(Alert) Latest Ransomware

We post these tech articles to inform Second Life users of the way accounts get hacked and how to avoid major problem’s in the future from attacks within the viewer (which is not as secure as we think) So please read on and secure your computer don’t let this happen to you!

Ransomware seems to be the darling of bad guys these days. It’s a very direct, powerful technique for extorting hundreds of dollars from a single victim very quickly, or millions of dollars when there are thousands of victims. Let’s take a look at the latest ransomware campaigns and how you can protect yourself from them… Recent account hacks in second life have not only locked people out of their accounts but have wiped out all L$ as well as attached ransomware to computer.

Ransomware: Detection and Protection
For anyone unfamiliar with it, ransomware is a type of malware that denies a victim access to his or her computer by locking its screen and/or encrypting the files on the hard drive. When a victim tries to access the computer, all they get is an ominous screen like the one below, that says “Oops, your files have been encrypted!”

The essence of the deal is, “Pay $X within Y days or you’ll never see your data again.” It’s extortion, pure and simple. But ransomware is getting much more sophisticated these days. The screenshot below comes from the Wannacry ransomware, which infected hundreds of thousand of computers in a single weekend in May.

The map shown here was generated by IBM, and shows the worldwide distribution of Wannacry ransomware infections. Apparently, you’re safe if you live in Papua New Guinea, Greenland, Niger or Chad. The rest of the world, not so much.

Payment in Bitcoin, the digital crypto-currency, is required. Most victims don’t know much about Bitcoin, so Wannacry and other recent ransomware provide surprisingly good “customer support” to guide victims through the process of creating a Bitcoin account, funding it with real money, and sending money to the extortionist.

One characteristic of Bitcoin is transparency; anyone who knows how can view all Bitcoin transactions since Bitcoin was created. Experts who have examined Bitcoin payments to the creators of Wannacry estimate that this global act of terrorism has so far generated only about $92,000 for its perpetrators. That’s a small return on the infection of an estimated 200,000 computers in 150 countries.

It turns out that Wannacry has a “kill switch” embedded in it that can halt the spread of Wannacry in its track. Within Wannacry’s code is a routine that constantly checks a gibberish domain name to see if it has been registered. As long as the domain remained unregistered, Wannacry would continue infecting any computer it could reach. But when a 22-year-old British security analyst who goes by the handle “MalwareTech” registered that domain, Wannacry stopped trying to spread itself. Amazingly, it cost only $10.69 (the domain registration fee) to halt this worldwide scourge.

That still left hundreds of thousand of computers infected by Wannacry. It’s a mystery how most of them, apparently, have either eradicated the infection somehow or are managing to get by without their data and computers. The UK’s National Health Service is still dealing with the fallout of widespread Wannacry infections on its network, delaying elective surgeries and slowing the nation’s entire health care system to a crawl.
Other Ransomware Attack Vectors
If you have been infected by ransomware, don’t run off and buy a bucket of bitcoins. First check in with the No More Ransomware Project, which offers free decryption tools for a range of ransomware attacks.

Another new form of ransomware has been dubbed “doxware.” You are unlikely to encounter it because it’s a technique that requires a lot of legwork from the perpetrators. First, they identify high-value targets, computer networks that house highly sensitive, confidential data. Then they infiltrate those networks with ransomware that not only encrypts all files, but also sends to the perpetrators select files that contain words like “confidential,” “top secret,” and so on. Then the victim is told that these files will be posted on a public Web site and all of his contacts will receive the URL that links to that site, unless he pays up by a specified date.

The best defense you can mount against ransomware, or any kind of malware infection, is to keep your operating system up to date with patches for all known vulnerabilities. If you allow Windows Update to run automatically, you should have received the patch to protect against the latest threats.

Microsoft even released a Wannacry patch for Windows XP and Windows 2003, obsolete operating systems that officially no longer receive security updates. Many computers in China, Russia, and even the USA are still running XP, despite its ever-growing vulnerability to hackers and malware. See Microsoft’s Customer Guidance for WannaCrypt attacks to read the company’s response to WannaCry, and links to those patches.

Trust No One

Other good advice here includes “Trust no one. Literally.” Do not click on any link or file attachment – even if it seems to have been sent by your bank, your brother the IT administrator, or your Mom – until you know what you are clicking on. If a message seems out of the ordinary, call your contact and ask if he or she sent it. No account is safe from hacking or impersonation (“spoofing”).

