Wednesday, January 30, 2019

Apple Phishing Email - Re: [Alert Review Apple] [Team Support Reminder Notices] Sitzung: Überprüfen und aktualisieren Sie Ihr Konto

For the record, this is an Apple phishing email attempt that is recently going around and made it through spam filters. What to do?  Report them, goto bottom of page.


From : no-reply@apple.com 


Subject
 :
Re: [Alert Review Apple] [Team Support Reminder Notices] Sitzung: Überprüfen und aktualisieren Sie Ihr Konto - CASE ID=xxxxxxxx KLM#RE:xxxxxxxx/Este es un mensaje o sistema automático para la actualización de la cuenta de identificación.


It contains infected pdf file: Apple-ID-DocumentVerify854641.pdf

Download contains Trojan.BADUR, do not download. But here's  a preview.



PHISHING LINKs;  

1. https://go2.link/filter

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the apple.com site then forget it.

  3. The best way is to look at message source, see below.

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (downarrow to top right)->Report Phishing 

Report Phishing URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Report phishing emails to Apple 

Forward the email to abuse@icloud.com. This provides Apple's legal department and law enforcement with useful information to help prevent future phishing emails.

Tuesday, January 29, 2019

Windows Media Player loosing song titles for Windows 7 bummer


Going forward, you may be unable to view information (metadata) such as the title, genre, and artist for songs, and the director, actors, cover art, and TV guide for movies in Windows Media Center and Windows Media Player. After looking at customer feedback and usage data, Microsoft decided to discontinue this service. This means that new metadata won’t be updated on media players that are installed on your Windows device. However, any information that’s already been downloaded will still be available. 
This change doesn’t affect any major media player functionality such as playback, navigating collections, media streaming, and so forth. Only secondary features that require downloading of new metadata are potentially affected.
Windows Media versionOperating systemAffected by this change?
Windows Media Center  
 Windows 8.1Yes
 Windows 8Yes
 Windows 7Yes
Windows Media Player  
 Windows 10No
 Windows 8.1No
 Windows 8No
 Windows 7Yes

Source: 
https://support.microsoft.com/en-hk/help/4488539/changes-metadata-services-windows-media-center-media-player

Thursday, January 24, 2019

Komodo Editor vs VS Code editing PHP - 2019 Brief Review

VS Code editor is now becoming the most versatile editor. It just beat the long standing competition Komodo Edit for the defacto PHP editor, hands down!

With new version VS Code 1.30 the Goto Definition and Peek Definition functions are working properly for PHP! 


And the best feature, is the breadcrumb feature (1.) which indicates which function you are living in, a huge boon to productivity. 

























Komodo Edit, does not have Peek Definition or breadcrumb feature (1.). The Goto Defintion works same for both, going to first instance of the declared variable ($output) in screen shot below.




Sunday, January 20, 2019

Recent Sextortion email SPAM scam fakes, uses your contact friends email list against you

For the record, here's a recent sextortion SPAM email. In the past sextortion scam emails would just include a target's password that the attackers found from a data breach dump in order to scare the victim into thinking that the threats were real, to some site they mayhave visited, particularly if naughty.


Now the scammers are also pretending to have access to the target's email account by spoofing the sender of the scam email to be the same email as the victim.

This email has been recent circulating with Subject : Your Account Naftglow



Do not fret, they have not hacked your account. But it may have been in the past, check here https://haveibeenpwned.com/.

From: "Known Friend" <blidmov.slootsnag@smtp-out.collegedigs.com>
Date: January 17, 2019 at 10:16:39 AM PST
To: "YOU" <your.email@address.com>
Subject: your account naftglow




You mау nоt know me аnd уоu аrе prоbably wоndеring whу you аrе getting this e mаil, right?
I'm а haсker who crаcked уоur dеvices a few months аgо.
I sent you an emаil from YOUR hаcked acсоunt.
I setup a malware оn the adult vids (pornо) wеb-site аnd guеss whаt, yоu visited this sitе tо hаvе fun (yоu knоw whаt I mеan).
Whilе уоu werе watching vidеоs, уоur intеrnеt browsеr stаrted оut funсtiоning as a RDP (Remоtе Control) hаving a kеуlogger which gave me aсcessibility tо уour scrеen аnd web саm.
аfter that, mу sоftwаrе program оbtainеd аll of уоur contaсts аnd filеs.

You еnterеd a passwоrds on thе websites уou visited, and I intеrсepted it.

