Category Archives: TechNews

GlobalHackNews Is The Popular Blog of IT Security, Cybersecurity, and Latest Hacking News Update. Read Regular News to Improve Your Security.

31 Million Client Registration Files Leaked by Personalized Keyboard Developer.

Personal data of 31,293,959 users of a popular virtual keyboard app, ai.type, has leaked online due to a misconfigured MongoDB database. Security researchers have reported that the co-founder of ai.type, Eitan Fitusi, failed to secure the database’s server and it took several attempts to contact him before the data was secured. The keyboard app claims to have over 40 million downloads on Google’s Play Store.

“The misconfigured MongoDB database appears to belong to Ai.Type a Tel Aviv-based startup that designs and develops a personalized keyboard for mobile phones and tablets for both Android and iOS devices,” Kromtech Security Center said.

31 Million Client Registration Files Leaked by Personalized Keyboard Developer.

Hoards and hoards of personal data remained exposed online

While it may have tens of millions of users all over the world, the app’s developers failed to protect the database with a password, enabling anyone to access this database that is over 577 GB heavy. Some of the personal user data included:

  • User’s full name
  • Email address
  • Phone number
  • Duration the app remained installed on their device
  • Device’s IMSI and IMEI number
  • Phone make and model
  • Android version
  • User’s precise location (long/lat)
  • Links and the information associated with the social media profiles (birthdate, title, emails etc.) and photo (links to Google+, Facebook etc.)
    IP (if available)

Kromtech added that over 6 million records also contained data from users’ contact books, “in total more than 373 million records scraped from registered users’ phones, which include all their contacts saved/synced on linked Google account.” If that wasn’t enough data for the keyboard to mine, security researchers added that “there was a range of other statistics” including the most popular users’ Google queries for different regions.

“It is clear that data is valuable and everyone wants access to it for different reasons,” Alex Kernishniuk, VP of strategic alliances at Kromtech, said. “Some want to sell the data they collect, others use it for targeted marketing, predictive artificial intelligence, and cybercriminals want to use it to make money in more and more creative ways.”

This is once again a wakeup call for any company that gathers and stores data on their customers to protect, secure, and audit their data privacy practices.
It shouldn’t come as a shock to anyone since keyboard apps usually come with a warning that they may be able to collect “everything” you type. Security researchers have continued to warn that these apps could also steal your passwords despite their assurances. ai.type is no innocent in this game of data collection. While it promises to keep the content “encrypted and private,” the company failed to even secure the database.Hoards and hoards of personal data remained expo

For now, the database has been secured and hopefully, we will see fewer of these “incidents” after the release of MongoDB 3.6 that makes it impossible for sloppy businesses to accidentally connect a database to the internet without login protections. But, that doesn’t mean they will stop collecting your data. At this point, Kromtech warns that anyone who had ever downloaded and installed ai.type keyboard should consider their data out in the open. “This presents a real danger to cybercriminals who could commit fraud or scams using such detailed information about the user,” Bob Diachenko of the Kromtech Security Center said.

“It raises the question once again if it is really worth it for consumers to submit their data in exchange for free or discounted products or services that gain full access to their devices.”

Imgur confirms security breach 1.7 billion login details

Imgur security breach
 Imgur.com user in 2014, you strength want to consider editing your password 27th  November 2017. The photo-sharing site revealed (via Engadget) that it learned of a security breach in 2014 that discredited the e-mail addresses and passwords of around 1.7 million users.

Imgur Chief Operating Officer, Roy Sehgal, announced that the breach befell in 2014. Sehgal explains that Imgur does not collect names, addresses, or phone numbers from its users and that only user e-mails and password information was leaked. According to ZDNet, Troy Hunt, who runs the information service Have I Been Pwned, got the data, and adapted over the data to Imgur.

The company announces that it’s still investigating the incident, but that it believes that hackers cracked the older algorithm that was used at the time with brute force. The company upgraded its encryption in 2016.

