This is default featured slide 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.This theme is Bloggerized by Lasantha Bandara - Premiumbloggertemplates.com.

This is default featured slide 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.This theme is Bloggerized by Lasantha Bandara - Premiumbloggertemplates.com.

This is default featured slide 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.This theme is Bloggerized by Lasantha Bandara - Premiumbloggertemplates.com.

This is default featured slide 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.This theme is Bloggerized by Lasantha Bandara - Premiumbloggertemplates.com.

This is default featured slide 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.This theme is Bloggerized by Lasantha Bandara - Premiumbloggertemplates.com.

Thursday, December 6, 2018

Google Maps Users are Receiving Notification Spam and No One Knows Why

Google Maps Users are Receiving Notification Spam and No One Knows Why


  • December 5, 2018
  •  
  • 04:22 PM
  •  
  • 0

Maps Spam
Users are receiving spam notifications through the Google Maps app that asks them to share their location in order to get something for free and no one knows why.
According to reports from numerous users, Android users are receiving Maps push notifications with titles such as "You Have Received a Free Prize from Google", "You Have Received a Free Prize",  "Congratulations for Winning Pixel", and more.  When users click on these notifications, they are then being asked to share their location.
For example, a Reddit post stated:
"Strange thing. Just got a push notif from my Maps app that read "You Have Received a Free Prize from Google [...]", so I figured it was some sort of Google-Play-Rewards-type thing — but once I clicked on it it appeared to be about a user named "You Have Received a Free Prize", with Maps giving me the option to share my location with them. I found the block button and that was that, but has anyone else been subject to this? What's the endgame if a gullible user decides to follow through?"

Maps Notification Spam
Maps Notification Spam
Most users who BleepingComputer spoke to regarding these notifications simply block them.
Some, though, have stated that they thought it was an ad from a nearby shop, so shared their location, but did not receive any other information after doing so. As you can imagine, this is confusing as it is not known what the location sharing is being used for.
There has been a lot of speculation as to where these notifications are coming from. Some think that criminals are using this to check when your not home in order to rob you, others that it's part of the Nearby service, or could be a way to advertise a store's products or other promotion. 
For now, if you receive a Maps push notification asking you to share your location, just block it as you never know who you are sending your location to and for what reason.
You have some theories about this Maps spam? Let us know.
Update: Shortly after posting the article, we were told that iOS users of Google Maps have also received these notifications.

Company Pretends to Decrypt Ransomware But Just Pays Ransom

Company Pretends to Decrypt Ransomware But Just Pays Ransom


  • December 5, 2018
  •  
  • 12:28 PM
  •  
  • 1

Ransomware is a serious threat but also a lucrative business for crooks and scammers posing as IT professionals promising successful decryption services for the right price.
Security researchers have found a company in Russia that guarantees decryption of files touched by the Dharma/Crisis ransomware strain, an operation known to be successful only by paying for the unlock key from the malware maker.

Huge markup added

The intriguing claim comes from a company called Dr. Shifro that pretends to be an IT consultancy firm. Its line of business, though, it brokering the file decryption for a hefty bill for the victim and a discount negotiated with the cybercriminals.
Check Point says that Dr. Shifro intermediates these deals since 2015 and has added to its account at least 100 BTC from 300 "contracts." The company advertises decryption services for multiple ransomware variants, including Cryakl, Scarab, Bomber, and Dharma.
An undercover investigation from Check Point revealed that the faux consultant contacts the ransomware creator and asks for a discounted price for the decryption key, which in the case of the researchers was $1,300.
The cost of the unlock key would be incurred by the victim, along with a fee of $1,000 for delivering a decryption tool.
An email to the threat actor makes clear Dr. Shifro's business model:
"I’m an intermediary. We redeem keys for clients since 2015 on a regular basis. Send bitcoins tight, don’t ask dumb questions. Clients frequently addressed under recommendation. Could you give a discount to 0.15 btc?"
The researchers say that the revenue from this type of activity rises to at least $300,000, calculated at an average BTC price of $3,000 recorded during their investigation. However, it is unclear if all victims were billed the same.
The general recommendation is not to pay the ransom in order to make the ransomware business unprofitable. So turning to a company that can decrypt files is a way to get the data back without endorsing criminal activity.Ransomware victims should be aware that a legitimate company offering file decryption services does not make bold claims regarding the success of their efforts because there is a good chance of failure, especially with data locked by strong encryption. Only the availability of the decryption keys can give the confidence of recovery.
Data recovery companies are nothing new on the ransomware scene. Coveware, a company that handles ransomware incidents, is upfront about its business, but many of them hide the fact that all they do is negotiate with the malware developer to get an unlock key.
This activity is not without restrictions, though, and these companies should be more careful about who they negotiate with. At the end of November, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions for two Iran-based individuals associated with SamSam ransomware, banning any business with them. This means that transactions to their cryptocurrency wallets are in violation with the imposed sanctions.

