Get Your Free Subscription By Email:

Chinese Android Phone Comes Pre-loaded With Spyware As Fake Google AppStore

More and more cases on spying using electronic devices are coming into light, few days ago it was reported that NSA of USA is doing targeted spying by intercepting and bugging electronic devices with backdoors to users in their surveillance list. Many countries including USA and India have already banned Chinese technology in sensitive departments after fearing hidden backdoors which can be used for spying, we have also shared the news of Spyware Electric Kettles and Hidden Backdoor in Routers earlier on this blog.

This time the experts at the German security vendor GDATA have discovered dangerous computer malware in firmware of an Android device, the "N9500" model of Android smartphone which is produced by the Chinese manufacturer Star comes per-loaded with Spyware straight from the factory disguised as Google Play Store app giving it full access on the device.

China Android Spyware

It is also not possible to remove the manipulated app and the spyware as they are integrated deep into the firmware preventing removal. Large online retailers are still selling the Android device at prices ranging from 130 to 165 euros and distributing it across Europe.

Samsung Galaxy S5′s Fingerprint Authentication Hacked And Used To Perform Paypal Transaction

While Apple iPhone 5S fingerprint scanner got pwned in a similar fashion, the problem with Samsung implementation is that they are using this to authorize payments on their device as shown in the video demonstration shared below.

Bypassing Youtube Age Restricted Videos Without Signing In

Since Youtube caters to a wide-variety of users groups all around the globe, it imposes several types of restrictions to filter out non-suitable content citing various criteria like users Geographical location and age. We have already shared tricks to bypass Youtube country specific geographic censorship and even how to watch videos deleted from Youtube (providing they are still on Youtube cache servers distributed across the globe).

Today we will show a trick on how to bypass the "Youtube Content Warning : This video may be inappropriate for some users." without signing-in or need to have a Youtube/Google account (which also avoids tracking and prevents similar type of videos being shown on Youtube front-page when signed-in).

Bypassing Youtube Age Restricted Videos

Configuring Network Folder Sharing On Radxa Rock

Radxa Rock - the cheap and powerful quad-core mini-computer has already receiving great success with majority of stock vanishing across all major online distributors. Luckily, I had received my Radxa Rock a while back and has now successfully taken over the job of my Wireless Network Attached Storage (NAS) from Raspberry Pi.

The process of setting up NAS on Radxa Rock is much more easier then Raspberry Pi as the external disk is automatically detected and mounted on every boot (Thanks to Ubuntu Desktop based Linaro image), but when using the folder sharing via Samba Share we need to add an extra line to smb.conf to make the data accessible over network.

Network Folder Sharing Over Samba

Hacking VLC To Run As Root On Linux

If you try to run VLC under root user on Linux, you will be blocked with message : "VLC is not supposed to be run as root. Sorry. If you need to use real-time priorities and/or privileged TCP ports you can use vlc-wrapper (make sure it is Set-UID root and cannot be run by non-trusted users first).". While it is a good security practice to not run non-system executables under root privileges, but at times you might need the exception. Here's a solution to allow VLC and cvlc (command-line version of vlc) run under the root user-account.

VLC no root allowed error

Asus Leaves Router Users Wide Open For Anybody To Access Their Disks

We have already seen how vulnerable routers can be a security threat, but ASUSTeK Computer Inc (ASUS) made everything feel small by leaving two critical flaws allowing anybody in the world to simply open a web-browser and access any Asus routers data with full read-write permission by simply typing a URL. This is not all, when notified about the severe design flaw, the company did nothing and ignored emails and phonecalls by researcher Kyle Lovetts who discovered the flaw.

To make their point and expose the vulnerability, a group did some guerrilla styled attack hacking into 13,000+ IP addresses using vulnerable Asus routers and left a text-file explaining the hack into user's router attached media disks. The text file informed users : "This is an automated message being sent out to everyone effected [sic]," the message, uploaded to his device without any login credentials, read. "Your Asus router (and your documents) can be accessed by anyone in the world with an Internet connection. You need to protect yourself and learn more by reading the following news article: http//nullfluid.com/asusgate.txt."

Visiting the mentioned url (as shown below), shows details about the exploit and how Asus has left users with an wide-open ftp server allowing anonymous login with full read-write privilege and AiCloud usernames and passwords stored in a plaintext file which is available for download without logging in. The group also made public a torrent link containing 10,000+ list of files stored on the Asus-connected hard drives for anybody to access.

Asusgate

Fixing The Horrible Windows "Unable To Access" Network Resource Error

Microsoft Windows has came a long way since the dreadful days of common OS crashes and BSOD's, I have been using my current install of Microsoft Windows 7 since past 2.5 years and never faced any major annoyance. Suddenly, few days ago my computer failed to connect to any shared network folder and greeted me with the error "Windows cannot access \\machine\sharedfolder, error code 0x80004005" every-time I tried accessing a network resource as shown below. Strangely, the computer was discovering other computers on the network and I was able to ping and SSH into them like my Raspberry Pi Network Attached Storage (NAS). After, trying everything from messing with firewall settings, completely uninstalling Kaspersky Internet Security 2014, enabling all sorts of networking services and changing security policies nothing worked. After 5 days of reading numerous articles on the internet I finally managed to nail this and solve this problem as shared below.

Unable to Browse the Network

Fixing dllhost.exe Constant CPU Usage And Memory Leak

A long ago we shared a solution for "Windows 7 Lock-up While Using Windows Photo Viewer" which involved dllhost.exe's incompatibility with Kaspersky Antivirus. I recently faced a similar issue where Microsoft's genuine dllhost.exe file was constantly using 25% of CPU with ever increasing RAM (a memory leak) consumption, this time it was not the Kaspersky incompatibility causing the issue but a Windows 7 bug how it handles thumbnail generation. The reason for the issue was a broken video download on my Desktop, Windows was trying to generate thumbnail for that broken/incompatible video file and failing causing the constant CPU usage - the solution was to simply delete the problematic file or move it to a inner folder in which case the problem will occur only when accessing that particular folder.

dllhost.exe causing high cpu and RAM usage

BSNL Security Loophole Allows Anybody To See Your Account Balance Amount And Expiry Date

Bharat Sanchar Nigam Limited (BSNL), the Indian state-owned telecommunications company is neither known for it's quality of service nor for customer satisfaction. To make their services more user-friendly they started allowing quick online recharge facility from their website, but this service has a data privacy loophole where anybody can check any BSNL subscribers prepaid balance with expiry date. While this may not sound a big security risk the data exposed can be used to device social-engineering phishing attacks, for example - a malicious hacker can fetch this data and utilize it for calling the subscriber as an BSNL employee supplying this information to gain trust of the consumer and asking them to order a highly subsidized online recharge from a fake website.

BSNL Security Loophole

Wondershare Photo Recovery : Media Recovery Utility For Windows And Mac

Photos are one the most important memories of your life which nobody would like to loose, luckily there are chances of data recovery even after an accidental deletion and professional utilities like "Wondershare Photo Recovery" comes to a user's rescue in such bad situations.

Wondershare Photo Recovery is an commercial utility for Windows and Mac users allowing recovery of media files from digital camera, memory card, USB drive, hard drive and other storage devices with a few clicks. The simple to use point-n-click utility allows recovery of deleted or formatted image, video and audio files from many storage devices.

Wondershare Photo Recovery

Pages

This is just one of the many helpful tips we have posted, You can find more stories here,
Do subscribe to updates using your favorite RSS feed reader or using the secure FeedBurner email update form on top of this post.