Monday, November 13, 2017

And the world's latest phishing attempt is:

Unicode text, yay.  Fuckers.

What's wrong with this e-mail?


Hello, Singapore Airline is giving away 2 Free FirstClass Tickets to celebrate 45th anniversary, Now you can get your tickets too ! go here to get it: http://www.singaporea─▒r.com/firstclass Enjoy your flight !.


Apart from the fractured chinglish, see anything wrong?


Now have a look at the second last character in the domain name, before the .com.  See it now?


If you mouseover it in Chrome, or copy the link address, what you actually get is:


http://www.xn--singaporear-8zb.com/firstclass



ICANN has seized that domain, but this is the start of a new avalanche of spam with phishing attempts, I suspect.  :(

Friday, October 27, 2017

JFK assassination files release - HOLY SHIT moment!



Check out frame 229 onwards of https://www.youtube.com/watch?v=iU83R7rpXQY .... now we know why his hands went to his throat!  He'd already been shot from the front by the other shooter.

Monday, October 16, 2017

Sunday, September 3, 2017

This your brain on feminism

For everyone on father's day - never go full libtard.



Sunday, August 20, 2017

Women's hair

Can someone please explain to me:

I get a haircut.  It costs $15, takes about 10 minutes, and at the end of it, it looks like my hair was actually cut.

The handbrake gets a "haircut".  It costs $200, takes about 3 hours, and at the end of it, I have to remind myself to say something nice about it **because it looks exactly the freaking same to me**.  I think it was my wallet that actually got the haircut.


Father's day nominations

It's a fortnight from father's day in Australia, so in advance, I'd like to nominate these two gentlemen for father of the year, in the "stop your bullshit" category:





Friday, June 30, 2017

Latest cryptolocker outbreak

As if the latest crypto ransomware outbreak of NotPetya isn't bad enough, the operator of the e-mail service that the scammer was using for communications (posteo.net) has in what can only be described as a moment of blinding stupidity, shut down the e-mail account he was using.

Yes, no doubt it follows their standard procedures, and I realise that they don't want their platform being used for illegal activity.  But you're fucking morons.  Now anyone who gets infected has zero way of decrypting their PC, because they can't communicate with the scumbag to retrieve their decryption key!

Would it have killed them to act like a responsible netizen, and maybe reach out to law enforcement to offer whatever assistance they could in tracking down whoever was accessing the account?  Nope, fuck everyone, let's just delete it.  Cretins.

The only good news about this is very much hidden inside some further bad news.  Apparently unlike the recent Petya outbreak, NotPetya doesn't generate a valid encryption key - so there's no way of returning a decryption key either.   If correct, there's no point in paying the ransom, because you're just setting fire to money.

Oh yeah - just for fun, it scrubs the MBR too.  Time to reach for the install disk.

What is good news is that the NotPetya installer looks for a certain file on the PC to determine if it's been infected yet, and if it finds that, it aborts.  So while it isn't possible to disinfect a PC, it is possible to immunize one against infection.  Suggest that everyone do so immediately, the batch file linked to on the page is safe.

Here's the code for the enthusiasts:

@echo off


REM Administrative check from here: https://stackoverflow.com/questions/4051883/batch-script-how-to-check-for-admin-rights

REM Vaccination discovered by twitter.com/0xAmit/status/879778335286452224

REM Batch file created by Lawrence Abrams of BleepingComputer.com. @bleepincomputer @lawrenceabrams



echo Administrative permissions required. Detecting permissions...

echo.


net session >nul 2>&1

if %errorLevel% == 0

( if exist C:\Windows\perfc
( echo Computer already vaccinated for NotPetya/Petya/Petna/SortaPetya.

echo.

)
else
(

echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya. > C:\Windows\perfc

                echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya. > C:\Windows\perfc.dll
                
echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya. > C:\Windows\perfc.dat



attrib +R C:\Windows\perfc

attrib +R C:\Windows\perfc.dll

attrib +R C:\Windows\perfc.dat


echo Computer vaccinated for current version of NotPetya/Petya/Petna/SortaPetya.

echo.

)
)
else
(

echo Failure: You must run this batch file as Administrator.

)


pause