Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - jasonX

Pages: [1] 2
General Software / VLC Media Player
« on: July 02, 2016, 10:15:03 pm »
VLC Media Player 2.2.4

VLC Media Player is a highly portable multimedia player for various audio and video formats (MPEG-1, MPEG-2, MPEG-4, DivX, mp3, ogg, ...) as well as DVDs, VCDs, and various streaming protocols. It can also be used as a server to stream in unicast or multicast in IPv4 or IPv6 on a high-bandwidth network.

VLC plays absolutely anything. It supports an enormous number of multimedia formats, and does not require you to download additional codecs. VLC features a complete streaming server, with extended features like video on demand, on-the-fly transcoding, granular speed controls, frame-by-frame advancement and more. It can also be used as a server for unicast or multicast streams in IPv4 or IPv6 on a high-bandwidth network.

Release Changes:


Fix crash in G.711 wav files
Fix mp3 crash in libmad
Fix out-of-bound write in adpcm QT IMA codec (CVE-2016-5108)


Fix resizing issues


Fix overlay creation on Windows XP for DirectDraw video output


Build fixes for Hurd


Update of Bulgarian, Catalan, German, French, Italian, Marathi, Norwegian Bokmål, Norwegian Nynorsk, Portuguese, Slovak, Spanish (Mexico), Swedish, Simplified Chinese, and Traditional Chinese translations

x32 Installer HERE

x32 Portable HERE

x64 Installer HERE

x64 Portable HERE

Home Page HERE

Warning! 32 Million Twitter Passwords May Have Been Hacked and Leaked

Our world today is FULL of data breaches soon it will be just a matter of time till anything can be breached IF we will not rethink our ways and try to find ways to be always more secure. Being secure and safe nowadays is a must and must be checked always also.

Swati Khandelwal of shares the details below as well as related story from

The world came to know about massive data breaches in some of the most popular social media websites including LinkedIn, MySpace, Tumblr, Fling, and when an unknown Russian hacker published the data dumps for sale on the underground black marketplace.
However, these are only data breaches that have been publicly disclosed by the hacker. I wonder how much more stolen data sets this Russian, or other hackers are holding that have yet to be released. The answer is still unknown, but the same hacker is now claiming another major data breach, this time, in Twitter.

Login credentials of more than 32 Million Twitter users are now being sold on the dark web marketplace for 10 Bitcoins (over $5,800).
LeakedSource, a search engine site that indexes leaked login credentials from data breaches, noted in a blog post that it received a copy of the Twitter database from Tessa88, the same alias used by the hacker who provided it hacked data from Russian social network last week.

The database includes usernames, email addresses, sometimes second email addresses, and plain-text passwords for more than 32 Million Twitter accounts. Twitter strongly denied the claims by saying that "these usernames and credentials were not obtained by a Twitter data breach" – their "systems have not been breached," but LeakedSource believed that the data leak was the result of malware.

"Tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter," LeakedSource wrote in its blog post.

But, do you remember how Facebook CEO Mark Zuckerberg Twitter account was compromised?

The hackers obtained Zuck's account credentials from the recent LinkedIn data breach, then broke his SHA1-hashed password string, tried on his several social media accounts and successfully hacked Zuckerberg’s Twitter and Pinterest account.

So, one possibility could also be that the alleged Twitter database dump of over 32 Million users is made up of already available records from the previous LinkedIn, MySpace and Tumblr data breaches.

The hacker might just have published already leaked data from other sites and services as a new hack against Twitter that actually never happened.
Whatever the reason is, the fact remain that hackers may have had their hands on your personal data, including your online credentials.
So, it’s high time you changed your passwords for all social media sites as well as other online sites if you are using the same password.

Source HERE

Related story:

Russian hackers sell 33 million Twitter passwords online

Usernames and passwords of almost 33 million Twitter users have been obtained by a Russian hacker and put up for sale online.

The leak, which covers a tenth of Twitter’s users, comes after several high-profile Twitter accounts including Facebook’s Mark Zuckerberg and singer Katy Perry were broken into.

Twitter denied that its own security had been breached, but said it was checking to see if accounts had been compromised by other huge password leaks.

The data for sale online may have come from hackers checking Twitter usernames against email and password combinations from security breaches at Myspace and LinkedIn.

Millions of passwords from both social networks have been put up for sale on the dark web in recent weeks that were obtained in hacks that date back to 2011. Since many people re-use passwords across the web, a trial and error approach on other social networks could result in many successful attacks.