Adobe Fixes Zero-Day Flash Player Vulnerability Used in APT Attack on Russia

Adobe Fixes Zero-Day Flash Player Vulnerability Used in APT Attack on Russia

 
  • December 5, 2018
  •  
  • 11:11 AM
  •  
  • 0

Flash
Adobe has released an update for Flash Player that fixes a zero-day user after free vulnerability that was used as part of an APT attack against Russia. This attack is being named "Operation Poison Needles" and targeted the Russian FSBI "Polyclinic #2" medical clinic.
According to research from Qihoo's 360 Advanced Threat Response Team and Gigamon, on November 29, 2018 an attack was detected against Russia's FSBI "Polyclinic #2" clinic. The site for this clinic indicates it provides medical and cosmetic services to the executive and higher level employees of the Russian Federation.
The targeted attack came in the form of a fake employee questionnaire that when opened triggered an exploit for the zero-day Flash vulnerability. This questionnaire is shown below and you can see the Flash object is displayed as a black square in the document.
Malicious Word document pretending to be a questionnaire
Malicious Word document pretending to be a questionnaire
When the exploit is triggered, Word will display a warning stating "The embedded content contained in this document may be harmful to your computer.' and if a user agrees to continue, the following command is executed to extract a rar file and start the backup.exe executable contained within it.
According to Gigamon, the executed command is:
C:\WINDOWS\system32\cmd.exe /c set path=%ProgramFiles(x86)%\WinRAR;C:\Program Files\WinRAR; && cd /d %~dp0 & rar.exe e -o+ -r -inul*.rarscan042.jpg & rar.exe e -o+ -r -inulscan042.jpg backup.exe & backup.exe
This attack flow is illustrated in the image below.
Attack Flow
Attack Flow (Source: 360 Advanced Threat Response Team)
The backup.exe file is backdoor that pretends to be the Nvidia Control Panel application and uses a stolen certificate from "IKB SERVICE UK LTD", which has since been revoked.
The researchers state that when the backup.exe program is executed it will copy itself to %LocalAppData%\NVIDIAControlPanel\NVIDIAControlPanel.exe and send information about the computer and installed applications to a remote host. It will also download and execute shell code on the computer.
Backup.exe backdoor disguised as a Nvidia Control Panel
Backup.exe backdoor disguised as a Nvidia Control Panel
The researchers feel that this attack is politically motivated as it occurred right after the Kerch Strait Incident when the Russian coast guard boats fired upon and captured three Ukrainian Navy vessels.
"Since it is the first detection of this APT attack by 360 Security on a global scale, we code-named it as “Operation Poison Needles”, considering that the target was a medical institution," the 360 Core Security team stated in their report. "Currently, the attribution of the attacker is still under investigation. However, the special background of the polyclinic and the sensitiveness of the group it served both indicate the attack is highly targeted. Simultaneously, the attack occurred at a very sensitive timing of the Kerch Strait Incident, so it also aroused the assumption on the political attribution of the attack."

Adobe releases update for Flash Player

Adobe has issued security bulletin APSB18-42 that states that Flash Player 31.0.0.153 and earlier are affected by this vulnerability, which has been assigned the CVE-2018-15982 ID. To resolve this vulnerability, users should update to version 32.0.0.101 immediately.
This update also resolves DLL hijacking vulnerability in the program that would allow a bad actor to load a malicious DLL when Flash Player starts.
To be truly safe, it is recommended that all users uninstall Flash Player unless they absolutely need it for an internal application. Adobe plans on retiring flash in 2020 and most sites that have utilized it in the past have moved to other technologies.

