Dismiss this notice
Ashampoo Photo Optimizer 7 New Year 2019 Giveaway-https://www.geeks.fyi/showthread.php?tid=4948

Dismiss this notice
MakeUSLaugh_HitmanPro.Alert New Year 2019 Giveaway- https://www.geeks.fyi/showthread.php?tid=4946

Dismiss this notice
Ashampoo Burning Studio 20 New Year 2019 Giveaway- https://www.geeks.fyi/showthread.php?tid=4947

Dismiss this notice
PowerISO New Year 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5170

Welcome, Guest
You have to register before you can post on our site.



Search Forums

(Advanced Search)

Forum Statistics
» Members: 1,424
» Latest member: Raur
» Forum threads: 4,146
» Forum posts: 7,602

Full Statistics

Online Users
There are currently 33 online users.
» 2 Member(s) | 30 Guest(s)
Google, dhruv2193, harlan4096

Latest Threads
WhatsApp caps message for...
Forum: Privacy & Security News
Last Post: silversurfer
33 minutes ago
» Replies: 0
» Views: 19
What is your PC's securit...
Forum: General Security Discussions
Last Post: Toligo
1 hour ago
» Replies: 24
» Views: 2,181
Fake Android Navigation A...
Forum: Android News
Last Post: tarekma7
2 hours ago
» Replies: 0
» Views: 21
6 Reasons We Need to Boos...
Forum: Privacy & Security News
Last Post: tarekma7
2 hours ago
» Replies: 0
» Views: 28
Apeaksoft MobieTrans 1.1....
Forum: GOTD
Last Post: Toligo
3 hours ago
» Replies: 0
» Views: 18
[Android][App] The Big As...
Forum: Apps and Games
Last Post: Raur
4 hours ago
» Replies: 0
» Views: 27
A first look at Windows S...
Forum: General Security Discussions
Last Post: Raur
4 hours ago
» Replies: 2
» Views: 87
Twitter admits bug expose...
Forum: Privacy & Security News
Last Post: Raur
4 hours ago
» Replies: 3
» Views: 47
What is your favourite An...
Forum: General Security Discussions
Last Post: osmandemi
5 hours ago
» Replies: 13
» Views: 232
Temporary micropatch avai...
Forum: Privacy & Security News
Last Post: Raur
5 hours ago
» Replies: 0
» Views: 36

Welcome Guest!
If this is your first visit, be sure to check out the Help/FAQ page by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

  WhatsApp caps message forwarding to five instances to fight fake news
Posted by: silversurfer - 33 minutes ago - Forum: Privacy & Security News - No Replies

Quote:WhatsApp is putting a worldwide limit of five on the number of times a message may be forwarded in an effort to stomp out misinformation and the spreading of rumours.

"Starting today, all users on the latest versions of WhatsApp can now forward to only five chats at once, which will help keep WhatsApp focused on private messaging with close contacts," the company said in an update to a blog post, confirming a Reuters report.

WhatsApp users could previously forward a message 20 times. 

The messaging platform, which has around 1.5 billion users, has been trying to find ways to stop misuse of the app. The new update, to be rolled out on Monday, follows recent events around the world using the app for misinformation and the spreading of rumours.

Source: https://www.zdnet.com/article/whatsapp-c...fake-news/

Print this item

  Fake Android Navigation Apps Spam You with Ads
Posted by: tarekma7 - 2 hours ago - Forum: Android News - No Replies

[Image: J9xLD2D.jpg]

Quote:The Google Play Store has grown so much that it’s nearly impossible to keep every single malicious item away from it, but the real problem appears when fake apps record millions of downloads and do nothing more than to spam you with ads.

This is the case of no less than 15 GPS navigation apps that were published in the Google Play Store and which, according to ESET malware researcher Lukas Stefanko, recorded more than 50 million installs.

