Wednesday, 19 July 2017

The largest Dark Web marketplaces "AlphaBay Market" is down.


One of the largest Dark Web black markets is down. We have analyzed many times the popular black market where it was possible to buy any kind of illegal goods, including drugs, malicious code and fake documents.

AlphaBay is considered the largest marketplace on the dark web, competing against the likes of Abraxas, Dream, and Hansa. Operators at the marketplace have continued improving the site by adding new features, including Monero.

On the Internet is circulating the news that administrators of the black market have pulled a classic exit scam to steal users’ Bitcoin.

As per confirmation with "securityaffairs" ,Analyzing the total withdrawal it is possible to verify that admins have transferred 1,479.03904709 Bitcoin (roughly $3.8 Million), which led to suspicion from some users that the site’s admins may have pulled an exit scam to steal user funds. Of course, at the time I was writing this is only a hypothesis, The AlphaBay Market already went down in the past, last year the black market was not accessible for about four days. Also, the blockchain transactions of about $3.8 Million are not enough for AlphaBay moderators to go offline.

The AphaBay marketplace made the headlines early last year when unknowns hacked the website and stole over 200,000 private unencrypted messages from several users.

In March 2015, the largest dark web market at the time, ‘Evolution,’ suddenly disappeared overnight in similar circumstances, operators stole millions of dollars worth of Bitcoins from its customers.




Thursday, 13 July 2017

Dell Launched Endpoint Security Technologies



Dell has announced new security technologies that provide threat detection and prevention for traditional endpoints as well as cloud client computing.

Dell Data Protection Endpoint Security Suite Enterprise provides businesses with endpoint security that integrates authentication, encryption and advanced threat protection into one single management plane, according to Hansen.

According to Dell's research, it's been a rough year for companies. A whopping 87 percent of organizations have suffered a security breach of some sort in the past 12 months. More than 75 million records have been pilfered from business networks as a result of an estimated 568 breaches. Seventy percent of security breaches can be traced to human causes.

Recovering from a data breach can also prove very costly. A single lost laptop can end up costing a business $49,000, a figure that includes the cost of dealing with breaches. Just one lost or stolen record can end up costing a business $201, up from $188 in just one year

Three versions of Dell Endpoint Security Suite Enterprise are currently available: one for systems with an Internet connection, one for devices that connect to an on-premises server for updates, and one for systems that are completely isolated.

If you want to more information about "Dell end point security" so visit Dell official website.

Monday, 10 July 2017

Hackers Can Now Decrypt Satellite Phone Calls

A group of security researchers detailed a real-time inversion attack against the GMR-2 stream cipher used in satellite phone communication, claiming it is much more efficient than previously devised attacks.

The research focused on the GMR-2 algorithm that is commonly used by modern-day satellite phones, including Inmarsat, to encrypt voice calls in an attempt to prevent eavesdropping.

The attack method helped researchers effectively reduce the search space for the 64-bit encryption key, which in turn made it easier to hunt for the decryption key, resulting in the encrypted data to be cracked within a fraction of a second.

The technique contains three phases, namely table generation; dynamic table looks-up, filtration and combination; and verification. The attack can be used to “retrieve the complete 8-byte encryption-key from only 1 frame (15 bytes) of keystream on average.” It also significantly reduces the exhaustive search space, and requires only 6KB of extra storage space.

The security researchers reveal that, in 10,000 experiments, the newly devised technique was able to uniquely determine 97.2% of the encryption-keys by the 15 bytes of keystream. The remaining 2.8% of the keys needed an extra keystream byte to retrieve.
                                                        

Sunday, 9 July 2017

Facebook and WhatsApp HACK Via Spydealer



Dubbed SpyDealer as like "Marcher" ,The Trojan is capable of gathering the information from user phone(Android) such as phone number , message , contact details and even call history.

