Shrunk Expand

  • Tag Archives latest news
  • eBay Hacked – Change your account password now

    eBay customers are now potentially vulnerable to phishing attacks i.e. spoofed e-mails. Hackers or spammers could craft very convincing phishing emails which may appear legitimate at first glance, but could trick you into revealing further personal information.

    To change your eBay password, log into your account, select Account Settings, then click “Personal Information”, then “edit” next to your password. If you are using same login details for other websites, you should also update them as soon as possible.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

     


  • FBI Bust Computer Hackers Spying and Stealing your information while online

    Computer hacker forums lit up last week as Federal Bureau of Investigation agents and police in 17 countries began knocking on doors, seizing computers and making arrests.

    On the popular websites where cyber criminals buy and sell software kits and help each other solve problems, hackers issued warnings about police visits to their homes.

    The hackers quickly guessed that a major crackdown was underway on users of the malicious software known as Blackshades.

    The FBI and prosecutors in the Manhattan U.S. attorney’s office announced the results of that probe on Monday: More than 90 arrests worldwide.

    The malware sells for as little as $40. It can be used to hijack computers remotely and turn on computer webcams, access hard drives and capture keystrokes to steal passwords — without victims ever knowing it.

    Related: Beware, your computer may be watching you

    Criminals have used Blackshades to commit everything from extortion to bank fraud, the FBI said.

    Last week, watching it all play out were about two dozen FBI cybercrime investigators holed up in the New York FBI’s special operations center, high above lower Manhattan.

    Rows of computer screens flickered with updates from police in Germany, Denmark, Canada, the Netherlands and elsewhere. Investigators followed along in real time as hundreds of search warrants were executed and suspects were interviewed.

    The sweep, capping a two-year operation, is one of the largest global cybercrime crackdowns ever. It was coordinated so suspects didn’t have time to destroy evidence. Among those arrested, in Moldova, was a Swedish hacker who was a co-creator of Blackshades.

    “The charges unsealed today should put cyber criminals around the world on notice,” said Leo Taddeo, chief of the FBI’s cybercrime investigations in New York. “If you think you can hide behind your computer screen — think again. ”

    hackersOfficials say Blackshades was used to illegally access the computers of 700,000 victims around the world, as shown in this FBI heatmap.

    700,000 victims around the world: Inside the FBI special operations center, six large computer monitors displayed key parts of the probe. Agents kept an eye on one screen showing a popular website where Blackshades was sold. The site was taken down by the FBI.

    Another monitor showed a heatmap of the world displaying the locations of the 700,000 estimated victims, whose computers have been hijacked by criminals using the Blackshades software. Splotches of green on the map indicated concentrations of infected computers in highly populated parts of the U.S., Europe, Asia and Australia.

    The FBI said that in just a few years Blackshades has become one of the world’s most popular remote-administration tools, or RATs, used for cybercrime.

    Taddeo said the unprecedented coordination with so many police agencies came about because of concern about the fast growth of cybercrime businesses.

    “These cyber criminals have paid employees, they have feedback from customers — other cyber criminals — to continually update and improve their product,” Taddeo said recently. While he spoke, agents took calls from counterparts working the case in more than 40 U.S. cities.

    Blackshades had grown rapidly because it was marketed as off-the-shelf, easy to use software, much like legitimate consumer tax-preparation software.

    “It’s very sophisticated software in that it is not very easy to detect,” Taddeo said. “It can be installed by somebody with very little skills.”

     

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

     


  • FREE ANTIVIRUS – 1 Year Subscription absolutely free after promo code

      McAfee Antivirus free after promo code

    McAfee offers downloads of McAfee Total Protection 2014 for Windows for $79.99.

    Coupon code “L8372AC38CL7BC36” makes it free.


  • 4chan Hacked, Attacker Mainly Targeted Moderator Accounts

    Complete Computer Repair Latest News and Virus Threats Fort Lauderdale
    Complete Computer Repair News

     

    A few hours ago, Christopher Poole, aka “moot,” the founder of 4chan, revealed that the popular image-based bulletin board was hacked.

    The attack took place last week. The hacker leveraged a software vulnerability to gain access to administrative functions and data from a 4chan database. The attacker apparently wanted to expose the posting habits of a specific user he didn’t like.

    “After careful review, we believe the intrusion was limited to imageboard moderation panels, our reports queue, and some tables in our backend database,” moot noted.

    “Due to the way the intruder extracted information from the database, we have detailed logs of what was accessed. The logs indicate that primarily moderator account names and credentials were targeted.”