For further protection, enable the ‘Show file extensions’ option in the Windows settings on your computer. To do so, type “folder options” in the Start menu’s search box and click on “Folder Options” in the search results. In the dialogue window that opens, select the “View” tab. Uncheck the box next to “Hide extensions for known file types”. Click “OK” to save this change and close the dialogue window.

The purpose of showing common file extensions is to help you spot executable files (programs) that are disguised as non-executables. With “hide extensions” enabled, a file named WatchMe.avi looks like a video file. But with all extensions revealed, it may be WatchMe.avi.EXE and that is a big red flag. If you see multiple file extensions, delete the file without opening it.

A good anti-malware suite is also essential, and it must be kept updated too. I use the combination of Avast anti virushttp://avast.com/ and Malwarebytes Antimalware (MBAM) to provide double coverage.

And of course, be ever-vigilant about opening email attachments. When in doubt, contact the sender to ensure that they actually sent it, and that it’s safe to open.

Have a Great Week

Deuce Marjeta

Linden Lab Reintroduces Community Gateway Program

Today Linden Lab announced they are bringing back the Community Gateway Program.
Previously, the Community Gateway program helped bring new users to Second Life, by enabling Second Life communities to attract, register, an on-board new Residents. The program was shelved in 2010 as resources were re-prioritized, and now we’re excited to reintroduce the Community Gateway program along with some improvements that will make it even more valuable to Second Life.  We recognize the benefit of having Resident supported tutorial areas and have been working with several communities while fine tuning the new program over the last year.

This program allows Second Life Communities to:

  • Create a new user experience and attract Residents to your specific community

  • Assist those new Residents in beginning their journey into Second Life

  • Lend a guiding hand in the creation of their new avatar personas

  • Assist with increasing new user retention.

This powerful new tool will allow you to register new users right from your own community website and add them automatically to your group, thus helping your community to grow!

All details about this program (including how to apply) may be found here.

Snapshot_001.jpg

London City Community Gateway

Firestorm Gateway May 2017.png

Firestorm Community Gateway

[ALERT] Rogue Certificates

Security experts advise us not to enter passwords, credit card details, or other sensitive information on any website that does not provide an encrypted connection, and to use a bookmark to access sites that deal with banking or other private matters. But there’s a new threat being used by clever hackers to thwart both of those measures. Read on for details…

Do You Have a Rogue Certificate?
Remember hacks in secondlife are on the rise sadly Linden Labs does not have trusted certificates but they are protected and trusted.

It’s easy to tell if your connection to a site is encrypted. At the left end of the URL address bar, you will see a padlock icon and the “https” protocol label; it literally means “HTTP Secure.”

A secure connection SHOULD tell you two things. First, no one can eavesdrop on the data that flows back and forth between your browser and the site, because all traffic is encrypted. Second, the https protocol authenticates the identity of the server to which you are connected; you can rest assured that you really are connected to your bank’s site and not a scammers imitation of it.

Authentication makes use of digital certificates. A certificate is an encrypted file containing information such as the certificate holder’s name, the name of the trusted authority that issued the certificate, the unique public encryption key that the certificate holder uses, and other info. Copies of certificates are kept in a trusted “certificate store.”

Rogue Certificates

The first time you connect to a site using https, the certificate the site sends you is compared to the copy in the store; if they match, the site is authenticated. Then a copy of the certificate is stored on your computer, so future visits to that site don’t have to check with the certificate authority. Instead, your browser checks the site’s certificate against the copy in your local certificate store.

Unfortunately, clever hackers have figured out ways to plant “rogue certificates” in victims’ local certificate stores, replacing your bank’s trusted certificate with one that belongs to a rogue website. Now you’ll see the reassuring padlock and “https” even though you are not connected to the site you think you are. Also, the rogue site can now read everything you send it, including your login credentials.
Try This Signature Checking Tool

A Microsoft tool called sigcheck can detect suspicious certificates in your local certificate store. You can read about all of sigcheck’s features and how they work, or download the zip file containing sigcheck.

