Facebook working with Kaspersky to improve the online security of its users

Facebook working with Kaspersky to improve the online security of its users

Facebook working with Kaspersky, F-Secure, ESET and Trend Micro to detect and clean the malware from its user’s machine.

Facebook announced today that its working with Kaspersky and other security firms like ESET, F-Secure and Trend Micro to detect and remove malware from Facebook users’ computers.

Trevor Pottinger, a Facebook security engineer said:
Thanks to the collaboration with these companies, in the past three months we have helped clean up more than two million people’s computers that we detected were infected with malware when they connected to Facebook.

In these cases, we present a cleanup tool that runs in the background while you continue using Facebook, and you get a notification when the scan is done to show you what it found.

The program uses a combination of signals to help find infections and get the malware off of your computer for good, even if the malware isn’t actively spreading spam or harmful links.

Kaspersky Lab’s Kate Kochetkova said in a separate blog post:
Facebook is a major aim for phishers: one in five phishing scams targets Facebook notifications. So be vigilant when you receive emails appearing to be from Facebook: as they can be fake. There are lots of Trojans targeting Facebook users as well.

Fraudster may also use Facebook to like weird things and promote questionable goods and services on your behalf.

Google Admin Console has a Security Flaw

Google Admin Console has a Security Flaw

Summary: Google Admin Console has a Security Flaw which can be used by attackers to claim domains and send out spoof emails.

As reported by Security Week, Patrik Fehrenbach and Behrouz Sadeghipour found a security flaw in Google Admin Console to gain temporary ownership of any domain. Google Admin Console is actually a web platform from where administrators manage their organization’s Google Apps account.

Researchers conducted some tests by claiming ytimg.com, which is used to host Youtube images and scripts, and gstatic.com, which is used by Google for loading content from its content delivery network (CDN). These two domain are owned by Google itself.

The researchers then used these domains to create users – admin@ytimg.com & admin@gstatic.com to send out mails.

The researchers explained in the blog post:

Last month, we were able to report a vulnerability to Google where we were able to email from any domain that has not been claimed by its owner previously. For example, using google itself as a victim, we were able to claim domains such as ytimg.com and gstatic.com.

So not only we are claiming other domains, we were successfully able to trick the Google Mail Server into accepting a wrong FROM parameter. Google patched this vulnerability by simply with applying a FROM no-reply@google.com

Google has addressed this vulnerability and the researchers have been awarded $500 for their efforts. Earlier too, other researchers identified even more serious vulnerabilities in the Google Apps Admin console. A researcher was reportedly awarded $5000 from Google after discovering Critical Cross-Site Scripting (XSS) vulnerability in the Admin Console in January.

Both Google & Apple are expected to release fixes for the FREAK Security Vulnerability, a legacy Secure Sockets Layer (SSL) and Transport Layer Security (TLS) security flaw which allows hackers to launch SSL Man-in-the-Middle (MITM) attacks.

Free tools to recover Windows Password

Free tools to recover Windows Password

Ever happened that you forgot your Windows Login Password? Or, for some reason, Windows not allowing you to login to your system? There may be many more reasons to login to a system but you you don’t know the passsword?

How to crack Windows Login Passwords? Below, I have mentioned some free tools to recover Windows Password? These tools work with Microsoft Windows 8, Microsoft Windows 7, Microsoft Windows Vista & Microsoft Windows XP.

  1. Ophcrack
    The Ophcrack is a free tool to crack or recover Windows Password. It comes with GUI support and is very easy to use. You just have to download the Ophcrack ISO Image, burn it to CD/DVD or Flash Drive and boot your computer from it.

    The Ophcrack program starts, detects the Windows Installation, locates the Windows User Accounts and recover the Windows Password.

    It works fine with Windows 8, Windows 7, Windows Vista and Windows XP.

  2. Offline NT Password & Registry Editor
    Offline NT Password & Registry Editor is a utility to reset the password of any user that has a valid local account on your Windows system. Supports all Windows from NT3.5 to Win8.1, also 64 bit and also the Server versions (like 2003, 2008, 2012).

