Posts in Security
Today’s phishing email RE: Your App឵Ie lD Has Been DisabIed Pending Further Verification
- 03 January 2025
My mom received this email and asked me verification. It is obvious fake, but the red flags are worth noting.
The only help from the email provider is marking the email as sent by mail.txu.com. Which is still spoofed, but nevertheless makes the email suspicious, as the email pretends to be from Apple. There is also a clue in the email itself, the terms of service URL in the email somehow points to Netflix, probably to filter out people too smart to attack.
Today’s phishing email (Subject Re: Contract Lease Agreement)
- 14 April 2023
The email body is as the following
<your email id> has recieved a file to your onedrive “2023 Contract Agreement .xlsx”
Bypassing Factory Reset Protection Microsoft Lumia 640
- 06 August 2022
The problem:
Recently I had to factory reset my Lumia 640 with Windows 10 Build 15063. However the factory reset protection cannot be turned off in settings. It will ask for password then the slider would stay on.
New web server hijacker HttpResetModule.dll
- 22 September 2021
Today a friend’s server was hacked. The web site displays normally if visited directly. The content is highjacked when visit from a Baidu Search result, similar to what user 41nbow experienced at https://www.freebuf.com/articles/web/222060.html.
A file system wide search for recent changed files shows that %windir%\system32\inetsrv\config\applicationHost.config file was recently updated. New entries were added to the end of the <globalModules> section. Despite their location being C:\Windows\Microsoft.NET\Framework\v2.0.50727 and C:\Windows\Microsoft.NET\Framework64\v2.0.50727, they bear no Microsoft signature nor any other version information. Also, the file name HttpResetModule is suspicious, why a web server want do reset a connection?
Today’s fake email of the day
- 15 October 2020
Today’s fake email of the day
So you care about an article titled “Trap CtrlAltDel; Hide Application in Task List on Win2000/XP” in 2020 and downloaded its source code, but still don’t know my name?
Free MSDN Visual Studio 2005 Team Suite with MSDN Premium Subscription for awardee of Microsoft Award for of Customer Excellence/ Microsoft MVP?
- 29 December 2005
Weeks ago I got an email promising free Visual Studio 2005 if I qualify for the Microsoft Award for Customer Excellence from www.microsoft-ace.com, which, according to some Microsoft employees, is a genuine Microsoft program website, but is also registered by a third party, and has a problem with the SSL certificate.
Today, I got a UPS package with 3 Visual Studio Team System with MSDN Premium redemption cards and a Microsoft-watermarked paper stating “thank you for your passionate support for VSTS”… but from www.mvpinvite.com, another website registered by 3rd party and seems has something to do with my MVP membership? So confusing…
从Sony招回含疑似间谍软件的CD说起
- 15 November 2005
面对消费者日益严重的不满,Sony BMG害怕自己的正版音乐产品受到版权保护“后门”的影响,于今天宣布撤回商店货架内所有涉及Rookit软件的CD产品,并为消费者提供免费的非DRM版CD更换。 http://computer.online.sh.cn/computer/gb/content/2005-11/16/content_1380298.htm
关于这个软件包含的安全性和稳定性问题,参考`Sony <http://www.sony.com>`__,`Rootkits <http://en.wikipedia.org/wiki/Rootkit>`__ and Digital Rights Management <http://en.wikipedia.org/wiki/Digital_rights_management>`__Gone Too Far http://www.365key.com/forward.aspx?id=1286254 以及 `More on Sony: Dangerous Decloaking Patch, EULAs and Phoning Home http://www.365key.com/forward.aspx?id=1286280
在线地址本服务
- 13 May 2005
我收到的来自在线地址本服务的邀请现在越来越频繁了。今天我又收到了一封这样的邮件:
Add yourself to xxx’s address book! Open your invitation This invitation was sent to my email address on behalf of xxxxxx (xxxxxx@hotmail.com) If you do not wish to receive invitations from this Ringo member, click here. To stop receiving invitations from all Ringo members, click here.
请勿向第三方公开你的个人密码
- 25 April 2005
Please don’t show your password to 3rd party.
一直以来我都持续收到一些加入在线手机社区http://www.sms.ac的邀请,因为我没有手机(要找我的人注意:我醒着的话一般都挂在MSN上),所以总是看过就算。但是今天收到了来自一个不是很熟的朋友的加入这个社区和另外一个社区http://www.bebo.com的邀请,所以上网搜索了一下一些个人BLOG对这两个网站的引用。搜索的结果触目惊心。
动态屏蔽Control+Alt+Delete(Update)
- 25 July 2004
我曾经编写过一篇关于动态屏蔽Control+Alt+Delete的文章。数月之后我把文章的英文修订版发在了CodeProject(https://web.archive.org/web/20081015201511/http://www.codeproject.com/system/preventclose.asp)。但是当时我并未发现代码在调试环境下崩溃的原因。在很长时间之后,我看到Antonio Feijao在他最近发表的一篇文章之中用C重写了这个代码,并且添加了一些注释说明了编译器设置可能出现的问题。我认为这篇文章对我的文章的读者也是很有用的,所以准备在我的文章中添加他的文章的链接。
文章介绍:
跨进程访问共享内存的权限问题
- 24 June 2004
问:
我在服务器上用 CreateFileMapping 创建了一段共享内存。让这个exe始终在服务器上跑。同时,别的用户在客户端用IE访问服务器,将要查询的数据通过C#制作的网页提交上来,服务器得到网页参数后,建立一个COM对象访问上一个exe的共享内存,然后将在共享内存中的查询结果返回给客户。问题是现在这个COM无法用openmapping访问exe的共享内存,提示 访问拒绝 。而我在服务器上随便建议一个工程编译成exe,文件就可访问这段共享内存!!为何在网页中就不成?COM难道要有什么权限设置.两个进程之间的权限整合方法是什么?怎么用DACL?
在Windows2000中动态禁用/启用Ctrl-Alt-Delete
- 09 November 2003
来自CSDN论坛VC/MFC版的讨论 在NT/2000中怎么禁用Ctrl+Alt+Delete?(不能用gina,键盘驱动)(此帖已归档,可以在http://search.csdn.net 搜索此帖)
本文的更新信息位于http://blog.joycode.com/jiangsheng/archive/2004/07/20/27909.aspx