A Particular Telugu character can crash any Apple iPhone, iPad Or Mac
An Italian Blog Mobile World Identified a possibly severe bug that affects not only iPhone, but also a wide range of Apple devices, including iPads, Macs and Watch OS devices that have their operating systems updated. This character simply crashes your iPhone or blocks you from using the Messaging app in iOS itself.It also locks you out of your favorite apps like WhatsApp, Facebook Messenger, Gmail and Outlook for iOS.
Say you receive a small message having this symbol or you type it into your text editor, the character instantly initiates crashes on the iPhone, iPads, Macs, Apple Watches or Apple TVs running Apple’s iOS Springboard. This could be the fastest known method to remove any offending message simply by sending a text to the app that is crashing due to the text bomb. This lets you to jump straight into the notification and delete the entire thread containing the character.
The company was notified of the text bomb bug around last week, and Apple intends to address it in an iOS update as soon as possible before the release of iOS 11.3.There is a possibility that the bug is exploited by criminals to target Apple users via email or messaging as a number of daily use apps are affected by the bug, It could also be used to spread mass chaos by spamming the character on open social platform.
Credit: The Hacker News
Now a Ransomeware that is here to Scare You with a Ghost Tale
If you thought ransomeware attacks were only about making money, think again! The Annabelle Ransomware looks like a clear display of talent by some developers who wanted to show off their skills.
The attack was discovered by security researcher Bart. It tries to infest you devices through USB drives, ceases several security programs, disables your Windows Defender, turns off the firewall, encrypts your files, and prevents you from running a number of programs on your PC. To top it all, it replaces the master boot record of the affected machine with its silly boot loader. After all this it encrypts the PC with a static key and appends the .ANNABELLE extension to the encrypted file’s name. It then restarts the computer and when you log in it will display a lock screen with the picture of the doll from the movie Annabelle with details on how you can pay to decrypt you files.
Fortunately, this ransomware is based off of Stupid Ransomware and is simple to decrypt. You can replace the MBR, clean up the IFEO registry entries by running a security program in safe mode. Your files can be decrypted using Michael’s decryptor. Further, you may run a few security scans to remove any remains of the attack, and you should be able to get your machine back up and running as before.
Credits: BLEEPINGCOMPUTER
Frauds loots on Amazon by Author Impersonation
Recently, Patrick Reames received a 1099 form from Amazon.com which said he made almost $24,000 selling his book via Createspace, Amazon’s on-demand publishing arm. This is when he looked up the site and discovered that someone has been selling a book in his name for $555. He says the book had total gibberish in it and looked like a computer generated ‘story’ with no structure, chapters or paragraphs — only lines of text with a carriage return after each sentence.
Reames happens to be a credited author on Amazon and is known to have several of his commodity industry books on the site but he confirms he has no personal account with Createspace. He suspects the impersonator could be purchasing the books himself from the website using stolen credit and/or debit cards and taking away the 60 percent that Amazon grants the authors for the books. An approximate of 70 sales of this book of $555 in 3 months could have earned him the $24,000 that Amazon mentioned.
Reames went ahead and reviewed many other titles showcased on Createspace out of his curiosity and inferred that there could be thousands of fraudulent books like this one on the site. He said “These books contain no real content, only dozens of pages of gibberish or computer generated text.” Amazon has confirmed in a statement that the security of their customer accounts is one of its highest priorities. Though it is not clear as to what measures will be taken to prevent such fraud activities in future.
Credits: KrebsonSecurity
85 percent of Windows Users Update to the Latest OS Version (Windows 10 FCU)
The Windows 10 Fall Creators Update has reached almost all the Windows systems according to the latest stats from AdDuplex. Looks like Microsoft has found a pattern for their updates after this version that was rolled out last September called Windows 10 FCU (1709) i.e 2017 September.
After the extent of issues faced in the deployment of version 1607 Microsoft was seen to be very careful with the release of version 1703.It used a phased rollout scheme, where it first pushed each update only to compatible systems then gradually extended its availability to cover larger proportions of the Windows install base. While Windows 10 CU (1703) had covered only 75 percent of Windows 10 PCs when 1709 was released, 1709 has already reached 85 percent being weeks away from the next release.
However, AdDuplex’s numbers also suggest that 0.5 percent of the PCs still use the initial Windows 10 release(1507) for some unknown reason. 1507 and 1511 are out of support now, and they both contain unpatched flaws.
Credit : arsTechnica
Chaos Backdoor Targets Linux Servers that are not Secure
SSH brute-force attacks used to take control of Linux systems that are poorly secured without strong passwords. Intruders are deploying a Chaos backdoor this time. This malware was first spotted last June and is recently been documented and broken down in a report from GoSecure.
The backdoor is actually not a new one, experts say it is a component of the “sebd” Linux rootkit that was used limitedly in 2013 and was given away on HackForums as a free download. Now it looks like somebody has extracted it from the sebd rootkit source code.They have renamed it as Chaos and used as the first-stage payload to attack Linux servers.
The backdoor actually is not an advanced version nor does it exploit any new susceptibilities. Steven J. Vaughan-Nichols a ZDnet reporter just discovered that this backdoor does not depend any exploits but purely on the the carelessness of server admins who don’t set a strong password for their servers.
Any average firewall can block the incoming packets to any ports that have not plainly been opened for operational purposes. Nevertheless, Chaos using a raw socket, the backdoor can be triggered on ports running an existing legitimate service. It is advised that, as Chaos comes with at least one IRC Bot that has remote code execution capabilities, the affected hosts has to be fully reinstalled from a trusted backup with a new set of credentials.
Credits: Bleeping Computer