Category Archives: technology

GlobalHackNews Is The Popular Blog of IT Security, Cybersecurity, and Latest Hacking News Update. Read Regular News to Improve Your Security.

Malware, mobile, technology, technology gadgets

Facetime bug Callers Hear and See You Without You Picking Up

Leave a comment

Apple Facetime bug Callers See You Without You Picking CallAre you Apple phone user, then you should immediately turn OFF FaceTime app for resolve bug reason Facetime bug Callers Hear and See You Without You Picking Up

An important bug in Apple’s popular video and audio call app has been found that lets a user listen to your microphone and maybe see through your camera without you answering an incoming call. Apple says the issue will be declaimed in a software update “later this week”.

The bug is going viral on Twitter posted by  Benji Mobb also various users complaining of this bug

GlobalHackNews has tested the bug to try Callers Hear and See You Without You Picking on iPhone X to devices running iOS 12.1 it can freely confirm that it works as 9to5Mac’s directions state

Here’s how to do someone can spy using iPhone FaceTime bug 

  • Start a FaceTime Video call with an iPhone contact.
  • Whilst the call is dialing, swipe up from the bottom of the screen and tap Add Person.
  • Add your own phone number in the Add Person screen.
  • You will then start a group FaceTime call including yourself and the audio of the person you originally called, even if they haven’t accepted the call yet.

Here’s How to turn OFF FaceTime on your iPhone.

  • Open Settings app.
  • Tap on FaceTime icon.
  • Turn off the toggle to Gray.
  • Open the FaceTime app on your Mac.
  • Click “FaceTime” in the Menu bar.
  • Click “Turn off FaceTime

Apple, report on Tuesday afternoon, said a fix is coming this week. “

We’re aware of this issue and we have identified a fix that will be released in a software update later this week,”
and also deactivated Group FaceTime to prevent people from exploiting the bug before it releases a fix.

technology, Vulnerability

NSA Finally Release GHIDRA a Free Reverse Engineering Tool

Leave a comment

GHIRDA reverse engineering

The US National Security Agency will release to the internally developed reverse engineering tool at the upcoming RSA security conference that will be held at the start of March, in San Francisco.

The framework name is GHIDRA, the GHIDRA was first publicly revealed by WikiLeaks CIA vault7 leak. NASA adviser Robert Joyce conform to GHIRDA tool for free his RSA conference Season description.

According to these documents, GHIDRA is coded in Java, has a graphical user interface (GUI), and works on Windows, Mac, and Linux, also support a variety of processor instruction sets.

GHIDRA toolkit also used to analyze binary files used programs, for all major operating system, such as Windows, Mac, Linux, Android, and iOS, and modular architecture allows users to add packages in case they need extra features.

Most users say that GHIDRA is slower and buggier than IDA, but by open-sourcing it, the NSA will benefit from free maintenance from the open source community, allowing GHIDRA to quickly catch up and maybe surpass IDA.

According to GHIDRA conference, the tool “includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed.”

Also Read: Wi-Fi Alliance official launch WPA3 New Security Feature

According to the vault7 document.GHIDRA was initially developed by The United States’ National Security Agency in the early 2000s. the developer Reditte name Hase_Define to claim it’s been sharing it with other US government agencies that have cyber teams who need to look at the inner workings of malware strains or suspicious software.

Ghidra

Ghidra is a GOTS reverse engineering tool developed @NSA.  Its purty cool.

The Ghidra packages are available on DEVLAN @ \\fs-01.devlan.net\share\NSA\Ghidra

The latest version of Ghidra is 7.0.2

Ghidra requires Java.  The current version requires Java 1.7

ghidra,anthony ghidra, ghidra reverse engineering

technology

Wi-Fi Alliance official launch WPA3 New Security Feature

Leave a comment

wi-fi alliance

Wi-fi alliance: The Wi-Fi Alliance on Monday official launch WPA3 – The next level wifi security pattern that agrees to reduce all the known security vulnerabilities and wireless attacks.

