Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

Recover hidden files by viruses using this Un-Hider program

Since the advent of massive amounts of computers, we have also been dealing with viruses and malicious codes to the extent of diversification. Nowadays, there are already all sorts of malicious codes, capable of carrying out any action to affect the functioning of the system. However, even today there is still something very common, and very annoying which has been ignored by anti-virus and is a virus hiding files.
 Recover hidden files by viruses using this Un-Hider program
Although some viruses of this kind are harmless, the first impression when you run the device and not see your saved files is a disaster. However, you can solve this problem using the Un-Hider program.


Different forms of this virus are different, able to take your files and change their attributes to "hidden", so that when connected, we will not be able to see any file. This virus is really harmless and will not damage files, but it can quickly replicate between computers, so it's best to eliminate it from the root.

There are many ways to solve this problem without using additional software, and Un-Hider is responsible for eliminating malicious software from its roots. To use it, just download and run it, because it is a portable program.
  
After that, you will be asked to select the volume. Then click "Un-Hide", it will only take seconds before the computer application leaves the infection free. You can repeat the process with all your storage partitions on your device.
 
To understand the program see the following video

This extension is important because it blocks websites that can steal your information

When you browse the Internet security will always come in our priority and much more especially in our day where computer attacks are everywhere. In this sense, we need to carefully check the type of sites we visit and even more so when we leave personal information. To increase your protection there is an add-on that can help us in this area, providing security information about the sites before we get into them.

This extension is important because it blocks websites that can steal your information

That's why we offer you today Emsisoft Browser Secutiry, an extension of the Google Chrome browser that is able to protect us from sites that are potentially dangerous to us.

 This extension is important because it blocks websites that can steal your information

 Phishing attacks and password theft are rampant at this time, as hackers are still creating solutions that allow them to be impenetrable in stealing passwords and private data. This is why it is very important to know what websites we visit and where we add personal information, since it is very common to be victims of information theft under these circumstances. In this sense, Emsisoft Browser Security tells us if the sites we intend to visit are safe.

This extension is important because it blocks websites that can steal your information

Emsisoft Browser Secutiry is able to tell us if the sites we plan to open are really safe. This is done by reviewing a strong database. If you match any dangerous site, the extension will immediately notify you, indicating that the site is blocked for security reasons.
Add Link: Emsisoft Browser Security






6 consumer devices used in your home can hacker penetrate

Smartphones, home automation systems and virtual personal assistants can make life easier for all of us, but everything has its price and challenges. The biggest concerns in this area are piracy, yes piracy and hacking are the biggest threat to devices and the new life system based on Internet-related technology devices permanent.

6 consumer devices used in your home can hacker penetrate

Breakthrough now not only threatens computers and smart phones, but a set of technologies and devices that you use in your home can be vulnerable to penetration. In this post we will identify the six consumer devices used in your home can hacker penetrate.


1. Refrigerators

 Refrigerators

 Home refrigerators are simply cooled food and drinks, but smart refrigerators have been developed and incorporated into tablet PCs to allow you to view calendar, play music, watch videos and even make purchases online. Future smart refrigerators can also identify the food and drinks inside, and automatically alert you to the need to buy missing items. These functions can make everyday life a little easier, but you have to be very careful with such devices.

A digital security company discovered that two weeks ago, between 23 December 2013 and 6 January 2014, cybercriminals hacked 100,000 smart home appliances, including refrigerators. They even used the Internet connection of these refrigerators to send malicious messages to others!

2. LEDs


 LEDs

 Hackers can connect to various devices connected to the Internet and this is something known. But smart lights are particularly vulnerable to piracy, as researchers from Israel and Canada discovered last year. Hackers may be able to remotely control these bulbs remotely, such as turning them on or off, and changing the light level.

3. Printers


 Printers

 Just like computers and smart phones, some printers come with Wi-Fi connectivity, which makes them a victim of hackers. After hackers can break through the printer, they can see what is being printed on the device, and the computer with which the printer is connected may be attacked. In February 2017, a hacker wrote automated text to manage more than 160,000 printers connected to the Internet without a firewall. Although he can print threatening messages or steal confidential data from these printers, he only prints the messages shown in the following picture:



4. Games



Some toy companies, which produce smart dolls equipped with sensors that transmit all kinds of data, from sound recordings to all vital indicators of the child. Earlier this year, pirates had access to 800,000 client accounts using such games, which could threaten the confidentiality of sound records stored in their system.

