Monday 30 November 2020

Phishing email and fraudulent website

  Don't believe in such email as below; Don't just see the name of the sender, check the sender's email address:


If you fall for it and click the link will take you to:


IT LOOKS LIKE THE OFFICIAL CYPRUS POST OFFICE

Take a look the the URL  https: // cyprus- inc -cy. com/ user/ d8b6d

and DON'T FALL FOR IT

Wednesday 28 October 2020

Windows 10 update kills Adobe Flash

We have issued an article related to Flash RIP back in May 2020


Microsoft has rolled out an optional update for Windows 10 that permanently removes Adobe Flash from the operating system and prevents it from being re-installed.

Ahead of the long-awaited end-of-life date for Adobe Flash, which will fall on 31 December 2020, Microsoft has released a tool for Windows 10 and Window Server that strips out all elements of the software.

The company has released the removal tool in advance of this cut-off point to help customers test and validate their environments for any impact that might occur by the removal of Adobe Flash Player.

Adobe decided in 2017 to retire its Flash Player due to the diminished usage of the technology, and the availability of better and more secure options including HTML5, WebAssembly and WebGL.

Flash Player updates and patches will continue to be rolled out between now and the end of 2020, although will cease once 31 December is reached. Disruption shouldn’t be too severe, however, given just 5% of websites were still using the environment as of 2018. 

source: ITPro

Sunday 27 September 2020

Ransomware Attacks are not problem for us

 


If there is one characteristic that defines cybercrime today, it is the capacity to evolve and adapt to new environments and the ability to find ways of evading the cybersecurity measures taken by victims. 

Ransomware is no exception. One of the main features of ransomware as a threat, in addition to kidnapping data, is that it is constantly reinventing itself to persist over time and ineffectiveness.

This type of malicious software has evolved greatly since it began, and today there is a wide variety of families in existence, giving rise to new, more sophisticated strains.

Did you know that?

  • 65% of ransomware infections are delivered via phishing 
  • A ransomware attack will take place every 11 seconds by 2021 
  • 85% of ransomware attacks target Windows systems. 
  • The average cost of a ransomware attack in 2019 was $133,000 
  • 50% of IT professionals don’t believe that their organization is ready to defend against a ransomware attack.  
  • Hackers attack  every 39 seconds or an average of 2,244 times a day 
  • Between January 1st and June 30th, 2020, ID Ransomware received 100,001 submissions relating to attacks that targeted companies and public sector organizations. 
  • 90 % of IT pros had clients that suffered ransomware attacks in the past year 
  • Ransomware costs will reach $20 billion by 2021 
  • 51% of businesses have been impacted by ransomware in the last year
  • 0 affected Scicane customers
Don't be a victim - Contact us for further information @ info@scicane.com (no obligation)

What is Grep Command in Linux? Why is it Used and How Does it Work?

 Grep is a command-line utility in Unix and Linux systems. It is used for finding search patterns in the content of a given file.

With its unusual name, you may have guessed that grep is an acronym. This is at least partially true, but it depends on who you ask.

According to reputable sources, the name is actually derived from a command in a UNIX text editor called ed. In which, the input g/re/p performed a global (g) search for a regular expression (re), and subsequently printed (p) any matching lines.

The grep command does what the g/re/p commands did in the editor. It performs a global research for a regular expression and prints it. It is much faster at searching for large files.

grep command meaning

This is the official narrative, but you may also see it described as Global Regular Expression (Processor | Parser | Printer). Truthfully, it does all of that.

The interesting story behind the creation of grep

Ken Thompson has made some incredible contributions to computer science. He helped create Unix, popularized its modular approach, and wrote many of its programs including grep.

Thompson built grep to assist one of his colleagues at Bell Labs. This scientist's goal was to examine linguistic patterns to identify the authors (including Alexander Hamilton) of the Federalist Papers. This extensive body of work was a collection of 85 anonymous articles and essays drafted in defense of the United States Constitution. But since these articles were anonymous, the scientist was trying to identify the authors based on linguistic pattern.

The original Unix text editor, ed, (also created by Thompson) wasn't capable of searching such a large body of text given the hardware limitations of the time. So, Thompson transformed the search feature into a standalone utility, independent of the ed editor.

If you think about it, that means Alexander Hamilton technically helped create grep. Feel free to share this fun fact with your friends at your Hamilton watch party. 🤓

What is a Regular Expression, again?

A regular expression (or regex) can be thought of as kind of like a search query. Regular expressions are used to identify, match, or otherwise manage text.

