WEBINAR: GSA, DHS, NIST on personal mobile security, THU 11/10 (CPEs)

Securing and managing agency mobile apps.
WEBINAR, THU 11/10, Complimentary, CPEs

This important video webinar will explore how mobile apps
rapidly expand in agency networks and how agency experts
limit security risks while they manage mobile Web devices
to drive agency productivity and mission achievement.

REGISTRATION AND INFO
https://goto.webcasts.com/starthere.jsp?ei=1123951&sti=emc

ALTERNATE REGISTRATION LINK:  http://www.FedInsider.com

WEBINAR TOPIC
The Framework for Mobile Security in Government

DATE: THU 11/10
TIME: 2:00 PM ET / 11:00 AM PT
DURATION: 1 hour
CPE: 1 CPE from the George Washington University,
Center for Excellence in Public Leadership
COST: Complimentary

SPEAKERS
– JON JOHNSON, Enterprise Mobility Team Manager, GSA

– VINCENT SRITAPAN, Program Manager, Cyber Security
Division, DHS Science and Technology (S&T) Directorate

– JOSHUA FRANKLIN, Information Security Engineer, NIST

– JOHNNY OVERCAST, Director of Government Sales, Samsung
Electronics America

– TOM TEMIN, Host and Managing Editor, The Federal Drive,
Federal News Radio 1500 AM

PRESENTED BY: WTOP, Federal News Radio, FedInsider News,
and The George Washington University Center for
Excellence in Public Leadership

*** OTHER GOVT-INDUSTRY CPE CREDIT EVENTS IN THE SERIES ***
Visit http://www.fedinsider.com

CART services provided for captioning for all webinars.

Looking forward to meeting you online!

Peg Hosky, President

Email: peg@hosky.com
Phone: 202-237-0300
http://www.FedInsider.com
LinkedIn: http://www.linkedin.com/in/peghosky
Twitter:  @peghosky

FedInsider News
3811 Massachusetts Avenue NW
Washington DC 20016
F10-171912

Passive Income with my24hourincome (part 1)

Thank you Lu+Toiya for introducing me to an amazing, life changing system created by visionaries Drew Burton and Faheem Rajput.*

I met this crazy couple on Youtube who introduced me to something that that changed the direction of my life, career and goals. What a blessing! It is called my24hourincome and it is a revenue sharing program.

I thought this was an MLM or Network marketing but it is not. Revenue sharing is the distribution of profits and losses between stakeholders. Apparently, this is a thing! It is going to be a really big thing. You have to try it to see for yourself the growth potential.

Join US: https://www.my24hourincome.com/ref/br

cvs pharmacy scam gift card

scam Gift Central for CVS

We received an email with the title: “Gift Central for CVS” from <giftingcentral@iredrodeset.weirdslugs.xyz> this email has a link that may lead to malware or phishing sites.

The email states:

Hello

This is Jim from the Rewards Counter.
A friend left you a $1,000 CVS Gift!
No need to thank them. Just need to claim it.

Claim and Ship your CVS Gift-Card Now!.

Important!! If this continues to lay around.
We may be forced into closing the option to claim it.
Please activate your special
$1,000 CVS Gift.

Thank you for being a valued member!

Sincerely,

Jim
Rewards Counter

Please try the new McDonalds menu entirely free SCAM

SCAM Please try the new McDonalds menu entirely free!

If you receive an email offering “New McDonalds Meunu entirely free”.  This email may have phishing/malware links.  The message in the email states:

We want you to try the new menu! And to show our appreciation we are willing to give away this $100 gift card!

Just take this breif survey and get a free $100 gift card to try the new menu!

The link within the email leads to a browser extension called Piggy.  Which is very intrusive.  

 

walgreens scam

Notice:Walgreens Points for elamb.security are expiring soon scam

Notice:Walgreens Points for YOUR EMAIL are expiring soon scam

Your Walgreens-Points are expiring. You have accumulated $50 in Walgreens Rewards. You must claim by January 31, 2016.

Your Redemption Code: #R561875

 

virusTotal detects possible malware:

URL Scanner Result
BitDefender Phishing site
ADMINUSLabs Clean site
lottery scam

SCAM – USA INTERNATIONAL LOTTERY

Here is a classic scam.  There are so many of these Internet Lottery scams:

We happily announce to you the draw of the USA INTERNATIONAL LOTTERY, online Sweepstakes promotion held in United States of America on Saturday 16th Jan. 2016. You have been allocated to claim a total sum of £520,731.00 (Five Hundred and Twenty Thousand, Seven Hundred and Thirty One British Pounds) with ticket number: B55607545 4152 with reference number USA/JA2C110P5 and Serial number ZA5365/3 ,Batch number XA87-2PY,drew the lucky numbers: 06 14 32 35 41 Bonus 43. Contact our Fiduciary agents immediately to commence release of your lottery prize by providing details as listed below. 1. Full Name: 2. Email Address: 3. Age/Occupation: 4. Reference Number/Ticket Number 5. Phone Number: 6. Country: 7. Date of draw To file for your claim, please contact our fiduciary agent and provide them with your winning email and details as above. USA Lottery Fiduciary Agents: Mr. Phil Langa Foreign Service Manager E-mail: phil.langa@aol.com Yours faithfully, Teresa Marie Roberts. Online coordinator USA INTERNATIONAL LOTTERY