It is believed that trying LinkedIn and Myspace passwords on Twitter accounts is how several celebrity Twitter accounts have been hacked into over the last week.

A hacking group called OurMine accessed Zuckerberg's account this week, revealing that his password had been "dadada". Rock group Tenacious D's account was breached resulting in a Jack Black death hoax, and others including Lana Del Rey and Keith Richards were affected.

A spokesman for Twitter said it is "confident" that it hasn't been hacked.

"We are confident that these usernames and credentials were not obtained by a Twitter data breach – our systems have not been breached," the company said. "In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks."

Security blog LeakedSource said the data contained 32.9m records. The hacker is reportedly selling the data for 10 bitcoins (£4,000).

Richard Parris, head of cybersecurity company Intercede, said the incidents show that passwords are "no longer fit" for purpose.

"Passwords and usernames need to be consigned to the dusty archives of yesteryear," said Parris. "Online platforms hold masses of sensitive personal data about millions of consumers, and should not be relying on outdated password authentication."

Source HERE

General Software / WPS Office Free
« on: June 10, 2016, 01:34:16 pm »
WPS Office Free 2016

What's new in version

- Now available without watermarks
- Added built-in PDF reader. WPS Office not only can convert documents to PDF files, but also can open PDF files directly.
- Added PPTX format. Users can create, edit and save all the DOCX/XLSX/PPTX formats.
- Added new, graceful and clear 2016 interface.
- Added rich 2D and 3D text and object effects, providing users with more choice when editing a document.
- Added compatibility for MSO SmartArt.
- Removed the watermark: Now unlock premium features for free!

Download HERE

Home Page

General Software / Opera Browser
« on: May 31, 2016, 10:33:28 pm »

Opera browser for Windows PC
Do more on the web
Opera, a free browser for Windows 10 and earlier versions, brings you more speed and safety on the web.
Enjoy an ad-free web
Tired of online ads? Opera is the first major browser that can block ads for you without add-ons. According to tests, our built-in ad blocker makes content-rich webpages load in Opera up to 90% faster.
Multitask on the web easily
Our visual bookmarks, tab cycling and customizable shortcuts, keep you on track and save you time. Can't get enough online video? Don’t miss our new video pop out feature - a floating, moveable video frame that lets you keep browsing or work in other apps without missing any of the action.

More Info

Utilities / Glary Utilities
« on: May 31, 2016, 10:23:15 pm »
Glary Utilities

Changes in Glary Utilities

- Optimized 1-Click Maintenance to avoid the program crash caused by multi-threaded access violation
- Optimized Software Update: optimized algorithm of obtaining the version number, fixed the bug that cannot obtain - version accurately
- Optimized Disk Cleaner: added delete function to scan history
- Optimized Disk Cleaner: added filtration of relevant files for abbyy screenshot reader to user temporary directory
- Optimized Disk Cleaner: added 'RegEditX' and 'PDF Architect'
- Optimized Tracks Eraser: added 'NoteXpad' and 'AkelPad'
- Minor GUI improvements
- Minor bug fixes

Download HERE

Home Page HERE

Philippines Bank hit by SWIFT Hacking Group allegedly linked to North Korea

And then again a 4th bank was hit by hackers in what CNN is stating as "Global banking system under attack".'s Swati Khandelwal reports belwo about the details. Read also below for related news story and their links!

SWIFT Bank Hackers have attacked another bank in the Philippines using the same modus operandi as that in the $81 Million Bangladesh Bank heist.

Security researchers at Symantec have found evidence that malware used by the hacking group shares code similarities with the malware families used in targeted attacks against South Korean and US government, finance, and media organizations in 2009.

“At first, it was unclear what the motivation behind these attacks were, however, code sharing between Trojan.Banswift (used in the Bangladesh attack used to manipulate SWIFT transactions) and early variants of Backdoor.Contopee provided a connection,” Symantec blog post says.
In past few months, some unknown hackers have been targeting banks across the world by gaining access to SWIFT, the worldwide inter-bank communication network that is being used to transfer Billions of dollars every day.

Two weeks ago, Investigators from British defense contractor BAE Systems discovered that malware used in the Bangladesh $81 million cyber heist was almost identical to one used to infiltrate banks in Ecuador and Vietnam.

Investigators are examining possible breaches at as many as 12 banks linked to Swift’s global payments network.


FOURTH bank hit by SWIFT hackers : Has Sony Pics' Lazarus crew come back from the dead?'s John Leyden's reports on the details below.

