Wednesday, 29 March 2017

Wikileaks dump second part of CIA dump

Wikileaks has recently published the codenamed Vault 7 containing details on the work of the Central Intelligence Agency (CIA). On March 23, they published the second part of documents, the dump is called "Dark matter".

The documents in "Dark matter" consists of several projects of the CIA, which have security services that can infect the Apple equipment (Mac, iPhone) with sustainable  Malware. This Malware can continue to remain in the firmware even after you reinstall the OS.

The first publication was known as "Year zero" (Year Zero), and it contained  8761 documents and files. Most of the documents belonged to an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virgina.

For security reasons, the tool was described such as the Sonic Screwdriver,  a method designed to execute code on a peripheral device, while Mac is loaded. With the help of this hackers can easily attack.

According to the documents, it shows that the CIA used modified adapters Thunderbolt-to-Ethernet to store malicious code. While, you can easily implant "DarkSeaSkies" in the EFI on the Apple MacBook Air and it contains some very useful tools like DarkMatter, SeaPea, and NightSkies, for EFI, for space of kernel and user.

After Wikileaks published the first part of the dump, the Apple representative assured that the bugs have been corrected, and the new version was already released and there is nothing to worry about now, but now the Apple is silent on the release of the second dump

Sunday, 12 March 2017

Brit ISP TalkTalk blocks control tool TeamViewer

To stop scammers fooling people into using the software and handing over their PCs

TalkTalk has blocked remote desktop management tool TeamViewer from its network, following a spate of scammers using the software to defraud customers.
A spokeswoman for the UK ISP confirmed it had blocked "a number of sites and applications" including TeamViewer from its network to protect customers from phishing and scamming activities.
The company said it was working with TeamViewer and other third parties on implementing some additional security measures to enhance security.
TeamViewer is one of the most popular pieces of software to enable remote access. It was also used by hundreds of scammers attempting to defraud TalkTalk customers by gaining remote access to their computers.
TeamViewer has previously said it takes the security and privacy of its customers "extremely seriously" and "condemns the use of TeamViewer to subvert systems and gain unauthorised access to private data."
Customers complained on TalkTalk's forum this afternoon they were unable to use the software.
One said they spent the whole morning trying to fix the problem, using three different computers which failed to connect to TeamViewer via TalkTalk's SuperRouter.
"I tried to connect by tethering my computer to iPhone 4G - and it connected to TeamViewer straight away. [When I went] back to router [I] lost connection. Loads of reports on the internet about no connection via TalkTalk - why are they blocking it?"
Another said: "This is completely unsatisfactory. If this can't be resolved then I'll have no alternative but to switch ISP and also recommend that my main clients do also."
In the forum, TalkTalk noted the number of complaints it receives from customers regarding these tools through fraudulent activities "is significant" but said it hoped to resolve the issue with TeamViewer and the other third party wares affected.
The ISP's spokeswoman said: “We constantly monitor for potentially malicious internet traffic, so that we can protect our customers from phishing and scamming activities.
"As part of this work, we have recently blocked a number of sites and applications from our network, and we’re working hard to minimise the impact on our customers.
“We would also urge our customers to visit our Beat the Scammers website to find out more about how they can keep themselves safe online.”