Google Chrome will protect you from fake download

Google Chrome will protect you from fake download
Search giants Google have rolled out new thing with its browser i.e. Google Chrome related to the users security. Google announced today that its Safe Browsing service in Chrome now flags websites that use social engineering content like fake download buttons, fraudulent updates, and ads designed to mimic the branding on a page in an effort to spread malware.

As there are lots of fake website for downloading content and there are most chances that some of the cyber criminals bind the malicious apps (like key-loggers or backdoor software) with the genuine one. Hence it is always recommended to download anything only from the trusted sites. 
Many times users gets into trap of fake download links and some other malicious or unwanted software gets download on to its system.
For this issue Google made an update with its browser, Chrome features Google's Safe Browsing is turned ON by default (which can be deactivated manually). If you have the setting enabled, Chrome will now show you a red warning page when you use Chrome to open a website that has fake download buttons. "Deceptive site ahead," the warning reads. "Attackers on (the site) may trick you into doing something dangerous like installing software or revealing your personal information (for example, passwords, phone numbers, or credit cards).

Google speaks about updates on its Online Security Blog, says the warning will show for pages that contain ads that "pretend to act, or look and feel, like a trusted entity," or "try to trick you into doing something you'd only do for a trusted entity — like sharing a password or calling tech support."

It’s yet another step forward to help people on the Web avoid potentially harmful attacks from criminals online, and one that shows just how sophisticated browsers have become in identifying features on any given webpage.

Read More

Cpanel System Hacked, User Data Accessed

Cpanel System Hacked, User Data Accessed
Most popular website administrative firm cPanel (Control Panel) have warned its customers about the security breached of its system.

At weekend, firm discovered that its one of the customers database system have been breached, potentially exposing its customers information.  Customers' names, contact details, and encrypted (and salted) passwords were publicly aired due to a series of unfortunate events.

There is good news that cpanel stores users credentials on other system and that remain same.

Firm have warned its customers via emails-
“I am writing to let you know that one of our user databases may have been breached, although we successfully interrupted the breach, it is still possible that user contact information may have been susceptible.”
Cpanel mentioned that  the breached data contain names, contact information and passwords which are encrypted.

Firm is moving forward to the better security as this was not that serious breached but it can't be neglect also.
Read More

Google Launched Free WiFi In India, Steps to Use It

Google Launched Free WiFi In India, Steps to Use It
This is not a first time that search giant had stepped forward to connect peoples with internet. As Google had rolled out free WiFi services on many other countries and also providing free WiFi service with a Google Balloons. This time again Google brought same services in India also.

As last year, Google CEO Sundar Pichai outlined a project that would bring free public Wi-Fi access to over 400 train stations across India, now this project is been live.
Google comes with RailTel, a government agency that provides broadband and VPN service in India, started Railwire Wi-Fi service, that gives access to the high speed internet to all the visitor's in Railway station.

Where it is Launched?
Initially Google had started the free WiFi service from Mumbai (City that never sleep) and Mumbai Central station has become the first in the country to be equipped with the service. 

This service also provided soon in Allahabad, Patna, Jaipur and Ranchi, and other stations will follow very shortly.

This service will reach 400 train stations throughout the entire project in India, with 100 set to be completed by the end of the year 2016. It will be one of the largest public Wi-Fi networks in the world.

Step to Use Free WiFi
Here is the step to use this free WiFi service.
  1. First scan for the WiFi network from your device,  and select RailWire network.
  2. Open your browser and enter the URL railwire.co.in into the browser window.
  3. You will get a WiFi login screen, put your mobile number and click on Receive SMS.
  4. With a minute you will receive an OTP 4digit code. Enter that on browser WiFi login page, and click on Done.
  5. After that you will see a check mark on your screen, letting you that now you are Connected to free WiFi
Hope you get all the process to use it and also liked this Google initiative. Comments your views below.
Read More

iOS critical 'Cookies Stolen' bug finally fixed

iOS critical 'Cookies Stolen' bug finally fixed
IOS 9 bug, hack iPhone, hack ios
Finally, Apple had patched three years old bugs on it's mobile operating system, with the release of latest iOS version 9.1.2. The issue was critical as attackers (hacker) can impersonate users who visit websites that use unencrypted authentication cookies.

The issue resides in the implementation of a cookie store iOS shares between the Safari browser and a separate embedded browser used. The cookie store is used by OS to negotiate “captive portals” that are displayed by many Wi-Fi networks when a user makes a first access. Captive portals generally require people to authenticate themselves or agree to terms of service before they can gain access to the network.