A fourth bank, this time in the Philippines, has been attacked by hackers targeting the SWIFT inter-bank transfer system.

Security researchers at Symantec reckon the same group blamed for the infamous $81m Bangladesh central bank mega-heist back in February also mounted an earlier assault in the Philippines last year, itself part of a growing litany of assaults.

The same hacker group was also blamed for the theft of $12m from an Ecuadoran bank, Banco del Austro SA. Related strains of malware featured in attacks against these various banks, suggesting that the same group is behind multiple assaults, as Symantec explains.

Symantec has identified three pieces of malware which were being used in limited targeted attacks against the financial industry in South-East Asia: Backdoor.Fimlis, Backdoor.Fimlis.B, and Backdoor.Contopee. At first, it was unclear what the motivation behind these attacks were, however code sharing between Trojan.Banswift (used in the Bangladesh attack used to manipulate SWIFT transactions) and early variants of Backdoor.Contopee provided a connection.

Wiping code used to cover up the banking assaults matches that which featured in the Sony Pictures attacks, Symnatec’s researchers discovered. This commonality of tactics, techniques and procedures has allowed the security firm to point the finger of blame for the SWIFT bank hacks towards the same hackers who ransacked Sony Pictures network two years ago.

Symantec believes distinctive code shared between families and the fact that Backdoor.Contopee was being used in limited targeted attacks against financial institutions in the region, means these tools can be attributed to the same group. Backdoor.Contopee has been previously used by attackers associated with a broad threat group known as Lazarus. Lazarus has been linked to a string of aggressive attacks since 2009, largely focused on targets in the US and South Korea. The group was linked to Backdoor.Destover, a highly destructive Trojan that was the subject of an FBI warning after it was used in an attack against Sony Pictures Entertainment. The FBI concluded that the North Korean government was responsible for this attack.


SWIFT hackers nicknamed 'Lazarus' hit a fourth bank in Philippines by Jose Pagliery, CNN Money

North Korea-linked 'Lazarus' hackers hit a fourth bank in Philippines

Jose Pagliery and Charles Riley  of CNN states the details below.

Hackers targeting the international financial system have claimed a fourth victim: a bank in the Philippines.
It's now clear the global banking system has been under sustained attack from a sophisticated group -- dubbed "Lazarus" -- that has been linked to North Korea, according to a report from cybersecurity firm Symantec.

In at least four cases, computer hackers have been able to gain a dangerous level of access to SWIFT, the worldwide interbank communication network that settles transactions.

In early February, hackers broke into Bangladesh's central bank and stole $101 million. Their methods appear to have been deployed in similar heists last year targeting commercial banks in Ecuador and Vietnam.
Symantec revealed evidence on Thursday that suggests hackers used the same technique to slip into a bank in the Philippines in October. Symantec (SYMC) did not name the bank.


Philippines Bank Hacked by SWIFT Hackers nicknamed as ‘Lazarus’


Utilities / Seagate DiscWizard 18.0.0 Build 6030
« on: May 26, 2016, 10:35:47 pm »
Seagate DiscWizard 18.0.0 Build 6030

A second look at Seagate DiscWizard

Seagate DiscWizard has been around a long time and has been proven to be a great free backup disc imaging/cloning software suite that will ensure the security of all of the information/data in your computer. It will backup the OS including all the applications, settings and data. It will also allow you to securely  destroy sensitive/confidential information that you may no longer need. As the name implies it is tailored for use with Seagate (and Maxtor) drives installed on your computer, otherwise you won’t be able to perform any backup or cloning actions. The new Seagate DiscWizard can now help you when you want to migrate from your existing hard drive to an SSD drive. The new version comes with the Intel Data Migration Software which are meant for everybody who wants to upgrade to an Intel SSD drive.

Backing up

Backing up is pretty straight forward. DiscWizard will back up the entire disk drive or selected partitions.  It can perform full, incremental and differential version backups.

A full backup version forms a base for further incremental or differential backups. A full backup method/version  can also be used as a standalone full backup which is best if you "often" roll back the system to its initial state or if you do not like to  often oversee a number of backup versions.

An incremental backup method/version contains only those files which have been changed since the last backup you did. This is best when you need frequent backup versions and rolling back to a specific time. A downside about incremental backups is during recovery it needs to read all the backups from the full version backup to the incremental versions. If you lose an incremental backup, say, due to corruption, all the other incremental backups are unusable. Thus incremental recovery is compromised.

