CBT Locker for Websites - Ransomware.

             As an advancement in Malwares there has been a new technology that is emerging very rapidly in the name of #Ransomware. There has been many Ransomware that hits the market. Recently a Ransomware that defaces the entire site has been revealed.

             Security Researchers has found a new Ransomware in the name of #CBT Locker that brings down the whole website down. The Ransomware encrypts the whole data that is available in the server.

             #CBT Locker once implanted replaces the index.html with its own index.html and then encrypts the entire file stored in server and demands a ransom of about 0.4 Bitcoins.

               The Ransomware also has the guide how to proceed with further steps and also there is a unique feature with this Ransomware such as they are providing a test decryption key which will randomly decrypt two files and then will show that "Congratulations Test File Decrypted Successfully". Then after the payment the key to decrypt all the files will be released.

               It is stated that AES-256 encryption has been used to perform these and there has been also time allocated and the ransom if not paid then the ransom will be doubled to 0.8 Bitcoins.

               It is recommended not to click on any suspicious link and also should have a good Antivirus which is updated regularly. 

               One thing I personally cant get clear is that if AES used being Symmetric key encryption same key should be used for encryption and decryption. If the key can be used to decrypt any 2 RANDOM files then why cant they be used to encrypt other files.

               There is another cases in ransomware where they states that it uses RSA for encryption but really used AES or DES for encryption. Lets stay tuned for more information.

P.S: The post is to create awareness and not to create any negative impact.

Apple working on even secure phones.

            Apple owns a major share in the smart phone market has now facing a problem with privacy and security policy with the US Government and FBI. Recently there has been a news that Apple is now working on the new model that is not hackable.

            Court Judicial ordered the Apple officials to unlock the device to access the data in the phone and Apple openly refused the request to unlock the device and they also handed over the iCloud data to the FBI.

            They have also mentioned the alternative ways that can be made to unlock the phone and now Apple is working on the development of the device which is more resistant to Hacking even by themselves.

           Big Giants like Facebook and Google has supported Apple and Donald Trump and Microsoft opposed Apple in this case.

            Apple's self destruction policy and the passcode bypass security created this and FBI requested Apple to put up a backdoor so that the device can be accessed by Bypassing the security code and the self destruction settings.

            The news about the development of the more secure device is not officially confirmed but Apple will continue to make its device more secure at any cost.

P.S: The post is to create awareness and not to create any negative impact.

Monitor Files Opened in Network.

          Networking is one of the biggest achievement in Computer world and at the same time due to the increased cyber threats, Network is prone to many attacks. Recently a tool has been developed to monitor the file activities in Network.

          Whatever security implementations setted up, humans are unstoppable and Insider / Disgrace Employee are real threat to the whole network. There has been many solutions  to monitor the employee activities.

           #NetworkOpenedFiles in one such tool if installed will monitor the activities of the file and if any file has been opened in Network it will display the details about the action.

            It is now available for all versions of Windows upto Windows 10 and also for Server versions. The tool will display the file name, timestamp, computer name (Available in few versions) and also the access provided.

            The details are very helpful in monitoring and also can be used to trace back to the user if any instance happend.

             Both 32 bit and 64 bit versions are available and it can be downloaded from here.

P.S: The post is to create awareness and not to be misused.

A single word document to hack a system.

           In this cyber era even a small piece of code can compromise the entire security if done in sophisticated level. The rise of Ransomware is increasing rapidly and there has been a new hit. Recently a new Ransomware has been discovered.

            Ransomware is just a malware that will encrypt the whole data and demands the victim to pay the ransom to provide the decryption keys. It is the latest trend and has earned around millions of dollars as ransom.

             #Locky is the new ransomware that infects the system by simple word document. A malicious word document has been developed and circulated in the form of "Company Invoice or any other catchy subject". 

                Once the document has been opened user will be shown with the pop up of Enable Macros and if selected then the document activated macro and then the malware will be downloaded from the remote server and encrypts the whole data available.