5. GPS device


GPS device

Regardless of whether is an independent device or built-in car, GPS can greatly reduce the time of the person when traveling. But hackers can penetrate the GPS on the phone or in the car to track the owner's location, send a person to a dangerous place or even cause an accident. Using a GPS simulator, hackers can also rig coordinates to change location data.

6. Cars


jeep car

In 2015, two security researchers were able to penetrate and control the Jeep, while Charlie Miller and Chris Falasik managed to control the radio, windshield wipers and air conditioning in the car. Furthermore, the researchers also managed to change the car's speed, brake and track movement with the GPS.













 



Android: a security vulnerability allows to spy on you since 2013

Android: a security vulnerability allows to spy on you since 2013

Android is the victim of a serious security breach. With this breach, an attacker can easily install malware on your smartphone to collect your personal data, including your browsing history. All versions of Android, from Kit Kat (released in 2013), are affected.

Android security vulnerability allows spy since 2013     
 "A flaw allows attackers to access sensitive information from all Android devices, including web browser history, messages and banking application data," said Sergey Toshin, cybersecurity researcher at Positive Technologies. Only users of a web browser that uses the Chromium rendering engine, such as Chrome or Samsung Internet, are affected.
 

A serious security vulnerability has been identified on Android: Google deploys a patch


According to the researcher, the flaw is in the WebView component, which is preinstalled on your smartphone. It is basically used for displaying web pages in Android apps. By exploiting this vulnerability, an attacker can easily hide malware or malicious applications in your device. "The WebView component is used in most Android applications, making these attacks extremely dangerous," says the expert.
 Once this is done, the hacker will be able to siphon "information from WebView from other applications", which includes the history of your web browser or your login credentials online, Facebook or Twitter for example. According to Sergey Toshin, there is no evidence that the flaw was used by a pirate to launch an attack.

Fortunately, Google has fixed the flaw with the release of Chrome 72 last January. "Since Android 7.0, WebView is implemented via Google Chrome and, therefore, updating the browser is enough to correct the problem," says the researcher. We invite you to update your browser without further hearing. For users of an earlier version of Android Nougat, update WebView without delay by going to the Google Play Store.














How to Remove Hidden and Preinstalled Applications in Windows 10


Windows 10 provides the default installation for many preinstalled applications, which in most cases are not used. We have previously talked about how to remove these applications from your device, however, some applications can not be removed because they are hidden.
Remove Hidden and Preinstalled Applications in Windows 10
Fortunately, although it does not appear in the above way, there is still a way to completely remove it from Windows. Here's how to remove previously installed Windows 10 applications that are hidden on your computer.


Since you take something to come with the system, it is always best to make a backup and restore point before performing the next operation. In addition, if you do not know the purpose of the program and are afraid to uninstall it, it is best avoided.

How to Remove Hidden Applications from Windows

As mentioned earlier, these types of applications can not be removed directly with Windows, and it is necessary to use an external tool.

Go to this link and click "Download" for "O & O AppBuster";
 
After the download, enter the folder where the file is located and run as administrator;
 
 At the top of the app, click View and leave the Hidden Apps option selected;
 
Select the apps you want to uninstall and click Remove;
 
 In the window that appears, you can choose to delete the app only for you or all Windows users. Click OK and wait for the process to complete.
 
 In addition to removing hidden applications from Windows 10, you can also uninstall other bloatwares from it. To do this, in addition to displaying the "hidden" option items, allow AppBuster O & O to also display "normal applications."


How to protect from the new ransom virus "the bad rabbit" that hit the European countries

After the ramps of the ransom virus "I want to cry" corruption in the earth, and the virus was able to cause an electronic attack is unprecedented in the world in 2017, broke into the computers of dozens of countries and institutions and major international companies and the information and documents in them, and demanded the pirates of the victims to pay ransom for Decryption.

 ransom virus "the bad rabbit"

After a major security update from Microsoft and a host of other systems, virus attacks have been halted, but it seems that it has not yet ended. A similar virus, known as the "bad rabbit", has been identified this time and has been widely known in a number of European countries, namely Russia, Ukraine, The number is high.

The virus has so far succeeded in attacking the Odessa airport and the Ukrainian Ministry of Transport. Metro Kiev and a group of Russian press institutions as well as in Turkey and Bulgaria at different levels.

How does the virus spread?


According to several security reports, the new virus is spreading in an imaginary update of the flash program, and the virus comes with tools that help it move horizontally within the network, which may explain why it spread very quickly across many organizations, companies and countries in a short time. To servers and computers running on the same network via "SMB".




