sabareesh

Change your processor name...!!
Sometimes we feel ashamed to say our computer is having poor features 

like Pentium or Core 2 Duo processor. Some of my friends even force 

their parents to buy latest processors which are very costly that 

they can't afford. So for them I am present with the new Trick.
Think a situation when some of your friends visits you and check 

your system and they will be shocked by seeing your latest version 

processors.
Follow the steps for this Trick :
Goto Start - Run.
Type Regedit.
HKEY_LOCAL_MACHINE
HARDWARE
DESCRIPTION
SYSTEM
CENTRAL PROCESSOR
On Right Hand Side Right Click on ProcessorNameString
And then write anything that U want.

''''''''FACEBOOK SHORTCUTS''''''''
For Facebook Help Center - Shift+Alt+0
For Facebook Home Page - Shift+Alt+1
For Your Facebook Profile Page - Shift+Alt+2
For Friend Request - Shift+Alt+3
For Messages - Shift+Alt+4
For Notification - Shift+Alt+5
For Account Settings - Shift+Alt+6
For Privacy Settings - Shift+Alt+7
For Facebook Pages - Shift+Alt+8
For Facebook Terms of Use - Shift+Alt+9
For enable Search - Shift+Alt+?
For Compose a New message - Shift+Alt+m
:::Enjoy:::

Want a security for your PC. Try this hack, you can turn your pen drive or USB into a 

security key. Without this key nobody can access your PC. In simple language, you can lock

 and unlock your PC from Pendrive.

We do this thing from an amazing software named Predator. 

This software turns your Pendrive into a password. 

Without your Pendrive, you can’t access your PC.

 If you unplug Pendrive from your PC your PC will be locked. 

This is one of the most advanced security for any computer user.

1. Download Predator USB software from its Official Website for 9 days

   trial: http://www.predator-usb.com/predator/en/index.php…

2. Install and Launch this software in your window PC.

3. When you launch this software first this software asks you to set the password.

4. Set your password and click on Ok button. (Make sure your Pendrive is connected to your PC.)

5. Now this software is ready for locking your computer from Pendrive.

Security Researchers have found “SpyNote” named Trojan on dark web. The Trojan has been leaked its authors in a number of underground forums. Hackers could use this Trojan very soon, to target Android users. This Trojan is capable to record all the “Incoming” and “Outgoing” calls of victim. This is a dangerous Trojan and researchers have no idea, how hackers will distribute it. Hackers are also familiar with the security methods, used by Android. Might be, they could use some new ways to spread it. This Trojan is very harmful because of the following reasons:
•SpyNote can steal all the text messages of victim.
•This Trojan has a built-in microphone, that’s why it is capable to record all the Incoming and Outgoing calls of Victim.
•It can control the camera of infected device SpyNote can also steal contact list of device.
•Hackers could make fraud calls and can send fraud text messages from the infected devices.


Why and How Hackers will Use This Trojan?
Security Researchers at Palo Alto Networks said, “The malicious code of this Trojan is not depend on the root access of device. At the starting point, it has to install a list of functions and codes but after that it can install itself automatically.” Hackers have used a Windows Application to build at. By using this application, hackers release customized malicious APK packages of this “SpyNote Trojan”. Hackers could spread this Trojan under different names, command servers and icons. Hackers are not using this Trojan in wild yet. Security Researchers are trying to get know about the methods, which hackers can use to distribute this Trojan.

Manual Installation
In this case, criminal needs physical control of the device. He can manually install “SpyNote” in the device and could target the victim. For Example:

Also read: Be Careful Facebook Users! Scammers Are Using Pornographic Images to Hack Your Account!

•A person can gift you an android phone after installing “Trojan” in it to spy on you.
•Your colleagues can install Trojan in your device if they know the password of your device.


How to Avoid it?
Cybercriminals mostly use, third party App Stores to spread their malicious applications. Android devices have a feature “Install Apps from unknown Sources”. To avoid these type of Trojans, “Disabled” this feature. By default it is “Disabled” but you need to check it once before installing application from app stores. This is very smart Trojan and it can also bypass security methods used by Google to get place in official “Play Store”.  Make sure, you are using latest version of Android because it has advanced anti-malware functions to block the installation of these type of Trojans.

Online scams are very common now a days. Cyber criminals are earning Millions of Dollars by using their social engineering skills. Innocent Internet users are the targets of these cyber criminals. In cyber world, before taking any service and product make sure that it is a legitimate one. Awareness about online services is a must. Never believe blindly on anyone. One of the cybercriminal has been arrested by Interpol from Nigeria, who is the mastermind behind the online fraud networks.

