Spybot Search & Destroy Weekly Update – November 30, 2016

2016-11-30
Adware
+ Ad.Linkular + Firseria + Solimba.dl
PUPS
++ MediaLabs.Toolbar
Trojans
+ Win32.Estiwir.gen + Win32.Papras.ky + Win32.Renum ++ Win32.Stud.alb + Win32.VB.ik
Total: 2623053 fingerprints in 834191 rules for 7740 products.

»www.safer-networking.org ··· updates/

Leadership – Three common obstacles to personal growth

John Maxwell reflects on the need to think beyond current limitations and common constraints which often create barriers for successful achievement.

http://www.johnmaxwell.com/blog/negative-beliefs-the-obstacles-on-your-path-to-growth

To make it up the growth slope, we need to figure out the best route and make steady progress on the way up. That often means removing obstacles that are in our way. And today I want to talk about three huge obstacles that might be found on the path to your potential. Leaving them there will slow or even stop your growth progress. Removing them can free you to run toward your growth goals.

1. Scarcity — How do you view options? Resources? Opportunities? A person with a scarcity mindset believes that those things are limited. That we’re all competing for a finite number of resources or options.

2. Insecurity — Insecurity is a minimizing of one’s self – it’s seeing your abilities, talents, and strengths as deficient in some way. When you believe you’re not good or talented enough, that’s an obstacle to growth. Insecure people may recognize chances to advance and grow, but they don’t believe in their ability to seize those opportunities.

3. Powerlessness — A belief in powerlessness comes out of the assumption that we have no ability to affect our world. Powerlessness often begins with a wound – perhaps from someone in authority ignoring or dismissing your voice – but it hardens over time into a mentality that cannot recognize personal responsibility for anything that happens in life.

The good news is you don’t have to live with negative beliefs. In fact, just by recognizing them within yourself, you are in position to take the first step of growth. And that is to choose to believe differently. This is something you can right now, today. Your beliefs are your choice.

If you struggle with a belief in scarcity, choose instead to practice abundance thinking. If you struggle with insecurity, practice confident thinking. If you struggle with a feeling of powerlessness, embrace responsibility. Roman Emperor Marcus Aurelius once wrote, “Very little is needed to make a happy life; it is all within yourself, in your way of thinking.”  If you confront and change your beliefs, you’ll clear the way on your uphill journey of growth.

IoT Malware – New Mirai botnet impacts one million German users

A new variant of the IoT based Mirai botnet has surfaced creating a major distributed denial of service (DDoS) attack in Germany as documented below 

https://www.symantec.com/connect/blogs/mirai-new-wave-iot-botnet-attacks-hits-germany

A new wave of attacks involving the Mirai botnet has crippled internet access for nearly a million home users in Germany. The latest attacks used a new version of the Mirai malware (Linux.Gafgyt.B) which is configured to exploit a weakness found in routers widely used in Germany. While the original Mirai malware (Linux.Gafgyt) was designed to perform brute-force attacks on a range of routers, this latest variant exploits a weakness in the CPE WAN Management Protocol which leaves TCP port 7547 open on the device. According to Germany’s Information Security Bureau, the attacks began on Sunday November 27 and continued into Monday.

Virulent threat to IoT devices — Mirai first appeared in September, when it was used in a huge distributed denial of service (DDoS) attack against the website of journalist Brian Krebs. The malware has since spread quickly, infecting a range of IoT devices including routers, digital video recorders and web-enabled security cameras. It caused major disruption in October, when it powered a DDoS attack on domain name system (DNS) provider Dyn that temporarily knocked a number of major websites offline, including Spotify, Twitter, and PayPal.

Guarding against attack — Users of IoT devices should take a number of precautionary measures to minimize the risk of infection from Mirai and similar threats:

**  Research the capabilities and security features of an IoT device before purchase
**  Perform an audit of IoT devices used on your network
**  Change the default credentials on devices. Use strong and unique passwords for device accounts and Wi-Fi networks.
**  Use a strong encryption method when setting up Wi-Fi network access (WPA)
**  Disable features and services that are not required
**  Disable Telnet login and use SSH where possible
**  Disable Universal Plug and Play (UPnP) on routers unless absolutely necessary
**  Modify the default privacy and security settings of IoT devices according to your requirements and security policy
**  Disable or protect remote access to IoT devices when not needed
**  Use wired connections instead of wireless where possible
**  Regularly check the manufacturer’s website for firmware updates
**  Ensure that a hardware outage does not result in an unsecure state of the device

