The vulnerability has been known for almost a year, but many users haven't applied the patchesThe Ubiquiti Networks AirRouterRouters and other wireless devices made by Ubiquiti Networks have recently been infected by a worm that exploits a year-old remote unauthorized access vulnerability."This is an HTTP/HTTPS exploit that doesn't require authentication," Ubiquiti said in an advisory."Simply having a radio on outdated firmware and having its http/https interface exposed to the Internet is enough to get infected."The vulnerability was reported privately to Ubiquiti last year through a bug bounty program and was patched in airMAX v5.6.2, airMAX AC v7.1.3, airOS 802.11G v4.0.4, TOUGHSwitch v1.3.2, airGateway v1.1.5, airFiber AF24/AF24HD 2.2.1, AF5x 220.127.116.11 and AF5 2.2.1.Ubiquiti Networks has also created a Java-based application that can automatically remove the infection from affected devices.It can be used on Windows, Linux and OS X.Router security is particularly bad in the consumer market, where large numbers of routers can remain vulnerable to known vulnerabilities for years and can be compromised en masse to create distributed denial-of-service DDoS botnets or to launch man-in-the-middle attacks against their users.
Some of the millions of people making use of the desktop connection software have taken to the TeamViewer subreddit via Inquisitr claiming external accounts had been hacked using saved browser passwords or via ransomware.They logged in and used ChromePass to see my passwords stored in Chrome.Jekkerdud, another Reddit user, added: Random non-contact remoted in and emptied my bank account .Last week, the German company blamed intrusions on a malware program, which installs TeamViewer via an Adobe Flash update on already breached computers.The firm said: TeamViewer has investigated the case internally and affirms that there is no security breach within TeamViewer.We have no evidence that the code of our software has been affected in any way.
Both viewing modes offer smart magnification when making a selection for precise control during text selection, drag-and-drop, or using the on-screen cursor.This comes in particularly handy for moving files created on an iOS device to a connected Mac or Windows PC, or vice versa.In addition to screen resolution and virtual keyboard support for small and large iPad Pro models, iPhone 6s owners can now use 3D Touch for drag-and-drop or to access contextual menus; Quick Action shortcuts from the home screen are absent, however.Other nice touches are the ability to consolidate icons into folders on the App Launcher although they don t yet sync between devices , and support for Windows 10 tablet mode, which turns the iPad into a faux Microsoft Surface.Like iOS and OS X, App Launcher icons can be organized into folders, but selections on one device don t sync to others.The desktop agent no longer supports OS X Lion 10.7, so this feature was also a no-show on my mid-2007 Mac mini, although remote access itself continues to work just fine.
Customer targeted by fraudsters seeking remote access of her PCTalkTalk customers are still being targeted by scammers, following a series of data breaches at the company.In the last four years, TalkTalk has had to admit to four different breaches of data, two directly from the company itself and two others from partners here and in India."I became suspicious when he then asked me to log into my bank account for a refund.I then ended the call."Jackson said she contacted TalkTalk and reported the call – but was given "extremely poor" customer service.Jackson requested to cancel her contract due to her lack of trust in the company, but was told she'd need to pay £247 to leave early.
FRANKFURT Reuters – A major underground marketplace acting like an eBay for criminals is selling access to more than 70,000 compromised servers allowing buyers to carry out widespread cyber-attacks around the world, security experts said on Wednesday.Researchers at Kaspersky Lab, a global computer security firm based in Moscow, said the online forum appears to be run by a Russian speaking group.Each comes pre-equipped with a variety of software to mount denial-of-service attacks on other networks, launch spam campaigns, illicitly manufacture bitcoin currency or compromise online or retail payment systems, the researchers said.Starting at $7, buyers can gain access to government servers in several countries, including interior and foreign ministries, commerce departments and several town halls, said Costin Raiu, director of Kaspersky s research and analysis team.He said the market might also be used to exploit hundreds of millions of old, stolen email credentials reported in recent months to be circulating in the criminal underground.Stolen credentials are just one aspect of the cybercrime business, Raiu told Reuters in an interview.Dedic is short for dedicated, a term used in Russian online forums for a computer under remote control of a hacker and available for use by other parties.XDedic connects sellers of compromised servers with criminal buyers.The market s owners take a 5 percent up-front fee on all money put into trading accounts, Raiu said.Kaspersky found the machines run remote desktop software widely used by network administrators to provide technical support for Microsoft Windows users.Access to servers with high capacity network connections may cost up to $15.Low prices, searchable feature lists that advertise attack capabilities, together with services to protect illicit users from becoming detected attract buyers from entry-level cybercriminals to state-sponsored espionage groups.An unnamed Internet service provider in Europe alerted Kaspersky to the existence of xDedic, Raiu said.High-profile targets include a U.S. aerospace firm, banks in the United States, Philippines, Kazakhstan, Jordan, Ghana, Cyprus, South Korea and Saudi Arabia, chemical firms in Singapore and Thailand and oil companies in China and the United Arab Emirates, Kaspersky found.Raiu declined to name the organizations.