Who is this Guy?
According to Interpol, this hacker has collected $60 Million in an illegal way. The Mastermind is a 40 Years old man and his name is Chinaka Onyeali or Beasley Martyn. But his online name is “Mike”. Interpol arrested him from the southern city of Port Harcourt. This guy is the mastermind behind thousands of Online Scams. Interpol has arrested this criminals with the help of Nigerian EFCC (Economic and Financial Crime Commission). The list of Mike’s offences is very long and in one case, he robbed more than $15 Million from a victim.

He was not only the guy behind this big fraud. There was a team of approximately 40 cyber criminals, which were working on the orders of Mike. These 40 team members of Mike are present in Asia and in many other countries of Africa. They were using key logger malwares to target the victims. Malvertising is a biggest problem in this cyber world. All the small and medium level businesses were on the target of these crooks.

How he did it?
By sitting in Malaysia, Thailand, South Africa and Nigeria, these 40 crooks were stealing the financial credentials of victims. These hackers target thousands of people. Most of the victims belongs to India, United Kingdom, South Africa, Russia, Malaysia, Thailand, Sri Lanka, Australia, Canada and USA. The arrested guy also have contacts in China and USA. The cyber criminals of China and USA were providing bank accounts to him for transactions. They were targeting people by spreading malwares and by hacking their email accounts. Following scams had been done by this cybercriminal:

•Alibaba Scams (By Making Fake Shopping Websites)
•Romance Scams (By Making Dating Websites)
•Business Email Scams (BES)
•419 Advanced Fee Scams (Such as Online Networking Websites)
 

Microsoft has released a latest security update on Tuesday to patch 9 critical vulnerabilities.  These vulnerabilities has been discovered by security researchers in Internet Explorer, Edge Browser, Microsoft Graphics Component, Microsoft Office, Windows Boot Manager and Windows PDF library. This update has been released by Microsoft to patch total 9 security flaws and 5 of them has been ranked as critical because these flaws are RCE (Remote Code Execution) vulnerabilities.

What is Remote Code Execution Vulnerability?
RCE is a critical vulnerability and by exploiting it, cybercriminals could execute remote commands on system. By executing commands remotely they can install malicious softwares and backdoors in the targeted system. A successful Remote Code Execution exploit process may allow hackers to virtually control the system of victim. Hackers may trace each activity of victim through command and control servers.

Windows Security Updates of August 2016
Following Vulnerabilities Has Been Fixed by Microsoft in this update:
•MS16-095 (Internet Explorer)
•MS16-096 (Edge Browser)
•MS16-097 (MS Graphic Component)
•MS16-098 (Kernel Mode Drivers)
•MS16-099 (MS Office)
•MS16-100 (Boot Manager)
•MS16-101 (Windows Authentication Method)
•MS16-102 (Windows PDF Library)
•MS16-103 (active SyncProvider)


​MS16-095 (Internet Explorer)
This vulnerability was allowing attackers for remote code execution. Hackers need to design a specially crafted webpage and they have to manipulate the victim to see it in Internet Explorer. If they are able to do it successfully, they can take the control of system as admin. They can add new data, remove the old data and can do many other changes. It is a critical vulnerability.

MS16-096 (Edge Browser)
Edge Browser was also allowing hackers for Remote code Execution like Internet Explorer. Hackers could use the same process as Internet Explorer in this to manipulate a victim and they can take the administrative rights.

MS16-097 (MS Graphic Component)
This vulnerabilities also allows hackers for Remote Code Execution. Hackers could target Windows Users by sending them a special crafted Document and Specially crafted website. This security update will patch this critical security flaw in Skype, Microsoft Lync, Microsoft Windows and Microsoft Business.

Also read: Nigerian Mastermind Behind Online Fraud of $60 Million, Has Been Arrested By INTERPOL!

MS16-098 (Kernel Mode Drivers)
This vulnerability is related to privilege elevation. Hackers could target users by sending them specially crafted executable file of a malicious application. When user will run that application, hackers can take control of the system.

MS16-099 (MS Office)
This is also a critical vulnerability. MS Office is allowing hackers to take control of system. Hackers can send a malicious MS Office File. When victim will click on it, the attached malicious codes will do it work to give the control of system to hackers.

