Technology Solutions

 

IT Security Alert

The Hacker News Wed, 24 Apr 2019 13:53:00 PDT
  • Congress Asks Google 10 Questions On Its Location Tracking Database 

    U.S. Congress has sent an open letter to Google CEO Sundar Pichai asking for more information about its Sensorvault database that’s reportedly being used by law enforcement agencies to solve crime cases. Last week, we reported a story based upon NY Times findings that revealed how using a "geofence" warrant, authorities obtain location history of all devices from Google's Sensorvault database

  • Learn Ethical Hacking With 180 Hours of Training — 2019 Online Course 

    The world of cybersecurity is fast-paced and ever-changing. New attacks are unleashed every day, and companies around the world lose millions of dollars as a result. The only thing standing in the way of cybercrime is a small army of ethical hackers. These cybersecurity experts are employed to find weaknesses before they can be exploited. It’s a lucrative career, and anyone can find work

  • 'Karkoff' Is the New 'DNSpionage' With Selective Targeting Strategy 

    The cybercriminal group behind the infamous DNSpionage malware campaign has been found running a new sophisticated operation that infects selected victims with a new variant of the DNSpionage malware. First uncovered in November last year, the DNSpionage attacks used compromised sites and crafted malicious documents to infect victims' computers with DNSpionage—a custom remote administrative

  • Hackers Actively Exploiting Widely-Used Social Share Plugin for WordPress 

    Hackers have been found exploiting a pair of critical security vulnerabilities in one of the popular social media sharing plugins to take control over WordPress websites that are still running a vulnerable version of the plugin. The vulnerable plugin in question is Social Warfare which is a popular and widely deployed WordPress plugin with more than 900,000 downloads. It is used to add social

  • Source Code for CARBANAK Banking Malware Found On VirusTotal 

    Security researchers have discovered the full source code of the Carbanak malware—yes, this time it's for real. Carbanak—sometimes referred as FIN7, Anunak or Cobalt—is one of the most full-featured, dangerous malware that belongs to an APT-style cybercriminal group involved in several attacks against banks, financial institutions, hospitals, and restaurants. In July last year, there was a

  • Hacker Breaks Into French Government's New Secure Messaging App 

    A white-hat hacker found a way to get into the French government's newly launched, secure encrypted messaging app that otherwise can only be accessed by officials and politicians with email accounts associated with the government identities. Dubbed "Tchap," the end-to-end encrypted, open source messaging app has been created by the French government with an aim to keep their officials,

  • Facebook Stored Millions of Instagram Users' Passwords in Plaintext  

    Facebook late last month revealed that the social media company mistakenly stored passwords for "hundreds of millions" of Facebook users in plaintext, including "tens of thousands" passwords of its Instagram users as well. Now it appears that the incident is far worse than first reported. <!-- adsense --> Facebook today quietly updated its March press release, adding that the actual number of

  • Facebook Collected Contacts from 1.5 Million Email Accounts Without Users' Permission 

    Not a week goes without a new Facebook blunder. Remember the most recent revelation of Facebook being caught asking users new to the social network platform for their email account passwords to verify their identity? At the time, it was suspected that Facebook might be using access to users' email accounts to unauthorizedly and secretly gather a copy of their saved contacts. Now it turns

  • Drupal Releases Core CMS Updates to Patch Several Vulnerabilities 

    Drupal, the popular open-source content management system, has released security updates to address multiple "moderately critical" vulnerabilities in Drupal Core that could allow remote attackers to compromise the security of hundreds of thousands of websites. According to the advisories published today by the Drupal developers, all security vulnerabilities Drupal patched this month reside in

  • Researcher Hijacks a Microsoft Service Using Loophole in Azure Cloud Platform 

    A cybersecurity professional today demonstrated a long-known unpatched weakness in Microsoft's Azure cloud service by exploiting it to take control over Windows Live Tiles, one of the key features Microsoft built into Windows 8 operating system. Introduced in Windows 8, the Live tiles feature was designed to display content and notifications on the Start screen, allowing users to continuously

  • Over 100 Million JustDial Users' Personal Data Found Exposed On the Internet 

    An unprotected database belonging to JustDial, India's largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on its fancy "88888 88888" customer care number, The Hacker News has learned and independently verified. Founded over two decades ago, JustDial (JD) is the

  • Google Makes it Tough for Rogue App Developers Get Back on Android Play Store 

    Even after Google's security oversight over its already-huge Android ecosystem has evolved over the years, malware apps still keep coming back to Google Play Store. Sometimes just reposting an already detected malware app from a newly created Play Store account, or using other developers' existing accounts, is enough for 'bad-faith' developers to trick the Play Store into distributing unsafe

