Category Archives: Windows

Windows is the most widely used operating system in the world with a 90% market share. It is also the most hacked. Our latest news will alert you to updates to make and security vulnerabilities to take into account so as not to get your computer hacked.

The Microsoft security flaw that caused the NSA to react

Four days ago, Microsoft made security patches available to its users to fill a major vulnerability affecting its operating system.

The flaw seemed so serious that it took an NSA intervention for public disclosure. "The vulnerability is so seve[…]re that, exploited, would make platf[concernées]orms fundamentally vulnerable," the US agency said.

This article will also interest you: What do we really know about the BlueKeep security flaw that affects Microsoft's OS?

In practical terms, this vulnerability allowed hackers to make the system believe that malware was valid. This would allow hackers to run malware without the knowledge of Windows users quite easily. It also weakened the protections of some navigations under HTTPS. Given the severity of the security flaw, Windows users were asked not to hang around about the update to be made as soon as possible.

The emergency negligence can be costly. The fix is already Windows users are asked not to defer this operation.

by elsewhere, virtually all government agencies are on their toss to alert like France with Anssi.

The vulnerability was for the most recent versions of Windows including Windows 10, Windows Server 2016 and Windows Server 2019. As mentioned above, the security breach was revealed to Microsoft by the NSA, the U.S. National Security Agency, which considered it important to inform the Mountain view firm. The peculiarity of this disclosure lies in the fact that the U.S. agency tends to keep some of the information relating to security vulnerabilities to itself and use it more on behalf of the United States government, as was denounced by Edward Snowden in the WikiLeaks case. However, it cannot be said at this time that this is the very first signaling made by the NSA to Microsoft. Some see it as an attempt to buy back the U.S. agency.

Indeed, we remember that in 2017, exploiting a security flaw in Windows, a vulnerability already known for a long time, North Korean hackers, it seems, had managed to launch a ransom program that caused one of the greatest damage in the history of computer hacking last decade. We're talking about Wannacry. Prior to that, this loophole was used by the NSA for these espionage operations. It was the same with the hacking wave of the infamous NotPetya, another ransoming program that is wreaking havoc.

Last I heard, Microsoft and the NSA that the security flaw has not yet been used by any hacker computer science.

of the On the French side, the institution State in charge of computer security said "the emergency to implement the update as soon as possible."

However, if since Tuesday the fix is available, it is to be feared that some users as usual will hang around for the update. Which is of course a problem not to be overlooked.

Now access an unlimited number of passwords:

Check out our hacking software

A virus managed to bypass antivirus on Windows

Recently, it was discovered by computer security researchers a ransomware malware.

It has the distinction of settling down in the form of a Windows service. If the installation is successful, it causes the computer to restart in safe mode. this will have the immediate effect of disabling all protection programs. Eventually, it does what it was created for. Take the data from the terminal he infected hostage. Effectively as ransomware, it will proceed to encrypt the data thus preventing the main user from accessing it. This program has been referred to as "Snatch."

This article will also interest you: Windows and ransonware: Harder to fight ransomware

"Snatch" is a ransomware that has the exceptional ability to evade antivirus. How is that possible? Taking into account what has been observed, it was discovered that this malware took the form of a program in the Windows registry. It will take the form of backup software that takes the name "SuperBackupMan". We'll even see a description text that says, "This service makes backups every day."

So once in position, it will cause the start-up in safe mode as we explained above. The trick in this process, the restart in safe mode allows you to launch only a minimum of application. Which will exclude good on antivirus. However, the famous fictitious backup program "SuperBackupMan" will always be launched, strange thing by the way, but normal in a sense. This will prevent antivirus from detecting the encryption process that will be initiated by the malware once the start-up is complete. This may be good news, but this highly sophisticated process has not yet been observed in other programs of the same type.

Moreover, the cyber criminals who operate with this malware are, it must be admitted, true professionals. In practice, it would appear that their main target is companies. The program will then only be activated a long time of observation and analysis of their victim's systems. hackers take the trouble to observe and identify all the equipment they can easily reach weakened skin more easily the entire computer network of their target.

