Q I. T solution

16/05/2017

How to protect yourself from WannaCry ransomware

The ransomware attack is holding computer systems hostage worldwide. Here's what you need to know to keep yourself as safe as possible.

These OSes are affected

The attack exploits a vulnerability in older Windows operating systems, namely:Windows 8Windows XP;Windows Server 2003
If you're using a more recent version of Windows -- and you've stayed up up-to-date on your system updates -- you should not be vulnerable to the current iteration of the WannaCry ransomware:
so do the following :
1.Update Windows immediately

If you're using one of the newer versions of Windows listed above (10/8.1/7, etc.) and you've kept your PC up-to-date with automatic updates, you should've received the fix back in March

2. Turn Windows Update on if it's disabled

3.Install a dedicated ransomware blocker
Cybereason Ransomfree is a free utility designed to block threats like WannaCry.
Don't assume that your current antivirus utility -- if you're using one at all -- offers protection against ransomware, especially if it's an outdated version. Many of the big suites didn't add ransomware blocking until recently.

4.Block port 445 for extra safety

MalwareTech, whose security analyst on Friday briefly slowed the worldwide attack of the WannaCry ransomware posted to Twitter that blocking TCP port 445 could help with the vulnerability if you haven't patched your OS yet.

5.Keep watching for mutations

Just because there's a patch doesn't mean you'll always be protected. New variations of the ransomware have popped up without the Achilles heel and bearing the name Uiwix, according to researchers at Heimdal Security.

13/04/2017

Brickerbot wants to break your devices
There's a new kind of computer malware on the block. It doesn't want to spy on you or hold your data for ransom. Instead, it wants to corrupt and destroy your computer hardware. And it's called Brickerbot.

What is Brickerbot?

Brickerbot is a type of malware — malicious software — that was discovered by a researcher at a cybersecurity company called Radware. Brickerbot is a particularly nasty piece of software because its goal is to render your devices unusable.

withings-baby-monitor306
Brickerbot wants to mess up your smart baby monitor. ((Ted Kritsonis))

For example, let's say you have a security camera that's hooked up directly to the internet. Brickerbot would try to remotely log in to your camera then try to break it. Pascal Geenens is the researcher who discovered this malware. He said this is what's called a "Permanent Denial of Service" attack.

He explained: "A permanent denial of service attack is typically where you will try to override software or try to destroy hardware in such a way that the device cannot be recovered without experts doing recovery on the device."

This malware tries to make your devices about as useful as a brick, hence the name Brickerbot. The attacks were first identified last month and are still going on.

Didn't this same thing happen last year?

We saw a very similar type of remote attack last year with the Mirai botnet. Mirai was used in several large-scale network attacks, including the attacks that took down Twitter, Reddit, Netflix, Airbnb and others.

Streaming Fight
The Mirai botnet made it impossible to Netflix and chill (Elise Amendola/Associated Press)

Like Brickerbot, Mirai works by scanning the internet, looking for vulnerable internet of things devices, like cameras, home routers and digital video recorders. When it finds one, it installs malware on the device and makes it part of a botnet, which is basically a large army of devices that can be used as weapons to take down websites. Instead of trying to recruit your devices into a bot army, Brickerbot tries to mess them up so they don't work anymore.

What type of devices are vulnerable to this type of attack?

Brickerbot seems to be going after a number of different internet of things devices that are directly connected to the internet, meaning they have IP addresses that are publicly available on the internet. They also seem to be targeting devices that run embedded versions of Linux, like routers, IP cameras and digital video recorders.

Part of the issue with some of these devices is that out of the box, they have a default password. And if nobody changes that password, it's easy for malware like Mirai or Brickerbot to get in and wreak havoc.

computer password
Changing factory-set passwords can help protect your smart devices from Brickerbot, but that can be tricky to do. (Shutterstock)

According to Geenens, for some internet of things devices, it can be very difficult to change the default password.

"Now the big problem that we have today if you are a consumer is, how do I know my device is secure? I go buy a smart fridge, how do I know it's secure?" he said. "There is no third party organization that gives out the label for security. So that means that we have to trust the vendors."

Geenens says he's seen plenty of internet of things devices that claim to be secure and aren't.

Why would someone design a bot to destroy devices like this?

We don't know who created Brickerbot, so it's difficult to understand their motivations. With Mirai last year, it makes more sense. If you can create a botnet out of hundreds of thousands or millions of internet of things devices, you can sell access to your botnet. There are financial incentives.

It's less obvious why someone would want to create software that renders the internet of things unusable. But there are a few theories. One is that Brickerbot was created by someone who's upset by the current state of security in the internet of things. The second is that it's someone who's angry at device manufacturers for not fixing security issues like easily guessable default passwords.

It's possible Brickerbot is designed to be a sort of vigilante, disabling internet of things devices before they can become part of a botnet.

