Apex Computer

Apex Computer Apex computer & Computer,Hardware,Software,AMC,Repairing& Natwork
Spl.in: Laptop & Printer Services,Cartege &Toner Refilling New Computer Sale & Purchase

(Apex Computer)Google Launches Backstory — A New Cyber Security Tool for BusinessesGoogle's one-year-old cybersecurity v...
06/03/2019

(Apex Computer)

Google Launches Backstory — A New Cyber Security Tool for Businesses
Google's one-year-old cybersecurity venture Chronicle today announced its first commercial product, called Backstory, a cloud-based enterprise-level threat analytics platform that has been designed to help companies quickly investigate incidents, pinpoint vulnerabilities and hunt for potential threats.

Network infrastructures at most enterprises regularly generate enormous amounts of network data and logs on a daily basis that can be helpful to figure out exactly what happened when a security incident occurs.

However, unfortunately, most companies either don’t collect the right telemetry or even when they do, it's practically impossible for them to retain that telemetry for more than a week or two, making analysts blind if any security incident happens before that.

Backstory solves this problem by allowing organizations to privately upload and store their petabytes of "internal security telemetry" on Google cloud platform and leverage machine learning and data analytics technologies to monitor and analyze it efficiently to detect and investigate any potential threat from a unified dashboard.
"Backstory normalizes, indexes, and correlates the data, against itself and against third party and curated threat signals, to provide instant analysis and context regarding risky activity," Alphabet subsidiary Chronicle said in a blog post.

"With Backstory, our analyst would know, in less than a second, every device in the company that communicated with any of these domains or IP addresses, ever."

Just like SIEM solutions, Backstory converts log data—such as DNS traffic, NetFlow, endpoint logs, proxy logs—into meaningful, quickly searchable and actionable information to help companies gain insights into digital threats and attacks on their networks, but at scale to offer a more complete picture of the threat landscape.

Backstory also compares data against "threat intelligence" signals collected from a variety of partners and other sources, including the Alphabet-owned VirusTotal, Avast, Proofpoint and Carbon Black.
"Backstory compares your network activity against a continuous stream of threat intelligence signals, curated from a variety of sources, to detect potential threats instantly," Chronicle said.

"It also continuously compares any new piece of information against your company's historical activity, to notify you of any historical access to known-bad web domains, malware-infected files, and other threats."

Since Chronicle wants customers to collect and upload as much data as possible, Backstory will not be priced based on the volume of customer's data, but rather Chronicle will sell licenses based on the size of the company.
"Building a system that can analyze large amounts of telemetry for you won't be useful if you are penalized for actually loading all of that information. Too often, vendors charge customers based on the amount of information they process," Chronicle explained.

"Since most organizations generate more data every year, their security bills keep rising, but they aren't more secure."

Microsoft has also recently announced similar security analytics services, called Threat Hunter and Azure Sentinel, which Microsoft is pitching as the "first native SIEM within a major cloud platform" to help companies detect, prevent, and respond to threats across their networks.

Splunk, a company that offers a similar product, saw its stock down 5% at the time of close on Monday following the announcement of the Backstory service.

(Apex Computer)Researchers Link 'Sharpshooter' Cyber Attacks to North Korean HackersSecurity researchers have finally, w...
05/03/2019

(Apex Computer)

Researchers Link 'Sharpshooter' Cyber Attacks to North Korean Hackers
Security researchers have finally, with "high confidence," linked a previously discovered global cyber espionage campaign targeting critical infrastructure around the world to a North Korean APT hacking group.

Thanks to the new evidence collected by researchers after analyzing a command-and-control (C2) server involved in the espionage campaign and seized by law enforcement.

Dubbed Operation Sharpshooter, the cyber espionage campaign targeting government, defense, nuclear, energy, and financial organizations around the world was initially uncovered in December 2018 by security researchers at McAfee.

At that time, even after finding numerous technical links to the North Korean Lazarus hacking group, researchers were not able to immediately attribute the campaign due to a potential for false flags.
Researchers Analysed Sharpshooter's Command Server

Now, according to a press release shared with The Hacker News, a recent analysis of the seized code and command-and-control (C2) server allowed researchers to understand the inner working of the global cyber espionage campaign, concluding that the North Korean state-sponsored hacking group is behind Operation Sharpshooter.