Solar Technology – India completes World’s Largest Plant NOV 2016

This amazing technological feat was completed in 8 months

http://thenextweb.com/insider/2016/11/30/india-solar-power-plant-huge/

Following eight months of construction, India has finished building its new solar power farm in Kamuthi which will replace California’s Topaz Farm as the world’s biggest solar plant. The massive facility packs 648 megawatts, which should suffice to power over 150,000 homes, and consists of 2.5 million solar modules, 576 inverters, 154 transformers as well as 6,000 kilometers of cables.

The solar plant spreads over 2,500 acres (or 10 square kilometers) of land and costed a total of $679 million to build. By comparison, Topaz Farm, which can generate up to 550 megawatts of power, took almost two years and over $2.5 billion in funds to build.

Passing std::vector’s Underlying Array to C APIs

Often, there’s a need to pass some data stored as an array from C++ to C-interface APIs. The “default” first-choice STL container for storing arrays in C++ is std::vector. So, how to pass the array content managed by std::vector to a C-interface API?

The Wrong Way I saw that kind of C++ code:

// v is a std::vector<BYTE>.
// Pass it to a C-interface API: pointer + size in bytes
DoSomethingC( 
  /* Some cast, e.g.: (BYTE*) */ &v, 
  sizeof(v) 
);

That’s wrong, in two ways: for both the pointer and the size. Let’s talk the size first: sizeof(v) represents the size, in bytes, of an instance of std::vector, which is in general different from the size in bytes of the array data managed by the vector. For example, suppose that a std::vector is implemented using three pointers, e.g. to begin of data, to end of data, and to end of reserved capacity; in this case, sizeof(v) would be sizeof(pointer) * 3, which is 8 (pointer size, in bytes, in 64-bit architectures) * 3 = 24 bytes on 64-bit architectures (4*3 = 12 bytes on 32-bit).

But what the author of that piece of code actually wanted was the size in bytes of the array data managed (pointed to) by the std::vector, which you can get multiplying the vector’s element count returned from v.size() by the size in bytes of a single vector element. For a vector<BYTE>, the value returned by v.size() is just fine (in fact, sizeof(BYTE) is one).

Now let’s discuss the address (pointer) problem. “&v” points to the beginning of the std::vector’s internal representation (i.e. the internal “guts” of std::vector), which is implementation-defined, and isn’t interesting at all for the purpose of that piece of code. Actually, misinterpreting the std::vector’s internal implementation details with the array data managed by the vector is dangerous, as in case of write access the called function will end up stomping the vector’s internal state with unrelated bytes. So, on return, the vector object will be in a corrupted and unusable state, and the memory previously owned by the vector will be leaked.

In case of read access, the vector’s internal state will be read, instead of the intended actual std::vector’s array content.

The presence of a cast is also a signal that something may be wrong in the user’s code, and maybe the C++ compiler was actually helping with a warning or an error message, but it was silenced instead.

So, how to fix that? Well, the pointer to the array data managed by std::vector can be retrieved calling the vector::data() method. This method is offered in both a const version for read-only access to the vector’s content, and in a non-const version, for read-write access.

The Correct Way So, the correct code to pass the std::vector’s underlying array data to a C-interface API expecting a pointer and a size would be for the case discussed above:

DoSomethingC(v.data(), v.size());

Or, if you have e.g. a std::vector<double> and the size parameter is expressed in bytes (instead of element count):

DoSomethingC(v.data(), v.size() * sizeof(double));

An alternative syntax to calling vector::data() would be “&v[0]”, although the intent using vector::data() seems clearer to me. Moreover, vector::data() works also for empty vectors, returning nullptr in this case. Instead, “&v[0]” triggers a “vector subscript out of range” debug assertion failure in MSVC when used on an empty vector (in fact, for an empty vector it doesn’t make sense to access the first item at index zero, as the vector is empty and there’s no first item).

