Friday, May 22, 2015

Phishing Email - You sent a iTunes Gift Card $50

Recently the  "You sent a iTunes Gift Card $50 CAD" email has come in many flavors, and if it matches the items below, then there a good chance it's phishing email. But I walk you through how to tell for sure. This crafty email has been making it's way through the big 3 email (google/outlook/yahoo) email spam filters.

What to do? 
Report them, hover over the iforgot.apple.com link (in your email) and match the URL and click on the match link to report them as phishing to Google.

Report Phishing
 URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/?hl=en&url=youtubewom.com

You sent a iTunes Gift Card $50 CAD to (slowdawn12@msn.co.ok) Thanks for using iTunes. To see all the transaction details, log in to your Apple account. (Order Number:115757250)

22 May 2015 02:01:11 BST

Transaction ID: 4V929066CK353413N
You sent a iTunes Gift Card $50 CAD to (slowdawn12@msn.co.ok)
Thanks for using iTunes. To see all the transaction details, log in to your Apple account.


Seller
eBay Checkout
Note to seller
iTunes Code (Email Delivery)
Address Email - NO confirmed


Dispatch details
The seller hasnt provided any dispatch details yet.


DescriptionUnit priceQtyAmount
Click here To Cancel This Transaction
iTunes Gift Card Number 331027592910
$50 CAD1$50 CAD
Postage and packaging50 CAD
Insurance - not offered----
Total$50 CAD






How to tell this is a Phishing email ?


  1. Is email is from you to you, then it's phishing.
  2. Hover over all links in email, if it's not from the apple.com site then forget it.

    In above example, all the links and source images seem to be from Apple website except the Click here To Cancel This Transaction link.

    You can test this
     in the above example, since I crafted that from source HTML of the phishing email. Try it, hover over links to examine the source URL. Note: I have re-coded Click here To Cancel This Transaction to report youtubewom.com as phishing site to Google.

    In the original phishing email, hovering over Click here To Cancel This Transaction pointed to spam site youtubeworm.com. 


    Reading email in Outlook 2013 generated pop-up "Click to follow link"

Report Phishing URLs at Google now 

If you have recieved this email take further action now by click the link below. Hover over the Click here To Cancel This Transaction link and match the URL and click on the match link to report them as phishing to Google.

  1. https://www.google.com/safebrowsing/report_phish/?hl=en&url=youtubewom.com

If you don't see your URL here add a comment below.

Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Thursday, April 16, 2015

How to test for Critical Microsoft IIS Vulnerabilty (MS15-034) Allow Remote Code Execution

Critical Microsoft IIS Vulnerabilty (MS15-034) released April 14, 2015

Allows is a vulnerability in HTTP.sys Could Allow Remote Code Execution on unpatched IIS, on all Windows x64 systems affected. 

Full details of the security bulltein provided by Microsoft at https://technet.microsoft.com/library/security/MS15-034

This vulnerability can allow a remote and unauthenticated denial of service (DoS) and a possible remote code execution (RCE). An attacker sends a specially crafted http request with the correct header to exploit it.

To identify if your Windows server is vulnerable, run the following command under another another Unix/Linux/Mac bash shell. Substitute your windows machine up address with SERVER_IP. 


If you get the following response then it’s vulnerable:
















In fact if any part of the response contains "Requested Range Not Satisfiable" then you are vulnerable, whether its a header response as HTTP/1.1 416 Requested Range Not Satisfiable or wrapped in HTML tags.


The stated temporary workaround in the bulletin is to “Disable IIS kernel caching”, in IIS, until you get patched. 

Play safe my friends.

Wednesday, April 8, 2015

Iphone iOS 8.3 Update Download taking forever estimated at 27 to 30 hrs

IOS is quickly becoming bloatware, at 27hrs for an estimeate download, this is ridonculous.


I tried downloading and installing the iOS 8.3 update today upgrading from iOS 8.2 and normally this process takes less than 3hrs, of time, which is long enough. Today, the estimate time to update to iOS 8.3 started at 30hrs.  After 1hr it was an estimated 27hrs. So I thought it was my phone free space, but I cleared that up to have 3G free. That did not work either.
Many people removing large chunks of photos or a music collection just to be able to upgrade. Then, there’s the fact that 8.0.1 killed a lot of phones reception for iPhone 6 owners. iOS 8 was very buggy, so you can understand wanting to put the updates off. iOS 8 Update uptake was less than 50 per cent and the slowest uptake yet nearly three weeks after launch. By comparison, iOS 7 had hit nearly 70 per cent adoption. 


We all know that IOS is getting bloated, but this is getting rhino-diculous. 

  • iOS 8 needs nearly 5.7GB of free space to install. 
  • iOS 8.1 update file size ranges from 60MB to 127MB, for a total of 5.8G 
  • iOS 8.2 update added an additional 300MB, for a total of 6.1G
  • iOS 8.3 update added an additional 200MB, for a total of 6.3G

So 6.3 GB for iOS 8.3 is allot space for a phone. Below are rounded up percentages;

  • 40% of space for 16G iPhone. 
  • 20% of space for 32G 
  • 10% of space for 64G 
  • 5%   of space for 128G - an acceptable amount for an OS footprint




I have a ~17Mbps download connection, so this is not on me. In comparison,  Windows Updates are far more efficient to download.






Okay, Apple enough is enough, if you can get you download bandwidth act together, give provide some other means like an official torrent release and allow users to update from a download file.

We want an official torrent release of Iphone OS updates.



And here's the features you get with iOS 8.3, summary quoted below from quora.com forum.

Digging into the release notes, iOS 8.3 and differences in application  programming interfaces between iOS 8.2 we note that Apple (so far) is  adding very little to the features of the operating system. Most of the  work in iOS 8.3 is focused on optimization. The biggest new  function—outside of WatchKit integration—in iOS 8.3 is a new feature  where Apple Pay supports different shipping types such as “delivery,”  “pick up from store” and “pick up from customer.” A new class of payment  button that initiates Apple Pay purchases is also available.

The API frameworks and modules for iOS development—the building blocks  of iPhone and iPad apps—see the heaviest revisions in iOS 8.3. The most  significant changes come for the frameworks and modules listed below  with notes on what APIs are affected.Frameworks:

  • HomeKit (ValueLockMechanism, Metadata, HMError)
  • Metal (RenderCommand Encoder, ComputeCommandEncoder, MTLLibary)
  • NetworkExtension (NEVPNProtocol)
  • PassKit (PaymentButton, PaymentAuthorizationViewController, PaymentRequest)
  • UIKit (Application, Device, PresentationController, TableViewController)
CloudKit, SceneKit, SpriteKit, CoreAudioKit, CoreMotion, CoreImage and Security among others also saw minor revisions.

Modules:
In keeping with the theme of optimizing iOS for the next generation  of app development for the operating system, the modules have seen the  most additions and modifications. It would be impractical to list them  all here (see the iOS 8.3 iOS Diffs in the Apple Developer portal for the full list). A few highlights below.

  • CoreAudio (A dozen modified and 35 new APIs based mostly on buffering, packet description and timestamps)
  • PassKit (21 new APIs based on the changes to Apple Pay listed above)
  • UIKit (A couple dozen modifications based on accessibility, attributes and activities)
  • Swift (The second biggest change in APIs in iOS 8.3 with dozens of added and removed functions)
  • Darwin (The Unix kernel for iOS has the largest volume of changes in iOS 8.3)
The MapKit, HealthKit, QuartzCore, SpriteKit and AVFoundation modules  all see significant additions and modifications in iOS 8.3 as well.