Complex Android Malware Warning

 

  

News has emerged from mobile security firm Lookout that a bug called NotCompatible, was the most sophisticated Android bug it had seen. The hackers behind the malware had recently rewritten its core code in order to make it more difficult to defeat. Mobile malware that is specifically aimed at Smartphones is surely getting more and more complex. A security analyst at Lookout, Jeremy Linden said, ‘The group behind NotCompatible are operating on a different plane to the typical mobile malware maker.’ He said, mobile malware campaigns usually lasted only a couple of weeks but the NotCompatible creators had been operating for more than 48 months.

The bug first hit the open back in 2012, only now it is on its third iteration.  Linden added that the latest version had been rewritten recently and was now as sophisticated as the type of malware that is usually aimed at desktop computers. The latest version employed ‘end-to-end encryption, peer-to-peer networking technologies and stealth operating procedures to help it avoid being spotted and removed’ he said.

Linden continued, ‘They are successful enough to make it worth ripping out the back end of the malware to make it be much more stable and resistant to efforts to take it down…This is the most technically sophisticated threat we are facing and it’s the most worrying to us.’ said Mr Linden.

Linden said phones that were compromised had been used in numerous scams including sending spam, attacking WordPress blogs and buying tickets for popular events in bulk, so that they then could be resold at a massively significant profits.

The spread of NotCompatible is quite prolific; it occurs via spam and websites that are seeded with booby-trapped downloads. Android users are to be wary of any application that requires a security update to be installed before the app can be run.

Writer : Scott Leen

Source: http://news.filehippo.com/,  November 26, 2014 

Download And Install Microsoft Windows 10 Technical Preview In A Sandbox Step by step (Free).

All eyes are on Microsoft next year, in 2011 the team screwed up by offering a mobile-like experience to Windows customers with Windows 8, alongside pricing it rather highly, compared to Apple who decided to drop the price of OS X and make it free to all desktop users on the platform.

It looks like Microsoft will take a note from Apple’s book and make Windows 10 (also Windows 9) free for all consumers. Notice the last bit? Yep, Microsoft will still offer paid features and upgrades for enterprise, the one market they can count on.

Enterprise has been stuck in this time-lapse where Windows XP is still acceptable, but throughout the past half decade, we have seen a steady move to the new age-old option: Windows 7, which will probably last longer than Windows XP if Microsoft doesn’t hit a home-run with Windows 10.

Microsoft will make the initial upgrade to Windows 10 free for enterprise, but offer paid privileges like only having to update annually, better admin controls, more enterprise level help on basic functionality – allowing a company to install the system without having issues.

It is about time Microsoft dropped the price for Windows, especially when they offer Windows Phone – their mobile product which will become Windows 10 in 2015 – for free to smartphone users.

Microsoft will talk more about Windows 10 at BUILD in April next year. Until then, we will get to see the latest updates via the Technical Preview, launched last month by Microsoft.

If you love Windows and just can’t wait for the final public release of Windows 10 then don’t worry Windows 10 Technical Preview is here and available to download and install at your leisure. Microsoft made the OS available for download recently and it’s available free of charge.

If you want to get up close and personal with the latest version of Windows then you have a couple options. First up, if you have an old PC that isn’t doing very much then you could install Windows 10 from a flash drive. That may not be the best solution. We think it would be better to run the new OS inside a “sandbox,” a virtual machine. This way it won’t affect your system in any way and it’ll be more convenient than rummaging around for that old PC.


System requirements

• Basically, if your PC can run Windows 8.1, you’re good to go. If you're not sure, don't worry—Windows will check your system to make sure it can install the preview.
• Processor: 1 gigahertz (GHz) or faster
• RAM: 1 gigabyte (GB) (32-bit) or 2 GB (64-bit)
• Free hard disk space: 16 GB
• Graphics card: Microsoft DirectX 9 graphics device with WDDM driver
• A Microsoft account and Internet access

Important notes

• Some PC processors and hardware configurations aren’t supported by Technical Preview.
• To access the Windows Store and to download and run apps, you need an Internet connection, a screen resolution of at least 1024 x 768, and a Microsoft account.
• After you install the preview, you won't be able to play DVDs using Windows Media Player.
• If you have Windows 8 Pro with Media Center and you install the preview, Windows Media Center will be removed.
• The preview won’t work on Windows RT 8.1 and Windows N editions.
• The preview is not available for Windows Phone.
• A small number of older, 64-bit CPUs might be blocked from installing the preview.
• If you're running Windows 7 without SP1, you can only upgrade to the preview by downloading an ISO file. If you install Windows 7 SP1, you can upgrade to the preview by using Windows Update or by downloading an ISO file.

