Your Library for the latest IT Security News, Alerts, Threats and Tips and Android Games
Recent Articles

Saturday 29 November 2014

Windows GUI Formatter for Windows any version

Saturday 29 November 2014 - 0 Comments




Windows will ask you if you want to run the file. Click yes. It will ask you if you want to allow it to have (Admin) access to your computer. Click yes. The program will start. Select a drive to format. Click Start. Your drive should be formatted in a few seconds

Download Now

2 GB RAM 10 best smartphones

Right now the market has a varied smartphone. Then the real fun of the smartphone when it works fast without're stuck somewhere. The RAM is an essential component. Fast processor much RAM is used in smartphones. We are told 10 smartphone features 2 GB of RAM and the best prices.
  • Selcon Millennium Ultra Q500 Price:- Rs 9899 Resolution this smartphone with 1280x720 pixel 5-inch display. Broadcom 1.2 quad-core processor and 2 GB RAM Gigahertz. It runs on Android KitKat 4.4.2. 8-megapixel rear camera with LED flash. 2-megapixel front camera. 16 GB and 32 GB micro-SD card internal Storage be imposed. 2500mAh battery. Connectivity options, GPRS, EDGE, 3G, Wi-Fi, Bluetooth 4.0, GPS and FM radio.

  •  Asus Zenphone 5 (8 GB) Price - Rs 9,999 Resolution this smartphone with 1280x720 pixel 5-inch display. Broadcom 1.2 quad-core processor and 2 GB RAM Gigahertz. It runs on Android KitKat 4.4.2. 8-megapixel rear camera with LED flash. 2-megapixel front camera. 8 GB and 32 GB micro-SD card internal Storage be imposed. 2500mAh battery. Connectivity options, GPRS, EDGE, 3G, Wi-Fi, Bluetooth 4.0, GPS and FM radio.

  • Micromax Canvas A310 Nitro price - Rs 10 699 The dual-SIM Micromax Canvas Sport 4.4 KitKat Android runs on nitro. It Gigahertz 1.7 Octa-core MediaTek processor, Mali 450 GPU and 2 GB RAM. Resolution 720x1280 pixels in a 5-inch HD IPS display. According to the company on its screen is Oleophobic coating, so it will not fingerprint. Micromax Canvas Nitro, a 13-megapixel rear camera with flash Sony sensor. The f2.2 aperture is the camera, the picture may be better in low light. 28mm wide-angle lens of the camera. The BSI is a 5 megapixel front camera. Front f2.4 aperture and 22mm wide-angle lens camera. 8 GB internal Storage. 32 GB micro-SD card can be fitted. The battery is 2500mAh. Connectivity options, GPRS, EDGE, 3G, Wi-Fi, USB 2.0, GPS and Bluetooth 4.0 are included.

  • Xolo 8X-1000 price - Rs 11 039 Dragneel Xolo Asahi Glass panels with 8x-1000 720x1280 pixels in a 5-inch display Resolution, which is used to protect Gorilla Glass 3. This Android Jholo with KitKat 4.4 UI runs on the new hive. This 1.4-core processor and 2 GB RAM Gigahertz MediaTek Okta. 8-megapixel camera on the back. 2-megapixel front camera. 16 GB to 32 GB micro-SD card with internal Storage be imposed. The battery is 1920mAh. Wi-Fi connectivity options, including Bluetooth 4.0 and A-GPS.

  •  Micromax Canvas A250 Turbo price - Rs 11 289 to A-250 Turbo Micromax Canvas 1920x1080 pixels with a 5-inch full-HD IPS display Resolution. MediaTek This quad-core processor and 2 GB of RAM 1.5 is Gigahertz. It runs on Android 4.2.1. It's Megapixels autofocus rear cam 13. 5 Megapixels front camera. Camera Panorama, Cinemagraph and object features such as Eraser. It has 16 GB inbuilt Storage. The company is not to place a micro-SD card. The 2000mAh battery. According to the website, it will take two SIM Micromax, which will be a regular SIM, while the second will be micro-SIM. The full Aluminium only 8.66 mm thin body. 

  • Huawei (Huawei) Honor 3C price - Rs 11 820 supports dual-SIM Huawei Honor 3C company Android with Emotion UI 2.0 runs on 4.2 Jelly Bean. The 5-inch HD display with 1280x720 pixels Resolution. It Gigahertz 1.3 quad-core MediaTek processor, Mali 400 GPU and 2 GB RAM. With 8 GB internal memory card slot is Storej. With LED flash, and BSI sensor on the back is an 8 megapixel camera. 5-megapixel front camera. The battery is 2300mAh. In connectivity options, 3G, Wi-Fi, micro-USB, GPS and Bluetooth are included. 

  • Play Jholo 6X 1000 price - Rs 11,840 to Sport Dual-SIM KitKat This smartphone runs on Android 4.4.2. The 1280x720 pixel 5-inch HD IPS display Resolution. 1.5 Gigahertz Hexa-core processor, Mali 450 GPU and 2 GB RAM. BSI sensor with flash and autofocus rear 2 has an 8 megapixel camera. This 1080p full-HD video recording can be. 2-megapixel front camera. 8 GB and 32 GB micro-SD card internal Storage be imposed. The battery is 2100mAh. Knekviti in options 2G, 3G, Bluetooth 4.0, Wifi, USB 2.0 and A-GPS feature.

  • Carbon Titanium Octane Plus price - Rs 12 490 dual-SIM Sport carbon titanium and Android Octane Plus 4.4 runs on KitKat. Full-HD IPS display of 5 inches. 1.7 Octa-core MediaTek processor and two GB RAM Gigahertz. 16-megapixel camera on the back. 8-megapixel front camera. 16 GB and 32 GB micro-SD card internal Storage be imposed. The battery is 2000mAh.

  • BlackBerry Q5 price - Rs 12 588 and 328 ppi pixel density BlackBerry Q5 Resolution the 720x720 is a 3.1-inch touchscreen. Qualcomm Snapdragon dual-core processor and a 1.2 Gigahertz have 2 GB of RAM. The phone has a 5 megapixel camera at the back, which can be used to shoot HD video at 1080 pixels. The phone has a 2 megapixel front camera. 8 GB and 32 GB micro-SD card internal Storage be imposed. The 2180 mAh battery.

