Monday, February 22, 2016

Just Opening a MS WORD file can HACK every file on your System


If you receive a mail masquerading as a company's invoice and containing a Microsoft Word file, think twice before clicking on it.

Doing so could cripple your system and could lead to a catastrophic destruction.

Hackers are believed to be carrying out social engineering hoaxes by adopting eye-catching subjects in the spam emails and compromised websites to lure the victims into installing a deadly ransomware, dubbed "Locky," into their systems.

So if you find .locky extension files on your network shares, Congratulations! You are infected and left with just two solutions: Rebuild your PC from scratch or Pay the ransom.

Locky ransomware is spreading at the rate of 4000 new infections per hour, which means approximately 100,000 new infections per day.

Microsoft MACROS are Back


It is hard to digest the fact that, in this 2016, even a single MS Word document could compromise your system by enabling 'Macros.'

This is where the point to appreciate hacker's sheer brilliance of tactics.


Locky ransomware is being distributed via Microsoft 365 or Outlook in the form of an Invoice email attachment (Word File that embeds vicious macro functions).

The concept of macros dates back to 1990s. You must be familiar with this message: "Warning: This document contains macros."

Now macros are back, as cyber criminals discover a new way to get internet users to open Microsoft Office documents, especially Word files that allow macros to run automatically.

How Does Locky Work?



Once a user opens a malicious Word document, the doc file gets downloaded to its system. However, danger comes in when the user opens the file and found the content scrambled and a popup that states "enable macros".

Here comes the bad part:
  • Once the victim enables the macro (malicious), he/she would download an executable from a remote server and run it.
  • This executable is nothing but the Locky Ransomware that, when started, will begin to encrypt all the files on your computer as well as network.
Locky ransomware affects nearly all file formats and encrypts all the files and replace the filename with .locky extension.

Once encrypted, the ransomware malware displays a message that instructs infected victims to download TOR and visit the attacker's website for further instructions and payments.

Locky ransomware asks victims to pay between 0.5 and 2 Bitcoins ($208 to $800) in order to get the decryption key.

One of the interesting note on Locky is that it is being translated into many languages, which heighten its attack beyond English boundaries to maximize the digital casualties.

Locky Encrypts Even Your Network-Based Backup Files


The new ransomware also has the capability to encrypt your network-based backup files. So it's time for you to keep you sensitive and important files in a third party storage as a backup plan in order to evade future-ransomware infections.

A researcher named Kevin Beaumont along with Larry Abrahms of BleepingComputer initiallydiscovered the existence of Locky encrypted virus.

To check the impact of Locky, Kevin successfully intercepted the Locky traffic yesterday and realized that the cryptovirus is spreading out rapidly in the wild.
"I estimate by the end of the day well over 100,000 new endpoints will be infected with Locky, making this a genuine major cybersecurity incident — 3 days in, approximately a quarter of Million PCs will be infected," Kevin said in a blog post.

One hour of infection Statistics:



Among the highly impacted countries include Germany, Netherlands, United States, Croatia, Mali, Saudi Arabia, Mexico, Poland, Argentina and Serbia.

Gmail Features Now on Non- Gmail Accounts with Gmailify


For the past year or so, Google has allowed users to check their other email accounts, like Yahoo, Hotmail or Outlook, from the Gmail app. Google is taking things a step further and has introduced a new feature today called Gmailify. This new feature will allow anyone to take advantage of every great feature available for Gmail users.

Gmailify Features

In other words, users will be able to check and manage their @yahoo.com, @hotmail.com, @msn.com or @Outlook.com mail accounts using the Gmail app. The added advantage here is the management of these email accounts using the Gmail interface and exclusive features. This makes a lot of sense for people who have multiple accounts on different email providers, but prefer to use and manage emails via the intuitive Gmail interface that they’ve grown to love.
This will allow anyone to take advantage of features such as Gmail’s spam protection, inbox organization, Google Now integration and more, just like those email accounts reside on Google servers. In addition to these, your non-Gmail emails will be organized like Gmail, i.e. in Social, Updates, Promotions and Primary categories. Double all of that with being able to search your other emails via advanced search operators, better notifications on smartphones and automatic Google Now integrations for all reservations and meetings. It’s almost a Gmail-like user experience.