Light switch
Brickerbot could make it lights out for your smart light switch. (Steve Marcus/Reuters)

What can individuals do to protect themselves from this type of attack?

The good news is many consumer devices on the internet of things are sitting behind a gateway — like router — so they're not directly addressable from the public internet.

Last fall, when the Mirai botnet was in the news, I talked to security expert Ken Munro.

Munro said if you're considering an internet of things device, like a smart thermostat or internet-connected baby monitor, you should go for a brand name that you recognize and trust since well-known companies are more likely to issue updates that fix security holes and patch vulnerabilities when they are found.

The other option, is simply to avoid so-called "smart home" devices, though that's becoming increasingly difficult. If you do have devices hooked up to the internet — like a router, camera, or DVR — I recommend looking up how to change the default password, because the security experts I've spoken to think we're only going to see more of this type of attack.

11/03/2017

Botnets: The Dangerous Side Effects Of The Internet Of Things

The Internet of Things (IoT) is the name given to describe the relatively new technology that connects everyday objects and devices to the web to provide additional data or functionality. But in the race to create that next “it” product that no one can live without (smart fry pans anyone?), manufacturers and users are creating dangerous side effects known as botnets.

The term botnet simply means a group of internet-connected devices controlled by a central system. But the term is most often used in conjunction with a particular type of malicious hacking, especially Distributed Denial of Service Attacks (DDoS attacks). In this case, a hacker uses a large botnet group of internet-connected devices to flood a website or network resource with fake requests so that legitimate users cannot access it.

By using a botnet with hundreds or even thousands of devices, all with their own unique IP addresses, the hacker makes it almost impossible to stop the attack or distinguish legitimate users from fake ones.

Now, botnets are not new. Since as early as 2000, hackers have been using botnets by gaining access to unsecured devices (usually computers then) in order to create these DDoS attacks. But the Internet of Things has made the problem much worse.

The market has been flooded with inexpensive devices — webcams, baby monitors, thermostats, and yes, even yoga mats and fry pans — that connect to the Internet, each of which has its own IP address. But these devices have little or no built-in security, and even when they do, users often neglect to even take the basic step of setting a password for them.

That makes them easy targets for hackers wanting to create and use a botnet.

Screed displaying activities of a 'botnet' attack (Photo BORIS ROESSLER/AFP/Getty Images)

In October of 2016, a botnet comprised of an estimated 100,000 unsecured IoT devices took an integral Internet infrastructure provider, Dyn, partially offline. As a result, many high-profile and high-traffic websites, including Netflix and Twitter, disappeared from the Internet for a short time.

10/03/2017

Thousands of documents said to detail the CIA's hacking tools were published by Wikileaks on Tuesday, and many were given peculiar names by their makers. Here are five of the stranges
1. Weeping Angel
that appears to get a Samsung Smart TV to record conversations.
It's named after a character in the sci-fi TV series Doctor Who, which appears as still as a statue.
The name could have been chosen "because you think it is not alive but it is, you think it isn't doing anything but it is" says Alan Woodward, a security researcher who advises Europol and previously advised UK spy agency GCHQ.
The leaks suggest the TV appears to turn itself off and, likewise, the weeping angel can appear to be frozen and come to life when you are not looking.
While the UK's MI5 agency is said to have helped build this spyware, it's possible CIA hackers from the US are also Doctor Who fans.
Another hacking tool, which attempts to listen to calls on systems such as Skype, is named after the Sontarans.
2. Ricky Bobby
The tool Ricky Bobby can control a computer remotely without detection using commands in Microsoft Windows, according to the leak.
But it is named after a far more conspicuous character.
Racing car driver Ricky Bobby was played by Will Ferrell in the 2006 film Talladega Nights: The Ballad of Ricky Bobby.
1. Starving Weasel
One of the leaks suggests hackers love naming their spy tools so much that they come up with names before they've made the tool.
Starving Weasel is from a long list of names for future tools chosen "because they are awesome".
"These are mostly oblique references to things I like, TV tropes names that amuse me and situations or phrases at work encoded in toolname-esque obscurity," says the person whose name has been replaced with User #77010.
Oblique is an understatement.
Starving Weasel is a reference to a lyric from mid-way through an 11-minute song by Weird Al Yankovic
2. Maddening Whispers
This is where the CIA hackers may reveal themselves in their geekiest form, because Maddening Whispers is a reference to the online role-playing game World of Warcraft.
"It's almost too stereotypical - it's really painting a picture of a hacker who likes pizza, beer, science fiction and online gaming," says Mr Woodward.
The game sees players exploring a vast landscape full of monsters, completing quests and interacting with other gamers.
Maddening Whispers is a spell in the game, which, when you deploy it, slowly weakens your opponent.
As for the tool, it tries to get remote access to a device named Vanguard.
Mr Woodward is unsure what this refers to but suggests it could be Vanguard alarm systems.
Niche on both counts.
3. Snowy OwlCONSERVANCY TRUST
Some hacking tools are named after slightly more obvious signs of aggression: birds of prey.
Bald eagle, harpy eagle and sparrowhawk all feature.
A bird of prey can swoop on its victim almost silently.
Similarly, the sparrowhawk tool can detect the letters you are hitting on a keyboard without you having any idea you are being watched.
Then there is the less threatening snowy owl, which is described in the leaks as a tool designed to remotely operate a Mac computer.
There is a possibility it was not named after the bird at all but instead was inspired by the Brownies.
In a Brownie troop the Snowy Owl is an adult who helps the leader of the troop, the Brown Owl.
"Maybe we have our first indication that there is a woman involved," speculates Mr Woodward.

