This Blog has Moved!

This blog is moving to


Thank you for visiting! Content will remain here for archival purposes.

419 Scammers Target Victims of 419 Scammers...

I got this email today.  Really made me chuckle...

Economic And Financial Crimes Commision
No.5, Bill Clinton Crescent, Off Adetokunbo Ademola
Wuse II, Abuja, Nigeria.


ECONOMIC & FINANCIAL CRIMES COMMISSION (EFCC).in collaboration with United Nation, (UN) and United State GOVERNMENT.


Attention: Beneficiary

SCAMMED VICTIM/ $2.5million COMPENSATION FUND-REF/PAYMENTS CODE: 06654.

We were delegated by Economic and Financial Crimes Commission [EFCC] Nigeria in conjunction with the United Nations to pay 200 Americans, Asia, Europe countries etc, In view of this recommendations, I want you to know that during the last UN and EFCC meetings held in Abuja Nigeria, it was alarmed so much by the rest of the world in the meetings on the loose of funds by various foreigners to the scams artists operating in syndicates all over the world today.

In other to retain the good image of this great country, the president (Goodluck Jonathan) has instructed the immediate compensation payment of $2.5million each, to each scam victim through Guarantee Trust Bank, which is the approved Bank that will be responsible for your compensation fund transfer and issuance of International certified bank draft via under funding assistance by the Central Bank of Nigeria.

85 scam victims who were scammed by scam artists/perpetrators has been paid sum $2.5million each so far, and you are listed and approved for this payments as one of the scammed victims.
Kindly contact EFCC foreign operating assistant commissioner Mr. Mike Johnson for your compensation fund release.

Email: edujlgs@ig.com.br
Phone: +2348037165537

Option 1: Fund through Bank Transfer,

1 Your bank name:
2. Bank address:
3. Your account number:
4. Routing number:
5. Swift code/IBAN:
6. Beneficiary name:
7. Phone/Mobile no:
8. Address:
9. Nationality
10. Gender
11. Occupation
12. Age
OPTION 2: to receive fund through International Certified Bank delivery, fill in the listed details below:

(1) Full name:
(2) Delivery address:
(3) Direct mobile/ phone /fax:
(4) Occupation
(5)Gender
(6) Nationality
(7) Age

You are hereby warned not to communicate or duplicate this message to anybody in email exchange for any reason or whatsoever, EFCC in support of the US secret service is already tracing tracking the criminals for your own good make sure you stop dealing with scammer and imposter, and also make sure you forward the daily scams letter you received to us be warned.

Yours faithfully,
Danson Bowell, DE-factor Chief Compensation Officer

The Bad Guys are Running Out of Places to Hide

The Hacker News reported today that it has been confirmed the FBI has access to the entire Tor Mail database. This is great news for the Cyber Security community, as it makes things even harder for online criminals to prey on easy victims.

Access to this database will allow the FBI to find all sorts of juicy incriminating data, such as drug deals, coordinated hacking, and even murders.

So for anyone out there who had incriminating evidence on Tor Mail, consider yourself on notice - the "Party Van" will be visiting your house soon.

Remember kiddies, the Internet is forever.

Space Weather Outlook January 27, 2014 at 01:07AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-4 2014 January 26 at 10:50 p.m. MST (2014 January 27 0550 UTC) **** SPACE WEATHER OUTLOOK **** Summary For January 20-26 No space weather storms were observed. Outlook For January 27-February 2 Category R1 (Minor) and R2 (Moderate) radio blackouts are expected with a slight chance for R3 (Strong) from 27 January through 02 February due to potential flare activity from the return of old Regions 1944 and 1946. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

ISC2 CISSP - Special Edition Practice Exam and Study Guide

The following is external content provided as a free resource for blog readers.





The CISSP CramMaster will prepare you to pass the ISC2 CISSP exam. It contains 650+ questions, multiple-choice answers and detailed explanations along with selected content from the CISSP Sybex book. This CramMaster will test a candidate's knowledge of an international standard for information security and understanding of the ISC2' Common Body of Knowledge. The CISSP CramMaster covers ISC2 recommended domains such as Access Control, Application Security, and Cryptography.



