More
Home Blog Page 311

New Malicious Text Message Malware Can Erase Everything In Your Android Phone

By
Sabarinath
-
Malicious Text Message Malware Can Erase Everything In Your Android Phone

Alert !Watch out for that next text message you receive.  A new malicious text message malware is out there to attack your Android smartphones. This malicious text message Android-based malware is able to grant itself administrator privileges and completely take over a users’ device.

Also Read : Hackers Are Offering $23,000 To Apple Employees For Their Login Details

LogBook : Malicious Text Message can Erase Everything in your Android Phone

Norwegian security firm Heimdal has detected a nasty piece of malware that spreads via SMS and tricks users into downloading a malicious app, allowing it to gain administrator rights to the device.

This new malware is being called Mazar Android BOT and it is spread via SMS and MMS messages. The message will generally look like this:
“You have received a multimedia message from +[country code] [sender number] Follow the link http://www.mmsforyou[.]Net/mms.apk to view your message”

Once it is installed the malicious code embedded inside grants the app administrator privileges. This allows attackers to retrieve device data, monitor calls and text messages, and root the device.

Also Read : China Launched Online Platform To Help Fraud Victims

The Mazar malware also has the ability to entirely erase all of the data stored on an infected device. Not only would a users’ device be infected but such a move by attackers could render the device useless as well.

Security firm Heimdal thinks the malicious texts could have been sent to over 100,000 phones in Denmark, though it is not sure whether users in other countries may have received the messages.

This is believed to be the first time Mazar has been detected in widespread, real world attacks.

One interesting feature of Mazar is that it cannot be installed on smartphones running Android with “Russian” selected as the operating system’s language.

Mazar has been available for purchase on the Dark Web for quite a while now but this is the first time it has been actively used on the Android platform.

So how to stay away from this dirty malicious text message malware ? First off, users should not click on links in text messages from strange recipients and not install unknown apps. Additionally, most users should make sure unknown sources cannot install apps (Settings > Security > Unknown sources).

Also Read : Newly Discovered iPhone Vulnerability Can Bypass Your Lockscreen Code

China Launched Online Platform To Help Fraud Victims

By
TechLog360
-
Online Platform To Help Fraud Victims

China’s public security ministry has launched an online platform to register the victims of investment frauds and pyramid scams, the media reported on Sunday. The ministry said the website is to help in fraud investigations.

Also Read : Microsoft Joint Hands with a Chinese Partner to Accelerate Adoption of the Windows 10 Operating System

LogBook : Online Platform To Help Fraud Victims

China recently launched an online platform to record investors and investments in illegal fund-raising cases.

The initiative comes after a crackdown on online lending platform, Ezubao, EFE news reported.

Ezubao had collected $7 billion from more than 900,000 investors. Disguised as an investment company, which collected money over the internet through the bait of promising returns.

Ezubao diverted funds it collected from investors to finance the personal expenses of its directors and managed to return the initial investments with the money it collected from new clients.

Also Read : Within 20 Years Nearly Half Of All Jobs In Japan Could Be Done By Robots

The operation, revealed on February 1, led to the arrest of 21 people and caused a huge stir in the country due to the popularity of Ezubao, which was founded in July 2014 and gained ground in the country through an aggressive ad campaign, including spots, on the state broadcaster CCTV.

The ministry said that the online platform will allow victims of the Ezubao scam to register themselves on the website until May 13, to facilitate the investigation.

The information given by the victims will be verified and serve as the basis for a possible refund of the defrauded amount.

The website will also be used for victims of possible new cases of fraud that could occur in the future.

Also Read : Power Paper – A Paper to Store Electricity Coming Soon

Now Onwards Microsoft Will Tell You What’s Inside In Those Windows 10 Updates

By
Avinash A
-
Microsoft Will Tell You What's Inside In Those Windows 10 Updates

Windows users are always confused about the Windows 10 updates that are delivering to them frequently because users don’t really know what’s changing when a patch gets applied. Microsoft is not that much transparent about Windows 10 updates they rarely releases detailed release notes, and the updates are often applied automatically behind the scenes. But now Microsoft is going to fix that problem, now onwards each Windows users will know what’s exactly inside in those Windows 10 updates.

