Apps In Google Play Store Found With Haken Malware
The Haken malware obtains sensitive data from victims and secretly signs them up for expensive premium subscription services.
The eight apps that were found have since been removed. Users have collectively been downloaded 50,000 times. These apps were utilities and children’s games, including “Kids Coloring,” “Compass,” “qrcode,” “Fruits coloring book,” “soccer coloring book,” “fruit jump tower,” “ball number shooter” and “Inongdan.” The apps legitimately function as advertised, but in the background covertly perform an array of malicious functions.
“Haken has shown clicking capabilities while staying under the radar of Google Play,” said researchers from Check Point Research. “Even with a relatively low download count of 50,000+, this campaign has shown the ability that malicious actors have to generate revenue from fraudulent advertising campaigns.”
Google Play store has been battered with new variants of malware try and stay clear of random free apps that are unknown.
… Read the rest
Kaseya Script To Run Patch My PC
Kaseya does an okay job to deploy software patches but we we decided it was best to create a Kaseya Script To Run Patch My PC.
This simple script grabs the latest Patch My PC from the developers website and places it into the kworking folder on the users workstation or server. The software has a string parameter to run as the System User to scan the entire system for installed apps and afterwards it will install the latest software Patch silently.
To automatically deploy this script on a scheduled basis, within Kaseya we used Policy Management and configured a new Scheduled policy to run this Patch my PC script every week.
Below you can see the Kaseya Script to run the Patch My PC. I also provided the download link for it.
<?xml version="1.0" encoding="utf-8"?> <ScriptExport xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.kaseya.com/vsa/2008/12/Scripting"> <Procedure name="Patch My PC" treePres="3" id="136611930" folderId="980255113206922" treeFullPath="myProcedures - [email protected]
Google Chrome Patch Gap down to 15 Days from 33 Days
Google has done a great job bringing the patch gap down to 15 days from 33 days. They also want to bring this number down further to once a week. Their goal is to quickly roll out patches for vulnerabilities.
In 2019, security researchers from Exodus Intelligence have noted that on two occasions Google Chrome’s large patch gap can be exploited by attackers.
First in April, and then in September, Exodus researchers developed a proof-of-concept exploit code for security bugs fixed in the V8 JavaScript engine that had yet to make their way downstream into the Chrome code base.
GOOGLE Chrome is doing something about it.
Google Chrome users have some good news and the Exodus team’s research on the topic and subsequent warnings did not go noticed by Google Chrome Security team.
In Google Chrome’s recently published quarterly security summary for Q4 2019, the Google engineers said … Read the rest
How to install VMware tools on CentOS 7
VMware Tools is one of important components for virtual machine (VM) in order get excellent performance. It is a group of utilities that help to enhances the overall performance of the virtual machine’s guest operating system (OS) and improves management of the VM. Below steps shows how to install the VMware Tools on CentOS 7
How to Install VMware Tools ?
open-vm-tools is an open source implementation of VMware Tools from third parties and contains utilities that enhances virtualization management, administration and functions of the virtual machine in VMware environments.
root# yum install open-vm-tools
Without the VMware Tools, guest OS performance will lacks some of the important functionality.
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How to Remove Radmin Viewer with PowerShell
- How to Automate Ubuntu Server System Updates and Package Installation
- Introducing Zevonix: Your Pathway to Smarter
Your Not HIPAA Compliant Using Windows Server 2008
If your using Windows Server 2008 or older on your network it makes you none HIPAA Compliant and should be ashamed for putting your clients and patient information at risk.
What Windows Server 2008 “END OF LIFE” and HIPAA mean for you?
What you need to worry about is that Windows Server 2008 will no longer receive windows security updates for vulnerabilities and this in itself is a breach in HIPAA compliance. This also means that Microsoft will no longer offer technical support for any issues, software updates, and security updates or fixes.
