Facebook Releases 'OSquery' Security Tool for Windows

OSquery, an open-source framework created by Facebook that allows organizations to look for potential malware or malicious activity on their networks, was available for Mac OS X and Linux environments until today.

But now the social network has announced that the company has developed a Windows version of its osquery tool, too.

When Facebook engineers want to monitor thousands of Apple Mac laptops across their organization, they use their own untraditional security tool called OSquery.

OSquery is a smart piece of cross-platform software that scans every single computer on an infrastructure and catalogs every aspect of it.

Then SQL-based queries allow developers and security teams to monitor low-level functions in real-time and quickly search for malicious behavior and vulnerable applications on their infrastructure.

In simple words, OSquery allows an organization to treat its infrastructure as a database, turning OS information into a format that can be queried using SQL-like statements.

This functionality is critical for administrators to perform incident response, diagnose systems and network level problems, help to troubleshoot performance issues, and more.

This open source endpoint security tool has become one of the most popular security projects on GitHub since its release in mid-2014 and was available for Linux distribution such as Ubuntu or CentOS, and Mac OS X machines.

So, if your organization was running a Windows environment, you were out of luck.

But, not today, as with the help of Trail of Bits, Facebook has finally launched the OSquery developer kit for Windows, allowing security teams to build customized solutions for their Windows networks.

"As adoption for osquery grew, a strong and active community emerged in support of a more open approach to security," reads the earlier version of Facebook's blog post provided to The Hacker News.

"We saw the long-held misconception of 'security by obscurity' fall away as people started sharing tooling and experiences with other members of the community. Our initial release of osquery was supported for Linux and OS X, but the community was also excited for a Windows version — so we set out to build it."

To get started with the OSquery developer kit for Windows, check this official documentation, the development environment, and a single script. The build is easy to install, and you can start coding right away.

You can read the full documentation of the development process of the OSquery developer kit for Windows on the blog post by Trail of Bits.

Critical - Print Spooler Bug allows hacker to hack any version of Windows

Microsoft's July Patch Tuesday offers 11 security bulletins with six rated critical resolving almost 50 security holes in its software.

The company has patched a security flaw in the Windows Print Spooler service that affects all supported versions of Windows ever released, which if exploited could allow an attacker to take over a device via a simple mechanism.

The "critical" flaw (CVE-2016-3238) actually resides in the way Windows handles printer driver installations as well as the way end users connect to printers.

The flaw could allow an attacker to install malware remotely on victim machine that can be used to view, modify or delete data, or create new accounts with full user rights; Microsoft said in MS16-087 bulletin posted Tuesday.

Users who are logged in with fewer user rights on the system are less impacted than users who operate with administrative user rights, such as some home accounts and server users.

Microsoft said the critical flaw could be exploited to allow remote code execution if an attacker can conduct a man-in-the-middle (MiTM) attack on a system or print server or set up a rogue print server on a target network.

The critical flaw was discovered and reported by the researchers at security firm Vectra Networks, who disclosed some details on the vulnerability, but didn't publish their proof-of-concept (POC) code.

You can watch the video that shows the hack in action:

In corporate networks, by default network administrators allow printers to deliver the necessary drivers to workstations or systems connected to the network. These drivers are silently installed without user interaction and run with full privileges under the SYSTEM user.

According to researchers, attackers can replace these drivers on the printer with malicious files that could allow them to execute code of their choice.

More worrisome: If the printer is behind a firewall, attackers can even hack other device or computer on that particular network, and then use it to host their malicious files.

Watering Hole Attacks via Printers

Like servers, multiple computers are also connected to printers in an effort to print documents as well as download drivers. So, this flaw allows a hacker to execute watering hole attacks technically using printers.

Watering hole attacks, or drive-by downloads, are used to target businesses and organizations by infecting them with malware to gain access to the network.

"Rather than infecting users individually, an attacker can effectively turn one printer into a watering hole that will infect every Windows device that touches it," said Vectra chief security officer Gunter Ollmann.

"Anyone connecting to the printer share will download the malicious driver. This moves the attack vector from physical devices to any device on the network capable of hosting a virtual printer image."

