Fireball Threat Grows

A Chinese digital marketing company named Rafotech is behind a new wave of inter-connected adware families that found their way onto the computers of millions of users.

According to an extensive investigation, Check Point claims Rafotech has designed a very intrusive adware that hijacks people’s browsers with the primary purpose of redirecting traffic to fake search engines.

Image result for fireball adware

These fake search engines do nothing more than divert search queries through Google and Yahoo’s affiliate programs, earning the Chinese company a commission.

A Growing Fireball Threat

Rafotech spreads its adware by bundling it with legitimate software, sometimes without giving users the opportunity to opt-out of the installation.

This tactic has landed various of its adware strains on the computers of over 250 million computers, according to a rough estimation from Check Point’s team.

The most affected countries are India (25.3 million infections – 10.1%), Brazil (24.1 million – 9.6%), Mexico (16.1 million – 6.4%), and Indonesia (13.1 million – 5.2%). The US is also on the list with 5.5 million infections, accounting for 2.2% of the total global infection numbers.

To make this worse experts believe the adware made its way in over 20% of all corporate networks, which means that one in five companies has a computer infected with this adware, which Check Point nicknamed Fireball.

Fireball Brings Torjan Horse Threats With It

Once this adware reachs inside corporate networks the threat often evolves and make the situation much worse.

Check Point experts reported last week in a report that Fireball contains features that allow the Chinese company to push and execute any file (malware) to the victim’s computer.

Because the adware is so intrusive at the browser level, experts fear that its maintainers would have no technical impediment from switching from a revenue model that’s based on traffic redirection and ad injection to something that involves stealing user credentials.

Fake Search Engines

If you’re wondering how come you’ve never heard of a malware family that infected over 250 million computers, the explanation resides in the fact that Check Point refers to all the adware created by Rafotech as Fireball.

Adware strains like the one Rafotech create are usually referred to by the name of the site it redirects traffic to.

Some of these fake search engines to which Fireball adware strains redirect traffic can be found in the Alexa Top 10,000 most popular sites on the Internet. Some of these fake search engines receive so much traffic that a few managed to break into the Alexa Top 1,000 site list, well above many legitimate sites. This shows the massive scale of Rafotech’s operation.

Warning Signs of Infection

If your home page has changed or if you are continually sent to a weird search engine your PC is probably infected with some sort of adware or Trojan Horse.

Share This:

Skype Gets Big Update

Skype is getting its biggest face-lift in years, ditching its light-blue theme for a customizable interface and features aimed at the way young people communicate, from emojis to a Snapchat-like recap of the day.

In addition to the cosmetic changes being made by Microsoft, the update modernizes Skype’s underlying infrastructure, years in the making, in an effort to give the service the reliability needed to compete with upstarts in the crowded world of communications software.

Image result for skype reboot

The service’s former backbone — peer-to-peer connections that linked a caller to their target through a direct line — is being replaced in the update by Microsoft’s network of data centers. Some of users’ complaints about the service, including phantom notifications or calls that were missed entirely should – for the most part be resolved by this upgrade.

Skype, which Microsoft scooped up for $8.5 billion in 2011, was a pioneer in voice and video calls made over the internet, instead of wired telephone connections or cellular networks.

Today, such internet communications tools are commonplace, and some have lapped Microsoft’s product in usage.

Facebook Messenger and Facebook-owned WhatsApp each boast more than one billion users. China-focused QQ and WeChat aren’t far behind, and Google and Apple are both investing in communications tools tied to their expansive mobile platforms.

A year ago Microsoft said Skype had 300 million “monthly connected users,” little changed from 2013.

In addition to the new Snapchat-like “Highlights” feature that compiles recent photos and videos into a shareable reel, the update places greater emphasis on tools to find friends and quickly fires off emojis or reactions in response to chats and videos.

Automated chatbots, a push by Microsoft as it aims to build more intelligent software, have been given a prominent home in the new Skype. Through a text window, users can summon Expedia to search for flight prices, or ask StubHub about concert tickets. But that functionality remains limited, and many software developers are only now getting their hands on the tools to make such Skype bots.

The update will began going out late last week, first targeting mobile devices running Android and, afterward, iOS. The software is expected to make its way to the desktop edition this summer.