On the blog post Skycure wrote -
"The new vulnerability identified by Skycure involves the way iOS handles Cookie Stores when dealing with Captive Portals. When iOS users connect to a captive-enabled network (commonly used in most of the free and paid Wi-Fi networks at hotels, airports, cafes, etc.), a window is shown automatically on users’ screens, allowing them to use an embedded browser to log in tothe network via an HTTP interface. As part of Skycure’s continuous research on network-based attacks against mobile devices, we found that the embedded browser used for Captive Portals creates a vulnerability by sharing its cookie store with Safari, the native browser of iOS.”

How it works?
On the blog post Skycure have detailed the scenario of the bug.
  • Attacker creates a public Wi-Fi network and waits for victims
  • A victim passes by the malicious Wi-Fi area and joins the network (this can be done manually by the victim or their devices can be tricked into joining the network automatically by utilizing Karma orWiFiGate attacks)
  • Attacker redirects the Apple Captive request (http://www.apple.com/library/test/success.html) to an HTTP website of his/her choice, thereby triggering the iOS Captive Network embedded browser screen to automatically open
  • The embedded browser, which shares the same Cookie Store of Mobile Safari, loads Attacker-controlled content (which can contain malicious Javascript) and executes it.
The issue was reported to Apple team on 2013, and its patch is finally here.
Read More

Microsoft Is Killing Windows 8 Support Next Week

Microsoft Is Killing Windows 8 Support Next Week
Windows 8 support, windows 8 died
Its just three years that software giant had launched Windows 8, but here is something that is unexpected i.e. Microsoft is killing its Windows 8 on 12thbof this month.

As Windows 8 is not a successful Windows version as like its earlier windows, so this is something that should happened. Just after a year of Windows 8, Microsoft had launched another version called Windows 8.1 .

Why Is Microsoft Ending Windows 8 Support Next Week?
On January 12, Microsoft will be rolling out its first Patch Tuesday of 2016 that will be the last batch of Windows 8 updates.
The reason? Well, Microsoft is treating Windows 8.1 just as a service pack for Windows 8 users. According to the rules, you can hold off installing a service pack just for two years. If you want to read the exact words said by Redmond, here they are:


Windows 8, support ends 24 months after the next service pack releases or at the end of the product’s support lifecycle, whichever comes first. If you are using software without the latest service pack you won’t be offered any new security or non-security updates, although preexisting updates will continue to be offered.

With Windows 8.1, Microsoft promised tons of bug fixes, new features, and enhancements. While Windows 8.1 reaches its end of support on January 10, 2023, the end of Windows 8 has finally arrived.

Now What to Do?
After this update all you have three option, i.e. upgrade it to Windows 8.1 or Windows 10 or downgrad to Windows 7.
Microsoft continuously forcing its user to opt Windows 10, and this could be another trick to make user to Windows 10. Microsoft have already announced that Windows 10 comes with support until October 14, 2025.


Read More

LG unveils its new flexible, Paper Display

LG unveils its new flexible, Paper Display
LG paper display
LG Display had created a flexible 18-inch display that is capable of being rolled up easily as if it is a piece of paper. The technology depends on LG’s forward-looking OLED technology which focuses on bendable and rollable displays. Additionally, the company introduced similar technology last year as proof of concept, however further details were scarce.

Earlier also this prototype had been presented by Sony and Samsung, but now LG had also makes it up. 
LG paper display

LG envisions these types of screens rolling up into our pockets or being made to wrap around interior spaces, and the company will show off a 25-inch curved screen installed on the inside of a car at its Auto Zone section on the show floor.


Read More

Instagram HACKED! Researcher Hacked into Instagram Server

Instagram HACKED! Researcher Hacked into Instagram Server
Yup! You read write, hacker had accessed into the Instagram server and get into almost everything.

A  senior security researchers, Wesley Weinberg at Synack have discovered a series of critical security vulnerability on one of the instagram server which leads to access several sensitive data on the server, that includes -
  • Source Code of Instagram website
  • SSL Certificates and Private Keys for Instagram
  • Keys used to sign authentication cookies
  • Personal details of Instagram Users and Employees
  • Email server credentials
  • Keys for over a half-dozen critical other functions
Weinberg reported the security issues to Facebook team as a part of bug bounty program, but instead of giving a reward to Weinberg, Facebook has threatened to sue the researcher of intentionally withholding flaws and information from its team.

Weinberg have found a potentially vulnerable server located at sensu.instagram.com, where he discovered Remote Code Execution (RCE) bug in the way it processed users’ session cookies that are generally used to remember users' log-in details.

Exploiting the vulnerability, Weinberg was able to read the database containing login details, including credentials, of Instagram and Facebook employees.
Although the password were encrypted with bcrypt , but was easy to crack it as some of them were too weak like changeme, password, instagram etc.

