Dr. Bruce Ivins, revisited

Remember back in February of last year when I said the FBI was full of BS for blaming Dr. Bruce Ivins for the anthrax attacks? Well, it turns out I was right. Another bombshell hit yesterday when it was revealed that the weaponized nature of the anthrax made it all but impossible that Dr. Ivins produced it.

Why is it that the FBI too often is the gang that can’t shoot straight? They spend $100 million on an investigation and, once they hound one scientist to his death (after first forever tarnishing the reputation of another, wrongly-accused scientist), blame it on him knowing full well they were slandering an innocent man.

Man, I miss the days in this country when heads would roll when someone royally screwed something up. There should be more than one FBI executive seeking new employment right about now based on what they did with the anthrax case.

Or, as I said in my earlier post, perhaps the FBI really doesn’t want to find the perpetrators.

Dear costumer . . .

Another phishing attempt hit the inbox, this time addressed to “costumers” and targeting Earthlink users.

From: “Earthlink.net” noreply@earthlink.net
Date: Wed, 20 Apr 2011 02:18:08 +0200
Subject: Earthlink.Net – Account Suspended

Account Locked !

Dear costumer,

Due to the number of incorrect login attempts, your earthlink account has been locked for your security. This has been done to secure your accounts and to protect your private information in case the login attempts were not done by you.

If you did not trigger this lockout, follow this link to Log on to your Earthlink Account:

Click here to unlock your account
http://stsoft.homelinux.org/oscommerce/images/webmail.earthlink.net.html
Thank you for your prompt attention to this matter.

We apologize for any inconvenience.

Thank you for using Earthlink.Net!

Please do not reply to this e-mail. Mail sent to this address cannot be answered.

Scammer of the year?

This guy deserves a real medal of some sort. I’m stunned that he ever pulled this off.

A Chinese national who said he was the “supreme commander” of a made-up Army unit orchestrated an elaborate scheme that attracted recruits and their money with the promise that it was a path to U.S. citizenship, authorities allege.

Yupeng Deng, who is accused of raking in hundreds of dollars from his recruits, is set to be arraigned Wednesday on more than a dozen charges.

Los Angeles County prosecutors said Deng, also known as David Deng, recruited 100 other Chinese nationals, primarily in Asian enclaves in the San Gabriel Valley, to join the “U.S. Army/Military Special Forces Reserve unit,” then gave them phony U.S. Army uniforms and military ID cards.

Fallout from Epsilon email breach?

Like many folks, I’ve gotten emails from many companies I do business with online letting me know that their email databases have been compromised by hackers. The breach took place at an email marketing company called Epsilon. Here’s one notification I received from Marriott:

April 4, 2011

Dear Marriott Customer,

We were recently notified by Epsilon, a marketing vendor used by Marriott International, Inc. to manage customer emails, that an unauthorized third party gained access to a number of Epsilon’s accounts including Marriott’s email list.

In all likelihood, this will not impact you. However, we recommend that you continue to be on the alert for spam emails requesting personal or sensitive information. Please understand and be assured that Marriott does not send emails requesting customers to verify personal information.

We take your privacy very seriously. Marriott has a long-standing commitment to protecting the privacy of the personal information that our guests entrust to us. We regret this has taken place and apologize for any inconvenience.

Please visit our FAQ to learn more.

Sincerely,

Marriott International, Inc.

I also received one from Hilton and saw an online notice on the Chase website. Most of these notices state that there has been no direct leak of account information, only email addresses. That may be true, but early this morning someone tried to close a Paypal account linked with my email address and then open a new one ten minutes later:
Continue reading →

BackWPup WordPress vulnerability

Looking over my logfiles tonight, I noticed a host trying to access a file I don’t have, backwpup.php.

46.4.202.87 – – [31/Mar/2011:19:00:03 -0400] “HEAD /wp-content/plugins/backwpup/backwpup.php HTTP/1.1” 403 – “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)”

It turns out this is a WordPress plugin that has a bug which lets an attacker traverse the file system. In other words, an attacker could then view any file on the server that’s accessible to the webserver process.