SOURCE BBC

05/01/2017

special security tip for everyone using facebook Messenger app.
Messenger uses secure communications channels (just like banking and commerce websites), as well as Facebook’s powerful tools to help block spam and malware. But did you know there are additional security features within Messenger to protect your conversations about sensitive topics— such as when you're discussing personal information like an illness or a health issue with trusted friends and family?
For those times, you can create one-to-one secret conversations in Messenger that will be end-to-end encrypted and which can only be read on one device of the person you’re communicating with. That means the messages are intended just for you and the other person — not anyone else, including Facebook. You can also set a timer to have your messages automatically disappear from the conversation for extra privacy.
Learn how to use this feature by searching “secret conversations” in the Facebook Help Center on your Android or iOS device

26/12/2016

any people use torrent websites to
download pirated and non-pirated
content. It isn’t an unknown fact
that it’s not much difficult to track
anyone’s activities on the torrent
network. And, to your ultimate happiness , this
website called ‘ I Know What You Download‘
actually tracks and saves the torrents people
download in their everyday lives.
If you deleted the download history from you the
torrent client, you could cross-check the names
on ‘I Know What You Download.’ All you need to
do is enter your IP address on the website and
click Find IP.
In a matter of a few seconds, all of the
downloads and the torrents you have distributed
from your IP address will be displayed on your
screen. Along with the date and time of the
download, the list also includes the title and size
of the torrent.
Track Your Friends and
Family
The treat doesn’t end here. The torrent tracking
website also allows you to view the torrent
download history of other people (IP addresses)
Nx spy on them. On the website, click Track
Downloads button at the top and follow the
procedure.
It may not be a one-stop
solution
Now, before you start thinking that all your
torrent history is publically available, you will be
relieved to know that the website doesn’t have
any powerful AI working backstage. The catch in
the story is that the website tracks torrent
downloads for an IP address, it’s hard to know
the device type.
If you’re on a connection with a dynamic IP, it’s
hardly possible that all your torrent downloads
will be displayed for one IP address. This is
because a new IP will be assigned every time
you connect to the internet. It is mostly the case
with cellular networks.
Check out your torrents on I Know What You
Download.

02/12/2016

TOO LAZY TO MAKE YOU BED???????? THERE IS AN APP FOR U
A bed that can make itself after being slept in has been developed in Montreal, Canada.
The so-called smart duvet is a grid of inflatable tubes that can be concealed inside a regular bedspread.
The inventor is crowdfunding her device, which she says can help people with limited mobility.
http://www.bbc.com/news/technology-38183529

A bed that can make itself after being slept in is developed in Montreal, Canada.

28/11/2016

black nurse attack
BlackNurse is the name of a recently discovered network attack that can crash firewalls and routers via ICMP packets, known by most of us as "pings."
The attack came to light after TDC, a company that supplies IT and telecommunications solutions for companies in Denmark, discovered several low-volume DDoS attacks leveraging ICMP traffic against some of its clients.
BlackNurse used in live attacks against Danish companies
TDC engineers, who analyzed the DDoS traffic, said the volume was very small, ranging from 15 to 18 Mbps, which is laughable compared to the 1.1 Tbps DDoS attack recorded against French ISP OVH.
As TDC explained, this was not the problem. The main issue was a steady stream of 40 to 50k ICMP packets that reached the victim's network equipment and kept crashing the device.
In the 90s, when most people connected to the Internet employed dial-up connections, a malicious actor could flood a target with pings and shut down his home connection. This was a network flood, and relied on ICMP packets Type 8 Code 0, aka regular ping traffic.

