SEARCH

  • [:en]Recent Posts[:af]Onlangse bydraes

  • [:en]Categories[:af]Kategorieë

  • [:en]Archives[:af]Argiewe

Security

« Older Entries
Newer Entries »

[:en]Phishing attack on same day as migration of Tygerberg accounts[:af]Phishing attack on same day as Tygerberg accounts were migrated[:]

Friday, March 4th, 2016

Today, between 07:00-08:00 the Tygerberg personnel accounts were migrated to the STB domain. E-mail, logins, etc. were affected and hopefully most of you were moved with relatively few issues.

The phishers do not stop their attacks and e-mails to try to get you to reveal your usernames, passwords etc,  and still flood many people’s mailboxes.

However, today there was another attack, which is particularly sinister, because apparently it is from from “HELPDESK” and asks you to log in to a page and give your username and password so you can enjoy the *improved* services. It is sent from the “Webmail Upgrade Team”.

An unfortunate coincidence that on the same day we are migrating, we receive a phishing scam about “upgrading”, hence its danger to Tygerberg.

Please don’t respond, or go to the site that you are being asked to go to. Do not fill in your username, password or ANY other details on any site. The Stellenbosch University Information Technology migration took place without there being any need for users to provide user names and passwords. Any issues with the migration can be reported telephonically to the IT Helpdesk at 021-8084367.

Here is an example of the phishing mail that many are receiving. If you are in doubt about any e-mail you receive, call your local computer geek or at least ask the IT HelpDesk.

—–Original Message—–

From: Webmail Upgrade Team [mailto:phisher@scam.com]

Sent: 03 March 2016 12:23 PM

Subject: HELP DESK

ATTN: Outlook Web Access User,

Take note of this important update that our new webmail has been improved with a new messaging system from Outlook Web Access which also include faster usage on email, shared calendar,web-documents and the new 2016 anti-spam version. Please use the outlook web access link below to complete your update for our new Outlook Web Access improved webmail.

http://link.to.phishing.site/

NOTE: Failure to do this within 24 hours of receiving this notice we will immediately render your Outlook Web App account deactivated from our database and you cannot hold us responsible since you fail to adhere to our request.

___________________

Regards,

IT Service Desk Support.

Admin Team

Miss Annie Phisher

[INFORMATION SUPPLIED BY DAVID WILES]

 

 

Email

Tags: ,
Posted in E-mail, Security | Comments Off on [:en]Phishing attack on same day as migration of Tygerberg accounts[:af]Phishing attack on same day as Tygerberg accounts were migrated[:]

[:en]Trojans still dangerous in modern times[:af]Trojane ook in moderne tye gevaarlik[:]

Thursday, March 3rd, 2016

[:en]

horse-220321_960_720Trojans are malicious programmes pretending to be legitimate software, but they actually carry out hidden, harmful functions.

It pretends to do one thing, but actually does something different, without your knowledge. Popular examples are video codecs that some sites require to view online videos.

When a Trojan codec is installed, it may also install spyware or other malicious software. Another example is a malicious link that says “Cool Game.” When you download and install the game program, it turns out not to be a game, but a harmful Trojan that compromises your computer or erases the data on your hard drive.

Trojans are often distributed with pirated software applications and keygens that create illegal license codes for downloadable software. (See Backdoor Trojan)

A backdoor Trojan allows someone to take control of a user’s computer without their permission.

It may pose as legitimate software to fool users into running it. Alternatively—as is increasingly common—users may unknowingly allow Trojans onto their computer by following a link in spam email or visiting a malicious webpage.

Once the Trojan runs, it adds itself to the computer’s startup routine. It can then monitor the computer until the user is connected to the Internet. When the computer goes online, the person who sent the Trojan can perform many actions—for example, run programs on the infected computer, access personal files, modify and upload files, track the user’s keystrokes, or send out spam email.

Well-known backdoor Trojans include Netbus, OptixPro, Subseven, BackOrifice and, more recently, Zbot or ZeuS.

To avoid backdoor Trojans, you should keep your computers up to date with the latest patches (to close down vulnerabilities in the operating system), and run anti-spam and antivirus software. 

Take note that information below is an extract from the Sophos Threatsaurus, compiled by Sophos, a security software and hardware company.

[:af]

horse-220321_960_720Trojane is vyandige programme wat voorgee dat hulle wettig is, maar eintlik voer hulle skelm skadelike aksies uit.

Dit veins een handeling, maar doen werklik iets heeltemal anders, sonder jou medewete. Gewilde voorbeelde is die video-kodek (codec) vereis deur sommige webwerwe om videos aanlyn te kyk. 

