Category Archives: TechNews

GlobalHackNews Is The Popular Blog of IT Security, Cybersecurity, and Latest Hacking News Update. Read Regular News to Improve Your Security.

TechNews

Basic Google-Chrome Settings 2020 Launching The Settings Page

Google-Chrome SettingsGoogle-Chrome Settings, Launching the Settings Page. You Are Able to open the Preferences page by clicking the pub together with three piled horizontal

Lines to the remaining address pub; that will open up a drop-down menu, and also Settings
Is positioned to rock bottom of this screen.

Customers also can sort in chrome://chrome/settings/ to the address bar to find
The webpage, and also Mac OS X People can also start the Settings page by simply choosing Chrome >Preferences or hit (Command key plus the comma key)

Browser Settings

1. Open the Preferences site (instructions above)

chrome setting 2020

2.Locate that the “Preferences” section and pick “Content Settings…”

    1. Observe — for several users, they are going not to see that this setting till They expose
      Innovative settings; possess the user scroll to the stone bottom of the page, and also
      If there is a link which states” Present advance configurations…” request the consumer to Click thereon

3. Within the” Content settings “overlay be certain the following selections are set:

A. Upgrades: Let local data to be set (advocated )
B. Cookies: the alternative for “Block third-party cookies and info” will be
Unchecked
C. empower all websites to conduct Java Script (advocated )
D. Pop-ups: Allow all websites to point out Pop-Ups

I. Notice: If the consumer does not need to Allow popups for several sites,

Have them move on the “Manage exceptions” button to Open a” Popup exceptions” overlay; here possess them kind The URL of this Internet banking domain and put the Behavior into a Permit

Security

1. Open up the Settings page (instructions previously )
2. Track down the “HTTPS/SSL” section and choose “content material options…”

A. Note — to get many consumers they are going not to see this setting till They expose
Advanced configurations; have the user scroll to the stone base of the page, and

If there is a connection that says “Show progress settings…” ask the consumer to
Click on thereon
3. Look at the box adjacent to “Check for server certificate revocation”
Deleting the Cache:

1. Open up the Settings page (directions above)
2.Within the left navigation click “History”
3.Click on the “Clear all navigating data…” button at the highest of this page; this will
4.Open up an overlay together with all the title “Obvious browsing information”
From the “Obliterate the subsequent things from” the Dropdown, choose” the beginning of time”
5. Make certain the subsequent item is checked and uncheck all other objects not recorded:
6. Just click on the “Clear surfing info” button

Deleting Upgrades Only:

1. Open the Preferences site (instructions above)
2. Over the left-hand navigation click “History”
3. Click on the Crystal Clear all of the browsing data…” button at the highest of this page; that can Open an overlay using the name “Obvious surfing info”
4. From the  “Obliterate the following items from” the Dropdown, choose the
The Day variety that’s most suitable; please Be Aware This could delete all cookies for the consumer for the specified deadline regardless of the site:

    1.  Choosing “the last day” ought to help clear snacks associated with a consumer’s
      session
    2.  Choosing “the Outset of time” will remove all cookies within the
      Browser

Make sure the subsequent item is checked and uncheck all other goods not recorded:

  1. Delete cookies along with alternative web site along with plugin info

6. Click the “Clear surfing data” button

Cyber Attack, internet, Malware, TechNews

Google Add New Password Protections alerts to Chrome for Android, iOS

Password Protections alertsGoogle has added a new update to improving password security on both Android and iOS devices by telling you if the passwords you’ve asked Chrome to remember have been compromised.

Google Add New Password Protections alerts to Chrome for Android, iOS

The browser alerts you if any of the passwords you have asked it to save have been compromised, and lead you straight to the right ‘change password’ .

Chrome will check if your passwords are compromised passwords, they send a copy of your usernames and passwords to Google using special encryption code. Lets Google checks it against credentials known to be compromised, but Google cannot derive your username or password from this encrypted copy.

Moreover, Google also establishes its Safety Check feature to the Chrome mobile release after first launching it on desktop. This will include checking whether your browser version is up to date and if you’ve enabled Safe Browsing.

