jobeard

Users with hetrogeneous systems should take immediate action to protect their SAMBA interface.

A client can send a specially crafted RPC call to a Samba server in order to exploit the vulnerability and execute unauthorized code with administrative privileges (root) on the system.

"As this does not require an authenticated connection it is the most serious vulnerability possible in a program, and users and vendors are encouraged to patch their Samba installations immediately," the Samba development team said in a security advisory.

please see the InfoWorld.com article for details

The fake Instagram website contains text in Russian and distributes an Android Trojan horse that, once installed, sends SMS messages to premium-rate numbers without the phone owner's authorization

see the whole story here

>> This occurred on my land-line, but suspect it would also work on a CELL; CAVEAT EMPTOR <<

I received a telephone call last evening from an individual identifying
himself as an AT&T Service Technician (could also be Telus) who was
conducting a test on the telephone lines. He stated that to complete the test
I should touch nine (9), zero (0), the pound sign (#), and then hang up.
Luckily, I was suspicious and refused.

Upon contacting the telephone company, I was informed that by pushing 90#,
you give the requesting individual full access to your telephone line, which
enables them to place long distance calls billed to your home phone number.

I was further informed that this scam has been originating from many local
jails/prisons. DO NOT press 90# for ANYONE...

After checking with Verizon they also said it was true, so
do not dial 90# for anyone !!!!!

My faithfull Toshiba (circa '05) just bit the dust - - can't even get into the BIOS.
Thank GOD I've been carefull with backups. Symptoms started showing up where the fan
ran full bore, mouse was still active, but I could not change window focus, scroll or quit anything
and sat there for ~minute or so and then resumed normally.

Bestbuy had a deal I just couldn't turn down: A Dell Inspiron Laptop for $399
(i3, 2.3 ghz, 500gb hd, win/7 home premium) to which I upgraded to win/7/pro.

It was time for the major update, so - - that's the way it goes.
I'm certain the HD is fine and will open the Toshiba, extracate the HD and investigate.

It took several passes of Windows Update to bring the system current, but a good Cable ISP
connection was sufficient.

Allway Sync was a pleasure to use for recovering the backups - - ran lickity split considering
about +/-40gb moving on a 100mb lan.

My sole losses are incompatible programs coming from Win/Xp pro (32bit) up to Win/7 (64bit).

The real disappointment is my favorite PGP program doesn't integrate well at all and I'll have to
look for another solution.

Spywareblaster, Spybot S&D and Avast came over easily.
Due to my experience with Magic Jack noted under Newworks, I tweeked the windows firewall
to redefine the Local Network to be my restricted trusted ip address range x.1->x.10.
This could have been easier but it was manageable (I got spoiled with Sunbelt PF4).

Network Stumble is incompatible -> opt for inSSIDer as a good alternative

WOW; Thank God I had my firewall armed correctly !!!

I started to see Access Denied on 192.168.0.14 and scratched my head as to why.
I was logging all failed acceses(for visibility) of all non-existing connections (SPI did the blocking) and
that really was sufficient. But I wanted to cleanup the logs (ie not logging known issues)
and to know what was actually happening.

Instead of trusting the entire subnet (192.168.0.1->0.255), I have been using address
reservation to force know/trusted systems to 192.168.0.1->0.10. With guests taking
addresses 0.11 and above and only one existing guest, where the heck was
192.168.0.14 coming from?

Setting up ping -t 192.168.0.14 to watch the existance of this address, I started disconnecting
cables one at a time from the router->switch connection; finally I found it to be Magic Jack,
which I had totally forgotten about.

Ports being attempted were all over the place, 137, 445, 1900, .....

So, I explicitly created a Magic Jack rule to deny 192.168.0.14 any port and avoid logging.

Magic Jack users, CAVEAT EMPTOR!