Tuesday, December 29, 2020

Apple Phishing Email - Re: [Ticket #:xxxxx] M‌or‌e Inf‌o‌rma‌t‌i‌on Update Requ‌i‌red‌

For the record, the Apple Phishing email is going around with subject Re: [Ticket #:xxxxx] M‌or‌e Inf‌o‌rma‌t‌i‌on Update Requ‌i‌red‌


What to do?  Report them, goto bottom of page.


From : i‌C‌l‌ou‌d ‌‌I‌‌D <securityaccount.xxxx@za1h5xrgprmsb.com>

 Subject :  Re: [Ticket #:xxxxx] M‌or‌e Inf‌o‌rma‌t‌i‌on Update Requ‌i‌red‌

‌‌‌A‌c‌c‌o‌u‌n‌t l‌o‌c‌k‌e‌d notifi‌‌‌cation



Phishing Links

  1. https://gladysstore.us7.list-manage.com/track/click?u=xxx&id=xxx&e=xxxx

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.

  3. The best way is to look at message source, see below.

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Report Phishing Email To Apple

  1. After writing and reporting these phishing attempts to Apple (abuse@icloud.com), they just blocked my email address after 5 such notifications. Sham on Apple, denial is not a strategy. Just like your products don't need antivirus, what a joke. Be aware folks. 


Posted by metadataconsulting (profile) at 7:00 AM 0 comments

Wednesday, December 23, 2020

DOS Command Line - Timethis.exe is a Microsoft utility that times how long a command runs

Timethis.exe - Windows 2000 Resource Kit Utility

Utility  Description
 
Timethis.exe - Time This  

Time This times how long it takes the system to run a given command. You provide as a parameter the name of the command you want to run and time. Time This runs the specified command, then reports the start and finish time for the command, and how long it took to run, in HH:MM:SS.TTT format.


Windows 2000 Resource Kit Utility is no longer available for download, but you can get it at wayback machine (internet archive)

http://web.archive.org/web/20031218225021/http://download.microsoft.com:80/download/win2000platform/timethis/1.00.0.1/NT5/EN-US/timethis_setup.exe

The installer did not work for me, but you can get the timethis.exe by unzip the file successively.

...\timethis_setup\timethis\compmgmt\TIMETHIS.EXE

copy to C:\windows

Usage: 

c:\> timethis dir

Output:

C:>timethis dir
...
TimeThis :  Command Line :  dir
TimeThis :    Start Time :  Wed Dec 23 12:29:38 2020
TimeThis :      End Time :  Wed Dec 23 12:29:39 2020
TimeThis :  Elapsed Time :  00:00:00.077
Posted by metadataconsulting (profile) at 6:00 AM 0 comments

Sunday, December 20, 2020

C# .NET The most common flaw type in .NET applications was information leakage

Information leakage was most common flaw type for .NET. To review, Information Leakage is a type of security flaw that can allow malicious user s to reveal confidential information from within an application.

Here's a primer - Information Leakage Tutorial (veracode.com).





















Source of image, full PDF - state-of-software-security-volume-11-flaw-frequency-by-language.pdf (veracode.com)

Posted by metadataconsulting (profile) at 6:00 AM 0 comments
Subscribe to: Posts (Atom)