Wanneer `n Trojaanse kodek installeer word, kan dit ook loerprogramme (spyware) of ander vyandige sagteware installeer. Nog `n voorbeeld is `n kwaadwillige skakel wat sê “Cool Game”. Wanneer jy die “speletjie” aflaai en installeer, is dit nie `n speletjie nie, maar `n skadelike Trojaanse virus wat jou rekenaar onbeskermd laat of alle data op jou hardeskyf uitvee.

Trojaanse virusse word dikwels versprei met behulp van roofsagteware en programme wat onwettige lisensieëringskodes genereer vir aflaaibare sagteware. 

`n Trojaanse agterdeur-virus laat iemand toe om `n gebruiker se rekenaar oor te neem sonder sy toestemming. 

Weereens kan die sagteware hom voordoen as wettig en derhalwe gebruikers mislei om dit te inisieer. Dis ook deesdae algemeen dat gebruikers onwetend Trojaanse virusse op hulle rekenaars laat kom deur op skakels te kliek in gemorspos of kwaadwillige webwerwe te besoek. 

Sodra die Trojaanse virus aktiveer is, voeg dit homself toe in die rekenaar se aanvangsroetine (startup) Dit monitor dan die rekenaar totdat die gebruiker aan die internet verbind. Wanneer die rekenaar aanlyn gaan, kan die persoon wat die Trojaanse virus gestuur het, verskeie aksies uitvoer. So kan hy programme loods op die aangetaste rekenaar, toegang kry tot persoonlike leêrs, leêrs oplaai en wysig, gebruikers se sleutelslae naspeur of selfs gemorspos namens die gebruiker uitstuur.

Bekende Trojaanse agterdeur-virusse sluit Netbus, OptixPro, Subseven, BackOrifice, Zbot en ZeuS in.

Om hierdie risikos te vermy, sorg dat jou rekenaar altyd op datum is met die nuutste sagteware-opdaterings (om swakplekke in die bedryfstelsel te voorkom) en voer gereeld anti-gemorspos en -virus sagteware uit. 

Neem kennis dat bostaande inligting ʼn uittreksel is uit die Sophos Threatsaurus, saamgestel deur Sophos, ʼn sekuriteit-sagteware en -hardeware maatskappy.

[:]

Email

Tags:
Posted in Security | Comments Off on [:en]Trojans still dangerous in modern times[:af]Trojane ook in moderne tye gevaarlik[:]

[:en]History of malware, Trojans and worms (Part 2)[:af]Geskiedenis van malware, Trojaanse virusse en wurms[:]

Thursday, March 3rd, 2016

[:en]

Last time we explored the more unknown viruses, Trojans and worms, up to 1985. Now we start off in 1986, where most histories do, with the first PC virus.

1986 The first virus for PCs
The first virus for IBM PCs, Brain, was allegedly written by two brothers in Pakistan, when they noticed that people were copying their software. The virus put a copy of itself and a copyright message on any floppy disk copies their customers made.

1987 The Christmas tree worm
This was an email Christmas card that included program code. If the user ran it, it drew a Christmas tree as promised, but also forwarded itself to everyone in the user’s address book. The traffic paralyzed the IBM worldwide network.

1988 The Internet Worm
Robert Morris, a 23-year-old student, released a worm on the US DARPA Internet. It spread to thousands of computers and, due to an error, kept re-infecting computers many times, causing them to crash.

1989 Trojan demands ransom
The AIDS Trojan horse came on a floppy disk that offered information about AIDS and HIV. The Trojan encrypted the computer’s hard disk and demanded payment in exchange for the password.

1991 The first polymorphic virus
Tequila was the first widespread polymorphic virus. Polymorphic viruses make detection difficult for virus scanners by changing their appearance with each new infection.

1992 The Michelangelo panic
The Michelangelo virus was designed to erase computer hard disks each year on March 6 (Michelangelo’s birthday). After two companies accidentally distributed infected disks and PCs, there was worldwide panic, but few computers were infected.

1994 The first email virus hoax
The first email hoax warned of a malicious virus that would erase an entire hard drive just by opening an email with the subject line “Good Times.”

1995 The first document virus
The first document or “macro” virus, Concept, appeared. It spread by exploiting the macros in Microsoft Word.

1998 The first virus to affect hardware
CIH or Chernobyl became the first virus to paralyze computer hardware. The virus attacked the BIOS, which is needed to boot up the computer.

