Windows XP is a security nightmare, yet still used by hundreds of millions

Image result for windows xp end of support

Windows XP is old, insecure, and yet somehow still one of the most popular operating systems in the world. Over 100 million users this year include millions of consumers in China, professionals around the world in the healthcare industry, and the U.S. military are stuck on the ancient software.

New research from Duo found tens of thousands of devices using Windows XP with Internet Explorer 7 and 8, a hurricane of insecurity boasting hundreds of critical vulnerabilities in software that hasn’t been officially supported for nearly three years. The problems are not hypothetical: Hackers who attacked Target in 2013 to steal millions of created cards are reported to have used a Windows XP exploit to first gain entry.

Out-of-date software used by the U.S. government has increasingly been a point of political controversy, especially since the Office of Personnel Management suffered a massive and high-profile hack that was finally revealed in 2015. Sensitive data for over 21 million individuals was stolen by the attacker, widely assumed to be the Chinese government, including vast amounts of security clearance background information.

Other agencies are increasingly under the magnifying glass as cybersecurity rises to a ubiquitous focus across government. Citing the use of old and insecure software in agencies like the Department of Education and NASA, Rep. Jason Chaffetz (R-Utah) believes more and even worse breaches are inevitable.

“I think it’s already happened,” Chaffetz warned earlier this year. “I have no proof of it but I’ve been ringing this bell for a long time.”

The Department of Defense has in recent years paid millions of dollars for extended support on Windows XP. The Pentagon updated many of its Windows XP devices to Windows 2003 within the last six months, according to Chaffetz. The DOD, Army, and Navy have been running “Windows XP eradication efforts” over the last year.

“It takes just one out-of-date device to compromise your entire organization—attackers will target devices with exploitable, older versions of software in order to steal your data,” Duo researcher Tuo Pham wrote.

Most Windows XP users are stuck on Internet Explorer, according to Duo. Twenty percent of Internet Explorer users are running unsupported versions (8, 9, 10) that are incapable of receiving security patches. Just 3 percent are using Edge, the latest Windows browser. That leaves 80 percent with Internet Explorer 11.

But Windows XP users can’t even upgrade to a supported and secure version of a Microsoft browser, leaving millions unprotected while browsing the web. Better options would be using alternative browsers like Mozilla Firefox, Google Chrome or Opera.

Windows XP’s versions of Internet Explorer use insecure add-ons that aren’t even supported in most modern browsers. Sixty-two percent of devices running Internet Explorer have an out-of-date version of Adobe Flash installed. Ninety-eight percent of the devices analyzed by Duo that use Internet Explorer also have Java installed. 

Most Windows devices are running older software, including 65 percent on Windows 7, a version that will receive security updates through 2020. The Duo researchers argue that Windows 10—which 24 percent of Windows users are updated to—is a significantly more secure operating system than its popular predecessor.

“That leaves the majority of users on Microsoft operating systems and browsers open to vulnerabilities and a potential malware infection, which can be passed onto your environment if they log into your applications with risky devices,” Pham explained.

Posted in Computer Tips | Tagged , , , | Leave a comment

Norton Antivirus Flaw Threatens Millions of PCs

 

When you download antivirus software, you expect it to protect your computer, not threaten it. And yet for all the good that Symantec/Norton’s security programs do, it turns out they may be able to do even more harm.

 

This information comes from Google’s Project Zero security-research blog, on which security boffin Tavis Ormandy periodically writes about the latest flaw he’s discovered in commercial antivirus software.

In this case, the affected programs include, at the very least, Norton Security and its predecessors Norton 360, Norton AntiVirus and Norton Internet Security, as well as Symantec Endpoint Protection, Symantec Email Security, Symantec Protection Engine, Symantec Protection for SharePoint Servers, and pretty much any other antivirus product bearing the Symantec or its Norton imprints.

“These vulnerabilities are as bad as it gets,” Ormandy wrote. “They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible.”

Ormandy cited the flaws’ susceptibility to both remote code execution and privilege escalation. This means that not only could an attacker take control of your computer remotely, but he or she could gain administrator access as well. From there, installing malware, stealing information or drafting it into a botnet would be trivial.

Explaining exactly how the flaws work is complicated, although you can read Ormandy’s write-up for the full details. Essentially, when you download a compressed executable file (i.e., a program), an antivirus program decompresses, or “unpacks” the file to examine the file’s code for vulnerabilities before the suspect file is opened or run.

The problem is that the unpacker program Symantec uses is itself vulnerable to attack, because it doesn’t properly handle malformed software designed to confuse it. Mismatched parameters can trigger a memory-buffer overflow in the unpacker, letting an attacker slip in malicious code that can seize control of the Symantec or Norton antivirus software.

