(Alert) Latest Ransomware

We post these tech articles to inform Second Life users of the way accounts get hacked and how to avoid major problem’s in the future from attacks within the viewer (which is not as secure as we think) So please read on and secure your computer don’t let this happen to you!

Ransomware seems to be the darling of bad guys these days. It’s a very direct, powerful technique for extorting hundreds of dollars from a single victim very quickly, or millions of dollars when there are thousands of victims. Let’s take a look at the latest ransomware campaigns and how you can protect yourself from them… Recent account hacks in second life have not only locked people out of their accounts but have wiped out all L$ as well as attached ransomware to computer.

Ransomware: Detection and Protection
For anyone unfamiliar with it, ransomware is a type of malware that denies a victim access to his or her computer by locking its screen and/or encrypting the files on the hard drive. When a victim tries to access the computer, all they get is an ominous screen like the one below, that says “Oops, your files have been encrypted!”

The essence of the deal is, “Pay $X within Y days or you’ll never see your data again.” It’s extortion, pure and simple. But ransomware is getting much more sophisticated these days. The screenshot below comes from the Wannacry ransomware, which infected hundreds of thousand of computers in a single weekend in May.

The map shown here was generated by IBM, and shows the worldwide distribution of Wannacry ransomware infections. Apparently, you’re safe if you live in Papua New Guinea, Greenland, Niger or Chad. The rest of the world, not so much.

Payment in Bitcoin, the digital crypto-currency, is required. Most victims don’t know much about Bitcoin, so Wannacry and other recent ransomware provide surprisingly good “customer support” to guide victims through the process of creating a Bitcoin account, funding it with real money, and sending money to the extortionist.

One characteristic of Bitcoin is transparency; anyone who knows how can view all Bitcoin transactions since Bitcoin was created. Experts who have examined Bitcoin payments to the creators of Wannacry estimate that this global act of terrorism has so far generated only about $92,000 for its perpetrators. That’s a small return on the infection of an estimated 200,000 computers in 150 countries.

It turns out that Wannacry has a “kill switch” embedded in it that can halt the spread of Wannacry in its track. Within Wannacry’s code is a routine that constantly checks a gibberish domain name to see if it has been registered. As long as the domain remained unregistered, Wannacry would continue infecting any computer it could reach. But when a 22-year-old British security analyst who goes by the handle “MalwareTech” registered that domain, Wannacry stopped trying to spread itself. Amazingly, it cost only $10.69 (the domain registration fee) to halt this worldwide scourge.

That still left hundreds of thousand of computers infected by Wannacry. It’s a mystery how most of them, apparently, have either eradicated the infection somehow or are managing to get by without their data and computers. The UK’s National Health Service is still dealing with the fallout of widespread Wannacry infections on its network, delaying elective surgeries and slowing the nation’s entire health care system to a crawl.
Other Ransomware Attack Vectors
If you have been infected by ransomware, don’t run off and buy a bucket of bitcoins. First check in with the No More Ransomware Project, which offers free decryption tools for a range of ransomware attacks.

Another new form of ransomware has been dubbed “doxware.” You are unlikely to encounter it because it’s a technique that requires a lot of legwork from the perpetrators. First, they identify high-value targets, computer networks that house highly sensitive, confidential data. Then they infiltrate those networks with ransomware that not only encrypts all files, but also sends to the perpetrators select files that contain words like “confidential,” “top secret,” and so on. Then the victim is told that these files will be posted on a public Web site and all of his contacts will receive the URL that links to that site, unless he pays up by a specified date.

The best defense you can mount against ransomware, or any kind of malware infection, is to keep your operating system up to date with patches for all known vulnerabilities. If you allow Windows Update to run automatically, you should have received the patch to protect against the latest threats.

Microsoft even released a Wannacry patch for Windows XP and Windows 2003, obsolete operating systems that officially no longer receive security updates. Many computers in China, Russia, and even the USA are still running XP, despite its ever-growing vulnerability to hackers and malware. See Microsoft’s Customer Guidance for WannaCrypt attacks to read the company’s response to WannaCry, and links to those patches.