Download Windows Technical Preview
Follow these steps to download Technical Preview:

1. Sign up for the Windows Insider Program, if you haven't already.
2. Read the system requirements.
3. Click one of the Download links on this page to download a special file—it's called an ISO file—that you can use to install the preview.
4. When the download is complete, transfer the ISO file to installation media such as a USB flash drive or DVD.
5. Boot your PC from the installation media, and then follow the steps to perform a clean install.

Important.

• You'll need a third-party program to convert the ISO file into installable media—DVD burning software often includes this capability.
• Remember, trying out an early build like this can be risky. That's why we recommend that you don't install the preview on your primary home or business PC. Unexpected PC crashes could damage or even delete your files, so you should back up everything.
• If you want to stop using Windows Technical Preview and return to your previous version of Windows, you'll need to reinstall your previous version from the recovery or installation media that came with your PC—typically a DVD. If you don't have recovery media, you might be able to create recovery media from a recovery partition on your PC using software provided by your PC manufacturer. You'll need to do this before you upgrade. Check the support section of your PC manufacturer's website for more info.
• After you install Windows Technical Preview, you won’t be able to use the recovery partition on your PC to go back to your previous version of Windows.

Official Site Windows 10 Technical Preview download link :

Download links

Product key: NKJFK-GPHP7-G8C3J-P6JXR-HQRJR

Language	Link to download	SHA-1 hash value
English (United States) 64-bit (x64)	Download (3.81 GB)	EB75A3D3C0F621F175B75DC65DB036D0E00EAC43
English (United States) 32-bit (x86)	Download (2.93 GB)	73AC23AD89489855F33CA224F196327740057E2E
English (United Kingdom) 64-bit (x64)	Download (3.79 GB)	17C6CD7224D13DB61B93A4A9D38202E3A0019378
English (United Kingdom) 32-bit (x86)	Download (2.94 GB)	BFF496678A09255738BFBFA14903295D55478C33
Chinese (Simplified) 64-bit (x64)	Download (3.96 GB)	135E3193571C5AF9FBF36D24D07B2BE7EE49B2E8
Chinese (Simplified) 32-bit (x86)	Download (3.05 GB)	3EE3A2033BE666BA55AFED3FCF6BB52A7C15C7CC
Portuguese (Brazil) 64-bit (x64)	Download (3.76 GB)	3DA91BB9EA7316F670C0A132D940FC1D58BAB296
Portuguese (Brazil) 32-bit (x86)	Download (2.91 GB)	611FE8F94906EFE75F64D197913344AC040DF644

Windows 10 Technical Preview enterprise edition.

DOWNLOAD

Quick guide to install Windows 10 Technical Preview 

To install Windows 10 Technical preview doesn’t take too long, the whole process takes approximately 30 (depending on the speed of your PC). This is a quick guide on how to install what you need in a few steps:

1. Start off by navigating Microsoft’s website and download the Windows 10 Technical Preview ISO file. Just simply click through the “Get Started” and “Join Now” screens, then scroll down and choose the appropriate language and version (32- or 64-bit).
2. Download and install Oracle VM VirtualBox, the free virtualization tool which is going to make it possible for you to run Windows 10 inside Windows. 
3. Run VirtualBox, then click the New icon. In the Create Virtual Machine dialog box, type ‘Windows 10,’ then click the version selector and choose Windows 8.1 You must ensure that you match the ISO to what you downloaded, either 32 or 64 bit, to what version is listed for 8.1.
4. VirtualBox will provide you with a recommended memory size; accept unless you have a specific reason for changing it. Then select ‘Create a virtual hard drive’ and click Create. Accept VDI as the file type for the drive and then choose Fixed Size for the virtual drive. Finally, click Create and wait while VirtualBox constructs your virtual drive.
5. When the drive is ready, click the Start button in the VirtualBox toolbar. You’ll see a box telling you to ‘Select start-up disk.’ Just Click the file folder next to the pull-down and navigate to the Windows 10 ISO file you downloaded in the first step and click Start.
6. Now just install Windows as normal, but make sure to choose the ‘Custom: Install Windows only (advanced)’ option when asked. As usual, the setup process may involve a few reboots, though only within the confines of the VM.