Users don’t even need to open or run the malicious file. Just getting it on your system — for example, as an email attachment or web link — is enough, since Symantec’s antivirus engine will scan and unpack it by default. (Ormandy noted that he has found similar flaws in antivirus products made by Kaspersky and ESET.)

This functionality is a risky proposition at the best of times, but Symantec’s programs make it worse by unpacking and examining the suspicious compressed programs right in the Windows kernel, the deepest level of the operating system. That’s like bringing a ticking time bomb into police headquarters to defuse it. Anyone who’s had to remove a piece of malware that targeted the Windows kernel will tell you how nearly impossible it is to pry a stubborn bit of malware out of there.

Ormandy pointed out other buffer overflows and memory corruptions in the Symantec file unpacker, all of which could threaten PCs to a lesser degree. Symantec has pushed out patches for all of the flaws, but you may not be protected just yet.

First, the good news: There’s no evidence that hackers were able to exploit these any of these flaws in the wild. Better news: Every affected Symantec program has been patched.

Still, enterprise users will have to do some legwork to protect themselves. LiveUpdate will take care of the patch for home users; otherwise, Symantec has provided a list of enterprise programs with instructions on how to patch each one. Needless to say, this update is probably even more critical for those who use Symantec to protect their businesses.

If there’s a lesson to be learned from this, it’s that no program is unhackable. The best an average user can do is to keep all of his or her software updated constantly — especially the software that keeps unwanted programs out.

 

Posted in Technology News | Tagged , , | Leave a comment

Top 6 Mistakes Laptop Owners Make

 

Image result for laptop mistake

So, let’s get right down to it, shall we? Let’s examine some of the most common errors laptop owners make and some solutions so you can stop yourself from making the same mistake.

1. No Password Protection

I know having a password on your laptop can be a real pain and it is just so much quicker to log onto it automatically so you can get on with what you want or need to do. Still, having a password on your laptop is your first line of defense if your laptop gets stolen. Think about it. If your laptop gets stolen and you don’t have a password on it, the thief will have full access to all of your files and everything else you have store on your laptop. Do you want that? I didn’t think so.

All laptop owners and especially those that take their laptops with them from place to place should have a password on their account. On top of that, they should even consider using the BIOS level passwords as an extra line of defense in case their laptops get stolen. While that does add another step to your sign on process, it will go a long way toward protecting your valuable and often private data.

2. Using a Cheap Case

This one speaks more to the people that take their laptop with them from place to place. They spend gobs of money on a brand new laptop, but then cheap out on the case to store that laptop. These cheap cases often lack the proper padding and proper storage compartments to protect your laptop and its accessories from damage. So what happens if you drop it? Often when it gets dropped in a cheap case the laptop or the accessories, or worse both will sustain damage. This leaves you with a scarred and potentially broken laptop that you invested a lot of money in to begin with. Now you will have to spend even more to get it repaired.

If you are going to spend a bunch of money on a new laptop, don’t start getting cheap when it comes to the case, especially if you travel a lot with your laptop. If it takes a tumble or a fall you will be glad that you invested a little extra on that case. A good case will protect it from these small bumps and keep it in good condition. They will also give you extra storage as well so you can carry even more with you. It makes you wonder why this is such a common problem. However, it is and it is one that many laptop owners can easily fix.

3. Not Running Proper Security Software

Antivirus software, such as Windows Defender, antimalware software and even hard drive encryptors should all be employed on any laptop. Yes these pieces of software do take resources to run, but it is a necessary sacrifice that you all must make. So many laptop owners fail to run one or all of these types of applications on their computer. If they do install them, often they don’t give them the attention they need to stay updated and many owners never both to run scans on their systems. This, of course, leads to infections on their systems.

These infections can slow down your system and even steal your important data without you even knowing what happened. Do you really want your important data or your personal information stolen right out from under you? I doubt that you do. Make sure you always run antivirus and antimalware software and take the time to keep it up to date. After that, make sure you run it periodically to make sure your system stays clear of these types of infections. Trust me you will be glad you did.

4. Poor Battery Practices

Your laptop’s battery is its lifeblood for power when you are away from an AC adapter. Unfortunately, most laptop owners, and I have been guilty of this as well, don’t take proper care of their batteries. What do I mean by this? Most don’t charge them properly and even go weeks without charging them when they are sitting at their desk. The bad thing is that this kind of behavior is hard on a laptop battery.

Laptop batteries are designed to be used. In fact, the longer you go without using the worse off it will be. That being said, you also need to make sure you discharge and recharge them properly as well. You shouldn’t just plug it in after it has been used just for a few minutes. While this is alright every now and then, from time to time you should give the battery a full discharge and recharge. If you don’t, you will soon find that your laptop battery doesn’t last quite as long as it used to.