When the computer is infected with the virus, it first encrypts the files on the user's computer and replaces the MBR (Master Boot Record). When it does its job properly, it restarts the user's computer and shows you the malicious message that prompts you to go to the hacker's site. Push 0.05 configuration to retrieve your files.

 

How to protect yourself?


First, if you have a flash program on your computer, do not update it except from the official Adobe website, and if you see any message asking you to update the program do not do so.

Second, prevent the following extension from your device:
  c: \ windows \ infpub.dat
c: \ Windows \ cscc.dat.

Thirdly, stop WMI services to prevent malicious software from spreading in your network.

 















Huawei accused of spying on an American startup to steal its technologies

Huawei accused of spying on an American startup to steal its technologies

Huawei is once again involved in an espionage case in the United States. The startup CNEX accuses him of hiring an academic in order to steal technology. Previously, the T-Mobile operator accused the Chinese group of trying to steal confidential information from within its premises.

huawei logo

Huawei faces new accusations of industrial espionage. The Chinese group is accused by the US startup CNEX of stealing some of its technologies, reports Reuters. "Huawei has seized CNEX's confidential information and shared it with Huawei's SSD staff, in violation of the statements made to CNEX and the restrictions on the release of CNEX's technical information," said the California company. in a complaint filed with the Federal Court of Texas.

Huawei: after T-Mobile, CNEX accuses it of technology theft


To achieve his ends, Huawei would have recruited a certain Bo Mao, professor at the University of Xiamen. He allegedly asked CNEX to lend him a circuit board to help him with a research project. The startup has agreed to the signing of a confidentiality agreement. But the document would not have been respected. The academic would work with Huawei and the technical details of the component would have ended in the hands of the Chinese giant.

The American justice will therefore once again have to judge Huawei, who is already strongly suspected of having conducted a commando mission in the premises of the T-Mobile operator between 2012 and 2013 to try to recover technologies related to a robot robot ensuring the quality control of smartphones. In fact, we had published damning excerpts from Huawei that appeared to prove the doubts about the company.

Note that in 2017, Huawei filed a complaint against CNEX. One of the co-founders of the startup is Ronnie Huang, a former employee of a Huawei subsidiary in Texas. The Chinese group believes that CNEX's work is based on Huang's achievements when he was still working for Huawei and that according to a contract he had signed, Huawei could demand a right to the patents filed by the firm. The court has recently issued its verdict and rejected Huawei's request. On the other hand, another case is still in progress between the two actors: Huawei accuses Huang of indecently recruiting his former colleagues from Huawei to join CNEX.




















Windows 10: Microsoft wants to replace passwords with FIDO2 security keys

Windows 10: Microsoft wants to replace passwords with FIDO2 security keys

Microsoft wants to replace the passwords on Windows 10 with a physical security key FIDO2. The Redmond company has just obtained FIDO2 certification for Windows Hello, its PC authentication system. From now on, you will be able to use a security key to secure your Windows 10 accounts. The first certified PCs will not be long in coming to the market. We explain what will change.
 
 windows 10 microsoft announce password end
 
"With Windows Hello's FIDO2 certification, Microsoft brings 800 million Windows 10 users closer to a world without passwords," said Yogesh Mehta, a Microsoft executive, in a post on the brand's forum. Get ready to say goodbye to the infamous password, 123456, qwerty or 12345, which are the worst passwords ever.

Windows 10: FIDO2 allows Windows Hello to replace passwords with a physical security key


Windows Hello is now considered a FIDO2 authenticator. The certification is implemented from the May 2019 update on Windows 10. In the coming months, a FIDO2 logo will be affixed to the Windows 10 PCs offered for sale. Specifically, the standard allows users to connect to an online account via Windows Hello, using a physical security key, as found at fifty euros on Amazon, rather than a traditional word password.

For that, you will have to install the update of May 2019 on Windows 10. Among the compatible services, we find Outlook.com, Office 365, Skype, OneDrive, Cortana, Microsoft Edge, Xbox Live on PC, Mixer, Microsoft Store, Bing and MSN. Microsoft Edge under Chromium, Google Chrome and Mozilla Firefox will support the FIDO2 standard.

How it works ?


Contrary to what many users think, Windows Hello is not reserved for biometric recognition. It is in fact the software component that manages authentication on Windows 10. To secure your accounts, you can opt for a physical security key FIDO2, such as YubiKey for example, with this new certification. Visually similar to a traditional USB key, a key FIDO2 is equipped with a single chip to secure an account in the manner of a safe. You no longer need a password.