I hadn’t seen it before but it hasn’t been out too long. I don’t use that particular plugin but those who do should be aware.

Transaction canceled

I posted about a fake “transaction canceled” email I got but today I experienced a real canceled transaction.

I’ve been looking around for an LG Optimus V phone and thought I’d found the perfect one on Craigslist. It was priced at 60% of what a new phone costs:

VIRGIN MOBILE ANDROID – $120 (RALEIGH)
Date: 2011-03-28, 7:30PM EDT

THIS IS THE LG OPTIMUS V BRAND NEW IN BOX CALL 919-758-xxxx this is a touch screen

Continue reading →

ACH Payment canceled scam

Got this scam email today. Of course NACHA does not send emails about any transactions, so you can consider this to be fraud.

Date: Wed, 30 Mar 2011 15:36:01 +0000
From: risk@nacha.org
X-Mailer: The Bat! (v2.10.03) Personal
Message-ID: <2450512739.Q2NA84TE047826@urzrjfbftr.tlgwdedu.info>
Subject: ACH payment canceled

The ACH transaction (ID: 58051732944390), recently sent from your bank account (by you or any other person), was rejected by the other financial institution.

Please click here to download further information

If you have any questions or comments, contact us at info@nacha.org. Thank you for using http://www.nacha.org.

United Parcel Service Notification virus

I’ve been getting occasional emails with the subject “United Parcel Service notification” and the following text:

Dear customer.

The parcel was sent your home address.
And it will arrive within 7 business day.

More information and the tracking number are attached in document below.

Thank you.
© 1994-2011 United Parcel Service of America, Inc.

There is an attachment with the email that is called United Parcel Service document.zip or UPSnotify.rar, though there are other names, too. The attachment isn’t a document at all, of course: it’s a trojan horse designed to infect your computer with a virus (called TROJ_SPYEYE.SMEP) that allows others to control it. Trend Micro says the “controlling” site for the virus has since been shut down, so the risk may be low.

I’ve read that these fake emails also masquerade as coming from FedEx and DHL.

As always, do not click on links or attachments from people or services you don’t know, especially if they are written in poor English. Also, consider switching to Linux or a Mac.

Workers Strain to Retake Control After Blast and Fire at Japan Plant

Yikes. I’m with the Japanese who think that this situation is far more dire than officials have been letting on.

Tokyo Electric Power said Tuesday that after the explosion at the No. 2 reactor pressure had dropped in the “suppression pool” — a section at the bottom of the reactor that converts steam to water and is part of the critical function of keeping the nuclear fuel protected. After that occurred radiation levels outside No. 2 were reported to have risen sharply.

“We are on the brink,” said Hiroaki Koide, a senior reactor engineering specialist at the Research Reactor Institute of Kyoto University. “We are now facing the worst-case scenario. We can assume that the containment vessel at Reactor No. 2 is already breached. If there is heavy melting inside the reactor, large amounts of radiation will most definitely be released.”

via Workers Strain to Retake Control After Blast and Fire at Japan Plant – NYTimes.com.

Chris Colmer a CTE victim?

Since I began wondering about the ultimate fate of former NCSU football player Chris Colmer, I have discovered that I’ve not been alone. Many people have found this blog through Internet searches, looking for details about Chris’s death. A good number of these searches have included the keyword “suicide.”

First off, let me emphatically state that don’t know for sure the details of Chris’s death. I don’t know if he took his own life or it was a simple car wreck as others have stated. I only have the sketchiest of details and no communication with his family, so I only speak for myself here – this is my opinion only. Hell, I’m not even sure why I’m drawn to Chris’s death. I didn’t know him and I’m not the biggest football fan, either. Why this intrigues me is as much a mystery to me as it probably is to you.
Continue reading →