CryptoWall – How to protect yourself

CryptoWallLast year my readers may remember me talking about Cryptolocker in this post and then how the feds took it down finally.

Well that didn’t last long because CryptoWall (aka Cryptolocker) is back and more destructive than ever and has already held ransom over 600k computers according to this article.

The new ransom amount is a staggering $500 USD and doubles if not paid before the date given after your files are encrypted. To make matters worse they only accept Bitcoin as payment which in my opinion makes it near impossible for the average computer user to pay up to recover their files.

Now, I’m not going to get into too many more details about the Trojan that does all this damage but I will refer you to a couple links that contain more information about it at the bottom of this article.

But first I want to explain the best ways to protect yourself so you can easily recover from disaster if you are hit by CryptoWall.

Have latest anti-virus definitions and Malware Protection

Make sure you have anti-virus that is current and up to date. Also having the Pro version of Malwarebytes installed and updated will help a lot as well.

Make sure you have bulletproof backups.

When I say bulletproof I mean the following:

  • Cold Backups – These are backups that have been done and then taken offline.
  • Off Computer Backups – Backups that have been copied to another machine or server such as a NAS device.
  • Offsite Cold Backups – These are backups that are taken offsite and are offline.
  • Offsite Backup – These are backups that are offsite.

I actually do the first three types of backups that I have listed above because I really do not want to lose my data.

Use your brain

This means do not click on ads & watch what you do click on or install on your computer. Knowing exactly what your doing online will greatly help you avoid installing Malware or getting hit by Cryptowall.

Lastly I want to wish my readers good luck and I hope you never get hit by this nasty trojan.

More Details about CryptoWall at the following link:


Timberline Chainsaw Sharpener Review

Timberline Chainsaw SharpenerI finally received my Timberline chainsaw sharpener in the mail on 09/26/2014 and was pumped to try it right away but I waited until the next day.

I first tried it on a chain that was already on my saw that wasn’t really dull but it could used some refreshing up done. The tool seemed to work rather well but like I said it wasn’t really dull to begin with.

Working on Dull ChainUp next came the real test when I took off the freshly sharpened chain and put on another chain that was really dull and I failed to get it sharp with just a file.

It look me a little bit to get it seated on there just right but once it was in place I managed to get the chain sharpened and when I tested it out today it cut like a brand new chain.

Bottom line this chainsaw sharpener really works though it is a bit pricy on the pocketbook to purchase but in the end it’s going to save me a lot of headaches and hassles.



Tribune Printing Company In Fairfield Collapse

Around 3pm yesterday afternoon, local authorities responded to reports of a possible roof caving in at 101 Briggs. Once authorities arrived on the scene it was visibly clear that the roof of the Tribune Printing Company was sinking in and the building structure  had shift. Crews worked to secure the area by evacuating the surrounding businesses and residences, turning off electricity and gas.ross
According to the owner Ross Walker the building was not being occupied and he was planning to sell the building soon. Walker further stated that the Tribune had been in his family for the past 99 years and that he has 3 cars in the garage of the building. Crews helped push the three cars out of the garage, 2 classic T-Birds, 55’ & 57 and a 64 Mustang.

Ross_Walker_Bldg_Collapse_7-8-14MGPL6673rotatU50MUS250_72_1015ctxtxPaThe decision was made around 4:30pm to bring the entire building down. Fireman went up in the bucket ladder to see over the building while a large machine claw brought the rest of the building down. No one was injured. 25 mph winds circulated debris. Streets remain closed and fenced off for public safety. The investigation as to why the roof began collapsing is on-going. Assisting at the scene were Fairfield Fire Department, Fairfield Police Department and Jefferson County Sheriff Office.

Source: Explore SE Iowa

Facebook Changes Breastfeeding Mothers Photo Policy

Note: Some images in this post contain nudity.

Two weeks ago, if a photograph of an actively breastfeeding mother with nipples exposed was shared in Facebook, that photograph would have violated the company’s guidelines regarding nudity and obscenity and been removed. According to my conversations with Facebook spokespeople, as the result of a quiet policy change made two weeks ago, that is no longer the case. The female nipple ban no longer exists for breastfeeding mothers, which should make many people who have been pushing the company to address a nudity double standard at least partially happy.