    The hacker accessed the Pass credentials of three 4chan Pass users. The impacted individuals have been notified and offered refunds and lifetime Passes.

    moot highlights the fact that 4chan doesn’t process any payment information, so the attacker couldn’t have gained access to financial data. Payment information is processed by Stripe.

    As far as the vulnerability leveraged by the hacker is concerned, it has been patched shortly after 4chan became aware of it. Software and systems are being reviewed to prevent future breaches.

    In a 4chan post published last week (removed since), a user revealed that the attacker was an Australian individual who wanted to expose “multiple abuses of power and violations of proper mod stewardship.” The attacker allegedly gained access to the details of over 12,000 sold Passes. He’s said to have had access to 4chan’s systems for a week.

    This isn’t the first time 4chan is targeted by hackers. Back in June 2012, hackers of UGNazi redirected the site’s visitors to their Twitter account.

    Please visit ccrepairservices.com

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

     


  • New Zero Day Vulnerability Found In Internet Explorer All versions


    A new zero-day vulnerability that resides in all versions of Internet Explorer has been spotted in the wild, Microsoft confirmed late Saturday.

    The vulnerability, which could allow remote code execution, is being used in “limited, targeted attacks,” according to an advisory issued by Microsoft. While all versions of the web browser, IE 6 through 11, are affected by the vulnerability, attacks are currently targeting IE versions 9, 10 and 11, according to security firm FireEye, which first reported the flaw Friday.

    The attack leverages a previously unknown “use after free” vulnerability — data corruption that occurs after memory has been released — and bypasses both Windows DEP (data execution prevention) and ASLR (address space layout randomization) protections, according to FireEye.

    The vulnerability is currently being exploited by a group of hackers targeting financial and defense organization in the US, FireEye told CNET.

    “The APT [advanced persistent threat] group responsible for this exploit has been the first group to have access to a select number of browser-based 0-day exploits (e.g. IE, Firefox, and Flash) in the past,” FireEye said. “They are extremely proficient at lateral movement and are difficult to track, as they typically do not reuse command and control infrastructure.”

    FireEye said the flaw was significant because it affects more than a quarter of the total browser market.

    “Collectively, in 2013, the vulnerable versions of IE accounted for 26.25% of the browser market,” FireEye said in its advisory.

    An attack could be triggered by luring visitors to a specially crafted web page, Microsoft explained.

    “The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated,” Microsoft said. “The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.”

    Microsoft said it is investigating the vulnerability and may issue an out-of-cycle security update to address the issue.

    Please visit ccrepairservices.com

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere



  • Samsung Galaxy S5 Fingerprint Scanner Easy Hack

    Samsung Galaxy S5 Fingerprint Scanner Hacked

    Samsung Galaxy S5 Fingerprint feature promises an extra layer of security for your smartphone, which also lets you make payments through PayPal. But does it really secure?

    Just three days after the launch of the Galaxy S5, Security researchers have successfully managed to hack Galaxy S5 Fingerprint sensor using a similar method that was used to spoof the Touch ID sensor on the iPhone 5S last year.

    FOOLING FINGERPRINT SENSOR
    SRLabs researchers recently uploaded a YouTube video, demonstrated how they were able to bypass the fingerprint authentication mechanism to gain unauthorized access just by using a lifted fingerprint with wood-glue based dummy finger.

    The S5 fingerprint scanner allows multiple incorrect attempts without requiring a password, so an attacker could potentially keep trying multiple spoofed fingerprints until the correct match.
    https://www.youtube.com/watch?feature=player_embedded&v=sfhLZZWBn5Q
    PAYPAL USERS AT RISK
    Samsung Galaxy S5 users can also transfer money to other PayPal users just by swiping their finger on the sensor, but this hack now allows hackers to access your PayPal account and linked bank accounts without ever having to enter a password.

    In addition, If you restart your Apple’s iPhone 5S, it requires you to enter a passcode, before you can use your fingerprint as a way to unlock the phone, but Samsung has no such security method in place at this time.

    No doubt, one need to have physical access of your device in order to exploit this flaw, so if your phone is stolen, a thief can access anything on your device.

    Hack once again showed that unlocking a device with Fingerprint is convenient, but not secure that the passcode security.


  • Microsoft Going through your emails!!

    Outlook.png
    MS Outlook Ad

    What Microsoft Says

    Microsoft Corporation once advertised, “We don’t go through your email to sell ads.” What Microsoft does instead is go through your email for everything else.

