Welcome, Guest |
You have to register before you can post on our site.
|
|
|
Welcome Guest!
|
Welcome to the Promo2day Community, where we feature software giveaways, computer discussion, along with a fun, safe atmosphere! If your reading this it means you are not yet registered.
You will need to Register before you can make posts, chat or enter the forum giveaways.
Be sure to also visit the Help/FAQ page.
|
Kaspersky Anti-Virus Not Working on Windows 10 Redstone Build 14271 |
Posted by: tarekma7 - 02-25-2016 , 02:45 AM - Forum: Security News
- No Replies
|
|
“We’re working with Kaspersky on a fix,” Microsoft says
Microsoft has just released a new preview build of Windows 10 Redstone and while the majority of fast ring insiders will rush to install it, there’s one very important thing to have in mind when doing so.
Kaspersky’s security software isn’t working on this particular build because of a bug and Gabe Aul, head of the Windows Insider program, confirmed this today, adding that there’s absolutely no workaround available at this moment.
“If you have Kaspersky Anti-Virus, Internet Security, or the Kaspersky Total Security Suite installed on your PC there is a known driver bug that prevents these programs from working as expected in builds from the Development Branch,” Aul explained, emphasizing that this is the kind of bug that has to be expected in an early build that’s only available to insiders opting for the fastest release.
Just switch to Windows Defender
Furthermore, Aul revealed that the Windows development team is already working with Kaspersky engineers on a fix, but for the moment, turning to a different security product is the safest way to go.
“We are partnering with Kaspersky to fix this issue for a future release, but at this time there are no known workarounds. While this issue is present, we recommend using Windows Defender or another third party anti-virus product of your choice to remain protected,” Aul said.
Windows 10 Redstone build 14271 is part of the development branch, so it’s only released to users who want to try out the latest builds compiled by Microsoft. Versions that are included in this branch are usually very buggy and this is one of the reasons why Redmond recommends users to switch to the slow ring if they don’t want to mess with critical issues that could significantly impact performance, reliability, or security.
And certainly, this bug is living proof that builds that are part of the insider program are not intended to be used on main PCs, a thing that lots of users out there are already doing.
Source
|
|
|
343 Android Apps Infected with Clickjacking Malware Found on Google Play Store |
Posted by: tarekma7 - 02-25-2016 , 02:42 AM - Forum: Security News
- No Replies
|
|
Porn Clicker Trojan strikes again, this time worse than ever
Yet again ESET researchers have found clickjacking malware in Android applications that managed to squeeze by Google's highly lauded app screening process and made their way on the official Play Store.
This particular issue is nothing new, neither to ESET or Google. Something similarly has happened three different times last year, first in April, then May, and then again in July.
Porn Clicker Trojan at the core of the issue
At the core of the issue is a malware family which the developers have named Porn Clicker Trojan. The reason behind this name is because of its behavior.
The trojan works by opening an invisible browser window and clicking on ads on pornographic websites. It does this every minute or so.
Because it does not steal any user data, log user behavior, or sends credentials to remote servers, many security firms have deemed this malware to be inoffensive since it's focused mainly on monetary gains for its operator without causing damage to the user.
Of course, there can be some cases where a user that leaves his mobile carrier Internet connection on, could see a higher bill the following month as the trojan loads and reloads smut websites in the background.
Ten new Porn Clicker-infected apps added to Play Store each week
The Porn Clicker Trojan is usually distributed as apps cloned after popular apps or free versions of commercial Android games. These apps are distributed via third-party app stores, but also via Google's Play Store.
During its most recent wave of infections, ESET's Lukas Stefanko says that the trojan's mode of operation has changed only slightly.
The trojan's new feature is a scanning function that searches the user's device for security and antivirus products. If it finds such tools, the trojan will not execute. This may also explain how the trojan passed Google's app review process.
"On average, ten new porn clickers a week bypassed Google’s security checks during this campaign," the ESET team notes. "To get a sense of the scale, porn clickers on Google Play have on average, been downloaded 3600 times each."
ESET has published the list of apps it recently detected as infected with the Porn Clicker Trojan.
Source
|
|
|
CCleaner Cloud: Even Better Than Before |
Posted by: tarekma7 - 02-25-2016 , 02:36 AM - Forum: Software Discussion
- Replies (1)
|
|
All the power of CCleaner, now available from your browser!