  • Scranos: New Rapidly Evolving Rootkit-Enabled Spyware Discovered 

    A new powerful rootkit-enabled spyware operation has been discovered wherein hackers are distributing multifunctional malware disguised as cracked software or trojanized app posing as legitimate software like video players, drivers and even anti-virus products. While the rootkit malware—dubbed Scranos—which was first discovered late last year, still appears to be a work in progress, it is

  • Google Helps Police Identify Devices Close to Crime Scenes Using Location Data 

    It's no secret that Google tracks you everywhere, even when you keep Google's Location History feature disabled. As revealed by an Associated Press investigation in 2018, other Google apps like Maps or daily weather update service on Android allows the tech giant to continuously collect your precise latitude and longitude. According to Google, the company uses this location-tracking

  • Apache Tomcat Patches Important Remote Code Execution Flaw 

    The Apache Software Foundation (ASF) has released new versions of its Tomcat application server to address an important security vulnerability that could allow a remote attacker to execute malicious code and take control of an affected server. Developed by ASF, Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications such as Java Servlet,

  • Hackers Compromise Microsoft Support Agent to Access Outlook Email Accounts 

    If you have an account with Microsoft Outlook email service, there is a possibility that your account information has been compromised by an unknown hacker or group of hackers, Microsoft confirmed The Hacker News. Earlier this year, hackers managed to breach Microsoft's customer support portal and access information related to some email accounts registered with the company's Outlook service.

  • Russia Fines Facebook $47 Over Citizens' Data Privacy Dispute 

    Yes, you read that right! Russia has fined Facebook with 3,000 rubles, roughly $47, for not complying with the country's controversial Data Localization law. It's bizarre and unbelievable, but true. <!-- adsense --> In December last year, Russian Internet watchdog Roskomnadzor sent notifications to Twitter and Facebook asking them to provide information about the location of servers that

  • Encrypted Messaging Project "Matrix" Suffers Extensive Cyber Attack 

    Matrix—the organization behind an open source project that offers a protocol for secure and decentralized real-time communication—has suffered a massive cyber attack after unknown attackers gained access to the servers hosting its official website and data. Hackers defaced Matrix's website, and also stole unencrypted private messages, password hashes, access tokens, as well as GPG keys the

  • Popular Video Editing Software Website Hacked to Spread Banking Trojan 

    If you have downloaded the VSDC multimedia editing software between late February to late March this year, there are high chances that your computer has been infected with a banking trojan and an information stealer. The official website of the VSDC software — one of the most popular, free video editing and converting app with over 1.3 million monthly visitors — was hacked, unfortunately once

  • WikiLeaks Founder Julian Assange Arrested After Ecuador Withdraws Asylum 

    WikiLeaks founder Julian Assange has been arrested at the Ecuadorian Embassy in London—that's almost seven years after he took refuge in the embassy to avoid extradition to Sweden over a sexual assault case. According to a short note released by London's Metropolitan Police Service, Assange was arrested immediately after the Ecuadorian government today withdraws his political asylum. Assange

  • Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password 

    🔥 Breaking — It has been close to just one year since the launch of next-generation Wi-Fi security standard WPA3 and researchers have unveiled several serious vulnerabilities in the wireless security protocol that could allow attackers to recover the password of the Wi-Fi network. WPA, or Wi-Fi Protected Access, is a standard designed to authenticate wireless devices using the Advanced

  • Sophisticated 'TajMahal APT Framework' Remained Undetected for 5 Years 

    Cybersecurity researchers yesterday unveiled the existence of a highly sophisticated spyware framework that has been in operation for at least last 5 years—but remained undetected until recently. Dubbed TajMahal by researchers at Kaspersky Lab, the APT framework is a high-tech modular-based malware toolkit that not only supports a vast number of malicious plugins for distinct espionage

  • Microsoft Releases April 2019 Security Updates — Two Flaws Under Active Attack 

    Microsoft today released its April 2019 software updates to address a total of 74 CVE-listed vulnerabilities in its Windows operating systems and other products, 13 of which are rated critical and rest are rated Important in severity. April 2019 security updates address flaws in Windows OS, Internet Explorer, Edge, MS Office, and MS Office Services and Web Apps, ChakraCore, Exchange Server, .