“These apps just open Google Maps or use their API without any additional value for user, except for displaying ads,” the researcher notes. “Some of them don't even have proper app icon.”

Basically, these apps pose as full navigation apps for Android, but instead, they just create a layer between Google Maps and the user in order to display ads. This way, the developer can generate revenue without offering any functionality, as the ads are typically displayed before launching the app and while using it.

Already reported to Google
Furthermore, some of these navigation apps even use fake screenshots that are actually stolen from other GPS apps in the Google Play store that do not break the Google Play Store terms.

“They don't have any Navigation technology or know-how, they only misuse Google Maps. Once user clicks on Drive, Navigate, Route, My Location or other option, Google Maps app is opened,” the researcher explains.

One of the applications included a feature requesting the user to pay for removing the ads and offer a clean navigation experience, which is anyway provided by Google Maps, often coming pre-installed on Android devices.

All the applications have already been reported to Google, but according to the ESET researcher, only some of them have been removed. Most likely, the search giant will pull the rest shortly, especially as more users discover them in the Play Store.


Print this item

  6 Reasons We Need to Boost Cybersecurity Focus in 2019
Posted by: tarekma7 - 2 hours ago - Forum: Privacy & Security News - No Replies

Quote:Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals, too.

For people who still need some convincing that cybersecurity is an essential point of focus, here are six reasons.

1. The Average Cost of a Cyberattack Exceeds $1 Million
It’s no surprise that cyberattacks are costly, but some people will likely be shocked at the massive expenses that could result. According to a recent report from Radware, the total costs are more than $1 million. Additionally, victims report issues not directly related to financial losses, such as decreases in productivity or negative customer experiences.

Based on the above statistic, enterprises should conclude that although it costs money to invest in cybersecurity strategies, the expenses could be more substantial if organizations choose not to put enough of their resources toward experts and tools that minimize threats.

2. The U.S. Government Says It’s Time to Come Up With a Better Plan
The U.S. government, as well as the authorities from other nations, continually struggle to safeguard against digital attacks from rivals. The challenges are so immense that government bodies and officials warn that the United States needs an improved way to stop adversaries.

A State Department report warned that the country is increasingly dependent on networked information systems, and foes from other nations have learned to exploit that dependence and use it to disrupt the lives of Americans.

Most people who live in the U.S. can at least imagine the consequences of a severe cyber attack that affected the country’s ability to proceed with normal operations. Since government authorities researched the possibility and asserted there’s no time to waste in coming up with an improved approach to cybersecurity, that’s all the more reason to take action this year.


Print this item

  Apeaksoft MobieTrans 1.1.6
Posted by: Toligo - 3 hours ago - Forum: GOTD - No Replies

Apeaksoft MobieTrans is the professional iOS data transfer and manager tool which enables you to transfer various iPhone data, make iPhone ringtone, and convert HEIC images with ease. As the data transfer tool (photos, videos, music, contacts, SMS), it allows you to copy any frequently-used iOS data from iPhone/iPad/iPod to iOS device/computer/iTunes, and add data from computer to iOS device. For the iPhone ringtone, you are able to create, add and delete ringtones easily. Moreover, you can convert HEIC images to JPG or PNG for easy viewing on your devices. Take the super iOS wizard to ease your life.


Print this item

  [Android][App] The Big Ashampoo® App Parade
Posted by: Raur - 4 hours ago - Forum: Apps and Games - No Replies

Ashampoo® App Parade

  • Ashampoo® Droid Optimizer (Google Play)
    Laggy smartphone? Battery always empty? Launching apps takes forever? Boost your smartphone performance and free memory at the click of a button.
  • Ashampoo® Snap FREE for Android (Google Play)
    Fully-fledged mobile application to capture, edit and share screenshots and images on your Android device.
  • Ashampoo® Surprise Me (Google Play)

    Awesome sounds for the perfect moment

    Soundboard and dull messages are so yesterday. Surprise Me combines texts with sounds like no other app! 