MS16-100 (Boot Manager)
This update is important for Windows Server 2012 R2, Windows Server 2012, Windows 8.1, Windows 10 and Windows RT. This vulnerability is allowing hackers to bypass security features of Windows by installing a specially crafted malicious boot manager into system files of a system.

MS16-101 (Windows Authentication Method)
This vulnerability is also related to privilege elevation like MS16-098. Hackers could run an application of joined domain system to target the victims. Elevation of privilege if an attacker runs a specially crafted application on a domain-joined system

MS16-102 (Windows PDF Library)
Windows 8.1, Windows 10, Windows RT 8.1 and Windows Server 2012 are infected with this vulnerability. It allows remote code execution through PDF files. Hackers could send malicious PDF files to victim. When victim will open it or see it online, the control of system will be in the hands of attackers.

MS16-103 (Active SyncProvider)
At the failure of secure connection establishment process in universal outlook. This is an information disclosure vulnerability.

Install these security updates as soon as possible for your systems security!

This is really a bad news for you, if you own an x86 Linux based router. A Linux.PNScan named Trojan is installing backdoor on all that routers, which are using x86 Linux architecture. This is an old Trojan which was first detected in August 2015, by security researchers of Dr Web. At that time this Linux.PNscan Trojan was infecting PowerPC, MIPS and ARM based routers.

A Brief Report on Old Linux.PNScan Trojan
Old Linux.PNScan Trojan was designed by its authors to perform Distributed Denial of Service (DDoS) Attacks. After infecting ARM, MIPS and PowerPC based routers, this Trojan was capable to organize ACK Flood, SYN Flood and UDP flood based DDoS attacks. This Trojan was infecting all the routers which were making contact with it. It was also capable to perform brute force attack. But it was using only three username and password combinations.

User Name: admin       Password: admin
User Name: root          Password: root
User Name: ubnt         Password: ubnt

How New Linux.PNScan Trojan is Doing Its Work?
According to security researchers of Dr Web, it is an updates version of Old Linux.PNScan Trojan. This Trojan has been complied by its authors with the help of ‘Toolchains” named compiler tool. Linux.PNScan has compatibility of GCC(GNU) 4.1.x. SSL enabled configuration has also been used by its authors to activate cross compiler option. This is hard coded Trojan, developed by its authors only to install backdoor in x86 Linux Based routers.

Hackers behind this Trojan, are using a twitter account to hide all the malicious traffic. After infecting an x86 Linux based router, it is creating some malicious files in system. These malicious files are listening to 2 ports which have been used by TCP. Trojan is sending specially crafted HTTP requests through SSL by using 443 port. This Trojan is capable to perform a dictionary attack too.

How to Detect This Trojan?
Linux.PNScan is creating some new files in the system. If these type of files are available in your router’s files system, you are also a victim. The list of files is as given below:

Permission                    Size              Date                    Filename                           Function
-rw-r- - r--                          387       Aug 23  12:06              list2                             < - - connected hosts
-rw-r- - r--                          4           Aug 23  12:02             MalwareFile.pid            < - - pids
-rw-r- - r--                          0           Aug 23   12:02            daemon.log                  < - - malware log
-rw-r- - r--                         35          Aug 23   12:02            login2                           < - - brute auth
drwxr-xr-x                         4096       Aug 23   12:02            files/                             < - - updates/downloads

This is not a new thing, hackers are using different types of ransomware programs to hack computer systems. But this time, Hackers are targeting Linux Based Web Servers with the help of FairWare ransomware to earn money from server admins. Hackers are first deleting the whole folder of web server files and then they are demanding for money. In normal ransomware attacks, hackers first encrypt all the files of a target system and then they leaves a message behind for money to decrypts all the files. But in this case, hackers are deleting all the files of a web server.
According to a blog post of Lawrence Abrams (Founder of tech Support Forum Bleeping Computers), “Hackers are using “FairWare” named ransomware to delete web files. After hacking a web server, attackers are remotely installing this ransomware on server. They are deleting all the web files remotely and demanding $1200 (Around 2 Bitcoins) from server admins to restore all the deleted files.”

Ransom Note
After doing all this, hackers are leaving a message. In this message they are writing,” We are the only solution in this world to recover your deleted files. We have a backup of your files, because before deleting we encrypted all the files and uploaded it on a server. This server is under our control and if you will pay us, we will reinstall these files on your server. You have time of two weeks to make this payment, after that we will permanently delete your files.”