This flaw (CVE-2016-3238) is by far the most dangerous vulnerability of the year, which is easy to execute, provides different ways of launch attacks, and affects a huge number of users.

A second related vulnerability, CVE-2016-3239, in MS16-087 bulletin is a privilege escalation flaw that could allow attackers to write to the file system.

A security bulletin for Microsoft Office, MS16-088, includes patches for seven remote code execution (RCE) vulnerabilities, 6 of them are memory corruption flaws, which affects Microsoft Office, SharePoint Server as well as Office Web Apps.

The flaws can be exploited by specially crafted Office files, allowing attackers to run arbitrary code with same privileges as the logged in user.

Bulletin MS16-084 addresses flaws in Internet Explorer and MS16-085 in Microsoft Edge. The IE flaws include RCE, privilege escalation, information disclosure and security bypass bugs.

Edge flaws include a handful of RCE and memory corruption flaws in the Chakra JavaScript engine, as well as an ASLR bypass, information disclosure, browser memory corruption, and spoofing bugs.

Bulletin MS16-086 addresses a vulnerability in the JScript and VBScript engines in Windows, which could allow an attacker to execute remote code execution flaw, affecting VBScript 5.7 and JScript 5.8.

Rest five bulletins rated as important address flaws in Windows Secure Kernel Mode, Windows Kernel-Mode Drivers, the .NET framework, the Windows Kernel, and Secure Boot process.

Users are advised to patch their system and software as soon as possible.

WhatsApp launches Desktop Application for Windows and Mac Users

The most popular messaging app WhatsApp now has a fully functional desktop app – both for Macas well as Windows platform.

Facebook-owned WhatsApp messaging software has been a mobile-only messaging platform forever, but from Tuesday, the company is offering you its desktop application for both Windows and OS X.

Few months back, WhatsApp launched a Web client that can be run through your browser to use WhatsApp on your desktop, but now users running Windows 8 or Mac OS 10.9 and above can use the new desktop app that mirrors WhatsApp messages from a user's mobile device.

According to the company's blog post, the WhatsApp desktop app is similar to WhatsApp Web with synchronized conversations and messages

Since WhatsApp desktop app is native for both Windows and OS X platform, it can support desktop notifications and keyboard shortcuts.

WhatsApp has been rising at an extraordinary pace recently. The service has over 1 Billion monthly active users.

At the beginning of the year, the company removed its yearly $1 subscription fee. Just last month, the company rolled out end-to-end encryption for all its users' communication by default.

Here's how to Download WhatsApp Desktop Software:

1. Users running Windows 8 (or newer) or OS X 10.9 (or newer) can download WhatsApp desktop app available for direct downloading.
2. Once Downloaded, open the WhatsApp desktop app.
3. Scan the QR code with your mobile phone to Sync your device.

Now enjoy WhatsApping your friends and family straight from your desktop.

10 Most Important Announcement of Microsoft Build 2016

Microsoft holds a Build Conference every year and recently these developer events have transformed from snoozers to exciting occasions. Last year, the company came up with Windows 10 – a major winner, Cortana – a reliable virtual assistant and HoloLens features – detailing what the product could possess as the leading AR product.

Let’s go through the 10 most important announcements at the 2016 edition of Microsoft’s Build Conference.

Bots Everywhere

Probably the most important announcement, as far as the future is concerned, was the revelation about bots. Conversations will be the next platform for computing and it’ll be handled by AI (Artificial Intelligence) bots. These bots will respond to what people say.

Satya Nadella said that Microsoft had made an error with Tay, the teen social bot. Tay made some racist comments and was shut down after one day. It was re-enabled yesterday for a few minutes before it was shut down again due to a major glitch. Nadella said they want to get the best of humanity, not the worst. But perhaps, the bot got too close to humans and represented the real face of how humans act.

Nadella says that human language will be the next UI layer, bots will be the new apps and virtual assistants will be the new meta apps. AI will be behind it all and will be integrated into other services like Skype. Cortana is an example of an AI bot from Microsoft which works within a browser and Skype.

Bot Framework for Devs

As far as the developers are concerned, this was the best announcement. Microsoft will be making it easier than ever for Bots to communicate with any of the chat apps whether it be WhatsApp or Slack. The company also revealed some new tools for bots and gave an example of how to create a bot for Domino’s Pizza using these tools. These bots will support natural language and will be able to communicate with multiple apps.