It should also be noted that laptop batteries don’t last forever no matter what you do, so it is a good idea for you to replace the battery if you keep your laptop for a long time to make sure that you always have power when you need it the most.

5. Poor File Storage Techniques

Now I’m sure you know how to save files on your computer. But when you save them, where do you save them and do you back those files up from time to time? Hard drives don’t last forever and they can go out at any time and sometimes they won’t even give you a warning. What do you do then if you haven’t backed up your files?

Not only should you backup your files to another hard drive or the cloud, but you should also organize these files so you can find them later. Today we create more digital files than we ever have before. If you don’t have a system, chances are you will lose track of some of these files. You have to maintain a well organized file system and then back that file system up from time to time to make sure you can find everything you need when you need it and to make sure it is safe if you do suffer a hardware failure.

6. Installing Junk You Don’t Need

Today we are bombarded with messages to install this and that on our laptops. Unfortunately, not all of this software is any good. In fact, some of it is complete rubbish. All it does is slow down our systems and take up valuable space on your hard drive. So what do you do about?

First, you read about what is being installed. If it sounds like you don’t need something, you probably don’t. So hit that cancel button. Make sure you only install the applications you need and nothing more. The less you have installed and running on your system, the faster it will run. So start paying attention to those installers and requests for installations.

While this does require you to be a bit more attentive to what is going on with your system, in the end you will be glad you did. You will know exactly what is on your laptop and the laptop won’t be bogged down by a bunch of junk that you just don’t have any use for. The end result is a system that runs much cleaner and faster so you can get what you need to get done quicker than you could have hoped.

Posted in Computer Tips | Tagged , , | Leave a comment

How to speed up a slow Mac

What’s the best way to speed up a Mac?

Is your Mac running slowly? Has it always been a little underpowered, or has it got slower with age? Macs generally run efficiently, but with an older Mac you might want to keep an eye on the performance. And don’t worry – whether you’ve got an iMac, a MacBook (of any kind), a Mac mini or even a Mac Pro, our speed tips (updated for Mac OS X El Capitan and macOS Sierra) will help make your Mac run faster.

Spend a bit of time to clean up Mac OS X and macOS Sierra and it will pay you back by running software quickly and smoothly. These tips give you the confidence to clear out the clutter without losing any precious files. Follow these steps and Mac OS X and macOS Sierra will pelt ahead at full speed.

 

Shut down unwanted apps

slideshow image

 

It might sound obvious but the best place to start is to close down any unused programs. If you’ve got too many programs running at once your Mac may devote memory and CPU space to them instead of to the apps you want.

Right-click on programs in the Dock and choose Quit, or press Command-Tab to bring up the App Switcher and press Command-Q to quit unused programs.

Pro tip! Software like iStat Pro can be used to monitor your app performance in real-time.

Ensure you can see open apps

slideshow image

If you’re worried about performance you should make sure you can see which apps are running. Open System Preferences and click Dock. Ensure there is a tick next to ‘Show indicator lights for open applications’.

Use Activity Monitor

If you want to see what apps are using up your system resources, open the Activity Monitor in the Utilities folder.

Activity Monitor shows all the processes on your Mac (some of which you can’t, or shouldn’t, close) so click on View and Windowed Processes. Now click on the CPU button and the “%CPU” column to list all programs by the amount of CPU they are using. You can also use this to see what Memory, Disk and Network different processes are using.

A feature added in Mavericks was Energy, which enables you to see which apps and processes are using up the most amount of energy from your battery.

Get rid of preference panes

slideshow image

Open System Preferences and check in the row at the bottom. This is where custom items are added to your System Preferences and if you’re not using them then they are taking up your CPU. Right-click on an item and choose Remove From Preference Pane.

Cut down on Login items

slideshow image

Open System Preferences and click Users & Groups. Now click on the Login Items tab to view which programs and services are launched when you first power up (or log in) to your Mac. Highlight an item in the list that you don’t want and click on the Delete from Login Items (-) button at the bottom of the list.

 

Free up hard drive space

It’s usually best to keep some space free on your Mac (we usually aim for around 10 per cent). Start by emptying the Trash (right-click on Trash in the dock and choose Empty Trash).

If you need to free up more space then check through your User folder for items to get rid of (Movies and Pictures are often likely culprits). You should also empty the Downloads folder of any items you’re unlikely to need.

 

Remove unwanted programs and widgets

slideshow image

It’s often a good idea to start removing apps that you really don’t use. You can just drag and drop apps into the Trash, but we advise you to invest in a program called App Zapper that can show you how much hard drive space apps are taking up and when you last used them, and can delete apps and all associated files.

You should also remove any widgets that you don’t use from the Dashboard. Click the Remove (-) icon in the bottom-left and tap on the Remove (‘X’) icons on any widgets that you don’t regularly use.