  • Asus Zenphon 5 (16 GB) price - Rs 12 999 Resolution this smartphone with 1280x720 pixel 5-inch display. Broadcom 1.2 quad-core processor and 2 GB RAM Gigahertz. It runs on Android KitKat 4.4.2. 8-megapixel rear camera with LED flash. 2-megapixel front camera. 16 GB and 32 GB micro-SD card internal Storage be imposed. 2500mAh battery. Connectivity options, GPRS, EDGE, 3G, Wi-Fi, Bluetooth 4.0, GPS and FM radio. 

Friday 28 November 2014

For those looking to Selfi New Xolo Opus 3 Launched

Friday 28 November 2014 - 0 Comments


Xolo Opus 3 smartphone has been launched. This is especially for amateurs Selfi.
Its price is Rs 8499. Dual-SIM Sport Xolo Opus 3, which runs on Android 4.4 KitKat.
The 5-inch HD display with 1280x720 pixel Rejolusn. MediaTek Gigahartz 1.3 quad-core
processor, Mali-400 MP GPU and 2 GB of RAM.

It has an 8 megapixel camera with LED flash on the back. Front has a 5 megapixel camera
with LED flash in the f / 2.0 aperture wide angle lens with a 88 degree. 8 GB micro-SD
card up to 32 GB internal Storej and can be fitted. 2500mAh battery. According to the
company over the 13 hours of 3G talk time and up to 26 hours on 2G said. Connectivity
options, GPRS, EDGE, 3G, Wi-Fi, GPS / A-GPS, micro-USB and Bluetooth 4.0 are included.
The length, width and thickness 143x71.3x8.8 millimeters.


Thursday 27 November 2014

... It is also the number you call to someone and

Thursday 27 November 2014 - 0 Comments

with the help of an app on your phone without using any man you can call any of the numbers. There are many apps on Google Play and the Apple Store, which is difficult to trace the caller's location or call details.

ID Changer app trap anyone with identification can hide. Like, if you want to call someone with caller ID can dial 0000000000. Additionally, you can change in your voice mail or female. However, the code for the call +91 India also has to recharge is necessary and which are necessary for Rs 268. Fake ID app works like id changer. But you also have to call him as a mere 4 Number of International number caller ID appears. V-Phone app similar to the Intelligence Bureau had sought to ban, because the server is abroad. 

Experts' opinions

cyber law expert Pavan Duggal said that such applications are taken into account before making the calls him Details are not available or could not be any records. Details of the calls to the service provider can help you download the app cost data is a record of the service provider's server. Noida Vishnu Tiwari said Ericsson's network engineer, had called him to trace the IP address of the service provider is placed on the collar can be found. But it is a very messy job. 

Watch Apple in the top markets in India


Apple Apple Watch for the launch of India's first Vearebl device will include priority markets. It can be launched in India at the beginning of February. The company in the Indian market study has indicated that the iPhone and iPad, the product can become a best seller. Such NBT Tech and Facebook to get instant news www.facebook.com/NBTTechnology Like and follow the NbtTech Follow on. India familiar with Apple's plans, two senior Agjekyutiws prepare the company for the purpose of application for Apple Watch Indian developers are preparing to join. A Agjekyutiv said, "Apple is excited about the success of your Watch in India, 40 million iPhone and iPad users because they already have the base, which will initially target."

When contacted, a spokesperson for Apple Apple Watch said in the beginning of 2015 will be launched around the world. According to estimates the cost of the watch could be between Rs 28000-35000, which leads to companies like Samsung and Sony The launch will be more than Vearebl devices. The iPhone 5, 5C, 6 and 6 Plus will work with the new operating system will run on. Counterpoint Research senior Aenalist (devices and ecosystem) Tarun Pathak said, "At this price point, the volume of course, but with the launch of Apple Smart Watch Vearebl devices increase awareness." Counterpoint Research Vearebl devices in India The market is still quite small. It could reach one million units in the calendar year, but next year, Apple is expected to increase in coming to watch. Watch counterpoint that Apple needs to meet people who want to buy a lot of new vendors Vearebl smart devices will launch next year. Planetm Retail Watch Apple CEO Sanjay Karwa hopefully launch in the market to pick up, which has been slow since Diwali. Apple last week launched a software, create new applications for the Apple App Watch Developers will help. The company expects that Apple developers Watch India will present the local application, which will increase the attractiveness of the product in the country. Apple this weekend is going to be launched in India its new Tablt. According to the e-commerce seller Infibim authorized Apple, the new iPad 2 and iPad Mini 3 of air pre-order demand is quite good and its sales over the previous year is expected to launch the new iPad. Apple's new iPhone has not even demand the company has supplied even better.

Microsoft's name first smartphone Lumia 535 launch in India

Photo - Microsoft's name first smartphone Lumia 535 launch in India

Microsoft Nokia Lumia smartphone first without the branding has been launched in India. Lumia 535 Windows smartphone with a name is the name of Microsoft's branding. Microsoft Lumia 535 Dual-SIM is priced at Rs 9199. Such NBT Tech and Facebook to get instant news www.facebook.com/NBTTechnology Like and follow the NbtTech Follow on. Microsoft Lumia 535 960x540 pixels in a 5 inch Rejolusn The IPS display, which has been used 3 Corning Grila glass. Gigahrtj quad-core Snapdragon 200 processor and 1.2 GB RAM Kwolcom. It runs on Windows Phone 8.1.

See: Microsoft Lumia 535 that:-

Microsoft Lumia 535 rear 5-megapixel camera with LED flash. It has a 5 megapixel front camera. 8 GB micro-SD card up to 128 GB internal Storej and can be fitted. The battery is 1905mAh. In connectivity options, 3G, Wi-Fi, Bluetooth 4.0 and A-GPS feature. This will in many colors.


keep your Android smartphone and Any Device secure?