One of the main reasons why Your Not HIPAA Compliant Using Windows Server 2008 is because of the lack of security updates and fixes. This puts all information stored on Windows Server 2008, including confidential client information, will be at risk. Hackers and external security threats will know about this stop date, and as such will … Read the rest
Your Not HIPAA Compliant Using Windows 7
If your using Windows 7 or older on your network you are not HIPAA Compliant and should be ashamed for putting your clients and patient information at risk.
What WINDOWS 7 “END OF LIFE” and HIPAA mean for you?
What you need to worry about is that Windows 7 will no longer receive windows security updates for vulnerabilities and this in itself is a breach in HIPAA compliance. This also means that Microsoft will no longer offer technical support for any issues, software updates, and security updates or fixes.
One of the main reasons why Your Not HIPAA Compliant Using Windows 7 is because of the lack of security updates and fixes. This puts all information stored on Windows 7, including confidential client information, will be at risk. Hackers and external security threats will know about this stop date, and as such will find it easier to push through … Read the rest
Mozilla patches zero-day flaw in Firefox
Mozilla the makers of Firefox has issued a zero-day security update for Firefox and Firefox Extended Support Release, which were found to contain an actively exploited flaw in the IonMonkey JIT compiler.
What is known
“Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion,” they stated in the official advisory posted by Mozilla, citing the two elements as StoreElementHole and FallibleStoreElmenet. “We are aware of targeted attacks in the wild abusing this flaw.”
Announced January 8, 2020
Impact: critical
Products: Firefox, Firefox ESRFixed in
- Firefox 72.0.1
- Firefox ESR 68.4.1
Designated CVE-2019-17026, the zero-day bug was reported by researchers at Qihoo 360 ATA. The problem has been fixed with the latest release of Firefox 72.0.1 and Firefox ESR 68.4.1
No other details have been provided by firefox. Click here to Download Latest Firefox Software to patch the zero-day flaw.
… Read the rest
Zynga.com maker of Words with Friends data is on the Dark Web
Zynga.com, maker of Words with Friends suffered a data breach in December that included 228m records and that data has recently surfaced on the Dark Web.
In the past you may have signed up for Words with Friends and other zynga.com created games and provided the information to a service that is in some way associated with zynga.com. It may be difficult for you to remember, or you simply may not know other services are associated with zynga.com. What is important to know is that information belonging to all these users are now being shared improperly on the dark web.
Even though you may have stopped using zynga.com (games Words with Friends and Draw Something), or perhaps deactivated the account, or maybe unsubscribed, the information could still be available in their systems.
Exposed Information
- Username
- Password
- Facebook Username/ID
What can you do next?
Being proactive with best practices and … Read the rest
Android Phones Vulnerable Due To Pulse Secure VPN
Hackers are exploiting existing vulnerabilities in Pulse Secure VPN and Android Phones. The flaw tracked as CVE-2019-1150, has been rated ‘Highly’ critical. This arbitrary read file vulnerability affects multiple versions of Pulse Connect Secure and Pulse Policy Secure. This flaw allows remote attackers to connect via HTTPS to an enterprise network without the requirement of any valid username or password.
Attackers can use the flaw to view logs and files, turn-off multifactor authentication, download arbitrary files and execute malicious code on enterprise networks.
Good News is Pulse Secure has released a security update to address the issue and users are urged to apply the patches immediately to mitigate such attacks.
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How to Remove Radmin Viewer with PowerShell
- How to Automate Ubuntu Server System Updates and Package Installation
- Introducing Zevonix: Your Pathway
Your NETFLIX Membership Has Expired Phishing Email
Did you know that your Netflix Membership has expired on Dec 31st 2019? Hackers are using these types of Phishing emails to try and gain access to your account to obtain private information and maybe watch some NETFLIX on your dime.
Some common tip-offs that an email is phony are typos, grammatical mistakes, awkward language, missing words, extra spaces, and other signs that the email was written unprofessionally. Such emails might also ask you to look at an attachment or click a link and then give your personal information on a Web page or in a form. Or the sender’s email address might look suspicious. If you hover over the links you can even see that it would not direct you to legit URL. Here Are A Few Email TIPS
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How
Loading ...