Skype’s workplace cousin, Skype for Business, isn’t affected by the change.

Share This:

OneLogin Hacked

Its the same old story all over again. Another online company has been hacked and thousands of accounts exposed. This time, ironically it was a “password manager” services company that was hacked.

Image result for onelogin hack

Password manager OneLogin suffered a massive data breach Wednesday, and the attackers may have gained access to sensitive customer data, such as login information for a variety of companies. OneLogin manages login credentials for a variety of cloud applications for more than 2,000 enterprise clients.

OneLogin has stated that its investigation is ongoing, wrote on its blog Wednesday that the attacker was able to access database tables that contain information about users, apps, and various types of keys. “While we encrypt certain sensitive data at rest, at this time we cannot rule out the possibility that the threat actor also obtained the ability to decrypt data,” the company wrote in a letter to clients.

The attack began on May 31 when a malicious actor somehow obtained access to a set of Amazon Web Services (AWS) keys and used them to access the AWS API from an intermediate host with another, smaller service provider in the U.S., according to the company.

Through the API, the attacker was then able to create several instances of the company’s IT infrastructure to probe the company’s system. The company said it was alerted to the unusual database activity seven hours later, at which point it shut down access to the affected instance and the AWS keys associated with it. The breach is thought to be enormous, as all of company’s data centers in the U.S. were hacked.

The possibility that the hacker may have obtained enough data to decrypt the encrypted credentials, meanwhile, could mean that thousands of businesses, including Yelp and Pinterest, may need to change their login information for every cloud service they use.

The details are still hazy, and OneLogin has yet to make a public announcement about exactly what data has been stolen. But in the meantime, the company has apparently contacted all of its clients to advise that they immediately reset any passwords stored on OneLogin’s servers.

This is not the first time that OneLogin has suffered a breach in recent months. The company also suffered a breach from July to August when an attacker using a OneLogin employee’s password was able hack its servers and access company analytics and logs.

Share This:

Parallel Universes Might Exist

The idea that we might be living in just one of an infinite number of universes is not a new scientific concept and scientific debate surrounding this possibility has been going on for decades. The idea that we may be living in just one of countless universes has also been a popular narrative in science fiction as well.

The crew of Star Trek’s Enterprise has encountered multiple universes in several occasions – always leading to complex & exciting adventures.

Up until recently provable evidence to support this theory has been hard to come by. Now, researchers have discovered something in space that they can’t quite account for, and one of the possible explanations is that our universe actually bumped into a neighboring, parallel one. That’s right our universe may have had a car crash with another universe.

What the Heck Happened?

When gazing into the heavens, scientists spotted what they refer to as a “cold” area of space. It was observed some time ago, and explaining it proved difficult. Originally a 2015 study suggested it was merely an area of the universe in which the number of galaxies is dramatically lower than the rest. However subsequent investigations couldn’t support that finding, and a new study by Durham University suggests the slim possibility that it’s actually evidence of parallel universes.

The multiverse theory hinges on the idea that all possible outcomes of any given scenario are all playing out at the same time in a layered reality of which we are only experiencing one of those layers. It’s a wild idea that has a foundation in quantum mechanics, but it’s also entirely unproven. But could it be true?

As the study suggests, the researchers believe the mysterious cold spot, while still totally unexplained, could actually be “the remnant of a collision between our universe and another ‘bubble’ universe during an early inflationary phase.” In short, if the idea is correct, our early universe collided with another young universe early on, causing something of a “bruise” which we are able to observe today.

Mind blowing isn’t it? Its looking more and more like we are not alone.

Share This:

Keyboard Tricks for Windows

Another quiet week in the tech world gives us some more time for actual technology tips. Lets look at some keyboard shortcuts you can use to make your life easier with Microsoft’s Windows.

High Contrast: SHIFT + ALT + PRINT

In its default setting, this shortcut opens a warning window before applying any changes. Click Yes or simply hit Return to switch to the high contrast setting.

This will enlarge the font on all open windows and change colors to high contrast. For example, the desktop will turn black, what was black text on white background before will be reversed. Clicking the same key combination again reverts the changes.

