Software

Chinese Hackers Hides Backdoor in SoKor Enterprise Software

Chinese Hackers Hides Backdoor in SoKor Enterprise Software

Kaspersky Lab researchers have discovered that hackers, suspected to be from China, have managed to install a backdoor in NetSarang’s software packages. Evidence gathered suggest that the hackers may have either patched legitimate apps to add the backdoor trojan, or breached the South Korean software maker’s servers and tampered with the source code to generate apps that have the backdoor. The following NetSarang apps have been backdoored, according to Kaspersky’s findings: Xmanager Enterprise 5 Build 1232 Xmanager 5 Build 1045 Xshell 5 Build 1322 Xftp 5 Build 1218 Xlpd 5 Build 1220   NetSarang has since cleaned its servers and […]

Hackers Use PowerPoint to Deliver Malware

Hackers Use PowerPoint to Deliver Malware

Earlier this week, researchers from Trend Micro discovered a PowerPoint vulnerability that can be exploited to deliver a malware payload which bypasses antivirus detection. Cyber attackers are now using the flaw in the Windows Object Linking and Embedding (OLE) interface to distribute malicious MS Office files. Hackers use a spear-phishing email to deliver the infected PowerPoint attachment. Once opened, the file exploits the CVE-2017-0199 vulnerability, using PowerPoint Show animations feature to download a file logo that executes a file named “RATMAN.EXE” which is a “trojanized” version of the Remcos remote access tool. Microsoft has released a patch for the said […]

Microsoft Resolves Vulnerabilities, Patches Critical Windows Search Issue

Microsoft Resolves Vulnerabilities, Patches Critical Windows Search Issue

Last Tuesday, Microsoft ran its August Patch update and fixed over two dozen vulnerabilities, with 25 critical patches out of 48. One resolved critical flaw involved an RCE bug that enabled hackers to hijack a server using Windows Search. The RCE vulnerability allows an attacker to take advantage of the Windows Search flaw by sending a customized message to infiltrate the service. While in a business setting, an attacker could successfully activate the flaw remotely, using SMB connection. Though the flaw uses SMB connections, they clarified that it is not a vulnerability in the SMB. According to Qualy’s product management […]

Google Runs Trials on Tool Similar to Snapchat’s Discover Tab

Google Runs Trials on Tool Similar to Snapchat’s Discover Tab

Reports last Saturday said that a new digital platform much like Snapchat’s Discover feature is being designed by Google specifically for media firms. The new platform called Stamp is undergoing initial tests with publishing groups, claimed a source who disclosed the information under anonymous terms, saying that it is like a better version of Google’s Accelerated Mobile Pages (AMP). A report on the Google Stamp project was first published by the Wall Street Journal last Friday. The tech giant is said to be meeting with different publishing groups, including Mic, CNN, Time Inc., Vox Media, and the Washington Post. Google […]

Politically Misaligned Chinese Chatbots Taken Offline for Adjustments

Politically Misaligned Chinese Chatbots Taken Offline for Adjustments

Shanghai — Wednesday tech news reported that Chinese technology firms have removed two chatbots with machine learning capability for not responding according to its script. The chatbots named XiaoBing and BabyQ were placed in the QQ messaging platform developed by Tencent company. A representative said they were outsourced from tech firm Turing Robot, and will undergo some adjustments. Similar to the Twitter and Facebook chatbot blunder where the AI’s used inappropriate words and developed its own language, China’s chatbots were taken offline for politically dissenting opinions. Chatbot BabyQ would respond “no” when asked if it loved the Communist Party. Other […]

Google Chrome Extension Hijacked to Deliver Malicious Ads to Users

Google Chrome Extension Hijacked to Deliver Malicious Ads to Users

Thursday reports reveal that attackers seized Chris Pederick’s developer account to serve malicious adware on a Google Chrome extension called the Web Developer. Pedrick, also Bleacher Report’s director of engineering, created the extension with debug apps and popup overlays to help developers build and edit their own web pages. However, he fell victim to a phishing email last August 2, enabling an unauthorized attacker to take over his Google developer account. The attacker embedded malicious code in the extension program to launch the v0.4.9 update to more than one million active users. The suspicious updates were on public for only […]

Mozilla Launches Three New Experimental Applications for User Review

Mozilla Launches Three New Experimental Applications for User Review

Developers at Mozilla have released three new exploratory features through its Test Pilot program, enabling users to check new applications through a specialized add on. Once a feature gets a good rating, it will be part of the Firefox core. The new applications are called Send, Voice Fill, and Notes. The platform also has other features like Pulse, Page Shot, SnoozeTabs, and Activity Stream. Send is a new file-sharing program that allows users to drag and share encrypted files. It gives a URL that can only be downloaded once before it is removed from the system. Voice Fill is the […]

Microsoft Windows 10 Android Feature That Connects PCs with Phones

Microsoft Windows 10 Android Feature That Connects PCs with Phones

News last Saturday revealed a new feature for Android developed by Microsoft in its latest Windows 10 Preview Build 16251 Insider PC that facilitates mobile connections and file sharing between desktop computers and smartphones. The integration makes use of added Android Settings where users connect their phones. It does this by sending a text message with a Microsoft Apps notification link to your device. Once the link is clicked, it will prompt the phone to expand its Android control sharing settings. Users may have the option to browse it right away or to continue accessing it some other time. However, […]

Free Anti-Virus Being Rolled Out By Kaspersky Lab

Free Anti-Virus Being Rolled Out By Kaspersky Lab

According to news last Wednesday, free anti-virus protection will be provided by Russian security company Kaspersky Lab to users worldwide. In a blog published by Eugene Kaspersky, the free version of the antivirus offers basic system protection, including automatic updates, self-defense, quarantine, email, and file, among several initial features. The software is said to ensure protected online browsing against phishing and malicious files that can be run on a user’s system. Kaspersky states that the free anti-virus will not go head-to-head with its paid version. Although it offers basic protection, they believe it covers enough security grounds for systems. The […]

Basic Graphics Editor Microsoft Paint To Be Canceled After 32 Years

Basic Graphics Editor Microsoft Paint To Be Canceled After 32 Years

Last Monday, Microsoft announced that the upcoming Windows 10 Autumn update is due to remove MS Paint, its first graphics editing program, after 32 years. The program is no longer in development and is said to be under the deprecated list for apps together with other defunct programs like Reading list, Reader app, and MS Outlook Express. Despite its availability, MS Paint was not really considered a highly developed program due to limitations in PCX formats and files being saved in bitmap. Until the Windows 98 release, it couldn’t save in jpeg. It was used for doodling or doing quick […]