&v[0] on an empty vector: debug assertion failure

&v[0] on an empty vector: debug assertion failure

Leadership – Personal Growth requires daily small steps forward

As John Maxwell reflects, we should all strive for continuous improvement with a theme of personal improvement each day. Small improvements each day will add up over time and result in positive changes in both character and contributions.

http://www.johnmaxwell.com/blog/the-most-important-reason-to-pursue-growth

There are several great reasons to pursue growth. It can help us achieve our career goals. Over time, it creates momentum, which encourages more growth. And an emphasis on growing – rather than “arriving” – makes it easier to learn from failure. I encourage people to grow because growth increases hope.

A Growth Mindset Is the Seed of Hope — Growth in the natural world is all about looking forward. A sapling becomes a mighty oak by growing slowly over time. When we have hope, we can imagine a better future. And hope isn’t just wishing for things that might be. It’s the firm belief in things that will be. It’s looking past your present circumstances with the belief that you have a future.

A Growth Habit Strengthens Hope — Choosing to grow is important. But that decision is not enough to create change on its own. Next, we need to acknowledge that growth is a gradual process – that in fact, it happens one day at a time. And then we need to establish the habit of growing on a consistent basis.

Growth Over Time Realizes Hope — When we take small steps of growth every day, over time, we see progress. And then our hope has the most potential to be realized. If you string together enough days of consistent growth, you begin to change as a person. You become better, stronger, more skilled, or all of the above. And when you change yourself, you can change your circumstances. This begins a cycle of growth strengthening hope, leading to more growth, resulting in even more hope.

Apple – Tips to recover iPhone storage when full

This Business Insider slideshow shares techniques & strategies to quickly recover iPhone storage when the internal storage drive is full

http://www.businessinsider.com/how-to-clear-iphone-storage-and-get-more-space-2016-11

We’ve all been there: you try to download an app or take a photo, and your iPhone says you don’t have enough storage.  It’s a super frustrating situation that can render your phone practically unusable. Luckily, there are a few easy ways you can quickly clear up space on your trusty Apple device. We’ve created an easy guide to make the process as painless as possible.

Norton Bootable Recovery Tool is available

I’m not a big Norton/Symantec fan, but this tool looks like it belongs in any tech support toolkit.

Norton Bootable Recovery Tool

Android Malware – Gooligan infects over 1 million devices

Over 1 million users on older Android versions 4 and 5 are exposed to a new malware agent that allows access to Google applications

http://www.businessinsider.com/how-to-check-if-your-google-account-is-infected-with-malware-2016-11

Anyone running an older version of the Android operating system, be warned: Malware is infecting 13,000 Android devices every day, putting at risk the private details of more than 1 million Google accounts. 

That’s according to cybersecurity software company Check Point, which discovered a new piece of malware called “Gooligan” that’s infecting Android phones and stealing email addresses.  Users who download Gooligan-infected apps or click links in phishing messages are being exposed to the malware, which allows attackers to access sensitive information from Google apps like Gmail, Drive, and Photos.  Once attackers hack into the device, they’re buying apps on the Google Play store and writing reviews posing as the phone’s owner, Check Point says.

Anyone who owns a device running Android 4 and 5 — that includes Android Jelly Bean, KitKat, and Lollipop — is most at risk, according to Check Point, and those devices make up nearly 75% of Android users.

CHECKPOINT SECURITY – ONLINE DETECTION TOOL

https://gooligan.checkpoint.com/

Deutche Telecom routers infected by Mirai botnet

Upgraded Mirai botnet disrupts Deutsche Telekom by infecting routers

Leadership – Best practices when confrontation is needed

John Maxwell offers great advice for leaders and managers, who must sometimes correct problems or issues with members of the team.  It is always best to do so privately and encourage professionals at the end, when these corrections are sometimes needed.

http://www.johnmaxwell.com/blog/the-ten-commandments-of-confrontation

I bet you’ve heard this before: In any organization, people are the most valuable asset. And as a leader, you probably understand that it’s true. No matter how you measure it, people offer the highest return on investment over the longest time. When you take care of your people and treat them well, they have the potential to create incredible success for the organization.

However, we sometimes interpret this concept in an ineffective way. “Taking care of” people is understood by some leaders as “always being ‘nice’ and never offering any correction.” And that belief can cause real problems. Why? Because everyone needs correction sometimes. People aren’t perfect, so they’re going to make mistakes. Communication isn’t foolproof, so sometimes followers misunderstand what is being requested. And a need for a course correction arises.