Switch Between Open Windows: ALT + TAB

This keyboard shortcut launches a layover window that shows all open programs. Hold onto the ALT key and click the TAB key to move to the next application. Release both keys to open the selected window.

You can reverse the direction by holding ALT + SHIFT while pressing the TAB key.

Delete Without Confirmation: SHIFT + DEL

Do you hate these nagging windows asking you whether you really want to do this or that. If you want to quickly delete something, without being harrassed for a confirmation, use this shortcut.

Do you want to make the instant delete route your default setting? Right click the Recycle Bin on your desktop, select Properties, and remove the checkmark next to Display delete confirmation dialog.

Show Desktop / Restore Open Windows: Windows key + D

Rather than moving your mouse into the bottom right corner of your screen to see your desktop, press this keyboard shortcut. Press it again to restore your windows exactly as they were before.

Lock System: Windows key + L

You should never leave your desktop unattended. Before you head out to the loo or to grab another coffee, press this keyboard shortcut to lock your system. When you return and log back in, all programs and windows will appear the way you left them.

Run Command Prompt as Administrator: Windows key + R, type cmd, hold CTRL + SHIFT, hit ENTER

This is one complex chain of commands. But if you manage to do it right, you’ll have instant Administrator access to the command prompt.

Unfortunately, this shortcut doesn’t seem to work anymore as of the Windows 10 Creators Update. Alternatively, press Windows key + X to open the Quick Access Menu, then use the UP/DOWN arrow keys to move the Command Prompt (Admin) entry, and hit ENTER.

Shut Down: Windows key + X, U, I / U / R / H / S

You can shut Windows down with a few button clicks. It all starts with Windows key + X to open the Quick Access Menu, followed by the U key to expand the Shut down or sign out options. Finally, press I to sign out, U to shut down, R to restart, H to hibernate, and S to sleep.

Create Your Own Desktop Keyboard Trick

Are there folders or applications you need a lot? Why not create your own keyboard shortcut to quickly access these tools.

Note: This will only work for shortcuts located on your desktop!

First you need to create an actual desktop shortcut. In Windows 10, this has become a little more tricks. Right-click on the application in its program folder or send it from the Start Menu to the Taskbar and SHIFT + right-click its Taskbar icon, then select Create Shortcut from the context menu.

Make sure the shortcut sits on your desktop. Now right-click the shortcut and select Properties. You should see a line that says Shortcut Key: None. Click that line and then click a letter on your keyboard, for example P. This will create a shortcut, here CTRL + ALT + P.

desktop shortcut

And there you go, now you have your own personal shortcut key.

Share This:

Fixing Adobe Acrobat in Windows 10

Life is good. Microsoft Edge is your new default web browsing experience on Windows 10, and it offers a new streamlined interface, speed improvements, and a lot of new features, including the ability to open PDF files. However there is where a problem emerges for some of us.

While the PDF reader is a convenient feature, it currently only offers some basic functionalities, and out-of-the-box, Windows 10 makes it your default system PDF reader whether you like it or not. If you prefer to use a more advanced application, such as SumatraPDF, Xodo, or Adobe Acrobat Reader, or after a Windows 10 upgrade your settings aren’t preserved, you may want to change your settings to disable Microsoft Edge as your default PDF reader every time you open a file.

Lets walk through the steps to change your system settings to stop opening PDF files in the web browser by default.

How to disable Microsoft Edge as default PDF reader

In order to disable Microsoft Edge’s PDF feature, you need to change the file association, which you can do with the following steps:

Using the Settings app
  1. Open Settings.
  2. Click on Apps.
  3. Click on Default apps.
    • Note: If you’re still running the Windows 10 Anniversary Update, the path is Settings > System > Default apps.
  4. Click the Choose default apps by file type link.
  5. Scroll down and find .pdf (PDF File), and click the button on the right side, which is likely to read “Microsoft Edge.”
  6. Select your app from the list to set it as the new default.
  7. Click the Switch anyway link to confirm the change.

Once you completed the steps, Microsoft Edge will no longer open PDF files by default in the web browser.

Using the file context menu

Alternatively, you can quickly make another app as your default PDF reader, using the following steps:

  1. Right-click a PDF file.
  2. Select Open With.
  3. Click on Choose another app.
  4. Select the PDF application you want to use.
  5. Check the Always use this app to open .pdf files option.
  6. Click OK.