The ISC2 CISSP covers the following recommended objective categories:

  • Access control

  • Telecommunications and network security

  • Information security governance and risk management

  • Software development security

  • Cryptography

  • Security operations

  • Security architecture and design

  • Business continuity and disaster recovery planning

  • Legal, regulations, investigations and compliance

  • Physical (environmental) security






Request Free!

Microsoft 70-640 Windows Server 2008 - Special Edition Practice Exam and Study Guide

The following is external content provided as a free resource for blog readers.





Use the Windows Server 2008 Active Directory, Configuring CramMaster to study for the Microsoft 70-640 exam. This CramMaster contains 450+ questions, multiple-choice answers, detailed explanations, and comes bundled with select content from the 70-640 Exam Cram book. Candidates for this exam typically have a minimum of one year of experience implementing and administering a network operating system in an environment of 250 to 5,000 or more users, three or more physical locations and three or more domain controllers.



Microsoft 70-640 Windows Server 2008 covers the following recommended objective categories:

  • Configuring Domain Name System (DNS) for active directory

  • Configuring the active directory infrastructure

  • Configuring active directory roles and services

  • Creating and maintaining active directory objects

  • Maintaining the active directory environment

  • Configuring active directory certificate services






Request Free!

Target Data Breach Outlines Need for Application Whitelisting, Flaws in PCI-DSS

As I find myself diving deeper down the rabbit hole of the recent Target data breach and the malware writers behind it, I can't help but keep asking "Why were no safeguards put in place to prevent this?"

For those who didn't hear, there has been an arrest of two Mexican citizens in Texas who were using stolen credit card numbers to purchase goods - and that the case possibly leads back to the Target data compromise.

Quite honestly, with today's computer security suites, there is almost no excuse for a static configured system such as a Point of Sale terminal to ever be infected by a virus. With proper implementation of application whitelisting a system can be protected from even unknown malware.

However, the Payment Card Industry Data Security Standard (PCI-DSS) only requires basic anti-virus coverage to protect against "known" malware, as well as a (network-based) firewall.

Space Weather Outlook January 20, 2014 at 02:21AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-3 2014 January 20 at 12:06 a.m. MST (2014 January 20 0706 UTC) **** SPACE WEATHER OUTLOOK **** Summary For January 13-19 A category R1 (Minor) radio blackout was observed on 13 January due to flare activity from active sunspot Region 1944. Outlook For January 20-26 There is a chance for category R1 (Minor) radio blackouts on 26 January due to potential flare activity from old Region 1944 as it rotates onto the visible disk. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Non-Profit "Securing The Net" to Provide Free Network Security for Small Businesses

Florida based Non-Profit Securing The Net is running a donation campaign to help provide free network security to small businesses.

According to the website:
This project is taking a non-profit approach to fixing security issues of small businesses by offering free support to secure their websites that would otherwise remain insecure due to budgets or inexperience to do it themselves.
There are two parts to the campaign. First and foremost, the non-profit will offer to secure the networks of small businesses at no charge. By doing so, the data of the consumers held by the small business will be kept safe.

The second part of the campaign involves deployment of multiple honeypots in an effort to track the attackers who would prey on small businesses.

As of this post, Securing The Net had recieved $270.00 of their initial $100,000 fundraising goal.

If you'd like to donate to Securing The Net, visit their WePay Donation Page.

Dissecting a World of Warcraft Phishing Attack

I recently recieved the following email attempting to obtain my Battle.net login information. This email is of course designed to steal credentials for World of Warcraft.

from: Blizzard Entertainment kang111329@gmail.com
to: <removed>@gmail.com
date: Thu, Jan 16, 2014 at 4:46 AM
subject: Blizzard Entertainment - Account Investigation Notification
mailed-by: gmail.com
signed-by: gmail.com
Violates our policies for Battle.net
Dear customer,
Because you are involved in the trading of gold and equipment, legitimately means playing with an unaltered game client. Doing otherwise violates our policies for Battle.net, and it goes against the spirit of fair play that all of our games are based on. We strongly recommend that you avoid using any hacks, cheats, bots, or exploits. Suspensions and bans of players that have used or start using cheats and hacks.
You can confirm that you are the original owner of the account to this secure website with:
http://www.blizzardmory.com/login/login.aspx?ref=https%3A%2F%2Fwww.worldofwarcraft.com%2Faccount%2F&app=wamLogin to your account, In accordance following template to verify your account.
* Account Name and Password
* Secret Question and Answer
Show * Please enter the correct information
If you ignore this mail your account can and will be closed permanently.
If you wish to review our current Rules and Policies for World of Warcraft and Battle.net, they can be found at:
http://www.blizzardmory.com/login/login.aspx?ref=https%3A%2F%2Fwww.worldofwarcraft.com%2Faccount%2F&app=wamFor further security tips, please visit:
http://www.blizzardmory.comRegards,
Customer Services
Account Administration Team
Blizzard Entertainment 
Let's take a look at the email in depth and analyze where this phish is coming from.