Don't panic about reports that 99% of malware targets Android devices, but do take precautions to ensure your device is secure

Android is the most popular operating system for smartphones, by far, and it's also the most open, in terms of how much you can customise your device – replacing its default keyboard, for example – as well as the approval process for developers to release new apps for it.

This openness is a boon for the tech-savvy Android user, because pretty much anything on their device that they don’t like can be swapped out for something better. They also tend to be pretty good at not installing apps that might play fast and loose with personal data. For them, Android doesn’t have a security problem.

What about everyone else, though? Android’s status as the world’s most popular smartphone OS means it has hundreds of millions of users who aren’t so clued-in on security. They’re not stupid or lazy: they’re just normal people. They’re the reason so many developers of viruses, other malware and privacy-flouting apps are targeting Android.

Cisco’s annual security report claimed in January that 99% of all malware in 2013 targeted Android devices, while security firm Kaspersky Lab suggested a similar figure of 98% in December last year.

"Android ticks all the boxes for cyber criminals – it’s a widely used OS that is easy to use for both app developers and malware authors alike," said Kaspersky's senior virus analyst Christian Funk, at a time when his company was detecting 315,000 new malicious files every day.

So, does Android have a big security problem? This is a question that is complicated by the fact that many of the companies warning about Android malware are also selling apps and services that promise to protect against it. They have a good view of what’s out there, but also an interest in talking up the risks.

But keeping your data safe on an Android device can be more about taking common-sense steps to minimise your risks, rather than assuming you need to splash out on a monthly security subscription – although there are plenty of choices for the latter if you decide that’s the route for you.

With that in mind, here are five tips for ensuring that your Android device is safe:

1. Be cautious when installing apps


Using the Google Play Store to download apps (or Amazon’s Appstore if you own one of its devices) already makes you among the more secure tiers of Android users – many dodgy apps are distributed through third-party Android app stores rather than the official ones.

Still, it’s best to exercise caution, especially when you happen upon what looks like a brand new version of a popular game. Candy Crush Saga, Angry Birds, Clash of Clans… fake versions of these regularly appear, so if something sets off warning bells (Candy Crush Saga 2, anyone?) it’s worth googling its title and checking its developer’s website to see if it’s a fake.

Also, read the reviews on the Google Play store – a surfeit of one-star reviews is a sign that something's wrong – and check the permissions that an app asks for before you install it. If anything here sets off warning bells – or simply makes you uncomfortable – it's a good prompt to walk away.

2. Watch out for phishing / SMS

Security on Android isn't just about the apps that you install on your phone. As with any device – Android or otherwise – be on your guard for phishing, sites that try to get you to enter personal data and/or credit card details. Text messages and emails can all be phishing methods, and just because you're on your phone doesn't make them less dangerous.

Combating phishing on Android isn't so different from on your computer: useful advice from the Citizens Advice Bureau, Microsoft and Symantec will get you up to speed, while an additional tip is to never tap on a link in a text message from someone you don't know – even if it looks like a company you do business with.

3. Lock screen security

Another point that applies to every smartphone OS, not just Android. Have you got your device's lock-screen settings sorted, so that if it gets stolen, the thief can't access your apps and data? Google’s default settings will see you fair, but there are some third-party apps that take interesting and unusual spins on unlocking the phone.

Picture Password Lockscreen, for example, gets you to unlock your phone by drawing points, lines and circles on any image you like. ERGO scans your ear and then gets you to unlock the device by holding it up to said lug. Fingerprint Scanner LockScreen is a cheeky Android equivalent of Apple’s iPhone 5s’ Touch ID – it pretends to scan your fingerprint, but really it’s just measuring how long your thumb rests on the screen.

4. Consider anti-virus software

If you'd still like to take the extra step of installing anti-virus software – or if you're thinking of putting it on the device of someone else (an older parent, for example) – a number of options are available from the big names of the security world.

AVAST Software's Mobile Security & Antivirus, Bitdefender's Mobile Security & Antivirus, Lookout Security & Antivirus, Kaspersky Internet Security, Trend Micro's Mobile Security & Antivirus, Norton Security antivirus and McAfee Antivirus & Security all have four-star-plus ratings on Google play from thousands of reviewers, with the competitive market meaning they add new features regularly.

Which you choose depends more on which you've used on your computer before, but all offer a good level of security if you're concerned.

5. Consider a parental control app

You can follow many of the steps above, but can your children if they’re using your device, or have their own Android tablet and/or smartphone? A number of companies are trying to help with this challenge too, with parental control software capable of ensuring children don’t install apps that they shouldn’t, or compromise data on a shared device.

Kids Place, Famigo, MMGuardian and Norton Family are four of the most popular examples, with varying features to control what apps are installed, what sites are being visited, and to set time limits on usage – and in some cases, add time as a reward for good behaviour.

Alternatively, you could spend a bit of time getting to grips with Android’s default features to set up different user profiles on a tablet, and make some of them restricted – found via the users option in your settings menu. But parenting skills are also important here: talking to your children about safe usage of their Android device is as important as trying to lock it down for them.

Tips on Keeping Android Device Security Threats at Bay


Tips on keeping your android device secure from threats

The rise of Google's mobile operating system, Android, has helped usher in the age of mobility, making smartphones and tablets available to the masses — instead of just being a niche product for the wealthy. This revolution has had a massive, positive impact on many people's lives, but it comes with a dark side. Android device security threats are growing in number, and those who ignore this burgeoning trend are risking their privacy, security and finances.

A World of Android Device Threats


The Android OS is especially vulnerable to malware threats. Android malware comprised just 24 percent of all mobile malware threats in 2010, according to a recent Juniper Networks study, but now comprises a whopping 90 percent of all malware. The open nature of the platform — which allowed so many Android devices to flood the market in the first place — also makes it an ideal target for malware creators. They can get their software onto users' devices without taking care to expertly hide the malicious aspects of it. The bulk of this malware is revenue-driven, with more than 75 percent of the malicious software being used to trick users into sending texts to premium services for a fee. According to Juniper, each attack can bring in $10 for the attacker, a hefty haul when multiplied by the millions of devices out there.

