International Hacker Email / Security Warning / Account Issue

The latest hacker / email scam has been roaming the internet for a few months now. This one is pretty ingenious because it is more of a social email hack playing on your fears rather than an actual attack on your computer.

How does it play out?

An email arrives from you, yes your own email address. The subject of the email will be related to “Account Issue” , “Security Warning” or some variation. The email will further explain that you were hacked by an International Hacker Group and demand you pay $800 USD in bit coin in 48 hours or they will release video of you in a compromising position while watching porn! The hacker further tries to prove his legitimacy by providing you with your password.

The first time I saw this attack I was taken back for a moment because the password in the email was REAL. It was actually one of my “throwaway” passwords and kind of freaked me out.

Lets break the email down and see exactly what they did

Continue reading “International Hacker Email / Security Warning / Account Issue”

Who’s Hacking My Exchange OWA? Check with Log Parser 2.2

I am one of the few on the planet that still hosts my own servers in house. Sorry, but I don’t really see the benefit of moving everything to the cloud when keeping it in house allows me the control and flexibility I want. I especially like having an Exchange OWA server in house.

With that said, hosting your own systems can be troublesome as well. Maintaining the hardware, infrastructure and security are items that would get farmed out in a cloud environment. This post focuses on the security end, or rather attempting to track hack attempts.

In January, I sent up a trigger to alert me every time a user is locked out. -> Know instantly when a user is locked out <- Its a good read if you’re interested. This trigger reads the event logs, looks for the lockout event and sends the info to me via email. A great help in being proactive with my users. It also alerts me to hack attempts. Too many incorrect login attempts on OWA would trigger a lockout event. During a recent weekend, I was receiving lockout emails every 30 minutes. So who was doing this? What did they want?

How to check Exchange OWA IIS logs

Continue reading “Who’s Hacking My Exchange OWA? Check with Log Parser 2.2”

Serafim Keybo – For Fathers Day!

Every year I try to pick out that unique Fathers Day gift that your Dad can use and probably will find interesting and fun. Lord knows Dad has plenty of aftershave, cologne, and wine. This year I am recommending the Serafim Keybo.

Projection Keyboard & Piano.. Tell me more..

A few moths ago I published a post, Don’t Throwaway That Old iMac Keyboard – Use It On Your Tablet. Since then I have been using my classic iMac Keyboard on my Samsung Galaxy Tablet and it has been working great. The only issue is I keep the tablet on my kitchen table and sometimes the keyboard gets in the way. I have become accustomed to using a keyboard on my tablet and was thinking there must be a better way. Continue reading “Serafim Keybo – For Fathers Day!”

Microsoft Edge Crashes On Launch – Faulting Module EMODEL.DLL

I had a user this week call me complaining that Microsoft Edge would freeze on launch and then crash and close. After investigating her event logs it was determined the faulting module was emodel.dll

Faulting application name: MicrosoftEdge.exe, version: 11.0.16299.371, time stamp: 0x5abdaed4
Faulting module name: EMODEL.dll, version: 11.0.16299.371, time stamp: 0x5abdaf79
Exception code: 0xc0000409
Fault offset: 0x000000000018bcae
Faulting process id: 0x2900
Faulting application start time: 0x01d3e794d12ebc95
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Faulting module path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\EMODEL.dll
Report Id: 560abf0f-e6c8-4b45-8b96-d448f9aa934d
Faulting package full name: Microsoft.MicrosoftEdge_41.16299.371.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge

I have not seen this error before and there were no other users in the environment experiencing this issue. My first troubleshooting step was to see if there were any unique applications that  were specific to this user.

This particular user is the CFO of the company and logs into a number of banking websites. To enhance security many banks force customers to download additional software to supplement logins in order to prevent intrusion and hack attempts. This user was using a product from IBM

IBM Trusteer Rapport & Microsoft Edge EMODEL.DLL

Continue reading “Microsoft Edge Crashes On Launch – Faulting Module EMODEL.DLL”

Fakespot.com finds the fakes! Makes Amazon so much better!

I don’t hate shopping, but I really don’t have the time to browse the brick and mortar stores. Just the other day I was in Target and it took me longer to walk the store then to grab what I needed and check out. I’m all about saving time and using my time as efficiently as possible, I guess this is why I’m such a proponent of Amazon Prime and Fakespot.com.

The one problem with Amazon is you can’t touch and feel the product, there are so many sellers sometimes its hard to distinguish which items are worth my time while which are just plan junk.

Amazon Reviews

Early on Amazon made a review system to help customers identify which items and sellers are worth their time. However, as soon as the review system was launched so were the fake reviews, paid reviewers and just plain deceptive tactics sellers take to make their products seem better.

