Security expert Bruce Schneier recently talked about how someone is learning how to take down the internet. We have seen lots of companies talk about attacks on their infrastructure, breaches, hacking and stealing accounts, etc. As per the companies, it seems name of the attacks are made out to seem like probing for ways to get into networks and do harm.
It reminds me of the US’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.
– Bruce Schneier
If you’ve ever used a Mac computer you quickly start getting a feel for the natural scrolling system that makes it more natural, scroll up to move the page up and scroll down to move the page down just as you would if you were moving piece of paper on your desk.
Back when the mouse was king, scrolling down to move the page up made sense because the scroll-bar would move down; basically it mimicked the movement of the marker in the bar. With the advent of touch screens and two finger scrolling on Macs, it made perfect sense to move toward natural scrolling; but many complain that on a computer it doesn’t make sense nor does it feel natural. I personally beg to differ, it feels quite natural to me; I think of the scroll pad as a flat version of the screen, like with the dual screens on a Nintendo DS or having a small tablet surface. Now that I have been using natural scrolling for a while I can see how the old way is actually counter-intuitive and needs to change.
I’ve gotten so used to it at work that I had to change my mouse wheel scroll settings in Windows to be the same and now I’m sharing it with you so you can start to be more natural with your scrolling.
Open Notepad, Notepad++, or any other text editor. No, Microsoft Word will not work.
Type in the following lines for Windows 7:
Windows Registry Editor Version 5.00
Type in the following lines for Windows 10:
Windows Registry Editor Version 5.00
Click File → Save As
Choose Desktop as the location to save and name the file InvertMouse.reg
Go to your desktop and double-click the InvertMouse.reg file to make the entry into the registry then restart your computer.
Now if mice makers would start to use the Magic Mouse technology or Apple would allow their mice to be used on other OS systems.
Even when installing from the Google Play store, caution should be used when installing apps.
A good rule to follow is to ask yourself if the app being installed is asking for more permissions than what it needs to function. When it comes to a wallpaper app, the list of permissions should be rather short.
It was recently brought to our attention that there was a wallpaper app on the Google Play store that had an extra permission that didn’t fit. It was using the permission GET_ACCOUNTS which allows access to list accounts.
This wallpaper app was doing a bit more than just displaying pictures on the device’s background.
The app goes by the name of Sexy Girls Wallpaper Gallery with the package name com.sexywallpapers.wallpaper.sexy. With the permission GET_ACCOUNTS accepted, it then uses the getAccountsByType() function to gather account information from Google, Facebook, and Twitter.
The stolen account information is then sent to a remote server. This is all triggered when the app is opened.
It uses the value email for Google/email account info, emailf for Facebook account info, and emailt for Twitter account info when sending to the remote server.
The home improvement retailer confirms its customers’ payment card data was breached in an incident that is believed to have begun in April, likely compromising millions of card accounts.
One of North America’s largest retailers has confirmed that it was successfully compromised in a months-long campaign by attackers, resulting in what is believed to be the compromise of millions of customer payment cards.
In a long-awaited statement issued late Monday, Home Depot acknowledged that its payment card-processing system was breached, affecting payment card data belonging to customers of stores in the U.S. and Canada.
The Atlanta-based home improvement retailer said its investigation is focusing on April 2014 forward, indicating that the breach event may have been months long, spanning from April through August or early September.
“While the company continues to determine the full scope, scale and impact of the breach, there is no evidence that debit PIN numbers were compromised,” Home Depot said in the statement. It did not reveal the number of payment card accounts that may have been compromised.
It first learned of the breach via reports from banking partners and law enforcement on the morning of Sept. 2, according to the statement, and began its investigation immediately.
The company said that following the discovery of the breach, it has taken “aggressive steps to address the malware and protect customer data,” which included hiring security vendors Symantec Corp. and FishNet Security Inc. to investigate the breach.