If you don’t see the app you want to use in the list, click the More apps link at the bottom of the list. You can also click the Look for another app on this PC to find the PDF application you want to set as default.

Share This:

10 Cool Hidden iPhone Tips

Happy Memorial Day Weekend Dedicated Readers. Here are some cool tips if you have an iPhone!

Apple’s iOS platform has a very simple and intuitive user interface which in many ways explains its popularity.  However the platform continues to grow more and more complex with each passing year. The iPhone is the kind of device that just about anyone can pick up and figure out how to use quickly, and yet it also hides all sorts of cool features and functions that even the most savvy users probably don’t know about.

Image result for iphone tips

Learning about cool secret features that are hiding in your iPhone is always fun because it makes your phone feel fresh and new. There are countless hidden tricks with more being discovered all the time. Here are some of my favorite ones that in most cases will be helpful to iPhone users.

Delete text faster: When you tap and hold the backspace key on the iPhone’s keyboard, the delete rate speeds up after a while. But here’s a trick we bet you didn’t know — if you press harder on the backspace key on any iPhone with 3D Touch, it’ll speed up instantly. Deleting will also slow back down if you release some of the pressure.

Quickly and easily turn off the flashlight: Being able to turn on the iPhone’s flashlight from Control Center while the phone is locked is super convenient. But having to swipe back in and tap the button again to turn it off can be annoying, especially when your hands are full. Instead, simply start to swipe our lock screen to the left like you’re opening the camera, but only swipe a tiny bit and then let go. Your phone will think you’re opening the camera app and the flash will turn off.

As someone who walks a dog late at night every day, I can confirm that this trick definitely comes in handy when you’ve got an iPhone 7 Plus in one hand and a bag full of 🐶💩 in the other.

See all open Safari tabs: Isn’t that cascading list of Safari tabs annoying? Instead of scrolling around looking for something, turn your phone to landscape while on any tab. Then pinch the screen like you’re zooming out on a photo, and you’ll see all of your open tabs like this:

Open Spotlight in any app: Sometimes you want to search your phone without opening the Notification Center. You can — with any app open, just pull down from the top of the screen like you’re opening Notification Center, but stop when just the search field is visible and you feel a little haptic vibration.

Easy package tracking: Did someone send you a package and then text you the tracking number? Tap and hold on the tracking number in the Messages app and an option will pop up right there to track it.

Prioritize app downloads: Via Reddit, did you know you could prioritize your app downloads? If you’re in the middle of downloading and/or updating a whole bunch of apps but there’s one in particular you need, just 3D Touch the icon and you’ll get this menu:

Infinite zoom on any photo: It’s kind of annoying that you can only zoom in to a certain point on photos you capture on your iPhone. Check this out — tap the edit button, crop the photo just a tiny little bit, and save it. Now you can zoom in infinitely! Things start to get a little weird after you zoom in too far, so try not to get lost.

Search for words on a webpage: Okay, this one is HUGE. Most people have no idea that you can actually search for words on a webpage in mobile Safari just like you can in a desktop browser. One any webpage, type the word you’re looking for in the URL bar but don’t tap “Go.” Instead, scroll down and you’ll see an option to search for the word, and you can then tap through each instance. Here, you can see that I searched for the word “echo”:

Close all Safari tabs at once: This is a big one for people who leave tons of tabs open and decide they need to start fresh. Just tap and hold on the tab switcher button in the bottom-right corner in Safari, no 3D Touch needed. A little menu will then pop up and give you the option to close all tabs.

Drag share sheet options to rearrange them: Here’s another trick that comes courtesy of Reddit. If you want to quickly reorder your options on the iOS share sheet, simply tap on one and drag it around. Here’s a screenshot that shows how it works:

There you go – 10 cool hidden iPhone tips. These are only the tip of the iceberg when it comes to hidden features in Apple’s iOS.

Share This:

Facebook Improves Trending Topics

Today Facebook introduced a couple of changes that make it easier to spot trending topics and the coverage around them. This is good news to me because I find Facebook’s newsfeed incredibly frustrating.

