Hackers use SMS to get cash from ATMs

Microsoft is going to drop out Windows XP from its service from next month, and about 95 percent of the ATM's all over the world will get effected by this, as All ATM's machine runs on Microsoft Windows XP. This is will be the major problem for all the Banks worldwide. Some of the Banks have decided to pay sum of the amount to Microsoft to keep the security update. But India is the only country who is migrating from Windows to Linux, and applying their own developed Linux distro "BOSS" to ATM's through out the country.
As usual ATMs are in the target of cyber criminals from a long wide, and once again hackers have found the new way to get the pay from the ATM in a illegal way. According to the Symantec, hackers have found a way to steal money from ATM's using a text message. This attack was first noticed by the firm in late last year, when the attacks were happening in Mexico.



On Monday, Symantec made a post which stats that Firm have noted a new malware called Backdoor.Ploutus. The Ploutus malware allows attackers to send an SMS message to a phone that is attached to an ATM. The ATM will then spit out the amount of money requested.



Symantec explains "The attacker first needs to upload the Ploutus malware to the ATM using either aUSB drive or a CD-ROM. Once Ploutus has been uploaded, the attacker also needs to attach a cell phone to the ATM using USB tethering. This allows the ATM and the cell phone to share an Internet connection while simultaneously charging the cell phone. The attacker then needs to send the attached cell phone two SMS messages. According to Symantec, the first “must contain a valid activation ID in order to enable Ploutus in the ATM” and the second “must contain a valid dispense command to get the money out”. The Ploutus malware will then tell the ATM to dispense a preset amount of money, which is then picked up by what Symantec calls a “money mule”.

To prevent this attack, Symantec recommends to update the operating system from XP to Latest version. Apart from this, physical security also to be taken, as attacker cannot be done entirely remotely. Symantec also recommends full-disk encryption and preventing booting up from unauthorized disks or USB drives.

Watch Video about ATMs Malware attack:  http://www.youtube.com/watch?v=53vjNDV4RAY&feature=youtu.be

Google now encrypts its emails for better security

Internet giant Google has announced encryption of its popular Gmail service as part of its move to make communication over its server more secure and reliable and to prevent breach into its security.

"Your email is important to you, and making sure it stays safe and always available is important to us," said Nicolas Lidzborski, Gmail Security Engineering chief.

"Starting today, Gmail will always use an encrypted HTTPS connection when you check or send email. Gmail has supported HTTPS since the day it launched, and in 2010, we made HTTPS the default," Lidzborski said in a blog post yesterday.

"Today's change means that no one can listen in on your messages as they go back and forth between you and Gmail's servers - no matter if you're using public WiFi or logging in from your computer, phone or tablet," he said, announcing the latest move by Google to reassure customers following whistleblower Edward Snowden's revelations about surveillance by American National Security Agency.

According to the Google official, every single email message one sends or receives - 100% of them - is encrypted while moving internally.

"This ensures that your messages are safe not only when they move between you and Gmail's servers, but also as they move between Google's data centres - something we made a top priority after last summer's revelations," he claimed.

In 2013, Gmail was available 99.978% of the time, which averages to less than two hours of disruption for a user for the entire year.

"Our engineering experts look after Google's services 24X7 and if a problem ever arises, they're on the case immediately. We keep you informed by posting updates on the Apps Status Dashboard until the issue is fixed, and we always conduct a full analysis on the problem to prevent it from happening again," Lidzborski said.

Hackers are now targeting your router

Many service providers give you a cable or DSL modem with a built-in router. These steps still work for combined units.

First, let’s protect your router. There are three simple steps.

1) You need to do a geeky thing called “updating the firmware.” Every router maker’s process is a little different, but here’s the basic outline.

First, find your router’s program on your computer. Fire it up and it should automatically find your device.

If you don’t have a router program, look up your router’s manual online and see what the device’s IP address is.

Type the number that corresponds to your router’s address into your browser and enter the default login password found in the manual.

While you’re in the router settings, make sure to change the default login password that came with the router. There should be a button labeled “update firmware.” Hit that and go through the process. That will, at least in theory, provide the company’s latest protection. (Bonus: It might increase your device’s performance, too.)

2) Make sure you turn on wireless encryption and provide a strong password. Strong passwords are a pain, but for your home network you just have to enter it once for each gadget. Just remember to keep it written down in a safe place in case you forget it.

Because computer manufacturers want to make our life more complicated, we are confronted with another blinding array of complicated acronyms when it comes to choosing what encryption to set. Look around for an option to secure the network using WPA2. It’s the best protection right now.