  • Ashampoo® Ten Seconds (Google Play)

    Sometimes, simple ideas make for the best games. Here's one!

    A dot appears on your screen and you have ten seconds. Tap it ten times and you'll progress to the next level where things get a little more difficult. Let's find out how long you can last!

Source: Ashampoo Apps Overview

Attached Files Thumbnail(s)
Print this item

  Temporary micropatch available for zero-day Windows exploit
Posted by: Raur - 5 hours ago - Forum: Privacy & Security News - No Replies

Quote:A publicly disclosed Windows zero-day vulnerability could allow attackers to take full control of systems once they compromise a low-privilege account. Here's a fix.

Microsoft has left two publicly known vulnerabilities unpatched in Windows this month, but researchers have stepped in and created temporary patches that can be easily applied to protect systems until an official fix becomes available.

During the last two weeks of December, a security enthusiast who uses the online handle SandboxEscaper released details and proof-of-concept exploit code for two privilege escalation vulnerabilities in Windows. Researchers from ACROS Security have released a temporary "micropatch" for one of them through 0patch, a service that provides in-memory binary patching for zero-day flaws, and they are currently testing a patch for the secondary issue as well.

Microsoft has left two publicly known vulnerabilities unpatched in Windows this month, but researchers have stepped in and created temporary patches that can be easily applied to protect systems until an official fix becomes available.

During the last two weeks of December, a security enthusiast who uses the online handle SandboxEscaper released details and proof-of-concept exploit code for two privilege escalation vulnerabilities in Windows. Researchers from ACROS Security have released a temporary "micropatch" for one of them through 0patch, a service that provides in-memory binary patching for zero-day flaws, and they are currently testing a patch for the secondary issue as well.

One of SandboxEscaper's vulnerabilities allows a low-privileged user to read any file on the system, including those belonging to other users. The exploit abuses a Windows feature called MsiAdvertiseProduct that performs operations with SYSTEM privileges, so it can lead to information disclosure, especially if attackers know the path to potentially sensitive files they can expose.

The second vulnerability is even more serious and allows low-privileged users to overwrite arbitrary files as SYSTEM, potentially leading to arbitrary code execution with the highest possible privilege. This flaw has been dubbed the AngryPolarBearBug and is the one that 0patch.com has released a micropatch for.

Privilege escalation vulnerabilities do not allow hackers to break into computers remotely without user interaction. However, once attackers compromise a low-privileged account through some other method, like malware delivered via email, they can exploit such bugs to take full control of systems. SandboxEscaper has disclosed four Windows privilege escalation flaws since August and the first one, located in the Windows Task Scheduler, was quickly used by hackers in attacks before Microsoft was able to release a patch.

Fortunately, the AngryPolarBearBug is not as easy to exploit as the Windows Task Scheduler one because it is a race condition, so it takes multiple retries to succeed, and because attackers can't fully control the data with which files are being overwritten. The proof-of-concept released by SandboxEscaper overwrites a critical system file that’s needed during the Windows boot process, leading to a denial-of-service condition rather than to arbitrary code execution. However, this doesn't mean that achieving code execution is not possible.

"Our micropatch is for Windows 10 version 1803 64-bit," Mitja Kolsek, CEO of ACROS Security and co-founder of the 0patch.com service, says. "We often make a micropatch just for one or several most popular versions and wait for users to express interest in porting to other versions as needed."

How the micropatch is applied
Applying the temporary patch requires installing a small software agent from 0patch.com, which will then patch the vulnerable Windows process directly in memory without touching the file on disk. This process in known as micropatching and does not need restarting the OS or even the vulnerable process. The patch can then be removed with a click of a button without leaving any trace behind when the official Microsoft update is ready to be applied.

Micropatching can be useful in multiple situations. In addition to eliminating zero-day flaws for which no official patch exists, it can be used to fix newly discovered flaws in software or operating system versions that are no longer supported by their developers. It can also be used as a temporary solution in cases where applying an official patch would require restarting an affected system or application that performs a critical task.