1999 Email viruses
Melissa, a virus that forwards itself by email, spread worldwide. Bubbleboy, the first virus to infect a computer when email is viewed, appeared.

2000 Denial-of-service attacks
“Distributed denial-of-service” attacks by hackers put Yahoo!, eBay, Amazon and other high profile websites offline for several hours. Love Bug became the most successful email virus yet.

2000 Palm virus
The first virus appeared for the Palm operating system, although no users were infected.

2001 Viruses spread via websites or network shares
Malicious programs began to exploit vulnerabilities in software, so that they could spread without user intervention. Nimda infected users who simply browsed a website. Sircam used its own email program to spread, and also spread via network shares.

If this history timeline hasn’t satisfied your curiosity, the recently launched Malware Museum might peak your interest. 

Take note that information below is an extract from the Sophos Threatsaurus, compiled by Sophos, a security software and hardware company.

[:af]

Verlede keer het ons meer te wete gekom oor die geskiedenis van ouer, onbekende virusse, Trojane en wurms vóór 1985. Dié keer begin ons in 1985 met die eerste PC virus.

1986 Die eerste virus vir PCs
Die eerste virus vir IBM PCs, Brain, is geskryf deur twee broers in Pakistan, toe hulle opgemerk het dat hul sagteware gekopieer word. Die virus vermeerder homself en plaas `n kopiereg boodskap op enige floppieskyf kopieë wat kliënte maak.

1987 Die Kersfeesboomwurm
Hierdie was `n Kersfeeskaartjie e-pos wat programkode ingesluit het. As die gebruiker dit aktiveer het, het dit, soos verwag, `n Kersfeesboom geteken, maar dit ook aangestuur aan almal in die se adresboek. Die Kersfeesboomwurm se verkeer het die hele IBM netwerk wêreldwye lamgelê.

1988 Die Internetwurm
23-jarige student, Robert Morris, laat, per ongeluk,`n wurm op die US DARPA Internet los. Dit versprei na duisende rekenaars en gaan voort om rekenaars telkens te besmet en ineen te laat stort. 

1989 Trojaanse virus eis `n losprys
Die AIDS Trojaan is op `n floppieskyf, wat inligting bied oor AIDS en HIV, versprei. Die Trojaanse virus het die rekenaar se hardeskyf enkripteer en betaling vereis in ruil vir die wagwoord. 

1991 Die eerste polimorfiese virus
Tequila was die eerste wydverspreide polimorfiese virus. Polimorfiese virusse verander hulle voorkoms met elke nuwe infeksie en maak dit dus besonder moeilik om op te spoor. 

1992 Die Michelangelo bohaai
Die Michelangelo virus is ontwerp om elke jaar op Michelangelo se verjaardag (6 Maart) rekenaars se hardeskywe uit te vee. Nadat twee maatskappye per ongeluk besmette diskette versprei het, was daar wêreldwye paniek, maar min rekenaars is werklik aangetas. 

1994 Die eerste e-pos virus kullery
Die eerste e-pos kullery het gedreig dat `n vyandige virus jou hele hardeskyf sou uitvee as jy `n e-pos met die onderwerp “Good Times” oopmaak.

1995 Die eerste dokument virus
Die eerste dokument of makro-virus, Concept, verskyn en word versprei deur die misbruik van makros in Microsoft Word.

1998 Die eerste virus wat hardeware beïnvloed het
CIH of Chernobyl het die eerste virus geword wat rekenaarhardeware buite aksie gelaat het. Die virus het die BIOS, wat nodig is om die rekenaar aan die gang te kry, aangeval.

1999 E-pos virusse
Melissa, `n virus wat homself versprei deur middel van e-pos, het wêreldwyd versprei. Bubbleboy, die eerste virus wat versprei wanneer `n e-pos slegs besigtig word, maak sy opwagting. 

2000 Denial-of-service aanvalle
Distributed denial-of-service-aanvalle deur kuberkrakers het Yahoo!, eBay, Amazon en ander hoë-profiel webwerwe onbruikbaar gelaat vir etlike ure. Love Bug word die mees suksesvolle e-pos virus ooit.

2000 Palm virus
Die eerste virus vir die Palm-bedryfstelsel is ontwikkel, maar geen gebruikers is aangetas nie. 

2001 Virusse versprei via webwerwe of netwerkdeelspasies
Vyandige programme begin om swakplekke in sagteware te misbruik sodat dit kan versprei sonder die hulp van `n gebruiker. Nimda besmet gebruikers as hulle `n webwerf besoek en Sircam gebruik sy eie e-posprogram en netwerkdeelspasies om te versprei.