Lazarus Group, also known as Hidden Cobra and Guardians of Peace, is believed to be backed by the North Korean government and had reportedly been associated with the 2017 global WannaCry ransomware attack, the 2016 SWIFT Banking hack, as well as the 2014 Sony Pictures hack.

The analysis also revealed that the global espionage campaign began as early as September 2017, a year earlier than previously thought and is still ongoing.

While previous attacks were primarily targeting telecommunications, government and financial sectors in the United States, Switzerland, and Israel, and other English-speaking countries, newly-discovered evidence suggests that Sharpshooter has expanded its focus to critical infrastructure, with the most recent attacks targeting Germany, Turkey, the United Kingdom, and the United States.
Operation Sharpshooter: Global Cyber-Espionage Campaign

The global espionage campaign spreads by sending malicious documents containing a weaponized macro to targets via Dropbox. Once opened and downloaded, the macro leverages embedded shellcode to inject the Sharpshooter downloader into the memory of Microsoft Word.

For further exploitation, this in-memory implant then covertly downloads the second-stage Rising Sun malware, which uses source code from the Lazarus Group's backdoor Trojan Duuzer, malware first circulated in 2015 targeting organizations in South Korea.

The Rising Sun malware then performs reconnaissance on the victim’s network by gathering and encrypting data, including victim devices' computer name, IP address data, native system information and more.

"Access to the adversary’s command-and-control server code is a rare opportunity. These systems provide insights into the inner workings of cyber attack infrastructure, are typically seized by law enforcement, and only rarely made available to private sector researchers," said Christiaan Beek, McAfee senior principal engineer, and lead scientist.

"The insights gained through access to this code are indispensable in the effort to understand and combat today’s most prominent and sophisticated cyber attack campaigns."

Moreover, analysis of the C2 server and file logs also revealed an African connection, as the researchers uncovered a network block of IP addresses originating from a city located in the African nation of Namibia.
"This led McAfee Advanced Threat Research analysts to suspect that the actors behind Sharpshooter may have tested their implants and other techniques in this area of the world prior to launching their broader campaign of attacks," the researchers say.

The C2 infrastructure used by the attackers has a core backend written in Hypertext Preprocessor (PHP), and Active Server Pages (ASP), which "appears to be custom and unique to the group" and has been part of the Lazarus operations since 2017.

(Apex Computer)Google Discloses Unpatched 'High-Severity' Flaw in Apple macOS KernelCybersecurity researcher at Google's...
05/03/2019

(Apex Computer)

Google Discloses Unpatched 'High-Severity' Flaw in Apple macOS Kernel
Cybersecurity researcher at Google's Project Zero division has publicly disclosed details and proof-of-concept exploit of a high-severity security vulnerability in macOS operating system after Apple failed to release a patch within 90 days of being notified.

Discovered by Project Zero researcher Jann Horn and demonstrated by Ian Beer, the vulnerability resides in the way macOS XNU kernel allows an attacker to manipulate filesystem images without informing the operating system.

The flaw could eventually allow an attacker or a malicious program to bypass the copy-on-write (COW) functionality to cause unexpected changes in the memory shared between processes, leading to memory corruption attacks.

Copy-On-Write, also referred to as COW, is a resource-management optimization strategy used in computer programming.

In general, if any process (destination) requires a file or data that is already in the memory but created by another process (source), both processes can share the same resource rather than creating a new copy of it, significantly reducing the resource consumption of unmodified copies.

However, if the source process needs to make some changes in the data, the copy-on-write (COW) function comes into play and creates a copy of it in the memory so that the destination process can still have access to the data.

According to the Project Zero researcher, on Apple's macOS operating system, this copy-on-write behavior works not only with the anonymous memory, but also efficiently handles the page tables and memory mappings.
"This means that, after the destination process has started reading from the transferred memory area, memory pressure can cause the pages holding the transferred memory to be evicted from the page cache," reads the advisory detailing the vulnerability.

"Later, when the evicted pages are needed again, they can be reloaded from the backing filesystem."

Google researcher finds that when a mounted filesystem image is mutated directly (for example, by calling pwrite() on the filesystem image), this information is not propagated into the mounted filesystem.