Software update (and set to auto update)

Make sure you perform a software update for Mac OS X and macOS Sierra and all the apps installed in Mac. Click on the Apple icon in the Menu bar and choose Software Update (or open Software Update in the App Store).

If you have apps purchased outside of the App Store they will need to be updated separately. You’ll usually find Check for Software Update from the program name in the Menu bar.

AppFresh is an app that can help keep track of all your software and checks constantly to see if updates are available. Some apps can also self update by integrating with AppFresh.

You should also make sure that Mac OS X and macOS Sierra keeps itself up to date. Click on System Preferences > App Store and ensure that Automatically Check For Updates is ticked. You can also tick Install App Updates which will automatically ensure that apps are updated.

How to speed up a Mac: Empty Safari cache

slideshow image

Safari sometimes gets clogged up with data. Cleaning this out will help speed up Safari in Mac OS X and macOS Sierra. Open Safari and choose Safari > Reset Safari and check Remove all Website Data. (Leave the other options unticked.) Now click on Reset. This can help speed up sluggish web browsing.

Repair Permissions

Open Disk Utility and choose your main hard drive from the sidebar (in most Macs there will only be one.) Now click on First Aid and Repair Permissions. This will ensure that all the files on your Mac have the correct permissions, which will help keep things ticking along.

As of El Capitan (and macOS Sierra), you can no longer repair permissions in Disk Utility. It’s gone because the new System Integrity Protection (SIP) in El Capitan and macOS Sierra prevents permissions on files being modified which, according to Apple at least, means there should be no need to repair permissions.

Install more RAM

Historically, upgrading RAM has been the goto solution for improving your Mac’s performance. Before you go ahead and spend money, however, it’s worth trying to figure out how much of a difference it will really make, if any. The easiest way to do this is to fire up Activity Monitor (it’s in Applications/Utilities), click on the Memory tab and keep an eye on the memory pressure gauge at the bottom of the window. If it’s permanently green, you’re probably not going to see a huge difference by upgrading. If it turns red regularly, it’s worth the expenditure.

How much RAM you add and how you add it is dependent on your Mac. But as a rule of thumb, the effort of performing the installation compare with the marginal cost of bigger RAM modules means that it’s worth maxing out your Mac’s RAM in one go.

That will often mean removing the existing modules and replacing them. It’s a good idea, though not essential, to buy all the RAM you fit at the same time from the same manufacturer. If you decide just to fill empty slots, the same applies. And you should pair RAM modules of the same capacity, if possible.

Restart regularly

Macs are so stable and so power-efficient when they sleep that most of us don’t bother shutting them down regularly, especially if they are notebooks. That means caches don’t get flushed and applications that hog RAM don’t let it go.

Restarting your Mac clears the caches and shuts down applications. The result is a Mac that’s refreshed and should perform better.

Posted in Computer Tips | Tagged , , , , , , , , | Leave a comment

Best free antivirus software 2016

Internet security software is designed to prevent damaging programs from infecting your PC and laptop. All the free products here do that. As a secondary task, though, the full paid-for products should reduce the amount of unwanted advertising and offers that get through to you,But without further ago, here are the leading free AV programs – you really can get something for nothing

Best free antivirus: Avira

 

Download from Avira 

Avira has previously topped our list of the best free antivirus programs, and it’s still a very strong contender. We like that you can download the full program as well as just the 4MB launcher, giving you the option to start the installation and then leave it to download the rest. It’s not alone in this, but it’s the only one we know of which also lets you download the full thing.

The interface is well designed and easy to use, and the latest version includes a couple of new features in its SearchFree Toolbar: a website safety advisor and the option to block advertising companies from tracking you online.

At first sight, it appears Avira bundles a firewall with its product, but this turns out to be an integrated front-end to the Windows firewall.

File scans can be scheduled and by default there’s a quick scan set to repeat every 168 hours or, as we techies call it, weekly. We reckon a quick scan could run more frequently than this, though.

A year ago, AV-Test gave Avira perfect scores, and this year it still did commendably well. In its recent tests, it handed a 5.5 for protection and the same for performance. Avira achieved the full 6/6 for usability with no false positives or false blockages.

SE Labs didn’t test Avira in its recent roundup, but AV Comparatives gave Avira full marks for blocking 100 percent of threats.

Ultimately, Avira does an excellent job – even when compared to paid-for Internet Security programs.

Best free antivirus: Avast

 

Download from Avast

Unlike some firms, Avast doesn’t hide its free antivirus offering so you can’t find it. A big orange button on its homepage makes this version more obvious than its paid offerings, so it’s a good start.

As well as basic antivirus protection, it offers protection from unknown threats and a handy password manager so you can log into sites in your browser by remembering just one password.