Citrix's remote access service got hit by a "sophisticated" attack over the weekend, prompting password resets for all GoToMyPC users.If you use Citrix s GoToMyPC remote desktop access service, you need to change your password.According to a post published to GoToMyPC s system status page, the service experienced a hack attack this weekend, and it s now requiring all users to reset their passwords before logging in to the service.According to GoToMyPC, it wasn t immediately clear that it was experiencing an attack: On Saturday, users reported being unable to log into their accounts, and were being forced to reset their password.It also suggests using two-step verification to help prevent attackers from accessing your account.For tips on how to create strong but memorable passwords, see our previous article on how to build better passwords.
Your browser does not support HTML5 videoPlayPausePlayPauseMute0%00:00 / 00:00FullscreenSmallscreen Close Embed Feed Ashley Madison: The five most scandalous hacks of all time IBTimes UKGoToMyPC – the remote access software service – was hit by hackers over the weekend, who according to the firm, conducted a "very sophisticated password attack".The company is yet to reveal how many users were affected in the hack, but has initiated password resets for all users.However, on 19 June the firm posted an apologetic announcement about the cyberattack.GoToMyPC allows users to remotely access computers via their smartphones or tablets.GoToMyPC has advised users not to use "a word from the dictionary" when choosing a password, adding that passwords should be more than 8 characters and complex with randomly added "capital letters, punctuation or symbols".The company has also urged users to adopt the two-step verification process offered, in efforts to help boost security.
The incident comes shortly after widely reported attacks on user systems using a similar remote desktop tool called TeamViewer.Unfortunately, the GoToMYPC service has been targeted by a very sophisticated password attack, the service said in an advisory on Sunday.Earlier this month TeamViewer, which makes another popular remote-login software package, has said it would introduce new security features in response to a rash of reports of attackers using the platform to infiltrate users systems.The company said the attacks appeared to be connected with the recent sale online of several hundred million passwords from a number of social media websites, including LinkedIn, MySpace, Tumblr and Fling.We are appalled by the behaviour of cyber criminals, and are disgusted by their actions towards TeamViewer users, Göppingen, Germany-based TeamViewer said in an open letter to users at the time.Earlier this month Facebook founder Mark Zuckerberg was targeted by hackers who used his leaked LinkedIn password to access his Twitter and Pinterest accounts, where he had reused the same credentials.
Citrix's GoToMyPC has warned of 'a sophisticated password attack,' and is requiring all users to choose new passwords for its eponymous remote access service.GoToMyPC allows anyone to take control of any PC with the server system installed, much like Microsoft's own Remote Desktop Protocol RDP or the cross-platform Virtual Network Computing VNC , providing they know the password for access.Naturally, the ability to control a host PC as though you're sitting right in front of it - including accessing local files, passwords saved in the browser, and installing any additional software of your choice - is of great interest to digital ne'er-do-wells, which is why keeping the service secure is of key importance.GoToMyPC emailed its users this weekend warning of what it described as 'a very sophisticated password attack,' automatically resetting all passwords and requiring that everybody picks a new and strong password as well as activating two-step verification - a weaker form of two-factor authentication which nevertheless improves the security of a given account over a simple password alone.The company has not yet announced the precise nature of the attack on its network, nor whether user passwords were directly breached from its servers.All users are advised to use the forgotten password form to choose a new password, without which they will be unable to log in to their account.