Related Articles:

Apple Fixes Passcode Bypass, RCE Vulnerabilities, and More in Today's Updates.

Apple Fixes Passcode Bypass, RCE Vulnerabilities, and More in Today's Updates.

 
  • December 5, 2018
  •  
  • 05:23 PM
  •  
  • 0
Apple Medicine
Today Apple released updates for their core products that includes iCloud, Safari, iTunes, macOS Mojave, High Sierra, Sierra, Shortcuts for iOS 2.1.2, tvOS 12.1.1, and of course iOS 12.1.1.
Included in these security updates are numerous code execution, privilege escalations, and information disclosure vulnerabilities. Due to this, if you are the user of any of the above products, you should update them as soon as possible.

iOS 12.1.1 fixes FaceTime locked screen contacts disclosure

iOS 12.1.1 fixes a bug that was discovered at the end of October, the day after iOS 12.1 was released, that allows a user to access a phone's contacts even when iOS was locked.  This bug was discovered by security researcher Jose Rodriguez who has a knack for finding these types of bypasses and demonstrates them on YouTube.
Other vulnerabilities that were fixed include remote code execution, information disclosure, escalation of privileges, and denial of service attacks.

Shortcuts for iOS gets its first security update!

Shortcuts is a new feature added to iOS 12 that allows you to create shortcuts that execute multiple commands with one voice command or tap.
This update is Shortcuts for iOS' first one and sadly there is not much to indicate what was fixed if anything.  Instead we are greeted with the following statement:
"This update has no published CVE entries. We would like to acknowledge Micah A for their assistance."
Whoever Micah A is, congrats!
Below are the rest of the Apple security updates released today.
Name and information link
Available for
Release date
iCloud for Windows 7.9Windows 7 and later05 Dec 2018
Safari 12.0.2macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.105 Dec 2018
iTunes 12.9.2 for WindowsWindows 7 and later05 Dec 2018
macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 SierramacOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.105 Dec 2018
Shortcuts 2.1.2 for iOSiOS 12.0 and later05 Dec 2018
tvOS 12.1.1Apple TV 4K and Apple TV (4th generation)05 Dec 2018
iOS 12.1.1iPhone 5s and later, iPad Air and later, and iPod touch 6th generation05 Dec 2018

Related Articles:

  •  
  •  
  •  
 
  •  
LAWRENCE ABRAMS  
Lawrence Abrams is the creator and owner of BleepingComputer.com. Lawrence's area of expertise includes malware removal and computer forensics. Lawrence Abrams is a co-author of the Winternals Defragmentation, Recovery, and Administration Field Guide and the technical editor for Rootkits for Dummies.

Post a CommentCommunity Rules
You need to login in order to post a comment
Not a member yet? Register Now

Monday, November 19, 2018

iCloud Bypass 2018


How Unlock iCloud iPhone XS Mas,XS,XR,8 Plus,8,7 Plus,7,6 Plus,6s,6,SE,5s,5c,5,4s,4, iPad,iPod any iOS  Go Here







Best iPhone and iCloud iTunes Problems solution

To Unlock Your Phone And Buy Sim Card iCloud Unlocker Here 


                                     
                        https://www.youtube.com/watch?v=hJ-VgIcRwjU

                               For New Unlock Tools To Buy From Here 








  1. Link 2 Unlock iCloud iPhone XS Mas,XS,XR,8 Plus,8,7 Plus,7,6 Plus,6s,6,SE,5s,5c,5,4s,4, iPad,iPod any iOS
  2. Link 3 Unlock iCloud iPhone XS Mas,XS,XR,8 Plus,8,7 Plus,7,6 Plus,6s,6,SE,5s,5c,5,4s,4, iPad,iPod any iOS