CCleaner Cloud is the new cloud version of the legendary application. And like the original, has all the features any regular user of CCleaner will instantly recognize, but also a number of new ones that serve only to enhance what was already a smashing little program.
Different
Perhaps the biggest difference between CCleaner, and CCleaner Cloud is the fact that the control center now runs via your internet browser. What this means, is that all of a sudden taking care of multiple computers with CCleaner need no longer be the time consuming task it used to be, especially for businesses and overworked IT departments.
Instantly familiar
The CCleaner bit of CCleaner Cloud is pretty much the same as the standard desktop version, and works in the same fashion as well, allowing you clean the registry, uninstall programs, and get rid of all the junk that Windows likes to accumulate over time.
CCleaner Cloud also allows you to monitor and manage the optimization of lots of machines. Being able to remotely install apps, clean junk files and defragment several PCs all at once from the same interface. The web interface is also highly intuitive.
Easy setup
Installing and using CCleaner Cloud is straightforward and doesn’t take much time, but you do need to create an account via the website, install the 6MB agent, and confirm the email address you gave.
I found adding the Windows computers on my network to CCleaner remotely, an easy and simple task. One of the really nice features of CCleaner Cloud is the fact that not only is the default CCleaner utility available, but there’s also ready access to Degraggler, and Speccy; two of Piriform’s other workhorse programs. Remote defragging operations worked seamlessly, including removable devices, which while maybe obvious, is still a nice touch.
CCleaner Cloud also keeps track of all the events and actions that have been performs and sends email notifications, so you have a handy history of everything you’ve done. This sounds like a simple feature, but can be incredibly powerful! For example, you can be alerted when a drive is running out space, when certain errors occur, and so on.
Compatibility
The cloud version of CCleaner also works, and can be deployed to all Windows versions back to XP SP2, though I was unable to confirm this because my old XP machine may finally just have gone to Silicon heaven. Piriform do claim to only offer limited support for Windows 10 at present, but it seemed to work flawlessly on my 2 Windows 10 laptops. The only other requirements needed are at least 512MB of RAM and a fairly recent browser.
There are three editions available, and the Free version allows you to look after 3 machines remotely. You can also gain full access to the other editions via a free 14-day trial.
Final Words:
CCleaner Cloud is a very handy and useful tool to have on your machines. Making the jump to the cloud has only served to put Piriform ahead of its rivals, once again.
You can sign up for CCleaner Cloud here.
Source
|
|
|
Chinese App Creates Another App Store Inside Apple's iOS App Store |
Posted by: tarekma7 - 02-24-2016 , 12:20 PM - Forum: Phones & Tablets News
- No Replies
|
|
Chinese devs hide app store inside an educational iOS app
The Chinese developers of an app called 开心日常英语 (Happy Daily English) have found a way to go around Apple's review process and embed a fully functional iOS app store inside their application and had it hosted on the official iOS App Store itself.
The developers of this app, a Chinese company named XY Helper, have done this by creating a fully working iOS app that exhibits two different behaviors based on the user's geographical location.
For non-Chinese users, the app would be a simple educational app that taught Chinese users English, but for Chinese users, the app would transform itself into an app store that allowed them to install rogue, pirated or cracked apps using various tricks, without requiring users to go through the side-loading process.
Double-faced behavior fools Apple's reviewers
The app got approved and added to Apple's website when the iOS App Store reviewers accessed the app, from somewhere outside China, and didn't notice anything strange, seeing its educational interface.
But as Palo Alto security researchers are explaining, this app followed all the legal procedures not to give itself away, and then installed third-party apps on user phones without triggering any alarms.
Its bag of tricks includes the re-implementation of a tiny Windows Apple iTunes client. This allowed users to download and even purchase apps from third-party stores using a realistic Apple interface.
The store-in-store app (codenamed ZergHelper by security researchers) also recorded some of Apple's Xcode IDE functions, so ZergHelper would automatically generate app development certificates, right from Apple's server. These certificates would then be used on a per-client basis to sign the rogue applications it would be installing.
For some users, the app captured their Apple IDs
The app also asked users to re-type their Apple IDs in order to generate these certificates in their names. For some users, ZergHelper reused Apple IDs so that it wouldn't attract too much attention.