Last year, when Jaclyn Friedman, Laura Bates and I organized a social media campaign challenging Facebook to recognize gender-based hate, the public focus of the initiative was on revealing the ways in which content depicting gross violations of women’s human rights — rapes, domestic battering, widespread violence against women — were being treated as, among other things, harmless jokes.  After five days, 60,000 tweets and 15 advertisers leaving the platform, Facebook acknowledged the problem and committed to addressing it.  We’ve developed a productive working relationship and continued to work on policies related to free speech and violence against women on their platform.

2014-06-09-PaalaSecorBreastfeedingpic2Photo credit: Paala Secor, 2014

Of equal importance to gender-based hate was the issue of the context in which content passes moderation. As a reflection of the world’s culture, Facebook continues to be a place in which depictions of women as sexually objectified (overt pornography violates community standards) or debased is broadly allowable, but others, in which women represent their own bodies for non male-gaze sexual pleasure, is largely not. So, for example, at the time of our campaign post-mastectomy photographs were removed for violating nudity policies. Similarly, photographs of woman breastfeeding, or topless in art or political protest were, as the latter two still are, banned on the site. For the past year we have been actively involved in pressuring the company, as have many others, to remove restrictions on women’s freedom of speech that results from“obscenity” double standards.

Among the clearest examples of how distorted ideas about “obscenity” are is the treatment of breastfeeding mothers, off-line and on.  While female toplessness is legal in many places, and breastfeeding in public is legal everywhere in the US, it remains “obscene” under many social media rules, and in daily interactions offline. There are entire Facebook pages, such as FB v Breastfeeding and Hey Facebook! Breastfeeding is Not Obscene, dedicated to the issue.  Breastfeeding selfies, a trend, could not be shared on the platform. Each time there is news about graphic and violent content allowed in Facebook, the ridiculousness of banning photos of women feeding their children is highlighted.

Similarly, it seems as though not a week goes by that Instagram, which is owned by Facebook, isn’t embroiled in a controversy regarding female nudity, usually toplessness.

Two weeks ago, Instagram disabled Rihanna’s Instagram account and then quickly reinstated it. She has since mocked their nudity policy and closed the account.  Rihanna’s body-based statement was hardly new, but is more and more common. Last week, Scout Willis took topless walk through New York to protest Instagram’s polices after she posted a photo of a t-shirt featuring two topless friends.  Instagram called Willis’ deleted photos (which included nipples) “incidences of abuse.”  Last week, model Natalia Vodianova posted a “legal” breastfeeding photograph (no nipples showing) that was criticized by breastfeeding advocates who felt that the image did more harm than good by sexualizing the act. These high-profile celebrity engagements, led earlier this year by Miley Cyrus, are helping the #FreeTheNipple movement pick up serious steam.  Even the cartoon icon for #FreeTheNipple, a global movement that has grown up around a soon-to-be eponymously named movie about decriminalizing the female body, has been removed from Facebook, while theHooter’s “owl” and Travelocity’s remains cozily entrenched.

A lot of ire is focused on Facebook, because, in terms of population, it is the third largest country in the world.  Facebook is not responsible for the double standards, or the rules and beliefs that they reflect.  They are mainstream ones in these regards. TheMPAA, the FCC and the modesty and morality police of the public sphere are all equally censorious about women’s toplessness.  However, by virtue of its regulation of content, it is an important social arbiter of them.

The very traditional and mainstream ideas about nudity that Facebook and other social media companies are grappling with maintain the cultural idea that women’s bodies are first and foremost, sexual objects and second, can be regulated in terms of distribution.

Laura Dodsworth, a photographer, launched the project Bare Reality, to explore the dichotomy between how women feel about their breasts privately and how they are presented for public consumption through the media.