It’s smart to put in a long and complex password. Again, it’s a pain, but it will make your network secure from anything but industrial-strength attacks.

3) Finally, take your router offline and make it invisible to passers-by. In the settings, turn off SSID (or network name) broadcasting. This keeps your network hidden unless you know the name. Be sure to change the network name to something that’s hard for someone to guess.

Now your router is safe from attacks. Let’s save you some money and improve your Internet service.

Check your Internet speed using the handy testers available at Speedtest.net or Speakeasy.net. Do it with your computer plugged in to your modem with an Ethernet cable. Keep notes on the plugged-in speed.

If you are one of those lucky folks who have competing Internet and cable providers in town, the first step is to call your cable company and try to negotiate your bill down. If your download speed is significantly slower than what’s promised, start off giving them heck about that.

For cable companies, call and say you’re looking at an offer from a satellite provider. If you have a cable modem for Internet service, say that you’re looking at a cellular, satellite and DSL offer.

Next, make sure you have the fastest modem available. Most cable customers are paying a per-month cable modem rental. If that’s your deal, make sure you’ve got a DOCSIS 3 modem. Get an upgrade if you don’t.

Finally, there’s your wireless router. This gobbledegook nomenclature is a pain, but you have to make sure you have one that uses the 802.11n standard. If it’s 802.11 b or 802.11g, you should know those are very old standards. The cost of a new “n” one will really be worth it in terms of speed.

If you are buying a new router, consider whether you’re going to be getting a new computer or tablet soon. If so, consider paying a little extra for the very newest standard or 802.11ac. That won’t help most older computers, but it’s a speedy step forward for routers. You’ll be glad you did as you get new devices that adhere to that standard.

Keep your kids safer on internet

When you turn on Family Safety for a child's account, monitoring starts automatically. Family Safety sends regular activity report emails to your Microsoft account, summarizing how much time the child spent on the PC, the websites they visited, the games and apps they used, and the terms they've looked up in search engines like Bing, Google, or Yahoo! Search.

The email summary gives you a lot of info about your child's PC activities at a glance. But you can always delve into more details and change permissions and other settings based on the activity info by choosing a link in the email report to view the report online. You can also open the report from the Family Safety website.

Here's how:
1. Go to the Family Safety website and sign in.
2. Tap or click the name of the child whose report you want to see, and then tap or click Activity reporting. 

Make sure activity reporting is turned on.

Summary details:
The top half of the Summary page shows info about the websites your child has visited recently, and any web searches they've recently performed. The bar chart of most popular websites indicates the top five sites they've been to and how many pages within each site they've looked at, but doesn't show how long they might have spent on each site. To see a complete list of every website your child's visited in the last week, tap or click see all above the chart. All of the web addresses and search terms shown on the Summary page are also links that you can tap or click.

The bottom half of the Summary page shows info about how much time your child spent on the PC, the apps and games they used most frequently, and any downloads they've made from the Windows Store.
Web activity

For a complete list of your child's Internet activities, you can also tap or click Web activity. This page shows all of the sites your child visited or tried to view, including sites that Family Safety considers "suspicious" or potentially inappropriate. TheAction taken column indicates whether Family Safety allowed the site, or blocked some or all of its content. The Categorycolumn shows the website categories as determined by Microsoft, but you can dispute a site rating if you disagree. Use the buttons in the Change settings column to allow or block your child's future visits to a particular site.
PC activity

For a breakdown of your child's overall PC use, tap or click PC activity tab. The Sessions section indicates when and for how long your child used the PC during the week. The Apps and games section lists each app or game that your child used, when, and for how long. The Action column also indicates whether your child was blocked from using a particular app.

File downloads from the Internet and downloads or updates from the Windows Store are listed separately in their respective sections. If your child downloaded a game from the Windows Store, and then played it for 45 minutes, that game will appear in both the Windows Store downloads and the Apps and games sections of this page.

Read more from: http://windows.microsoft.com/en-us/windows-8/monitor-child-pc-activity

Free Kall on your mobile and landline

For those who do not mind the annoyance of advertisements right in the middle of a conversation, a team of engineers in Bangalore has a free voice calling service for any part of the world. Termed FreeKall, it brings voice-over-internet-like services to those without internet access.

The idea, which was thought up in the dorm of M S Ramaiah Institute of Technology in Bangalore, was launched as a service last Saturday. Still in beta, or testing phase, nearly four lakh FreeKalls have been made so far.

"The response has been phenomenal. Our servers crashed about seven times and we had to bring it back up," said Yashas Shekar, a 23-year-old who cofounded the company with college-mates Vijayakumar Umaluti and Sandesh Eshwarappa. "On the flip side Sandesh, and Vijayakumar have not slept since Saturday," chuckled Shekar, a former Godrej Interio employee who shut his first venture, a web development firm, to concentrate on this startup.