Trust No One

Other good advice here includes “Trust no one. Literally.” Do not click on any link or file attachment – even if it seems to have been sent by your bank, your brother the IT administrator, or your Mom – until you know what you are clicking on. If a message seems out of the ordinary, call your contact and ask if he or she sent it. No account is safe from hacking or impersonation (“spoofing”).

For further protection, enable the ‘Show file extensions’ option in the Windows settings on your computer. To do so, type “folder options” in the Start menu’s search box and click on “Folder Options” in the search results. In the dialogue window that opens, select the “View” tab. Uncheck the box next to “Hide extensions for known file types”. Click “OK” to save this change and close the dialogue window.

The purpose of showing common file extensions is to help you spot executable files (programs) that are disguised as non-executables. With “hide extensions” enabled, a file named WatchMe.avi looks like a video file. But with all extensions revealed, it may be WatchMe.avi.EXE and that is a big red flag. If you see multiple file extensions, delete the file without opening it.

A good anti-malware suite is also essential, and it must be kept updated too. I use the combination of Avast anti virushttp://avast.com/ and Malwarebytes Antimalware (MBAM) to provide double coverage.

And of course, be ever-vigilant about opening email attachments. When in doubt, contact the sender to ensure that they actually sent it, and that it’s safe to open.

Have a Great Week

Deuce Marjeta

Second Life hits its 14th Anniversary this Summer!

Second Life hits its 14th Anniversary this summer. That’s definitely worthy of a celebration, and you do not have to wait until the actual Anniversary, June 23rd! to start enjoying the fun.

The Shopping Event takes place in a large indoor mall atmosphere, with a plethora of 60 of Second Life’s Hottest Designers.  There is something for everyone for sure.

The three regions: Golden, Gilded and Halcyon can be found at the link below – each vendor is to provide a FREE gift and some major discounts on their top-selling items!

Go, check it out now! Sales ends on June 26th!

Linden Lab has few things in the works for later this month as well – so stay tuned!

List of Participating Merchants

.{PSYCHO:Byts}. / .TeaBunny. / [ west end ] / [Tia] / {CA} CALIGULA™ / *KC|Couture* / % anxiety / • Zuri Jewelry • / ^.^Ayashi^.^ / || Fashiowl Poses || / ~Tableau Vivant~ / 1313 Mockingbird Lane / 220ML / addams / Alice Project / alme. by ChloeElectra / Aphorism / Bella Moda / BigBully / Blueberry / BOYS TO THE BONE / by Crash / Cae / Candle and Cauldron / Canimal / Catwa / Chez Moi / ChiMia / CONSTRUCT / Deadwool / Deccan Arida / eve / eXxEsS Hair / FUSSY x FOXCITY / G&D The Italian Style / Gos / Heartsdale Jewellery / Hello Dave / Hucci / Ison / jacinda jaxxon / Lapointe and Bastchild / Lemon Chilliz / Lure / Lybra™ / Mina / Murray / Patron / RealEvil Industries / Rebel Hope / Refuge / Silvan Moon Designs / STRAY DOG / Sweet Tea Couture / Thalia Heckroth / The Cube Republic / Titans / titzuki/FAKEICON / WILD Makeup Studio / zed designz /

Linden Lab Reintroduces Community Gateway Program

Today Linden Lab announced they are bringing back the Community Gateway Program.
Previously, the Community Gateway program helped bring new users to Second Life, by enabling Second Life communities to attract, register, an on-board new Residents. The program was shelved in 2010 as resources were re-prioritized, and now we’re excited to reintroduce the Community Gateway program along with some improvements that will make it even more valuable to Second Life.  We recognize the benefit of having Resident supported tutorial areas and have been working with several communities while fine tuning the new program over the last year.

This program allows Second Life Communities to:

  • Create a new user experience and attract Residents to your specific community

  • Assist those new Residents in beginning their journey into Second Life

  • Lend a guiding hand in the creation of their new avatar personas

  • Assist with increasing new user retention.

This powerful new tool will allow you to register new users right from your own community website and add them automatically to your group, thus helping your community to grow!