“I know how frustrating it can be to push these restrictions on social media platforms, as they can be more conservative and discriminatory than real-life society,” she says.  “For instance, it’s ironic trying to create a conversation about Bare Reality on Facebook, because I will never be able to share the artwork there — for personal and political reasons I will not obscure women’s nipples. Controlling female nudity is about controlling women.

The idea that women should be able to share non-sexually objectifying images of their bodies, a form of counter-speech to our pervasive sexual objectification, eludes many people, who seem to skim the surface of what the core issues are.

Source: Huffington Post

Federal agents knock down Zeus Botnet, CryptoLocker

WASHINGTON — The United States seized a global network of computer servers known as Gameover Zeus Botnet used by cyber-criminals to spread malware viruses and steal millions of dollars from businesses and consumers, the Justice Department announced Monday.

U.S. and foreign law enforcement agents in a separate action seized the computers that distributed malware known as “CryptoLocker” that freezes access to computer files until victims pay a ransom.

More than $100 million in losses were attributed to the schemes, which infected hundreds of thousands of computers, including a Massachusetts police department that paid a $750 ransom to restore its access to investigative files, digital mugshots and other administrative documents.

Deputy Attorney General James Cole described the Gameover Zeus operation, in which cyber thieves overtake computers to siphon often valuable financial information, the “most sophisticated and damaging botnet we have ever encountered.”

A 14-count indictment, unsealed Monday in Pittsburgh, charges Evgeniy Mikhailovich Bogachev, 30, of Anapa, Russia, with directing Gameover Zeus. Charges include conspiracy, computer hacking, wire fraud, bank fraud and money laundering. Bogachev is charged in Omaha with conspiracy to commit bank fraud for his alleged involvement with an earlier version of the Zeus malware called “Jabber Zeus.”

Court documents identify Bogachev as “Slavik,” a computer nickname for a notorious leader of a tightly knit gang of cyber-criminals based in Russia and Ukraine allegedly responsible for both Gameover Zeus and CryptoLocker. The hackers allegedly used the Gameover Zeus network of infected computers to distribute CryptoLocker. Federal investigators say Bogachev used other online names, including “Pollingsoon” and “Lucky12345.”

FBI Executive Assistant Director Robert Anderson described Bogachev as “one of the most prolific cyber-actors in the world.”

Cole said U.S. authorities were in contact with Russian officials in an attempt to secure Bogachev’s arrest, though the suspect — a boating enthusiast known to frequent ports along the Black Sea — remains a fugitive.

Gameover Zeus, also known as “P2P Zeus,” is responsible for nearly 1 million infections worldwide since its first attack in September 2011. The malicious software is used to intercept online banking transactions. The software remains on the infected computers, which become part of a compromised network of computers known as a “botnet.” The cyber-criminals can access computers in the botnet to retrieve compromised banking passwords or use the botnet to infect more computers.

Federal agents redirected botnet computers to Homeland Security cyber-squads to identify the infected computers, the Justice Department said. Once the computers are identified through their Internet addresses, private computer security companies will help victims remove the malware, the department said.

CryptoLocker, which first surfaced in Great Britain in September 2013, uses malware to encrypt computer files on infected computers. Once the computer is locked, the malware posts a ransom note on the screen demanding payments of about $700 in untraceable credit cards or Bitcoin to unlock the files.

If the victim fails to pay the ransom, the computer remains locked, and files are unrecoverable.

Computer security companies estimate that CryptoLocker infected more than 234,000 computers worldwide, including more than 100,000 in the USA, the Justice Department said.

Cole said members of Bogachev’s network “implemented the kind of cyber-crimes that you might not believe if you saw them in a science fiction movie.”

Justice officials have recently mounted an aggressive campaign against computer hackers.

Last month, the United States accused Chinese military officials of hacking into several U.S. companies, including Westinghouse and U.S. Steel, to steal trade secrets and intellectual property. It was the first time the United States had charged a state actor in a criminal cyber-espionage case.

In that case, Chinese hackers, officers in the Chinese People’s Liberation Army, downloaded massive amounts of industrial information over eight years that they used to undercut trade deals, the indictment said. In the case of Westinghouse, the United States says the Chinese hackers stole plans for nuclear plants as Chinese politicians negotiated for Westinghouse to build the facilities.