Microsoft releases patches on the second Tuesday of every month, a day that has become known in the software industry as Patch Tuesday. It rarely breaks out of that cycle and typically releases out-of-band security patches only if a critical zero-day vulnerability is being exploited in widespread attacks. This means that the company is unlikely to fix SandboxEscaper's AngryPolarBearBug and arbitrary file read flaw until at least February 12.


Print this item

  Malwarebytes Fixes Windows 7 Freeze Problem in New Update
Posted by: Raur - 5 hours ago - Forum: Privacy & Security News - Replies (2)

Quote:Malwarebytes released an update today for its component package that fixes the problem with Windows 7 stations freezing. The problem was manifesting on systems with the Web Protection feature enabled in the security solution.

The troublesome installation caused the mouse, keyboard, and screen to become unresponsive from time to time on Windows 7 running on multi-core systems. The only way to get out of the lock was to reset the computer by holding down the power button.

Problem difficult to solve
The version of the trouble-fixing component update is 1.0.527 and it specifically addresses the problem Windows 7 users had been reporting since the middle of December 2018. The complaints started to come in after applying an update version 1.0.508 for the Malwarebytes component package.

Malwarebytes could not find a solution immediately as the bug was not reproducible on all machines. The company also asked users to help with the troubleshooting by providing logs and data from Windows information reports.

On January 11, the component received a new update, but it still did not eliminate the issue as it included improvements to functionality for some licensing operations.

Pre-beta release good to go
After some in-house testing that reproduced the freeze on multiple system, the developers tracked the behavior to "multi-processor synchronization issues with our Web Protection code on Windows 7."

On Friday, the company announced that it had prepared a test preview build for Malwarebytes 3 designed to eliminate the snag. As it had already shown promising results from testers, they released it for anyone who wanted to try out a pre-beta version.

It turns out that Malwarebytes hit the nail in the head with this build, as it contained the proper fix, so it was released all users.

"This new package addresses a reported freeze on Windows 7 computers that related to Web Protection on multiple core processor configurations," reads the release note for the component version 1.0.527.

Users experiencing inconveniences because of the Malwarebytes update in December are advised to install the latest release of the component. It is pushed automatically to users that have the auto-update auto-update mechanism turned on.

Manual installation is possible by downloading the update from this link on Box storage service, provided by the company. However, the link may not work for long and users can run a manual check for and install the component from Malwarebytes' interface by going into the Settings menu and then to Install Application Updates.


Print this item

  NordVPN Breaking Your Privacy
Posted by: Raur - 5 hours ago - Forum: Privacy & Security News - No Replies

Quote:Android: NordVPN sends email address to tracking provider

Many users swear by VPN service providers, for example to protect their privacy on the Internet or to avoid geo-blocking. I've been warning a long time about VPN services that promise "100% anonymity" or insufficiently inform their users about the limits of the promised anonymity.

Random I've looked at the NordVPN app (version 3.9.8) for Android. Not only does this include a few trackers, it also sends your email address, along with unique identifying features such as the Google Advertising ID, to a third party ( Iterable Inc. ) at registration

Source (German): https://www.kuketz-blog.de/android-nordv...-anbieter/

Quote Link : https://malwaretips.com/threads/nordvpn-...acy.89818/

Print this item

  Nvidia GTX 1660 Ti Reportedly Up To 19 Percent Faster than GTX 1060
Posted by: DTinn8 - 6 hours ago - Forum: Hardware News - No Replies

Quote:A little less than a week ago, the existence of the Nvidia GeForce GTX 1660 Ti leaked thanks to a couple of VideoCardz's trusted sources. Today, famous leaker TUM_APISAK discovered one of the first benchmarks for the upcoming GeForce GTX 1660 Ti.