The BlackNurse attack causes a Denial of Service (DoS) state on the vulnerable equipment itself by overloading the CPU with operations, and works regardless of the user's connection, who can very well be broadband-level quality.
On the attacker's side, BlackNurse leverages ICMP packets Type 3 Code 3, packets normally returned to ping sources to reply when the target's destination port is unreachable.
Some firewalls are vulnerable to BlackNurse floods
The TDC SOC (Security Operations Center) said that tests identified Cisco ASA firewalls (5515 and 5525 with default settings) as one of the vulnerable products. TDC contacted Cisco, who declined to classify the BlackNurse attack as a security issue.
NETRESEC AB, a Swedish independent software vendor (ISV) for networking equipment, claimed in a Reddit post that SonicWall firewalls are also vulnerable, along with some Palo Alto Network devices.
Frank Denis, a data analysis and security engineer for OVH, has published proof-of-concept code on GitHub that can help network admins test their equipment against BlackNurse attacks.
A technical report and a special website are available for network administrators seeking more information on the BlackNurse attack, or have found new vulnerable devices and want to share their findings with the world.
The good news is that following a BlackNurse attack, once the flood of ICMP packets ends, the device returns to its normal mode of operation, and customer traffic is resumed soon after.

04/11/2016

Huawei has launched new large-screened smartphones in the wake of Samsung's Galaxy Note 7 disaster.
The Mate 9 handsets are among the first to be powered by Android 7 and come in two designs: a model with a 1080p "full HD" display, and a Porsche-branded edition with nearly twice the resolution.
The Chinese company says it has also tackled smartphones' tendency to slow down over time.
But one expert said Western consumers were still uncertain about its brand.
"Huawei has never been a company to miss an opportunity, and it seems as though it has moved mountains to get the Mate 9 to market as quickly as possible," said Ben Wood, from the CCS Insight consultancy.
"But the phone is not a like-for-like comparison with the Note 7 - for one, it doesn't have a stylus.
Image caption
This is the second time Huawei has used Leica-branded camera equipment in its phones
"But Blackberry also partnered with Porsche in the past, and although that generated interest and created a halo-effect for other products, they didn't sell massive volumes."
Explosive fault

Samsung has said its Note 7 recall will cost it at least £4.4bn ($5.4bn)

http://www.bbc.com/news/technology-37859403

04/11/2016

Huawei has launched new large-screened smartphones in the wake of Samsung's Galaxy Note 7 disaster.
The Mate 9 handsets are among the first to be powered by Android 7 and come in two designs: a model with a 1080p "full HD" display, and a Porsche-branded edition with nearly twice the resolution.
The Chinese company says it has also tackled smartphones' tendency to slow down over time.
But one expert said Western consumers were still uncertain about its brand.
"Huawei has never been a company to miss an opportunity, and it seems as though it has moved mountains to get the Mate 9 to market as quickly as possible," said Ben Wood, from the CCS Insight consultancy.
"But the phone is not a like-for-like comparison with the Note 7 - for one, it doesn't have a stylus.
Image caption
This is the second time Huawei has used Leica-branded camera equipment in its phones
"Huawei's brand also doesn't have the status of Samsung as yet.
"That's why it seems to be blending its brand with others.
"So, for the camera, it has partnered with Leica, and for the limited edition model, it has worked with Porsche.
"But Blackberry also partnered with Porsche in the past, and although that generated interest and created a halo-effect for other products, they didn't sell massive volumes."
Explosive fault
Samsung scrapped its Note 7 phablets last month after dozens of the devices caught fire.
The South Korean company initially thought a battery fault was to blame, and switched its own component for a third-party power cell.
But the problems continued, and after failing to identify the cause, Samsung halted production and said it was scrapping the 4.3 million handsets it had already manufactured.
Image caption
Samsung has said its Note 7 recall will cost it at least £4.4bn ($5.4bn)
Like the Note 7, Huawei's new phones also feature a "supercharging" battery technology that promises to deliver a day's worth of power within 30 minutes and a full two-day charge in 90 minutes.
The company's senior product manager, Michael Seitz, told the BBC that the system had been through a nine-month development and testing process and had been checked by an independent research lab.
"It keeps really cool in your hand even while recharging," he said.
Image caption
Huawei says its "supercharging" battery technology has gone through rigorous tests
Several analysts have suggested Huawei is best placed to benefit from Samsung's setback.
Apple underestimated demand for its largest model, the iPhone 7 Plus, leading to a backlog in orders.
And Google has acknowledged having a similar problem with its Pixel XL phone.
It has also locked itself into exclusive deals with single operators in the US, UK and Australia - struck before the Note 7 fiasco - which will limit sales.

31/10/2016

looking for affordable IT solution

To provide the community with quality Information Technology business information solutions, reliab

07/10/2016

“The Seven Social Sins are:

Wealth without work.
Pleasure without conscience.
Knowledge without character.
Commerce without morality.
Science without humanity.
Worship without sacrifice.
Politics without principle.

From a sermon given by Frederick Lewis Donaldson in Westminster Abbey, London, on March 20, 1925.”
― Frederick Lewis Donaldson