Zoom now considered a Malware but you can ACT now

Zoom has now been said to be the most used app, thanks to the effect of Covid-19 isolation. Most inexpensive and free app to use as you link with your loved ones and attend meetings especially for small businesses.

FBI announced on March 30 that it was investigating Lots of reported cases on video hijacking, also known as “Zoom-bombing”, where hackers infiltrate video meetings, shouting threats.

Zoom meetings can be accessed by a short number-based URL, which can be generated and guessed by hackers. Zoom has released guidelines in which account can stop or restrict unwanted guests from crashing video meetings(see below link). 

Zoom has also lied about its end to end encryption which secures communication so that it can only be read by the users involved. Zoom confirmed in a blogpost that end-to-end encryption was not currently possible on the platform and apologized for the “confusion”.

Zoom has also been called out for its in-app surveillance feature. This feature would allow employers to check if employees are really tuned into a work meeting or if students are really watching a classroom presentation remotely.

Link 

Secure your Zoom

Credit: The guardian

SMB wormable bug leak in Microsoft

-Bug is tracked as CVE-2020-0796. It impacts SMBv3, and described as wormable. It was announced in some security feeds, but it isn't included in the March 2020 Patch Tuesday. This does not mean there is a hack on the internet for it. Microsoft has published an advisory on how to disable SMBv3 compression until a patch is ready, you can get this fromthe below link;

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv200005

For understanding & controlling SMB inbound and outbound traffic in general, check out the link below;

https://support.microsoft.com/en-us/help/3185535/preventing-smb-traffic-from-lateral-connections

Is your Android Vulnerable?

It's no news that every week a new hack on android devices is published. Of recent is a vulnerability (Stagefright Bug) that can infect an android device via text message. Though google has released a patch for this but the question is has your phone manufacturer released its own patch for this across it various models?
So find this out, you can run the one-click solution to determine if your android device is at risk and its a form of education for 22 known vulnerability for androids. The free one-click solution (VTS for Android) can be found on Google Play store and its designed by Nowsecure .
Download now, check and get informed.

Source: hackernews

Beware: Malware without Recovery

As a result of a Coding mistakes by the creator of malicious program (Power Worm) that encrypts data means anyone hit by it will not be able to recover files.
This so usual because ransomware decrypt files when victims have paid a substantial fee but this variant of Power Worm destroys keys that could help recover any data that it scrambled.
Power Worm infects Microsoft Word and Excel files but its latest update goes after many more types of data files it finds on a victim's machine.
Security researcher believes the errors arose when the creator tried to simplify the decryption process. They tried to make it use just one decryption key but mangled the process of generating it. As a result, there is no key created for the files it encrypts when it compromises a computer.
So what that means is if you have been affected by this ransomware, your only option is to restore from a back-up.

So have you back-up your data today?

Source: BBC

Replica Malicious Browser replaces Google Chrome

Security researchers have uncovered an Adware that replaces your Google Chrome browser with a dangerous copy of Chrome and you will never notice any difference while browsing.
The adware is dubbed "eFast Browser," it works by installing and running itself in place of Google Chrome
The efast browser does all kinds of malicious activities like:
-Generates pop-up, coupon, pop-under and other similar ads on your screen
-Placing other advertisements into your web pages
-Redirects you to malicious websites containing bogus contents
-Tracking your movements on the web to help nefarious marketers send more crap your way to generating revenue
Having this installed on your machine may lead to serious privacy issues or even identity theft.

Removing it can be done by uninstalling suspicious plugins or add-on's or resetting your browser to default.

Source:http://thehackernews.com/2015/10/malware-chome.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+TheHackersNews+(The+Hackers+News+-+Security+Blog)&_m=3n.009a.1100.af0ao07bvz.mp0&m=1

Watch WorldCup Free on your PC

Download Bluestack app player(google it) Install on your PC. Ensure your PC has the current VGA driver if not goto your manufacturer site to download the latest one. Once installed left click on the bluestack icon and click restart, once it comes up click on the search icon at upper left and search for OnlineHD TV and download from google playstore. Once installed, Woola you have multiple online streaming stations at your finger tips. Good luck.

Make free call on Facebook

It's a cool feature on facebook messenger {you may need to update} that allows free calls that don't eat into your precious credit - just data if you're not on Wi-Fi. There are other solutions such as Skype and Vonage, but Facebook has all of your friends in one convenient place.

Initiating a call is easy by just tapping the "i" button in the top-right corner of chat with another user. The user on the other end will receive a push notification to accept or refuse the call. If your contact doesn't have Facebook Messenger open or lurking in the background of their device, you can leave them a voice message to pick up later.

It's worth noting calls can be made cross-platform, Android to iPhone, or vice versa.