Extract sigcheck.exe or sigcheck64.exe from the zip file, depending on whether you have a 32-bit or 64-bit Windows PC. (To find out which you have, click Start -> Control Panel -> System. The System panel will tell you whether you have 32-bit or 64-bit Windows. If it doesn’t say either, you have a 32-bit system.)
To use sigcheck, click the Start button, type “cmd” in the search box, and hit Enter to open a command-line window.
Navigate to the folder that contains the extracted sigcheck executable file
Type “sigcheck -tv” or “sigcheck64 -tv” and press Enter

This command checks your local certificate store for certificates that were not generated by a certificate authority that is known by Microsoft. There are many certificate authorities; each has its own “root” certificate, and Microsoft keeps a database of them. If one of your local certificates appears to be valid but wasn’t created by one of the known certificate authorities, it may (or may not) be a rogue certificate.

Ideally, you should see “No Certificates Found.” If sigcheck does list some suspicious certificates, you will need to do some detective work to see which are legit and which should be deleted.

On my test machine, sigcheck flagged two certificates from Avast, my anti-malware program. Like many security suites, Avast offers a “Web shield” feature that monitors incoming browser traffic for signs of malware payloads of JavaScript attacks, and blocks them before they can do damage. To monitor an encrypted connection, Avast Web Shield has to create a certificate that allows it to read traffic. Avast needed to create a second certificate to provide real-time protection for my email, which is sent and received via encrypted connection. So these Avast certificates can remain on my machine.

Next, there’s a certificate for “Machine\TrustedPeople:Administrator.” That would be me, or anyone with administrator privileges. So this certificate can remain, too.

Certificates for “Harmony(Test)” and “HarmonyNew(TEST)” took a bit of googling. They seem to have been created during old Java installations, and serve no purpose now. Let’s delete them.
How to Delete Rogue or Unnecessary Certificates

First, I recommend that you run a full malware scan on your system before deleting any certificates, to eradicate the malware that created the certificate(s). Otherwise, the malware may simply re-create the rogue certificates.

To delete certificates, you’ll need another command-line utility called MMC.exe (Microsoft Management Console). It is built into Windows, so all you need to do is open a command-line window and enter MMC to start it. (If prompted, click YES to continue.)

Select “File” and then “Add/Remove Snap-In”
Select the snap-in “Certificates” in the left column on the next screen, then click the “Add” button to move “Certificates” to the right column.
Select “Computer account” on the next screen, then click Next
Click Finish on the final screen without changing anything.
Click “OK” on the Add/Remove Plug-ins screen

Now you see a folder tree on the left. The middle window shows the selected folder’s contents, if any. Drill down the folder tree to find the certificate(s) you wish to delete. Right-click on a certificate in the middle windows and select “Delete” to delete it.

I know this sounds a bit geeky, but if you follow the steps carefully, it’s not so hard, and will give you extra peace of mind.
Have a Great week!

Your Computer’s Worst Enemy?

Your PC or Mac shuts down without warning at random times? There are several possible causes, but overheating is the most likely, and easiest to solve. Read on to learn why heat is your computer’s Enemy Number One, and how to keep your computer from being damaged by overheating…

Signs of Overheating – And What To Do

Electronic components in your computer and other devices generate heat. The harder they work, the more heat they generate. But heat is the mortal enemy of all things electronic. (Witness the “Exploding Samsung Note 7” debacle of 2016.) So it’s important to be alert to temperature spikes in your computer,especially when using Second Life and take steps to cool it down when necessary.

How can you tell if your computer is overheating, and what can you do to keep it from frying, or worse? Sudden, inexplicable shutdowns of your computer are often due to overheating. Other symptoms of overheating include declining performance after running processor-intensive tasks for several minutes or hours. Games may run sluggishly, video may skip, and response to mouse clicks may be delayed.

More alarming are sudden software crashes, random reboots, and the dreaded Blue Screen of Death. These symptoms may have multiple causes, but overheating is one suspect that needs to be confirmed or eliminated.

Heat-sink Fan Overheating

Your computer’s BIOS (Basic Input/Output System) detects when the CPU, motherboard, hard drive, or graphics adapter is approaching its maximum operating temperature and shuts things down to avoid damaging that vital and expensive part. If you are experiencing seemingly random shutdowns, measure your computer’s temperatures and do something to lower them immediately.

Temperature sensors are built into many computer components; the trick is accessing these sensors to read temperatures. Unfortunately, Microsoft Windows and Mac OS X do not have built-in utilities to let users read temperatures. You have to find third-party software. Fortunately, there are several free temperature-monitoring utilities. Some can not only monitor temperatures but also do something to lower them.