After discovering the vulnerability Weinberg tried to read the configuration file from the server, and luckily one of the files contained some keys for Amazon Web Services accounts, the cloud computing service used to host Instagram's Sensu setup.

These keys listed 82 Amazon S3 buckets (storage units), but these buckets were unique. He found nothing sensitive in the latest file in that bucket, but when he looked at the older version of the file, he found another key pair that let him read the contents of all 82 buckets.

With this information Weinberg had almost everything about instagram server that includes -
  • Instagram's source code
  • SSL certificates and private keys (including for instagram.com and *.instagram.com)
  • API keys that are used for interacting with other services
  • Images uploaded by Instagram users
  • Static content from the instagram.com website
  • Email server credentials
  • iOS/Android app signing keys
  • Other sensitive data
Weinberg reported the security issues to Facebook team but social giant had end up with legal action against researchers, as social media giant was concerned he had accessed private data of its users and employees while uncovering the issues.

After some more discussion (which can be read at Weinberg blog) Facebook promised to reward with $2,500 for his RCE finding on Instagram server.

However, the other vulnerabilities that allowed Weinberg to gain access to sensitive data were not qualified, with Facebook saying he violated user privacy while accessing the data.
Read More

Zero-day Flaw in Kaspersky and FireEye security products

Zero-day Flaw in Kaspersky and FireEye security products
Now this could be the busy weekends for these companies, as security researchers have point them to work on there products. Couple of security researchers have disclosed flaws in products from Kaspersky and FireEye that could be exploited by malicious hackers.

First vulnerability reported to Kaspersky lab by Tavis Ormandy, a security researchers at Google. Last week Ormandy tweeted that he had successfully exploited Kaspersky's anti-virus product in such a way that users could find their systems easily compromised by malicious hackers.
In a follow-up to his latest announcement, Ormandy tweeted that the flaw was "a remote, zero interaction SYSTEM exploit, in default config. So, about as bad as it gets."

UPDATE: Ormandy have tweeted that Kaspersky team is rolling out the fixed/patch of vulnerability soon via its updates.

Earlier also Ormandy had disclosed the vulnerability on couple of Antivirus product and explained he had exploited Sophos and ESET product.

Another security researchers Kristian Erik Hermansen has disclosed details of a zero-day vulnerabilities on Fiereye's product, which - if exploited - can result in unauthorized file disclosure.

Hermansen published proof-of-concept code showing how the vulnerability could be triggered, and claimed that he had found three other vulnerabilities in FireEye's product. All are said to be up for sale.
"FireEye appliance, unauthorized remote root file system access. Oh cool, web server runs as root! Now that's excellent security from a _security_ vendor :) Why would you trust these people to have this device on your network."
"Just one of many handfuls of FireEye / Mandiant 0day. Been sitting on this for more than 18 months with no fix from those security "experts" at FireEye. Pretty sure Mandiant staff coded this and other bugs into the products. Even more sad, FireEye has no external security researcher reporting process."
Read More

AT&T reportedly helped the NSA spy on internet traffic

AT&T reportedly helped the NSA spy on internet traffic
Telecommunications giant AT&T Inc have partnered with the US Surveillance Agency NSA and assist them to conducts surveillance on huge volumes of Internet traffic passing through the United States.

The news came forward when New York Times reported that the company gave technical assistance to the NSA in carrying out a secret court order allowing wiretapping of all Internet communications at the headquarters of the United Nations, an AT&T customer.

The new documents provided by the former NSA contractor Edward Snowden, reveals the relationship between NSA and AT&T which has been considered unique and especially productive. One document described it as “highly collaborative,” while another lauded the company’s “extreme willingness to help.”

The documents describe how the NSA's working relationship with AT&T has been particularly important, enabling the agency to conduct surveillance, under various legal rules, of international and foreign-to-foreign Internet communications that passed through network hubs in the United States.

AT&T’s cooperation has involved a broad range of classified activities, according to the documents, which date from 2003 to 2013. AT&T has given the N.S.A. access, through several methods covered under different legal rules, to billions of emails as they have flowed across its domestic networks.

It provided technical assistance in carrying out a secret court order permitting the wiretapping of all Internet communications at the United Nations headquarters, a customer of AT&T.

The company installed surveillance equipment in at least 17 of its Internet hubs, far more than its similarly sized competitor, Verizon. And its engineers were the first to try out new surveillance technologies invented by the eavesdropping agency.

The N.S.A., AT&T and Verizon declined to discuss the findings from the files. “We don’t comment on matters of national security,” an AT&T spokesman said.

Since it is not yet clear that company still have a surveillance program installed or not, as AT&T spokesman denied to say anything on this report.
Read More