Be Careful Downloading Clubhouse App On Android

Be Careful Downloading Clubhouse App On Android

Clubhouse has taken the internet by storm. Or rather, it has taken the iOS ecosystem by storm, since the company has yet to release an Android version of their increasingly popular app. If you’re not sure what all the fuss is about, Clubhouse is an audio chat app that is invitation only. If you get an invite, you can listen in on and participate in audio chats in real time. Elon Musk is personally responsible for at least some of the hype surrounding the app, having sung its praises recently in a tweet. As mentioned, the catch is that the app is only available to iOS users at this point, and there’s a growing demand for it in the Android sphere. Naturally, hackers and scammers, who seldom miss an opportunity, have been flocking to at least pretend to fill the gap, offering what they claim is the long-awaited Android version of Clubhouse. Naturally, it is no such thing. In fact, those who fall for the hype and install it without doing a bit of due diligence will soon discover that they have, in fact, downloaded the BlackRock Trojan. If there’s a silver lining to these recent events, it lies in the fact that to this point, the hackers and scammers haven’t managed to get their poisoned wares passed Google’s security, which means that the app isn’t on the Play Store. Those who download it are getting it from less trustworthy sources. Although security researchers note that the hooks scattered about the web attempting to lure people into downloading it invariably use some variant of “Get it on Google Play”...
Another Malware Evolves To Gain Access To More Systems

Another Malware Evolves To Gain Access To More Systems

One of the more disturbing trends this year is that worms are becoming popular among the hackers of the world again. We’ve seen a handful of new malware strains introduced in recent months with worm modules added to their code, allowing them to scan and infect Windows systems connected to the initial source of the infection. That’s bad news for IT Security professionals around the globe. In the early days of the internet, some of the most devastating attacks were worm-based and caused no end of trouble to organizations of all shapes and sizes. Now, it seems that today’s hackers are dusting off one of yesteryear’s favorite tactics and giving it a new lease on life. Purple Fox malware is the latest strain spotted with a worm module attacked. Purple Fox has been around a while as malware goes, being first spotted in the wild in 2018, when it infected in excess of 30,000 devices during the first campaign known to utilize it. As was the case then, Purple Fox isn’t terribly damaging in and of itself, but is primarily used as a dropper, to deploy other, more devastating forms of malware once it has gained a foothold on a target system. Given that, and its new worm-like capabilities that allow it to spread like wildfire once it gets a toehold somewhere, it should be considered dangerous indeed. Even more worrisome is the fact that after the initial spate of infections in 2018, the controllers of the code went relatively quiet until May of this year (2020), when Purple Fox attacks suddenly intensified, with more than 90,000 separate attacks...
Memory Savings Improvements Makes Windows 10 Google Chrome Faster

Memory Savings Improvements Makes Windows 10 Google Chrome Faster

If you’re a Google Chrome user, and you’re interested in maximizing the overall performance of your system, then Google’s recent announcement about their browser is sure to make you smile. The release of Chrome 89 includes enhancements design to make it run notably faster on Windows 10 and use significantly fewer resources on both Android and macOS-driven devices. According to the company’s most recent claims, in testing, in the Windows 10 environment, they saw up to 22 percent percent memory savings when measuring the browser process. They saw another 8 percent percent reduction thanks to improvements in the renderer, and a further 3 percent percent reduction in the GPU thanks to improved memory allocation. If those numbers even come close to being replicated in real world conditions, that represents a significant improvement indeed. If you’re a macOS user, then the newest version of Chrome will give you a more modest memory savings. Even so, an 8 percent improvement is nothing to sneeze at, and version 89 will also include a new tool designed to help you keep your Mac cooler, courtesy of its tab throttling feature. Again, based on the research from Google’s engineering team, they’re reporting up to a 65 percent improvement on the Apple Energy Impact score in the macOS Activity Monitor for background tabs when employing this feature. That’s certainly impressive in its own right. Finally, if you’re an Android user, you can expect to see a 5 percent reduction in memory usage, a 7.5 percent faster browser startup and 2 percent faster page loads. That might not make a big difference on any particular page,...
Internet Browsers Blocking Some Ports Due To Security Vulnerabilities