How to Get Gmailify Working?

If you are already accessing your non-Gmail accounts using the Gmail app, you will still be required to opt for the Gmailify feature. Users will have to open the Gmail app, sign-in to external accounts and then enable Gmailify.

To link your non-Gmail accounts to Gmail, go to app’s Settings, tap on non-Gmail account and choose “Link Account”. This linkage enables the advanced Gmail features. After the accounts are linked, they will work on the Gmail apps and on the web (at mail.google.com). Users can unlink their accounts anytime they want as well.

Google is not alone in offering non-account holders to make use of their features. Other top email providers are also working on similar features for those who want to try different features without changing their current email address. A couple of months ago, Yahoo started allowing users to manage their Gmail and Hotmail accounts. Both Yahoo’s mobile apps and web merge with other accounts to offer features like Smart Contacts, Smart categories and password free sign-in. Microsoft even offers an import tool to transition from Gmail to its service easier.
At launch, Gmailify only works with Yahoo and Microsoft accounts, but Google promises that more providers will be added in the future.

P@SHA to Launch ‘Digital Pakistan 2020’ Campaign




Chairman of Pakistan Software Houses Association (P@SHA) Syed Ahmad, announced the launch of  ‘Digital Pakistan 2020’ campaign at its 3rd Grand Tech Executive Meetup held in Karachi this evening.

Previous two events in the series were held in Islamabad and Lahore, while the fourth meeting will be organized in Peshawar.
The event was part of an ongoing series to unite top tech executives in the industry with young and emerging startups to collectively address the issues that the industry is facing. The objective is to promote diversity in technology and innovation and collaborate with the Government to address impediments to growth, such as quality human capital, infrastructure and taxation related issues, that are being faced by individuals as well as companies in the IT sector.


Syed Ahmad explained that several other regional countries like Malaysia, Vietnam, Jordan, Indonesia and India have successfully established a knowledge-based economy powered by technology. “Digital Pakistan 2020” campaign aims to create a similar environment in Pakistan.
“The IT industry can address two of Pakistan’s major issues; creation of almost 300,000 new white collar jobs for the youth, and an export jump to reach 5 billion US dollars per year by 2020,” said Syed Ahmad.

According to Syed, P@SHA will be spearheading the Digital Pakistan 2020 campaign in collaboration with key stakeholders in the industry. However, support and strength of IT companies in big numbers would be needed to create a major impact and get quantitative results in this regard.

He elaborated that P@SHA is also in the process of creating separate community platforms for freelancers and startups in Pakistan, where they will be able to find information and advice on how to take their ventures forward. They will also be able to get their queries answered through an official platform and voice their concerns related to issues like payments, taxation etc.
The Pakistan Software Houses Association for IT & ITES (P@SHA) is the trade association representing the IT and IT Enabled Services sector. It aims to continue being the voice of the IT sector by providing platforms that are geared towards creating more opportunities for members of the ecosystem both domestically and internationally, create a collaborative sphere and arrange workshops and trainings aimed to enhance the quality of startups and freelancers.

Impressions from the Event

Many dignitaries and tech professionals were in attendance at the event in Karachi. Given Pakistan’s potential in IT, many of the attendees were of the view that official support and lack of education about IT amongst the decision makers at the provincial level was a serious matter that had to be tackled as well. For a country’s IT sector to flourish, there was a need to induct professionals who understand the ebbs and flows of the global, and more crucially, the local technological landscape at both the provincial and federal levels.

Even though the event focused on answering the queries of tech companies with regards to various taxation, political, technological and infrastructural issues that were unique to the Pak IT sector, a query was raised from one of the attendees about what P@SHA can do to better serve the interest of freelancers. Freelancers from Pakistan are another focus area for P@SHA, given how instrumental they’ve grown in bringing invaluable foreign exchange into Pakistan.

All in all, P@SHA has taken a step in the right direction, setting off a debate about the need for Pakistani tech companies to come together and represent the interests of a vital component of 21st century Pakistan.