Of coursе уou сan will сhаngе it, or alrеаdy сhanged it.
But it dоesn't mаtter, my mаlwаrе updаted it еvеry timе.

What did I dо?

I сrеated а double-screen vidеo. 1st pаrt shоws the vidеo yоu werе watching (yоu'vе got a good taste hahа . . .), аnd 2nd pаrt shоws the rесоrding оf уour web cаm.
Do not try to find аnd dеstroy mу virus! (All your data is аlrеadу uplоadеd tо a rеmоte sеrvеr)
– Do not trу tо сontaсt with me
– Variоus seсuritу serviсеs will not hеlp уоu; fоrmatting а disk оr destroying a dеvicе will nоt help eithеr, sinсе уоur dаta is аlready on a rеmotе sеrvеr.

I guаranteе уоu thаt I will not disturb yоu again aftеr payment, as уоu arе nоt my single victim. This is a hасkеr code of honоr.

Don’t be mаd аt mе, еverуоne has thеir own wоrk. 
eхactly whаt shоuld you dо?

Wеll, in mу opinion, $895 (USD) is а fair pricе for our little sеcret. You'll mаkе thе pаymеnt bу Bitсоin (if уоu do nоt know this, search "hоw tо buу bitcоin" in Gооglе).

My Bitсоin wаllet Addrеss:
14JLSAk9TKR6hVFswC6oRPoeAcydSecLFX

(It is cAsE sеnsitivе, sо copу аnd pаstе it)

Impоrtаnt:
You havе 48 hоur in оrder to mаkе the paуmеnt. (I've а facebоok pixеl in this mаil, аnd at this moment I know that уоu have read through this еmail mеssage).
To traсk thе reading of a messаge and the асtions in it, I usе thе fаcеboоk piхеl.
Thаnks to thеm. (Evеrуthing thаt is used fоr thе аuthoritiеs can hеlp us.)
If I dо nоt gеt thе BitCоins, I will cеrtаinly sеnd оut уour video rесording to аll of уоur contacts including relativеs, coworkеrs, аnd so on. Hаving said thаt, if I reсеivе the paуmеnt, I'll dеstrоy the vidеo immidiаtеly.
If уоu need evidеnсе, replу with "Yes!" аnd I will certаinly sеnd out yоur video reсоrding to your 6 cоntаcts. It is а non-nеgоtiаble offеr, thаt being sаid don't wastе my pеrsonal timе аnd уоurs by rеspоnding to this mеssagе.

Thursday, January 3, 2019

Microsoft Sets A New Employee Interview Standard Process

Hey companies wake up and smell the coffee, Microsoft has.












Microsoft has however been making an effort to improve their hiring process to make it more useful and inclusive, leading to what Microsoft has called the ‘Alternative Interview Framework’ which has the following 8 elements:

  1. Share the interview in advance
    Candidates are given the problem to be solved in advance so they can do research a few days before the interview.  This mirrors the real world, where problems are rarely a surprise.
  2. Use a real problem
    Candidates are tested on solving real-world problems such as improving customer satisfaction, increasing retention or boosting usage of a service or feature. This helps foster a collaborative conversation.
  3. Give access to data
    Candidates are given access to the same information Microsoft is working from, and during the interview, they are free to search the internet or ask for more data. This includes supplying a candidate with our customer research, usage data, designs and mock-ups.
  4. ....
Source
https://mspoweruser.com/microsoft-drops-brain-teasers-from-employee-interview-process/

Tuesday, January 1, 2019

OneDrive 2019 Direct File Download URL Maker






Microsoft OneDrive Direct File Download URL Maker




<iframe src="https://onedrive.live.com/embed?cid=8F99649728BEB2F3&resid=8F99649728BEB2F3%211010&authkey=AFo8ZQ_-qj84DEQ" width="98" height="120" frameborder="0" scrolling="no"></iframe>  see instructions below, if you don't know how. NOTE : For images there an extra step below.



https://onedrive.live.com/embed?cid=8F99649728BEB2F3&resid=8F99649728BEB2F3%211010&authkey=AFo8ZQ_-qj84DEQ and populate the text-box below. To proceed click "Get Download Link" button.



4. Now, Click on Get Download Link button.


Text-box will be highlighted so you can copy the full link. To copy, right-click and choose  "Copy" or simply (ctrl-c) to copy link. Note: Entire URL is automatic selected for your convenience.





 



For Images, you get a direct url
  1. Right-click on image and select Embed. The Copy the URL to embed image now gives you direct download URL, but is super long.

    So you do not need to do the above!