Google will also add new features in Chrome 86 that is rolling out now, to improve user security. It will also be launching Enhanced Safe Browsing for Android & ISO through which Chrome can protect you against phishing, malware, and other harmless websites, by sharing real-time data with Google’s Safe Browsing Service. Google had released Enhanced Safe Browsing for desktop Advance this year.

Enhanced Safe Browsing for Android

Earlier this year, We launched Enhanced Safe Browsing for desktop, which gives Chrome users the option of more advanced security protections.

When you turn on Enhanced Safe Browsing, Chrome can proactively protect you against Phishing, Malware, and other Dangerous sites by sharing real-time data with Google’s Safe Browsing service.

Among our users who have enabled checking websites and downloads in real-time, our predictive phishing protections see a roughly 20% drop in users typing their passwords into phishing sites.

Google Chrome Creators Group also announced a biometric authentication step before auto-dialing passwords for iOS. You can authenticate using your Face ID, Touch ID, or phone passcode. If you enable Chrome autofill in Settings, Chrome Password Manager allows you to autofill saved passwords into iOS apps or browsers.

Google Chrome also block or warn on some insecure downloads initiated by secure pages. This is also part of Google Chrome’s plan to gradually block mixed downloads altogether.
The feature, which can be easily accessed in the ‘Settings’ tab under ‘Sync and Google services’, relies on Google’s service known as Safe Browsing, which contains a database of unsafe web facility that updates every 30 minutes.

According to Google, however, many phishing sites slipped through the time window, Google says that the expansion of its phishing protection and real-time scanning on the desktop has been shown to create alerts for an extra 30 percent of phishing sites.

kickass, TechNews, trick

1337x unblock Best Proxy Server List [100% Working]

1337x proxy1337x, it’s one of the best torrent trackers around 1337x was released in 2007 and get populated in 2016 because in this year the popular torrent website Kickass Torrents was shut down by the government due to malware attacks. and also 1337x has been blocked by the Government because most of the time it comprises malware attacks.so now if you visit any 1337x proxy site directly, maybe you know the proxy is not working directly,

So in this article, I will show you Live 1337x Torrent Best Proxy Server List 2019 [100% Working] a list of Kickass Torrents and kickass proxy different sites which is listed among the world tormenting piracy hub.

Now Enjoy the 1337x Proxy List

No. 1337x Proxy Status Speed
1. 1337xto.to Online Very Fast
2. x1337x.ws Online Very Fast
3. 1377x.to Online Very Fast
4. x1337x.eu Online Very Fast
5. x1337x.se Online Very Fast
6. 1337x.st Online Very Fast
7. 1337x.tel Online Very Fast
8. 1337x.io Online Very Fast
9. x1337x.se Online Fast
10. 1337x.is Online Fast
11 1337x.pl Online Fast
12. 1337x.to Online Fast
13. 1337x.tv Online Fast
14. 13337x.top Online Fast
15. 1337x.one Online Good
16. 1337x.so Online Good
17. 1337x.unblocked.win Online Good
18. 1337x.unblocker.win Online Good
19. 1337x.unblocker.cc Online Good
20. 1337x.unblockall.org Online Good

 

Note Before Use Proxy
1337x Proxy and alternatives have been created for Information and education purpose. We check the use of the torrent site to download the copyright-protected content

In 2019 according to similar web data 1337x was the third most popular torrent website and this site has more than 100 million visitors per month and I will inform that the official domain is blocked some countries like Spain, India, China. but don’t worry if not access 1337x then use VPN you cant use easily access.