All of this run using Cortana Intelligence Suite, which runs using Microsoft Bot framework. It is a cognitive services platform like computer vision and natural language which the developers can make use of. The platform includes 22 APIs, available from today.

Cortana is Now Smarter

Windows 10 Anniversary Edition will be getting a huge update in terms of Cortana’s abilities. It will understand events based on time and predict calendar appointments based on emails and texts. For example, it can identify what you were working on last night or where you were last week.

Cortana is also coming to the Xbox to help gamers find new titles and to share tips & tricks on gameplay. It will work better with third party apps, depending on the developer’s level of integration.

Skype and Bots

Microsoft is pushing Skype to be something superior compared to the rest of the communication apps. Skype will now be able to talk with Cortana, which will communicate with another bot and communicate the user commands properly.

A demo was shown on how a bot from Cups and Cakes asked for an address to complete a delivery. Cortana was a broker in the conversations and displayed a map with info on the estimated arrival time. It can also reply to people just like Google Smart Inbox replies.

All of this can work inside of a Skype call as users can add video bots to the chats.

The Next Windows 10 Update

Microsoft is calling it an “Anniversary Update” for Windows. It will include a few new features and improve Windows 10. The OS and its browser will be getting biometric authentication in a new and improved manner.

Microsoft talked about a Universal Windows Platform. It will be open and will work across all Microsoft devices, be it a smartphone, PC or HoloLens. There’s a new Linux command as well, which convert legacy apps to the app platform.

Xbox and Windows Gaming is Now Integrated

Microsoft started off with the announcement that Forza, the popular racing game, will be created as a universal app for Windows. So the same game will work on Windows and Xbox. The same goes for Quantun Break and Killer Instinct.

That desktop app converter mentioned before will also work with win32-based games. The company showed off how Age of Empires II HD can be downloaded from Steam and converted to a universal app. It works on the latest games like the Witcher 3 as well. These games get the same Live Tiles and Notifications after the conversion.

Xbox One now doubles as dev kit too. Games and apps can now be developed using any retail Xbox One. Desktop apps run fine on the Xbox and the software displays how an app would look like on a big TV screen. A preview of the dev mode for Xbox is available from today. Finally, Microsoft is creating a new unified app store which will work across PC and Xbox.

HoloLens is Now Shipping

Yes, the HoloLens is now shipping but only to developers. It is not meant for consumers and will cost a lot, but what it means is that the hardware is nearly finalised and it’s close to being on sale.

The first HoloLens app is Galaxy Explorer, an interactive set of holograms of planets and galaxies which can be manipulated via gestures. The app and its source code are available to developers now. NASA also showed off OnSight and Destination Mars for HoloLens which will let the user walk the red planet from a scientist’s point of view.

A couple universities displayed their medical apps for HoloLens. There was an anatomy program which showed a real life body and all its organs. A professor from across the country, connected as an avatar and taught a lesson to the students in great detail.

Windows Ink Improvement

Stylus will be getting improved support from now on thanks to “Ink Workspace” which consists of a few pen-powered apps. Write a sticky note with a stylus and Cortana will automatically remind you when it is time to do that task. If you draw two points of interest on a map, it will automatically tell you the distance and the directions. Dragging on text will automatically highlight it and so on.

Microsoft also showcased a bunch of virtual stencils and rulers which will help in drawing on a screen.

Universal Apps for Windows 10

A ton of games and popular apps are coming to Microsoft devices as Universal Windows Platform Apps. Microsoft showed how developers can add some new graphical styles to their apps like motion blurs and highlight effects. Developers can add some code into their apps making them Ink compatible.

The software giant showed off a new tool for developers which will let them convert all of their existing 16 million apps to the new universal platform.

Linux Command Line for Windows

Bash – “Bourne Again Shell” – will now be available in Windows. What it means is that Windows will support Linux and native Ubuntu commands and binaries will run on Windows. To top it off, Microsoft and Canonical worked on it together.

It’s a big deal for developers who had to use Linux or third party tools to code using Linux commands. Now all of that is built into Windows.