Also Read : Next-Generation Processors will only be Compatible with Windows 10, says Microsoft

LogBook : Microsoft Will Tell You What’s Inside In Those Windows 10 Updates

After users request Microsoft is going to transparent about Windows 10 updates. For that Microsoft has launched a new website for anyone who is curious about the features and fixes released in each Windows 10 update.
“After listening to feedback regarding the level of disclosure for Windows 10 updates, we decided to implement a new system for communicating updates to the operating system,” said a Microsoft spokesperson.

The new Windows 10 update history website  will serve as a hub for historical information on previous Windows 10 updates, and it will be revised with new data for each release.

Most Windows 10 users won’t care what changes on a monthly basis, but the new site will be an important resource for IT admins or power users.

Also Read : Only 1.2 Percent Are Using Android Marshmallow On Their Devices

Earlier Microsoft has been sharing the details of different releases in posts on its Windows Blog, but there has never been a central location for all update details.

When Microsoft launched the Windows 10 history website on Feb. 9, it also rolled out a cumulative update. This release, which will bring the most current Windows systems to 10586.104, is the first to come with notes.

The accompanying notes indicate this update fixes problems across Windows 10, including authentication and update installation, app downloads, Windows 10 Mobile, and Internet Explorer 11.

Also Read : 86% Of Critical Vulnerabilities Affecting Windows Could Be Avoided By Removing Admin Rights

Hackers Are Offering $23,000 To Apple Employees For Their Login Details

By
Sabarinath
-

Apple employees are getting big offers from hackers for revealing their login details to break into Apple’s systems. According to someone that works for the company in Ireland said that hackers are willing to pay thousands of euros to Apple employees willing to sell their login details.

Also Read : Newly Discovered iPhone Vulnerability Can Bypass Your Lockscreen Code

LogBook : Hackers Ready to Pay Apple Employees for their Logins

According to Business Insider, someone working for Apple in Ireland said that hackers have offered €20,000 or approximately $23,000, to Apple employees willing to sell their login details.

“You’d be surprised how many people get on to us, just random Apple employees,” the source told Business Insider. “You get emails offering you thousands [of euros] to get a password to get access to Apple.I could sell my Apple ID login information online for €20,000 (£15,000 / $23,000) tomorrow. That’s how much people are trying.”

And another former employee of Apple confirmed that hackers did contact staff, offering them money in exchange for access to login details or other sensitive information.

Also Read : Apple Hit with Lawsuit Over iOS 9 Performance on Older iPhones

And he also said that hackers typically target newer employees.

“They look for someone who has jumped diagonally into a junior managerial position, so not a lifer working their way up, and not a lifer who has been there a long time,” the source told Business Insider.

Apparently, Apple has launched an internal program to combat this problem. The project is called “Grown Your Own” but it’s not immediately clear what exactly the code name refers to.

It’s now unclear what the hackers are after it could be any number of things — like access to individual Apple user accounts, the company’s extremely valuable intellectual property, or internal corporate strategy information, the report notes.

The source said Apple is “very, very careful” in terms of security, adding that it’s exceptionally hard for anyone to gain access to Apple’s offices without authorization.

Even some of Apple’s remote workers in Ireland have difficulty accessing the company’s offices in Cork, where thousands of Apple workers are based, the source said. “You have to have a particular coded badge to get into the building,” they explained.

Also Read : Apple Asks Widow to Get Court Order to Reveal Dead Husband’s Password

Newly Discovered iPhone Vulnerability Can Bypass Your Lockscreen Code

By
Avinash A
-
iPhone Vulnerability Can Bypass Your Lockscreen Code

Locking your iPhone with passcode is the popular choice of most people to keep their iPhone safe from prying eyes. But researchers have  discovered a new iPhone vulnerability that can bypass your lockscreen code in iPhones and iPads running iOS 8 and iOS 9. Now it’s not clear if other devices are affected.

Also Read : Dell Introducing New BIOS Security Tool To Make Its Laptops Harder To Hack

LogBook : iPhone Vulnerability Can Bypass Your Lockscreen Code

The new iPhone vulnerability was discovered by security analyst Benjamin Kunz Mejri, a penetration tester and security analyst for Vulnerability Lab.

This iPhone vulnerability will let hackers to access the data behind your lockscreen password.

Since the flaw not seems to be that much serious because hackers hackers would have to gain physical access to the iPhone or iPad and they would have to be able to manage an unlocked iOS device for a few minutes, which means the target would likely trust the hacker with the smartphone or tablet.

Physical access to the device is required, so the advice is to make sure you do not leave your iPhone or iPad unattended.