But not all malware is designed for a quick cash-grab. Some programs capture personal information, including things like banking passwords, browsing trends or geographical location. This information can be used to steal from the user directly, or to sell for a million different uses.

This may all paint a fairly scary picture of the Android OS, but using a mobile device doesn't necessarily mean you're opening yourself up to an Android security attack. By following some fairly simple steps, you can protect your device from almost malicious software, allowing you to fully experience the mobile world without putting your information at risk.

Stay Up to Date


Updating your mobile security software isn't just a way to get enhanced features and better speeds, as Google and your device manufacturer pack a lot of back-end fixes into these updates. Juniper suggests that devices using the latest operating system version are immune to more than three-fourths of the malware out there, so be sure to check for updates regularly and download them when available.

Avoid Third-Party Download Sites


The breadth of available Android apps is one of the features that draw people to the platform, and Android makes it fairly easy to install applications from sources other than the official app store. While there are some interesting apps out there that are not available through Google, this is a great way to get malware onto your device. Google scans all the apps in its official store for obvious traces of malware, and manages to stop a great deal of them from reaching consumers. Third-party app stores don't necessarily have these protections, and malware creators know this.

Pay Attention to Permissions


Most people just blindly click through the permissions section when installing a new application, but this is one way to spot potential threats. That new game you downloaded to kill some time may need access to your file system to work properly, but it certainly doesn't need access to your text messages or location. When installing an application, read through the permission section before agreeing to the app's terms, and if the app asks for permission to anything that seems odd, don't install it.

Avoid Free Wi-Fi


Who doesn't like free things? Free, public Wi-Fi is, in many ways, a blessing, as it provides a fast Internet connection for your device without costing a cent. But these unsecured connections could prove disastrous for your private information. It's just as easy for a hacker or thief to connect to free Wi-Fi as it is for you, and once you're both on the same network, they can easily see almost all the information you're sending to the Internet. For WiFi Security, it's best to stick with secured connections, or if possible, your device's mobile connection.

Get Protected


The best way to keep your Android device safe is to use dedicated security software to constantly scan your device, and to check for threats on any new apps you've installed. But even this comes with some conditions. There are plenty of free mobile antivirus offerings out there, but many of these are just Trojans or viruses in disguise. For true mobile security, stick with brand-name offerings. They may charge for their constantly updated service, but it's a small price to pay for true security. Most of these apps come with free trials, so you can try them before you make a purchase, and the best can even protect your PC, or multiple Android devices, at the same time.

The world of Android device threats may be intimidating, but much like a personal computer, being smart about using your device is the best first step in protecting yourself. For those instances where being smart isn't enough, a robust mobile security solution that stays updated with emerging mobile threats is your best bet for staying safe in a mobile world.

Friday 21 November 2014

How Attackers Can Use Radio Signals and Mobile Phones to Steal Protected Data

Friday 21 November 2014 - 0 Comments


Computers housing the world’s most sensitive data are usually “air-gapped” or isolated from the internet. They’re also not connected to other systems that are internet-connected, and their Bluetooth feature is disabled, too. Sometimes, workers are not even allowed to bring mobile phones within range of the computers. All of this is done to keep important data out of the hands of remote hackers.


But these security measures may be futile in the face of a new technique researchers in Israel have developed for stealthily extracting sensitive data from isolated machines—using radio frequency signals and a mobile phone.

The attack recalls a method the NSA has been secretly using for at least six years to siphon data in a similar manner. An NSA catalogue of spy tools leaked online last year describes systems that use radio frequency signals to remotely siphon data from air-gapped machines using transceivers—a combination receiver and transmitter—attached to or embedded in the computer instead of a mobile phone. The spy agency has reportedly used the method in China, Russia and even Iran. But the exact technique for doing this has never been revealed.

The researchers in Israel make no claims that theirs is the method used by the NSA, but Dudu Mimran, chief technology officer at the Israeli lab behind the research, acknowledges that if student researchers have discovered a method for using radio signals to extract data from hard-to-reach systems, professionals with more experience and resources likely have discovered it, too.

“We are doing research way behind people [like that],” he told WIRED. “The people who are doing that are getting a lot of money and are doing that [full time].”

Dubbed “AirHopper” by the researchers at Cyber Security Labs at Ben Gurion University, the proof-of-concept technique allows hackers and spies to surreptitiously siphon passwords and other data from an infected computer using radio signals generated and transmitted by the computer and received by a mobile phone. The research was conducted by Mordechai Guri, Gabi Kedma, Assaf Kachlon, and overseen by their advisor Yuval Elovici.

The attack borrows in part from previous research showing how radio signals (.pdf) can be generated by a computer’s video card (.pdf). The researchers in Israel have developed malware that exploits this vulnerability by generating radio signals that can transmit modulated data that is then received and decoded by the FM radio receiver built into mobile phones. FM receivers come installed in many mobile phones as an emergency backup, in part, for receiving radio transmissions when the internet and cell networks are down. Using this function, however, attackers can turn a ubiquitous and seemingly innocuous device into an ingenious spy tool. Though a company or agency may think it has protected its air-gapped network by detaching it from the outside world, the mobile phones on employee desktops and in their pockets still provide attackers with a vector to reach classified and other sensitive data.

The researchers tested two methods for transmitting digital data over audio signals but Audio Frequency-Shift Keying (A-FSK) turned out to be the most effective.

“[E]ach letter or character was keyed with different audio frequency,” they note in a paper released last week (.pdf) that describes their technique. “Using less than 40 distinct audio frequencies, we were able to encode simple textual data—both alphabetical and numerical. This method is very effective for transmitting short textual massages such as identifiers, key-stroking, keep-alive messages and notifications.

The data can be picked up by a mobile phone up to 23 feet away and then transmitted over Wi-Fi or a cellular network to an attacker’s command-and-control server. The victim’s own mobile phone can be used to receive and transmit the stolen data, or an attacker lurking outside an office or lab can use his own phone to pick up the transmission.

“With appropriate software, compatible radio signals can be produced by a compromised computer, utilizing the electromagnetic radiation associated with the video display adapter,” the researchers write. “This combination, of a transmitter with a widely used mobile receiver, creates a potential covert channel that is not being monitored by ordinary security instrumentation.”