    Microsoft is establishing a way for major Internet Service Providers to get away with accessing and using actual communications of customers while couching everything under “protection.” The violation goes way beyond the collection and storage of data while not even violating Microsoft’s own Privacy Policy or Terms of Service.

    Since Microsoft and all the other big ISPs are now allowed by the Electronic Communications Privacy Act to read and disclose its customers communications (email, blogs, texts, chat), the law itself protects Microsoft and all ISPs and gives them a way out since they stand on the premise that the data belongs to them, so there is no expectation of privacy. Where does that leave you, the consumer, and what does it mean for journalists?

    Recently Microsoft, without a court order, accessed the private emails and chat communications between one of its customers who was blogging with an ex MS employee. The employee did break the law,but Microsoft sidestepped legal process to gather the evidence on its own and then turn it over to authorities who proceeded to arrest the individual.

    The current Administration has repeatedly assured us that the ISPs are innocently collecting and simply storing data in the name of national security’ in order to keep us all safe from terrorism. Not true since there is a little backdoor which allows Microsoft (because it can) to go in and search and read and use details of communications of its customers. In this case, Microsoft did just that by accessing the Hotmail account (which is now Outlook and owned by MS) of a customer because they wanted to use the information they found to go after an ex-employee.

    It appears that ISPs get to invade customer communications because it is in THEIR best interest since the ECPA law was recently interpreted and changed to allow ISPs to get away with whatever they want to. What happened to due process? It is apparent that the bottom line is all that matters for the ISP.

    In this particular case, Microsoft did not go to a judge or get a court order; and despite the public being assured that ISPs will not misuse the data they are ‘collecting and storing’, remember, they dont have to any more. Microsoft considers this information to belong to them in the first place.

    After Microsoft came under fire for the incident, John Frank, Microsoft General Counsel, issued a statement that included magnificent double speak to convince us all that MS is only protecting their customers and justifying the action by saying his company “took extraordinary actions based on the specific circumstances” to “protect our customers and the security and integrity of our products.”

    Oh yes, the action Microsoft took was indeed extraordinary.

    Frank went on to justify the legal reasoning guiding Microsoft’s actions and explained how Microsoft adhered to its own terms of service as it was determined by its own investigation. Frank said that courts do not “issue orders authorizing someone to search themselves, since obviously no such order is needed,” basing his argument on Microsoft owns the data so they just don’t need a court order to go get whatever they want or target whomever they choose.

    Frank added that Microsoft will not search customer email (and other communications) unless it would justify a court order if one were available. The fact is that if Microsoft does not follow legal procedures in the first place or attempt to get a court order, then of course there wont be one ‘available’ so he establishes the way out of following any due process.

    Frank also made sure to tell us how Microsoft has had our backs and even has their very own internal process set up that is designed to protect customers from Microsoft deciding to grab emails and using the specific information. Part of the plan apparently involves an internal legal staff that operates independently from another internal department to jointly determine if a court order would otherwise be issued by a judge before they can go in (internally) and grab all your actual communications. Lots of ‘internal’ machinations go into the very internal determination. They even announced they will now follow extra steps and submit their evidence (noteevidence they already have collected) to an outside attorney to review.

    One can safely assume Microsoft is paying this outside attorney as a consultant with a CDA in place, so of course this outside attorney is really an inside attorney on the side of MS, and this statement is simply double speak to make Microsoft look good. “Oh, we are hiring an outside attorney who used to be a former judge even! And he will help us determine if it’s okay for us to use emails and chat conversations of our customers before we decide to go use it.”

    With the loss of Net Neutrality and the recent changes in the law that favor their bottom line, the ISPs like Microsoft, Google, Yahoo, can pretty much do what they want now and charge what they want. This is only the beginning of the double speak but there are still people who can see through. And, it’s not half way in and half way out, its never halfway when only the consumer is losing.

    The incident should raise major red flags among bloggers and journalists who use Microsoft and other ISP services to communicate and do research, particularly when it comes to protection of sources.

    Please visit ccrepairservices.com

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere


  • PayPal “Unauthorized Credit Card Payment” Phish

    A fake PayPal email, addressed “Dear PayPal”, with an attachment to fill in? What could possibly go wrong?

    Fake mail

    The email reads as follows:

    Dear PayPal user,

    We recently received a report of unauthorized credit card payment attempt associated with this account. To protect you against any further unauthorised payment attempts, we’ve limited access to your PayPal account.
    Please take a minute to review the details below and what steps you need to take to remove the limits.