Other businesses named as victims in the indictment included SolarWold, the United Steel Workers Union, Allegheny Technologies and Alcoa.

China denied hacking U.S. computers and vowed retaliation if the charges are not dropped. After the indictment, Chinese officials summoned the U.S. ambassador to the Foreign Ministry and suspended a joint working group on cyber-security.

While the Gameover Zeus and Cryptolocker disruptions deal a blow to hackers, Mike Lloyd, chief technology officer for the computer security firm RedSeal Networks, says it’s only a matter of time before cyber-criminals devise a new method of attack.

“This is a cockroach problem – killing one of these just means there will be another one along soon,” Lloyd said. “As long as we are easy targets who are cheap to compromise, attackers will exploit our weaknesses. Our current security defenses are generally weak, haphazard and full of gaps.”

Source: USA Today Revealed

Outlook_Ghostery Outlook_adblockplusMicrosoft has been Attacking Google with campaigns about “Don’t Get Scroogled” claiming Google does all these things with their e-mail such as scanning for keywords, tracking and serving up ads and such but in reality Microsoft is the ones doing this very activity themselves and you are probably even worse off using vs Gmail.

In fact when loading up my e-mail account I notice that I found 3 different trackers in the e-mail service and on top of that I blocked 6 different ad services as well.

The three trackers I found are:

I found zero trackers and zero ads in Gmail account when I loaded that!

So not only is Microsoft trying to make Google’s gmail service look bad, they are also flat out lying to it’s end users about what they do or do not do.

Makes you wonder if Microsoft really does have backdoors into all Windows machines as well like many claims say they do.

I would switch to Linux in a heartbeat if my video games worked with Linux. I’m honestly sick of giving money to the greedy bastards at Microshit

Textiles vs Naturists

There is a lot of people who are against Naturists and getting naked other than when they are having sex and on the other side of this debate there are the Naturists who enjoy doing every day tasks with not a single stitch of clothing on their body.

A lot of the textiles want nude beaches and resorts to disappear where nudists want to be able to be nude in more places than ever before.

Some people have asked me where I stand on this whole debate in the past and I decided I would finally share my views on this sensitive subject.
First let me start with saying there are a lot of people who claim to be Naturists who are in fact NOT Naturists and only partake in this lifestyle so they can reveal themselves in a sexual manner to others or as a shock factor. The act of doing this is not Naturism and those people are considered to be Exhibitionists.

ModelNow honestly, I’m all for Naturism and the values that it entails & I wish the world of was more open to nudity and less sexual regarding it. I must admit that I sometimes practice the lifestyle at home because I have found it to be the most comfortable way to relax when I’m at home or with a select group of friends that I trust.

Just to clarify again, Naturism is not a sexual act and it isn’t about exposing yourself to others or some sort of shock factor which is what Exhibitionists are all about doing. Granted yes you are nude while practicing Naturism but it’s about being comfortable in your own skin and even less about what you look like or if you are fat or not. Naturists do not judge you on your looks but rather who you are as a person.

eBay Data Breach

Security breaches at major web sites appear to happen with alarming regularity these days, and another key site has fallen: eBay suffered an attack last week that led to its entire user database being compromised. eBay lost control of data that contained usernames, contact information, and even encrypted passwords.

If you haven’t actually visited eBay in the last few days, you might not know about this hack. Several days after the breach, eBay had yet to notify users by email, and some users were quite upset about the silence, taking to sites like Twitter to complain. As of today, there is a notice on the eBay home page about the hack, but many users still haven’t been notified by email.

Whether or not you have been officially warned about the hack, you should change your password immediately. Since eBay doesn’t make it especially easy to find your password settings, here is how to find the settings:

  1. Click My eBay (which you’ll find in the upper right corner of the page).
  2. If necessary, sign into eBay when promoted.
  3. On the My eBay: Summary page, hover over the Account tab and choosePersonal Information.
  4. Click Edit next to the Password link.