Thus, malicious program or an attacker can simply make changes to evicted pages stored on the disk without informing the virtual management subsystem, tricking the destination processes into loading manipulated malicious content into the memory.
"It is important that the copied memory is protected against later modifications by the source process; otherwise, the source process might be able to exploit double-reads in the destination process," the resaercher says.

In addition to this vulnerability, the Project Zero researcher also found a similar copy-on-write behavior bypass (CVE-2019-6208) by abusing another function on macOS operating system.

The researcher notified Apple of both the vulnerabilities back in November 2018 and the company privately acknowledged the existence of the flaws. While Apple patched the latter flaw in January 2019 update, the former flaw remains unaddressed even after the 90-day deadline Project Zero provides the affected companies.

So, the researchers made the vulnerability public with a "high severity" label and also released the proof-of-concept code that demonstrates the bug, which remains unpatched at the time of writing.

Apple is currently working with the Project Zero team on a fix for the vulnerability, which is intended to be included in a future macOS release.

(Apex Computer)Hackers Favorite CoinHive Cryptocurrency Mining Service Shutting DownCoinhive, a notorious in-browser cry...
01/03/2019

(Apex Computer)

Hackers Favorite CoinHive Cryptocurrency Mining Service Shutting Down
Coinhive, a notorious in-browser cryptocurrency mining service popular among cybercriminals, has announced that it will discontinue its services on March 8, 2019.

Regular readers of The Hacker News already know how Coinhive's service helped cyber criminals earn hundreds of thousands of dollars by using computers of millions of people visiting hacked websites.

For a brief recap: In recent years, cybercriminals leveraged every possible web vulnerability [in Drupal, WordPress, and others] to hack thousands of websites and wireless routers, and then modified them to secretly inject Coinhive's JavaScript-based Monero (XMR) cryptocurrency mining script on web-pages to financially benefit themselves.

Millions of online users who visited those hacked websites immediately had their computers' processing power hijacked, also known as cryptojacking, to mine cryptocurrency without users' knowledge, potentially generating profits for cybercriminals in the background.

Now, while explaining the reason to shut down in a note published on its website yesterday, the Coinhive team said mining Monero via internet browsers is no longer "economically viable."

"The drop in hash rate (over 50%) after the last Monero hard fork hit us hard. So did the 'crash' of the cryptocurrency market with the value of XMR depreciating over 85% within a year," the service said.

"This and the announced hard fork and algorithm update of the Monero network on March 9 has lead us to the conclusion that we need to discontinue Coinhive."

So users who have an account on Coinhive website with above the minimum payout threshold balance can withdraw funds from their accounts before April 30, 2019.

Though Coinhive was launched as a legitimate service for website administrators to alternative generate more revenue from their websites, its extreme abuse in cyber criminals activities forced tech companies and security tools to label it as "malware" or "malicious tool."

To prevent cryptojacking by browser extensions that mine digital currencies without users' knowledge, last year Google also banned all cryptocurrency mining extensions from its Chrome Web Store.

A few months after that Apple also banned all cryptocurrency mining apps from its official app store.

(Apex Computer)New Attacks Against 4G, 5G Mobile At NDSS Symposium 2019, a group of university researchers yesterday rev...
28/02/2019

(Apex Computer)

New Attacks Against 4G, 5G Mobile At NDSS Symposium 2019, a group of university researchers yesterday revealed newly discovered cellular network vulnerabilities that impact both 4G and 5G LTE protocols.

According to a paper published by the researchers, "Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information," the new attacks could allow remote attackers to bypass security protections implemented in 4G and 5G, re-enabling IMSI catching devices like "Stingrays" to intercept users' phone calls and track their location.

Here below, we have described all the three attacks, how they work, what are their impacts, and why you should be concerned about these attacks.
ToRPEDO Attack — Location Verification, DoS, Inject Fake Alerts

Short for "TRacking via Paging mEssage DistributiOn," TorPEDO is the most concerning attack that leverages paging protocol, allowing remote attackers to verify a victim device’s location, inject fabricated paging messages, and mount denial-of-service (DoS) attacks.

When a device is not actively communicating with the cellular network, it enters an idle mode, sort of a low-energy mode that saves device battery power.

So, when you receive a phone call or an SMS message while your device is in the ideal mode, the cellular network first sends a paging message to notify the device of the incoming call or text.

It should be noted that paging messages also include a value called "Temporary Mobile Subscriber Identity" (TMSI) of the device that doesn't change frequently.

