Find out how much Google knows about you using "My Activity" Dashboard

It is widely understood that Google as a company holds masses of information on the majority of us. If you have ever wanted to know just how much information Google knows about you this is now possible. Google tracks the majority of what you do on the Internet, including your searches, music you listen to, videos you watch, and even the places you travel to, and it does this for targeting relevant ads to its users and better improve its service. Now the technology giant has a plan to make it easier to control all the data the company collects throughout all your different devices.

So how are Google going to make this information easier for you to access and control? The answer to this is through the roll out of there new "My Activity" page that shows a searchable history of pretty much everything you do online, including previously visited websites, voice searches, searched things and places, watched Netflix programs, and all activities you did on each of its products. These activities are sorted by most recent and broken down into individual items some items may be part of groups that bundle similar activities together. You can log into this page here.

The feature along with been terrifying is beneficial for those who want more granular control over how ads work across all their devices linked with Google account and gives them the ability to block some ads they don't want to see. However, thankfully the feature also offers you an option to delete items as well — everything in a particular date range or by specific topics.

If you are privacy conscious, you can adjust your settings in the Privacy Checkup. You can change your settings for ultimate privacy, depending on how much of your online activity you allow Google to track. I would recommend that you do this but if you like targeted adds and a super computer giant knowing everything you do online, well then don't change a thing. 

 

Citrix's GoToMyPc users exposed after password leak

If you are a user of Citrix's GoToMyPC unfortunately you will have to reset your passwords (use something long varied and strong, don't reuse an old password!).

The service, which lets users remotely access PCs over the internet, was hit by a "very sophisticated password attack," Citrix said Sunday in a blog post. The company is requiring users to reset their passwords using the "forgot password" link. This is just another hack in a long line that have been disclosed in the past few weeks as hackers seem to be targeting website with huge user databases in an attempt to reap the rewards of cybercrime.

"Citrix takes the safety and security of its customers very seriously, and is aware of the password attack on GoToMyPC," said John Bennett, product line director at Citrix, in a statement. "Once Citrix learned about the attack, it took immediate action to protect customers. Citrix can confirm the recent incident was a password re-use attack, where attackers used usernames and passwords leaked from other websites to access the accounts of GoToMyPC users. Further, there is no indication of compromise to any other Citrix product line."

To reset your GoToMyPC password, go to the site and click on the Log In link.
I would recommend along with resetting your password that you enable two-step verification, a process that sends a code to your phone each time you want to sign in. If you've used the same password for GoToMyPC at other websites or for other accounts, you should change it at those places as well and don't make up a new password and use it on your other sites to, not that you would do such a thing.

Ransomware now targets Smart TV's

And the saga continues...... just when you thought it couldn't get any worse some ass just created a strain of ransomware that can infect Smart Tv's. Lets set the mood, you come home from a stressful day at the office get some dinner and sit down to watch your favorite channel to discover a message demanding bitcoin to gain access to your Tv, now I'm guessing that will put you in great form for the evening. Thanks to a new version of the Frantic Locker (better known as FLocker) Ransomware has now the ability to infect and lock down your Smart TVs until you pay up the ransom making the above scenario much more realistic.


Researchers at Trend Micro have discovered the updated version of FLocker that is capable of locking Android smartphones as well as Smart TVs. Originally launched in May 2015, the FLocker ransomware initially targeted Android smartphones with its developers constantly updating the ransomware and adding support for new Android system changes. So what exactly does Smart Tv locking ransomware do ? is it the same as the other nasty laptop/desktop strains ? Well the answer to those questions is yes and no. 

• FLocker locks the device's screen.
• Displays a fake notice from United States Cyber Police or other law enforcement agency, accusing potential victims of crimes they did not commit.
• Demands $200 worth of iTunes gift card as Ransom to unlock the infected TV.

Trend Micro says the malware is configured to deactivate itself in some regions including Russia, Bulgaria, Hungary, Ukraine, Georgia, Kazakhstan, Azerbaijan, Armenia, and Belarus.

However, if FLocker detects devices outside these countries, the malware will wait for 30 minutes before requesting admin privileges for the device. If the victim rejects the request, FLocker freezes the screen, faking a system update.


"The C&C [command and control] then delivers a new payload misspelled.apk and the ‘ransom’ HTML file with a JavaScript (JS) interface enabled," Trend Micro said. "This HTML page has the ability to initiate the APK installation, take photos of the affected user using the JS interface, and display the photos taken in the ransom page."

Although the new variant of FLocker does not encrypt files on the infected device, it has the capability of stealing data from the device, including contacts, the phone number, device information and location data. Trend Micro's report does not make it clear that how FLocker infects smart TVs, but it does note that typically ransomware infection arrives via SMSes or malicious links.
Therefore, like always you should be wary while browsing the Internet, and receiving text messages or emails from unknown sources. In the event that you do get hit with Flocker there are a number of steps that you can take to get your device back. 

 

How to Remove FLocker from Your Smart TV?