The example was observed in an international company that has been infected more than 200 machines, which is equivalent to 5% of its computer fleet. Once they were successful, the ransom was demanded to the tune of $35,000. But there have been cases where the ransom was much lower. Apparently several dozen companies have already been victims of this computer virus observed between July and October of this year.

According to some sources, hackers who are the publishers of the virus

"Snatch" are believed to be of Russian origin. This is assumed by the they use this language to exchange views on the forums of the Discussions. to successfully penetrate their victim's system upstream and implement the program, it is it seems that he is using the brute force technique. they've managed a once to break the password of a cloud service administrator It's Microsoft.

Regarding the vulnerability exploited by the Snatch virus, we hope that Microsoft will soon see a fix proposed patch tuesday in January 2020.

Now access an unlimited number of passwords:

Check out our hacking software

Windows and ransonware: Harder to fight ransomware

With the recent computer attacks, we realized that ransomware was becoming more and more sophisticated.

Computer security researchers admit that it is now more difficult to counter these malwares. These attacks multiply from cycle to cycle, and with each companion, the publishers of these programs learn from their failures or even their success. According to IT journalist Steve Rangers: "Ransomware is growing rapidly and could become more difficult to fight as the ecosystem moves from a small number of dominant players to a large number of smaller players. ».

This article will also interest you: Malware could infect you following a Windows update

According to an analysis by the cybersecurity company BitDefender, a particular concern must be about the safety of the Microsoft Windows operating system. Ransoming software, crypto minors and other programmes such as PUAs (which are potentially undesirable applications, which can be used breaches the privacy and security of systems), attacks based on system security vulnerabilities, are the most common and common threats to learn most seriously. However, BitDefender has that all of these menaces did not represent anything real challenge to that of ransomware. Indeed, Ransonwares have increased in 74.2% one year later. Enough to phagocyte others. If at the beginning of this year 2019, Ramsonware's attacks seemed to be decreasing, it was only because a group of hackers who had initiated another attack, that of the Ransonware GandCrab, device had the effect of extinguishing the others or even to slow them down.

But since the end of the campaign, other this same guy began to take up the torch, but more so. New group with new techniques have been trained to fill the void created by the previous. It is also very possible that they have already started their all-round companion. Even though these new programs such as Sodinokibi (aka REvil or Sodin) were unable to replacing the previous GandCrab with their efficiency, their growth is not to be overlooked. They take up a lot of space and continue to grow. ":The fall GandCrab, which dominated the ransomware market with a share of more than 50 % has left a void that various players fill quickly. This fragmentation can only mean that the ransomware market will become more powerful and more resilient to the combined efforts of law enforcement and the law enforcement industry cybersecurity to dismantle it. BitDefender says in the report. The cybersecurity company also said problems related to incidents involving minor cryptocurrencies, have lowered the intensity on their side. "The cryptocurrency miners are not going to probably not disappear anytime soon. he says in his report.

This way of focusing on the Windows system makes it possible to deduce that hackers who usually initiate this kind of attack do not usually have time to devote themselves to the Mac. BitDefender explained: "Windows remains a lucrative battlefront, malware authors have little interest in investing time and resources to develop threats on Macs for the general public. ». Moreover, this does not mean that Mac OS terminals are not secure. It is known that during the first half of 2019, most of the attacks that were directed against Macs, were cryptominage software or exploits relying on security vulnerabilities according to BitDefender's analysis.

Now access an unlimited number of passwords:

Check out our hacking software

Malware could infect you after Windows update

It has been discovered, lately, a fake update of Microsoft's Windows 10 operating system.

Indeed, it is actually a ransom program, which once installed on your computer will demand as usual a ransom. Clearly your data will be inaccessible if you get caught.

This article will also interest you: The update system hijacked by hackers

The discovery was made by a computer security company based in Chicago in the United States. This company is called Trustwave. Thanks to the researchers who make up his Spider labs team, the malware hidden behind a fake update was discovered and then made known to the general public. This threat must be taken seriously, the researchers say. Indeed, this attack even if it does not look very special, could take a whole new scope as it is easy to be reused by other groups of hackers if it goes almost unnoticed this time. Here's how it goes. Individuals receive an e-mail informing them of the availability of a new Windows update on an operating system security issue by requiring an installation at the time. But in reality it's a decoy, because Microsoft never communicates about updates through the mail system. The editors of this program will then direct their victim to a link that prompts them to download an executable program, which is in fact not a ransom program. This executable comes in the form of a JPG file. Once this file is executed, it will encrypt your data, blocking all the files on the terminal, and will require to release them the payment of a ransom.