Many people use GoToMyPC to obtain remote access to home and work computers via a web browser.The global password reset comes soon after a separate attack on another remote access system that also re-used passwords stolen elsewhere."We apologise for the frustration this issue is causing," it said.A status report on the GoToMyPC website that said the site was hard to reach suggested many people had been trying to change their password following news of the attack.Earlier this month, many users of the TeamViewer remote access software reported they had been hit by attackers who used login credentials found in massive dumps of login data sold and shared online."Re-using passwords at multiple sites is a bad idea to begin with, but re-using your GoToMyPC remote administrator password at other sites seems like an exceptionally lousy idea," said security expert Brian Krebs in a blogpost analysing the attack.
Similar to recent issues for TeamViewer, another remote computer sharing software, GoToMyPC s parent company Citrix believes that the root of the unauthorized access by attackers is due to a password dump.Citrix can confirm the recent incident was a password re-use attack, where attackers used usernames and passwords leaked from other websites to access the accounts of GoToMyPC users, said the company in a statement to users, which also came with advice on coming up with a stronger password and encourages everyone to use two-factor authentication.All affected accounts have been issued the mandatory password reset.It s a fair bet that whoever perpetrated this attack had help from huge email and password lists recently leaked online from older breaches at LinkedIn, MySpace and Tumblr to name a few, said security expert Brian Krebs.Software like TeamViewer and GoToMyPC allow remote access to your computer, and reusing a password that s ultimately compromised can be a detriment to your whole system and other online accounts.Users have been warned for years not to re-use passwords, but with the recent deluge of online data dumps, they re being used for attacks on a much larger scale than is typical.
Looks like Google wants to help people with their new Nexus phones as much as possible.The app is called Google Support, and it s basically aimed at quickly and easily getting people help with their phones, something that could seriously be sped up with screen sharing, which will allow whoever is helping the user to see everything that s going on.It s unknown if Google is hoping to release the app on the new Nexus phones for this year, or if it s under development for future years.Android PoliceOf course, it s also unknown exactly when the next generation of Nexus phones will be released.If Google sticks with its previous upgrade cycle, the new phones will be announced sometime around September or October, then released around late October or early November — in time for the holiday season.During an interview at Code conference, Google CEO Sundar Pichai said that Google was going to be more opinionated and put more thought into Nexus smartphones, which could mean anything, but may mean that Google will start creating apps and services for Nexus devices that do not appear on other stock Android phones.
The leak coincides with a possible tweak to the on-screen navigation buttons for Android N.Google may be putting a friendlier face on its customer support efforts.Google already offers telephone and chat support for Nexus devices, but this would offer another level of assistance to help those who run into a problem.Another rumor indicates Google may be going with a different design, opting for filled-in icons instead of outlines, and a home button sporting Google's four colors.It all looks a little odd right now, so let s hope this is a work-in-progress.Why this matters: One of the advantages of an iPhone is you can walk into an Apple Store and get hands-on support.Samsung has also branched out in this area with dedicated support staff inside Best Buy stores.
Your browser does not support HTML5 videoPlayPausePlayPauseMute0%00:00 / 00:00FullscreenSmallscreen Close Embed Feed Kaspersky Lab Battles 'Darkhotel' Malware that Targets Business Execs IBTimes UKThe recent alarming rise in malware and ransomware attacks has resulted in numerous informative reports generating awareness among the general public and cautioning them about malicious activities.A common misconception, however, is that hackers use malware to obtain sensitive user data, including personal and financial information.Security researchers have now disclosed that cybercriminals rarely use malware past the initial breaching of users' systems.According to a new report by security firm LightCyber, cybercriminals use "sophisticated tools" or "cyber weapons" to compromise networks and steal information.Instead, attackers leverage hacking, admin, and remote access tools to expand across the network, take over more machines, and obtain sensitive data," the firm said.