    ———————————–
    Details of disputed transaction
    ———————————–
    Case ID Number: PP-001-546-712-049
    ———————————–
    What to do next
    ———————————–

    Please download the form attached to this email and open it in a web browser.
    Once opened, you will be provided with steps to restore your account access.
    We appreciate your understanding as we work to ensure your account safety.

    ———————————–
    Due dates
    ———————————–
    Please get back to us as soon as possible.
    ———————————–
    Other details
    ———————————–
    There are no other details for this transaction at this time.

    Yours sincerely,
    PayPal

    Just like the spam from mid-February, this one comes with a zipped attachment:

    Case ID Number PP-001-546-712-049

    with a .html file inside called…well, you can probably guess what it’s called:

    Case ID Number PP-001-546-712-049.html

    html attachment

    The form asks for:

    Email address, full name, PayPal password, DOB, billing address / town, county, postcode, home phone, credit / debit card number, expiry date, security code and sort code.

     

    Of course, you shouldn’t fill this in or hit the “Send” button – just delete the attachment and send the mail to the spam folder.

    Complete Online Computer news and Repair

    WWW.CCREPAIRSERVICES.COM


  • Linux Worm targets Internet-enabled Home appliances to mine Cryptocurrencies

    Could a perfectly innocent looking device like router, TV set-top box or security cameras can mine Bitcoins? YES! Hackers will not going to spare the Smart Internet-enabled devices.

     

    A Linux worm named Linux.Darlloz, earlier used to target Internet of Things (IoT) devices, i.e. Home Routers, Set-top boxes, Security Cameras, printers and Industrial control systems; now have been upgraded to mine Crypto Currencies like Bitcoin.

    Security Researcher at Antivirus firm Symantec spotted the Darlloz Linux worm back in November and they have spotted the latest variant of the worm in mid-January this year.

    Linux.Darlloz worm exploits a PHP vulnerability (CVE-2012-1823) to propagate and is capable to infect devices those run Linux on Intel’s x86 chip architecture and other embedded device architectures such as PPC, MIPS and MIPSEL.

    The latest variant of Linux.Darlloz equipped with an open source crypto currency mining tool called ‘cpuminer’, could be used to mine Mincoins, Dogecoins or Bitcoins.

    Symantec Researchers scanned the entire address space of the Internet and found 31,716 devices infected with Darlloz. “By the end of February 2014, the attacker mined 42,438 Dogecoins (approximately US$46 at the time of writing) and 282 Mincoins (approximately US$150 at the time of writing). These amounts are relatively low for the average cybercrime activity so, we expect the attacker to continue to evolve their threat for increased monetization.” Kaoru Hayashi, senior development manager and threat analyst with Symantec in Japan.

    Major infected countries are China, the U.S., South Korea, Taiwan and India.

    Darlloz hack malware

    Crypto Currency typically requires more memory and a powerful CPUs, so the malware could be updated to target other IoT devices in the future, such as home automation devices and wearable technology.A Few weeks back, Cisco has announced a global and industry-wide initiative to bring the Security community and Researchers together to contribute in securing the Internet of Things (IoT) and launched a contest called the “Internet of Things Grand Security Challenge“, offering prizes of up to $300,000 for winners.

    Users are advised to update firmware and apply security patches for all software installed on computers or Internet-enabled devices. Make sure, you are not using default username or password for all devices and block port 23 or 80 from outside if not required.

    Please visit ccrepairservices.com

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere


  • HP expected to announce 3D printers in June Durability issues resolved, says Whitman

     Hewlett Packard will outline plans to enter the commercial 3D-printing market in June, saying it has solved a number of technical problems that have hindered broader adoption of the high-tech manufacturing process.

    Chief executive Meg Whitman told shareholders on Tuesday the company will make a “big technology announcement” this month around how it will approach a market that has excited the imagination of investors and consumers alike.

    However critics have accused the sci-fi-like technology of being over-hyped and still too immature for widespread consumer adoption.

    Industry observers have long expected HP,a dominant force in global printer manufacturing, to eventually get into the business. Whitman said HP’s inhouse researchers have resolved limitations involved with the quality of substrates used in theprocess, which affects the durability of finished products.

    “We actually think we’ve solved these problems,” Whitman told an annual shareholders meeting. “The bigger market is going to be in the enterprise space,” manufacturing parts and prototypes in ways that were not possible before.

    “We’re on the case,” she said without elaborating.

    HP executives have estimated that worldwide sales of 3D printers and related software and services will grow to almost $11 billion (AUD$12.2 billion) by 2021 from a mere $2.2 billion in 2012.