Voila! Now you should have a version of Windows 10 running inside a safe and sandboxed window. Please note although the installation appears to have completed, you will have to reboot the system manually once more. After that, you are good to go for as long as you have the preview trial.

Technical Preview expires on April 15, 2015

If you’re running Technical Preview, we'll send you notifications beginning on April 1, 2015 to remind you that it’s time to upgrade your PC to a newer version.

Oracle VM VirtualBox download link :

DOWNLOAD

Source : 

1. http://news.filehippo.com/
2. http://windows.microsoft.com/

Top Malware in Indonesia October 2014

Towards the close of 2014, the spread of malware in Indonesia is still dominated by four large microbots like an overwhelming number of computer users threaten Indonesia. 

In addition to four of the Trojans, Adware, Exploit and Worm. Specifically in the category of Adware, recorded six dominant adware which controls more than 75% of adware infections, reminiscent of Baymax and 5 other Marvel hero who joined the Big Hero 6. 

In October 2014, there were a malware infection that is quite dominant and could even beat Exploit and Worm. Malware is Sality which alone beat Worm and Exploit. 

For details of malware that infects Indonesia in October 2014 can be found in the description and figure 1 below:

Figure 1, Malware Statistics Indonesia, 2014

Trojan 42,5 %

Trojans managed to control nearly 50% of malware infections in Indonesia in October 2014 and this action led by Trojan.Crypt.HO and JS.Runner.BH are responsible for 44% and 32% of the total Trojan infection. While ranked 3-5 were occupied by Trojan Autorun (2.7%), dropper (3.66%) and Trojan.LNK (8.02%) were responsible for much of spreading malware Shortcut in Indonesia.

For information, Trojan.Crypt.HO are brothers and both this malware Sality support each other. The high spread of Trojan.Crypt.HO will directly lead to high deployment Sality. This is evident from the statistics malware months in October 2014 where malware Sality successfully ranked third beat Exploit and Worm.

While JS.Runner.BH is a dangerous trojan which focuses himself to steal secret data is a victim computer. JS.Runner.BH infection usually occurs from bundling with programs on crack and torrent. JS.Runner also will download other malware and activate it, but that he would open security of computer operating system in the infection. In many cases, the infected programs JS.Runner will experience performance degradation becomes very slow due to malware is spending too much computer resources. The bad news, JS.Runner.BH hard to kill, because it modifies the registry and disguised as a legitimate Windows file system. Whenever in the clear, he will come back and back again. For a complete dafatr detected Trojan can be seen in Table 1 below.

Table 1, which infects the Top Trojan Indonesia in October 2014

Adware 24,7 %

If the Trojans dominated by two types Crypt and JS.Runner which controls 76% of the total Trojan infection, then Adware have a spread more evenly. Like a Big Hero 6, it took 6 names to dominate 74% of adware adware infection in October 2014. The six names are BrowseFox (34.81%), which controls 12.04% Adware.Graftor, Swiftbrowse (9.06%) , Search Protect, Browsefox.H and Relevant Knowledge.

Browsefox began detected carry out the action in mid-2014 and included into the PUP (Potentially Unwanted Programs) aka actual unwanted programs and in a way that sometimes tricky installs itself on the victim computer along with other popular programs are usually free from Brothersoft, Softonic and Cnet (download .com). In many cases PUP actually made by the authorized software company but has a low concern for the security and convenience of computer users and is only concerned with corporate profits above all else.

Adware.Graftor as Browsefox also installed along with other freeware and in many cases berbentul Add On a browser or additional toolbar to the browser. Please be careful to add a new toolbar or add on your browser in order to avoid the Adware infections. For a complete list Adware infecting Indonesia in October 2014 can be seen in Table 2 below.