On top of this, ZergHelper was coded in Lua, a programming language that allowed the developers to dynamically update the app, but without going through Apple's app review process. This technique allowed the developers to change the app's behavior without the risk of being discovered during subsequent updates, something akin to the JSPatch library.
The malicious store-in-store app existed on the official App Store from October 30, 2015, to February 19, 2016. Palo Alto says it noticed ZergHelper distributing over 50 apps rogue apps.
Source
|
|
|
Baidu Browser Acts like a Mildly Tempered Infostealer Virus |
Posted by: tarekma7 - 02-24-2016 , 12:16 PM - Forum: Security News
- Replies (1)
|
|
Baidu Browser collects user's personal information
The Baidu Web browser for Windows and Android exhibits behavior that could easily allow a security researcher to categorize it as an infostealer virus because it collects information on its users and then sends it to Baidu's home servers.
Baidu Browser is the Chinese clone of Google Chrome, with Baidu being a Web search company in China, just like Google, and the browser a spin-off from the Chromium project, just like Google Chrome.
An intrusion of user privacy
According to Citizen Lab researchers, the browser engages in the now-obligatory habit of collecting user details, which many software and Web-based services also do, "for analytics purposes."
The problem is that the Baidu Browser collects and then sends this information via unencrypted or easily decryptable connections.
During tests, researchers say that the Android version collects data about the user's operating system, the phone's IMEI, browsing history, search terms history, the phone's last GPS coordinates, and nearby wireless networks and local MACs.
On the other hand, the Windows version also collects data like the user's search history, browsing history, MAC address, CPU model, hard disk drive model and serial number, and file system volume number.
The browser collects and sends this information on startup, when the user starts typing content in their address bar, and on any page view.
Information collection behavior narrowed down to an SDK
Obviously, this is an intrusion of the user's privacy and something you wouldn't expect your browser to be collecting. This very same behavior is often found in infostealer (information stealer) malware that's usually deployed to collect information on targets before deploying more complex threats like ransomware, Bitcoin miners, spyware, or banking trojans.
Citizen Lab researchers narrowed down the information leakage issues to a common SDK, Baidu Mobile Tongji (Analytics) SDK, used for both the Android and Windows versions.
Together with mobile security firm Lookout, the researchers identified this SDK inside 22,548 app packages. Back in November 2015, researchers from Trend Micro identified a similar Baidu SDK, which could be found in 14,112 Android apps and included features that could be abused to install backdoors on all infected devices.
Insecure updates allow MitM attacks
But Baidu Browser's issues didn't stop here. Researchers also discovered that the browser checks and downloads updates but does not use code signatures. This practice exposes users to MitM (Man-in-the-Middle) attacks that allow an attacker to send malicious files to users disguised as a Baidu update.
Researchers say that they informed Baidu of all their issues, which the company started to address through updates to both the Android and Windows version on February 14, 2016. Some information leaks are still active.
Baidu also agreed to answer a list of questions regarding the browser's behavior. The answers can be viewed here.
In May 2015, the same Citizen Lab researchers analyzed another Chinese Web browser (UC Browser) and found a slew of issues in that product as well.
Source
|
|
|
Emsisoft Anti-Malware |
Posted by: tarekma7 - 02-24-2016 , 11:45 AM - Forum: Paid
- Replies (2)
|
|
Emsisoft Anti-Malware offers comprehensive PC protection against viruses, trojans, spyware, adware, worms, bots, keyloggers and rootkits. The product includes two powerful anti-malware scanners (Emsisoft Anti-Malware, and the Bitdefender's engine) and 3 guards (file guard, behavior blocker and surf protection) to protect against new threats. Unlike conventional protection systems Emsisoft Anti-Malware does not only check files, but it also constantly monitors the behavior of all active programs and raises an alarm as soon as something suspicious happens, additionally the surf protection blocks malicious websites before they can plant malware on your system. 30 day trial/freeware - Can be unlocked to a full version by purchasing a license. Switches to freeware scanner mode on license expiry.
Current version: 11.0.0.6131 Hotfix(3)
Stable Updates [Feb, 23, 2016]
Emsisoft Anti-Malware & Emsisoft Internet Security 11.0.0.6131 Hotfix(3) released.
This update will require a computer restart.
Fix: Occasional BSOD during installation.
Homepage
Changelog
Download
|
|
|
|