The Best VPN for 1337x Proxy Server (2019-20 Edition)

Rank VPN Provider Link
rank expressvpn expressvpnfeatures
rank nordvpn
ipvanish
rank ipvanish
nordvpn

 

How to Unblock 1337x in Mobile

You can download one of the below apps for your mobile, These apps will change your IP Address and You will be access to browse 1337x website unblocked

  1. Tor Browser
  2. Psiphon
  3. VPN book
  4. VPN gate

Here also 5 Best 1337x Alternatives

1) The Pirate Bay

Visit – thepiratebay.org

2) Rarbg

Visit – rarbg.to

3) ExtraTorrent

Visit – extratorrent.cd/

4) KickassTorrents

Visit – https://katcr.co/

5) LimeTorrents

Visit – https://www.limetorrents.info/

If you Unable to access ThePirateBay the Try

SL. No. NAME Speed Status
1. Katcr.co Very Fast Working
2. Sitenable.ch Very Fast Working
3. Proxyindex.net Very Fast Working
4. Kickass2.st Fast Working
5. Kickass.cd Very Fast Working
6. Kickass-cd.pbproxy.red Very Fast Working
7. Sitenable.top Very Fast Working
8. Siteget.net Very Fast Working
9. Freeanimesonline.com Fast Working
10. Kickass.immunicity.cab Very Fast Working
11. Filesdownloader.com Very Fast Working
12. Freeproxy.io Very Fast Working
13. Sitenable.co Very Fast Working
14. Kickass.unlockproj.faith Fast Working
15. Kat.li Fast Working
16. Kickass5-cd.unblocked.lol Fast Offline
17. Kickasstorrent.cr Fast Working
18. Kickass2.org Slow Working
19. Kickasstorrents.video Very Fast Offline
20. Kickass.unblockme.eu Very Fast Offline
21. Kickass.unblocked.live/full Normal Working
22. Kickass.cm Very Fast Working
23. Dusttorrent Fast Working
24. Kat.am Fast Working
25. Kickasstorrents.to Normal Offline
26. Kickasstorrents.stream Normal Working
27. Dumbtorrent.com Very Fast Working
28. TheKat.se Fast Working
29. Katcr.to Very Fast Offline
30. Kickass.unblocked.pro Very Fast Working

 

Proxy sites are not permanent ever the primary domain of the torrent website is not stable. i will keep update time to time so bookmark this site .and also if any proxy not working then comment in the below comment box 🙂

Cyber Attack, Hack News, Malware, TechNews, Vulnerability

Fortnite Bug Hacker Takeover Your Gamers’ Accounts

Leave a comment

fortnite accounts hacked

Checkpoint researchers found a bug to Fortnite Accounts Hacked‘, the account authentication process for the massively popular online battle game players accounts hacks to takeover. Hacker could have stolen login tokens by just duping the victim into clicking a WhatsApp and any social sharing link.

The sequence of an unvalidated subdomain and cross-site scripting (XSS) bug to load a JavaScript that would make allowed to bypass the protections implemented by the single sign-on (SSO) access control mechanism used for logging into Fortnite access account and most importantly an OAuth account to Fortnite Accounts Hacked.

According to the Checkpoint researchers, the cross-site scripting (XSS) bug and a malicious direct redirect issue on the Epic Games’ subdomains allowed attackers to hijack users’ authentication token simply by dumping them into clicking an especially web link.

Single Sign-On (SSO) shifts the authentication engagement to a trusted third party like (Google, Facebook, X-Box, PlayStation), which authorizes access to the resource with the access token. Fortnite Accounts Hacked

Fortnite Bug Hacker Takeover Your Gamers’ Accounts

The Fortnite user used an unvalidated domain for the login page accounts.epicgames.com, which could be redirected to another online location to hacked Accounts.

Fortnite Accounts Hacked

Epic Games’ request to their server, along with the attacker’s “crafted state” parameters received from the single sign-on (SSO)

hacking-fortnite

CheckPoint has released a video showing the exact steps of the attack and how easy it would have been to trick a Fortnite user into clicking the wrong link. The original research is available Checkpoint 

Fortnite popularity, with at least 80 million monthly players, while statistics point to nearly 250 million registered users.

Bypassing the WAF

The XSS payload was executed the WAF took effect and told us that the request was forbidden. Apparently, the only issue was the length of the script source URL, so we simply bypassed it by using a shortened URL.

Now that we had the XSS we could load our own JavaScript which, in turn, would be executed in the context of “ut2004stats.epicgames.com”. [Source:-checkpoint]

Fortnite Accounts Hacked-4

According to CheckPoint, researchers notified Epic Games’ developer of the Fortnite vulnerabilities which the company fixed in mid-December.