                 If infected the only way is to pay the ransom or to delete everything and start from scratch. The infected computer users are forced to pay the ransom of about 0.5 to 2.0 Bitcoins. 

                About 4000 are infected every hour and about 100000 are infected every day by this Locky Ransomware. There is a news that it is also infecting the Network data and so saving the backup in same network also wont help in this matter.

P.S: The post is to create awareness and not to be misused.

Google Joins Apple in Encryption Battle.

              Few days back Apple has been put up in a critical zone where a Judge asked Apple to break the encryption of the device to access the data used by terrorist involved in mass shooting. Apple has been facing the battle and now there has been many twists.

              Actually Apple was asked to unlock the device to get the data involved in it. Apple already stated that its Encryption can not be broken and accessing the data in iDevice without a password is nearly impossible.

              Apple has been asked by the Judge to put up a Backdoor that can be used only by Apple personnel in case of need but Apple CEO Tim Cook refused saying that "Putting the backdoor will make the device less secure and anyone can exploit the backdoor".

              There has been many tweets regarding that and infact the politician "Donald Trump" stated that they should put up a backdoor as per Judge stated and opposed Apple.

               Now, Google CEO Sundar Pitchai sided Apple saying that putting up a backdoor can violate the user's privacy if exploited by any attacker. The talk of the giant CEO went more than 12 hours and then they sided Apple and Join hands in Encryption battle.

                Google CEO also stated that we will help the law enforcement by providing the user's details when needed but wont support implanting a Backdoor in their devices.

                 The Encryption Battle goes viral as many tweets are being made and Apple is strongly opposing the idea of putting a Backdoor in its device.

P.S: The post is to create awareness and not to create any negative impact.

Mining Bitcoins Faster.

             Bitcoins seems to be an illegal word for many but it is just a virtual money without any centralized principles as Dollar or Rupee. Bitcoins can be used for many trade and #Mining Bitcoins is one of the difficult task for the users. Recently a loophole has been revealed which reduces mining time.

             Bitcoins can be multiplied or mined by various computation and mining Bitcoins is not an easy task. It normally needs a large computing power and there are also some places in Internet where they claim to multiply the Bitcoins.

              A researchers team leaded by Indian Scientist conducted a study and find a loophole and developed a hardware named #Approximation that helps in mining Bitcoins at faster rate.

              The hardware #Approximation makes use of fault in the hardware such as 

#False Negative : Error present but no notification.
#False Positive : Not a real error, but notified as error.

               Approximation will scan for these errors and will help in producing the Bitcoins at 30 percent faster rate. 

               They have published a paper about the Approximation process and it can be found here.

P.S: The post is to create awareness and not to be misused.

Set this date - Brick your device.

              Apple is the first smartphone manufacturer to release the first 64 bit smartphone in the model iPhone 5s and then all the devices after that has 64 bit processor. Recently a bug has been revealed in all 64 bit Apple devices.

              The date settings in the idevices allows the user to manually set the date and if the date has been set to Jan 1 1970 then the device crashes and get bricked.

              Set the device to the date and then reboot it thats it then the device will hang in the Apple logo screen and wont boot up. This affects all iPhone, iPad and also iPod Touch models running 64 bit processor. Devices running in 32 bit is not affected.

               The bug was due to the internal Time epoch calculation in Linux that causes the kernel to crash and according to some source it is said that even the recovery options cant help to get the device to normal condition.

                The only way is to remove the battery from the logical board casing and this can only be done by Apple Personnel. 

                  Few also posted that leaving the battery to drain will bring the device back to normal and there has been no official information and Apple is yet to release a patch to fix the bug.

                  It is highly recommended DO NOT TRY THIS IN ANY DEVICE AND THE AUTHOR OF THE POST IS NOT RESPONSIBLE FOR ANY DAMAGE.

P.S: The post is to create awareness and not to be missued.

Windows 10 sends data more times that thought.

              Microsoft released its latest version of Windows in the name #Windows 10 and there has been many news that Windows is spying its users. Recently there has been a news that again states that Windows 10 is still spying.