WPA3 is the newest version of Wi-Fi Protected Access (WPA) and is designed to prevent hackers from tapping on your wireless data.

The WiFi Alliance, without much delay, rushed to finalize and launch WPA3 in order to address WPA2’s technical shortcomings from the ground.

The Wi-Fi Alliance | What New Security Features WPA3?

WPA3 will replace the current WPA2 that has been almost for at least 15 years and generally used by unlimited devices every day. and the new Features provided amazing big changes for Wi-Fi enabled devices in terms of, encryption enhancements, authentication, configuration, making it harder for hackers to hack your Wi-Fi.WPA3 will also add a more difficult password-based log-in with the help of Simultaneous Authentication of Equals (SMEs). An upgrade to WPA3-Enterprise will allow the user to make use of a 192-bit encryption strength, which will be harder to hack. Smart Home appliances in the future will also be able to set up using the Easy Connect

This is box title
Authenticated encryption: 256-bit Galois/Counter Mode Protocol (GCMP-256)  
Key derivation and confirmation: 384-bit Hashed Message Authentication Mode (HMAC) with Secure Hash Algorithm (HMAC-SHA384)  
Key establishment and authentication: Elliptic Curve Diffie-Hellman (ECDH) exchange and Elliptic Curve Digital Signature Algorithm (ECDSA) using a 384-bit elliptic curve
Robust management frame protection: 256-bit Broadcast/Multicast Integrity Protocol Galois Message Authentication Code (BIP-GMAC-256)

Wi-Fi Easy Connect

Wi-Fi Easy Connect technology raises the bar in providing secure network access with unprecedented ease of use.
  • Provides a standardized, consistent method for onboarding devices
  • Simplifies provisioning through the use of QR codes and user-chosen device to manage network access
  • Works for any Wi-Fi Easy Connect device, including those with little or no user interface, such as smart home and IoT products
  • Uses public key cryptography for secure authentication
  • Supports provisioning for WPA2™ and WPA3™ networks
  • Enables the replacement of APs without the need to re-enroll all devices to the new AP
also, 3 billion devices connected to a Wi-Fi network each year, according to the Wi-Fi Alliance.

Robinson says that in a typical device enrollment, the new device will come with QR code, which the administrator will scan with a phone. The phone then “introduces” the IoT device to the network.

technology

Windows Insider Program Build 17686 | Here’s What’s New

Leave a comment

Yesterday On 6th July,Microsoft Release  Windows Insider Program Build 17686.Insiders in the Fast ring in addition to those who opted in to Skip Ahead.

What’s new in Build 17686 (Windows Insider Program)

This build attaches a new “Region” settings page that deducts you to reverse various settings related to your error Region settings.such as Calendar, First day of the week, Dates, Times, and Currency. Please go to Settings App – Time & Language Windows Insider Program

Improved Local Experience (Windows Insider Program)

Privacy Improvements

If user blocked the entrance to your microphone in the settings, Windows will display an alert asking you to review your privacy settings.Windows Insider Program

Windows Mixed Reality Improvements

You can now run Windows Mixed Reality without a monitor hooked up. You will still need a screen when setting up WMR for the first time, but you can configure it to automatically log you in, so you will no longer need it after.

This build also includes improvements to video capture in WMR as well as apps now having the ability to use the Camera Capture UI API to capture images of the mixed reality world.

 Windows Insider Program release on official blog  (Windows Insider Program)Windows 10 Insider Preview Build 17686