A differential backup method/version contains only those files which have been changed since the last "full" backup. Downside is that the size of the backup in comparison to "incremental" is bigger. But the plus is that it is more dependable than "incremental" as in recovery it needs only the last "full" backup version along with the last differential version. Thus recovery from a differential version is simpler and much more reliable than recovery from an incremental version.

To backup, glance onto the sidebar and click "Backup". At the bottom of the backup list you will see a (+) sign which says, "Add Backup" then enter a name for your backup. Select the Backup Source icon and then click "Disk and partitions". Place a check on the box next to the partitions and disks that you want to back up, and then click OK. That's it.

You can schedule automatic backups ahead of time. Your data will be backed up as long as there is sufficient storage space. Backups are set on a weekly schedule by default. You can change it in the "Options" menu to "Do not schedule". For weekly scheduling you can set it via selecting the days on which the backup operation is to be performed or via selecting a specific time, entering the hours and minutes, or set the specified time using the up and down buttons.

Backup Schemes is alongside the scheduling helps you to set-up the best backup strategy to suit your needs. Additionally it helps you optimize your storage space, improve storage reliability and automatically delete obsolete backup versions. DiscWizard allows you to set a "Single version" scheme or a "Custom scheme".

Single version scheme s tailored for your use of the smallest backup storage available. If you choose this scheme, DiscWizard will create a full version backup and will overwrite it when it you run a backup manually or according to a schedule you set. The result is that you will have a "single-up-to-date-full version backup" with minimal storage space. Custom scheme allows you to create your own backup scheme on your preferences. There are pre-defined backup schemes where you can select what you prefer and then save it as a new one. In addition, you can create custom schemes from scratch based on full, differential or incremental backup versions. Cleaning up of obsolete backup version can be set automatically where you have the option to set automatic deletion based on a specified period(time), per number of backup versions you specify or a maximum size limit for a backup version.

Notifications can also be set to inform you if you do not have sufficient space left based on the threshold value set for your backups.  If DiscWizard determines that the free space is less than the threshold value specified it will not begin the backup process and will inform you by displaying an appropriate message.

Exclusions gives you the capability to exclude unnecessary files via specifying the files types, mask or file path to exclude.

Advanced tab carries among other things how you set image creation(sector-by-sector), encrypt/password protect backups, backup splitting, backup validation, 
backup comments..etc. Backup validation should always be considered. It is always a sound decision to validate a backup once it is created so that you will know that your backup is not corrupted. You can also run validation either automatically/manually (and before recovery)to ensure it's validity. Backing up (without validation) and then letting it stay frosty until you need it might give some problems when you need to recover the image. What happens when it ends in a validation error? You have nothing to recover!


Recovering disks or partitions is also easy and straight-forward. Select "Backup" in the sidebar and in the backup section select the backup which contains the disk or partitions you prefer to recover. Click "Recover disks". The Backup version list will show backup versions by it's backup date and time. Select the disks to recover(to recover separate partitions yo need to click Recover specific partitions then select the partitions to recover). Select recovery destination and click "Recover Now" to start the recovery process.

DiscWizard allows to you to recover files and folders both from file-level and disk-level backups. On the sidebar, click Backup. The backup list will show he backup which contains the files or folders that you want to recover. Click Recover files. Select backup version based on specific date and time. Select the files and folders that you want to recover, and then click Next.

Select a destination location where you want to recover selected files/folders. You can recover data to its original location or choose a new one. To choose a new location, you need to click the Browse button. In choosing a new location, the selected items will be recovered by default without
the original/absolute path. Click the Recover now to start the recovery process.   

You can also recover files and folders directly from Windows Explorer. To do that you have to double-click the corresponding ".tib file" (which is the backup version where the files/folders you want to recover are in) and then browse manually to the location of the file or folder that you want to
recover. Copy the file or folder to a hard disk.

Bootable rescue media

You can create bootable media using the Bootable Rescue Media Builder. You will need a blank CD-R/RW, a blank DVD+R/RW or any other media from which your computer can boot, such as a USB flash drive. Seagate DiscWizard also provides the ability to create an ISO image of a bootable disc on the hard disk. You can also use this ISO image to incorporate it on a multi-boot USB (via YUMI, SARDU etc).

Plug in a USB flash drive, or insert a blank CD or DVD. Run DiscWizard and in the Tools and utilities section click Rescue Media Builder. Choose a media type that you want to create. Select a destination for the media(either CD/DVD, USB(formatted in FAT file system), ISO image or WIM image file. Click Proceed to start the creation.