Vulnerability Laboratory has issued a security advisory that warns: “An application update loop that results in a pass code bypass vulnerability has been discovered in the official Apple iOS (iPhone 5 & 6 | iPad 2) v8.x, v9.0, v9.1 & v9.2. The security vulnerability allows local attackers to bypass pass code lock protection of the Apple iPhone via an application update loop issue. The issue affects the device security when processing to request a local update by an installed mobile iOS web-application”.

It has been assigned a Common Vulnerability Scoring System (CVSS) count of 6.0, as well as a ‘high’ severity rating.

As explained by security expert Graham Cluley, the exploit works by taking advantage of a brief period after rebooting during which passcode authentication is disabled.

Vulnerability Laboratory shares a list of steps (text is produced verbatim with the original typos and grammatical oddities) that allow interested parties to replicate the bug :

Also Read : 86% Of Critical Vulnerabilities Affecting Windows Could Be Avoided By Removing Admin Rights

  1. First fill up about some % of the free memory in the iOS device with random data
  2. Now, you open the app-store choose to update all applications (update all push button)
  3. Switch fast via home button to the slide index and perform iOS update at the same time. Note: The interaction to switch needs to be performed very fast to successfully exploit. In the first load of the update you can still use the home button. Press it go back to index
  4. Now, press the home button again to review the open runnings slides
  5. Switch to the left menu after the last slide which is new and perform to open Siri in the same moment. Now the slide hangs and runs all time in a loop
  6. Turn of via power button on the ipad or iphone ….
  7. Reactivate via power button and like you can see the session still runs in the loop and can be requested without any pass code. Note: Normally the pass code becomes available after the power off button interaction to stand-by mode
  8. Successful reproduce of the local security vulnerability!

Benjamin Kunz Mejri also posted a proof-of-concept video of the attack taking place.

Kunz reported the threat to Apple back in late 2015, but the issue is still present, Security Affairs notes.

Also Read : Software Bug Put Several MediaTek Powered Android Smartphones Vulnerable to Attack

Dell Introducing New BIOS Security Tool To Make Its Laptops Harder To Hack

By
Sabarinath
-
Dell Introducing New BIOS Security Tool

Hacking attacks that comes from bootkit malware is one of the hardest security threat to resolve, for trained professionals. Even wiping your harddrive and reinstalling software will not fix them. And the company Dell just realized it and going to provide an extra a layer of security to its business laptops and PCs by introducing a new BIOS security tool which helps to protect the BIOS from malware.

Also Read : NSA Chief Hacker Explains How To Avoid NSA Spying

LogBook : Dell’s New BIOS Security Tool

Many manufactures are offering  a number of ways to protect the computer BIOS, but all of these protections reside within the computer itself.

Now Dell introducing a new BIOS security tool that will protect the BIOS from attacks by verifying it without relying on the integrity of the PC. So the new Dell BIOS security tool focuses on protecting the boot layer so PC hardware or software don’t malfunction.

It secures the low-level UEFI (Unified Extensible Firmware Interface), which sits in a protected layer above the OS. An attack on this firmware can compromise a system at boot time.

The BIOS verification technology “gives IT the assurance that employees’ systems are secure every time they use the device,” said Brett Hansen, executive director of data security solutions at Dell.

Also Read : Google Has Rewarded Over $6 Million To Security Researchers Since 2010 For Finding Flaws

How New BIOS Security Tool Works

This new tool  makes a copy of the clean UEFI which is kept in the cloud, and compares this snapshot with the machine’s UEFI every time it boots.

If something’s been hacked or messed with, there’ll be a discrepancy between the two which the comparison will flag up.

The user or admin can then be notified of the problem, and the system subsequently reverted to the clean UEFI.

That will still have to be done manually at this point, but in the future Dell aims to automate the entire process.

The system will be optional, and will cost extra for users who decide they’d like this level of protection.

The new functionality is available for commercial PCs with a 6th-generation Intel chip set and a Dell Data Protection | Endpoint Security Suite Enterprise license, which includes Latitude, Dell Precision, OptiPlex, and XPS PCs. The technology would also be available for Dell Venue Pro tablets.

Intel already provides system management tools to protect the boot layer in PCs. System administrators can remotely start a PC, fix the boot layer, and then shut down the PC. HP also includes secure boot tools in its business PCs, though they are designed for individual users.