[Image: aHR0cDovL21lZGlhLmJlc3RvZm1pY3JvLmNvbS9E...RpLmpwZw==]

[Image: aHR0cDovL21lZGlhLmJlc3RvZm1pY3JvLmNvbS9E...RpLmpwZw==]

Credit: TUM_APISAK/Twitter

The GeForce GTX 1660 Ti was tested in the popular Ashes of the Singularity (AotS) benchmark on the High quality preset at the 1920x1080 resolution. TUM_APÏSAK noted that this was the mobile version of the GeForce GTX 1660 Ti as the graphics card was housed inside a laptop alongside an octa-core Coffee Lake H (CFL-H) processor.

The mobile GeForce GTX 1660 Ti put up a score of 7,400 points, which makes it approximately 19.35 percent faster than the GeForce GTX 1060. The mobile Nvidia GeForce GTX 1060 scored 6,200 points in the same benchmark with the same settings.

Very little is known about the GeForce GTX 1660 Ti at the moment except the rumor that it'll probably be the first Turing-powered graphics card to launch with the GTX branding. The GeForce GTX 1660 Ti reportedly sports 1,536 CUDA cores and 6GB of GDDR6 memory across a 192-bit memory interface. The graphics card employs Nvidia's TU116 silicon, which is still based on the Turing graphics architecture but allegedly lacks the RT cores for real-time ray tracing. 

According to what VideoCardZ has heard, Nvidia could announce the GeForce GTX 1660 Ti as soon as next month. There is a rumor that a GeForce GTX 1660, which uses GDDR5 or GDDR5X memory, is also in the works, and it might be unveiled at the same time frame.


Print this item

  Microsoft Employee Hints at Windows Core OS Open Source Components
Posted by: DTinn8 - 6 hours ago - Forum: Windows News - No Replies

Quote:LinkedIn is advertised as a place where people can share their work experience, find jobs, and mingle with their peers. It's also a roundabout way for people to leak information about what they're working on, as demonstrated by a recent Microsoft employee profile that mentions "open source components" in Windows Core OS.

The profile in question is for a Security Program Manager tasked with managing "the Security of Windows Core OS from malicious actors and code." Considering that Windows Core OS hasn't been announced yet, describing work on it for LinkedIn seems kinda like saying you're the "Alien Resources Director at Area 51," right?

Anyway. The same Security Program Manager then said that he "improved the security posture of Windows Open Source Components through initiatives that investigate vulnerabilities found and establish a process for remediation.” Connect the dots between the two, and you have reason to suspect Windows Core OS will rely on some open source components. Which brings us here.

Rumors about Windows Core OS have circulated since 2017. It's essentially believed to be the core (see that?) of modular versions of Windows customized for various devices. Microsoft tried something similar with Windows 10–remember Windows 10 Mobile?—but Windows Core OS seems to be purpose-built for crossing platforms.

Reports have claimed that Windows Core OS provides the foundation for Polaris, the code name for the next desktop version of Windows, and a mobile operating system called Andromeda. It will probably also be used for upcoming Xbox consoles, virtual reality devices, and pretty much anything else Microsoft's working on. The hodgepodge of operating systems built on top of versions of Windows that weren't meant to be used that way could disappear.

Back to the matter at hand: TechRadar noted that incorporating open source tools in Windows Core OS is a bit of a departure for Microsoft. The company uses open source tools now, but it wasn't exactly fond of the concept. Then one thing led to another, so Microsoft acquired one of the largest proponents of open source software, GitHub, and vowed to maintain the platform's commitment to openness.

Now it seems open source tech will be part of the foundation Microsoft's building to help Windows stay relevant in a time when PCs are part of a much larger ecosystem. And at least one person is so committed to being open that he openly discussed an ostensibly secret project on a professional networking platform that Microsoft owns. We've come a long way since the whole "we're going to establish a monopoly over computing" phase of the '90s, huh?

Print this item