As jy nog nie genoeg gehad het van virusse en die magdom sekuriteitsrisikos nie, sal die Malware Museum  dalk jou nuuskierigheid tevrede stel. 

Neem kennis dat bostaande inligting ʼn uittreksel is uit die Sophos Threatsaurus, saamgestel deur Sophos, ʼn sekuriteit-sagteware en -hardeware maatskappy.

[:]

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on [:en]History of malware, Trojans and worms (Part 2)[:af]Geskiedenis van malware, Trojaanse virusse en wurms[:]

[:en]E-mail account hijacked[:af]E-pos rekening gekaap[:]

Monday, February 29th, 2016

[:en]

The phishing scammers are at it again. The mail below is “spoofing” a university account, or they are using an e-mail account that they have hijacked to send out mail to fool Stellenbosch users into divulging their personal e-mail addresses, account names and passwords. Do no respond to it or go to the site in the mail. 

Here is the example of the mail that several SU users have already received:

 

From: SU staff member <sunstaffmemberaddress@sun.ac.za>
Sent: Saturday, February 27, 2016 10:05 AM
To: ‘dummyaddress@mail.com’
Subject: Dear Stellenbosch account users.

Dear Stellenbosch account users.

You have exceeded your sun.ac.za e-mail account limit quota of 575MB and you are requested to expand it within 48 hours or else your sun.ac.za e-mail account will be disable from our database. Simply CLICK with the complete information requested to expand your sun.ac.za e-mail account quota to 1000MB.

Thank you for using Stellenbosch University Webmail.

Copyright © 2016 Webmaster Center.

[INFORMATION SUPPLIED BY DAVID WILES]

[:af]

Die phishing skelms is alweer bedrywig. Die e-pos onder vervals `n universiteit e-posadres of gebruik `n e-posadres wat hulle gekaap het om e-pos aan Stellenbosch-gebruikers te stuur. Die e-pos mislei en oortuig die leser om sy persoonlike e-posadresse, rekeningname en wagwoorde bekend te maak.

Moenie daarop reageer nie en moenie na die webwerf in die e-pos gaan nie. 

Hier is die voorbeeld van die e-pos wat vele US-gebruikers reeds ontvang het:  

From: SU staff member <sunstaffmemberaddress@sun.ac.za>
Sent: Saturday, February 27, 2016 10:05 AM
To: ‘dummyaddress@mail.com’
Subject: Dear Stellenbosch account users.

Dear Stellenbosch account users.

You have exceeded your sun.ac.za e-mail account limit quota of 575MB and you are requested to expand it within 48 hours or else your sun.ac.za e-mail account will be disable from our database. Simply CLICK with the complete information requested to expand your sun.ac.za e-mail account quota to 1000MB.

Thank you for using Stellenbosch University Webmail.

Copyright © 2016 Webmaster Center.

[INLIGTING VERSKAF DEUR BY DAVID WILES]

[:]

Email

Tags: ,
Posted in E-mail, Security | Comments Off on [:en]E-mail account hijacked[:af]E-pos rekening gekaap[:]

[:en]History of malware, Trojans and worms (Part 1)[:af]Geskiedenis van malware, Trojaanse virusse en wurms (Deel 1)[:]

Wednesday, February 17th, 2016

[:en]

We’re always warning you against phishing, viruses and other nasty software which might harm your PC and data. For a change, let’s look at the history of these nasties. Where do they come from? How long have they been around for? Are they a recent phenomenon?

It seems not. Viruses have been doing the rounds for more than 50 years.

1949 Self-reproducing “cellular automata”
John von Neumann, the father of cybernetics, published a paper suggesting that a computer program could reproduce itself.

1959 Core Wars
H Douglas McIlroy, Victor Vysottsky, and Robert P Morris of Bell Labs developed a computer game called Core Wars, in which programs called organisms competed for computer processing time.

1960 “Rabbit” programs
Programmers began to write placeholders for mainframe computers. If no jobs were waiting, these programs added a copy of themselves to the end of the queue. They were nicknamed “rabbits” because they multiplied, using up system resources.

1971 The first worm
Bob Thomas, a developer working on ARPANET, a precursor to the Internet, wrote a program called Creeper that passed from computer to computer, displaying a message.

1975 Replicating code
A K Dewdney wrote Pervade as a sub-routine for a game run on computers using the UNIVAC 1100 system. When any user played the game, it silently copied the latest version of itself into every accessible directory, including shared directories, consequently spreading throughout the network.