However, researchers find that if an attacker starts and then immediately cancels calls several times in a short period, the base station update TMSI value very frequently while sending the paging messages.

Therefore, an attacker sniffing the paging messages, through devices like Stingrays, can verify if a targeted cellular user is within a range of the interception or not.
"If the attacker is aware of the victim’s often-visited locations, then the attacker can set up sniffers on those locations to create the victim’s cell-level mobility profile," the researchers said.

The ToRPEDO attack impacts both 4G as well as the current version of 5G LTE protocol, and the researchers said they verified ToRPEDO against 3 Canadian service providers and all the US service providers.

Once with the knowledge of the victim’s paging occasion from ToRPEDO attack, the attackers can also hijack the paging channel, enabling them to send fabricated emergency messages, mount a denial-of-service attack by injecting fabricated, empty paging messages, and thus blocking the victim from receiving any pending services.
Piercer and IMSI-Cracking Attacks

In addition, the ToRPEDO attack also opens a door for two other new attacks—the PIERCER and IMSI-Cracking attacks, leading to the full recovery of the victim device's persistent identity (i.e., IMSI).

Exist due to a design flaw, PIERCER (Persistent Information ExposuRe by the CorE netwoRk) attack enables an attacker to associate the victim device's unique IMSI with its phone number.
"Some service providers use IMSIs instead of TMSIs in paging messages to identify devices with pending services," the researchers explained. "A simple manual testing revealed that it is possible to give the service provider the impression that the exceptional case is occurring which forces it to reveal the victim’s IMSI."
According to researchers, ToRPEDO attack also enables an attacker with the knowledge of the victim’s phone number to retrieve the victim’s IMSI, on both 4G and 5G, by launching a brute-force attack.

With IMSI number in hands, the attackers can launch previously discovered attacks, potentially allowing them to snoop on victim's calls and location info using IMSI catchers like Stingrays and DRTBox even if the victim owns a brand new 5G handset, which is why one should be more concerned about these attacks. Networks Re-Enable IMSI Catchers

(Apex Computer)New Flaws Re-Enable DMA Attacks On Wide Range of Modern ComputersSecurity researchers have discovered a n...
28/02/2019

(Apex Computer)

New Flaws Re-Enable DMA Attacks On Wide Range of Modern Computers
Security researchers have discovered a new class of security vulnerabilities that impacts all major operating systems, including Microsoft Windows, Apple macOS, Linux, and FreeBSD, allowing attackers to bypass protection mechanisms introduced to defend against DMA attacks.

Known for years, Direct memory access (DMA)-based attacks let an attacker compromise a targeted computer in a matter of seconds by plugging-in a malicious hot plug device—such as an external network card, mouse, keyboard, printer, storage, and graphics card—into Thunderbolt 3 port or the latest USB-C port.

The DMA-based attacks are possible because Thunderbolt port allows connected peripherals to bypass operating system security policies and directly read/write system memory that contains sensitive information including your passwords, banking logins, private files, and browser activity.

That means, simply plugging in an infected device, created using tools like Interception, can manipulate the contents of the memory and execute arbitrary code with much higher privileges than regular universal serial bus peripherals, allowing attackers to bypass the lock screen or control PCs remotely.

To block DMA-based attacks, most operating systems and devices leverage Input/Output Memory Management Unit (IOMMU) protection technique to control which peripheral device (usually legitimate) can access memory and which region of the memory.
ThunderClap Flaws Bypass IOMMU to Re-Enable DMA Attacks

Now, a team of cybersecurity researchers from the University of Cambridge, Rice University, and SRI International has unveiled a set of new vulnerabilities in various major operating systems that could allow attackers to bypass IOMMU protection.

By mimicking the functionality of a legitimate peripheral device, an attacker can trick targeted operating systems into granting it access to sensitive regions of memory.

In a paper [PDF] published earlier this week, researchers detailed technical information of all new vulnerabilities that they claimed to have discovered using a hardware/software stack, called Thunderclap, which they build and also released in the open-source.

"Our work leverages vulnerabilities in operating system IOMMU usage to compromise a target system via DMA, even in the presence of an IOMMU that is enabled and configured to defend against DMA attacks," the researchers said.