You don’t get the browser extension that warns of fake sites (such as banks), nor a privacy shield or spam filtering. Those come with Avast’s Internet Security package, while Premier adds automatic software updating and a file shredder.

The good news is that Avast’s antivirus protection is excellent. SE Labs rates it at 94 percent overall, the highest score awarded to a free version. AV Comparatives found that it blocked 99.7 percent of threats in its September 2016 tests. It also found that Avast had the least impact on your PC’s performance – thanks in part to the fact that Avast runs a “significant proportion” of its analysis in the cloud.

AV-Test rates protection, performance and usability, giving Avast 5.5, 4.0 and 5.5 out of 6 respectively.

Overall, then Avast is one of the best free antivirus packages around.

Best free antivirus: Bitdefender

 

Download from Bitdefender 

Bitdefender’s paid-for Total Security package is excellent, and it’s no surprise to see its free offering score well: it uses the same virus detection engine.

In fact, AV Comparatives awarded it the unbeatable score of 100 percent, successfully blocking all malware during its tests in September. There were no false-positives, either, which is when safe files or programs are reported as being unsafe.

AV-Test also praised Bitdefender, giving it full marks for protection, performance and usability.

SE Labs’ tests found it wasn’t infallible though, with it being compromised by a number of threats and awarding it a protection rating of 73 percent.

Overall, Bitdefender is easy to use, is lightweight and – in general – offers good protection for your PCs.

Best free antivirus: AVG

 

Download from AVG

We’ve already mentioned AVG’s controversial privacy policy above, but in terms of the protection this free antivirus package offers, it’s not bad at all. SE Labs gave it an overall rating of 89 percent from its test in July-September, and it missed out on an AA award (rather than A) by only one percent.

AV-Test’s results from testing in July-August showed that its protection was above the industry average and awarded it 5.5 out of 6. It achieved the same for performance, so won’t slow your computer down. Again, it was given the same high score for usability, and as we’ve used AVG Free on our own PC for the past year, we can – anecdotally – agree that it runs transparently in the background and you don’t really notice it. And that’s exactly what you want from your antivirus.

AVG has a simple-to-understand dashboard so, if you do ever venture to it, it’s very clear whether it’s up to date and protecting your PC.

In addition to an AV engine, it also warns you of unsafe web links and can block unsafe email attachments.

Best free antivirus: Microsoft

 

Windows Defender is built into Windows 10 and Windows 8, so it’s arguably the easiest option for most people since it’s probably in operation already unless you’ve disabled it or installed another antivirus program.

Unlike in the past, when it merely paid lip-service to virus protection, the modern Security Essentials is a credible and reliable AV engine. OK, it’s not the very best out there, but it certainly does the job.

If your PC or laptop is running Windows 7, you can download Microsoft Security Essentials for free.

As the name suggests, it offers basic antivirus protection. The only difference between MSE and Windows Defender is that the latter offers better protection against rootkits and Bootkits.

SE Labs awarded MSE 91 percent overall, ahead of Bitdefender (90) and AVG Free (89). It was only three percent behind Avast, too.

AV-Test gave it only 3.5 out of 6 for protection, but this was due to a poor result in August of 88 percent. In July, it performed as well as any other antivirus package. AV Comparatives found it blocked 96.2 percent of threats, which is below all the other packages here, but as ever, these results all change on a monthly basis.

There are better choices than Security Essentials, but if you’re running Windows 8 or 10 with Defender built in, all you need to do is check that it’s enabled.

Posted in Technology News | Tagged , , , , , , | Leave a comment

Which operating system do ‘real’ hackers use?

So which operating system do such black hat or gray hat hackers use?

While there may be thousands of blog posts which say that hackers prefer Linux operating system for their black hat hacking operations, it is proved that it may not be so. Many of the high-risk hacking show that some “real hackers” run MS windows to hide in plain sight. Windows, which is the required but hated target for most hackers, enables hackers to work with Windows-only environments, such as .NET framework, Windows-based malware, virus or trojan. They use cheap burner laptop bought from Craigslist to build a light weight bootable ghost image and which can’t be traced back to them. These type of burner laptops have USB and SD card for memory options.  This makes it easier to hide, destroy or even swallow if needed.

Many of them go a step further and create read-only partitions for the OS and second writable space for limited persistent local storage. Some paranoid types add a hotkey panic button for quick RAM scrubbing and running a SysRq-trigger to avoid any trace back to them.

The new smaller bootable ghost OS image is then written out to an encrypted SD card. The burner laptop is dismantled and thoroughly destroyed. Hackers pay special attention to the physical destruction of the hard drive, network card, and RAM. Sometimes they use even use a blowtorch or sledgehammer can do destroy such computers.