The service, in some ways, is reminiscent of the trunk calls of the last century, except that the cloud infrastructure does the job instead of an operator. To make a FreeKall a user dials number 080-67683693 and the call is disconnected after just one ring. Following this, the system calls back the user, and an automated system prompts the user to dial the desired number. Lo and behold, the call is connected. The system can currently support 10,000 requests per second. If it goes beyond that, it will not be returned.

"I must say, someone has thought out of the box. This can be truly disruptive if it works out well," said Hemant Joshi, who oversees the telecom practice at consulting firm Deloitte.

FreeKall makes money by making people listen to advertisements. So, when the call is connected, the user hears an advertisement instead of a ringing tone. And at intervals of two minutes, the caller and the called party will have to pause the conversation and hear an advertisement for soaps, shampoos and the like.

For now, unregistered users can make calls that last three minutes. For those who register, the conversations can last 12 minutes. In about a month, there will be no limit on the amount of time a person can FreeKall. International calls will be possible in about a month, once legal clearances are obtained.

The company is aiming for 10 million calls a day in India and expects revenue of $30 million ( 185 crore) by the end of the next fiscal. It plans to take its business to Africa soon.

Read more at: http://articles.economictimes.indiatimes.com/2014-03-05/news/47933737_1_user-skype-advertisements

Windows XP OS support Stopped now

Microsoft has provided support for Windows XP for the past 12 years. But now the time has come for us, along with our hardware and software partners, to invest our resources toward supporting more recent technologies so that we can continue to deliver great new experiences.

As a result, after April 8, 2014, technical assistance for Windows XP will no longer be available, including automatic updates that help protect your PC. Microsoft will also stop providing Microsoft Security Essentials for download on Windows XP on this date. (If you already have Microsoft Security Essentials installed, you will continue to receive antimalware signature updates for a limited time, but this does not mean that your PC will be secure because Microsoft will no longer be providing security updates to help protect your PC.)

If you continue to use Windows XP after support ends, your computer will still work but it might become more vulnerable to security risks and viruses. Also, as more software and hardware manufacturers continue to optimize for more recent versions of Windows, you can expect to encounter greater numbers of apps and devices that do not work with Windows XP.
Upgrade your current PC

Very few older computers will be able to run Windows 8.1, which is the latest version of Windows. We recommend that you download and run the Windows Upgrade Assistant to check if your PC meets the system requirements for Windows 8.1 and then follow the steps in the tutorial to upgrade if your PC is able.

Windows 8.1 makes it easy to do all the things you're used to doing with Windows XP while opening up a whole new world of possibilities for you to explore and enjoy.

Read more: http://windows.microsoft.com/en-US/windows/end-support-help

List of February Data Breaches and Cyber Attacks

February 28th, 2014 by Lewis Morgan

Whilst the short month of February comes to an end, a significant amount of organisations are coming to terms with the data breaches and or cyber attacks they have suffered.

Similar to January, there have been high profile online attacks such as those of Kickstarter, Forbes.com and Tesco. Most of those have resulted in customer information being stolen. But it’s important to remember that not all attacks are carried out online. Data breaches can be caused by offline activities too, such as laptop theft; which is how two of the below attacks occurred.

The following list reveals the names of some of the companies that have suffered online and offline breaches in February:

Online Attacks:

Forbes.com Hacked by Syrian Electronic Army Because of “Hate for Syria”

Hackers disabled e-mail systems and take over Las Vegas Sands Hotels and Casinos Website

Tesco customers’ usernames and passwords exposed by hackers

Kickstarter hacked: Passwords, phone numbers, and phone numbers stolen

Ethical hacking organization hacked, website defaced with Edward Snowden’s passport

Syrian hackers hijack FC Barcelona’s Twitter account

Twitter Commerce Plans Leak: When Will Businesses Learn About Secure Data Sharing?

Mt. Gox exchange goes dark as allegations of $350 million hack swirl

University of Maryland breach impacts more than 300,000

Hackers breach Texas college server, thousands compromised

Texas health system attacked, data on more than 400K compromised

YouTube ads spread banking malware

Offline Attacks:

Roughly 1,100 Indianapolis patients impacted following laptop theft

Missing thumb drive puts 3,500 Texas cancer centre patients at risk

Laptop stolen from California charity employee, thousands impacted

Nielsen staffer accidentally sends mass email containing employee data

BoI customers hit as skimmers hack into their current accounts