SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
#Windows
2 Feb 2018

A giant botnet is forcing Windows servers to mine cryptocurrency

A massive cryptocurrency mining botnet has taken over half a million machines and may have made its cybercriminal controllers millions of dollars - and the whole operation is powered by EternalBlue, the leaked NSA exploit which made the WannaCry ransomware outbreak so destructive.

The Smominru miner botnet turns infected machines into miners of the Monero cryptocurrency and is believed to have made its owners around $3.6 million since it started operating in May 2017 - about a month after EternalBlue leaked and around the same time as the WannaCry attack. 

Read more
Tags:
Windows fraud
Source:
ZDNet
1847
20 Dec 2017

Windows 10 facial recognition feature can be bypassed with a photo

Facial recognition systems appear to be the next big thing on our devices, be they smartphones or laptops, and naturally, security researchers and users alike tried to determine whether these are more secure than the typical password or the fingerprint sensors they often replace.

In the case of the iPhone X, Apple’s new smartphone that comes with a facial recognition system called Face ID, researchers have managed to unlock the device with a specially-crafted mask. A number of users have demonstrated that lookalike people or siblings could also bypass Face ID to get access to the home screen, raising questions as to how secure the iPhone X facial recognition system really is.

Read more
Tags:
Windows 10 information leaks
Source:
Softpedia
1764
19 Dec 2017

Pre-installed password manager on Windows 10 lets hackers steal all your passwords

If you are running Windows 10 on your PC, then there are chances that your computer contains a pre-installed 3rd-party password manager app that lets attackers steal all your credentials remotely. Starting from Windows 10 Anniversary Update, Microsoft added a new feature called Content Delivery Manager that silently installs new "suggested apps" without asking for users’ permission.

According to a blog post published Friday on Chromium Blog, Google Project Zero researcher Tavis Ormandy said he found a pre-installed famous password manager, called "Keeper," on his freshly installed Windows 10 system which he downloaded directly from the Microsoft Developer Network. 

Read more
Tags:
password Windows 10
Source:
The Hacker News
1926
18 Dec 2017

"Zealot" campaign uses NSA exploits to mine Monero on Windows and Linux servers

An aggressive and sophisticated malware campaign is currently underway, targeting Linux and Windows servers with an assortment of exploits with the goal of installing malware that mines the Monero cryptocurrency.

The campaign was detected by security researchers from F5 Networks, who named it Zealot, after zealot.zip, one of the files dropped on targeted servers. According to Maxim Zavodchik and Liron Segal, two security researchers for F5 Networks, the attackers are scanning the Internet for particular servers and using two exploits, one for Apache Struts and one for the DotNetNuke ASP.NET CMS, to get a foothold on unpatched machines.

Read more
Tags:
Linux NSA Windows
Source:
BleepingComputer
1832
5 Dec 2017

Windows Update is broken for some Windows 7 users

Windows 7 users are reporting problems checking for updates through Windows Update and Microsoft Update. The root of the problem may be an expiration date that Microsoft needs to fix on its side, noted experts earlier today.

A Microsoft Answers thread for those hit by the Windows Update Error 80248015 -- which began at some point on December 3 -- is growing. I've also seen some with Windows Server 2008 reporting this same problem on Twitter. I am one of those affected on my desktop Dell PC that's running Windows 7 SP1. The message I am seeing is "Windows could not search for new updates." 

Read more
Tags:
Windows information leaks
Source:
ZDNet
1653
11 Sep 2017

Flaw in Windows kernel hinders identification of potentially dangerous files

A researcher is warning that a programming error in the Microsoft Windows kernel might inhibit security software vendors and kernel developers from properly identifying modules loaded during runtime, including potentially malicious files. However, Microsoft does not view the issue as a security threat.

According to Omri Misgav, security researcher at enSilo, the bug affects all Windows operating systems from Windows 2000 to Windows 10. Specifically, the flaw pertains to a security mechanism called PsSetLoadImageNotifyRoutine, which provides notifications when PE image files are loaded in runtime to virtual memory space. 