Test the rescue media

It is also a sound decision to always test the rescue media. Say you created a DVD bootable rescue media, you must check and see if it will work. Test if your pc/laptop will boot from that rescue media and also check if the rescue media recognizes all your computer devices, such as hard drives, mouse, keyboard, network adapter and of course your selected backup destination!

First set your computer to enable booting from the rescue media(usually in the BIOS). Set your rescue media device as "first boot device. If you have a rescue CD, press any key to start booting from the CD, when you see the prompt "Press any key to boot from CD". After the boot menu appears, choose True Image.

When DiscWizard starts, check if it detects all your devices. It is recommend to try recovering some files from a backup you have made. Make a test
recovery to ensure that your bootable media disc can be used for recovery. Try to make a backup as well.

Disk cloning and migration

Note: DiscWizard recommends to always perform disk cloning from the DiscWizard Boot CD

Oftentimes you will run out of space and will need to migrate to a bigger size disk. You can use the clone disk feature of DiscWizard. When cloning a disk it is recommended to perform it via the Seagate DiscWizard Boot CD clone disk utility. On the sidebar you need to go to Tools and Utilities>Utilities, and then click Clone disk. In most cases(recommended) the automatic clone mode is preferred. It is also best to sue automatic so that the source drive partitions be automatically and proportionally resized to fit the new drive. Choose the old drive as the Source Disk. Select the new drive as the Destination Disk. After you have checked all the settings click Proceed to start the clone operation.

Migrate to SSD

DiscWizard can help you migrate your old HDD to a new SSD. There are pre-requisites/safeguards to do this. One is to do the migration using the DiscWizard Boot Disc and the second is to backup the system drive(in disk backup mode) to a hard drive other than the system hard disk and the new SSD. Validate the backup. After backing up the system drive, turn-off the computer and remove the system hard disk. Mount the SSD onto the slot where the system hard disk was. Boot to the DiscWizard Boot Disc and select Recover. In the Recovery method select "Recover whole disks and partitions". In What to recover select the system hard disk. In the New location select the new SSD and then click Accept. Click Proceed to start the recovery process. After recovery, reboot and remove the DiscWizard Boot Disc and try to boot from the SSD. Check and make sure that Windows and all applications are working properly.

Seagate DriveCleanser

Seagate DriveCleanser allows you to securely destroy all data on selected hard disks and partitions permanently. We all know that we cannot destroy all the data from a drive that we want to throw away by merely just formatting because it still can be retrieved. If that happens those sensitive information can fall into the wrong hands and who knows where it can be used or for what purpose. For this purpose DiscWizard recommends:

- Replace your old hard drive with a new one and do not plan to use the old drive any more.
- Give your old hard drive to your relative or friend.
- Sell your old hard drive.

**DiscWizard cannot wipe partitions on dynamic and GPT disks.

Mount and Unmount Images

Mounting of backup images lets you have access to the contents of the disk backup image as though they are a physical drive. When you mount an image it will appear as a new disk in your system( virtual mounted disk). From there you can view the contents in Windows Explorer and other file managers.

To unmount an image you just need to right-click the disk icon in Windows Explorer and click Unmount. You can either restart or shutdown your computer afterwards.

Of course as with any free version there are limitations attached. File/Folder backup for one isn't offered. It will only offer you disk and partition backup. From that backup you can have access to whatever files you need. To wrap it up, Seagate DiscWizard remains to be a comprehensive software suite that can help you protect all your data and recover your data and all your saved applications and settings effortlessly. The tools included make it an integrated suite for free!

Seagate DiscWizard 18.0.0 Build 6030 --latest version

Bootable Media FAQ HERE

Download Seagate DiscWizard HERE

Download DiscWizard ver18 User Guide HERE

Data Migration

Seagate Extended Capacity Manager - Beyond 2TB

Some alternatives to Seagate DiscWizard. Freeware alternatives

1. Acronis True Image Western Digital Edition

2.  Macrium Reflect Free

Some Tutorials and info on imaging with Macrium Free HERE

3. Paragon Backup and Recovery Free

Paragon Hard Disk Manager 15 - Backup & Recovery Compact (English) - Free Registration Still Active

4. Aomei --AOMEI Backupper Standard

5. DriveXML

6. EaseUS Todo Backup Free 9.1

7. Clonezilla

8. Redo Backup and Recovery

9. Active@ Disk Image Free

Some related informations below:

5 System Rescue Boot Discs based on Windows PE

AOMEI PE Builder 1.5 FREE : complete WinPE-based bootable media

Paragon Rescue Kit 14 Free Edition

Lazesoft Recovery Suite Home Edition

Windows 8.1 x86 U1 PE


Application Whitelisting : Quickly Deploy the Most Secure Application Whitelisting

Application Whitelisting has been around and in use in the security world for quite a long time. For those who may not already be familiar with AWL, it is, the opposite approach to blacklisting. Everyone is definitely familiar with blacklisting which of course is checking evvery file if it appears to be malicious, and if so, it is blocked from executing period! Thus damage is prevented.