              A security researcher run this test and he found that in a 8 hours of period Windows 10 attempted to connect to 51 different IPs of Microsoft about 5500 times.

              Attempting to make a connection for this many times is not an usual task and then the guy implemented the #Windows 10 Enterprise edition and also tested the same.

               It made 2758 connections in a period of 30 hours and the reason Windows 10 Enterprise is that it has more access to change the settings.

               All the above experiments were made after disabling the Telemetry features in the Windows 10 and this disables the tracking feature of the Windows.

               Even after disabling them Windows 10 is making these many attempts and it is not clear that what data has been sent to the server. According to the source it says that it is checking for the updates, any time adjustment etc.

                Microsoft also stated that they are collecting some data not personal to provide its users ease of use. They also stated that the data sent to the servers are all encrypted and cannot be viewed by any attacker.

P.S: The post is to create awareness and not to create any negative impact.

All versions of Windows are affected by Critical Vulnerability.

            Microsoft's Operating System has a major share in market and the new version #Windows 10 has many new and nice features and also they are facing some hard time in reaching the billion goal. Recently there has been a news that all versions of windows are vulnerable to a vulnerability.

            All the Windows version including the latest one are affected by this critical serious vulnerability (#ms16-013). The vulnerability allows an attacker to execute the remote code by making the user clicking on the crafted journal file.

             Microsoft is about to release the security patches to other 6 vulnerabilities also along with this vulnerability. They are

For Internet Explorer 9 through 11.
For Edge browser in Windows 10.
For Windows 8.1, 10 and server 12.
For Microsoft Office and 
For Server 2012 R2 and RT 8.1, Windows 8.1, 10 and server 2012.

              In addition to these security patches Microsoft is opening up a dedicated page for posting the security updates about the Windows 10 product and the page can be viewed here.

             The security flaws has been noted privately to Microsoft and is about to release the security patches for these vulnerabilities and also it is stated that the vulnerability is not exploited in large scale.

P.S: The post is to create awareness and not to create any negative impact.

Apple's iMessage app for Android ?

             Apple being one of the giant has its own operating system for Mac and also for its mobile devices. In the recent days Apple released the concept of #Move to IOS. Recently there is a news tha Apple offers iMessage application to Android.

              It is very clear that Apple is about to release some applications for Android and few of them are safari, itunes which are available both for Mac and also for Windows.

               Now it is that Apple is going to offer iMessage and also the iCloud and some other apps for the Android users. It is yet to be officially confirmed by Apple.

               iMessage is the service offered by Apple to send end to end encrypted message to their fellow Apple users if they have data connection. 

                Although it is an end to end encryption if the iCloud backup has been turned on then Apple can sneak on the data according to some articles released recently.

                 Move to IOS is the service with which any Android users can push their data to their own new iOS device.

                  According to some source, there might be few more apps that can be made available for Android users.

P.S: The post is to create an awareness and not to create any negative impact.

India bans Facebook's Free Internet.

              India being the largest democratic nation has many users on Facebook and its products. Facebook announced a new free internet services to Indians through Internet.org scheme. Recently there has been a news that India bans Free Internet from Facebook.

             Actually the free Internet service by Facebook is that users can surf the provided sites at free of cost without costing any mobile data if activated. TRAI (#Telecom Regulatory Authority of India) has banned this service in India.

             In order to access the free internet services the user has to be a reliance user and only some of the sites are provided at free of cost and not all sites. This is against the net neutrality policy of India.

             There has been a debate in many forums that this act of Facebook will make users to use only their sites and not any which is purely against the Net Neutrality policy of India.

              Considering this, TRAI has asked the Reliance service provider to temporarily ban the Facebook's free internet service and Facebook has yet to comment on this issue.

               There is no comment from Facebook side as of now.

P.S: The post is to create awareness and not to create any negative impact.

Secure Browser comes with Security Features Disabled.