Read more
Tags:
Windows Microsoft information leaks
Source:
SC Magazine
1675
12 Jul 2017

New attack targets Swiss bank customers on MacOS

A strand of malware designed to hit machines running MacOS is being used in a scheme to target customers at Swiss banks in an attempt to gain access to their accounts.

The malware, discovered by security firm TrendMicro and dubbed OSX_DOK, is a variant of another form of malware used during an ongoing assault on patrons of Swiss banks, where a number of security vulnerabilities have been targeted by attackers. OSX_DOK arrives on a victim’s machine as part of a phishing scheme. It is delivered via email alongside a compromised .zip or .docx file that purports to be either a Mac app or a Microsoft Word document.

Read more
Tags:
hackers fraud Windows
Source:
IBTimes
1680
7 Jul 2017

Wikileaks unveils CIA implants that steal SSH credentials from Windows & Linux PCs

WikiLeaks has today published the 15th batch of its ongoing Vault 7 leak, this time detailing two alleged CIA implants that allowed the agency to intercept and exfiltrate SSH (Secure Shell) credentials from targeted Windows and Linux operating systems using different attack vectors.

Secure Shell or SSH is a cryptographic network protocol used for remote login to machines and servers securely over an unsecured network. Dubbed BothanSpy — implant for Microsoft Windows Xshell client, and Gyrfalcon — targets the OpenSSH client on various distributions of Linux OS.

Read more
Tags:
Windows Linux Wikileaks CIA surveillance information leaks
Source:
The Hacker News
1851
30 Jun 2017

Microsoft's next big Windows update will use AI to fight malware

Windows Fall Creators Update will come with a hefty serving of security upgrades, made timely by the increasingly rampant cyberattacks targeting the platform these days.

Microsoft has revealed how the upcoming major update will level up Windows Defender Advanced Threat Protection, a Win 10 enterprise service that flags early signs of infection. Windows enterprise director Rob Lefferts said the upgrade will use data from Redmond's cloud-based services to create an AI anti-virus that will make ATP much better at preventing cyberattacks.

Read more
Tags:
Windows trends artificial intelligence data protection
Source:
Engadget
1946
27 Jun 2017

Windows 10 S doesn't appear to be as invulnerable to ransomware as Microsoft claims

The major premise justifying Windows 10 S, the new variant of Windows 10 that can only install and run applications from the Windows Store, is that by enforcing such a restriction, Windows 10 S can offer greater robustness and consistency than regular Windows.

For example, apps from the Windows Store can't include unwanted malicious software within their installers, eliminating the bundled spyware that has been a regular part of the Windows software ecosystem. If Windows 10 S can indeed provide much stronger protection against bad actors then its restrictions represent a reasonable trade-off.

Read more
Tags:
Microsoft information leaks Windows
Source:
Ars Technica
1820
SafeUM NEWS
27 Apr 2017 safeum news imgage Encrypted Group Chat
4 Apr 2017 safeum news imgage Each SafeUM user gets free anonymous phone number
10 Mar 2017 safeum news imgage SafeUM useful features to help you feel safe
28 Sep 2016 safeum news imgage Secure Messenger SafeUM
21 Jul 2015 safeum news imgage New secured zone of Google Play: secure messenger SafeUM for Android. Download, Install, Communicate
3 Apr 2015 safeum news imgage We are beginning to test SafeUM for Windows Phone
25 Feb 2015 safeum news imgage SafeUM messenger is available for public testing
20 Feb 2015 safeum news imgage Algorithms and encryption schemes used for secure messenger SafeUM
30 Jan 2015 safeum news imgage New "TOP Security!" app is on the App Store
22 Jan 2015 safeum news imgage Free "TOP Security!" app is available on Google Play
28 Oct 2014 safeum news imgage How are security keys generated in SafeUM?
19 Jun 2014 safeum news imgage SafeUM is the best messenger for data protection and information security
16 Jun 2014 safeum news imgage Become a SafeUM tester and get free PREMIUM subscription for a year
12 May 2014 safeum news imgage Why Premium secure messenger SafeUM cannot be free
25 Apr 2014 safeum news imgage Encrypted secure messaging for every mobile device
All news
First page Previous
1 2 3 4 . . 9
Next Last page
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015