The researchers note that the chain of attack “is rather complicated,” but it’s not beyond the skills and abilities already seen in advanced attacks conducted by hackers in China and elsewhere. Or by the NSA.

Generally the most common method for infecting air-gapped machines is a USB flash drive or other removable media. Once one air-gapped machine is infected, the malware can spread to other machines on an air-gapped network. Data can be extracted the same way, though this is more of a challenge. The malware stores stolen data on the machine until a flash drive is inserted, at which point data is copied to the drive. When the flash drive is then inserted into another computer that’s connected to the internet, the data gets transmitted back to the attackers’ command-and-control center. This method takes time, however, since it requires the attacker to wait until someone inserts a flash drive into the air-gapped machine and carries it to an internet-connected machine.

AirHopper, however, doesn’t require repeated action like this once the malware is installed. An attacker only needs to get their malicious transmitter code onto the targeted machine and then either install the malicious receiver component on the victim’s mobile phone or use the attacker’s own mobile phone in the vicinity of the computer to receive the data and transmit it to the attacker’s command-and-control server. The malware can be programmed to store siphoned data on the infected machine for later transmission at specified hours or intervals. The researchers also devised methods for hiding the data transmission on the targeted machine to avoid detection, including transmitting data only when the monitor is turned off or in sleep mode and altering the FM receiver on the phone so that there is no audible tone when data is transmitted to it.

Although the distance for transmitting data from an infected computer to a mobile phone is limited—due to the limitations of the receiver in phones—attackers could use a stronger portable receiver, set up in a parking lot for example or installed on a drone flying overhead, to pick up data from greater distances.

There are other limitations, however. The proof-of-concept test allows for data to be transmitted at only 60 bytes a second—about a line of text per second—which limits the speed and volume at which attackers could siphon data. But Mimran notes that over time, a lot of sensitive data can still be extracted this way.

Apple Malware in-the-wild and Other IT Security News

For all those who still mistakenly believe that Apple Macs are immune from viruses and do not need antivirus protection, this piece of IT security news may come as a bit of a surprise. This new threat is called WireLurker and it infects non-jailbroken iOS devices when they are connected to the infected Apple Mac or desktop. WireLurker seems to have originated in China’s third-party Mac OS X app stores and it works by adding malicious codes to legal iOS apps. This is major news story for the Apple community, so watch this space for more. Read more here and here.

WireLurker – A new Apple malware spotted in-the-wild


Your WhatsApp Messages are Now Encrypted and More Secure

A wave of delight has started to sweep away 600 million users of the most popular messaging app WhatsApp. The company has released an update to its Android app that will have a strong end-to-end encryption by default. What does this mean for you? Scroll down to know.

The recent partnership of WhatsApp with Open Whisper Systems is nothing but good news for users who might have questioned the security or privacy of their WhatsApp messages. In its latest update for Android, the company has integrated the TextSecure encryption protocol.

What Does this Mean?

With the TextSecure encryption protocol in place, your messages are end-to-end encrypted. In other words, your messages can be read only by you and the receiver. So, this eliminates the risk of a hacker or anyone decrypting and reading your messages while it is traveling to the recipient’s device.

This Encryption Technology is Stronger than What Facebook and Google Uses

While our emails and messages on Facebook and Google are encrypted, they can still be read by authorities if permitted by law. TextSecure, on the other hand, ensures that the message is only read by the sender and the recipient, and no one else, nada. So, even if the government compels WhatsApp to share your data, there is no way they can do it. Hence, it can be safely said that this is the strongest security feature any major texting app has ever offered.
As per reports, WhatsApp is by far the largest platform that has deployed end-to-end encrypted communication in history.

Limitations

As of now, the TextSecure protocol only encrypts your text messages and not group chats, images and videos. However, Open Whisper Systems has stated in a blog post that they will be rolling out support even for these issues in the near future.

Do you have to Activate the TextSecure Protocol on your WhatsApp?

You do not have to do anything to turn this security feature ON, as it would be enabled by default. Also, this will not affect the way you use the WhatsApp in anyway. As Open Whisper Systems’ co-founder Moxie Marlinspike says it, “Ordinary users won’t know the difference, it’s totally frictionless.”

For those who would like to know about this development and how the TextSecure protocol works, here are some useful sources you can gather knowledge from:
https://whispersystems.org/blog/whatsapp/
http://wrd.cm/1xTD5aY
http://bit.ly/1oZqb9D
http://on.mash.to/1qlBo5u


Now that your WhatsApp messages are encrypted, do you feel safer about your privacy? Do leave your comments below!

Wednesday 19 November 2014

5 Android Lollipop Security Features to Protect Your Device

Wednesday 19 November 2014 - 0 Comments

Android 5.0 aka Lollipop aka Android L is the new kid on the block, and it once more showcases Google’s ability to change the game. With the new Material Design UI, you will find that Android 5.0 is unlike any other Android version released so far. The new Nexus 9 tablet and upcoming Nexus 6 smartphone now come pre-installed with Lollipop and it is only a matter of weeks before we start seeing other devices running this version as well.






Along with all the other changes to UI, design, and functionality, an integral part of Android 5.0 is Google’s enhanced focus on security. There are several new features that Google has introduced this time around, and this focus shows us that Google too acknowledges the very real matter of security and privacy on Android smartphones around the world. Here are some of the notable Android Lollipop security features that Google now offers.

Inbuilt Encryption


Earlier the encryption functionality could only be operated when needed. Not surprisingly, not many people knew about this feature or used it. But now Google has rectified that. All devices that run Android 5.0 will have the encryption turned on by default. This is a notable step that will help protect the data on devices in case of loss or theft. Default encryption blocks all the data on a smartphone if a remote attacker tries to steal it.

Smart Lock


This feature has been created to secure Android devices by pairing them with other trusted devices such as other smartphones or wearables or even your car. Google hopes that this feature will replace the recommended, but not widely used, password or pattern lock on smartphones. Via this feature, the phone unlocks when it is in range of another Bluetooth or NFC enabled and paired device. This is especially useful for adopters of Android Wear and smartwatches. By pairing your Android with your watch, you can unlock it every time you take it out of your pocket and bring it closer to your watch. Of course, this is just one instance of using this, and there are many other ways in which this can be used as well.

