This latest warning comes just as as Google announced an “App Defense Alliance” to “ensure the safety of the Play Store.” The seven apps, discovered by the threat research team at Wandera, do not contain ad fraud malware themselves. Instead they are dropper apps—they download malware “payload” apps and install them onto target devices. This leaves the user with both the dropper app and the payload app installed. Both need to be identified and deleted. The dropper apps bypass store security to bring in threats from outside the ecosystem.

These dropper apps pull the malware payloads from Github, and Wandera VP Michael Covington told me the team was escalating details about the apps “because the backdoor introduced via the dropper code is a significant risk for anyone using these apps—given the obfuscation techniques in use, we have not yet ruled out other apps that may be using similar techniques to introduce unsanctioned code.”

Continue Reading

The post Bad Android Apps Removed From Play Store, Uninstall Now appeared first on A1 Computer Repair.

Romana Leyva, 35, of Las Vegas, Nevada, and Ariful Haque, 33, of Bellerose, New York, were each charged this week with one count of wire fraud and conspiracy to commit wire fraud. Each count carries a maximum of 20 years in the clink.

According to prosecutors in southern New York, Leyva and Haque masterminded a classic tech-support scam that warned netizens their computers were infected with malware that didn’t actually exist and would need a costly, and yet entirely unnecessary, repair.

We all know this type of scam: phony “system alert” pop-up ads in web browsers that try to scare punters into believing their machine is riddled with spyware, along with a phone number to call for “tech support” or a repair service that costs an arm and a leg – and doesn’t actually do anything useful.

“In at least some instances, the pop-up threatened victims that, if they restarted or shut down their computer, it could cause serious damage to the system’ including ‘complete data loss’,” the prosecution wrote in its court [PDF] paperwork.

Continue Reading at The Register

The post Don’t fall for fake virus infection alerts appeared first on A1 Computer Repair.

The stack overflow vulnerabilities affect more than 120 D-Link products, from Wi-Fi cameras to routers and modems, and allow remote attackers to completely hijack the administer account of the devices to install backdoors and intercept traffic.

D-Link has been contacted for comment.

It takes only one command to exploit the flaw, according to Senrio researchers who published a proof-of-concept that changed administrator passwords.

“… the Senrio research team discovered and exploited a remote code execution vulnerability in the latest firmware of the D-Link DCS-930L Network Cloud Camera,” the researchers say.

“While the thought of strangers watching your sleeping baby is disturbing, the implications for enterprise and infrastructure environments are downright scary.”

Almost 140,000 of the devices are located in the US, with 23,442 in Canada, and 20,982 in Sweden.

Founder Stephen Ridley told Security Week attacking the 120-odd D-Link device models requires to exploit tweaking to suit different firmware.

“An attacker would practically account for this difference in versions [and] devices by fingerprinting a device, and then changing the exploit payload based on the target,” Ridley says.

http://www.theregister.co.uk/2016/07/08/414949_dlink_cameras_iot_devices_can_be_hijacked_over_the_net/

The post 414,949 D-Link cameras, IoT devices can be hijacked appeared first on A1 Computer Repair.

This is for two reasons.

First, Apple is deprecating QuickTime for Microsoft Windows. They will no longer be issuing security updates for the product on the Windows Platform and recommend users uninstall it. Note that this does not apply to QuickTime on Mac OSX.

Second, our Zero Day Initiative has just released two advisories ZDI-16-241 and ZDI-16-242 detailing two new, critical vulnerabilities affecting QuickTime for Windows. These advisories are being released in accordance with the Zero Day Initiative’s Disclosure Policy for when a vendor does not issue a security patch for a disclosed vulnerability. And because Apple is no longer providing security updates for QuickTime on Windows, these vulnerabilities are never going to be patched.

We’re not aware of any active attacks against these vulnerabilities currently. But the only way to protect your Windows systems from potential attacks against these or other vulnerabilities in Apple QuickTime now is to uninstall it. In this regard, QuickTime for Windows now joins Microsoft Windows XP and Oracle Java 6 as software that is no longer being updated to fix vulnerabilities and is subject to ever-increasing risk as more and more unpatched vulnerabilities are found affecting it.

You can find information on how to uninstall Apple QuickTime for Windows from the Apple website here:https://support.apple.com/HT205771

Continue for Full Article

The post Uninstall QuickTime for Windows Today appeared first on A1 Computer Repair.

For that reason, you must be aware of the threats you are exposed to in order to avoid an unwanted gift—more than your grandma’s socks.

According to Allianz Risk Barometer for 2015, cybercrime rose three positions from 2014 to become the fifth top global business risk in 2015. It is a big threat that continues to expand; you have to be informed about it and take action to avoid it.

Let’s take a look at the biggest threats that you should be aware of.

Malvertising: A growing threat

Malicious ads are online advertisements on legitimate websites created to deliver and spread spyware, ransomware, and other malware to end-user systems. They are usually shown as targeted pop-up advertisements or as banner ads on online shopping sites, news portals, social media sites, and gaming and adult platforms.

