Categories
Uncategorized

What is that popup on Windows 10 that disappears after a split second? – gHacks Tech News

It got me paranoid when I notice the blink-and-you-miss opening and closing of a popup ever so often when using Windows 10. After turning on process audit I finally managed to track it down to officebackgroundtaskhandler.exe. Turns out it is due to Ms Office doing some who-knows-what background handling. Follow the article below to disable the annoying popup.

If you run Microsoft Windows 10, you may have noticed a popup window being launched on the screen once a day, or even regularly.

Source: What is that popup on Windows 10 that disappears after a split second? – gHacks Tech News

Categories
security

The Judy Malware: Possibly the largest malware campaign found on Google Play | Check Point Blog

Yet another wide-spread Android malware.

Check Point researchers discovered another widespread malware campaign on Google Play, Google’s official app store. The malware, dubbed “Judy”, is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it. …

Source: The Judy Malware: Possibly the largest malware campaign found on Google Play | Check Point Blog

Categories
diy security

Using RTL-SDR to Open Car Doors

DIY hardware and software now makes it possible to capture and replay car fob wireless signals. Obviously this can be used for very bad things..

yes, I tested this on two cars and a truck and successfully implemented the attack and door locks opened. Scary to think that anyone can spend less than a few dollars and be-able to grab my laptop if left in the open.

Source: Using RTL-SDR to Open Car Doors

Categories
privacy security

How to Accidentally Stop a Global Cyber Attacks | MalwareTech

Someone accidentally stopped the ongoing WannaCry attacks by registering a domain.

In certain sandbox environments traffic is intercepted by replying to all URL lookups with an IP address belonging to the sandbox rather than the real IP address the URL points to, a side effect of this is if an unregistered domain is queried it will respond as it it were registered (which should never happen).

Source: How to Accidentally Stop a Global Cyber Attacks | MalwareTech

Categories
security

Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool

The collateral damage from leaked NSA hacking tools is just beginning to be felt.

Computer users in as many as 74 countries were reported to be disrupted by the ransomware attack, mostly affecting Britain and Russia.

Source: Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool

Categories
IoT security

This Hacker Is My New Hero

Internet vigilante to the rescue? Someone – or some group of people – decided the best way to save the Internet from the scourge of insecure IoT devices is to disable them permanently. I like how he/she/they describes his/her/their project.

I consider my project a form of “Internet Chemotherapy” I sometimes jokingly think of myself as The Doctor. Chemotherapy is a harsh treatment that nobody in their right mind would administer to a healthy patient, but the Internet was becoming seriously ill in Q3 and Q4/2016 and the moderate remedies were ineffective. The side effects of the treatment were harmful but the alternative (DDoS botnet sizes numbering in the millions) would have been worse. I can only hope hope that when the IoT relapse comes we’ll have better ways to deal with it. Besides getting the number of IoT DDoS bots to a manageable level my other key goal has been to raise awareness. The IoT problem is much worse than most people think, and I have some alarming stories to tell.

Source: This Hacker Is My New Hero

Categories
diy

My Hackintosh Hardware Spec

Can’t wait for the new Mac Pro? That’s why the Hackintosh community exists to make a PC run macOS like a native Mac.

Some of you have asked about my exact Hackintosh spec, so here it is. I …

Source: My Hackintosh Hardware Spec

Categories
privacy security

That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say – Cyberscoop

NSA develops cyberweapons. Cyberweapons gets leaked. Everyone who’s unprotected gets compromised.

Thousands of Microsoft Windows machines worldwide are infected with an NSA-developed backdoor that hackers installed by reusing leaked executable code from an outdated hacking toolkit belonging to the spy agency, multiple security researchers tell CyberScoop. The mysterious Shadow Brokers group published a package of internal NSA documents last week, containing among other things the computer code for a series of exploits, implants and other hacking tools. In the days since the leak first became public, hackers have mulled over the trove and begun reverse-engineering and recycling some of the capabilities, CyberScoop previously reported. One of these hacking tools, a backdoor implant codenamed DOUBLEPULSAR — which is used to run malicious code on an already compromised box — has already been installed on 30,000 to 50,000 hosts, according to Phobos Group founder Dan Tentler. Other researchers have also engineered different detection scripts to quickly scan the internet for infected computers. John Matherly, […]

Source: That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say – Cyberscoop

Categories
security

Information Security Certifications are Worthless and Causing More Harm than Good

Agree to some extent. In some places getting a certificate is just a means to get through the door. But yes it has very little to do with actual skills.

Here’s an excerpt from a 2016 Ars Technica article: Recruiter Thomas Ptacek, whose Chicago-based agency Starfighter specializes in recruiting security folk, describes the CISSP as “a joke,” and claims that in his experience a job description requiring a CISSP was a warning flag to industry elite not to apply. “I don’t think there are that many high-level practitioners outside of management who put much stock in the CISSP,” he says. Dan Tentler, founder of the attack simulation consultancy Phobos Group, compares hiring infosec workers based on passing an exam to hiring other professionals on the same basis: “Would you feel comfortable letting a doctor be your primary care physician if all it took was to pass a written multiple choice exam?” He believes that “ISC2 is making money hand over fist,” and that the organization is “diluting the market with

Source: Information Security Certifications are Worthless and Causing More Harm than Good

Categories
IoT

Cowlar

Internet-connected cows. Lovely.

Reduce labor, make good decisions & relax while we watch over your cows!

Source: Cowlar