Fakespot.com

Through the magic of the Internet Fakespot.com analyzes all the reviews for a particular product through their proprietary technology and  determines which reviews are real and which are suspect. Finally at the end a letter grade is given to the product reviews. Remember Fakespot.com is NOT reviewing the product, but making an attempt to verify the validity of the reviews for that given product. Continue reading “Fakespot.com finds the fakes! Makes Amazon so much better!”

Post # 100 My Favorite Blogs

It’s been a while since I have written a blog posting. I guess you can say life sometimes gets in the way and things we enjoy doing get pushed aside. I have a few spare moments today to sit down and write so here goes nothing.

First and foremost Webcommand blog has just turned ONE! I started writing exactly one year ago today. When I built this server I was setting a goal to write 5 blog posts a week about 260 in a year. Well I realized its harder to come up with content then I thought. I also realized it is even harder to monetize the site as well (your donations are welcome)  However I did manage to write 100 blog posts in the first year and I deem that a success!

Today on the anniversary of Webcommands birth and 100th post I would like to pay tribute to my favorite blogs and give each of them a brief shout out.

My favorite Blogs

Continue reading “Post # 100 My Favorite Blogs”

PDF files – Latest Target of Phishing Scam

Malware and viruses are always just a wrong click away, and to keep yourself protected you need to be on top of the latest trends that are targeting home and business users. This past month I have been noticing an increase in PDF attachment attacks around the office. As with previous email based attacks this is simply the latest attempt to infiltrate your network security by using the weakest link. YOU! Yes, in my opinion humans are the most vulnerable vector to attack and successfully enter a network.

How the latest PDF Phishing scam works.

A friend, coworker or client has already been infected with malware. At this point the attacker has taken control over their system and would like to spread his virus via email. The malware quickly enumerates the victims address book and fires off emails to unsuspecting targets with the viral payload attached as a PDF document. As the recipient you open the PDF, jump through a few hoops and the attacker now has control of your computer as well as your email credentials and more.

How to spot a bogus attachment, and prevent infection.

Continue reading “PDF files – Latest Target of Phishing Scam”

Commodore 64 Mini – Looks Like fun!

Well folks here’s another retro gaming platform revitalized into a mini computer.  The C=64 was and still is my all time favorite platform and this Mini version may be on my purchase list once its released in March. First we saw the NES Classic Edition hit stores before Christmas 2016 and it was an immediate sell out, followed by the Super NES was released last year for $199.99 at Amazon The next logical step was to release the Commodore 64 Mini!

Commodore 64 Mini – will be released with 64 games!

Continue reading “Commodore 64 Mini – Looks Like fun!”

Remote Desktop 2012r2 – Shadowing Unspecified Error

In an effort to combat the Specter/Meltdown vulnerability Microsoft has rushed a few patches out into the wild that have been creating some odd issues on workstations and servers alike. I want to address the Unspecified Error when attempting to shadow a session in Remote Desktop 2012r2.

This is what happens when you rush a patch into the wild:

Continue reading “Remote Desktop 2012r2 – Shadowing Unspecified Error”

Remote Fix Your Parents Computer (from the comfort of your own home)

If your parents are like mine they are tech savvy enough to get by. What I mean by that is they know how to launch Fire Fox and surf the web, maybe play checkers or chess and print a few documents when necessary. The problem arises when something goes wrong with their computer. Maybe they click on something they shouldn’t and get a virus or malware infection. Then again a Microsoft update could change some setting they are not familiar with and causes stress and a phone call to you. These days you have your own family and live an hour away from your parents and really can’t make the trip back home right now. This is where a remote solution comes into play!

Remote Solutions

Next time you are at your parents house, install one of these remote solutions and be prepared for the dreaded “my computer is broken” phone call.

Skype

Microsoft’s free video-calling software doubles as a very decent screen sharing program. Although you can’t directly interact with your friend’s desktop or take control of their computer yourself, you can view their screen as you both continue speaking, which makes the troubleshooting process more straightforward. And with the recent revamp of its appearance, Skype is easier to use than ever.
SKYPE.COM

Chrome Remote Desktop

This extension for Google Chrome can go beyond the web browser to share anything on a computer screen with someone else. Chrome Remote Desktop gives one user full control over the other computer for an experience almost like sitting in front of your mom’s  machine.
CHROME REMOTE DESKTOP

TeamViewer

Businesses use the professional TeamViewer tool, but it’s simple enough for anyone to use. And for personal,  use—like helping out Dad with computer problems, it’s also free. It allows full control of the remote system
TEAMVIEWER.US

 

Remember when installing any remote viewing tools to keep passwords safe and out of prying eyes. Other than its nice to visit Mom and Dad for a few hours and fix their computer, a remote solution can come in handy when time is short or distance is long.

Thank you for reading my blog,
Joe