Besides this, the researchers also stressed that since IOMMU does not come enabled by default on most operating systems and since modern devices have USB-C, the attack surface of DMA attack has significantly increased which was earlier primarily limited to Apple devices with Thunderbolt 3 ports.

"The rise of hardware interconnects like Thunderbolt 3 over USB-C that combine power input, video output, and peripheral device DMA over the same port greatly increases the real-world applicability of Thunderclap vulnerabilities."

"In particular, all Apple laptops and desktops produced since 2011 are vulnerable, with the exception of the 12-inch MacBook. Many laptops, and some desktops, designed to run Windows or Linux produced since 2016 are also affected - check whether your laptop supports Thunderbolt."

How to Protect Against Thunderclap Vulnerabilities

Researchers have reported their findings to all major hardware and operating system vendors, and most of them have already shipped substantial mitigation to address the Thunderclap vulnerabilities.
"In macOS 10.12.4 and later, Apple addressed the specific network card vulnerability we used to achieve a root shell," researchers said. "Recently, Intel has contributed patches to version 5.0 of the Linux kernel."

"The FreeBSD Project indicated that malicious peripheral devices are not currently within their threat model for security response."

Though not all software patches can entirely block DMA attacks, users are still advised to install available security updates to reduce the attack surface. According to the researchers, the best way to fully protect yourself is to disable the Thunderbolt ports on your machine, if applicable.

Additionally, researchers also developed a proof-of-concept attacking hardware that can execute the ThunderClap vulnerabilities on targeted systems, but they chose not to release it in public at this time

(Apex Computer)Android Gets FIDO2 Certification—Now Supports Secure Passwordless LoginsGreat news.If you have already in...
28/02/2019

(Apex Computer)

Android Gets FIDO2 Certification—Now Supports Secure Passwordless Logins
Great news.

If you have already installed the latest update of Google Play Services released earlier today, and your Android device is running Android version 7.0 Nougat or above—Congratulations! Your device is now FIDO2 Certified.

Are you thinking… what the heck that actually means?

It means, instead of remembering complex passwords for your online accounts, you can now actually use your Android's built-in fingerprint sensor or FIDO security keys for secure password-less access to log into apps and websites that support the FIDO2 protocols, Google and the FIDO Alliance—a consortium that develops open source authentication standards—announced Monday.

FIDO2 (Fast Identity Online) protocol offers strong passwordless authentication based on standard public key cryptography using hardware FIDO authenticators like security keys, mobile phones, and other built-in devices.

FIDO2 protocol is a combination of W3C's WebAuthn API that allows developers to integrate FIDO authentication into web browsers, and FIDO's Client to Authenticator Protocol (CTAP) which allows users to login without a password.

FIDO2 certified devices work on Mac OS X, Windows, Linux, Chrome OS and supported by all major browsers including Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari (included as a preview).

Though Android already offered FIDO-based authentication for installed apps using external hardware authenticator like YubiKey or Titan Security Key, the new update now expands this functionality to online web services via mobile browsers.

"Web and app developers can now add FIDO strong authentication to their Android apps and websites through a simple API call, to bring passwordless, phishing-resistant security to a rapidly expanding base of end users who already have leading Android devices and/or will upgrade to new devices in the future," FIDO Alliance announced.

If your FIDO2 certified Android device does not have a fingerprint sensor, you can use other authentication methods, like a PIN or swipe pattern that you use to unlock your phone, to log into apps and online accounts.

Last year, Google also launched a FIDO-based Titan Security Key that verifies the integrity of security keys at the hardware level to provide the highest level of protection against phishing attacks.

(Apex Computer)Severe Flaws in SHAREit Android App Let Hackers Steal Your FilesSecurity researchers have discovered two ...
28/02/2019

(Apex Computer)

Severe Flaws in SHAREit Android App Let Hackers Steal Your Files
Security researchers have discovered two high-severity vulnerabilities in the SHAREit Android app that could allow attackers to bypass device authentication mechanism and steal files containing sensitive from a victim's device.

With over 1.5 billion users worldwide, SHAREit is a popular file sharing application for Android, iOS, Windows and Mac that has been designed to help people share video, music, files, and apps across various devices.

With more than 500 million users, the SHAREit Android app was found vulnerable to a file transfer application's authentication bypass flaw and an arbitrary file download vulnerability, according to a blog post RedForce researchers shared with The Hacker News.