Guest Mode


This is a feature that has been present on recent Android tablets, but has now become the norm for all Android 5.0 devices. Earlier, multiple user accounts could be operated on Android tablets. Now, Guest Mode allows someone to lend out their Android phone or tablet to someone and create a brand new guest account for them. For the guest, this creates an experience that looks like it is starting from a hard factory reset. Once a guest is done, all that information can be wiped easily.

Screen Pinning


With this feature, you can give someone access to your phone and only allow them to use the app you want them to use, by pinning that app to the screen. This can be a hugely popular feature for parents who can hand their phone to their kid and only grant them access to an app or a game that they want them to play and nothing else on the device.

SELinux enforcing


Security Enhanced Linux is valid for all applications on a device and it provides enhanced protection against smartphone vulnerabilities and malware. This feature was initially developed by the NSA in 2000 so it is highly advanced and reliable when it comes to blocking external threats. Essentially, what this feature does is enforce a level of security and app isolation that nobody can bypass. This makes Android smartphones more resistant to malware and other dangers.

While these Android 5.0 security features from Google are commendable, they do not rectify all the prevalent security issues on the platform. We still highly recommend installing a premium Android security application, and you need not look further than Quick Heal Mobile Security. This product provides wholesome Android security and highly effective features that safeguard smartphones and tablets.

Alert: Beware of Malicious Ebola Emails!

The recent outbreak of the Ebola virus has claimed over 1000 lives. While people in the affected regions are struggling to fight the infection and people elsewhere skeptical about its spread, cyber criminals are busy inventing new attack vectors in the form of malicious emails.

The recent outbreak of the Ebola virus has claimed over 1000 lives. While people in the affected regions are struggling to fight the infection and people elsewhere skeptical about its spread, cyber criminals are busy inventing new attack vectors in the form of malicious emails.

malicious ebola emails

Reportedly, attackers have started email campaigns using the Ebola epidemic as their bait to trap people. The below gives you a quick gist into the types of Ebola emails you should be careful against.

Emails Claiming to Offer a Report on the Ebola Virus


- The email asks its recipient to click a website link in order to learn more about what the report says.

- Clicking the link infects the user’s system with a Trojan horse designed to steal personal and sensitive information.

Emails with Attached Presentations on the Ebola Virus


- The email claims to have an attachment of a PowerPoint Presentation on the Ebola infection.

- Clicking the attachment infects the victim’s Internet browser with a malicious program.

- The program is designed to steal information from and make unwanted changes in the infected computer.

Emails with Attachments about Experimental Ebola Drug


- These Ebola emails are based on the news of ZMapp (an experimental medicine to treat Ebola) to trap their victims.

- They contain malicious attachments.

Ebola Emails from CNN


- These emails are designed for phishing attacks.

- They try to lure users into visiting a website controlled by the hacker.

- The website asks users to log in using their email login credentials.

Readers are strongly advised to be on high alert against such types of emails, and emails that are unexpected or unsolicited. Only trust genuine sources to stay updated with the latest news about the Ebola virus. Some trustworthy medical sites that our readers can refer to are www.mayoclinic.com, www.webmd.com, www.cdc.gov, and www.nhs.uk

Great News: Quick Heal Mobile Security is now Free!

At Quick Heal, we are always striving to make security more accessible and highly effective, be it on computers or smartphones. Over the last few years, this endeavor has naturally led us to secure millions of Android smartphones, thanks to the widespread surge of Android phones and their usage all across the world.

With innovative features such as call & SMS blocking, anti-theft security, virus protection and more, our goal of providing foolproof security to Android owners is well on its way to completion. However, to truly achieve our objective of providing “Mobile Security for All” we have taken things up a notch.

Quick Heal Mobile Security is now completely free for anyone who wishes to download this premium security suite for their Android smartphone.
That’s right. Now you can enjoy all these advanced security features on your Android phone and ensure its safety against all kinds of malware, privacy threats and security breaches and not pay a single rupee for that. We invite you to join us and help us in further achieving our goal of safeguarding every Android device out there.

Download this free mobile security suite by visiting this link – http://bit.ly/1sUcZEr


Quick Heal Mobile Security’s New & Enhanced Features


Not only is Quick Heal Mobile Security now free, it also has a revamped dashboard, a brand new user interface and several new and enhanced features for maximum security. Here are some of the enhanced features that all users of QHMS can now enjoy.

Call & Message Filter – While earlier you could block unwanted phone calls and SMSs from within the country, now international numbers and texts can also be barred from reaching you. What’s more, you can even block numbers that start with a particular series now.

Security Shield – View the level of your device and data protection through an eye-catching and actionable graphical representation.

Intruder Detection – This feature takes snapshots of anyone who tries to unlock your phone with a wrong password.

Personal Security – During an emergency, this feature automatically sends an SOS message with your current location to predetermined numbers and social networks.

Register with TRAI – You can now register your number with the DND registry of India and also raise a complaint with TRAI against unwanted numbers, through QHMS.

Device Scanning – In addition to previous scan options, you can now schedule scans for your device at a time that suits your convenience.

Call Forwarding – This feature allows you to forward all incoming calls to a predetermined number.

Privacy Adviser – You can now easily review all apps that are installed on your phone and their permissions as well.

Security Adviser – This feature guides you about all settings that affect the overall security of your smartphone.

Message Center – This new feature brings all important notifications, latest news and alerts into one centralized area on your phone.

Share App – Lastly, with this feature you can seamlessly share the Quick Heal Mobile Security application with another Android device and help us in our goal of providing ‘Mobile Security for All’.

With these enhanced features and more, Quick Heal Mobile Security ensures complete protection for your Android smartphone against all kinds of mobile security threats.

*NOTE – Existing Quick Heal Mobile Security users who have a paid license, are now eligible for a free upgrade to the advanced premium version of Quick Heal Total Security for Android. Know more about it here.

What is Phishing and How to Avoid it?