Company response:

“We take the protection of your information very seriously and will be conducting an internal security review of our system and processes. We apologize that this breach occurred and the inconvenience it has caused you,” Sehgal concluded.

Hunt has recommended Imgur’s swift reaction and handling of the disclosure of the breach, although some users will surely be miffed by the fact that the breach happened and they never noticed.

Unfortunately, data breaches like this one have become the new normal. Imgur says they’ve switched to scrambling user passwords with bcrypt last year. And, according to Hunt, 60% of the leaked email addresses were already in Have I Been Pwned’s database.

WhatsApp down again or not working today on November

#DeletFacebook

WhatsApp is the go-to prepared messaging app for smartphones and now desktop computers with Web presenting it very convenient for users. it is now an essential part of daily life for customers using their data allowance to send messages, pictures, video, phone calls, and audio messages all directly through the app.

That means Whatsapp needs to be working at all times without fail, but as usual, there are times when it will suddenly go down without notice – sending users into a crisis as they can no longer send or receive messages for long periods of time.

Is Whatsapp down for you on Thursday, November 30, 2017, right now and not working on either the web app on the desktop and on mobile?

Leave your message below with your Whatsapp service status for iOS and Android in your area and look out for updates from PR editors and other users on when an official outage is ongoing.

Read also:-

 DOWN – Chat app NOT WORKING for Milion’s of user
Top Secret Windows and Kali Linux Commands
Over 115,070 Drupal Sites Still Vulnerable to Drupalgeddon 2
Top Secret Windows and Kali Linux Commands
Unplug your Alexa devices immediately, You’re being hacked
Windows Repair all in one | Free Download

macOS High Sierra security vulnerability: Get full root access without password | How to fix

There issues to be a dangerous bug in macOS High Sierra that permits the root superuser on a Mac with a blank password and no security check.macOS High Sierra security vulnerability: Get full root access without password | How to fix

The flaw found by developer Lemi Ergin, allows anyone log into an admin account using the username “root” with no password. This works when essaying to access an administrator’s account on an unlocked Mac, and it also implements access to the login screen of a locked Mac. 

Read also:-Mirai Botnet Variant Found Targeting ZyXEL Devices In Argentina
To replicate, follow these steps from any kind of Mac account, admin or guest: 

1. Open System Preferences 
2. Choose Users & Groups 
3. Click the lock to make changes 
4. Type “root” in the username field 
5. Move the mouse to the Password field and click there, but leave it blank 
6. Click unlock and it should allow you full access to add a new administrator account. 

macOS High Sierra security vulnerability: Get full root access without password | How to fix


At the login screen, you can also use the root trick to gain access to a Mac after the feature has been enabled in System Preferences. By the login screen click “Another,” and then enter “root” again with no password. 

This allows for admin-level access directly from the locked login screen, with the accountable to see everything on the computer. 

It resembles that this bug is already in the current version of macOS High Sierra, 10.13.1, and the macOS 10.13.2 beta that is in testing at the consequence. It’s not clear how such a significant bug got past Apple, but it’s likely this is something that the company will immediately address. 

How to fix?


Till the problem is fixed, you can enable a root account with a password to prevent the bug from working. We have a full how-to with a full rundown of the steps available here. 
Update 1 : An Apple spokesperson explained MacRumors that a fix is in the works:“We are working on a software update to address this issue. In the meantime, setting a root password prevents unauthorized access to your Mac. To enable the Root User and set a password, please follow the instructions here: https://support.apple.com/en-us/HT204012. If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘Change the root password’ section.”

Update 2: Apple released a security update to address the vulnerability on Wednesday morning. The update can be downloaded on all machines running macOS 10.3.1 using the Software Update mechanism in the Mac App Store. Apple says it will automatically push out the update to all users who have not installed it later in the day. 
In a declaration granted to MacRumors, Apple said the company’s engineers worked on a fix as soon as the problem was found. Apple also apologized for the vulnerability and said its development process is being audited to prevent something comparable from occurring in the future.