While some of the black hat hackers prefer Windows OS, many others opt for following Linux distros :

1. Kali Linux

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni and Devon Kearns of Offensive Security developed it by rewriting BackTrack. Kali Linux is the most versatile and advanced penetration testing distro. Kali updates its tools and it is available for many different platforms like VMware and ARM.

2. Parrot-sec forensic os

Parrot Security is an operating system based on Debian GNU/Linux mixed with Frozenbox OS and Kali Linux in order to provide the best penetration and security testing experience. it is an operating system for IT security and penetration testing developed by the Frozenbox Dev Team. It is a GNU/Linux distribution based on Debian and mixed with Kali.

3. DEFT

Deft is Ubuntu customization with a collection of computer forensic programs and documents created by thousands of individuals, teams, and companies. Each of these works might come under a different license. There Licence Policy describe the process that we follow in determining which software we will ship and by default on the DEFT install CD.

4. Live Hacking OS

Live Hacking OS is also based on Linux which has a big package of hacking tools useful for ethical hacking or penetration testing. It includes the graphical user interface GNOME inbuilt. There is a second variation available which has command line only, and it has very fewer hardware requirements.

5. Samurai Web Security Framework

The Samurai Web Testing Framework is a live Linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

8. Network Security Toolkit (NST)

Network Security Toolkit (NST) is a bootable live CD based on Fedora Core. The toolkit was designed to provide easy access to best-of-breed open source network security applications and should run on most x86 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of open source network security tools.

9. NodeZero

It is said the necessity is the mother of all inventions, and NodeZero Linux is no different. The NodeZero team consists of testers and developers who have put together this amazing distro. Penetration Testing distributions tend to have historically utilized the “Live” system concept of Linux, which really means that they try not to make any permanent effects to a system. Ergo all changes are gone after reboot and run from media such as discs and USB’s drives. However, all that may come handy for occasional testing, its usefulness can be depleted when you are testing regularly. It is also believed that “Live System’s” just don’t scale well in a robust testing environment.

9. Pentoo

Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64-bit installable live cd. Pentoo is also available as an overlay for an existing Gentoo installation. It features packet injection patched wifi drivers, GPGPU cracking software, and lots of tools for penetration testing and security assessment. The Pentoo kernel includes GRsecurity and PAX hardening and extra patches – with binaries compiled from a hardened toolchain with the latest nightly versions of some tools available.

10. GnackTrack

GnackTrack is an open and free project to merge penetration testing tools and the Linux Gnome desktop. GnackTrack is a Live (and installable) Linux distribution designed for Penetration Testing and is based on Ubuntu.

GnackTrack comes with multiple tools that are really helpful for effective penetration testing, it has Metasploit, Armitage, W3AF and others wonderful tools.

11. Blackbuntu

Blackbuntu is a Linux distro specifically for penetration testing which was specially designed for security training students and practitioners of information security. Blackbuntu is penetration testing distribution with GNOME Desktop Environment. It’s currently being built using the Ubuntu 10.10 and work on reference Back|Track.

12. Knoppix STD

Knoppix STD (Security Tools Distribution) is a Live CD Linux distribution based on Knoppix that focused on computer security tools. It included GPL licensed tools in the following categories: authentication, password cracking, encryption, forensics, firewalls, honeypots, intrusion detection system, network utilities, penetration, packet sniffers, assemblers, vulnerability assessment and wireless networking. Knoppix STD version 0.1 was published January 24, 2004, on Knoppix 3.2. Thereafter, the project stagnated, lacking updated drivers and packages. A release date for version 0.2 has not yet been announced. A list of tools is available on the official website.

13. Weakerth4n

Weakerth4n is a penetration testing distribution which is built from Debian Squeeze. For the desktop environment, it uses Fluxbox.This operating system is ideal for WiFi hacking as it contains plenty of Wireless tools. It has a very well maintained website and a devoted community. Built from Debian Squeeze (Fluxbox within a desktop environment) this operating system is particularly suited for WiFi hacking as it contains plenty of Wireless cracking and hacking tools.

Tools include: Wifi attacks, SQL Hacking, Cisco Exploitation, Password Cracking, Web Hacking, Bluetooth, VoIP Hacking, Social Engineering, Information Gathering, Fuzzing Android Hacking, Networking and creating Shells.

14. Cyborg Hawk

Many hackers think this is the most advanced, powerful and yet beautiful penetration testing distribution ever created. Lined up with the ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. It has 700 + tools while Kali has 300+ and also dedicated tools for and menu for mobile security and malware analysis . Also, it is easy to compare it with Kali as to make a better OS than Kali . It is a new operating system based on Ubuntu Linux.