  • Adobe Releases Security Patches for Flash, Acrobat Reader, Other Products 

    Good morning readers, it's Patch Tuesday again—the day of the month when Adobe and Microsoft release security patches for their software. Adobe just released its monthly security updates to address a total of 40 security vulnerabilities in several of its products, including Flash Player, Adobe Acrobat and Reader, and Shockwave Player. According to an advisory, Adobe Acrobat and Reader

  • Researcher Reveals Multiple Flaws in Verizon Fios Routers — PoC Released 

    A cybersecurity researcher at Tenable has discovered multiple security vulnerabilities in Verizon Fios Quantum Gateway Wi-Fi routers that could allow remote attackers to take complete control over the affected routers, exposing every other device connected to it. Currently used by millions of consumers in the United States, Verizon Fios Quantum Gateway Wi-Fi routers have been found vulnerable

Quick Heal Blog | Latest computer security news, tips, and advice Thu, 18 Apr 2019 11:08:39 +0000
  • 5 ways to instantly detect a phishing email and save yourself from phishing attack 

    Phishing is a fraudulent activity to trick you into revealing your personal and confidential information. This information usually includes bank account details, net banking details, credit/debit card numbers, login ID and passwords. Every day, countless people become unsuspecting victims of phishing attacks. With cyber criminals adopting sophisticated modes of phishing…

  • PCs fail to boot up / Freeze after receiving Microsoft Windows 9-April-2019 updates and rebooting the PC 

    Quick Heal and Seqrite users are reporting that PCs fails to boot up / Freeze after installing 9th April Windows Updates and Rebooting the system. Symptoms:  Users have Quick Heal or Seqrite product installed and running on their systems. The PCs fail to boot up / Freeze after installing Windows Updates of 9-April-2019 and Rebootingthe system. There are…

  • JCry – A Ransomware written in Golang! 

    For several months, QH Labs has been observing an upswing in ransomware activity. We found a new ransomware which is written in Go lang. Malware authors are finding it easy to write ransomware in Go lang rather than traditional programming languages. Infection of Jcry ransomware starts with a compromised website. As…

  • This summer vacation let your kids explore the internet with safety of parental control 

    At a time when toddlers can be seen playing around with tabs and teens are living in a virtual world of communication, it wouldn’t be wrong to say that today’s parents are raising a completely new and advanced breed of kids!! Not to be left behind are the schools that…

  • 3059 android malware detected per day in 2018 – Are you still counting on free android antivirus for protection? 

    The incidents of cyber-attacks on smartphones, especially those working on the popular Android operating system, have been on a constant rise. However, a major reason people still continue to go in for android smartphones, is the fact that these are mostly cheap to buy. However, the year 2018 ended with…

  • Essential cyber safety tips every woman should follow 

    There is less doubt that women are more social, expressive and vocal as compared to men and what better means to enjoy such freedom of expression than social media. Reports suggest that over 76% of social media users are women; either looking to make connections, initiate discussions on women-specific topics…

  • Quick Heal Threat Report – Cryptojacking rising but Ransomware still #1 threat for consumers 

    In wake of the growing incidences of targeted cyber-attacks on enterprises using Cryptojacking, due to its ease of deployment and instant return on investments; it rather comes as a surprise that malware authors are still counting on Ransomware for targeting consumers and home users. Yes, you heard it right! According…

  • GandCrab Riding Emotet’s Bus! 

    Emotet Known for constantly changing its payload and infection vectors like spam mail, Malicious Doc and even Malicious JS files. It compromised a very high number of websites on the internet. Emotet malware campaign has existed since 2014. It comes frequently in intervals with different techniques and variants to deliver malware…

  • This Valentine fall for true love not for fake online dating apps 

    Valentine Day is that special time of the year when people are busy celebrating the essence of love. However, on the darker side, it is also a time when cyber criminals are looking to cash on your hunt for the love of your life. So, just in case you are…

  • 28 Fake Apps removed from Google Play Store post Quick Heal Security Lab reports 

    Quick Heal Security Lab has spotted 28 Fake Apps with over 48,000+ (all together) installations on Google Play Store. Google play has removed a total of 28 fake apps from the Play Store after reports by Quick Heal Security Lab. The apps do not have any legitimate functionality related to…

Troy Hunt's Blog Wed, 24 Apr 2019 19:49:11 GMT
WeLiveSecurity Thu, 25 Apr 2019 03:17:17 +0000
How can we help
  • Virus Removal Experts
  • All Desktop & Notebook Repairs
  • Screens, Motherboards, Hard drives
  • Soldering Jobs
  • Networking
  • Custom Builds
  • Website Design
What We Do