Support Blog

We have a new page where our customers can log in and change thier billing address, update billing and check thier usage and more.
The page is at:
http://customers.connectto.net/

You can use the new portal if you receive a billing notice from us and update your information!

The popular music player suffers a zero-day vulnerability that attackers can use to take over a user's system. The flaw is already being exploited.

By Gregg Keizer
TechWeb News

Jan 30, 2006 01:50 PM

The popular Winamp music player suffers from a zero-day vulnerability that attackers are already exploiting, a security company warned Monday. A patch is not available.

The bug in Winamp 5.12 is "extremely critical," the most dire alert Danish-based Secunia uses. An attacker, said Secunia, can take complete control of a PC by getting a user to download a malicious audio playlist that uses a filename larger than about 1,040 bytes. Because Winamp automatically begins playing a playlist once it's download, hackers could easily attack PCs equipped with the music player.

A proof-of-concept exploit that's on the loose suggests using an iframe to trigger a 'drive-by' attack on users who visit a malicious site, added the SANS Institute's Internet Storm Center.

The widespread attacks against the Windows Metafile (WMF) vulnerability in December and January were largely based on sites exploiting iframe vulnerabilities to compromise PCs that had simply surfed to one of thousands of malicious sites. Those same sites could conceivably add this Winamp exploit to their arsenals.

Secunia recommended that users turn to alternate player programs, but Moscow-based Kaspersky Labs said that users could deflect attacks by setting Winamp's .pls file format to "Confirm open after download" using Windows' "Folder Options/File Types" dialog.

Winamp's Web site currently has no news of the bug, or any information about a possible patch. The site's support forums also lack any talk of the bug, with the exception of one user who provided a link to the proof-of-concept code.

This is an update to the message below which we posted on 01/21.

If you receive a billing notice that has an AVS mis match error or address match error please contact us with your billing address. It is that simple. Once we have the correct billing address the issue will be corrected. You can send the billing address to us at support@connectto.net or call us. Email is the preffered method so we are able to copy and paste the address.

Changes to our credit card processing system
2006-01-21 00:07:21

Tomorrow night we will be changing over to our new credit card processing company. This company is a little more strict about address checking and verification than was our old company. So it is possible that some of the regular monthly charges might be declined, with a message stating something about address verifcation.

This issue should now be resolved.

Numbers affected during this ticket :
- 3037850290

We are aware of operator intercepts coming up on this POP. We are working towards a resolution on this issue.

We are having trouble with our new toll free number at the moment. IF you need to get to us, please call 707-504-4514 or use the old toll free number of 1-877-586-3538

Another twist has been discovered with the newest worm making the rounds: Kama Sutra can fool Windows into accepting a malicious ActiveX control by spoofing a digital signature.

The Kama Sutra worm can fool Windows into accepting a malicious ActiveX control by spoofing a digital signature, a security company said Tuesday.

Sunnyvale, Calif.-based Fortinet said the worm -- which also goes by names such as Nyxem.e, MyWife.d, Grew.a, and Blackmal.e -- adds 18 entries to the Windows Registry to slip the ActiveX control by the operating system's defenses. "By creating the following entries, the control is considered 'safe' and digitally signed," said the Fortinet advisory.

The ActiveX control, added Fortinet, is used by the worm to automatically run its code each time the PC is turned on and Windows boots.

"The threat of worms like this will make them much more dangerous in the future," said Bojan Zdrnja, an analyst for the Internet Storm Center, on the group's site. "If a worm puts a fake certificate on an infected machine, MITM [Man-In-The-Middle] attacks become extremely easy. Of course, we all know that once the machine is infected you can't trust it, but this looks like another (big) problem for the average user."

The year's worst worm is either growing stronger or getting weaker, said security vendors Monday as they couldn't reach agreement on how Kama Sutra -- just one of the names tagged to the malicious code -- is affecting users.

Finnish security firm F-Secure, which first spotted a trigger in the worm that will corrupt a wide range of document file formats on infected PCs starting Feb. 3, said Monday that the worm was still gaining ground.

"It's still climbing," said Mikko Hypponen, the chief research officer of the Helsinki-based company. "It's not the worst we've seen, but the infection is sizable."

Wrong, argued Alfred Huger of Symantec. "We think it's peaked," he said Monday. "It looks now like [its rate of propagation] is coming back down." Saturday, for instance, Symantec recorded a large drop in the number of Kama Sutra submissions to its global network, spiked early Monday, but then fell off again later in the day.

Hypponen and Huger agreed on several things, however, including that the worm was dangerous, 2006's biggest attack so far, and could wreak havoc come Feb. 3, when it's scheduled to overwrite data in several Microsoft and Adobe document formats with a useless text string.

"Unlike most other [worms], this one is really destructive," said Hypponen. For some reason, he went on, the author of Kama Sutra turned back the clock to the days when viruses and worms deleted files or erased hard drives. For some time, that destructive strategy has been passé; hackers have realized they can make money off compromised machines, so harming the computer makes no sense, and only attracts attention.

"This has to be a hobbyist," said Hypponen, using the term to describe an old-school hacker who writes

There is a fiber cut that is affecting all of Southern California. There was a train derailment in Colorado that caused this to occur. WN has stated that on Tuesday, January 24th they will be on the scene of the issue and will be repairing it accordingly.

Please send email to support in plain text format only. Sometimes we cannot "see" customer's messages due to the cute graphics, embedded ads or other things. Some emails come to us as a blank page and we have to look to see if there is a message inside that needs to be opened - the messages end up like an attachment. The thing is if we open an email that looks as though there is nothing in it we may delete it by mistake. It is best to send us plain text messages with no background colors, images (unless you need to attach screen shots of error messages) or any other fancy formatting.

Thank you,
Support Team

Tomorrow night we will be changing over to our new credit card processing company. This company is a little more strict about address checking and verification than was our old company. So it is possible that some of the regular monthly charges might be declined, with a message stating something about address verifcation.

If you get such a warning notice, please copy it and email it to us at support@connectTo.net. Or just give us a call. Our new toll free number is 1-866-577-6903. For these sorts of issues, press option 3.

Customers may receive a busy signal when calling into Colorado Springs Access number: (719) 457-3561. We have replicated this issue and are working for further resolution.

You see it in the news again and again: Identity theft, corporate data stolen, private information falling into the wrong hands...

But these kinds of problems are almost all preventable. With the five simple steps outlined here, you can make just about any PC -- in the corporate world or at home -- secure from online attacks and data theft. Some of these steps may seem familiar; and that's a good thing if they do, because it means you're up to speed on the essentials. But even experts sometimes miss a step, so having a checklist or guide like this can be handy.

Plus, we've assembled dozens of live links for you, giving you nearly instant access to the many tools and informational resources we discuss.

Let's get started!

Close The Holes
All software -- bar none -- contains bugs, errors, omissions, and security holes. No brand or vendor or source is immune. Therefore, obtaining and applying security patches as they become available must be a top priority in keeping your PC safe and secure. Most vendors offer automated or semi-automated tools to help stay current. The most obvious and popular are Microsoft's WindowsUpdate and Office Update. Most vendor Web sites also offer index pages or catalogs of all to-date updates, letting you zero in on any you may have missed previously. For example, Microsoft's "Security Updates" meta page is here. Whatever software you use, start the year off right by ensuring you're 100% up to date with all essential patches, updates, and bug fixes.

We are sorry for any inconvenience. We forgot to let everyone know last week that we would be closed today.

We are using a new system for the phones which has had a bit of trouble. It is not working today and we are working to get this resolved a.s.a.p.