Read also:-Uber paid hackers $100,000 to keep data breach a secret

Security is a top priority for every Apple product, and regrettably, we stumbled with this release of macOS. 


When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. That morning as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra. 

macOS High Sierra security vulnerability: Get full root access without password | How to fix We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
All users should download the new security update immediately. 

Bluetooth Hack Affects 20 Million Amazon Echo and Google Home Devices

BlueBorne Cyber Threat Impacts Amazon Echo and Google Home


20 million Amazon Echo and Google Home individual accessory devices have been at risk of hacking attacks accepting a security blind-spot called BlueBorne, US-Israeli IoT cybersecurity firm Armis said Wednesday.

Bluetooth Hack Affects 20 Million Amazon Echo and Google Home Devices
“By exploiting unpatched devices, hackers can take them over, spread malware, and establish a ‘man-in-the-middle’ attack to gain access to critical data, personal information, traffic, and networks,” Aramis said in a statement.


The firm announced it informed both Google and Amazon of the vulnerabilities before it began its budget, providing the US monsters to release security applications and updates are hackers got to know about the security flaws. Google has already released patches to its partners to address the BlueBorne vulnerabilities, Armis said. Both Amazon and Google have released security updates to the Echo and Home respectively. Updates are automatic and users do not have to do anything to get them, the statement said.
BlueBorne is one of eight vulnerabilities discovered in the Bluetooth protocol that affect billions of devices globally, using the short-range wireless communication technology.
BlueBorne is exceptionally critical, as hackers etc perform airborne illnesses within any exposed Bluetooth-enabled device externally having to fool users by clicking on malicious links, downloading a file, or interacting with them in any way,” Armis said in the statement.  During the first flow of BlueBorne vulnerabilities discovered by Armis in September, the firm announced that more than 5 billion devices were subject to attack.
There are some 15 million Amazon Echoes sold and 5 million Google Home devices sold, according to September report by market research firm Consumer Intelligence Research Partners (CIRP).  Further surveys show that higher than 128 million Echoes will be introduced by 2020, Armis said in the statement. These devices are also making their way into businesses, with Armis data showing that 82 percent of its customers have the Amazon Echo in their offices.
“Burgeoning demand for digital personal assistants is expanding the avenues by which attackers can infiltrate consumers’ lives to steal personal information and commit fraud,” said Yevgeny Dibrov, CEO of Armis. “Consumers and businesses need to be aware how their devices are connecting via Bluetooth, and the networks they may be accessing, in order to take security precautions to protect their information.”
Armis implies privately maintained organization and headquartered in Palo Alto, California, with an office in Tel Aviv.

“Users do not need to take any action,” a Google spokesperson said by email. “We automatically covered Google Home several weeks ago, and neither Google nor Armis found evidence of this attack in the wild. As always, we appreciate researchers’ efforts to help keep all users safe.”

There was no immediate response from Amazon in Israel to an email requesting a comment.

UC Browser taken down from Google Play Store

UC Browser taken down from Google Play Store

UC Browser, a mobile web browser on Android which is immensely popular in India, has disappeared from Google Play Store. UC Browser is developed by UC Web which is owned by China’s Alibaba Group, and, it recently amassed 500 Million downloads on the Play Store.

UC Browser is the second-most popular web browser in India after Google Chrome, having 100 Million users in the country out of the 420 Million users from around the world. There’s no official word from either Google or UC Web yet regarding the delisting of UC Browser from Play Store, however, according to Twitter user Mike Ross who claims to work for UC Browser, this removal is temporary and is for a period of 30 days

Dear Partner,We hereby emphasis again that UC Union prohibits any and all misleading/malicious advertising method(s) to procure new users when promoting UC Browser campaigns, such as by using slogan inconsistent with the Product functions, or by using inductive slogan.DO NOT use the Malicious Promotion method(s) or STOP such behavior immediately if you are acting so. Upon discovery a Malicious Promotion, UC Union is entitled to