The vulnerabilities were initially discovered over a year back in December 2017 and fixed in March 2018, but the researchers decided not to disclose their details until Monday "given the impact of the vulnerability, its big attack surface and ease of exploitation."
"We wanted to give as many people as we can the time to update and patch their devices before disclosing such critical vulnerability," said Abdulrahman Nour, a security engineer at RedForce.

How Does SHAREit Transfer Files?

SHAREit server hosts multiple services via different ports on a device, but the researchers analyzed two designated services including Command Channel (runs on Port 55283) and Download Channel (runs on Port 2999).

Command Channel is a regular TCP channel where app exchanges messages with other SHAREit instances running on other devices using raw socket connections, including device identification, handling file transmission requests, and checking connection health.

Download Channel is the SHAREit application's own HTTP server implementation which is mainly used by other clients to download shared files.

According to the researchers, when you use the SHAREit Android app to send a file to the other device, a regular file transfer session starts with a regular device identification, then the 'sender' sends a control message to the 'receiver,' indicating that you have a file to share.

Once the 'receiver' verifies that the file is not duplicate, it goes to Download Channel and fetches the sent file using information from the previous control message.
Hackers Can Access Your Files Using SHAREit Flaws

However, researchers discovered that when a user with no valid session tries to fetch a non-existing page, instead of a regular 404 page, the SHAREit app responds with a 200 status code empty page and adds the user into recognized devices, eventually authenticating an unauthorized user.

According to the researchers, a fully functional proof-of-concept exploit for this SHAREit flaw would be as simple as curl http://shareit_sender_ip:2999/DontExist, making it the weirdest and simplest authentication bypass ever.
Researchers also found that when a download request is initiated, SHAREit client sends a GET request to the sender's HTTP server, which looks like the following URL:
http://shareit_sender_ip:2999/download?metadatatype=photo&metadataid=1337&filetype=thumbnail&msgid=c60088c13d6

Since the SHAREit app fails to validate the 'msgid' parameter—a unique identifier generated for each request when the sender initiates a download—this enables a malicious client with a valid session to download any resource by directly referencing its identifier.

The flaws could be exploited by an attacker on a shared WiFi network, and unfortunately vulnerable SHAREit versions create an easily distinguished open Wi-Fi hotspot which one can use not only to intercept traffic (since it uses HTTP) between the two devices, but also to exploit the discovered vulnerabilities and have unrestricted access to vulnerable device storage.

Since exploitation simply involves sending a curl command referencing the path of the target file, one should know the exact location of the file one would like to retrieve.

To overcome this, researchers started looking for files with known paths that are already publicly available, including SHAREit History and SHAREit MediaStore Database, which may contain interesting information.
"There are other files that contain juicy information such as user's Facebook token, Amazon Web Service user's key, auto-fill data and cookies of websites visited using SHAREit webview and even the plaintext of user's original hotspot (the application stores it to reset the hotspot settings to original values) and much more," researchers said.

Using their proof-of-concept exploit dubbed DUMPit!, the researchers managed to download nearly 3000 unique files having around 2GBs in less than 8 minutes of file transfer session.

The team contacted the SHAREit Team multiple times over multiple platforms in early January 2018 but got no response until early February when the researchers warned the company to release the vulnerability details to the public after 30 days.

The SHAREit team silently patched the vulnerabilities in March 2018, without providing researchers with exact patched versions of the Android app, vulnerability CVE IDs or any comments for the public disclosure.
"Communication with SHAREit team was not a good experience at all; Not only they took too long to respond to our messages, they also were not cooperative in any means, and we did not feel that our work or efforts were appreciated at all," researchers said.

After giving enough time to users to update their SHAREit app, researchers have now released technical details of the vulnerabilities, along with the PoC exploit, DUMBit!, which can be downloaded from the GitHub website.

The vulnerabilities affect the SHAREit for Android application

Address

B-1358, Shastri Nagar
Delhi
110052

Opening Hours

Monday 9am - 10pm
Tuesday 9am - 10pm
Wednesday 9am - 10pm
Thursday 9am - 10pm
Friday 9am - 10pm
Saturday 9am - 10pm
Sunday 9am - 10pm

Telephone

+91 97165 01781

Website

Alerts

Be the first to know and let us send you an email when Apex Computer posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to Apex Computer:

Shortcuts

Share

Category