The opposite approach is AWL -- Application whitelisting. By default will deny the execution of any application that has not previously been explicitly approved as “known to not be malicious”. The “default deny” method can effectively offer more security than traditional method of blacklisting offered by traditional AV's the biggest of whihc is that it will prevent malicious code like “zero-day” attacks, which the antivirus blacklist databases does not recognize because of it's zero-day release.

Read on below for's take on Application Whilelisting alongside with other pertinent and useful information and links.

Application whitelisting adds a critical layer of defense against evolving threats such as zero-day attacks that endpoint anti-malware frequently fail to detect. But most of today’s whitelisting products are too difficult to deploy, time-consuming to manage, and reliant on a centralized database. Our application whitelisting is easy to deploy, transparent to existing operations, and the most secure application whitelisting for Retail POS systems and industrial control systems.

There is no silver bullet in information security, but if managed correctly application whitelisting solutions at the endpoint provide exceptional protection from zero day and targeted attacks.
- The Power of Whitelisting, Neil MacDonald, Gartner

Deploy Application Whitelisting in Minutes

Our agents install in minutes and begin protecting endpoint systems immediately. Our software doesn’t require you to determine in advance which applications and libraries are required by each user. Once installed the Digital Guardian’s application whitelisting agent automatically creates a unique whitelist that determines what executables are permitted to run on that device.

Block Unknown and Unauthorized Executables on Workstations, Servers, POS Devices, and Industrial Controls

Our agent prevents new unauthorized applications from being installed. Upon confirmation of the approved whitelist, execution of any unauthorized application will be blocked, whether malicious applications (such as viruses, Trojans, or Bots) or unwanted/unknown applications. It is proven in the most critical environments such as Retail POS and industrial control systems.

Automate Application Whitelisting Management

Through the designation of trusted agents, our software enables you to use your normal methods for patching, updating, and installing software without having to explicitly look at or manage a whitelist. This trusted agent feature allows organizations to efficiently keep all authorized applications on endpoints updated and patched without requiring any additional intervention by the end user or IT.

Prevent Unauthorized Changes to Applications & Executables

These agents block any attempts at unauthorized additions, deletions, or modifications and log both authorized changes and unauthorized attempts.

Source HERE

Tech Overview on Application Whitelisting HERE

DG_AppWhitelisting_Datasheet HERE

Ten Common Misconceptions about Application Whitelisting HERE

NIST Publicaion on Application Whitelisting HERE

Application Whitelisting Trifold HERE

Using SRP

Application Whitelisting: Panacea or Propaganda? from the SANS Institute HERE

Hacker finds flaws that could let anyone steal $25 Billion from a Bank

A security researcher could have stolen as much as $25 Billion from one of the India's biggest banks ‒ Thanks to the bank's vulnerable mobile application. Late last year, security researcher Sathya Prakash discovered a number of critical vulnerabilities in the mobile banking application of an undisclosed bank that allowed him to steal money from any or all bank customers with the help of just a few lines of code.

Being a white hat hacker, Prakash immediately reached out to the bank and alerted it about the critical issues in its mobile app and helped the bank fix them, instead of taking advantage of the security holes to steal money from the bank that has about 25 Billion USD in Deposits.
While analyzing the mobile banking app, Prakash discovered that the app lacks Certificate Pinning, allowing any man-in-the-middle attacker to downgrade SSL connection and capture requests in plain text using fraudulently issued certificates.

Besides this, Prakash also found that the mobile banking app had insecure login session architecture, allowing an attacker to perform critical actions on the behalf of targeted account holder without knowing the login password, like seeing victim's current account balance and deposits, as well as to add a new beneficiary and making illegal transfers.
"So invoking the fund transfer API call directly via CURL, bypassed the receiver/beneficiary account validation. I was able to transfer money to accounts that weren't on my beneficiary list," Prakash wrote in his blog post.
"It was a matter of 5 lines of code [exploit] to enumerate the bank's customer records (Current Account Balance, and Deposits)."