Malware researchers at Palo Alto Networks have spotted a new  Android Trojan, dubbed SpyDealer that can exfiltrate data from more than 40 applications, including WeChat, Facebook, WhatsApp, Skype, Line, Viber, QQ, Tango, Telegram, Sina Weibo, Tencent Weibo, Android Native Browser, Firefox Browser, Oupeng Brower, QQ Mail, NetEase Mail, Taobao, and Baidu Net Disk.
"The mobile malware only works Android versions from 2.2 up to 4.4 releases , that are the versions supported by the rooting tool."
Once installed, the malware doesn’t show an application icon, but registers “two broadcast receivers to listen for events related to the device booting up and network connection status.” At the first launch, the malware retrieves configuration information (from a local asset that can be remotely updated) such as the IP address of a remote command and control (C&C) server, the actions it can take on mobile networks, and the actions allowed under a Wi-Fi network.

If you see  Marcher is more power power full  Malware but it is target of the mobile banking APP .
Marcher" is malware targeting the Android platform. It is designed to steal mobile banking app credentials from customers of many different financial company.

Securify researchers explained about the malware: “Marcher is one of the few Android banking Trojans to use the AndroidProcesses library, which enables the application to obtain the name of the Android package that is currently running in the foreground.

Marcher has been around since late 2013, but it initially attempted to trick users into handing over their payment card details using Google Play phishing pages. In March 2014, the malware started targeting banks in Germany and, by the summer of 2016, there had already been more than 60 targeted organizations in the U.S., U.K., Australia, France, Poland, Turkey, Spain and other countries.
The malware has been disguised as various popular apps, including Netflix, WhatsApp and Super Mario Run.
 

Tuesday, 27 June 2017

Warning : Petya Ransomware Hits Banks, Telecom, Businesses & Power Companies.



NotPetya Ransomware just like WannaCry , Petya is a nasty piece of ransomware and works very differently from any other ransomware malware. Unlike other traditional ransomware, Petya does not encrypt files on a targeted system one by one.

Instead, Petya reboots victims computers and encrypts the hard drive's master file table (MFT) and renders the master boot record (MBR) inoperable, restricting access to the full system by seizing information about file names, sizes, and location on the physical disk.

The attack already hit Ukraine central bank and Russian oil giant Rosneft. Government computers, airports, and large communication companies in Ukraine appear to have been affected as well. US biopharmaceutical giant Merck also confirmed that its network has been compromised as part of the global attack.

"Kaspersky Lab's analysts are investigating the new wave of ransomware attacks targeting organizations across the world. Our preliminary findings suggest that it is not a variant of Petya ransomware as originally reported, but a new ransomware that has not been seen before," the company said in a research note Tuesday afternoon. "That's why we have named it NotPetya."

According to Recorded Future’s Liska, other payloads might also be used in the attack: “There are also reports that the payload includes a variant of Loki Bot in addition to the ransomware. Loki Bot is a banking trojan, it steals usernames and passwords as well as other personal data from the victim machine and sends it to a command and control host.  Which means this attack not only could make the victim's machine inoperable, it could steal valuable information that an attacker can take advantage of during the confusion.’”

Sunday, 25 June 2017

Microsoft Said that: Windows 10 has disabled third-party Anti-Virus



Windows 10 does disable some third-party security software, Microsoft’s application compatibility teams found that roughly 95 per cent of Windows 10 PCs had an antivirus application installed that was already compatible with Windows 10 Creators Update,” said Rob Lefferts, director of security in the Windows and Devices group

But what about the 5 percent that weren’t compatible in Microsoft’s eyes? Lefferts says:"For the small number of applications that still needed updating, we built a feature just for AV apps that would prompt the customer to install a new version of their AV app right after the update completed. To do this, we first temporarily disabled some parts of the AV software when the update began. We did this work in partnership with the AV partner to specify which versions of their software are compatible and where to direct customers after updating".

Kaspersky is worried that Microsoft is trying the same trick, but – based on Lefferts' post – Redmond is ready to fight such claims "it has designed its own security software to only kick in when "an AV subscription expires, and the AV application decides to stop providing protection to the customer."

Thursday, 22 June 2017

OpenVPN Patches Remotely Exploitable Vulnerabilities





OpenVPN this week patched several vulnerabilities impacting various branches, including flaws that could be exploited remotely.

Four of the bugs were found by researcher Guido Vranken through fuzzing, after recent audits found a single severe bug in OpenVPN. While analyzing OpenVPN 2.4.2, the researcher found and reported four security issues that were addressed in the OpenVPN 2.4.3 and OpenVPN 2.3.17 releases this week.read more