All details about this program (including how to apply) may be found here.

Snapshot_001.jpg

London City Community Gateway

Firestorm Gateway May 2017.png

Firestorm Community Gateway

Home & Garden Expo for Relay for Life!

The Event of Events for Builders, and Home Decor Enthusiasts of SL is here! The Home & Garden Expo has nine full regions for you to explore loaded with home and garden items under the theme “Passport to Hope” Most importantly and as you may know, the Home & Garden Expo raises money for Relay For Life of Second Life.   Relay For Life is the American Cancer Society’s signature fundraising event, and RFL of SL is one of its virtual counterparts. You can help make a difference with every purchase and tip, however small it may seem – every donation or purchase helps this wonderful cause that affects so many lives day to day! So don’t miss this chance to shop and do good, stop by before June 4th cause that is the very last day!

Home and Garden Expo, photographed by Wildstar Beaumont

Home and Garden Expo, photographed by Wildstar Beaumont

Expo exhibitors are required to have two 100% donation items at the Expo. These items must be new and exclusive to the Expo for the duration of the event.

100% of registration fees, sponsorship fees and donation items are paid to Relay For Life of Second Life. 50% of the proceeds from the gachas will be paid to RFL and 100% of the 10L hunt items.

Also – Builder’s Brewery will be hosting building classes on texture alignment, prim building, and various other courses that can be found here.

Every day at 4pm, there is a special lantern release ceremony from the top of the theatre on Hope 5.

This ceremony goes back to 2012, when Alchemy Immortalis created the Blue Willow lanterns especially for the Home and Garden Expo. It became the custom to release them each day at 4pm, and people would gather to watch and reflect as the lanterns rose slowly into the air.

Sometimes people speak, but often the event takes place in comparative silence – a break from the busyness (and the business) of the Expo – a time to reflect, remember and mourn.

Complete Shopping Guide!

Teleport to Hope 1

Teleport to Hope 2

Teleport to Hope 3

Teleport to Hope 4

Teleport to Hope 5

Teleport to Hope 6

Teleport to Hope 7

Teleport to Hope 8

Teleport to Hope 9

 

[ALERT] Rogue Certificates

Security experts advise us not to enter passwords, credit card details, or other sensitive information on any website that does not provide an encrypted connection, and to use a bookmark to access sites that deal with banking or other private matters. But there’s a new threat being used by clever hackers to thwart both of those measures. Read on for details…

Do You Have a Rogue Certificate?
Remember hacks in secondlife are on the rise sadly Linden Labs does not have trusted certificates but they are protected and trusted.

It’s easy to tell if your connection to a site is encrypted. At the left end of the URL address bar, you will see a padlock icon and the “https” protocol label; it literally means “HTTP Secure.”

A secure connection SHOULD tell you two things. First, no one can eavesdrop on the data that flows back and forth between your browser and the site, because all traffic is encrypted. Second, the https protocol authenticates the identity of the server to which you are connected; you can rest assured that you really are connected to your bank’s site and not a scammers imitation of it.

Authentication makes use of digital certificates. A certificate is an encrypted file containing information such as the certificate holder’s name, the name of the trusted authority that issued the certificate, the unique public encryption key that the certificate holder uses, and other info. Copies of certificates are kept in a trusted “certificate store.”

Rogue Certificates

The first time you connect to a site using https, the certificate the site sends you is compared to the copy in the store; if they match, the site is authenticated. Then a copy of the certificate is stored on your computer, so future visits to that site don’t have to check with the certificate authority. Instead, your browser checks the site’s certificate against the copy in your local certificate store.

Unfortunately, clever hackers have figured out ways to plant “rogue certificates” in victims’ local certificate stores, replacing your bank’s trusted certificate with one that belongs to a rogue website. Now you’ll see the reassuring padlock and “https” even though you are not connected to the site you think you are. Also, the rogue site can now read everything you send it, including your login credentials.
Try This Signature Checking Tool

A Microsoft tool called sigcheck can detect suspicious certificates in your local certificate store. You can read about all of sigcheck’s features and how they work, or download the zip file containing sigcheck.