Unlike other malware delivery mechanisms which require user action (clicking a link or opening an email attachment), malvertisements often require no user interaction to work, which makes them quite dangerous.

Sometimes, just visiting a webpage with malicious ads on it is enough to infect a system. In other cases, users have to click fake Flash or Java updates, or fake anti-virus alerts, to get infected.

Typically, larger websites receive ads through multiple ad brokers and networks automatically, with little action margin to filter them. As advertisements are tailored to the user’s demographics, location, and browsing history, attackers can deliver the malware to their desired victims.

Security vendor RiskIQ reported a shocking 260 percent increase in the number of detected malvertisements in the first half of 2015, compared to the same period last year.

Unfortunately, there isn’t much you can do to avoid malvertising, but make sure you have good commercial antivirus software installed so that if you do stumble upon a bad ad, you will have an extra layer of protection.

Phishing

One of the most dangerous threats this season is Phishing. Phishing occurs when cybercriminals attempt to get your usernames, passwords, and credit card details by creating a fake version of a real and well-known site. Users get tricked into entering their sensitive information, thinking that the site is the real one. You may arrive at one of these sites by misspelling the address or by following links on forged emails, ads, or posts.

This time of year we always see several fake stores emerge. They are there for a couple of weeks, then disappear with your sensitive data and your money.

The Anti-Phishing Working Group reports that in the last quarter of 2014, there was an increase of 18 percent in the number of unique phishing reports compared to the previous quarter and that retail /service was the most targeted industry sector, with payment services close behind.

To confirm that you are on a real, legitimate site, look for the https protocol at the beginning of the URL and check that there is a padlock icon, indicating that the identity of the site is confirmed by a third-party security firm.

Click Here to Continue Reading This Article

When you are browsing a site look for https and the padlock icon to ensure its authenticity and that your information will be transmitted securely.

The post Be careful, it is The Season for Cyber Criminals appeared first on A1 Computer Repair.

Affected users were warned not to reboot their machines

An antivirus program labeled itself as malware, causing some computers it was running on to stop working.

After an update, essential components in two Panda Security antivirus programs became corrupted, leading them to be mistakenly identified as malign and quarantined.

Panda said a fix had been released and warned that rebooting affected systems could exacerbate the issue.

Steps to Fix You Computer: http://www.pandasecurity.com/uk/homeusers/support/card?id=100045

It asked those affected to get in touch so it could help fix their machines.

One security expert noted the irony. “People’s first response is to turn [their computer] off and back on again, but in this case, it seems like the wrong thing to do,” said Prof Alan Woodward, of Surrey University.

The “last thing” people would expect to cause their computers to break down was its security software, he said.

Corrupted files

Panda Security said that the signature file in both its PCOP and its Retail 2015 packages became corrupted.

Read the Full Story at: http://www.bbc.com/news/technology-31851125

The post Panda antivirus problems appeared first on A1 Computer Repair.

Ransomware is malicious software used by cybercriminals all across the world to get hold of your computer and computer files for ransom, demanding payment from you to get them back in normal working condition. Although ransomware is not a common malware, over time it has proved to be a very effective one. Various new variants of ransomware are swarming in the digital market these days, all specifically designed to frighten the victim into paying a fee to get their computer back in a normal working state. Lately, many cybercrooks have started targeting it locally, making it even more dangerous than before.

However, you can save your system from giving in to the ransomware attack by employing these simple, yet effective steps-

Back up your valuable data

This one is an overall security tip on which you can fall back if your computer system is attacked by ransomware. Have a regularly updated backup of your valuable data so that even if you do become a victim of ransomware, you don’t have to lose all your vital data. In such a case, you can easily restore your system and refurbish all your important documents from backup. Having a regular backup regimen is really important for you, preferably on an external hard disk or any backup service.

Use a robust security suite

It’s always good to have a strong backing of a robust Internet security software program to help you pick out the identity thefts, suspicious activities, and unsolicited dangers. These days many new variants of viruses, malware, and ransomware have hit the digital world, escaping even from the strong detection systems. Hence, it becomes really essential to have an added layer of protection to help detect the ransomware or mitigate its effects after the attack. Install CryptoPrevent as well as a commercial-grade anti-virus like ESET Nod 32.

Patch/update your software

The ransomware authors and programmers heavily rely on the people who are running outdated software. This outdated software is vulnerable itself and it makes the whole computer system susceptible to any malicious attack, which can exploit other programs on your computer to silently get into your system. So, keeping all your software updated can decrease the potential threat of ransomware. For this purpose, you can turn the update notification system of your software program, which will timely alert you about the security updates and patches.

