCC

Here is the fake form:

UNFCCC Scam pdf

To Celebrate the 18th Anniversary of the UNFCCC, the UN  is giving out a yearly award of $900,000 to 18 lucky recipients.

Below is your award information

Email Code number: UNFCCC/18/NMF/12

BATCH NO: (N-222-6747,E-900-56)

Amount WON: US$900,000.00

PRIZE CLAIMING INSTRUCTIONS:

  1. name…
  2. Country..
  3. Contract Address..
  4. Telephone Number..
  5. Fax Number
  6. Marital Status
  7. Occupation
  8. Date of Birth
  9. Sex
  10. Alternative Email Address

As you can see the form as asking for personal information.

Consultant contact details:

Name: Prof. Michael Clarke

Tel: +44 703 593 7829

Emails: Prof.clarkemichael@outlook.com

Prof.michaelclarke@outlook.com

thailand phone

“66” is the country code for Thailand.  This phone is in Chon Buri (code 33,38).   Thailland codes here:

http://en.wikipedia.org/wiki/Telephone_numbers_in_Thailand

thailand phone pattaya

thailand phone pattaya

Making international/national calls when in thailand:

http://www.justlanded.com/english/Thailand/Thailand-Guide/Telephone-Internet/Making-a-call