Pittsburgh Tech Guy

The authors of police-themed ransomware have started using the browsing histories from infected computers in order to make their scams more believable, according to an independent malware researcher.

Ransomware is a class of malicious applications designed to extort money from users by disabling important system functionality or by encrypting their personal files. A particular variation of this type of threat displays messages masquerading as notifications from law enforcement agencies.

The language of the messages and the agency names used in them change depending on the location of the victims, but in almost all cases the victims are told that their computers have been locked because they accessed or downloaded illegal content. In order to regain access to their computers, users are asked to pay a fine.

A new ransomware variant that employs this trick was spotted over the weekend by an independent malware analyst known online as Kafeine. Dubbed Kovter, this version stands out because it uses information gathered from the victim's browser history in order to make the scam message more credible, Kafeine said Friday in a blog post.

Kovter displays a fake warning allegedly from the U.S. Department of Justice, the U.S. Department of Homeland Security, and the FBI, that claims the victim's computer was used to download and distribute illegal content. The message also lists the computer's IP address, its host name, and a website from which the illegal material was allegedly downloaded.

The malware checks whether any of the sites already present in the computer's browser history is present in a remote list of porn sites whose content is not necessarily illegal, and if there's a match, it displays it in the message. By using this technique and naming a site that the victim has actually visited as the source for the alleged illegal content, the ransomware authors attempt to increase the credibility of their message.

If no match is found when checking the browser history against the remote list, the malware will just use a random porn site in the message, Kafeine said.

So beware of this new variant.  Just because it may name an actual site you have visited, does not mean it is real. 

To your left, you will find a page showing you how to create a "God Mode" Icon for Windows 8.  God Mode is a shortcut that will bring up a menu of all of the important and cool under the hood features of Windows.  It has been popular since Windows Vista, it is back for Windows 8.  You are welcome!

Due to a storm, my mom's DSL service went down.  After several calls (or rough translations, as mom put it), she was informed that the service was back online, well, except for her.  My nightmare of nightmare has come true, calling Verizon for a down DSL connection.  I am used to talking to somebody from overseas with broken english, but I never want to go through this again.  I'm having Mom upgrade to FIOS specifically so that I do not have to deal with a DSL modem every again.  The experience was a nightmare, but it did get corrected. 

An outdated browser or plug-in can serve as a security hole for hackers and malware authors to exploit, so you’ll want to keep your web software up-to-date. Qualys BrowserCheck is a free service that scans your Web browser to determine if you’re running outdated or insecure versions of some popular plug-ins or add-ons, including Adobe Reader, Adobe Flash, Java, and Windows Media Player.

You can run a quick scan from your browser in Windows, Mac, or Linux. You don't even have to download any software—Qualys runs completely within your browser. Supported browsers include Internet Explorer (IE), Mozilla Firefox, Google Chrome, Safari, Opera, and Camino. Once Qualys BrowserCheck completes its scan, it lists which plug-ins it scanned, and indicates whether you’re running insecure versions of any of your plug-ins, and if any updates are available. The scan also provides links to where you can download the newest plug-in version, so you don’t have to hunt around for it.
Sample results from a quick Qualys scan. Look at that: The Java plugin needs an update.
Alternatively, you can run a full scan after downloading and installing the Qualys BrowserCheck plug-in, which supports IE, Firefox, and Chrome on Windows—there's no Mac or Linux support for the full scan. This full scan can check all supported browsers you have installed, not just the browser you used to run the scan. And the full scan can also detect other system vulnerabilities as well, such as no automatic Windows Updates or Windows Firewall running, or out-of-date or disabled antivirus software.

Creative new site, Fastcustomer could not be any simpler to use.  Find a company in the list of more than 3000, click "Have them call me", enter your phone number and go about finishing your business.  A representative will call you back.  The site lists a wait time estimate as well.  Give it a try.

A second option, that is just as cool, Lucyphone.  Can you guess how this site got its name? Think acronyms: Let Us Call You. It works in much the same way as Fast Customer. Select a number from the list or enter a toll-free number if you have it, and click Start; Lucy will call you back and patch you through. 

You’ll probably still need to navigate the phone-tree jungle; if you are put on hold, however, you can press “**” (“##” on Google Voice) to leave a message for the agent who takes your call, or you can leave a call-back number. Once an agent is on the line, Lucy will call you back. A mobile version is available for iOS and Android.

Music junkies in the United States just received a nice surprise from Google in the form of a music matching feature, and free 320kbps cloud streaming from Google Music’s online locker.

Google Music is a free service that allows users to upload a maximum of 20,000 songs to an online storage locker accessible via the web and Android devices. The software itself leaves a small footprint and runs in the background, automatically uploading new tracks from your library. The downside of the service is that for digital music packrats (self included), the initial upload process can literally take weeks (my personal music collection clocks in at 53GB).

Similar to Apple‘s iTunes Match, Google Music will now simply scan your local music library and instantly add those tracks to your locker, though don’t expect to see under-the-radar indie bands to populate just yet. Additionally, Google will provide enhanced 320kbps streaming of the matched files, even if your originals are encoded at a lower bitrate. The icing on the cake is that Google is offering this to users completely free of charge, unlike Apple and Amazon’s similar services which run $25/year.  Also, think of it as a way to backup your collection online.