Extract sigcheck.exe or sigcheck64.exe from the zip file, depending on whether you have a 32-bit or 64-bit Windows PC. (To find out which you have, click Start -> Control Panel -> System. The System panel will tell you whether you have 32-bit or 64-bit Windows. If it doesn’t say either, you have a 32-bit system.)
To use sigcheck, click the Start button, type “cmd” in the search box, and hit Enter to open a command-line window.
Navigate to the folder that contains the extracted sigcheck executable file
Type “sigcheck -tv” or “sigcheck64 -tv” and press Enter

This command checks your local certificate store for certificates that were not generated by a certificate authority that is known by Microsoft. There are many certificate authorities; each has its own “root” certificate, and Microsoft keeps a database of them. If one of your local certificates appears to be valid but wasn’t created by one of the known certificate authorities, it may (or may not) be a rogue certificate.

Ideally, you should see “No Certificates Found.” If sigcheck does list some suspicious certificates, you will need to do some detective work to see which are legit and which should be deleted.

On my test machine, sigcheck flagged two certificates from Avast, my anti-malware program. Like many security suites, Avast offers a “Web shield” feature that monitors incoming browser traffic for signs of malware payloads of JavaScript attacks, and blocks them before they can do damage. To monitor an encrypted connection, Avast Web Shield has to create a certificate that allows it to read traffic. Avast needed to create a second certificate to provide real-time protection for my email, which is sent and received via encrypted connection. So these Avast certificates can remain on my machine.

Next, there’s a certificate for “Machine\TrustedPeople:Administrator.” That would be me, or anyone with administrator privileges. So this certificate can remain, too.

Certificates for “Harmony(Test)” and “HarmonyNew(TEST)” took a bit of googling. They seem to have been created during old Java installations, and serve no purpose now. Let’s delete them.
How to Delete Rogue or Unnecessary Certificates

First, I recommend that you run a full malware scan on your system before deleting any certificates, to eradicate the malware that created the certificate(s). Otherwise, the malware may simply re-create the rogue certificates.

To delete certificates, you’ll need another command-line utility called MMC.exe (Microsoft Management Console). It is built into Windows, so all you need to do is open a command-line window and enter MMC to start it. (If prompted, click YES to continue.)

Select “File” and then “Add/Remove Snap-In”
Select the snap-in “Certificates” in the left column on the next screen, then click the “Add” button to move “Certificates” to the right column.
Select “Computer account” on the next screen, then click Next
Click Finish on the final screen without changing anything.
Click “OK” on the Add/Remove Plug-ins screen

Now you see a folder tree on the left. The middle window shows the selected folder’s contents, if any. Drill down the folder tree to find the certificate(s) you wish to delete. Right-click on a certificate in the middle windows and select “Delete” to delete it.

I know this sounds a bit geeky, but if you follow the steps carefully, it’s not so hard, and will give you extra peace of mind.
Have a Great week!

Your Computer’s Worst Enemy?

Your PC or Mac shuts down without warning at random times? There are several possible causes, but overheating is the most likely, and easiest to solve. Read on to learn why heat is your computer’s Enemy Number One, and how to keep your computer from being damaged by overheating…

Signs of Overheating – And What To Do

Electronic components in your computer and other devices generate heat. The harder they work, the more heat they generate. But heat is the mortal enemy of all things electronic. (Witness the “Exploding Samsung Note 7” debacle of 2016.) So it’s important to be alert to temperature spikes in your computer,especially when using Second Life and take steps to cool it down when necessary.

How can you tell if your computer is overheating, and what can you do to keep it from frying, or worse? Sudden, inexplicable shutdowns of your computer are often due to overheating. Other symptoms of overheating include declining performance after running processor-intensive tasks for several minutes or hours. Games may run sluggishly, video may skip, and response to mouse clicks may be delayed.

More alarming are sudden software crashes, random reboots, and the dreaded Blue Screen of Death. These symptoms may have multiple causes, but overheating is one suspect that needs to be confirmed or eliminated.