Does Attackers really have the backup of deleted files?
According to security experts, nobody can say that hackers really have a backup of deleted files. Victims have no need to pay this ransom of two bitcoins and they need to think twice before paying. A number of Linux server have been targeted by these hackers but server admins are not giving them ransom, because they have a backup of server files.

Also read: Linux.PNScan Trojan is Back Again! Indian x86 Linux Based Routers are on Target!

Besides it, the hosting companies are giving services such as weekly and monthly data backup. Data backup can help admins to recover deleted files, but it is not a solution of this problem. Server admins need to find security holes and they have to fix it to keep these type of attacks away from the system.

Security Tips for Server Admins

•Never use outdated version of any service. Update all the service packages to its latest version.
•Always keep a backup of your server files to an offsite location.
•Check your files system time to time. If you found any issue, fix it immediately.
•Never shared your sensitive information with anyone.
 

England based Security Software and Hardware vendor “SOPHOS” get into trouble last Sunday, when its antivirus products marked a critical Windows System file as a malware. All the windows users, which are using SOPHOS antivirus services, were unable to log in into their computer systems. According to SOPHOS, all this happened due to a small mistake.

Which Windows File Was This?
“winlogon.exe” is an important file of windows. Antivirus tools of SOPHOS, marked this file as a Trojan “Troj/FarFli-CT”. This is a critical windows file, which is a part of Windows login subsystem. This process is very important to check user authorization and activation.  SOPHOS antivirus tools, marked it as a Trojan due to a bad malware signature. After that, when users tried to log in into their user account, they got an error message in black screen. To fix this problem, an instant update had been released by SOPHOS for all its antivirus products. According to SOPHOS, very less number of users have faced this problem as we noticed that this happened only in Windows 7 Service Pack 1.

Be a Part of CDI, By Signing Up Here!

How Many Users Have Suffered It?
In a support article SOPHOS said, after analyzing our system we noticed the number of affected windows users is very less. SOPHOS also wrote, we were getting feedback from our customers and there was minimal amount of affected users. On the other hand, a number of SOPHOS customers were tweeting that we are trying to reach support team of SOPHOS and we are in queue for hours. Users were looking very much tensed and one user tweeted,” This False Positive Actually removed some of my weekend".

How Affected Users Fixed This Issue?
SOPHOS released a support document for affected users. Company wrote,” User need to reboot his system in Safe Mode and then ne disable SOPHOS Antivirus Program from default start. Now restart your systems in normal mode”. Apart from it, many users were able to log in into their systems by clearing bogus notifications from SOPHOS Console. There was need to mark all the bogus notifications as resolved.

Use of HTTPS will be a must for all websites from 2017. Recently Google has declares that from the starting of 2017, Google Chrome will start warn internet users by giving them a warning of “Unsecured Connection”. It will happen when user will visit that website, which is not using HTTPS. This rule will be applicable for all that websites, which are transmitting credit card details and passwords. According to a report of security researchers, there are 40% websites which are transmitting Credit Card Details and Passwords of users through a HTTP using websites. It will be a beneficial initiative from Google Chrome to save the Credit Card details of internet users from cyber crooks.

Why Google Will Do This?
It seems like, breaching a database is an easy task for hackers now a days. If websites are using HTTPS protocol, the sensitive information of users is 60% safe from hackers. Rest of 40% depends on the development skills of developers and security skills of server admins. Google will show warnings in URL bar, just before url of that website which is not using HTTPS. Internet users are ignoring legitimate security warnings and it motivates the hackers to perform different type of attacks to steal sensitive information of users.

As we often wrote in our blog posts, a little mistake may lead all your business to a huge risk. The details of personal accounts are also a subject of confidentiality. Google Chrome will show a security warning in URL bar in form of a text, "Your Connection to this site is not private”. Emily Schechter (Member of Chrome Security Team) wrote in one of her blog post, hackers can modify information of a website which is using HTTP protocol. Hackers may change information of website as per their benefits, before reaching to the browser. If Google Chrome will alert the users regarding this security threat, users will not share their sensitive information. Some Security Researchers are saying, the term “Not Secure” will not look that much genuine. According to them. Google should use “Not Encrypted” instead of “Not Secure”.

If a website is using HTTPS protocol. It doesn’t mean, it is secure form other threats. Having a HTTPS padlock in url bar, doesn’t make a website secure. Hackers may use, HTTPS protocols on fake websites as well, to manipulate the users of a legitimate websites. HTTPS only provides data encryption at transport layer. It doesn’t mean, website is secure from all the major attacks, such as SQL Injection, XSS Attack and Remote Code Execution etc