Pokémon Go, the massively popular new game that s bigger than Tinder, and poised to top Twitter in terms of daily users, has now been targeted by malware creators.Security researchers at Proofpoint spotted a malicious Pokémon Go app in the wild that s infected with a remote access tool called DroidJack, which would give attackers full control over a victim s phone.There s no need to panic just yet, however.The researchers said they hadn t actually found any reports of the malware having infected users – they only discovered that the malware exists, and that it had been uploaded to an online file storage service in the form of an APK file.That means there s no risk that someone may have unintentionally downloaded the app from app store, thinking it was the real deal.Instead, the malware authors were clearly trying to capitalize on the pent-up demand from international users for the hot game, which hasn t yet made its way to all markets.
A criminal gang recently found an effective way to spread malware that drains online bank accounts.According to a blog post published Monday, they bundled the malicious executable inside a file that installed a legitimate administrative tool available for download.The legitimate tool is known as Ammyy Admin and is used to provide remote access to a computer so someone can work on it even when they don't have physical access to it.According to Monday's blog post, members of a criminal enterprise known as Lurk somehow managed to tamper with the Ammyy installer so that it surreptitiously installed a malicious spyware program in addition to the legitimate admin tool people expected.To increase their chances of success, the criminals modified the PHP script running on the Ammyy Web server, suggesting they had control over the website.What resulted was a highly effective means for distributing the banking trojan.
Microsoft's preview of the new, modern, Universal Windows Platform UWP version of the Skype client received a big upgrade today: it's now available for devices running Windows 10 Mobile as well as Windows 10 PCs.The company initially developed a rather feature deficient Windows 8-style Skype client, but in June last year Microsoft said that client was to be discontinued.Instead, the company planned a two-pronged strategy going forward at that time.Unlike the old Windows 8 Skype app with its partial functionality, this UWP client would serve as a complete replacement for the old Win32 desktop app.The separated, task-oriented apps would be continued, and Microsoft would add features such as SMS syncing between the Messaging apps on the phone and the PC.This would allow the PC Messaging app to send SMS messages, relaying them via the phone.
Crooks have once again targeted users downloading Ammyy's remote access software as a conduit for spreading malware.The tactic – which has been witnessed before, specifically in the infamous Lurk banking trojan – has been in play since early February, 2016.Ammyy Admin is a legitimate software package used by top corporations and Russian banks, among others , even though it has a history of being abused by fraudsters, including tech support phone scammers.Several security software firms classify Ammyy as a potentially unwanted app.Ammyy developers had managed to remove the malware at the time of publication.Researchers at Kaspersky Lab reckon that attackers used weaknesses in the Ammyy website in order to add the malware to the installation archive of the legitimate remote access software.
LogMeIn has effectively taken over Citrix's unwanted GoTo business.The merger comes after Citrix axed 1,000 staffers in November and threatened to spin off GoTo.The gobble is worth $1.8bn in shares, and effectively puts remote desktop developer LogMeIn in charge of GoTo, Citrix's remote access and conferencing family.LogMeIn CEO Bill Wagner will run the combined operation, which is expected to bank annual revenues of $1bn or more.It also means LastPass – bought by LogMeIn for $125m in October – now falls under the GoTo umbrella.LogMeIn had subscription sales of about $270m last year, and GoTo brought in $600m.
Vengeful security boffin Ivan Kwiatkowski has infected the computer of an Indian tech support scammer with the Locky ransomware.Kwiatkowski inflicted the virus on the scammers after they attempted to fleece his parents.The retaliatory strike was easy for the French malware analyst; during a phone call with the scammers he sent through what he claimed was an image of his credit card which, when opened by the scammer, unleashed the Locky ransomware.While his ability to watch the bloodbath ended with the scammer hanging up, it is that Locky, rated the world's most prolific email-borne threat, ripped through the scammer's machine encrypting large swathes of files and possibly travelling through the network to encrypt other machines and connected local and cloud drives.Kwiatkowski @JusticeRage set sights on the scammers after his concerned parents phoned bearing reports that their computer was apparently infected with Zeus, according to a fake virus infection advertisement.The researcher spun up a virtual machine and dropped the net scum a call.