Windows 10
This man hacked Windows 10 to run on in-car display
Someone got their Windows 10 Mobile phone to work with their in-car display. Windows 10 Mobile can only work on your car’s display if you possess a little know how regarding your car’s internal system. One car owner by the name of Matthew Johnston possessed an HDMI port in the car’s display, and he was able to hook up a Windows 10 Mobile phone and have it work on that screen.
After he was successfully able to perform the hack, Matthew Johnson quickly went to Twitter and informed the public of his latest feat. Using a Pioneer in-car display, connecting a phone to its HDMI-in port seems to make this hack possible.
Unfortunately, the only drawback to this is that Johnson has reported that the display is not a touchscreen, so he will not be able to access all the features that you get while using a physical Windows 10 Mobile smartphone. However, if the right hardware is present inside vehicles, then you will actually be able to use Windows Continuum.
Microsoft should really give some thought of branching out its Windows 10 Mobile OS to vehicles the same way that Android and iOS have done. It will take a fair bit of work, but Microsoft’s forte for all these years has always been software.
Source:http://www.techworm.net/
Windows 10 spies on you despite disabling tracking options or installing anti-spying app
Analyst reveals that Windows 10 is amassing huge amount user data despite of user disabling the three tracking options.
We all know that Windows 10 spies on users. We had reported spying issues associated with Windows 10 even as Microsoft had released theWindows 10 Technical Preview Version in August, 2014. After almost a year after when Windows 10 Final Build was released, Microsoft had confirmed that Windows 10 spied on users in November 2015. It had added at that time that even it cant stop Windows 10’s telemetry program from spying on users.
However, till this week the extent of Windows 10’s nefarious spying activities were not known. So a Voat user CheesusCrust decided to research the amount of data that Windows 10 reports back to the Redmond based servers. CheesusCrust’s published his research on Voat under the title of Windows 10 telemetry network traffic analysis, part 1.
According to his research, he found that Windows 10 sends data back to Microsoft servers thousands of times per day. The surprising thing about his research is that he found that it was spying on him even after choosing a custom Windows 10 installation and disabling the all three pages of tracking options which are all enabled by default.
Here is the list of things ChessusCrust used for this analysis
- I have installed DD-WRT on a router connected to the internet and configured remote logging to the Linux Mint laptop in #2.
- I have installed Linux Mint on a laptop, and setup rsyslog to accept remote logging from the DD-WRT router.
- I have installed Virtualbox on the Linux Mint laptop, and installed Windows 10 Enterprise on Virtualbox. I have chosen the customized installation option where I disabled three pages of tracking options.
- I have configured the DD-WRT router to drop and log all connection attempts via iptables through the DD-WRT router by Windows 10 Enterprise.
- Aside from installing Windows 10 Enterprise, and verifying the internet connection through ipconfig and ping yahoo.com, I have not used the Windows 10 installation at all (the basis for the first part of this analysis)
- Let Windows 10 Enterprise run overnight for about 8 hours (while I slept).
- I use perl to parse the data out of syslog files and insert said data into a Mysql database.
- I use perl to obtain route data from whois.radb.net, as well as nslookup PTR data, and insert that into the Mysql database.
- Lastly, I query and format the data for analyzing.
Here is what he found. In an eight hour period Windows 10 tried to send data back to 51 different Microsoft IP addresses over 5500 times. After 30 hours of use, Windows 10 sent his user data to a whopping 113 IP addresses which he has listed in the thread.
CheesusCrust has more surprises for us. He then repeated his test on another Windows 10 clean installation with all data tracking options disabled. Only this time he installed a third party tool called DisableWinTracking (available on GitHub), which is supposed to stop Windows 10 spying attempts including the hidden ones.
On this DisableWinTracking installed PC, CheesusCrust found that at the end of the 30 hour period Windows 10 had still managed report back his data to Redmond based servers a whopping 2758 times to 30 different IP addresses.
This means that even after disabling the telemetry options offered by Microsoft and installing anti spying software available in the market, Windows 10 goes on its merry ways of tracking user data. It would also seem that the ‘disable telemetry options’ provided by Microsoft after a huge outcry against Windows 10 spying, are actually doing nothing and only a showpiece installed to pacify the users.
CheesusCrust has plenty more surprises in store for Windows 10 users when he will publish part 2 of his analysis.
Source:http://www.techworm.net/
How to view saved Wi-Fi passwords in Windows 10, Android and iOS
So many stores, service stations, coffee shops, pubs and so on offer free Wi-Fi that you probably have countless networks saved on your phone or laptop. Having a password saved on your computer is great, but how can you get the password so you can use it on your phone as well?
Rather than trying to hunt down a member of staff to ask, or hunting high and low for that tiny sign that shares the password, you can instead view the wireless passwords you have saved. Read on to find out how to retrieve these passwords in both Windows 10 and Android.
If you already have the password for a wireless network saved on your laptop and want to retrieve it to use on your phone — or share with someone else — things are quite simple. The same method works in Windows 7, Windows 8.x, and Windows 10, but it’s important to note that you need to be connected to the network you are trying to retrieve the password for.
- Press the Windows key and R, typencpa.cpl and press Enter.
- Right click on the wireless network adaptor and select Status.
- Click the Wireless Properties button.
- In the Properties dialog that appears, move to the Security tab.
- Click the Show characters check box, and the network password will be revealed.
If you want to retrieve a saved wireless network password from Android or iOS, you’ll have to have a rooted or jailbroken device — sadly, there is no standard way to pull up security credentials. It’s worth noting that there are several apps out there in Google Play that claim to reveal Wi-Fi passwords; while some of these work, there are also numerous malicious tools out there, so it’s best to use an alternative method.