Disconnect from the Internet immediately

Getting a ransomware note from an unknown source can prove to be a real threat to your computer system. In such a case, don’t panic; rather disconnect your system from the Internet so that your personal information isn’t transmitted to cybercriminals and hijackers. The best action could be to simply shut down your computer system and re-install the software and data backup after turning it on. This way, you can not only start afresh but your computer system will be saved from literal damage by a malicious program.

In the end, all you have to do is to stay alert and use a robust security suite to prevent ransomware attacks. Though, following these steps will help you avoid your computer system from becoming a victim of ransomware.

Article Credit Tech Genie @ http://blog.techgenie.com/security-how-to/five-steps-to-avoid-ransomware-attack.html

The post Avoid Ransomware Attacks Using These 5 Steps appeared first on A1 Computer Repair.

The security firm Malcovery said it identified a new trojan based on the Gameover Zeus malware, which officials said infected up to one million computers in 12 countries, and was blamed in the theft of more than $100 million.

“This discovery indicates that the criminals responsible for Gameover’s distribution do not intend to give up on this botnet even after suffering one of the most expansive botnet takeovers/takedowns in history,”.

By infecting large numbers of computers, the cybercriminals were able to control the devices to steal passwords and send out emails to further spread the infection.

The news came as the Department of Justice said it had made progress in rooting out the malware infections.

In a status report filed in court, officials said that “all or nearly all of the active computers infected with Gameover Zeus have been liberated from the criminals’ control and are now communicating exclusively with the substitute server established pursuant to a court order.”

A blog post by the security firm Emsisoft said the new variant may be harder to combat because it is using “an evasive technique that allows the botnet to hide its distributive phishing sites behind a constantly shuffling list of infected, proxy computers.”

Gameover Zeus, which first appeared in September 2011, stole bank information and other confidential details from victims.

The FBI blamed the Gameover Zeus botnet for the theft of more than $100 million, obtained by using the stolen bank data and then “emptying the victims’ bank accounts and diverting the money to themselves.”

The June crackdown also targeted another computer virus, dubbed “Cryptolocker,” which appeared in September 2013.

Russian Evgeniy Mikhailovich Bogachev, 30, an alleged administrator of the network, was charged in Pittsburgh, Pennsylvania, with 14 counts including conspiracy, computer hacking, bank fraud, and money laundering in the Gameover Zeus and Cryptoblocker schemes.

Originally from: http://news.yahoo.com/bank-stealing-malware-returns-us-crackdown-193233883.html

The post Bank Account Stealing Malware Returns appeared first on A1 Computer Repair.

A malicious new worm has been detected in more than 1,000 Linksys home and small-office routers, according to researchers at the SANS Institute of Bethesda, Md.

Nicknamed “TheMoon” because its code includes HTML pages referring to the 2009 science-fiction movie “Moon,” the worm seems to do little more than spread from router to router. However, it does appear to be able to connect to a command-and-control server, from which an attacker could manipulate the compromised systems.

“We do not know for sure if there is a command-and-control channel yet,” wrote security researcher Johannes Ullrich in a blog post on the SANS Institute’s website. “But the worm appears to include strings that point to a command-and-control channel.”

The good news is that a simple router reboot will get rid of the worm, and turning off any remote-administration feature in your router’s settings will prevent the worm from being able to attack in the first place. Many routers have remote administration activated by default.

So far, only Linksys’ “E” product line, which includes the E900, E2000, E3200, and E4200 models, has been shown to be affected. Devices that have upgraded to the latest firmware, 2.0.06, should be safe, but some earlier models whose support has expired, such as the E1000, can’t get that upgrade.

Click Here for More on Linksys Worm

The post Linksys Router Users Malware (worm) Warning appeared first on A1 Computer Repair.

For example, a keylogger can easily obtain confidential emails and reveal them to any interested outside party willing to pay for the information.

Keyloggers can be either software or hardware-based. Software-based keyloggers are easy to distribute and infect, but at the same time are more easily detectable. Hardware-based keyloggers are more complex and harder to detect. For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.

As keyloggers become more advanced, the ability to detect them becomes more difficult. They can violate a user’s privacy for months, or even years, without being noticed. During that time frame, a keylogger can collect a lot of information about the user it is monitoring. A keylogger can potentially obtain not only passwords and log-in names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more. All this collected information can be used to steal users’ personal documents, money, or even their identity.

A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot-up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:

· Undetectable in the process list and invisible in operation

· A kernel keylogger driver that captures keystrokes even when the user is logged off

· A remote deployment wizard

· The ability to create text snapshots of active applications

· The ability to capture http post data (including log-ins/passwords)

· The ability to timestamp record workstation usage

· HTML and text log file export

· Automatic e-mail log file delivery

All keyloggers are not used for illegal purposes. A variety of other uses have surfaced. Keyloggers have been used to monitor websites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web. Additionally, in December 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. The judge allowed the FBI to keep details of its keylogging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.

A1 Computer Repair – Malicious Software Removal Experts

The post Keyloggers – Keystroke Logging Software Threats appeared first on A1 Computer Repair.