Internet Browsers Blocking Some Ports Due To Security Vulnerabilities

If you rely on TCP port 554, you’ll probably want to do a bit of reconfiguration. Last year, security researchers discovered a new version of the NAT Slipstream vulnerability that allowed hackers to deploy malicious scripts in order to bypass a website visitor’s NAT firewall and access any TCP/UDP port on the visitor’s internal network. If this issue sounds vaguely familiar, it’s because this isn’t the first time it has come up. When the issue was first reported, Google released Chrome 87, which began blocking HTTP and HTTPS access to TCP ports 5060 and 5061. Then in January of this year (2021) Google expanded their efforts, blocking HTTP, HTTPS, and FTP access to ports 69, 137, 161, 1719, 1720, 1723, and 6566. Google has, in the past, also blocked port 554, but when they did so initially, they received push back from Enterprise users who asked that the port be unblocked. Google did so, but have now reversed course, and port 554 is once again on the blocked list. It should also be noted that Google isn’t alone. In addition to Chrome 89, Firefox 84+ and Apple’s Safari browser are already blocking Port 554. So if you host a website on any of the ports mentioned above, you should reconfigure to allow visitors to continue to have unfettered access. Obviously, if you don’t currently utilize that port there’s nothing to do here. If you’re not sure, you will be soon enough, because you’re apt to get complaints from users who can no longer access your site or whatever web-based application you’re running that relies on it. Despite some back...
Now Hackers Are Attacking Exchange Server Vulnerabilities

Now Hackers Are Attacking Exchange Server Vulnerabilities

In early January of this year (2021), Microsoft informed security expert Brian Krebs that the company found four zero-day security flaws in their Exchange Server. Those flaws were actively being exploited by a persistent threat group known as Halfnium, sponsored by the Chinese government. According to Microsoft’s statistics, more than 30,000 Exchange Servers had already been impacted, with some industry experts putting that number closer to 60,000. Halfnium was the first group to begin exploiting these security flaws. However, there is a growing body of evidence that the most recent attacks are coming from groups other than Halfnium, which means that word has gotten out. If there’s a silver lining to be found in this news, it lies in the fact that Microsoft moved quickly and issued a patch to address all four of the security issues. Unfortunately, the speed at which new security patches varies wildly from one organization to the next, and at present there are millions of Exchange servers around the world still vulnerable to these attacks. If you use Exchange Server, you owe it to yourself to make sure you’ve got the latest security patch installed. For your reference, the four flaws addressed by the patch are as follows: CVE-2021-26855: CVSS 9.1: A Server Side Request Forgery (SSRF) vulnerability leading to crafted HTTP requests being sent by unauthenticated attackers. Servers need to be able to accept untrusted connections over port 443 for the bug to be triggered. CVE-2021-26857: CVSS 7.8: An insecure deserialization vulnerability in the Exchange Unified Messaging Service, allowing arbitrary code deployment under SYSTEM. Note that this vulnerability needs to be combined with...
New Windows Server 2022 Includes Security Improvements

New Windows Server 2022 Includes Security Improvements

Recently, Microsoft made an announcement regarding the particulars of Windows Server 2022, and there’s a lot to like in terms of built-in protections. That is amazing, even if you’re not especially concerned about security. Here’s a quick overview of what you can expect: First and foremost, Server 2022 will incorporate “Secured-Core” technology already in use on the PC market, bringing an additional layer of protection against the growing number of firmware threats posed by hackers around the world. Combined with Secured-core, the new platform will offer: Greater Connection Security - Server 2022 will have TLS (Transport Layer Security) 1.3 enabled as the default, which eliminates obsolete cryptographic algorithms, enhances security over older versions and encrypts as much of the handshake between devices as possible. As the latest version of the internet’s most widely deployed security protocol, this is a great thing indeed. Better Account Support For Containers - Containers are the building blocks of a wide range of applications and services. The current paradigm forces everyone who uses Group Managed Service Accounts to domain join their container host to enable gMSA functionality. That sees many organizations running afoul of scalability and management issues. Server 2022 will offer improved gMSA support that won’t require domain joining the host, which should streamline and simplify on that front. Enhanced Exploit Protection - Hardware innovations are playing an increasing role in terms of exploit mitigation, and Server 2022 takes full advantage of this. That includesoffering the latest in chipset security extensions, Control-flow enforcement Technology and hardware-enforced Stack Protection, making your server much more robust and better able to resist all but the most...