Free Certified Ethical Hacker v8 Exam Prep Study Guide

The following is external content provided as a free resource for blog readers.






This comprehensive study guide helps you to prepare for the Certified Ethical Hacker (CEH) certification exam. This guide includes important must know topics, multiple choice practice and scenario questions which will help prepare for the rigorous exam created by the EC-Council.






Request Free!

Aberdeen Research Brief: Big Data for Marketing - Targeting Success

The following is external content provided as a free resource for blog readers.






It’s hard to escape the hype around “Big Data” and the big promise that all that data can generate powerful and profitable intelligence. This research brief by Aberdeen provides some actionable insight regarding the potential for big data by looking at the strategies, processes, and technologies Best-in-Class firms are adopting around data analytics for marketing today.


While adoption of “big data” per se is nascent, the transition to dynamic, behavior-based segmentation and targeting, and real-time management means companies are likely to see significant growth in the volume, velocity and variety of data.






Request Free!

The Modern Malware Review: Analysis of New and Evasive Malware in Live Enterprise Networks

The following is external content provided as a free resource for blog readers.





This review provides the first analysis of malware behavior that include not only analysis of how malware behaves on an infected host, but a full application level analysis of the infecting traffic as well as all traffic generated by the malware.



Key Findings:

  • The Web Has Become the Front Line of the Fight Against Malware

  • Unknown Malware Includes Both Targeted and Generic Attacks

  • While Web-browsing is the Workhorse, FTP is Black-Ops

  • Malware Spends a Great Deal of Effort Avoiding End-Point Security






Request Free!

10 Things Your Next Firewall Must Do

The following is external content provided as a free resource for blog readers.





The 10 Things Your Next Firewall Must Do outlines the latest capabilities that a firewall should possess and helps you learn how to choose a firewall that can safely enable your business in the ever-changing world of network security. By downloading this offer, you'll find an insight and practical advice on:

  • Considerations for choosing your next firewall

  • Best practices for implementing safe application enablement policies

  • Essential firewall capabilities for battling modern threats






Request Free!

Solving Common Data Protection Challenges - Advice from the Trenches

The following is external content provided as a free resource for blog readers.





Not only are they expected to protect every virtual machine and file in the datacenter but they must do it under the pressure of constant change. Find out how what smart admins are doing to make data protection, disaster recovery, data restoration, and server consolidation, easy in this white paper by vExpert, David Davis.



Request Free!

Achieving Best Practices for Virtual Machine Backup and Recovery

The following is external content provided as a free resource for blog readers.





Download now to find out how each solution measured up against best practices in virtual data protection.



Request Free!

Aberdeen Research Brief: Big Data for Marketing - Targeting Success

The following is external content provided as a free resource for blog readers.






It’s hard to escape the hype around “Big Data” and the big promise that all that data can generate powerful and profitable intelligence. This research brief by Aberdeen provides some actionable insight regarding the potential for big data by looking at the strategies, processes, and technologies Best-in-Class firms are adopting around data analytics for marketing today.


While adoption of “big data” per se is nascent, the transition to dynamic, behavior-based segmentation and targeting, and real-time management means companies are likely to see significant growth in the volume, velocity and variety of data.






Request Free!

Space Weather Outlook January 13, 2014 at 02:58AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-2 2014 January 13 at 12:44 a.m. MST (2014 January 13 0744 UTC) **** SPACE WEATHER OUTLOOK **** Summary For January 6-12 Category R1 (Minor) radio blackouts were observed on 07-08 January due to flare activity from Regions 1946 and 1947. Category R2 (Moderate) and R3 (Strong) radio blackouts were observed on 07 January due to flare activity from Region 1944. A category S1 (Minor) solar radiation storm was observed beginning on 06 January, increased to S2 (Moderate) levels on 07 January followed by S3 (Strong) levels on 08 January due to a combination of flare activity from active sunspot Regions 1936 and 1944. Solar radiation storms fell below the S1 threshold on 11 January. Outlook For January 13-19 There is a chance for category R1 to R2 (Minor to Moderate) radio blackouts on 13-14 January due to potential solar flare activity from Region 1944. There is a chance for a category S1 (Minor) solar radiation storm on 13-14 January due to possible solar flare activity from Region 1944. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Beginners Guide to SSL

The following is external content provided as a free resource for blog readers.