General changes, improvements, and fixes for PC

  • We fixed an issue resulting in frequent bugchecks on the previous build with CRITICAL_PROCESS_DIED error.
  •  Settings > Gaming > Game DVR has been renamed “Captures”.
  • We fixed an issue where Paint and WordPad settings and recent files weren’t migrated during upgrades.
  • While we still have some work to do, you’ll find that when you update to this build, File Explorer will look a lot more complete in dark theme.
  • We fixed an issue resulting in the “Replace or skip files” dialog having some unexpected dark elements in recent flights.
  • We fixed an issue where the Japanese IME’s big mode indicator would appear in the center of the screen when bringing up UAC even if the mode indicator had been disabled in Settings.
  • We fixed an issue where the taskbar flyouts (network, volume, etc) didn’t have a shadow.
  • We fixed an issue where clicking on the plus button in the Clock and Calendar flyout from the taskbar didn’t do anything in recent flights.
  • We fixed an issue resulting in Command Prompt’s cursor appearing invisible in the last few flights.
  • We fixed an issue resulting in a high number of reliability issues when switching to the Microsoft Pinyin IME in recent flights.
  • We fixed an issue where the Emoji Panel might not dismiss if you clicked somewhere else on the screen.

Known issues

  • We’re working on adding dark theme in File Explorer and the Common File Dialog, but we still have some things to do. You may see some unexpectedly light colors in these surfaces when in dark mode.
  • After update, Mixed Reality Portal will reinstall the Mixed Reality Software and environment settings will not be preserved. If you need your Mixed Reality home experience to persist, we recommend skipping this build until these issues are fixed.
  • Some Insiders may find increased reliability and performance issues when launching Start on this build. We’re investigating.
  • Fonts acquired from Microsoft Store may not work in some apps.
  • When you upgrade to this build you’ll find that the taskbar flyouts (network, volume, etc) no longer have an acrylic background.
  • There is a bug in this build (and in Build 17682) that will impact driver testing scenarios. When executing HLK Component/Device driver tests, you may experience a bug check that blocks test execution. We are aware of the issue and actively working on a fix.
  • If you install any of the recent builds from the Fast ring and switch to the Slow ring – optional content such as enabling developer mode will fail. You will have to remain in the Fast ring to add/install/enable optional content. This is because optional content will only install on builds approved for specific rings. There has not yet been a RS5 build released to the Slow ring.

Known issues for Sets & Office

  • Sets UX for Office Win32 desktop apps is not final. The experience will be refined over time based on feedback.
  • The top of some Win32 desktop app windows may appear slightly underneath the tab bar when created maximized. To work around the issue, restore and re-maximize the window.
  • Closing one tab may sometimes minimize the entire set.
  • Tiling and cascading windows, including features like “View Side by Side” in Word, will not work for inactive tabs.
  • The Office Visual Basic Editor window will currently be tabbed but is not intended to be in the future.
  • Opening an Office document while the same app has an existing document open may cause an unintended switch to the last active document. This will also happen when closing a sheet in Excel while other sheets remain open.
  • Local files or non-Microsoft cloud files will not be automatically restored, and no error message will be provided to alert the user to that fact.

technology

Europe atm and mastercard transactions system down

Leave a comment

tm and Mastercard transactions: -Yesterday the Visa cars payment down across Europe. Users reported problems during the day when trying to make payments using their Visa cards. Bank social media accounts also confirmed the outage and informed customers of the issue.

UK, Germany, France, Italy, Romania, and Hungary visa user confirmed to problems with payments, still the problems are gathered to affect all Europe and MasterCard and Maestro is not affected.

Atm and Mastercard transactions

Facebook, Twitter, and Reddit are full of complaints from irritated users who had to withdraw products in stores or are now stuck while on holidays.

 

technology

5 Best Cloud, VPS and Shared Hosting Platform For asia

Leave a comment

There are hundreds of hosting platform with a data center in USA, Europe.India Pakistan However, you have limited choice in Asia.

Let’s take a look at some of the best hosting platform which got data center in Asia.

1. AWS

AWS (Amazon Web Services) has co-operated with a local partner to offer cloud services. Currently,

amazon aws
Amazon

You won’t see all the products offered in Asia as you may see in AWS global. However, it got enough list of products to fit from small to work level of applications.

If you are seeing a large range of products and cost-effective solutions, then AWS would be a good choice.