(i) STOP your payment settlement, or DEDUCT your corresponding payment made to you;

(ii) compensation in recovery of the loss suffered by UC Union, including but not limited to loss of UC Union’s good will, loss of users of UC Union Product(s), removal of UC Union Product(s) from Google Play or Apple Store, and any other loss as a result of your Malicious Promotion;

(iii) require you to CLARIFY the facts for elimination of the negative impact shed upon UC Union; and

(iv) resort to any other legal measures if necessary.UC Union is looking forward to cooperating and developing with you in a healthy UC Union ecosphere.UC Union Team


Ross also cites the reason for removing UC Browser from Play Store as usage of “Misleading” and “Unhealthy” methods of promotion to increase installs. Moreover, Artem Russakovskii – Founder of Android Police – received the following email on November 9 from UC Union which is UC Web’s affiliate network that further adds fuel to Ross’ claims.
Well, having said that, Redditors, who first spotted the disappearance of UC Browser from Play Store are of the opinion that the app has been removed from the Play Store for stealing and leaking personally identifiable data to servers back in the company’s home country – China.
Actually, this isn’t the first time that UC Browser is accused of sending user information to China. Back in August, there were reports of Indian government considering a ban on UC Browser in the country for sending personal information to servers in China. Moreover, the report also stated that the data was being stolen from users’ device even after the app was uninstalled.
We are still awaiting an official statement from Google and UC Browser to shed more light on this matter. In the meantime, you can download UC Browser Mini from the Play Store, or, can also download the apk of UC Browser directly from the company’s website.
Also, if you already have UC Browser installed on your device, you need not worry much as it will continue to work as it normally does.

Mobile Developer Error is Exposing Twilio Credentials

 

Security researchers from Appthority have found that various app developers awkwardly coded credentials for obtaining services provided by Twilio Inc. Hackers were able to access those credentials by reviewing the code in the applications, then gain access to data (such as calling and texting) sent over those services

Appthority declared that others should discover over 700 statements with the security risk, including 170 hit apps are still available on Google Play store and the Apple App Store, which means that millions of users around the world are currently at risk.
critics advertised that at getting this opinion credentials of the authorization code of the modified statements, malicious attackers could have obtained access to millions of calls and text messages. North America, the United Kingdom, and Australia are the most affected areas.

Security researchers from Appthority have found that various app developers awkwardly coded credentials for obtaining services provided by Twilio Inc. Hackers were able to access those credentials by reviewing the code in the applications, then gain access to data (such as calling and texting) sent over those services

Appthority declared that others should discover over 700 statements with the security risk, including 170 hit apps are still available on Google Play store and the Apple App Store, which means that millions of users around the world are currently at risk.
 Appthority report:-

“We have call the vulnerability Sleuth because implementing the Twilio account ID and Twilio estimate token (password) hardcoded in the app creates a vulnerability that exposes call record meta-data, recorded call audio, as well as text messages. The convenient experiences are not confined to those of the user of the unprotected app but include all records correlated with the developer’s Twilio recital for that app and other apps created by that developer. “

 critics advertised that at getting this opinion credentials of the authorization code of the modified statements, malicious attackers could have obtained access to millions of calls and text messages. North America, the United Kingdom, and Australia are the most affected areas.

Google says : One million account logins and passwords are stolen every month,

Google-says-One-million-account-logins-and-passwords-are-stolen-every-month

Google has investigated into the darker parts of the internet as part of a year-long research project analyzing whereby cybercriminals manage to hijack user accounts by obtaining passwords and login codes.