To do this, Windows 10 users are advised not to attempt whats happens to be to click on the link asking them to make the day. If an email like this has reached you, it is better to delete it automatically and pass thing.

According to the cybersecurity company that made the discovery, the malware here presented is a ransomware that would be type Cyborg ransomwares. According to Spider Lab researchers, once victims click on the link, a malware will encrypt all of your data on the device, a Windows computer, precisely. Because, there, the program will add its own extension. This is where a text file under the name "Cyborg_DECRYPT.txt" appears to the user. And the rest you already know.

In addition, all the problems associated with this programme malicious computer do not stop there. Indeed you know that the mail corrupted in our case here is reusable? Yes indeed it is.

Following the investigation by the cybersecurity firm Chicago, we discovered that the malware concerned had counterparts that Looked. That's not all, there was online available to all publisher interested a program generating this ransomwares since, a site web.

For Diana Lopera, a researcher at the cybersecurity company, we need to pay attention to this new program that is currently moving. Indeed the threat is very serious. regardless of the individual concerned, whether it is individuals or companies, it is not just the first time that it is already deployed, especially with the use of the mail: "The file containing the ransomware can be created and disseminated by anyone who takes over the generator. It can be spammed using other themes and be attached in different forms to escape email gateways. Attackers can create this ransomware to use a known file extension to mislead the infected user about the ransomware's identity," she explained.

Now access an unlimited number of passwords:

Check out our hacking software

What do we really know about the BlueKeep security flaw that affects Microsoft's OS?

According to the Kryptos Logic website, we are currently witnessing a very first wave of computer attack using a security flaw called BlueKeep.

The downside in this story is that the attack was expected by computer security experts. And apparently it proved less dangerous than expected.

After the damage caused by the WannaCry computer worm and the NotPetya ransomware, this malware was less dangerous according to the forecasts of the experts who had this time wanted to remain on their guard. As they themselves meant, the purpose of this mistrust was to avoid another WannaCry. and that fear has started to take shape since last May.

This article will also interest you: A security flaw on Windows affects 800 million computers

Indeed, during this month the American company Microsoft had made available to users of Windows Server 2008 and Windows 7 security patches whose objective was to fill a security flaw that was present in the indicated systems. Later Microsoft in 'a publication, insists on downloading these updates underlining how urgent it was to realize it. The US firm's insistence prompted some experts and journalists, especially Wired, who felt that there was a serious danger to watch out for. This immediately reminded us of what has happened in the last 2 years with the most terrible attacks that the computer world has ever known with WannaCry and NotPetya. It is for this reason that the authorities have done everything possible to prevent this from happening again.

So last June, the NSA, the U.S. intelligence agency, invited Microsoft to update its Windows 7 system to prevent it from being vulnerable to the BlueKeep software flaw.

Unfortunately, this did not prevent that a few months later, the first hacks based on this vulnerability were triggered from all sides. But according to various possible and security specialists, attacks that affected different structures or even other computer security specialists were less dangerous than expected. According to Kévin Beaumont, another computer security researcher, the hacker implements his program which is a crypto-mining program to use the computing power of his target's computer to generate cryptographic currency. According to the website Engadget, no data loss was to be regretted in this wave of piracy. This was not the case with the WannaCry program, which managed to infect more than 300,000 terminals in just a few days. whereas in our case there is no sign of the spread of the computer virus.

For Marcus Hutchins, a cybersecurity specialist Kryptos Logic, the computer program used here had the effect of to reduce the performance of the computer on which it is established. This proves how well the computer program was enough of the amateurs because such a consequence is not true to its status as a go unnoticed if this was the original purpose of course.

Despite all the researchers continue to urge users to remain on their guard because apparently about half a thousand computers would be vulnerable to the BlueKeep flaw.

Now access an unlimited number of passwords:

Check out our hacking software