Also Read : Skype Now Hides IP Address By Default In PC And Mobile

86% Of Critical Vulnerabilities Affecting Windows Could Be Avoided By Removing Admin Rights

By
Sabarinath
-
Critical Vulnerabilities Affecting Windows

According to a report released by a popular security firm says that almost nine-out-of-ten critical vulnerabilities affecting Windows could be mitigated by removing the admin rights. The report takes an in-depth look at the vulnerabilities affecting Windows, Internet Explorer, Office, Windows Server and more.

Also Read : Microsoft Probably has your Disk Encryption Key in its Server, Here’s How to Take it Back

LogBook : Critical Vulnerabilities Affecting Windows Could Be Avoided By Removing Admin Rights

The report, released on Thursday by security firm Avecto said that about 86% of critical vulnerabilities affecting Windows operating system could’ve been stopped at the gate, and prevented from spreading deep into system files by removing admin rights.

Windows admin rights are special privileges given to administrator accounts, which is common among consumer and home PCs.

So Administrator accounts can give users access to everything on the computer. And same privileges to malware that strike on your computer. That means malware or hackers can modify core Windows files, and steal or destroy data.

This is the reason why many companies provide Windows machines with a lower, limited level of access, which reduces the spread of malware or access for hackers.

Also Read : Microsoft Loves Linux : Microsoft Developed A Linux-Based Operating System

The report says that in 2015, 433 vulnerabilities were reported across Windows Vista,
Windows 7, Windows RT, Windows 8 / 8.1 and Windows 10 operating systems compared to 300 in 2014.

The report also takes an in-depth look at the vulnerabilities affecting Internet Explorer, Office, Windows Server and more.

In 2015, a total of 238 vulnerabilities were reported that affected Internet Explorer. And 99.5% of these IE vulnerabilities could be mitigated by the removal of user
admin rights.  Notably, 100% of the vulnerabilities reported in Edge would be mitigated by removing admin rights.

And also 82% of all vulnerabilities affecting Microsoft Office in 2015 could be mitigated by removing admin rights.

429 vulnerabilities were reported in Microsoft Security Bulletins affecting Microsoft Windows Server in 2015, Of the 240 vulnerabilities with a Critical rating in 2015, 85% were found to be mitigated by the removal of admin rights.

According to the repport about 63% of all Microsoft vulnerabilities reported in 2015 could be mitigated by removing admin right

Avecto said there has been a 52% year on year rise in the volume of vulnerabilities since 2014.

Also Read : Microsoft Published Official Way to Hide Windows 10 Upgrade Prompts in Windows 7 and Windows 8.1

Now WhatsApp Has Over 1 Billion Monthly Active Users

By
Subith
-
WhatsApp Has Over 1 Billion Monthly Active Users

Popular Facebook owned communication platform has passed another significant milestone today.WhatsApp has joined the billion monthly active users club. Now almost one in seven people on Earth use WhatsApp messenger.

Also Read : Do You Want To Speed Up Your Android Smartphone, Then First Uninstall Official Facebook App

LogBook : WhatsApp Hits 1 Billion Monthly Active Users

The Facebook owned messaging service now has over 1 billion monthly active users which translates to one in seven people on Earth.

WhatsApp co-founder and CEO Jan Koum and Facebook CEO Mark Zuckerberg announced the latest milestone via an official post on Facebook.

To mark this occasion, Koum also shared that the service has seen 42 billion messages sent through it daily, 1.6 billion photos shared, 1 billion groups organized through it, and 250 million videos shared.

WhatsApp has grown more than doubled since joining with Facebook. It had only had 450 million monthly active users, but under the leadership of Facebook CEO Mark Zuckerberg, that number has more than doubled.

Also Read : Software Bug Put Several MediaTek Powered Android Smartphones Vulnerable to Attack

First they add voice call feature and recently they’ve dropped the subscription fee and made WhatsApp completely free and their is also rumors about WhatsApp video call feature too.

Just think, if the company hadn’t dropped its $1 annual subscription fee, that’d be a relatively easy billion dollars a year in income.

The company doesn’t have a firm plan yet on how to monetize the service, but it will likely be around customer support, which is very similar to what Facebook has planned for its Messenger service.

By hitting this milestone, WhatsApp joins a growing number of apps that Facebook owns with such an enormous reach.

Facebook official App is already being used by more than 1.5 billion people monthly, and it’s likely that Facebook Messenger will soon be joining the two other services in the billion-user club.

Also Read : Now You Can Run Windows 95 In Your Browser

1...310311312...328Page 311 of 328

© 2026 Copyright - TechLog360