Heat-sink Fan Overheating

Your computer’s BIOS (Basic Input/Output System) detects when the CPU, motherboard, hard drive, or graphics adapter is approaching its maximum operating temperature and shuts things down to avoid damaging that vital and expensive part. If you are experiencing seemingly random shutdowns, measure your computer’s temperatures and do something to lower them immediately.

Temperature sensors are built into many computer components; the trick is accessing these sensors to read temperatures. Unfortunately, Microsoft Windows and Mac OS X do not have built-in utilities to let users read temperatures. You have to find third-party software. Fortunately, there are several free temperature-monitoring utilities. Some can not only monitor temperatures but also do something to lower them.

MSI Afterburner is a long-standing favorite temperature monitoring utility. It also monitors voltages in various devices and the speed of the fan(s) which cool your CPU, power supply, and other components. Some motherboards allow users to control fan speeds while others do not; if fan speed can be controlled, SpeedFan will do it automatically to optimize the fan’s cooling.

Another tool to display temperature readings is Speccy . Speccy reads temperature sensors built into your motherboard, graphics adapter and hard drives. In addition to that, Speccy also gives you detailed information on every hardware component inside your Windows computer.

Open Hardware Monitor is a free system monitoring program for Windows and Linux computers. It monitors all of the voltage, temperature, fan speeds and other sensors built into your motherboard, including CPU temperature.

Hardware Monitor is a similar utility for Mac computers. It’s part of a suite of Mac monitoring utilities written by Marcel Bresink, and it’s available on a free trial basis. Hardware Monitor can detect and display information about your Mac’s processor type, battery data, hard drive information, voltage sensors, power and load sensors, and ambient light sensors. If you like the software and want to keep it, you can purchase it for under $10 USD.

Core Temp is designed for Intel and AMD multi-core CPU’s. It can monitor the temperature in each core in each processor in your system. It also has a logging feature to record temperatures over variable periods of time.

If you use a fan-speed controller that works with your system, it will provide several benefits. First, it will keep the temperature of your CPU and other components under the critical level, protecting your hardware and preventing shutdowns. Second, it will extend the life of your fan by running it only when it’s really needed. Third, it will minimize that irritating noise than cooling fans often make.
Other Overheating Solutions

A good rule of thumb is to make sure your CPU temperature is under 70 degrees Celsius, but each processor has a different safe operating range.
If adjusting the fan speed doesn’t bring the problem under control, there are several other possible causes for overheating. Dust is one common culprit that leads to overheating. You can buy cans of compressed air to clean the dust out of heat sinks, fans and airflow vents. Crack open the system unit every few months and you’ll be surprised at how much dust accumulates there, and how it affects your system temps.

Adequate air flow is important. A tower system should be placed so that its vents are not blocked by desk, wall, or other obstructions. A laptop can be elevated on a cooling pad to allow air to circulate under the machine. (In addition to cooling the laptop, this can keep your “human components” from overheating as well.)

It’s possible that the fans themselves may need to be replaced. If a fan is noisy, that’s a sign that it’s not working properly. Some components have built-in fans that can fail. This recently happened to the graphics adapter on my desktop machine. My computer was shutting down unexpectedly, and MSI Afterburner revealed that the temperature of that component was hitting 120 Celsius (about 250 degrees Fahrenheit). After opening the system unit case, I saw that the fan attached to the graphics card wasn’t spinning.

Another computer I had would occasionally make a loud sound that I can best describe as a combination of a “moo” and a buzz. Opening the case did not reveal any miniature cows or bees, but I did find a noisy fan with a bad bearing. As a temporary workaround in both situations, I left the case open and cooled things down with a small clip-on electric fan, until I was able to replace the failing components. Ebay is a great place to find these parts at a good price, and the only tool you’ll need is a screw driver for repairs of this type. If you’re hesitant to go the do-it-yourself route, you can find YouTube tutorials on how to fix almost anything.

It could also be that the thermal seal between the CPU and the heat sink (which draws heat away) is not good. You can remove the heat sink and reapply thermal grease, but that’s beyond the scope of this article. Again, YouTube is your friend.

Have a great week
Deuce Marjeta