Tuesday, December 29, 2020

Apple Phishing Email - Re: [Ticket #:xxxxx] M‌or‌e Inf‌o‌rma‌t‌i‌on Update Requ‌i‌red‌

For the record, the Apple Phishing email is going around with subject Re: [Ticket #:xxxxx] M‌or‌e Inf‌o‌rma‌t‌i‌on Update Requ‌i‌red‌


What to do?  Report them, goto bottom of page.



From : i‌C‌l‌ou‌d ‌‌I‌‌D <securityaccount.xxxx@za1h5xrgprmsb.com>

Subject :  Re: [Ticket #:xxxxx] M‌or‌e Inf‌o‌rma‌t‌i‌on Update Requ‌i‌red‌

‌‌‌A‌c‌c‌o‌u‌n‌t l‌o‌c‌k‌e‌d notifi‌‌‌cation





Phishing Links

  1. https://gladysstore.us7.list-manage.com/track/click?u=xxx&id=xxx&e=xxxx

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.

  3. The best way is to look at message source, see below.

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Report Phishing Email To Apple

  1. After writing and reporting these phishing attempts to Apple (abuse@icloud.com), they just blocked my email address after 5 such notifications. Sham on Apple, denial is not a strategy. Just like your products don't need antivirus, what a joke. Be aware folks. 


Wednesday, December 23, 2020

DOS Command Line - Timethis.exe is a Microsoft utility that times how long a command runs

Timethis.exe - Windows 2000 Resource Kit Utility

Utility  Description
 
Timethis.exe - Time This  

Time This times how long it takes the system to run a given command. You provide as a parameter the name of the command you want to run and time. Time This runs the specified command, then reports the start and finish time for the command, and how long it took to run, in HH:MM:SS.TTT format.


Windows 2000 Resource Kit Utility is no longer available for download, but you can get it at wayback machine (internet archive)

http://web.archive.org/web/20031218225021/http://download.microsoft.com:80/download/win2000platform/timethis/1.00.0.1/NT5/EN-US/timethis_setup.exe

The installer did not work for me, but you can get the timethis.exe by unzip the file successively.

...\timethis_setup\timethis\compmgmt\TIMETHIS.EXE

copy to C:\windows

Usage: 

c:\> timethis dir

Output:

C:>timethis dir
...
TimeThis :  Command Line :  dir
TimeThis :    Start Time :  Wed Dec 23 12:29:38 2020
TimeThis :      End Time :  Wed Dec 23 12:29:39 2020
TimeThis :  Elapsed Time :  00:00:00.077

Sunday, December 20, 2020

C# .NET The most common flaw type in .NET applications was information leakage

Information leakage was most common flaw type for .NET. To review, Information Leakage is a type of security flaw that can allow malicious user s to reveal confidential information from within an application.

Here's a primer - Information Leakage Tutorial (veracode.com).





















Source of image, full PDF - state-of-software-security-volume-11-flaw-frequency-by-language.pdf (veracode.com)

Thursday, December 17, 2020

Walmart Phishing Email with subject Answer and Win

 For the record, this is an Walmart phishing email attempt that is recently going around, with subject "Re: Answer & Win


What to do?  Report them, goto bottom of page. 


From : Playstation5 <zulily62@e.zulily.com>
Subject : 
Re: Answer & Win




PHISHING LINKs;

1. Hover over image
https://storage.googleapis.com/sdffsdfsd/clickply.html

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.
  3. The best way is to 

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have received this email take further 

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Wednesday, December 16, 2020

Amazon phishing email with subject Re: Invoice Payment Transaction : RenewaI Prime Membership was canceIed - Your payment scheduIed renew on

For the record, this is an Amazon phishing email attempt that is recently going around, with subject "Re: Notification from Am‍a‍zon: Your account is on hold due unusual login was found on your activity - Action is required to continue shopping with Am‍a‍zon

What to do?  Report them, goto bottom of page. 


From : Amazon Prime <donoreplyxxxxxxxxxxx@panganturumaning.com>
Subject : 
Re: Invoice Payment Transaction : Renewal Prime Membership was canceled - Your payment scheduled renew on {Today's Date}



PHISHING LINKs;



How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.
  3. The best way is to 

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have recievied this email take further 

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Thursday, December 3, 2020

How to fix Outlook desktop app account problems with Outlook.com or Hotmail.com blocked, stopped, not working, authentication problems

Recently, my Outlook desktop app client started to have authentication problems for my hotmail.com / outlook.com emails and I though initial it was due to outdated setting see below. But it was not, that was not the cause of the problem. 

Update Thu 11-Feb-21 9:00pm - MetadataConsulting.ca: How to check Outlook desktop app account connection problems with Outlook.com or Hotmail.com blocked, stopped, not working, authentication problems

Seems using my Kasperky VPN has cause spam and fraud rules to triggered on Microsoft mail servers. So any IP address using this service are blocked.

MAIL FROM from SMTP Server : 550 5.7.1 Unfortunately, messages from [xxx.xxx.xxx.xxx] weren't sent. 
Please contact your Internet service provider since part of their network is on our block list (S3150). 
You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. 
[BN7NAM10FT050.eop-nam10.prod.protection.outlook.com]

(I wish they had a application level authentication token that would get around this.)

However, if you are connecting from different countries or IP addresses (if you are a mobile worker for example) you will like trigger the following warning.

outlook.office365.com is complaining of suspicious activity and has temporarily blocked access.  

Solution: Login into hotmail.com or outlook.com email via your browser and then your Outlook desktop client will work. 


Double check these new server settings as well. 

There are new server settings, and available here for reference :  https://support.microsoft.com/en-us/office/pop-and-imap-email-settings-for-outlook-8361e398-8af4-4e97-b147-6c6c4ac95353

New server settings

Outlook.com

Hotmail.com

Live.com

IMAP Server: outlook.office365.com

Port: 993

Encryption: SSL/TLS

POP Server: outlook.office365.com

Port: 995

Encryption: SSL/TLS

SMTP Server: smtp.office365.com

Port: 587

Encryption: STARTTLS

Goto E-mail accounts and edit your existing connection to use the above setting, below is for POP/SMTP settings. Change to new setting in above table


Use TLS, if you cannot choose both under "More settings....."