If your Android smart TV gets infected, you should contact the device vendor (phone carrier or TV merchant), or if you are kind of technical, you can remove the ransomware after removing its device admin privileges.

"Users can connect their device with a PC and launch the ADB shell and execute the command 'PM clear %pkg%'," Trend Micro said. "This kills the ransomware process and unlocks the screen. Users can then deactivate the device admin privilege granted to the application and uninstall the app."

 I would advise however that you contact your vendor first before you go all tech wizard on your Tv. Just incase you get infected by some new strain that may not have been thought up yet as this may signal the start of a new targeting faze in the age of the iot.
   

 

TeamViewer Confirms Hack

For those who are not familiar with the service TeamViewer allows computer professionals and consumers to log into their computers from remote locations. For just over month, a growing number of users have reported their accounts were accessed by cyber criminals who used their highly privileged access and drain PayPal and bank accounts. On Sunday, TeamViewer spokesman Axel Schmidt acknowledged to Ars that the number of takeovers was "significant," but he continued to maintain that the compromises are the result of user passwords that were compromised through a cluster of recently exposed megabreaches involving more than 642 million passwords belonging to users of LinkedIn, MySpace, and other services.

So if you have a TeamViewer account the hackers news have put together the steps that you should take to make sure that you are secure, see below.

Here's What you should do:

TeamViewer users are strongly recommended to change their account passwords and use a strong one, and of course, NOT to use the same credentials across multiple sites.

I know, remembering different passwords for different accounts is a real pain, but you can use a good password manager to solve this issue.

Meanwhile, users should also ensure their TeamViewer accounts are protected with a randomly generated password that is at least 10 characters long, contains numbers, symbols, and uppercase and lowercase letters, and is unique.

It is always a good idea to run the TeamViewer software only when it's truly needed, instead of allowing it to auto-start each time your PC is turned on.

Decryption tool released for CryptXXX Ransomware

And so the story continues, in the fight against ransomware and cyber-crime Kaspersky labs have yet again come to the rescue with a decryption tool for the CryptXXX ransomware.
Victims of this strain of ransomware should download Kaspersky’s utility (available here), open “Settings,” and choose which drive types they want to have scanned. They should then click “Start scan” and choose where the encrypted .CRYPT file lies.
After asking for where the original file is located, the decryption tool will look for all other files with the .CRYPT extension and will attempt to decrypt those, as well.

I would yet again urge people to educate themselves around how phishing campaigns and dodgy website's are spreading ransomware to end users. I also urge end users to remember that a lot of the more nasty varieties of ransomware have no decryption tool available and there may not be one available for quite some time.

Uninstall QuickTime for Windows

If you are a windows user and have the popular quick time application installed on your machine the time has come to part ways and you should uninstall it. The reason for this is the recent disclosure of two zero-day vulnerabilities that have been discovered in the application. The fact that the application contains a zero-day exploits isn't as bad as the fact that apple won't be releasing a patch to fix the vulnerability. This disclosure means that hackers will be actively targeting windows users looking for the quick time application and if you haven't it uninstalled well then you are vulnerable to an attack. Quick Time for Windows follows other software such as Microsoft Windows XP and Oracle Java 6, which are no longer being updated to fix vulnerabilities. That makes them subject to ever-increasing risk as more and more unpatched vulnerabilities are found and cybercriminals attempt to exploit them. The call for users and companies to uninstall Quick Time has been echoed across the security industry so get yourself over to the control panel > add remove programs > Quick Time> Uninstall. 

Unlock files infected by Petya Ransomware

As many people are well aware ransomware has spread through the internet like a wild bush fire encrypting millions of machines across the world. The good news if any is that researchers have broken the petya strain of this plague. This mean that if your machine has been encrypted by this particular strain then you are in luck, don't pay any money over to these criminals get a tech savvy friend and do the following. Download this tool created by Leostone that  exploits a mistake made by Petya's author in the way that the ransomware encrypts a file on a Windows machine, opening opportunities for the decryption key to be determined. To use the decryption tool you will need to attach the Petya affected drive to another computer and extract specific data from it hence why I said get a tech savvy friend. The data that needs to be extracted is 512-bytes starting at sector 55 (0x37h) with an offset of 0 and the 8 byte nonce from sector 54 (0x36) offset: 33 (0x21). This data then needs to be converted to Base64 encoding and used on the petya pay no ransom site to generate the key.

As luck would have it security researcher Fabian Wosar has developed a "Petya Sector Extractor that can collect the specific data needed to use Leostone's tool. All a user needs to do is load up their hard drive on an uninfected Windows computer and run Wosar's solution.
After copying and pasting the information generated by the Petya Sector Extractor, victims can then use Leostone's tool to generate a decryption key. That key will decrypt the victim's infected files once the hard drive has been once again loaded into the infected computer. If you have been infected by other strains of ransomware check out some of my past posts to check if there is a crack available that you can utilize. Until next time all I can say is "think before you click".