The Ten Commandments of Confrontation

So, keeping in mind the overall goals of clarifying, and treating the person the way they would want to be treated, here are my Ten Commandments of Confrontation:

1. Thou shalt confront others in private.
2. Thou shalt confront as soon as possible and not look for “a better time.”
3. Thou shalt stick to the issue at hand.
4. Thou shalt make thy point and not repeat it.
5. Thou shalt deal only with actions that can be changed.
6. Thou shalt avoid sarcasm (especially in an email or text).
7. Thou shalt avoid words like always and never because they are rarely accurate.
8. Thou shalt ask questions and offer suggestions.
9. Thou shalt not apologize for the confrontation.
10. Thou shalt remember to highlight the person’s positive contributions.

Congress — Consumer Review Fairness Act of 2016

Congress has passed the “Consumer Review Fairness Act of 2016” preserving freedom of speech when negative reviews are posted online.

http://www.pcmag.com/news/349960/congress-passes-bill-protecting-consumer-reviews

A bill protecting US customers’ right to post negative online reviews is awaiting the President’s signature.  The Senate this week unanimously passed legislation that will outlaw the use of “gag clauses” by businesses trying to silence criticism of products and services.  Following its introduction in the fall of 2015, the Consumer Review Fairness Act gained House approval in September and proceeded through the Senate on Monday.

The Consumer Review Fairness Act voids any provision of a form contract that prohibits or restricts individuals from posting written, oral, or pictorial reviews about the goods, services, or conduct of a company.  “Reviews on where to shop, eat, or stay on websites like Yelp or TripAdvisor help consumers make informed choices about where to spend their money,” Internet subcommittee ranking member Brian Schatz (D-Hawaii) said in a statement.

The full text of bill is noted below:

H.R.5111 – Consumer Review Fairness Act of 2016
https://www.congress.gov/bill/114th-congress/house-bill/5111/text

Removal instructions for Secure PC Tuneup

What is Secure PC Tuneup?

The Malwarebytes research team has determined that Secure PC Tuneup is a “system optimizer”. These so-called “system optimizer” use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.

https://forums.malwarebytes.org/topic/191319-removal-instructions-for-secure-pc-tuneup/

How to Turn On or Off Play Store Games Offline on Windows 10 PC

If you’re planning to be in an area with no online coverage, such as on a long-distance flight or a sailing excursion, you can prepare your Windows 10 device to allow you to play offline. Most games available in the Store on your Windows 10 device support offline play, but check the details of the game to make sure yours is supported by searching for your game at Xbox | Official Site.

Most games with a campaign mode will be playable offline, but games with network co-op or multiplayer features will not work while you’re offline.

While playing offline, some features, such as the ability to purchase additional items from the Windows Store, will not be available. Additionally, any leaderboards will be unavailable while you’re offline.

This tutorial will show you how to turn on or off offline permissions in the Store to play games offline on your Windows 10 PC.

Read more…

Windows 10 Professional – Feature and Security update deferral settings

While corporate settings will govern many WIN10 PRO and Enterprise devices, home users using WIN 10 professional have an option to delay feature updates for a period of time allowing complex feature releases to better achieve stability as fixes are performed based on early issues.

http://www.pcworld.com/article/3145473/windows/how-to-defer-windows-10-updates.html

Forced updates in Windows 10 have their appeal. For Microsoft, it helps keep the majority of its users on the same build of Windows 10, reducing legacy support issues. For users, it keeps your system up-to-date and reduces the chances of getting hit with malware that takes advantage of unpatched systems.

But some folks resent the idea of having updates forced on them—especially when some of those updates cause problems. If you’re running Windows 10 Home you’re at the mercy of Microsoft’s update schedule. Windows 10 Pro and Enterprise users, however, have the opportunity to defer certain types of updates.

First, click on Start and select the Settings cog icon on the left side of the Start menu to open the Settings app. Now go to Update & Security > Windows Update; under the “Update settings” sub-heading, select Advanced options. A new Advanced options screen will pop up. From here, click the Defer feature updates check box.

What deferring Windows 10 updates means — Adjusting this setting puts you on a special update channel for Windows 10 known as the “Current branch for business.” This version of Windows 10 doesn’t receive feature upgrades as quickly as everyone else. Security updates, however, are delivered on the same schedule regardless of branch. Microsoft says that when you defer upgrades you won’t be forced to install feature updates (such as the upcoming Creators Update) for “several months.”