Phishing is one of the oldest tricks in the book of hackers. But as old as it might be, phishing still remains the most lucrative tool for cyber criminals; as they say, old is gold. This post tells you about phishing and measures you can take to avoid it.

What is Phishing?

Phishing is a fraudulent activity that is designed to trick the victim into revealing their personal and confidential information. This information usually includes bank account details, credit card numbers, and social security numbers to name a few. There are different ways a hacker can launch a phishing attack on his targets.

Phishing by Email

This is the most common phishing technique deployed by cyber criminals. Fake emails posing as crucial communication from a bank, ecommerce site or known legitimate entities are sent to the victim. These emails contain links to a fake Web site, which usually appears like a legitimate site and prompts the victim to sign in or divulge their personal information. In some instances, the phishing email itself contains an attachment of a form to be filled out by the victim. To trick the victim into visiting the fake Web site or fill out the form, such emails show a sense of urgency or a threatening situation. For instance, the target is informed that their bank account is at a risk of identity theft. To fix the issue, the user must verify their account by providing their banking details. The email might also claim that unverified accounts will be discontinued.

Here is an example of a phishing email that looks like it has come from Lloyds Bank:
                                               [Source: http://www.banksafeonline.org.uk]

Phishing by Call

Phishing is no more dependent on emails. Fraudsters have started using the telephone as their new pawn. In a phishing call scam, the victim will receive a phone call from a person posing as an employee of a bank, a software firm, or any other known organization. If it is from a bank, then the issue will be usually related to the security of the victim’s bank account. The caller instructs the victim to call another number, which in most cases, will be an automated attendant. The attendant will ask the caller for their bank account details like account number, pin number, password, etc. In some instances, a phishing email may instruct the victim to call a number, instead of urging them to visit a website or open an attachment. Phishing by phone is also called vishing.

This is how a phishing call might go:


“Is this Mr. Brown? This is a call for you from (a popular) Bank. We have received reports of illegal withdrawals from your bank account. In order to contain the situation, and safeguard your account, we need to confirm your account number, expiration date, four digits at the back…” and so on.

SMiShing

Cyber criminals leave no stone unturned when it comes to having their way. Recently, there has been a sharp surge of phishing attacks that involve Short Message Service (SMS). Targets will be sent SMSs where they will be asked to click a link to a spoofed website. The website might ask the target for their personal information, or infect their computer with a malware. In some SMSs, the target is asked to call a certain number (sometimes toll free) and verify their personal information. Even here, phishers use scare tactics to trick the target. For instance, you might receive an SMS reading that your ATM card has been suspended or deactivated. To reactivate the service, you must call xxxxxxxxxxxx immediately.

Example:
Credit Union N.A. Please call us immediately at 1-888-xxx-xxxx regarding a recent restriction placed on your account. Thank you. [Source: www.t-mobile.com]

How to Avoid Phishing Attacks
Here are some simple measures you can take to prevent phishing attacks.

- Never entertain unsolicited emails, calls or SMSs.

- Your bank will never ask you for confidential information via emails, calls or texts. If you do receive any such communication, do not respond; even better, report the incident to your bank.

- Avoid accessing websites via links in email messages; especially those asking for personal information. It is always a safe bet to type the URL manually into the web browser.

- Do not fill any kind of form that comes along with an email.

- Provide your personal information only on secure websites. A secure website’s URL should always begin with “https” instead of “http”. Also important is the presence of a lock symbol on the website (see figure A). Clicking the lock icon should display the digital certificate that verifies the authenticity of the website.
Fig A.

- Look for spelling mistakes, grammatical errors or bad language in any email you receive; especially the ones you were not expecting. Emails from a genuine organization are proofread and edited before they are sent out to the customers.

- If you receive an email containing link(s), do not click it. Hover your mouse over the link and take a look at the left hand corner of the browser. It will display a link. Check if this link matches the one in the email. If it doesn’t, then suspect it as a phishing attack.

- If you receive any email from your bank that conveys a sense of urgency or threat, then call up your bank and verify the situation.

- Keep your system’s operating system updated and patched

- Go for an antivirus program that is capable of blocking phishing emails and websites.

- Keep a regular check on your bank account. Even if there is anything amiss, you will have enough time to contain the situation.

- Keep your web browsers updated and patched.

There is no silver bullet for phishing attacks or cybercrime for that matter. But taking the right precautionary measures, seeking help from the right authorities, and using the right security solution, do place us at a safer spot.

3 Important Things You Should Know About Heartbleed

Password leaks and targeted attacks are nothing new and the latest security bug related to a massive loss of passwords across the world is ‘Heartbleed’. This bug has received a lot of media coverage over the last few days, so there is a lot of confusion about what it is and what one needs to do to fix the issue.
This blog post aims to help you better understand what Heartbleed really is and what you need to do in order to secure your presence online. Heartbleed has affected about 17% (close to 500,000) of the web servers across the world, so there is a high chance that you are affected by this too. With that in mind, here’s what you need to know now.

Fact # 1: What exactly is Heartbleed?


Heartbleed is a security bug that affects servers that use OpenSSL (Secure Sockets Layer) technology. When you log in to your email account, or make a financial transaction online, the server that hosts this activity is protected by the SSL technology, which is denoted by the symbol of the padlock near the address bar and the unmistakable presence of “HTTPS” as a prefix of the URL itself.
Heartbleed is a bug that afflicts this very protective measure and exposes information that SSL attempts to protect. What this means then, is that sensitive information like passwords, credit/debit card details and more are susceptible to this bug and can be stolen.

What this means is that there is nothing wrong with your PC or your antivirus software. This is an issue that needs to be dealt with by the people who run the websites that make use of SSL. Moreover, if you are surfing the Internet you will not be able to tell if a service you are using is affected by Hearbleed or not.

Fact # 2: Which websites and online services are affected?


While most of the sites that have been affected have taken corrective steps already, there are bound to be many more which are still working on it. If you use some of the following services then there is a high chance that your password and details may have been leaked.
Facebook
Gmail
Amazon
SoundCloud
Instagram
Yahoo Mail
Flickr
YouTube
Pinterest
Google
Minecraft
Wikipedia
Tumblr
GoDaddy
Netflix
Dropbox

As you can see, the list is huge. There are several more services that have been affected, so the potential damage here is substantial.