    How to use?

    1. First download the ISO Image and burn it to CD/DVD or a flash drive.
    2. Get the machine to boot from the CD or USB drive.
    3. Load drivers (usually automatic, but possible to run manual select)
    4. Disk select, tell which disk contains the Windows system. Optionally you will have to load drivers.
    5. PATH select, where on the disk is the system? (now usually automatic)
    6. File select, which parts of registry to load, based on what you want to do.
    7. Password reset or other registry edit.
    8. Write back to disk (you will be asked)
  3. Trinity Rescue Kit
    Trinity Rescue Kit, as the name suggests is a collection of many small & useful utilities which a System Administrator can use for diagnosis and troubleshooting purposes. Password Recovery is one of the many features it offers.
    Using Trinity Rescue Kit, you can clear the password entirely making it blank or you can set a new custom password. Although it does not provide a Graphical User Interface but its very easy to use if you follow the instructions properly.
    Just download the Trinity Rescue Kit ISO file and burn it to a CD/DVD or a flash drive and boot your computer from it. Trinity Rescue works with Windows XP, Windows Vista, Windows 7 and Windows 8.

Lenovo installing Adware – Superfish – on new Computers and Laptops

Lenovo installing Adware – Superfish – on new Computers and Laptops

Lenovo installing adware

Lenovo has been installing an adware named Superfish onto new computers. The adware gets installed automatically when the computer is started for the first time. The adware injects third-party ads on Google searches and websites without the user’s permission.
(more…)

IPv6 Information and Security Issues

IPv6 Information and Security Issues

IPv6 Information and Security Issues

Abstract
Internet Protocol IP version 6 (IPv6) was developed to address the growing depletion of IP version 4 addresses (IPv4). IPv6 also provides richer feature set and better security than IPv4. However, the adoption of the new protocol in organizations has been slowed down by inherent security issues. The transition from IPv4 to IPv6 is faced with many security challenges as well. These issues threaten the mainstream adoption of the protocol. The paper seeks to explore the security issues of IPv6 and the research community’s response to those challenges.

Introduction
The rapid adoption of the Internet in the global economy has resulted in a rapid exhaustion of IP addresses. Also contribution to this exhaustion of the IP addresses is the range of devices that are now using the Transmission Control Protocol/Internet Protocol (TCP/IP) suite for communication. These devices include cell phones, home appliances, wireless gadgets, vehicles, and gaming devices. There is many developing countries and China who report that lack of adequate IP addresses is hampering their development. Other concerns with IPv4 are that its configuration nature is leading to problem where router table entries were getting too large, and that the protocol has limited security. In response to the growing need for more IP addresses the Internet Engineering Task Force (IETF) established IP version 6 (IPv6) to provide a bigger address space.

(more…)

Microsoft will collect data using keylogger from Windows 10 Preview Users

Microsoft will collect data using keylogger from Windows 10 Preview Users

Microsoft will collect data using keylogger from Windows 10 Preview Users.

Microsoft announced its next release, Windows 10 which was previously codenamed Threshold on 30th September 2014. Windows 10 Technical Preview can be downloaded and used for free.

But, the download page clearly states that – “Microsoft will collect data about your installation and use of Windows Technical Preview to help us improve our products and services under About your Privacy section.

Microsoft’s Privacy Statement states –

(more…)

New Banking Malware EMOTET steals data using network sniffers

New Banking Malware EMOTET steals data using network sniffers

Trend Micro finds new banking malware, named EMOTET. Its steals sensitive data using network sniffers. The malware intercepts and logs outgoing traffic to check for sensitive data from the infected machine.

Most effected users are from Europe, Middle East and Africa region but there are victims from Asia-Pacific region and North America region as well.

The malware uses network sniffing technique to collect data from the infected machine and this makes the detection of the malware more difficult. Cybercriminals are spreading the malware through spam emails apparently related to money transfers or shipping invoices. In both cases, users are enticed to click on a link, which will download the malware to the infected machine.

(more…)