              Comodo is one of the major security provider in cyber security field and they are providing Firewall, Browser and also Digital Certificates to their users. Recently there has been a news that Comodo is having the security features disabled by default.

             Comodo is having a #Chromodo browser that has a in-built free Antivirus from Comodo. The browser is said to be "Private Internet Browser". A Security researcher identified that it has a security feature disabled by Default.

             #Same Origin Policy (#SOP) is one of the feature used in browsers which prevents unauthorised access from other domains. The functionality is like consider you are visiting www.example.com then the data can only be communicated to example.com domain only.

              If someone from testing.com domain can get the details meant for example.com then it will cause a major threat to user credentials.

              This policy has been disabled by default in the Chromodo Browser. It may possess a big problem if any attack done at sophisticated level.  

              If you want to check your browser click this link and see whether you are getting "Your browser appears to be fine" pop up if you get "Your browser not enforcing SOP...." then you have to act.

P.S: The post is to create awareness and not to create any negative impact.

Microsoft Drops Cloud Data Center Under Ocean.

               Microsoft having millions of users across globe has many data centers to meet the need of its users. It has Azure a cloud platform for its users. Recently there is a news that Microsoft is dropping its Cloud Data Center under the ocean.

               About 50 percent of our population are near coast and so dropping the data center under the ocean will save a lot as per any experts.

              This idea will minimise the problem of cooling which will be needed if installed on the land and then the main advantage is the latency time. If the users are located near the coast then the latency will be very minimised.

              This project is dubbed by Microsoft as #Project Natick and it is the idea of having the racks enclosed in the steel capsule and then dropping them under the ocean.

              Building the data center is decreased from 2 years to 90 days if this has been implemented under the ocean. It is also environment friendly.

              The main problem with the implementation is the maintenance that will be difficult if implemented under the ocean. But they also stated that it will not has a maintenance for the period of 5 years.

              It is not only initiated by Microsoft even Facebook also putting their server far away to utilise the natural colling system.

P.S: The post is to create awareness and not to create any negative impact.

Microsoft started pushing Windows 10 again.

             Microsoft being one of the major operating system vendor released the latest version of Windows in the name of #Windows 10. There has been many aggressive campaign conducted by Microsoft to push it to 1 billion devices. Recently there has been another strategy by Microsoft.

             Microsoft begin pushing the Windows 10 into many devices with or without notifying the users in the past and now it is the new method in which Microsoft added that to the recommended download and it is enabled by default.

              Users who are running windows 7 and windows 8 are offered with Windows 10 as recommended update and will start downloading if the important update is turned on for automatic update.

              Windows 7 users are having about 50 percent of market share and they are now focussing on that users to reach the Microsoft campaign of installing the new OS in 1 billion devices.

               Users can choose what to do with the update after it has been downloaded. Even after installing also users are having the 30 days grace period to revert back to older version of windows.

               Microsoft stated that they are not forcing the users to install the windows 10 and it is only an option available for users.

P.S: The post is to create awareness and not to create any negative impact.

Apple to introduce Wireless Charging Technology.

            The Cupertino Giant #Apple has a major share in smartphone market and it has rolled out its iPhone 6S as the latest one and its iPhone 7 is expected with more expectations. Recently there is a news that Apple is going to introduce another new technology.

            Actually it is not the new feature in smartphone market as Microsoft and some models of Samsung are having the technology #Wireless Charging in which if the mobile is placed in charging mat then the mobile will get charged.

            Without any physical connection the mobile device will get charged and now it is Apple's turn to do some updation and now Apple's Wireless Charging is said to work like it will charge even when the device is placed so far from the charging mat.

             There are some rumors and Apple is yet to release it officially and iPhone 7 is said to have this feature integrated and for Apple to officially release it users have to wait for 2017 launch.

             There is also another news that Apple is running a Apple AC Wall Plug Adapter Exchange Program some model Adapter are said to be causing some shocking problem when damaged and they are changing them for free.

            Take a look at the full article here in this link.

P.S: The post is to create awareness and not to create any negative impact.