    The nascent 3D-printing market is now dominated by a number of smaller players like MakerBot, a unit of Stratasys that is concentrating on selling more affordable devices to consumers.

    Contract manufacturers like Flextronics however already use the technology to help craft prototype parts or devices for corporate clients.

    “HP is currently exploring the many possibilities of 3D printing and the company will play an important role in its development,”

    CTO and HP Labs director Martin Fink said in a February blogpost on HP’s website.

    “The fact is that 3D printing is really still an immature technology, but it has a magical aura. The sci-fi movie idea that you can magically create things on command makes the idea of 3D printing really compelling for people.”

     

    Complete Online Computer news and Repair

    WWW.CCREPAIRSERVICES.COM


  • Windows 8 had more vulnerabilities than previous versions of Windows

    Microsofts Windows 8 platform has been tagged by security research firm Secunia as being the most vulnerable Windows platform on the market….according to their research, Windows 8 had more vulnerabilities than previous versions of Windows that are currently supported by Microsoft for 2013….the answer is quite simple; Flash. Because Flash is now baked into the modern instance of IE, any Flash vulnerability can now be tied into Windows 8 as well.

    flashwin8.png

    Visit www.ccrepairservices.com for all latest computer repair and related news online


  • Dirty NSA hacked into Webcam of millions of Yahoo users for Private images

    Once again, a new revelation showed the ugly side of the Government who are conducting Global Mass surveillance and previous documents leaked by the whistleblower Edward Snowden have defaced the US Intelligence Agency NSA, who were taking care of a number of projects like PRISM, XKeyscore, DROPOUTJEEP, and various others to carry out surveillance of millions of people.

    Now, it has been revealed that the US National Security Agency (NSA) helped its British counterpart, the Government Communications Headquarters (GCHQ), to allegedly capture and store nude images and others from webcam chats of millions of unsuspecting Yahoo users, The Guardian reported.

    Documents handed to the Guardian by the former NSA contractor Edward Snowden show that the GCHQ’s worked with the US intelligence agency NSA on a joint project dubbed as ‘Optic Nerve’. The project carried out a bulk surveillance program, under which they nabbed webcam images every five minutes from random Yahoo users’ video chats and stored them in a database.

    The project didn’t target individual users; rather it targeted Yahoo webcam chats between 2008 and 2010. Indeed, the method of collection appears somewhat recklessly, and in just six months of period alone, the still images of about 1.8 million users were captured and stored in the government servers in 2008.

    Instead of saving full videos, the program logged one image every five minutes from a user’s chat. The document says that between 3 and 11 percent of the images taken contain “undesirable nudity.

    One GCHQ document states, “It would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person.

    The collected webcam information was stored in the NSA’s XKeyscore search tool, and the NSA research was used to build the tool which identified Yahoo’s webcam traffic, reads the report.

    NSA Optic Nerve Webcam hacking

    GCHQ webcam spying program, Optic Nerve, was still active in 2012, according to an internal GCHQ wiki page accessed that year.

    Why Images??? It is known from the revealed documents that the images were collected by the government agency, so that the group could experiment with facial recognition.

    Face detection has the potential to aid selection of useful images for ‘mugshots’ or even for face recognition by assessing the angle of the face,” it reads. “The best images are ones where the person is facing the camera with their face upright.

    NSA Optic Nerve Webcam hacking

    The GCHQ agency staffs were allowed to display “webcam images associated with similar Yahoo identifiers to your known target”, the document reads, also it states “Bulk surveillance of Yahoo users was begun” as “Yahoo webcam is known to be used by GCHQ targets.

    Not Surprising, because your knotty private webcam sex session you loved and enjoyed with your lover four years back was potentially pored over by the suits at GCHQ.

    Yahoo has reacted furiously and denied any prior knowledge of the webcam interception program, and said that it had no awareness of or involvement with the GCHQ collection, describing the activity as “a whole new level of violation of our users’ privacy.

    And a GCHQ spokesman said in a statement, “It is a longstanding policy that we do not comment on intelligence matters. Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence service commissioners and the Parliamentary Intelligence and Security Committee,” adding, “All our operational processes rigorously support this position.

    The NSA spokesperson declined to respond saying, “As we’ve said before, the National Security Agency does not ask its foreign partners to undertake any intelligence activity that the US government would be legally prohibited from undertaking it.

    This is how our privacy is getting ruined by the government intelligence officials that we all trust blindly.

    Latest Computer news and virus and malware threats at Complete computer Repair Services Fort Lauderdale and all South Florida Latest Computer News and Repair Services

    www.ccrepairservices.com