MSI Afterburner is a long-standing favorite temperature monitoring utility. It also monitors voltages in various devices and the speed of the fan(s) which cool your CPU, power supply, and other components. Some motherboards allow users to control fan speeds while others do not; if fan speed can be controlled, SpeedFan will do it automatically to optimize the fan’s cooling.

Another tool to display temperature readings is Speccy . Speccy reads temperature sensors built into your motherboard, graphics adapter and hard drives. In addition to that, Speccy also gives you detailed information on every hardware component inside your Windows computer.

Open Hardware Monitor is a free system monitoring program for Windows and Linux computers. It monitors all of the voltage, temperature, fan speeds and other sensors built into your motherboard, including CPU temperature.

Hardware Monitor is a similar utility for Mac computers. It’s part of a suite of Mac monitoring utilities written by Marcel Bresink, and it’s available on a free trial basis. Hardware Monitor can detect and display information about your Mac’s processor type, battery data, hard drive information, voltage sensors, power and load sensors, and ambient light sensors. If you like the software and want to keep it, you can purchase it for under $10 USD.

Core Temp is designed for Intel and AMD multi-core CPU’s. It can monitor the temperature in each core in each processor in your system. It also has a logging feature to record temperatures over variable periods of time.

If you use a fan-speed controller that works with your system, it will provide several benefits. First, it will keep the temperature of your CPU and other components under the critical level, protecting your hardware and preventing shutdowns. Second, it will extend the life of your fan by running it only when it’s really needed. Third, it will minimize that irritating noise than cooling fans often make.
Other Overheating Solutions

A good rule of thumb is to make sure your CPU temperature is under 70 degrees Celsius, but each processor has a different safe operating range.
If adjusting the fan speed doesn’t bring the problem under control, there are several other possible causes for overheating. Dust is one common culprit that leads to overheating. You can buy cans of compressed air to clean the dust out of heat sinks, fans and airflow vents. Crack open the system unit every few months and you’ll be surprised at how much dust accumulates there, and how it affects your system temps.

Adequate air flow is important. A tower system should be placed so that its vents are not blocked by desk, wall, or other obstructions. A laptop can be elevated on a cooling pad to allow air to circulate under the machine. (In addition to cooling the laptop, this can keep your “human components” from overheating as well.)

It’s possible that the fans themselves may need to be replaced. If a fan is noisy, that’s a sign that it’s not working properly. Some components have built-in fans that can fail. This recently happened to the graphics adapter on my desktop machine. My computer was shutting down unexpectedly, and MSI Afterburner revealed that the temperature of that component was hitting 120 Celsius (about 250 degrees Fahrenheit). After opening the system unit case, I saw that the fan attached to the graphics card wasn’t spinning.

Another computer I had would occasionally make a loud sound that I can best describe as a combination of a “moo” and a buzz. Opening the case did not reveal any miniature cows or bees, but I did find a noisy fan with a bad bearing. As a temporary workaround in both situations, I left the case open and cooled things down with a small clip-on electric fan, until I was able to replace the failing components. Ebay is a great place to find these parts at a good price, and the only tool you’ll need is a screw driver for repairs of this type. If you’re hesitant to go the do-it-yourself route, you can find YouTube tutorials on how to fix almost anything.

It could also be that the thermal seal between the CPU and the heat sink (which draws heat away) is not good. You can remove the heat sink and reapply thermal grease, but that’s beyond the scope of this article. Again, YouTube is your friend.

Have a great week
Deuce Marjeta

Second Life Explained…and WHY are we still here 14 years after??

To the average everyday person they may hear “Second Life” and think “OMG what a bunch of losers playing on cartoons!”  

I don’t know about you guys but there are few and far between people in the “real world” who know about my ventures online in Second Life.  There would so much immediate judgmental mentality from way too many people.

I recently submerged a relative of mine into the world of Second Life and and found myself explaining to someone who has never experienced it before, I sort of compared it to “The Sims on crack”.  The best way to explain it is that there’s really no other “game” like it.  Second Life is more of a unique combination of an MMO, mixed with a RPG, then coated in a heavy thick layer of weird sex stuff.  I mean that’s kinda what happens when you give the internet full range on content creation!  The possibilities are so endless.  I mean – hey come on! One of the first places I showed her was a male strip club “Le Bare” where I proceeded to tip a dancer until he was nude and emoting for her….ha!  I blame the margaritas!  She has since established and created an avatar with my help of course and is enjoying getting her feet submerged into this crazy world we know and love.