It was already possible for several months on Windows 10. But now, the physical key authentication is natively integrated with Windows Hello, you no longer need to install third-party software on your computer. Before you can use the key instead of a password, you will have to register it on the Microsoft website using its PIN code. Once done, it will allow you to access your accounts online without having to enter a password.

As ZDNet points out, FIDO2 is very similar to the WebAuthn standard approved by the World Wide Web Consortium (W3C). This new standard will allow Internet users to identify themselves on a website, such as Facebook, Twitter or Ebay, by using the fingerprint sensor, the iris scanner or the 3D sensor of their smartphone or laptop. Only Firefox supports the WebAuthn for the moment. Both initiatives are obviously in the same direction.

"We're encouraging businesses and software developers to create a password-free future and start today by supporting alternative solutions like Windows Hello," continues Yogesh Mehta. Until the standard is supported everywhere, we advise you to choose a password really secure. What do you think of the solution put in place by Microsoft? Are you ready to enter a world without a password? We are waiting for your opinion in the comments.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Dell: security breach allows hacking remote PCs

Dell: security breach allows hacking remote PCs

A security researcher has identified a security vulnerability that affects Dell PCs and more specifically the SupportAssist application that is installed by default on all machines of the manufacturer. With this flaw, the brand's laptops and desktops are at the mercy of hackers.

Dell security breach

Smartphones like PCs are mostly delivered with bloatwares, these applications pre-installed by manufacturers and which often have a high level of privilege. This is the case for the SupportAssist utility that is installed by default on Dell PCs. A security researcher named Bill Demirkapi discovered that this tool contained a vulnerability that allows hackers to install malware remotely.

Dell: a security vulnerability discovered in the SupportAssist tool of its computers


The SupportAssist utility has administrator privileges on Windows and is designed for debugging, diagnosing, and automatically updating Dell drivers. Bill Demirkapi discovered that it was possible to hijack this tool via JavaScript to download and execute files from an attacker-controlled location. This makes it possible to compromise the security of Dell PCs in various ways by installing remote malware.

For the attack to work, it is nevertheless necessary that the hacker and his target are connected to the same network, that of a public WiFi for example, as explained by the researcher. "The attacker must be on the same network as his victim to be able to launch an ARP or DNS spoofing attack in order to execute his code remotely," Demirkapi told ZDnet.

Dell released a fix for this security vulnerability on April 23rd. However, many users may still be exposed unless you have installed the latest version of the SupportAssist utility available at this address. The other option is to uninstall the tool, which is not recommended.




















Github: hackers empty hundreds of deposits and demand Bitcoin ransom

Github: hackers empty hundreds of deposits and demand Bitcoin ransom

Github, BitBucket, and GitLab, services that all operate in the same domain, experience a synchronized attack. Hackers have taken hostage hundreds of deposits and empty their contents. They demand Bitcoin ransom for victim developers.

GitHub

For those who do not know the Github service that was bought in 2018 by Microsoft for $ 7.5 billion, this is a software development management platform. It is used by millions of developers and companies around the world. Github houses projects registered in private depots that are updated regularly. Several users report these last hours being victims of ransom. Unidentified hackers managed to hack close to 400 accounts which they took care of emptying the contents.


Piracy of Github Deposits: Hackers Demand Ransom in Bitcoin


Github is not the only platform affected by this attack that also affects two of its competitors: BitBucket and GitLab. The observation is the same everywhere. Hackers removed source code and commits (updates) from Git repositories of their victims. A message left in each account invites the target to pay a ransom of 0.1 Bitcoin (about 500 dollars) to the address of hackers within a maximum of 10 days. They claim to have taken care to transfer all data to their own servers.

"To recover your lost code and avoid leaks, send 0.1 Bitcoin (BTC) to Bitcoin address 1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us by email at admin@gitsbackup.com with your Git ID and proof of payment. If you are not convinced that we have your data, contact us and we will send you proof. Your code has been transferred to our servers. If we do not receive your payment in the next 10 days, we will return your code or otherwise use it "

The process by which hackers could break into several hundred accounts at once is not yet known formally. GitLab says that after studying some cases, it appeared that some victims stored passwords in plain text files. A developer also acknowledged that he was using a weak password, which could have favored a brute force attack.

GitHub and Bitbucket on their side continue to conduct their investigations. Experts at the StackExchange forum explained that there is a chance that deleted source codes will be recovered by the victims. But this is not the real problem since they certainly have copies of their projects.

The main object of the threat is the disclosure of source codes that would be publicly available. No software publisher, mobile application or web would want his work to be accessible on the web because of the obvious risks of recovery and copyright infringement.