Five years ago, YouTube opened their partner program to everyone. This was a really big deal: it meant anyone could sign up for the service, start uploading videos, and immediately begin making money. This model helped YouTube grow into the web’s biggest video platform, but it has also led to some problems. People were creating accounts that uploaded content owned by other people, sometimes big record labels or movie studios, sometimes other popular YouTube creators.
Why buy expensive MacBook Pro when you can get it for $1? But then you will be the bad guy.
The IT security researchers at ERPScan discovered a bunch of critical vulnerabilities in SAP Point-of-Sales systems (SAP POS), a client/server point-of-sale (POS) solution allowing them to buy an expensive MacBook for just $1.
According to researchers, the vulnerabilities exist in the SAP POS Xpress Server that can be exploited to modify the price while purchasing a specific product. An attacker can also use the vulnerabilities to steal banking data including credit card details used for purchasing.
The attack is only successful if an attacker is connected from the same network that is used by the payment system. The security firm says in order to conduct the attack, a hacker needs to physically connect Raspberry Pi or similar tools (which won’t cost more than $25) to electronic scales inside a shop or carry a remote attack if the network is exposed to the Internet.
In a blog post, ERPScan researchers wrote that “Once you are in, you have unlimited control over the backend and frontend of the POS system, as the tool can upload a malicious configuration file on the SAP POS Xpress Server without any authentication procedure. New parameters are limited by hackers’ imagination: they can set special price or discount, the time the discount is valid, the conditions under which it works – for example when purchasing a specific product.”
The vulnerabilities were discovered in April this year and reported to the respective manufacture the same month.
WATCH THE DEMO VIDEO UPLOADED BY ERPSCAN RESEARCHERS
Gaming is an addiction but for cyber criminals, it is a lucrative business.
The attackers behind Joao have developed the malware in such a way that when a victim executes the game launcher, it silently launches itself in the background and sends device information to the attackers including its operating system, name and what privileges a user has on that device. At the same time, the game runs for the user without any disruption or sign of malicious activity.
The malware works in such a way that once executed it can install other malicious codes on a targeted device. Furthermore, Joao takes advantage of “Massively multiplayer online role-playing games (MMORPGs),” a platform for role-playing video games and massively multiplayer online games where a large number of gamers get together to interact.
IT security researchers at ESET have discovered a new malware targeting gamers around the world. Dubbed “Joao” by researchers; the malware exists in third party websites offering malicious setups for Aeria games.
Based on the device’s analysis Joao decides which component should be installed on the system. According to ESET researchers, they found components with the ability to conduct distributed denial-of-service (DDoS) attacks, backdoor, and spying on a targeted user.
Currently, Joao is targeting users in Argentina, Brazil, Mexico, Peru, Indonesia, Thailand, and the Philippines. However, It is a matter of time before it starts spreading to other countries since Aeria games are published in North America and Europe as well.
To check if your computer is infected with Joao malware, ESET researchers have suggested searching for “mskdbe.dll” file. In case the search result shows a file with this name it means you are a victim. However, attackers can also rename the file to something else. Therefore, make sure not to download unnecessary apps or games on your computers. Check out reverse engineering tutorial for hacking games.
Beware; dangerous new malware hits gamers worldwide
Also, make sure to keep your operating system and anti-virus software updated. As for the targeted users, do not download Aeria games from third-party websites. Aeria has a social media presence on Twitter and Facebook; it is highly advised to report the malicious game files to the developers.
At the time of publishing this article, third-party sites were still operational however ESET has informed the developers about the issue, and it is expected that the company will take some actions soon.
Yes, the next version of sugary snack-themed Android and the successor to Android Nougat will now be known as Android Oreo, the company revealed on Monday.
Google has maintained the tradition of naming its Android operating system by the names of alphabetically-ordered sugary delights beginning with Android Cupcake and followed by Donut, Eclair, Froyo, Gingerbread, Honeycomb, Ice Cream Sandwich, Jelly Bean, KitKat, Lollipop, Marshmallow and Nougat.
The good news is that the Android team has brought several significant features to your smartphone and tablet with the release of Android Oreo to make its mobile platform more secure, fast, power efficient and offer better multitasking.
What is a VPN?
Why Should I Use VPN?
- Stay safe. Be anonymous. A VPN masks your current IP address (Find your existing IP address).
- Access blocked content such as videos, websites, etc.
- Keep data private from hackers, governments, etc.