Investigative security journalist Brian Krebs was first to report the Home Depot breach a week ago after multiple banks informed Krebs that they had identified stolen card data purportedly originating from Home Depot retail locations for sale on a popular black market website.
Krebs reported Sunday that a source close to the Home Depot investigation revealed that the breach was at least partially caused by a new variant of the Kaptoxa or BlackPOS point-of-sale malware used in last December’s massive Target Corp. data breach, causing speculation that the same attacker or group of attackers may be behind both breaches.
While Home Depot said there is no evidence that customers’ debit and PIN numbers were compromised, Krebs reported late Monday that banks have seen a spike in debit card fraud. He wrote digital criminals are using the data stolen from Home Depot to contact banks in an effort to reset customers’ debit card PIN numbers and in turn withdrawn cash from ATMs using fabricated debit cards.
By comparison, the Target breach that resulted in the compromise of some 40 million payment cards reportedly only occurred during a three-week period last year and affected just under 1,800 stores. That breach played a role in a string of bad financials results for the company, including $146 million in breach-related expenses outside of insurance coverage, and culminated in the ousting of Target CEO Gregg Steinhafel and other long-time executives.
Security researcher Axelle Apvrille recently published a paper about AdThief, a malware aimed at hijacking ad revenue from a reportedly 75,000 infected devices. First discovered in March 2014, and also known as “spat,” the malware, which comes disguised as a Cydia Substrate extension, was found to replace the publisher ID of publishers with the one of the malware creator, effectively attributing all ad revenue to him.
A publisher ID is used to identify a publisher’s account on an ad platform, which helps track revenue generated by said publisher. By being able to swap the publisher’s publisher ID with his own, the malware creator was able to hijack revenue from about 22 million ads. In effect, when clicking on an ad, an infected user would generate ad revenue for the attacker instead of the developer of the application or website.
Infected devices: ~75k
Total activate times: ~22m
Daily activate times (around 3/20/2014): ~22k
The malware was designed to target ad kits from 15 ad networks, including Google-owned AdMob and Google Mobile Ads, both representing a large share of mobile advertising at least here in the US. Other American companies targeted by AdThief are AdWhirl, MdotM, and MobClick. The remaining targeted ad networks were all from China or India.
A list of mobile adkits targeted by the malware is provided in a report: YouMi, Vpon, MobClick, Umeng, AdSage/MobiSage, MdotM, InMobi, Domob, AdWhirl, AdsMogo, Google Mobile Ads SDK, AderMob, Weibo, MIX SDK and Poly SDK. The majority of these are Chinese, four are based in the US, and two in India.
In his report, Xiao remarks that Weibo is a popular social network in China, but is unable to attribute MIX SDK and Poly SDKmore precisely. In fact, Sina Weibo, introduced in 2013, is an advertisement SDK, so that solves one mystery.
MIX SDK can be attributed to GuoHeAD. It probably refers to the GuoHe MIX platform for cross-promotion of mobile games. This is also backed up by the name of a source file found in the malware: /Volumes/MacOsStore/Project/IOS/SpAd/SpAd/AD_GuoHe.xm.
Finally, Poly SDK is not a new adkit: it corresponds to AderMob. This is confirmed when downloading the AderMob iOS SDK.
Implementation details of adkit hooks found in iOS/AdThief.A!tr
Typical class names
AdMob and Google Mobile Ads SDK
YouMi* – delegated to Google Ads
iOS/AdThief is a technical and malicious piece of code which hijacks revenue from 15 different adkits. It is built on top of the Cydia Substrate platform, available for jailbroken devices, which provides it with an easy way to modify advertisement SDKs. With Substrate, the malware needs only to focus on the call and implementation of each hook.
At first, the identification of every adkit the malware targets was difficult because the code mentions only class names used by each adkit SDK. However, the fact that the malware author did not strip out debugging information helped us to identify all 15 adkits. In particular, this is how support for Komli Mobile and GuoHeAD was detected.