Not only does it make you feel safer but it also protects people who visit your home, place of business or Web site. It is important to understand the potential risks and then to make sure you are fully protected against them. In the fast paced world of technology, it is not always easy to stay abreast of the latest advancements.



Request Free!

Website Security Threat Report

The following is external content provided as a free resource for blog readers.





Online where the reputation and success of your business is often measured by the trust that your customers have in the security of your website, it is important to understand how you can maintain and build on that trust. To that end, SSL/TLS has been the key to trust on the Internet for more than a decade and will continue to be so when it comes to providing the highest levels of protection against evolving cyber security threats. And while, yes, the technology is sophisticated and leading edge, the goal is simple: to make the Internet safer to transact business – for you, your customers and everyone else with whom you interact online.



Request Free!

Understanding DNS Terminology

The following is external content provided as a free resource for blog readers.






To help people who are new to the world of DNS, those looking to learn more, or even seasoned veterans who want a refresher, we’ve compiled a list of the need-to-know DNS terms along with their definitions. From A records to zones, this list will get you on the right track towards becoming a DNS pro.






Request Free!

5 DNS Security Risks That Keep You Up At Night (And How To Get Back To Sleep)

The following is external content provided as a free resource for blog readers.






Security threats against DNS infrastructure are both serious and growing. In fact, according to a 2013 Arbor Networks survey, the largest DDoS attack (60 Gbps) targeted DNS infrastructure. When it comes to keeping your DNS secure, do you know what you’re up against? In this white paper, we’ll review five of the most pervasive DNS threats that you need to be thinking about, and how to keep them from creating a performance or security nightmare.






Request Free!

Securing Multiple Domains with SSL

The following is external content provided as a free resource for blog readers.





Usually, one SSL certificate secures just one domain name or URL; however, some common situations are better handled with a type of certificate that allows multiple domains to be secured with just one certificate. Read this white paper to learn about typical situations where multiple domain certificates are the ideal solution, how multiple domain certificates work, and how to select the right multi-domain certificate for your needs.



Request Free!

SSL 101: A Guide to Fundamental Website Security

The following is external content provided as a free resource for blog readers.





Given the number of people who experience or have heard about phishing and other Web-based scams, many Internet users don't feel comfortable sharing their personal details online. Fortunately, there is Secure Sockets Layer (SSL) technology, a standard solution for protecting sensitive information online. But there's more to SSL than just basic safety. Read this guide to learn about what SSL does, how it works, and how it can help build credibility online.



Request Free!

Stop Phishing: A Guide to Protecting Your Web Site Against Phishing Scams

The following is external content provided as a free resource for blog readers.





If you have a website and do business online, you are probably at risk. Fortunately, there is an effective way to protect your customers, your company and your brand from phishing: SSL and Extended Validation (EV) SSL. In this guide, you'll learn more about Phishing and how SSL and EV SSL technology can help protect your site, your business and ultimately, your bottom line.



Request Free!

Master List of DNS Terminology

The following is external content provided as a free resource for blog readers.






In this eBook, you’ll find the most common DNS terms and their definitions to help you better understand DNS. From A records to zones, this list will get you on the right track towards becoming a DNS pro.






Request Free!

5 DNS Security Risks That Keep You Up At Night

The following is external content provided as a free resource for blog readers.






Who knew that there were so many ways to threaten the security of your DNS? Find out all of the scary details about these attacks and what you can do to prevent them.






Request Free!

The Essentials of Information Security Kit: Includes a Free PC Security Handbook - 2nd Edition eBook

The following is external content provided as a free resource for blog readers.





The Essentials of Information Security brings together the latest in information, coverage of important developments, and expert commentary to help with your Information Security related decisions.



The following kit contents will help you get the most out of your Information Security research:

  • PC Security Handbook - 2nd Edition






Request Free!