Fortnite developer advice players are also to enable two-factor authentication (2FA) which prompts users to enter a security code sent to their email when logging into the Fortnite game account.

Hack News, internet, TechNews

Google Users Private Data Exposed by Google+ API Bug

Leave a comment

Private Data Exposed by Google+ API BugGoogle Users Private Data Exposed by Google+ API Bug: Google has sending Alert email to those who were affected by there Google+ API bug which was disclosed in December 2018. In this notification, Google sends to the user which data leak and that app had access to it.

Google announced that on 10 December 2018 disclosed google+ API bug which allow user app that user permissions to access Private data we do not support to that access.
According to Google+ disclosure, This bug affected by over 50 million Google+ users
Last week on 7 January 2019. google+ user affected by this bug have received notification from google

Google Notification

Google Users Private Data Exposed by Google+ API Bug

google-api-bug
Source: julishwa

Dear Google User,

We are writing to inform you of a technical issue caused by a software update, which affected Google+ APIs (Application Programming Interfaces) between November 7th, 2018 PT and November 13th, 2018 PT when the issue was fixed. We have determined that the impact of this technical issue was limited to Google+ APIs that return profile
information about users and resulted in two potential unintended effects:
1. If you granted the app permission to view your profile information, such as name, email address, occupation, the app inadvertently was able to request and view more profile fields that you granted the app permission to view.
2. If a person with whom you had shared profile information granted an app permission to view your public profile fields, that app was able to request and view your public profile fields, as intended, but inadvertently was also able to request and view any profile fields you had shared with that person, including profile fields that you had shared with that person but not shared publicly.
This issue was limited to profile fields and did not give developers access to information such as financial data, national identification numbers, passwords, or similar data typically used for fraud or identity theft.
The issue was detected by our automated testing and fixed on November 13th, 2018 PT.
We have no evidence that the app developers who inadvertently had this access for six days were aware of it or misused it in any way.

For your information, we are attaching a list of the affected fields and the corresponding app names (where available). For a list of all third-party apps you have granted access to your account, please review your security preferences – Third-party apps with account access.

Please note that this issue was discussed in the Google+ blog post dated December 10th, 2018. We would like to sincerely apologize for any inconvenience this may have caused. If you have any questions please contact us via this form.
Sincerely,
The Google Apps Team
Google decided to shut down their Google+ social service platform in August 2019 due to a prior API bug leaked the personal information of up 50 million Google+ accounts.
Hack News, TechNews

Goodbye manual WordPress updates, hello Manage WP Automatic Updates

Leave a comment

wordpress update

WordPress (WP)version 4.9.3 was released an update earlier in this week with patches for a total 30+ vulnerabilities still unfortunately WordPress , the new version broke the automatic update mechanism for millions of blog.

WordPress team has now issued a new maintenance update, WordPress 4.9.4, to patch this severe bug, which WP admins have to install manually.

According to the security plugin WordFence, when WP CMS tries to determine whether the site needs to install an updated version, if available, a PHP error interrupts the auto-update process.

If not updated manually to the latest 4.9.4 version, the bug would leave your website on WP 4.9.3 forever, leaving it vulnerable to future security issues


WP lead developer Dion Hulse explained about the bug:

#43103-core aimed to reduce the number of API calls which get made when the auto-update cron task is run. Unfortunately, due to human error, the final commit didn’t have the intended effect and instead triggers a fatal error as not all of the dependencies of find_core_auto_update() are met. For whatever reason, the fatal error was not discovered before 4.9.3’s release—it was a few hours after release when discovered.

thus, WP administrators are being urged to update to the latest wp release manually to make sure they’ll be protected against future vulnerabilities.

To manually update their WP installations, admin users can sign into their WP website and visit Dashboard→Updates and then click “Update Now.”

After the update, make sure that your core WP version is 4.9.4.

However, not all websites being updated to the faulty update have reported seeing this bug. Some users have seen their website installed both updates (4.9.3 and 4.9.4) automatically.