2.Alibaba Cloud

The subsidiary of Alibaba Group is a global cloud computing company. Alibaba Cloud provides a comprehensive suite of global cloud computing services to power both international customers’ online businesses and Alibaba Group’s own e-commerce ecosystem.

 

If you are not from Asia need support on ICP application, then Alibaba Cloud would be a lifesaver.

Similar to AWS, Alibaba Cloud offers a full range of infrastructure services like CDN, VM, load balancer, database, backup, storage, etc.

3. Western Digital

West is another popular offer all-in-one hosting solution. With more than 15 years in the industry, West has a good name in support and uptime.

4.Baidu Cloud

Baidu is not just a Google search competitor but also the Cloud. You can choose to host in Beijing, Guangzhou, Suzhou and Hong Kong.

Similar go to GCP, Baidu Cloud got many IaaS products like compute, networking, storage, database, big data, AI, etc.

5. UCloud

Ucloud has served more than 50,000 enterprise customers, It got the rich control panel to manage cloud services and recently container services. You can use their pricing calculator to estimate the cost of required cloud services.

China market is unique, and I hope above helps you to find the best hosting you.

If you are running a global business, then you may choose the hosting which got data centers in asia and other regions. For an ex – Alibaba Cloud.

technology, technology gadgets

How to Work and What is peer to peer network | P2P network

Leave a comment

What is peer to peer network 2Peer-to-peer is a form of computer networking whereby all computers share same ability for processing data. the individual of which serves as a node for sharing/ linking files within the group. Rather of becoming a primary server to act as a shared drive, the personal computer acts as the server for the data stored upon it.When a peer to peer network is set over the Internet, the necessary server can be handled to index files, or a shared network can be built wherever the sharing of files is divided among the users in the web that are collecting a given file and there is no central administrator device in the center of the network.

peer to peer network examplesWhat is peer to peer network 1

This plan shows how a Peer-to-peer network operates. The solid lines betoken physical, hard-wired network cables. The dotted lines show that each PC can transfer and share files with every other PC on such a network.A printer attached to one PC can be used by other PCs on the network—if that printer’s PC allows such use.

Security on a peer-to-peer network

What is peer to peer network 1

A peer-to-peer network works completely negatively. While a client/server network is composed to support everywhere from medium-sized organizations to global teams, a peer-to-peer network is reserved for very small organizations or for a close operation group of people inside a general system.

Although the number of clients that can participate in a peer-to-peer network has no firm limit, the practical limit is 10. Once a peer-to-peer network grows beyond 10 computers, it will likely begin to suffer from production and from administrative difficulties. This is because a peer-to-peer network is intended to be the single form of network. There’s no centralized server regulating access to distributed resources. Alternatively, the devices reside on the local computers.

Each user is responsible for controlling path to the devices that live on his or her own computer.
Let’s assume Billy, Jeremy, and Kendall all have computers on a peer-to-peer network. If Billy must check out something of Kendall’s, Kendall would make it available to him. Apart then could Billy access resources on Kendall’s machine?

Furthermore, Jeremy could also make the resources on his device available to Billy. As you can see, in a peer-to-peer network, there’s no real redemption, because each user decides what he or she wants to make possible—and to whom.

Peer-to-Peer and Ad Hoc Wi-Fi Networks

Wi-Fi wireless systems maintain ad-hoc fastenings within a device. Ad hoc Wi-Fi networks are transparent peer-to-peer associated to these that use broadcast routers as an intermediary device. Devices that form ad hoc networks need no foundation to communicate.

Why are peer-to-peer networks useful?

P2P networks have a few characteristics that make them useful:

  • Peer-to-peer networks are extremely scalable. Adding new peers is easy as you do not need to do any central configuration on a central server.
  • They are difficult to reach down. Also if you shut down one of the peers, the others proceed to work and write. Y’all have to lose hair all the companions for the system to stop managing.
  • When it comes to data-sharing, that higher a peer-to-peer network is, the lasting it is. Should be the same file stored on many of the peers in a P2P system indicates that when someone needs to download it, the file is downloaded from multiple positions together.