This online tool can also help you ascertain whether a particular URL is afflicted or not. If you carry out online banking transactions, then we highly recommend that you change your account passwords. Also, check this tool to see if your bank’s online portal is affected by Heartbleed or not.

Fact # 3: What do you need to do?


While there is nothing specific that you can do to combat Heartbleed, one major precaution you should take is change ALL your online passwords right away. This will ensure that if any of the services you use have been afflicted by Heartbleed, then at least your passwords will be safe. Apart from this, stay alert about any unusual activity on your accounts. If you feel something is out of the ordinary, take the necessary corrective steps as soon as possible. Moreover, spread the word about Heartbleed and inform your friends and family members as well.
WARNING: Be on the lookout for fake password reset emails

With such widespread activity occurring simultaneously with regards to password changes all over the world, this is bound to lead to several phishing emails about password resets. Be on the lookout for such emails and stay away from fake emails that ask you to change your passwords. Read here for some tips on how to recognize fake phishing emails.

Quick Heal will keep you updated about any further developments and news regarding Heartbleed, so keep checking back for more information.

Beware of the Poodle Bug!

There’s a new security bug in town. Technically, it is called CVE­-2014­-3566, and elsewhere, as the Poodle Bug. Three Google engineers have discovered this security vulnerability in SSL version 3. Let’s know how this vulnerability may affect you.

What is SSL?

SSL (Secure Sockets Layer) is an encryption service that keeps your Internet communications (such as your connection to your bank’s website, online shopping site, etc.) private and from getting into the wrong hands.

How POODLE bug affects SSL 3.0

SSL 3.0 is an 18-year old technology. Although stronger encryption technologies such as TLS (Transport Layer Security) are now in force, SSL 3.0 is still used in 1% of web traffic, and supported by 95% of web browsers.

Coming to POODLE, it stands for ‘Padding Oracle On Downgraded Legacy Encryption’. It is a security flaw that exists in SSL version 3. Under the right conditions, the POODLE bug can allow an attacker to access your session cookies. With this information at hand, an attacker can take control of your online accounts including your email, banking and social networking account.

Now all this may sound scary, but the POODLE bug is not as threatening as Heartbleed or Shellshock that took the Internet by storm. It is hard to exploit.

So, Why POODLE should not worry you much? Here’s why!

An attacker who intends to use the POODLE vulnerability, has to come in between you and the website you are visiting. And one of the most likely ways an attacker can do this is when you are accessing your online account on an unsecured public Wi-Fi network.

So, is disabling SSL 3.0 support a solution?


While disabling SSL 3.0 support will mitigate the risk, it might present compatibility problems with older web browsers and servers. So, for now, end users can take the following measures:

1. Avoid accessing online accounts on unsecured Wi-Fi; this even includes your instant messaging services like WhatsApp.

2. Ensure that your browser is configured to automatic updates.

The POODLE bug story is developing. We will keep you posted about this as we collect more information. Stay tuned to our blog, and stay safe!

Do You Follow these Simple Dos and Don’ts of Internet Safety?

From creating strong and unique passwords to avoiding phishing attacks, we have listed out some of the most essential dos and don’ts of Internet safety. Scroll down to see which ones you follow and which ones you don’t.

Dos and Don’ts of Internet Safety


#1. While giving away personal or financial information on any website, check if its URL begins with ‘https’. Also look for the lock icon, which indicates that the connection is secure.
#2. Never shop online, make financial transactions or login into accounts over free, unsecured WiFi networks.
#3. Create long, unique, and hard to guess passwords. Never keep the same password for different online accounts.
#4. Enable Secure Browsing for your Facebook account.
#5. Keep your computer’s Firewall ON
#6. Avoid making your personal information public on social media sites and Internet in general.
#7. Avoid checking ‘Keep me logged in’ or ‘Remember me’ options on websites, especially on public computers.
#8. Use your primary email address to stay in touch with people you know or are acquainted with.
#9. Never use your official email address for social media sites.
#10. For social media sites, use an email address that you do not use for important communications.
#11. Tighten your privacy settings on Facebook so that only your friends are notified about your activity.
#12. Never use any of your personal information such as name, date of birth, address, etc., as your password.
#13. While you are online in a public setting such as a coffee shop, mall, airport, etc., watch your back to make sure no one’s snooping on you.
#14. Never trust emails asking for your personal or banking information. Be extra cautions against links or attachments in unknown or unwanted emails. Verify any such communication with the sender first.
#15. Do away with old accounts that you do not use anymore.
#16. Do not make your photos or videos public on social media sites. Keep them visible to friends you know, and your family.
#17. Never respond to pop up ads that may come up on your screen. Close such pop ups from the the task manager; press Alt+Ctrl+Delete.
#18. Before downloading any free software, research on the software and the website hosting it.
#19. Avoid visiting inappropriate websites or websites that you are not fully aware of.
#20. Beware of files with multiple extensions.
#21. Always log out of online accounts when you are done. This is especially important when you are using a public computer.
#22. Do not click or share posts on Facebook that claim to show any unusual content such as shocking videos or magical illusions. Verify such news from other sources.
#23. Access your bank’s website by manually typing its URL in the address bar.
#24. Do not click any links in emails to access your bank’s website.
#25. Change your banking and other Internet account passwords at periodic intervals.
#26. Do not install software that comes as an attachment in emails.
#27. Always shop from reputed and know online stores.
#28. Update the Internet browsers and software on your computer.
#29. Use up-to-date security software that offers multilayered protection.
#30. Increase your awareness of cyber security and share the same with friends and family.
And that would be all for some of the important dos and don’ts that each one of us must follow to keep our online world safe, sound, and healthy.

Use the comment space below to leave us your choice for the following options:


a) You follow all of these dos and don’ts

b) You follow some of them

c) You follow none of them

d) You will start following them now

Get Our App

Subscribe

Please Enter Your Email Id

© 2013 Blogger World. All rights reserved.
Designed by Think Exchanger