It is now clear that black hat hackers mostly use Linux but have to use Windows as their targets are always on Windows run environment. Though that is changing with most financial firms now moving to Linux based servers. Also, Mac OS X is not a popular target for malware and hacking attempts, because it is neither the most famous server (Linux) nor the most famous client (Windows), giving hackers that use it a [false]sense of security.

Posted in Computer Tips | Tagged , , , , , , , , | Leave a comment

Download YouTube Videos With Free VLC Media Player

VLC is undoubtedly one of the best and most popular media players around. VLC Media Player is a free and open source and has the added advantage of offering users many hidden features. Whatever the format is, VLC media player can undoubtedly play almost any kind of audio and video formats you want. One of these hidden features is its ability to convert almost any audio or video format. This is the reason why it’s aptly called  as the Swiss knife of Media players.

Another of such hidden feature is VLC media player’s ability to stream and download videos from YouTube and many other video streaming websites. This VLC Media Player ability has not been made public or advertised by the developers for the fear of angering big daddy Google and violating copyright ToS.

Steps to download your favorite YouTube videos using VLC Media Player

Step 1: Download, install and run the latest version of VLC media player on your computer.

Step 2 : Select the YouTube video you want to download.

Steps to download your favorite YouTube videos using VLC Media Player

Step 3 : In VLC Media Player, find the Open Capture Device option under the Media Tab and click on it. It should open a new window.

Steps to download your favorite YouTube videos using VLC Media Player

Step 4 : Now click on the Network tab and paste the YouTube video url you want to download in the empty field called Pleas0 ente0 a network URL  and click Play button.

Steps to download your favorite YouTube videos using VLC Media Player

Step 5: Wait for a few seconds for the video to start playing and when the video starts playing, Click on Tools from the menu bar and select Media Information or Codec Information.

Steps to download YouTube videos using VLC

Step 6 : It’ll open the Current Media Information window that’ll show all the relevant information about the video. At the bottom of the Current Media Information dialogue box, there is a link under Location. It’s basically the download link for your favorite YouTube video and you have to copy it.

How to Download YouTube videos with VLC Media Player

Step 7 : Paste this link into your Chrome or Firefox browser address bar and hit Enter. This would either start the video playback in your web browser or directly show you the download video dialog. In case the browser starts playing the video, right-click anywhere on the video and select Save video as from the context menu to save the YouTube video to the desired location on your PC/laptop. In case the download video dialog box opens, simply give the location to save the video and press Save button to grab the video.

Posted in Computer Tips | Tagged , , , | Leave a comment

Find and remove any computer virus in Windows using CMD Command Prompt

Viruses, malware, trojans, worms! These evil things can penetrate your computer through numerous ways like internet browsing, from USB devices, phishing link in your email and also by installing infected software. Most of these viruses make your computer slow and eat up valuable memory as well as storage space. Some more powerful viruses are meant to contaminate our operating system too and steal personal information and banking data.

The conventional method to identify and remove such unwanted program from your computer is to install an anti-virus software and scan your computer for any viruses/trojans/worms that exist and quarantine them. However, there are some computer users out there who use unconventional methods to find such virus. Today we are discussing such unconventional method by using Command Prompt or DOS Prompts to identify and remove such virus. The method is simple and straight which even a layman computer user can proceed with, just follow the steps given below :

How To Remove Computer Viruses Using CMD

The Command Prompt or CMD/DIS Prompt is a command line utility program on Windows 10. Though the command prompt is rarely used by layman PC/laptop users, it is a powerful utility in the hands of pro hackers. CMD has access to reconstruct all Windows system files by using various attributes like removing the hidden attributes which a virus normally uses.

One of the leading causes of virus infections in computers and the CMD method work on USB to remove its viruses and secure your computer.

Steps To Remove Computer Viruses Using Command Prompt:

Step 1. Click on Start and type cmd. Now right click on the cmd icon and select run as administrator. Running the command as administrator is important as you need to access the system files which are not usually visible in guest accounts. Now command prompt window will open, now select your drive from which you want to remove a virus.

How to find and remove computer virus using command prompt

 

Step 2. Let us suppose your USB has a virus and your USB drive is F. Type “F:” without quotation on Command line. 

How to find and remove computer virus using command prompt

 

Step 3. Now the C: will change to F: Now you need to type “dir F:” in CMD and hit enter. It will show you the directory of F drive.

How to find and remove computer virus using command prompt

 

Step 4.  So now type the following command to show all the hidden and system files on your USB drive. Type “dir F: attrib -s -h /s /d *.*”  without quotations and press enter. Typing this command will explore your selected drive and will load all the files including hidden and system files on your drive.