If this wasn't enough, Prakash discovered that the app did not check to see if the given customer ID or Transaction Authorisation PIN (MTPIN) ‒ used for critical controls like transferring funds, creating a new fixed deposit ‒ actually belong to the sender's account.
This blunder in the mobile banking app could have allowed anyone with the app and an account in the bank to transfer money from someone else's account, reported by Motherboard.

Source HERE

Ecuador Bank Hacked — $12 Million Stolen in 3rd Attack on SWIFT System

And another bank heist!!! Now in Ecuador! Swati Khandelwal of reports. See story below.

Bangladesh is not the only bank that had become victim to the cyber heist. In fact, it appears to be just a part of the widespread cyber attack on global banking and financial sector by hackers who target the backbone of the world financial system, SWIFT.

Yes, the global banking messaging system that thousands of banks and companies around the world use to transfer Billions of dollars in transfers each day is under attack.

A third case involving SWIFT has emerged in which cyber criminals have stolen about $12 million from an Ecuadorian bank that contained numerous similarities of later attacks against Bangladesh’s central bank that lost $81 Million in the cyber heist.
The attack on Banco del Austro (BDA) in Ecuador occurred in January 2015 and, revealed via a lawsuit filed by BDA against Wells Fargo, a San Francisco-based bank on Jan. 28, Reuters reported.

The attack on Banco del Austro (BDA) in Ecuador occurred in January 2015 and, revealed via a lawsuit filed by BDA against Wells Fargo, a San Francisco-based bank on Jan. 28, Reuters reported.

Here’s how cyber criminals target banks:

Uses malware to circumvent local security systems of a bank.
Gains access to the SWIFT messaging network.
Sends fraudulent messages via SWIFT to initiate cash transfers from accounts at larger banks.

Over ten days, hackers used SWIFT credentials of a bank employee to modify transaction details for at least 12 transfers amounting to over $12 Million, which was transferred to accounts in Hong Kong, Dubai, New York and Los Angeles.
In the lawsuit, BDA holds Wells Fargo responsible for not spotting the fraudulent transactions and has demanded Wells Fargo to return the full amount that was stolen from the bank.

In the lawsuit, BDA holds Wells Fargo responsible for not spotting the fraudulent transactions and has demanded Wells Fargo to return the full amount that was stolen from the bank.

The lawsuit filed by BDA in a New York federal court described that the some of these attacks could have been prevented if banks would have shared more details about the attacks with the SWIFT organization.

Wells Fargo has also fired back and blamed BDA's information security policies and procedures for the heist and noted that it "properly processed the wire instructions received via authenticated SWIFT messages," according to court documents.
According to reports, the heist remained a secret for a long time and now disclosed when BDA decided to sue Wells Fargo that approved the fraudulent transfers.

SWIFT did not have any idea about the breach, as neither BDA nor Wells Fargo shared any detail about the attack.
"We were not aware," SWIFT said in a statement. "We need to be informed by customers of such frauds if they relate to our products and services so that we can inform and support the wider community. We have been in touch with the bank concerned to get more information, and are reminding customers of their obligations to share such information with us."
It turns out that the security of SWIFT itself was not breached in the attack, but cyber criminals used advanced malware to steal credentials of bank’s employees and cover their tracks.

Source HERE

A recently patched Flash Player exploit is being used in widespread attacks

Lucian Constantin of IDG News Service reports on the latest exploit vulnerability. Read on below.

An exploit for the previously zero-day CVE-2016-4117 vulnerability is now in the Magnitude exploit kit

The vulnerability, known as CVE-2016-4117, was discovered earlier this month by security researchers FireEye. It was exploited in targeted attacks through malicious Flash content embedded in Microsoft Office documents.

When the targeted exploit was discovered, the vulnerability was unpatched, which prompted a security alert from Adobe Systems and a patch two days later.

As it usually happens with zero-day exploits, it was only a matter of time until more cybercriminals got their hands on the CVE-2016-4117 exploit code and started using it in widespread attacks.

On Saturday, a malware researcher known as Kafeine spotted the exploit in Magnitude, one of the most popular exploit kits used by cybercriminals.

Exploit kits are Web-based attack tools that bundle multiple exploits for vulnerabilities in browser plug-ins like Flash Player, Java, Silverlight and Adobe Reader. They are used to silently install malware on users’ computers when they visit malicious or compromised websites.

Another way to direct users to exploit kits is through malicious ads posted on legitimate websites, a technique known as malvertising.

