Archive for the ‘Security’ Category

Pre-Installed Keylogger Found On Over 460 HP Laptop Models

December 12, 2017

Pre-Installed Keylogger Found On Over 460 HP Laptop Models
Friday, December 08, 2017 Wang Wei

A security researcher who goes by the name of ZwClose discovered a keylogger in several Hewlett-Packard (HP) laptops that could allow hackers to record your every keystroke and steal sensitive data, including passwords, account information, and credit card details.

The Keylogger was found embedded in the SynTP.sys file, a part of Synaptics touchpad driver that ships with HP notebook computers, leaving more than 460 HP Notebook models vulnerable to hackers.

Although the keylogger component is disabled by default, hackers can make use of available open source tools for bypassing User Account Control (UAC) to enable built-in keylogger “by setting a registry value.”

Here’s the location of the registry key:
HKLM\Software\Synaptics\%ProductName%
HKLM\Software\Synaptics\%ProductName%\Default

The researcher reported the keylogger component to HP last month, and the company acknowledges the presence of keylogger, saying it was actually “a debug trace” which was left accidentally, but has now been removed.

The company has released a Driver update for all the affected HP Notebook Models. If you own an HP laptop, you can look for updates for your model. The list of affected HP notebooks can be found at the HP Support website.

Advertisements

Serious security flaws in Intel’s ME, including those running Intel’s latest chips

November 28, 2017

Intel ID: INTEL-SA-00086
Product family: Various
Impact of vulnerability: Elevation of Privilege
Severity rating: Important
Original release: Nov 20, 2017
Last revised: Nov 22, 2017

There are multiple security vulnerabilities in its Management Engine (ME), a remote administration feature that allows IT administrators to manage devices and perform wide-ranging functions.

The security advisory points out bugs in ME, in addition to the Sever Platform Services (SPS) remote server management tool and the Trusted Execution Engine (TXE) hardware authentication tool.

What’s more, because ME has its own microprocessor, it can run even when a PC is off (but plugged in), as the microprocessor can function as a separate computer. This could then allow attackers to gain greater degrees of control by using ME as a launchpad.

Furthermore, the exploit could let an attack operate separately from the main computer, so they wouldn’t trigger any alarms.

Intel has released a detection tool for Linux and Windows to help customers check if their systems are vulnerable.

 

How do you find out whether an account has already been hacked?

June 26, 2017

Check if your info has been stolen

The site will sift through your accounts in search of security breaches. Run your email address and username through the search field, and it will tell you if your login information has been linked to any security breaches.

Show all wireless profiles & their security passwords on the Windows PC

May 20, 2017

Show all wireless profiles on the PC
At the command prompt, type:
netsh wlan show profiles

Show a security key
At the command prompt, type:
netsh wlan show profile name=“ProfileName” key=clear

 

Find & Show Wi-Fi Network Passwords from the Command Line in Mac OS X

Open Spotlight (Cmd+Space) and type terminal to open the Terminal window  or

Open the Terminal app from /Applications/Utilities/, then use the following command syntax to find and display the password for a specific wireless network:
security find-generic-password -ga “SSID” | grep “password:”

Customer Guidance for WannaCrypt attacks

May 15, 2017

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Further resources:

Download English language security updates: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64

Download localized language security updates: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64

General information on ransomware: https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx

MS17-010 Security Update: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

SCDF’s “I Am Safe” e-learning programme

December 13, 2016

This is a 15-minute e-learning programme that will equip residents with skills and knowledge on what to do if you were caught in a fire, and how to administer improvised first aid skills. I encourage all of you to sign up for SCDF’s hands-on learning programmes that will equip you with more advanced lifesaving skillsets. Such lifesaving skills will be of great benefit during any emergency situation, as you will be able to help those in need prior to the arrival of the SCDF officers. – Mr Amrin Amin, Parliamentary Secretary for Home Affairs

Malware Gooligan breaches more than 1 million Google accounts on Android OS

December 2, 2016

Here’s the list of infected apps and more information about the Gooligan malware.

Am I affected?
Go to this URL to check if your Google account has been breached by entering the e-mail address associated to your Android OS device.

Currently, the only option for breached users is to flash the operating system on their infected device. Check Point recommends unfortunate users to seek out a certified technician to do a clean OS installation on the phone, and to change Google account passwords after the flashing process.

Source: Check Point (blog), BGR

iOS 9.3.5 to fix a critical security vulnerability

September 1, 2016

Apple last week (25 Aug 2016) released a patch for three bugs that could allow hackers to remotely jailbreak iPhones and steal messages, call information, emails, logs, and more—a dangerous threat for enterprises with sensitive data.

If you value your privacy, and you should, it would be a good idea to move to the iOS 9.3.5 update right now.

How to update the iOS Version (iPhones & iPads)

Open the Settings → General → Software Update → Download and Install

Top 10 Privacy Risks

April 23, 2016

Top 10 Privacy Risks (OWASP)
P1 Web Application Vulnerabilities
P2 Operator-sided Data Leakage
P3 Insufficient Data Breach Response
P4 Insufficient Deletion of personal data
P5 Non-transparent Policies, Terms and Conditions
P6 Collection of data not required for the primary purpose
P7 Sharing of data with third party
P8 Outdated personal data
P9 Missing or Insufficient Session Expiration
P10 Insecure Data Transfer

Top 10 Privacy Risks Countermeasures v1.0 (PDF)
Top 10 Privacy Risks Presentation (PPTX)

Enforcement and breach details

April 23, 2016

Enforcement and breach details, ST 23/04/2016

K BOX ENTERTAINMENT GROUP

The karaoke chain received the heaviest fine of $50,000 and was directed to appoint a data protection officer, a must-have under the law. The enforcement was for a data breach involving 317,000 customers, resulting in their names, contact numbers and home addresses being posted on file-sharing website pastebin.com in September 2014.

Lax security measures caused the breach. For instance, access to its computers was protected by weak passwords comprising only one letter of the alphabet.

FINANTECH HOLDING

K Box’s IT vendor was fined $10,000 for failing to update K Box’s systems with the latest, most secure software and for lax security procedures. For instance, the system administrator’s account password was simply “admin”.

(more…)