1978 The Vampire worm
John Shoch and Jon Hupp at Xerox PARC began experimenting with worms designed to perform helpful tasks. The Vampire worm was idle during the day, but at night it assigned tasks to under-used computers.

1981 Apple virus
Joe Dellinger, a student at Texas A&M University, modified the operating system on Apple II diskettes so that it would behave as a virus. As the virus had unintended side-effects, it was never released, but further versions were written and allowed to spread.

1982 Apple virus with side effects
Rich Skrenta, a 15-year-old, wrote Elk Cloner for the Apple II operating system. Elk Cloner ran whenever a computer was started from an infected floppy disk, and would infect any other floppy put into the disk drive. It displayed a message every 50 times the computer was started.

1985 Mail Trojan
The EGABTR Trojan horse was distributed via mailboxes, posing as a program designed to improve graphics display. However, once run, it deleted all files on the hard disk and displayed a message.

Take note that information above is an extract from the Sophos Threatsaurus, compiled by Sophos, a security software and hardware company.

[:af]

Ons waarsku jou gedurig teen phishing, virusse en ander nare sagteware wat ʼn gevaar is vir jou rekenaar en jou data. Kom ons kyk vir ʼn slag na die geskiedenis van hierdie verskynsels. Waar kom hulle vandaan? Hoe lank verpes hulle al ons lewens? Is dit ʼn onlangse verskynsel?

Tog nie. Virusse bestaan al vir meer as 50 jaar. 

1949 Self-kopieërende “sellulêre outomate”
John von Neumann, die vader van kubernetika, publiseer ʼn verhandeling wat beweer dat ʼn rekenaarprogram  homself kan kopieer.

1959 Core Wars
H Douglas McIlroy, Victor Vysottsky, en Robert P Morris van Bell Labs ontwikkel ʼn rekenaarprogram genaamd Core Wars, waar programme, wat organismes genoem word, kompeteer vir rekenaarverwerkingstyd.

1960 Rabbit programme
Programmeerders begin plekhouers skryf vir hoofraamrekenaars. As geen take wag nie, het hierdie programme ʼn kopie van hulself by die einde van die ry gelas. Hulle is rabbits genoem omdat hulle vermeerder het en die stelselhulpbronne opgebruik het. 

1971 Die eerste wurm
Bob Thomas, ʼn ontwikkelaar by  die voorganger van die Internet, ARPANET, skryf Creeper, ʼn program wat aangestuur word van rekenaar tot rekenaar en wat ʼn boodskap vertoon. 

1975 Kode wat reproduseer
A K Dewdney skryf Pervade as ʼn sub-roetine vir ʼn speletjie wat op rekenaars loop met die UNIVAC 1100 stelsel. Wanneer enige speler die speletjie speel, kopieer dit stilweg sy nuutste weergawe binne-in elke beskikbare lêergids, insluitende gedeelte gidse. Gevolglik versprei dit regoor die hele netwerk.

1978 Die Vampierwurm
John Shoch en Jon Hupp by Xerox PARC het begin eksperimenteer met wurms wat ontwerp is om te help met take. Die Vampierwurm het bedags geluier, maar snags het dit take toegeken aan rekenaars wat minder gebruik is.

1981 Apple virus
Joe Dellinger, ʼn student by die Texas A&M Universiteit, pas die bedryfstelsel op Apple II diskette aan sodat dit sal optree asof dit ʼn virus het. As die virus onbeplande newe-effekte gehad het, is dit nooit vrygestel nie, maar addisionele weergawes is geskryf en toegelaat om te versprei. 

1982 Apple virus met newe-effekte
Rich Skrenta, ʼn 15-jarige, skryf Elk Cloner vir die Apple II bedryfstelsel. Elk Cloner het geloop wanneer ʼn rekenaar aangesit is deur middel van ʼn besmette floppie. Dit het ʼn boodskap vertoon elke 50 keer wanneer die rekenaar aangesit is.

1985 E-pos Trojaan
Die EGABTR Trojaanse virus is versprei deur middel van posbusse deur voor te gee dat dit ʼn program is wat die grafiese beeld verbeter. Wanneer dit egter loop, vee dit alle lêers op die hardeskyf uit en vertoon ʼn boodskap.

Neem kennis dat bostaande inligting ʼn uittreksel is uit die Sophos Threatsaurus, saamgestel deur Sophos, ʼn sekuriteit-sagteware en -hardeware maatskappy.

[:]

Email

Tags: , ,
Posted in Security | 2 Comments »

« Older Entries
Newer Entries »