Why we need peer-to-peer networks? Legal use-cases for P2P

 

  • While you fasten the Windows computers in your house to a Homegroup, you create a peer-to-peer network between them. The Homegroup is a small group of computers that are connected between themselves to share storage and printers.This is one of the most common applications for the peer-to-peer technology. Any people force say that Homegroups can’t be peer-to-peer because the machines in the network are compared to a router.
  • Many Linux operating systems are distributed via BitTorrent downloads that use P2P transfers. Such examples are UbuntuLinux Mint, and Manjaro.
  • Sharing large files over the internet is often done using a P2P policy planning.
  • When you create an ad-hoc network between two computers, you create a peer-to-peer network between them.

Read Also:-

New kickass torrents ares back of the group of original stuff

 

India became a victim of cyber-attack by unknown hackers

 

Facebook Managed Your Android Call log and SMS Data For Years

 

Whatsapp Co-Founder Brian Says Acton Its Time To delete Facebook

 

Chinese Hackers Spy Through WhatsApp and few aps, Indian Army Warns

Malware, TechNews, technology

 Found On Over 460 HP Laptop Pre-Installed Keylogger

2 Comments

hp-laptop-keyloggerHP has keyloggers onto its customers’ laptops.by the way Two times this year, HP laptops remained caught with a pre-installed keylogger

A security researcher declaring to have found a built-in keylogger in several HP laptops, a security researcher who goes to the name of ZwClose‘ discovered a keylogger in several Hewlett-Packard (HP) laptops that could support hackers to record your every keystroke and swipe sensitive data, including passwords, account information, and credit card details.

A keylogger was found secured in the ‘SynTP.sys file‘, a part of Synaptics touchpad driver that vessels with HP notebook, devising more than 460 HP laptop models which vulnerable to hackers.
Although a keylogger segment is incapacitated by error, hackers can make use of possible open source tools for bypassing User Account Control (UAC) to allow built-in keylogger]

“by setting a registry value.”

Here’s the location of the registry key:

  • HKLM\Software\Synaptics\%ProductName%
  • HKLM\Software\Synaptics\%ProductName%\Default

The researcher advised the keylogger ingredient to HP last month, and the company acknowledges the occupancy of keylogger, saying it was actually “a debug trace” which was left unexpectedly but has now been eliminated.

Also read:- 5,000 WordPress websites plagued with Keylogger

“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impact all Synaptics OEM partners,” HP says in its advisory, calling the keylogger as a potential, local loss of confidentiality.

“A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”

Recently HP  has been released an update for all the affected HP Notebook/Laptop  Models.

If you have an HP laptop, you can look for updates for your model. Drive also available the HP Support website

 

TechNews, technology

Google Announce : Chrome will start blocking annoying website redirects

Leave a comment

 

 As part of Google’s ongoing work to make ad-ridden websites/blog more bearable, the organization is including some new protections to Chrome. Over the next couple months, the browser will start blocking various types of annoying, unwanted redirects, where a website or ad suddenly loads a new page, either because it’s been hijacked by a dangerous ad or because it intentionally requires forcing visitors to see one.

 Google’s plan to block redirects will roll out in three parts. It’ll first start blocking ads from redirecting visitors to another site when they haven’t been clicked on. During the issues, you will instead attend a toolbar on the page noting that a redirect has been blocked.

 After that, Google will start blocking a type of redirect that acts like a reverse pop-up: instead of clicking and having an ad pop up, the current website will redirect to an ad, while the link you clicked will open in a new tab. Google says this is “effectively a circumvention of Chrome’s pop-up blocker” and will begin preventing the original tab from being redirected

 And finally, Google will go after more nefarious websites that open new windows when visitors click on invisible overlays or advertising links that are disguised as buttons, like video playback controls.

 The first two changes will come as part of Chrome 64 and 65. Chrome 64 is currently at Google’s “Canary” release stage, meaning it’s pre-beta software. Google says the changes should be released to everyone “in the first few months of 2018.”