  • how to Unlock iCloud Activation iPhone XS Mas,XS,XR,8 Plus,8,7 Plus,7,6 Plus,6s,6,SE,5s,5c,5,4s,4, iPad,iPod any iOS.
  • Nov 2018 New Method HOW TO Remove/Delete any iOS iCloud Activation Lock iPhone || Successful For Unlock iCloud Activation lock Apple iPhone 100% Working Method. how to Remove or Delete Activation Lock iCloudUnlocked,fixed Activation lock Removal/Delete any iOS 2018,
  • # how to iCloud lock iPhone X/XS
  • # how to activation iCloud iPhone
  • # how to activation lock iPhone 7
  • # how to activation iCloud iPad
  • # how to activation iCloud iPod
  • # how to activation lock iPhone 6s 
  • # how to activation lock iPhone 6
  • # how to iCloud Activation iPhone 6 Plus
  • # how to activation lock iPhone SE
  • # how to activation lock iPhone 5s
  • # how to iCloud Activation iPhone
  • # how to activation lock iPhone 4s
  • # New Update iOS 12.1 iCloud Activation lock remove,delete 
  • Please Watch Full Video:


  • "Very Important Note"
  • ----------------------------------
  • # Please Ignore all the Comments that involves Spam-web-sites, they are all pure Spam so I advice you simply Ignore Them.
  • PLEASE COMMENT YOUR iPhone "IMEI"
  • FOR CHANCE TO FREE UNLOCK !!!
  • NO COST My All Services 100% FREE SERVICE ,
  • 1. = LIKE VIDEO ??
  • 2. = SUBSCRIBE ??
  • 3. = SHARE VIDEOS ??
  • 4. = COMMENT "DONE" YOUR IMEI NUMBER ??
  • 5. = WAIT FOR RESPONSE ??
  • I appreciate ANY Support you can give.
  • [Special Offers For You]
  • iPhone X, 8/8 Plus/7/7 Plus/6 Plus/6s/6/SE
                                         
                                                    DOWNLOAD FROM HERE !!!!!!!


PRO UNLOCK ICLOUD ACTIVATION LOCK BLOG









Best iPhone and iCloud iTunes Problems solution






                                     https://www.youtube.com/watch?v=hJ-VgIcRwjU

                               For New Unlock Tools To Buy From Here 








  1. Link 2 Unlock iCloud iPhone XS Mas,XS,XR,8 Plus,8,7 Plus,7,6 Plus,6s,6,SE,5s,5c,5,4s,4, iPad,iPod any iOS
  2. Link 3 Unlock iCloud iPhone XS Mas,XS,XR,8 Plus,8,7 Plus,7,6 Plus,6s,6,SE,5s,5c,5,4s,4, iPad,iPod any iOS





  • how to Unlock iCloud Activation iPhone XS Mas,XS,XR,8 Plus,8,7 Plus,7,6 Plus,6s,6,SE,5s,5c,5,4s,4, iPad,iPod any iOS.
  • Nov 2018 New Method HOW TO Remove/Delete any iOS iCloud Activation Lock iPhone || Successful For Unlock iCloud Activation lock Apple iPhone 100% Working Method. how to Remove or Delete Activation Lock iCloudUnlocked,fixed Activation lock Removal/Delete any iOS 2018,
  • # how to iCloud lock iPhone X/XS
  • # how to activation iCloud iPhone
  • # how to activation lock iPhone 7
  • # how to activation iCloud iPad
  • # how to activation iCloud iPod
  • # how to activation lock iPhone 6s 
  • # how to activation lock iPhone 6
  • # how to iCloud Activation iPhone 6 Plus
  • # how to activation lock iPhone SE
  • # how to activation lock iPhone 5s
  • # how to iCloud Activation iPhone
  • # how to activation lock iPhone 4s
  • # New Update iOS 12.1 iCloud Activation lock remove,delete 
  • Please Watch Full Video:


  • "Very Important Note"
  • ----------------------------------
  • # Please Ignore all the Comments that involves Spam-web-sites, they are all pure Spam so I advice you simply Ignore Them.
  • PLEASE COMMENT YOUR iPhone "IMEI"
  • FOR CHANCE TO FREE UNLOCK !!!
  • NO COST My All Services 100% FREE SERVICE ,
  • 1. = LIKE VIDEO ??
  • 2. = SUBSCRIBE ??
  • 3. = SHARE VIDEOS ??
  • 4. = COMMENT "DONE" YOUR IMEI NUMBER ??
  • 5. = WAIT FOR RESPONSE ??
  • I appreciate ANY Support you can give.
  • [Special Offers For You]
  • iPhone X, 8/8 Plus/7/7 Plus/6 Plus/6s/6/SE
                                         
                                                    DOWNLOAD FROM HERE !!!!!!!