WordPress hack plugin GroupDocs

One of my wordpress blogs got hacked.  I was notified by google

I was apprehensive about accessing the site from my computer so i checked it out from my smartphone.  I figured most current malware attempts to download and install on windows systems, but are usually not smart enough to infect two different platforms (windows AND android).  The site seemed fine, but I am sure there is something wrong.  So I logged into the server.  The dates look a little suspcious but I the actual php files looked find.

I noticed a pattern with the dates that the files were access.  I am seeing scores of files/folders that have been “touched” and have the same date/time stamp Nov 22, 2015 12:00.  You only see that many files changed at once when a script does it.  I focused on those files and I can see that MOST of the Nov 22 1200 date/time stamps are on ONE plugin:   plugin GroupDocs.  I look at the error log:

INFO Started brute forcing.

INFO checking: drinkmusiccity.com, david, david
INFO checking: farmofpeace.com, salima, salima
INFO checking: fayjames.com, fay, fay
INFO checking: fantasyassembly.com, kevin-j, kevin-j
INFO checking: fionaraven.com, fiona, fiona
INFO checking: fishinglakes.com, Colby, Colby
INFO checking: firetown.com, firetown, firetown
INFO checking: fontainetours.com, claudia, claudia
INFO checking: foreverboundadoption.org, designteam, designteam
INFO checking: fotoparisberlin.com, amelie, amelie
INFO checking: frabonisdeli.com, bennett-fraboni, bennett-fraboni
INFO checking: freeloveforum.com, anne, anne
INFO checking: funkatech.com, incyte, incyte
INFO checking: futurist.com, brenda-cooper, brenda-cooper
INFO checking: futebolnas4linhas.com, ingrid-carvalho, ingrid-carvalho
INFO checking: freedomnewton.com, pastorc, pastorc
INFO checking: k-bell.co.jp, kohei, kohei
INFO checking: katrinakaif.co.uk, harish, harish
INFO checking: kcfw.de, c-mohr, c-mohr
INFO checking: kazu.co.nz, staff, staff
INFO checking: keneally.com, samcniotktaetl, samcniotktaetl
INFO checking: keratoconus.com.au, jim, jim
INFO checking: fundacjadantian.com, fundacjadantian, fundacjadantian
INFO checking: kibi-group.com, kibi, kibi

I look up the plugin GroupDocs.  I has had a MAJOR compromise:

https://wordpress.org/support/topic/beaware-this-plugin-attracts-hackers

It is being used as a backdoor into WordPress.  Honestly, I don’t remember even installing it.  I am not sure if it came with the theme I installed or what.  I start checking all more other blog’s plugins.  I don’t see it any where else.  Upon further inspection of the plugin, I can clearly see the PHP backdoor code:

sending: {
  "type" : "WPBF_RESPONSE",
  "linkPasses" : [
    {
      "site" : "farmofpeace.com",
      "user" : "salima",
      "pass" : "salima"
    },

    {
      "site" : "i-entertainment.co.uk",
      "user" : "nicolai2014",
      "pass" : "nicolai2014"
    },

    {
      "site" : "020haopai.com",
      "user" : "siteadmin",
      "pass" : "siteadmin"
    },

    {
      "site" : "zargarcarpet.com",
      "user" : "akeel",
      "pass" : "akeel"
    },

    {
      "site" : "haubstadtsommerfest.com",
      "user" : "joeyconti",
      "pass" : "joeyconti"
    }
  ]
}

Starting brute forcing WordPress
CURRENT TIME: 2015-11-20 15:47:06
CURRENT TIME: 2015-11-20 15:47:37
CURRENT TIME: 2015-11-20 15:48:08
CURRENT TIME: 2015-11-20 15:48:39
Child dead. Reading response: 
Done. read: 0 bytes


The Fix Action:

Warning fake google chrome update

**Sent from a subscriber**

I was surfing the Internet and I found following bad link: http://www.1zoom.net/ Cities /wallpaper/306150/z904/

internet-fraud

As I was trying to move my cursor to get out of the site, another tab popped up saying that I must update my google chrome.  I closed it.  internet-fraud-2

I tried opening the tabs once more with the website to confirm if my suspicion was right.  It led me to another tab that was asking me to download a software in my toolbar.  I have not taken the screenshot on that one.  I went back to my computer history to search for that specific link and it was not there anymore.  A warning of a virus appeared in my screen. That is really scary. Always be cautious and careful while browsing online.

internet-fraud-4

1 2 3 125