From here, you can choose how you want to reset your password — via email, text, or phone call.

All of the usual rules should apply; create a strong password that is not easily cracked. The password should be at least 8 characters long, include upper and lowercase characters, numbers, and at least one special character.

Once you’ve accomplished that, you’ve done the bare minimum to protect yourself. But don’t stop there. Do you ever “reuse” passwords at multiple web sites? If you used the same password on eBay and any other sites, you should immediately change the password on those sites as well. That’s because hackers could try accessing other sites and services with your email address and eBay password.

And this is a good opportunity to begin using a password manager — not only can a password manager ensure that you don’t repeat passwords across multiple web sites, but they can advise you when data breaches like this occur. For example, many people found out about the eBay hack not from eBay itself, but from password managers like Dashlane, which displayed a warning to its users as a sort of public service announcement to change their eBay password the day after the hack.

Unfortunately, for eBay customers, the worst might yet be to come. Even changing passwords and starting to use a password manager can’t change the fact that hackers have made off with the complete user database, including real-world contact information, including phone numbers, mailing addresses, email, and more. That makes eBay customers ripe for phishing attacks and identity theft. Be on guard for unusual communication and keep an eye out for attempts to capitalize on this stolen personal information.


Safebox for Cloud Storage

For years I have worried about how secure my cloud storage data is expecially on services like Google Drive and Dropbox and I have been looking for ways to secure my data.

I’ve tried a number of things such as using Axcrypt for individual files and creating TrueCrypt volumes on my cloud storage but all of them have their own flaws and issues which I’m not going to list in this review.

I may of came up with a solution for both my issues with the previous encryption services. I recently I have been playing with a new service I discovered named Safebox.

Safebox works differently by creating a folder named Safebox on your computer where you would store the unencrypted documents which later get encrypted and put into a .safeboxdata folder on your cloud storage.

Here is a screenshot of my “Top Secret Document” I created that I needed encrypted.

Unencrypted file

Here is a screenshot of the same file encrypted on my Dropbox account.
Encrypted File

I also took a little time to test the decryption process, by installing Safebox on my work computer to test the decryption process and right away I ran into some issues where my file wasn’t properly decrypted and was made unreadable on my work pc.

Reason why this happened is because it also encrypts the temporary windows file so until the file is closed on whichever computer has it currently open it will be unreadable on other computers.

Decrypted File

I’m running out of time tonight to further test this product so I will leave you with my conclusion on Safebox.


Here is my conclusion on the product Safebox which appears to be a great product but it does not come without it’s pros and cons which I outlined below.

I will also state that I’m undecided if I will plan to use this to secure my personal documents or not due to some of the cons I listed below.


  • Encrypts documents prior to sending them to cloud storage.
  • Encrypts Filenames.
  • Military Grade AES 256 bit encryption.
  • Master Password to access all files.
  • Does not require an account and they don’t upload your information, file details or keys to their servers.
  • One time fee of $9.99 & no annual subscription fee.
  • User-Friendly & Easy to use.
  • Data Encrypted prior to being synced on the cloud.


  • Files don’t decrypt correctly if left open on another computer.
  • Puts each encrypted file in it’s own folder inside of .safeboxdata
  • Does not cleanup empty directly folders which used to contain deleted encrypted files.
  • Not possible to share encrypted files to a friend or co-worker unless u give them your master password and possibly your cloud storage account information.
  • No known portable versions available.
  • Resetting master password erases all your files.

Thank you for reading my review of this software and I hope it helps you in your purchasing decisions & securing your cloud  storage solution.

New Security Risks

There has been a whole slew of security risks posted in the news recently so I decided to share them all here in one single post.

Target CEO Resigns, – CC breach
Dropbox stumbles over security
Apple admits flaw in email attachment encryption
Email-borne exploits
Fake Paranormal Videos haunting fb users
Android ransomware dubbed Koler
Heartbleed patch leads to mistakes with certs accounts compromised
Dropbox users leak tax returns, mortgage applications and more!

Some good websites to read about other security threats are

Malwarebytes Blog
Naked Security