The  University of California, Berkeley, Google’s research investigated three common ways hackers manage to hijack accounts between March 2016 to March 2017. Of the three, two of them phishing and keylogging are used by cybercriminals to steal up to a staggering 250,000 account logins every week, Google found. Around one million account credentials that are maybe stolen every month.
That highest number of stolen logins that Google noticed for sale on black markets came from 3rd -party data breaches. Hereabouts totalled 3.3 billion which sounds like an unbelievable figure at a glance, but pending the scale of recent breaches from Yahoo, MySpace, Equifax, and LinkedIn, the number isn’t all that remarkable.
Google announces that data breaches drop far behind phishing, where a hacker assumes to be a person or company and directly asks for user data, and keylogging, which is a more direct attack that records users during they are keyboarding.
Here is expressly real for Google accounts, the search monster explains. While information breaches are usually restricted only to keys – which isn’t enough to bypass Google’s security prevention systems – phishing and keylogging tools often hunt for more personal data
till We determined 82% of blackhat phishing tools and 74% of keyloggers endeavored to collect a user’s IP details while different 18% of tools collected phone numbers and device make and model,” renders the post on Google’s Security Blog.”.
With extra report regarding that user in hand, phishing and keylogging techniques are far more successful. Google maintains that 12-25% of the assaults registered during its research yielded a valid password, while third-party breaches settled at 12%.

During this study, Google’s experts helped it know 788,000 credentials taken by keyloggers, and 12 million obtained through phishing.

Google says : One million account logins and passwords are stolen every month,
Thankfully, the investigation has given Google some incredibly helpful data that it has previously put into action. That requires that 67 million vulnerable Google accounts have now been protected and that the knowledge the company has gained is being poured back into its own security systems.
If you are concerned regarding your own account’s security, Google recommends you run a Security Checkup now. Google accounts earlier possess a fair amount of in-built security, only one thing of the informal account protections you can add yourself quickly is two-factor authentication.

Google Announce : Chrome will start blocking annoying website redirects

 

 As part of Google’s ongoing work to make ad-ridden websites/blog more bearable, the organization is including some new protections to Chrome. Over the next couple months, the browser will start blocking various types of annoying, unwanted redirects, where a website or ad suddenly loads a new page, either because it’s been hijacked by a dangerous ad or because it intentionally requires forcing visitors to see one.

Google’s plan to block redirects will roll out in three parts. It’ll first start blocking ads from redirecting visitors to another site when they haven’t been clicked on. During the issues, you will instead attend a toolbar on the page noting that a redirect has been blocked.

After that, Google will start blocking a type of redirect that acts like a reverse pop-up: instead of clicking and having an ad pop up, the current website will redirect to an ad, while the link you clicked will open in a new tab. Google says this is “effectively a circumvention of Chrome’s pop-up blocker” and will begin preventing the original tab from being redirected

And finally, Google will go after more nefarious websites that open new windows when visitors click on invisible overlays or advertising links that are disguised as buttons, like video playback controls.

The first two changes will come as part of Chrome 64 and 65. Chrome 64 is currently at Google’s “Canary” release stage, meaning it’s pre-beta software. Google says the changes should be released to everyone “in the first few months of 2018.”

Pornographic video plays on lunchroom TV at high school in Georgia

school in Georgia TV monitor plays porn leaving students baffled

Pornographic video played on a cafeteria TV while students ate luncheon Wednesday at a high school in Georgia.
The chief at Mount Zion High School in Jonesboro ran from the room to stop the video after it started playing, but it played for more than a minute, according to WSB-TV. Some students were able to get screenshots before it was turned off.

How did this happen?

School officials announced a student obtained entry to the cafeteria broadcast devices, according to New York Daily News.
The incident is being investigated and the student will be disciplined, the Daily News reported.

How did students and parents react to the incident?

Daphne Raines said WSB that her stepdaughter home sent her a text with a screenshot of the video.
“She was like, ‘Momma, look what was playing when he was eating. Came on the TV,’” Raines said. “And I just happened to look at it. And I had to just open it up and look at it real good. And I’m like, ‘Oh my God.’”
The photo of the video did so graphically that the mother’s mouth sank open when she saw it. After seeing the photo, Raines went to the school and checked her daughter out of class.