Source HERE

Nine Days Later, Flash Zero-Day CVE-2016-4117 Already Added to Exploit Kits

The following day, FireEye researcher Genwei Jiang, the man who discovered the Flash exploit used in the wild, revealed the technical details of CVE-2016-4117, the identifier assigned to this security bug.

Surprisingly, CVE-2016-4117 was not a Web-based exploit, but an attack delivered via Office files that contained a Flash object embedded in their content.

Crooks were using this exploit to infect users with malware when they opened the Office document and allowed the Flash object to run. CVE-2016-4117 was successful in infecting all users who had Flash Player version and earlier.

Source HERE

Security Software / Zemana AntiMalware Free
« on: May 26, 2016, 08:53:36 pm »
Zemana AntiMalware Free

Zemana AntiMalware Free is an on demand malware scanner designed to clean your PC from all the infections that have taken place on your PC. Its unique cloud capability scanning technology will remove all types of malware infections, viruses, trojans, worms, rootkits, bootkits, unwanted apps, browsers add ons, adware and even those annoying toolbars.

Version is the stable release of the previous BETA (

- Highly improved ransomware protection with the use of Pandora Cloud-Sandbox Technology
- Added script file scanning into real time protection
- Fixed a rare freeze issue on real time alerts
- Improved licensing module against formatted hard disks (only new users)
- Improved rootkit process termination

Known Issues:
- Support for safe boot mode

Installer HERE

Portable HERE

Home Page HERE

Utilities / Internet Download Manager Update Thread
« on: May 26, 2016, 08:41:33 pm »

Internet Download Manager (IDM) is a tool to increase download speeds by up to 5 times, resume and schedule downloads. Comprehensive error recovery and resume capability will restart broken or interrupted downloads due to lost connections, network problems, computer shutdowns, or unexpected power outages.

IDM integrates seamlessly into Internet Explorer, Chrome, Opera, Firefox, Avant Browser, and all other popular browsers to automatically handle your downloads. You can also drag and drop files, or use Internet Download Manager from command line. The program supports proxy servers, ftp and http protocols, firewalls, redirects, cookies, authorization, MP3 audio and MPEG video content processing.


Utilities / CintaNotes
« on: May 26, 2016, 08:36:26 pm »
CintaNotes 3.1.4

Cintanotes – a free, lightweight, user-friendly and portable note taking application that’s natively built for Windows. The best in it is that you can synchronize your notes between multiple devices using a cloud based service like Dropbox.

CintaNotes 3.1.4 Released!
Thursday, May 19th, 2016


- File attachments: add ability to save to disk multiple attachments at once
- Export, Print: add ability to select/deselect all fields with a single click
- Editor: add cintanotes.settings option to copy text without formats (“editor.copyplaintextonly”)


Notes list: RTL numbered lists were rendered incorrectly

- Simplenote sync: synchronization reset note selection
- Editor: possible std::out_of_range error upon saving
- Tag drag and drop: fixed some highlighting problems
- Tag drag and drop: tag sidebar didn’t always handle mouse leaving
- Hot keys: it was possible to set “Ctrl + Alt” as a shortcut
- Import from a password-protected older format notebook required entering password twice
- Fixed some large DPI sizing problems
- Deleting section didn’t delete autodeletable tags
- Replacing tags was extremely slow on large number of tags and notes
- Fixed PasswordEnterCancelledException after canceling adding note
- Fixed PasswordEnterCancelledException when entering tags in note editor
- Fixed “Failed to activate an already running application instance” when running second instance of CN
- Fixed possible InvalidArgumentException upon search start

Download CintaNotes 3.1.3 (5.38 MB) HERE

Download CintaNotes 3.1.3 Portable Version (4.91 MB) HERE

Compare Versions

CintaNotes Main Site

Security Software / AVG AntiVirus Free..
« on: May 26, 2016, 08:34:08 pm »
Fully loaded and refreshingly simple
Our free antivirus just got even better. It now includes real-time security updates, scans for both malware and performance issues, and even catches malicious downloads before they reach your PC. It’s also got an all-new, refreshingly simple design that shows you exactly how you’re protected. All of this, and it still won’t slow you down!

Free antivirus is great. But it gets even better.
Whether you choose free or full protection, you've got impressive security that even updates itself automatically. And with a cutting-edge virus scanner that blocks and removes viruses, you can be reassured that you and your family are protected from the latest threats.

• Stop viruses, spyware, & other malware
• Block unsafe links, downloads, & email attachments
• Scan for PC performance problems
• Get real time-security updates

Product Info: AVG

Pages: [1] 2