If you’re using Android, install a copy of the free file browser ES File Explorer.
- Navigate to the data/misc/wifi folder on your device — it will not be visible on non-rooted phones.
- Open the file called wpa_supplicant.conf and you will see a list of saved Wi-Fi networks complete with their passwords.
To retrieve a Wi-Fi password on a jailbroken iPhone, you can check in the Keychain access app if you have a Mac connected to the same network, but there’s another method if you prefer to do it all from your phone.
Grab yourself a copy of WiFi Passwords from Cydia.
Fire up the app, and you’ll be presented with a list of all of the passwords your iPhone has for saved wireless networks.
Source:http://betanews.com/
Hackers Sending Fake Windows 10 Upgrade Ransomware Email, Encrypts Every File
It has not been a week, yet hackers have begun to exploit existing Windows users’ computer by sending them a ransomware, via spoofed email, which instantly encrypts each and every file that exists on the computer.
The zipped attachment found in the email, which seems like Windows 10 sent by Microsoft, is not the operating system file but a ransomware.
Windows 10 was officially unveiled to public on July 29th as a free of charge upgrade for every Windows 7 and Windows 8 users. And till date, more than 14 million systems have been successfully upgraded to the latest release of Windows, but still millions are waiting to receive an official update notification from Microsoft.
There is an app released by Microsoft called Get Windows 10 which notifies the user if they got a green signal to upgrade their computer. Till then, the app shows a simple message that reads “Watch for your notification so that you can start your upgrade. Your notification to upgrade could come as soon as a few days or weeks.”
Researchers over at Cisco has warned all the impatient Windows users to not to fall for a Windows 10 upgrade scam, and the fact that users must have to wait for the upgrade to be available makes them even more vulnerable to this scam.
Hackers have seen this simple notification message as an opportunity to exploit users who are impatient to upgrade their existing Windows to the latest release. Exploiters are sending out spoofed email about Windows 10 upgrade along with a zipped attachment that once executed will automatically install a ransomware on the targeted computer system, eventually encrypting all the files, pictures, documents, and other important data that exists on the hard drive.
SCRUTINIZING THE RANSOMWARE EMAIL
The team of researchers has scrutinized the spoofed email and they noted down four key indicators in the message, which every user must need to watch out for.
To begin with, you have to watch for the from email address. The hackers have skilfully spoofed the sender’s email address to make it look like it is sent by Microsoft i.e. <update@microsoft.com>. This is what makes the targeted receiver to further read the email. Yet a closer look at the header section of the email reveals a fact that the email is originated from the Internet Protocol (IP) address allocated to Thailand.
Secondly, to further spoof the email and convince the receiver to believe that it is sent by Microsoft, the hackers have tried their best to make use of similar color scheme being used by Microsoft.
Thirdly, the most easily notable indicator. The researchers have found a couple of red flags linked with the email message. There are many characters that don’t parse correctly. This happened because the hackers were using a non-standard character set while producing the email. You can see those red flags in the image attached below.
Fourthly, to increase the authenticity of email, the hackers have incorporated a disclaimer message that looks exactly like the one used by Microsoft i.e.“This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.” Furthermore, to trick the targeted users into believing that the attachment is not malware, the closing message also linked to MailScanner, which is an authentic open source email filtration website.
WORKING OF RANSOMWARE
Just like us, you must be wondering that what would happen to the targeted user who believed what this email said, downloaded the attached zip file, extracted and then executed it.
The victim will be welcomed with a message which will be similar to the following image:
The program being used by the hackers is CTB-Locker which is a variant of ransomware. Researchers have also found out that these ransomware are being sent out to the targeted users at a significantly high rate.
The functionality of this ransomware is quite standard and make use of an irregular encryption method which let the hackers to encrypt each and every file of the victim’s computer without storing the decryption key onto the infected computer.
To further secure their identity and to remain anonymous while being at the minimal risk level, hackers are making use of openly available services like Tor and Bitcoin. This way they are able to quickly generate revenue from this ransomware campaign.
If the victim wants to unlock their files, pictures and other important documents, they must have to pay the ransom to receive a decryption code. And to our surprise, they are only give 96 hours to pay the ransom amount.
THOUGH-PROVOKING FEATURES OF CTB-LOCKER RANSOMWARE
Researchers also noted down some thought-provoking features of CTB-Locker which seems to be a lot different as compared to the other ransomware variants.
Firstly, the type of encryption. CTB-Locker uses elliptical curve encryption which utilizes a smaller key space but provides the same security level and key encryption, whereas most of the ransomware uses RSA encryption methods.
Secondly, decryption time frame. CTB-Locker offers the targeted victim with just 96 hours of time frame to pay for the decryption key, which is a lot shorter than the standard ransomware.
Thirdly, the Command and Control communication, also known as C2. CTB-Locker uses a hard-coded IP address to establish the connection. These IP addresses are located on a non-standard ports. On the other hand, the typical ransomware uses compromised WordPress websites as a drop point for the information.
Fourthly, increased the amount of data exchange between systems. Researchers analyzed the network traffic and found out that data was being streamed to approximately 100 different IP addresses. While the common ports being utilized by the network for communication were 1443, 9001, 666 and 443. The majority of ports being utilized by the network are associated with Tor traffic.
DEMO VIDEO OF RANSOMWARE
The researchers have also uploaded a video demo to show the working of this ransomware and how quickly it attacks the victim’s computer. You can see that video below:
Since its release Windows10 is in the news for all the wrong reasons. First,spying on users and then using their Internet bandwidth to send updates to other users with their knowledge or permission.
Source:https://www.hackread.com
Cyber Security 