How to find and remove computer virus using command prompt

 

Step 5. In this window you will notice unusual file.exe  and extention if your computer has been infected with a virus like the dreaded autorun.inf virus. Rename it using this command line rename filename.extension new filename. Usage > C://rename autorun.inf (new filename)

How to find and remove computer virus using command prompt

That’s it!  Now you can identify all the viruses in your PC and USB and delete them without any help of anti-virus software. You can delete the autorun.inf by typing in the command “del autorun.inf” or del :”yourfilename”

Posted in Computer Tips | Tagged , , , , , , , , , , , | Leave a comment

Adware takes screenshot of victim’s desktop without their permission

Researchers have come across a nasty adware variant that takes a screenshot of a user’s computer desktop without their permission.

Lawrence Abrams, a computer security expert at Bleeping Computer, notes in a blog post that the adware, known as “Faster Internet,” has a penchant for collecting unsuspecting users’ data:

“When Faster Internet is installed it will create a fingerprint consisting of information related to your motherboard, CPU, hard drives, network adapters, and other information about your computer. This information is then uploaded to the developers server. It will then take a screenshot of the active display on your computer at the time of the install and send this screenshot along with your IP address to [a .online URL]”

Someone with Faster Internet installed on their machine never receives a notification that the adware is taking a screenshot of their desktop.

That could spell trouble for a user in so many ways, explains Abrams.

“The problem is that when this program is installed, the user may have confidential documents, web sites, or programs open that will be now be included in the screenshot and uploaded to these scumbags. What if the victim had a password manager open to their online bank account, or their tax return showing their social security number and address, or private images that they do not want disclosed? As nobody knows who the people behind this are and what they may do with this information, this behavior is a serious cause for concern.”

Faster Internet is not the only adware that has threatened users’ security in recent months. Back in February 2015, the world first learned of Superfish, a piece of adware which could intercept HTTPS-encrypted traffic on all Lenovo PCs in an attempt to inject ads into users’ web browsers.

Superfish cert

Given that users affected by Superfish could no longer trust HTTPS web connections, Microsoft decided to adjust its malware objective criteria back in December in an effort to prevent adware similar to Superfish from adversely affecting users’ security.

Users who wish to protect themselves against adware should maintain an up-to-date anti-virus provider on their computers. (To illustrate, as of this writing, 17 out of 56 solutions currently flag Faster Internet as malicious.)

Users might also want to consider installing an adblocker like AdBlock Plus. Those types of browser extensions cannot block adware outright, but it can block ads that might redirect to websites hosting adware and other malicious software.

Posted in Technology News | Tagged , | Leave a comment

Apple confirms QuickTime for Windows is dead, Adobe stuck between rock and hard place

Running QuickTime for Windows on your PC? You should uninstall it. NOW.

Windows PC users have been urged to uninstall Apple’s QuickTime media player from their computers as soon as possible, and Adobe has been caught in the fix.

Researchers at the cybersecurity firm Trend Micro recently discovered two critical vulnerabilities in QuickTime for Windows that could allow hackers to hijack affected computers. The Department of Homeland Security has backed up that warning, and Apple AAPL 0.17% themselves have posted instructions on how to remove the software from your PC.

But that has left Adobe ADBE -0.20% in the lurch, as detailed in a blog post issued last Saturday. Some of the company’s video-focused applications require QuickTime for Windows, and those using Adobe Creative Cloud—a subscription-based suite of Adobe products that boasts around 7 million users—are especially affected.

 

 

It affects its Creative Cloud users.

Windows PC users have been urged to uninstall Apple’s QuickTime media player from their computers as soon as possible, and Adobe has been caught in the fix.

Researchers at the cybersecurity firm Trend Micro recently discovered two critical vulnerabilities in QuickTime for Windows that could allow hackers to hijack affected computers. The Department of Homeland Security has backed up that warning, and Apple AAPL 0.17% themselves have posted instructions on how to remove the software from your PC.

But that has left Adobe ADBE -0.20% in the lurch, as detailed in a blog post issued last Saturday. Some of the company’s video-focused applications require QuickTime for Windows, and those using Adobe Creative Cloud—a subscription-based suite of Adobe products that boasts around 7 million users—are especially affected.

“Unfortunately, there are some codecs which remain dependent on QuickTime being installed on Windows, most notably Apple ProRes. We know how common this format is in many workflows, and we continue to work hard to improve this situation, but have no estimated timeframe for native decode currently,” the company said in its blog post.

Adobe is no stranger to security issues—the company was famously chastised by Apple’s founder Steve Jobs for its unstable Flash software—and the latest news has not pleased some Creative Cloud users, such as Graphics.com founding editor Chris Dickman.

“Unfortunately? Let me paraphrase that for you: “We didn’t see this coming, your systems are compromised if you keep using our software and we will make no commitment to fixing this.” Sweet. Of course, Windows users are just expected to suck that up,” he writes in a post online.

Posted in Technology News | Tagged , , , | Leave a comment