Moreover, the company released two new maintenance updates this week, but none of them includes a security patch for a severe application-level DoS vulnerability disclosed last week that could allow anyone to take down most WordPress websites even with a single machine.

Since WordPress sites are often under hackers target due to its wide popularity in the content management system (CMS) market, administrators are advised to always keep their software and plugins up-to-date.

Apps update, TechNews

Whatsapp new update feature allows users to control unwanted notifications

Leave a comment

Facebook-owned smart messaging service WhatsApp indicate a new feature to organist notifications by importance and block the unwanted notifications.

Whatsapp new update
`

WhatsApp offers 10 notification channel categories, which users can control individually.

  1. Chat History Backup
  2. Group Notifications
  3. Critical App Alerts
  4. Message Notifications
  5. Sending Media
  6. Silent Notification
  7. Media Playback
  8. Failure Notifications
  9. Uncategorised
  10. Other Notifications
TechNews

Bitcoin Marketplace NiceHash CEO Resigns After $60 Million Hack

‘Bitcoin marketplace NiceHash’s loss was about 4,736.42 Bitcoins, worth more than $60 millionss.

bitcoin CEO ResignsSan Francisco: Marko Kobal, the co-founder of Slovenian Cryptocurrency mining market NiceHash that lost over $60 million in a Bitcoin hack in December, has stepped down as the company’s CEO. “As you are aware, since the recent security breach we at NiceHash have been working round the clock to rebuild our internal systems as well as management structure. I shall now stand aside and allow new management to lead the organisation through its next, exciting period of growth,” Kobal recently wrote in a statement on LinkedIn.

The marketplace has appointed Zdravko Poljasevic as the new CEO who did not previously have a position at the company, according to Delo, a Slovenian newspaper. The marketplace is now up and running again, and has announced in an official statement that it will reimburse the affected users, according to electronic trading website Finance Magnates.

Earlier in December, the mining marketplace announced that hackers wiped out its entire Bitcoin wallet, resulting in a loss of $63 million worth of Bitcoin.

The founders apologised about the hack on Facebook Live and were forced to shut down operations for 24 hours. “Unfortunately, there has been a security breach involving NiceHash website. We are currently investigating the nature of the incident and, as a result, we are stopping all operations for the next 24 hours,” the marketplace had said in a statement.

The loss was about 4,736.42 Bitcoins, worth more than $60 million. The bitcoin prices on Tuesday were trading around $13,500 on the Luxembourg-based cryptocurrency exchange BitStamp. The bitcoin prices rose 14 times in 2017 from nearly $1,000 to around $14,000.

Malware, TechNews, technology

 Found On Over 460 HP Laptop Pre-Installed Keylogger

2 Comments

hp-laptop-keyloggerHP has keyloggers onto its customers’ laptops.by the way Two times this year, HP laptops remained caught with a pre-installed keylogger

A security researcher declaring to have found a built-in keylogger in several HP laptops, a security researcher who goes to the name of ZwClose‘ discovered a keylogger in several Hewlett-Packard (HP) laptops that could support hackers to record your every keystroke and swipe sensitive data, including passwords, account information, and credit card details.

A keylogger was found secured in the ‘SynTP.sys file‘, a part of Synaptics touchpad driver that vessels with HP notebook, devising more than 460 HP laptop models which vulnerable to hackers.
Although a keylogger segment is incapacitated by error, hackers can make use of possible open source tools for bypassing User Account Control (UAC) to allow built-in keylogger]

“by setting a registry value.”

Here’s the location of the registry key:

  • HKLM\Software\Synaptics\%ProductName%
  • HKLM\Software\Synaptics\%ProductName%\Default

The researcher advised the keylogger ingredient to HP last month, and the company acknowledges the occupancy of keylogger, saying it was actually “a debug trace” which was left unexpectedly but has now been eliminated.

Also read:- 5,000 WordPress websites plagued with Keylogger

“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impact all Synaptics OEM partners,” HP says in its advisory, calling the keylogger as a potential, local loss of confidentiality.

“A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”

Recently HP  has been released an update for all the affected HP Notebook/Laptop  Models.

If you have an HP laptop, you can look for updates for your model. Drive also available the HP Support website