Regex is capable of much more than keyword searches, though. It can be used to find any kind of pattern imaginable. Patterns can be found easier by using meta-characters. These special characters that make this search tool much more powerful.

Regular Expression aka regex

It should be noted that grep is just one tool that uses regex. There are similar capabilities across the range of tools, but meta characters and syntax can vary. This means it's important to know the rules for your particular regex processor.


More info and full article

Friday 8 May 2020

Adobe FLASH RIP


Adobe posted on the 25th of July 2017 the forthcoming death of Flash player.


Adobe has long played a leadership role in advancing interactivity and creative content – from video, to games and more – on the web. Where we’ve seen a need to push content and interactivity forward, we’ve innovated to meet those needs. Where a format didn’t exist, we invented one – such as with Flash and Shockwave. And over time, as the web evolved, these new formats were adopted by the community, in some cases formed the basis for open standards, and became an essential part of the web.

But as open standards like HTML5, WebGL and WebAssembly have matured over the past several years, most now provide many of the capabilities and functionalities that plugins pioneered and have become a viable alternative for content on the web. Over time, we’ve seen helper apps evolve to become plugins, and more recently, have seen many of these plugin capabilities get incorporated into open web standards. Today, most browser vendors are integrating capabilities once provided by plugins directly into browsers and deprecating plugins.

Given this progress, and the collaboration of several technology giants – including Apple, Facebook, Google, Microsoft and Mozilla – Adobe has planned to 'switch off' Flash. Specifically, they will stop updating and distributing the Flash Player at the end of 2020. They encourage content creators to migrate any existing Flash content to these new open formats.

Firefox and Chrome keep notifying users when visiting flash enabled sites that they will stop working at the very same date. Thus get prepared, any site you depend on, is using Flash, you will not be able to open or run (if you are the owner/hoster) by the end of this year.

Monday 6 April 2020

Critical Flaw in Windows Preview Pane

Microsoft on 23/3/2020 issued Security Advisory ADV200006 for a "Critical"-rated remote code execution vulnerability in both supported and unsupported Windows systems.

Microsoft updated its security advisory on March 24 to indicate that the vulnerability is just rated "Important" for Windows 10, Windows Server 2016 and Windows Server 2019 systems. It's still rated "Critical" for older systems, though. "We do not recommend that IT administrators running Windows 10 implement the workarounds described below," the advisory explained.

The vulnerability, associated with the Adobe Type Manager Library in Windows systems, has been exposed to "limited, targeted attacks," per the advisory. The library "improperly handles a specially crafted multi-master font." This flaw can be exploited by "convincing a user to open a specially crafted document or viewing it in the Windows [Explorer] Preview pane."

There's no patch currently available. Microsoft's advisory offered three "workarounds" to implement, but they all have limitations.

More info & sources: Microsoft, Redmond

Thursday 2 April 2020

Zoom: It appears to have more problems than it solves

Zoom admits meetings don't use end-to-end encryption

Video conferencing app Zoom does not use end-to-end encryption, according to reports, despite specifically stating that it does on its website.


Though Zoom offers users the option to “enable an end-to-end (E2E) encrypted meeting,” and provides a green padlock that claims “Zoom is using an end to end encrypted connection,” the company this week admitted that offers no such thing.

A spokesperson for the company told The Intercept that, despite its claims, it was "currently not possible" to enable end-to-end encryption for its video meetings.

Instead, the spokesperson revealed, the service uses Transport Layer Security (TLS) which encrypts data between user's meetings and Zoom's servers. End-to-end refers to data encrypted between calls, blocking out third parties - which includes the service provider. As a result, the company can see and use the data for things like targeted ads. 

"When we use the phrase ‘End to End’ in our other literature, it is in reference to the connection being encrypted from Zoom end point to Zoom end point,” the spokesperson added.

Part of Zoom's appeal to organisations is its simplicity and the fact it can be used for free, albeit without any premium features, which lets businesses try it out before forking out any money. "Video conferencing is a fantastic necessity in times like these but it is vitally important to understand the security and privacy concerns that go in parallel with this increasingly popular form of communication," said Jake Moore, a cyber security specialist for ESET. "For social and light business meetings they are fine as long as users realise what data is being shared by Zoom to third parties. I certainly wouldn't recommend using free software for sensitive or private meetings."

Unpatched Zoom App Bug Lets Hackers Steal Your Windows Password

According to the latest finding by cybersecurity expert @_g0dmode, which was also confirmed by researcher Matthew Hickey and Mohamed A. Baset, the Zoom client for Windows is vulnerable to the 'UNC path injection' vulnerability that could let remote attackers steal login credentials for victims' Windows systems.