Tabel 2, Top 10 Adware Indonesia Oktober 2014

After adware, Win32 / Sality is the only single malware capable ranks third with infection as much as 9.1% as most malware stopped by G Data. If successful menginfekis your system, Sality will run payloadnya spamming action to harvest email addresses from Outlook and Internet Explorer cached. He has the ability to penetrate the Windows Firewall protection and avoid blocking antispam company in carrying out the action.

Exploit 6,7 %

Just like the previous period, the exploitation of the most widely exploited CVE-2010-2568 is (81.30%) and CVE-2011-0979 (see table 3 below:

Table 3, the most widely Exploit stopped by G Data with anti Exploit

Security loopholes are imperfections or errors in programming (bugs) in all man-made software such as Microsoft Windows, Linux, MS Office, Adobe Acrobat, Java, Browse (IE, Chrome, Firefox etc), OpenSSL, Squid, and so on are usually unconscious / unintentional. This bug can cause system instability, crashes or system can be accessed / controlled by other people who are not eligible. Security loopholes always found every day and there is no way to avoid the threat of exploitation of this vulnerability in addition to the patch (patch) as you do every day to update the software. Security holes are cross platform and not just one particular operating system monopoly. In fact, in the case of popular applications such as Acrobat Reader or Java are very popular and used a variety of operating systems enable the exploitation of a cross on the operating system on which the application containing the security loopholes in installed. Therefore, it is very important to have adequate protection against exploitation of security holes in your system to always do a software update to get the latest on vulnerability patches. If possible and you have the funds, make sure you have an antivirus program has protection against exploits a security hole in order to maximize the protection of your system. Active protection against this exploit is very important because the system contains vulnerabilities that have not been patched (patch) will be infected by malware that exploits a security hole EVEN proficiency level the system is protected with updated antivirus program. So exploit security holes can bypass the protection afforded by antivirus programs. 

The two exploits vulnerabilities that most Anti Exploit stopped Gdata with this is:

1. CVE-2010-2568 is a real security hole LNK.Shorcut more than 4 years old but is still included in the most security holes in exploitation (81.30%), security hole is a favorite because it can be exploited to control a lot of OS Microsoft Windows workstations and servers well as Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, Windows 7 that allows the attacker to control the victim's computer with .LNK file or shortcut PIF files that have been prepared in advance . This security hole is also diekslpoitasi by Stuxnet via CVE-2010-2772 on Siemens WinCC SCADA system.
2. CVE-2011-0979 adalah celah keamanan pada Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, Office 2004, 2010, 2008 in 2011 for Mac, Open XML File Format Converter for Mac in Excel Viewer SP2. Celah keamanan united memungkinkan penyerang menjalankan program komputer yang lain guna menguasai memiliki celah keamanan united. Pada bulan October 2014, celah keamanan united menempati Nomor 2 said Bawah .LNK Shortcut draining tingkat eksploitasi sebanyak 17,89%

Worm

What is the difference worm with a virus? Definitively, worms and viruses are greeting both belong to the class of malware. But if the virus to spread itself usually requires the help of a third party, because it usually he would disguise himself as folders, JPEG files, MS Office and other files of interest. Worm has different skills that he does not need the help of a third party to infect your computer and automatically be able to infect all the computers in the network. The condition is that the infected computer has a vulnerability (vulnerability) that would exploit to run itself automatically. 2 worm most bnayak stopped by G Data is downadup (69.7%) and LNK.Runner (18.08). Downadup is long malware malware that could be number 1 in Indonesia for months. This malware has another name that may be you know, Conficker. Conficker has the ability to infect computers in the network, especially those that have the MS08-067 security holes found in Windows 2000, XP, Vista, Server 2003 and Server 2008. For those of you who want to avoid the action of Conficker, please do patching security holes mentioned above. Besides Conficker and LNK.Runner that exploit security holes shortcut, Vaksincom noted VBS malware action Dunihi, Beagle, Nimda and Palevo as in Table 4 below.

Table 4, Worm most widely discontinued in October 2014

In addition to malware-malware mentioned above, recorded zusy, Buzy, Virtob, Autorun and Trojan dropper that dominate the spread of malware in Indonesia in October 2014. The full list of malware that infects Indonesian statistics and stopped by G Data Antivirus Enterprise can be viewed at Table 5 below.

Table 5, Malware Top Indonesia Oktober 2014

Author: Alfons Tanujaya

Sumber : http://vaksin.com/, 10 November 2014.