Neverware CloudReady Turns old PCs into Productive use or Chrome OS Rigs


Do you have an old, unusable Windows PC from the 2000s that has become unusable? Want to give it a new lease of life? Then you need to migrate to Chrome OS.  A new startup called Neverware has started to bring the dual boot option with Chrome OS to old systems and laptops for free.

Neverware charges a fee for bringing the same option for enterprise or large buyers. The OS comes as a part of an update in the company’s CouldReady software. The option is not just limited to Windows. If you have a Mac you can still try it out.
As noted by The Verge, the result is quite similar to what you’d expect from a regular Chromebook. The system boots reasonably fast, the performance is understandably acceptable and most of all, the aging machine won’t compel you to tear your hair apart anymore as it’s actually productive.
There are also understandable some caveats with this.  Most notably amongst them is the battery issue which is lackluster to say the least. So if you have an old Windows laptop, you have to have a charger with you to make the most of it.
Yes, Chrome OS isn’t the most fancy but given how well it works on meager hardware, with more storage and RAM, if anything it will work only better with CloudReady.

How To Install

  • Get the install file from here. Its 593 MB large for Windows laptops.
  • Once the file is downloaded, you’ll need a USB drive of 1GB capacity minimum.
  • Check out the guide how to make a bootable USB installer for Neverware here. Once your USB is ready, keep following the instructions provided in the link to install it.
  • To run it, you will have to make a partition to install the OS. Don’t forget to read the fine print.
Neverware CloudReady only works with the UEFI mode on Windows 7, 8 or 10 for dual-booting purposes. Even if you are an enthusiast who hasn’t tried anything new in a month, this is a free treat you should take. That is until it is taken down, or anything.

Thursday, February 11, 2016

Google to Ban Flash Based Advertising - Bye Flash


Google had also joined the path of Apple, Facebook, and Youtube to kill the "Adobe Flash Player" by announcing that the company is banning Flash banner support from its Adwords Advertising platform.

"To enhance the browsing experience for more people on more devices, the Google Display Network and DoubleClick Digital Marketing are now going 100% HTML5" Google says.

It's been two decades since Adobe Flash has ruled the Web Space Animation Arena, which was the de facto standard for playing the online videos.

Flash Player had been famous for Zero-day exploits which are a potential threat to online users.

Even Adobe tried to maintain equilibrium by releasing a countless number of patches frequently (that got hiked), for instant reported vulnerabilities, but this had annoyed both customers and companies.

The endless troubleshooting of the Flash Player plugins never resolved the vulnerabilities.

To put a full stop on this issue... many major tech companies like Apple, Facebook, Youtube, Google Chrome, Firefox had been magnetized towards the new substitutor - HTML 5.
  • Facebook's Security Chief publicly called for Adobe to announce a 'kill-date for Flash.'
  • Google Chrome has also begun blocking auto-playing Flash ads by default.
  • In January this year, YouTube moved away from Flash for delivering videos.
  • Firefox also blocked the Flash plugin entirely.

By ending up Flash, all the above companies found a silver bullet to the security issues that have plagued Adobe Flash for years, as well as eliminated a third party dependency.

Steve Jobs was right about the end of Flash as he quoted as saying in his letter:
“New open standards created in the mobile era, such as HTML5, will win on mobile devices (and PCs too). Perhaps Adobe should focus more on creating great HTML5 tools for the future, and less on criticizing Apple for leaving the past behind.”
HTML 5 has gained a Word of Mouth Popularity by many developers and also have many advantages like to play the video smoothly, in fact, in a better way.

So, Google also officially declared that it would not support Flash ads in Doubleclick Digital Marketing from July 30, 2016.

Moreover, from January 2, 2017, the company will discontinue the support for Google Display Network as a part of complete Flash Wipe Out.

However, as a Result of this awful reputation, Flash Player would be rebranded as “Animate CC” with some additional features like the direct conversion of Flash Files to HTML5 Canvas files.

Adobe Animate CC – mostly looks like an update to the Flash Professional software – supports Adobe Flash (SWF) and AIR formats 'as first-class citizens,' along with other animation and video formats, including HTML5 canvas, 4K and WebGL output.