Microsoft Quietly Stops Accepting Bitcoins in Windows store

Microsoft reckoned Bitcoin was the future of payment system and added it as a payment option for Windows store at the end of 2014, but the company has silently pulled support for Bitcoin in the Windows 10 Store.

In November 2014, Microsoft struck a deal with third-party bitcoin payment processor 'Bitpay' that allowed people to use Bitcoin to purchase Microsoft’s products and services from Windows Stores.

However, Microsoft quietly updated the Windows Store FAQ that popped up "Microsoft Store doesn't accept Bitcoin."

The end of support for Bitcoin payments only applies to Windows 10 and Windows 10 Mobile stores. 

"Microsoft Store doesn't accept Bitcoin. You can no longer redeem Bitcoin into your Microsoft account," the update reads. "Existing balances in your account will still be available for purchases from Microsoft Store, but can't be refunded."

In short, you can make use of an existing balance in your account to buy your choice of apps from Windows store, but you can not add more Bitcoins or get a refund of your remaining balance.

So, you like it or not, from now on, you will have to use conventional money when buying apps or products from Windows 10 and Windows 10 Mobile stores.

Microsoft has not explained the sudden change in its policy. Bitpay is still operating, which indicates that there is no sour relationship between the company and Bitpay.

Microsoft's change of mind could be due to less number of people buying with virtual cash that gave the company no reason to continue keeping Bitcoin as a supported digital currency.

An official statement from Microsoft is not yet available, so let us wait what the company says about this sudden change.

Teenagers Reacts to Windows 95 - can't imagine

The majority of teenagers alive today weren’t alive in the 90s, meaning the oldest version of Windows they’re likely to be familiar with is Windows XP. If that tidbit makes you feel old, you might not want to watch the latest React video from Fine Brothers Entertainment, in which a bunch of teenagers are exposed to the wonders of mid-90s computing and Windows 95 for the first time in their lives. They’re not impressed. 

It starts with first impressions. “The fact that the monitor is bigger than the actual computer itself says a lot” said Daniel, 17 years old, who is young enough to only have vague memories of monitors and TVs that aren’t flat. “I’ve no clue what year this is from, but I feel like it was before the year I was born,” said Geneva, age 18, after seeing the mid-90s Dell. Her math checks out. 

The design flaws we all got used to are evident right away. When asked to turn on the computer, everyone hit the big button on the monitor and waited, something we all probably remember doing at some point. When the computer was turned on, the reactions kept coming. “I don’t think I’ve ever heard a computer make these sounds before in my life,” said Morgan, age 19, making anyone who felt nostalgic upon hearing the floppy drive click instantly feel 10 years older.

 Then the teens waited for the BIOS screen to go away. “This is taking a while,” said Karan Brar, reminding the entire planet what life was like back in ancient times when computers took five minutes to start up and Pterodactyls savaged our cattle. 

Things don’t get much better when the operating system’s boot screen is revealed. “95, as in, like, 1995?” asked Alicia, age 16, who has no memories of the 90s but will be able to vote in just two years. Then the operating system finally booted. “Everything looks so dull and ancient,” said Brar. “It seems more rough, the edges are more sharp, it’s a little more impersonal,” said Nora, age 18, who judging by that comment might have a future as a graphic designer.

But perhaps the hardest thing to understand for the teens was the lack of wireless connectivity. “How do you get on the Internet if there’s no Wi-Fi?” asked Alicia, as though the question itself were nonsense. When the produced tried to explain dial-up, things got even more confused. “You’d have to use your phone to go on Internet,” one teen said, while actually miming a smartphone in her hand. It shows just how much the meaning of the word “phone” has changed in the course of a generation. 

The process of connecting to dial-up did not impress anyone, either. “God this is such a pain in the ass,” said Daniel, age 17. It was, Daniel. It was. 

It’s easy to judge teenagers for not knowing their history, but realistically it’s not their fault. Anyone reading this likely never had to crank their car in order to start it, and probably wouldn’t know where to start if presented with a vehicle requiring that. 

“It’s not my fault I was born after this,” said Nora, age 18. She’s right, of course: time marchers forward, and kids have no control over when they’re born. We think this whole thing is a fascinating example of how computer and OS design has evolved over the years.