You can do everything from building a home, having a family, to having a weird futuristic alien sex dungeon.  The limits are only that of your imagination! It becomes a safe space to release inner kinks, a place to pick your own adventure and your own path.  Kind of like the “Choose your own Adventure” books that I personally loved so much as a child.  In fact over half of the most popular places in Second Life are adult related, Go Figure!

Perhaps you are wheelchair bound in real life, so you go to a club, listen to live performances and dance your heart out in Second Life.  As unfortunate an event as it is, perhaps you cannot have children in Real Life due to medical complications so you give birth to a few babies in Second Life and start a relationship and a family.  It’s a place to have fun and meet people from all over the globe whom you’d never have met any other way.  A place to be creative, to share your talents, live out lives where it may not be a possibility in RL and even just to release some tension after a hard day at work like as many others use it as.  Whatever your outlet maybe – thi sis the diversity that makes Second Life a successful community over the past 14 yrs!  Linden Lab the creators of Second Life are hosting a 14th Birthday Carnival in June 2017.

As previously stated – you can have babies, you can have jobs, you can even make money and turn it into Real Life cash.  There are many ways to make money in game, from creating items and selling them via in world stores, events and on marketplace to webcam shows and virtual escorting to virtual land sales and customer support.  Many people have turned Second Life into a Real World job/income.  There are tons successful business people within the world of Second Life.  Marketplace offers an additional platform to sell content on – a sort of virtual catalog for purchasing user created content – everything for your avatar, to land information to home and decorating items.  The market possibilities are so vast.

There are also role play communities galore! General, Moderate to Adult content rated. There have been numerous Universities with online in world classes, museums for teaching and learning, in world classes to learn another language, and venues for art exhibits.   Community sims, with firemen and police RP, Furry forests, all the way to Vampire/Werewolves and Gorean RP.  There are also many subgames within the world of Second Life….in example…breed-able pets or plants which you can raise and sell for money.  Gaming regions for states that do allow gambling casinos. (You need to be verified and follow the SL guidelines to enter Skilled Gaming Regions).  Fighting games with HUDs (heads up displays) are also prevalent.  Vampire/Werewolf or Angel/Demon RP systems such as Bloodlines, Hunger, Eternal Conflict are quite popular.

Whatever your reasons, it’s the diversity that makes Second Life a place for everyone.

Whichever SL purpose is yours….we are so glad you’ve stayed because that’s what makes our community great 🙂

Sincerely Yours –

Jᴜʟᴇs Mᴀᴢɪᴋᴇᴇɴ Gʀᴇʏsᴏɴ (kittykat.jules)

Image result for second life

Image result for second life

New Monthly Credit Process Limits Announced By Linden Labs

In case you missed it, Linden Labs announced that they were changing the LindeX billing & trading limits to help alleviate the potential for fraud back in December of 2016. Well, that time has now arrived!

The ability to purchase and “cash out” Lindens has been a big benefit to many of our fellow Second Lifers, especially those who have been able to establish thriving businesses in world. In a sense, having these regulations helps keep that benefit secured and streamlined for those of us who use it often.

The new limits are:

LindeX L$ Buy Limit (24 hr):                US $1999.00

LindeX L$ Buy Limit (30 days):            US $1999.00

LindeX L$ Sell Limit (24 hr):                 US $1999.00

LindeX L$ Sell Limit (30 days):            US $1999.00

US$ Process Credit (24 hr):                   US $999.00

US$ Process Credit (30 days):               US $999.00

 

You are able to see where you stand within those new limits at any time by logging into your account and going here.

While this may not affect many folks, this can especially impact those who generally work with a lot of L’s each month with Process Credits and may exceed those thresholds. You are able to request a case-by-case review of an increase if these limits don’t suit your needs by going here. So, it’s certainly not the end of the world for high-volume Linden earners and consumers, but just another way Linden Labs is making sure that they’re enforcing financially responsible measures!

 

Bria Oceanside

ZoHa Blogger/Social Media