Malware – ImageGate embeds malicious code in graphics files

Checkpoint security describes an innovative attack where ImageGate embeds malicious code in graphics files.  Users should exit their browser session if an unusual file unexpectedly starts to download after clicking on an image.

http://blog.checkpoint.com/2016/11/24/imagegate-check-point-uncovers-new-method-distributing-malware-images/

Check Point researchers identified a new attack vector, named ImageGate, which embeds malware in image and graphic files. Furthermore, the researchers have discovered the hackers’ method of executing the malicious code within these images through social media applications such as Facebook and LinkedIn.

According to the research, the attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website. The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users’ device as soon as the end-user clicks on the downloaded file.

As more people spend time on social networking sites, hackers have turned their focus to find a way in to these platforms. Cyber criminals understand these sites are usuallywhite listed’, and for this reason, they are continually searching for new techniques to use social media as hosts for their malicious activities. To protect users against the most advanced threats, Check Point strives to identify where attackers will strike next.

Check Point recommends the following preventive measures:

1.If you have clicked on an image and your browser starts downloading a file, do not open it. Any social media website should display the picture without downloading any file

2.Don’t open any image file with unusual extension (such as SVG, JS or HTA).

ImageGate: Check Point uncovers a new method for distributing malware through images

Malware – Ransomware new Cerber and Locky variants NOVEMBER 2016

Ransomware variants continue to emerge as security vendors attempt to keep pace of developments.

http://blog.checkpoint.com/2016/11/24/14959/

During Thanksgiving holidays, Cerber and Locky, the two most popular ransomwares out there, have launched new variants to the wild simultaneously. The new ransomware versions released perform slender, yet very interesting, changes that may affect the way they are being detected.

CERBER 5.0 Uses New IP Ranges — The actors behind Cerber, like other actors in the ransomware industry, innovate on a daily basis. Only yesterday (November 23rd, 2016) a new version of Cerber was released (4.1.6); however no prominent changes were noticeable in it. Less than 24 hours later, Cerber released the new version, 5.0, which is described in this article.

LOCKY — The ever changing Locky ransomware has just released a new variant which implements new evasion techniques and adjusted ransom tariff. Locky is known for being downloaded as a dll file using JavaScript based downloader. Although the new variant acts just the same, the JavaScript downloader pulls disguised .TDB file which turns to be a PE file. Locky’s threat actor probably wishes to evade security products that sign the already known infection chain

How do I install SQL Server Reporting Services (SSRS) on an existing SQL 2014 server?

How do I install SQL Server Reporting Services (SSRS) on an existing SQL 2014 server?

So you want to be able to run Reports in SCCM / ConfigMgr but don’t have SQL Server Reporting Services (SSRS) installed on your existing SQL 2014 server? Wondering how to install SSRS on an existing SQL 2014 Server? Well in this post we show you how.

You need a subscription to access the answer.

The post How do I install SQL Server Reporting Services (SSRS) on an existing SQL 2014 server? appeared first on FAQShop.

Source:: http://faqshop.com/feed

How do I install SQL Server Reporting Services (SSRS) on an existing SQL 2014 server?

How do I install SQL Server Reporting Services (SSRS) on an existing SQL 2014 server?

So you want to be able to run Reports in SCCM / ConfigMgr but don’t have SQL Server Reporting Services (SSRS) installed on your existing SQL 2014 server? Wondering how to install SSRS on an existing SQL 2014 Server? Well in this post we show you how.

You need a subscription to access the answer.

The post How do I install SQL Server Reporting Services (SSRS) on an existing SQL 2014 server? appeared first on FAQShop.

Source:: http://faqshop.com/feed

Apple – iOS 10 slideshow of 30 user tips for new version

PC Magazine has created a slideshow of 30 user tips for new Apple iOS 10 version

http://www.pcmag.com/slideshow/story/347908/30-hidden-tips-for-mastering-ios-10

Apple’s iOS 10 didn’t have the smoothest of rollouts; there were some unique quirks.  In PC Labs, our analysts updated five iPhones to iOS 10 and it worked great—on four of them. At this point, you’re probably in the clear, though, and iPhone power-users will want to know exactly what’s in store. These tips cover the best new features that aren’t always obvious when first using Apple’s newest mobile OS.

Recent Comments

Archives