The attack involves the SMBRelay technique wherein Windows automatically exposes a user's login username and NTLM password hashes to a remote SMB server when attempting to connect and download a file hosted on it.

The attack is possible only because Zoom for Windows supports remote UNC paths, which converts such potentially insecure URLs into hyperlinks for recipients in a personal or group chat.


To steal the login credential of user running zoom for Windows, all an attacker needs to do is sent a crafted URL (i.e. \\x.x.x.x\abc_file) to the victim over its chat interface, as shown, and wait for the victim to click it once.

To be noted, the captured passwords are not plaintext, but a weak one can easily be cracked in seconds using password cracking tools like HashCat or John the Ripper.

In a shared environment, like office space, stolen login details can be reused immediately to compromise other users or IT resources and launch further attacks.

Besides stealing Windows credentials, the flaw can also be exploited to launch any program already present on a targeted computer or downloaded as part of the attacker's social engineering campaign.


Zoom has already been notified of this bug, but since the flaw has not yet been patched, users are advised to either use an alternative video conferencing software or Zoom in your web browser instead of the dedicated client app.

Source(s) & more info: Hacker News, ITPro

Sunday 29 March 2020

UPDATED: Zoom beams iOS user data to Facebook for targeted ads

According to ITPro, Zoom has updated the code in its platform to remove the in-app ‘Login with Facebook’ feature on iOS platforms after it emerged the Facebook SDK was unnecessarily collecting user device information.

The conferencing app, which has exploded in popularity, doesn’t explicitly say it sends data to Facebook in its privacy policy

The video conferencing platform Zoom is sending iOS users’ analytics data to Facebook without explicit consent, even if users don’t have an account with the social networking giant.

The popularity of the online communications software has exploded in the last few weeks as more and more workers and individuals adjust to remote working and life in self-isolation, and search for ways to stay in touch.

Zoom is transferring some user data to Facebook through one of the social media platform’s software development kits (SDKs), however, according to an analysis by Motherboard. Zoom users may not be aware this is happening, however. 

The conferencing app connects to Facebook’s Graph application programming interface (API) after downloading and opening the app. This API is the main route through which developers can send and receive data to and from Facebook. 


According to the analysis, Zoom notifies Facebook when an iOS user opens the app, and then provides details on the user’s device, including the model, as well as their time zone, and city they’re connecting from. 

More info and resources: Motherboard, ITPro

Saturday 28 March 2020

Microsoft Teams

Microsoft Teams Commercial Cloud Trial offer

The Microsoft Teams Commercial Cloud Trial is replaced by Microsoft Teams Exploratory beginning in January 2020. To learn about this new offer, read Manage Teams Exploratory license.

The Microsoft Teams Exploratory experience lets users in your organization who have Azure Active Directory (AAD) and are not licensed for Teams initiate an exploratory experience of Teams. Admins can switch this feature on or off for users in their organization. The earlier Microsoft Commercial Cloud Trial is now replaced by The Teams Exploratory experience.

Who's eligible?

As long as the user has a managed AAD domain email address and currently does not have/haven't been assigned a Teams license, they are eligible for this experience. For example, if a user has Office 365 Business (which doesn't include Teams), they're eligible for the Teams Exploratory experience.

How users sign up for the Teams Exploratory experience

Eligible users can sign up for the Teams Exploratory experience by signing in to Teams (teams.microsoft.com). They will be assigned this license automatically and the tenant admin will receive an email notification the first time someone in your org starts the Teams Exploratory experience.

Differences between Microsoft Teams and Microsoft Teams free

Microsoft Teams free
Microsoft Teams
Features
Maximum members
500,000 per org
Potentially 
unlimited 
with an 
enterprise 
license
File storage
2 GB/user and 10 GB 
of shared storage
1 TB/user
Guest access
checkmark
checkmark
1:1 and group online 
audio and video calls
checkmark
checkmark
Channel meetings
checkmark
checkmark
Screen sharing
checkmark
checkmark
Scheduled meetings
checkmark
Meeting recording
checkmark
Available with 
MS Stream
Phone calls and audio 
conferencing
checkmark
Administration
Admin tools for managing 
users and apps
checkmark
Usage reporting for 
Office 365 Services
checkmark
99.9% financially-backed 
SLA uptime
checkmark
Configurable user 
settings and policies
checkmark
More info and sources: Microsoft Support website, Microsoft Docs