Image result for facebook trending topics

The first change is that there’s a bit of a visual redesign. Previously, clicking on a trending topic would highlight a story from one publication, and you’d have to scroll down past a live video section to view related stories. Facebook is replacing that system with a simple carousel, which does a better job of showing you different coverage options.

To be clear, the change doesn’t affect how stories are sourced, according to Facebook. It’s still the same algorithm picking out some of the most popular stories about the topic. Facebook’s is simply making it easier to see other options, which is certainly an improvement.

Second, Facebook is now putting trends right in your News Feed on mobile devices. Previously, they would be hidden within search, which isn’t exactly intuitive. Instead, Facebook will now just display the top three trending topics on your News Feed, after which you can click through to see other trends. Thankfully, Facebook gives you the option to remove it if you’d rather avoid trends altogether.

The new trends carousel is rolling out to iOS today, and will arrive on Android and desktop soon. Meanwhile trends in your News Feed is just a small test on mobile devices for now, so not everyone will see it, but we wouldn’t be surprised to see it roll out widely in the future.

Share This:

Qakbot Attacks

Another week, another cyber-threat threatens the security of both individuals and business alike. This latest one, Qakbot has a special emphases on taking down business networks. It is just the latest cyber-threat and you can be sure that there will be many more – even more destructive ones to come. These threats will continue until our behavior changes in respect to how seriously we treat internet services. Security solutions are incredibly important, however even the best security solution cannot be 100% effective in this ever changing tech world. Cyber-criminals are continually changing their modes of attack and security solutions are often playing catch-up. The way we interact with internet services is the key to not only protecting ourselves – but each other. I touch on some of my recommendations for protecting yourself at the end of this article.

Image result for malware trojan

Introducing Qakbot

On Tuesday, researchers from Cylance said that Qakbot, an information-stealing Trojan and backdoor malware that targets the Microsoft Windows operating system and 64-bit browsers with a a target against business/enterprise users is on the loose.

Qakbot is a self-propagating kind of malware that has been circulating for several years now. The Trojan can spread not only through networks and external drives and devices but also focuses on stealing valuable credentials and taking control of the networks it has infected.

There has been a resurgence of the malware, according to Cylance, which had been made even more evasive and persistent with new, polymorphic features that enable the malicious code to squat in business networks for longer and “easily thwart legacy endpoint security solutions” by the use of muddying code, as well as constantly-evolving file makeup and signatures.

The Evil Tricks of Qakbot

Once a system has been infected with Qakbot through exploit kit use, phishing campaigns or malicious downloads, the malware does not lock a system in order to hold a business to ransom.

Instead, Qakbot is able to lock out Active Directories and once credentials have been stolen, use these to spam neighboring hosts and disrupt corporate activities. In turn, this may result in the compromise of additional hosts and further spread or the user accounts related to the authentication attempts being locked out.

New samples of the malware suggest that Qakbot now also targets victims globally due to the inclusion of international character sets, and a recent surge in attacks means that companies should stay on their guard against suspicious downloads or activity and keep their systems up-to-date to prevent infection.

Protecting Yourself

I do not mean to sound like a broken record each time I report on the latest security attack, but I have no choice. Protecting yourself against most security intrusions is actually quite easy, and you will find these tips throughout this fine blog. In fact what you see below is copied from my earlier post regarding the Wannacry Ransomware threat on May 15, 2017.


It is incredibly important to do the following:

  • Always make sure that you install the latest updates & patches for your operating system, especially Microsoft Windows.
  • Make sure you have an up to date anti-virus program running on your computer.
  • Do not click on links or attachments in email unless you are 100% certain it is legitimate and that you have requested it. If you are not sure about a hyperlink or attachment contact the sender directly to ask about it.
  • Do not visit questionable able websites.
  • When you are browsing website be certain to read carefully any dialog box that pops up before clicking on it.

Last but not the least, make sure that you run a backup of your system files regularly. If your PC gets infected and your important files are encrypted, you can get them later.


Thanks to ZDNet for being on top of the Qakbot story which much of this information was attained.

Share This:

Manchester Terror Highlights the Power of Social Media

Tragedy almost always brings out the best in people. Social media services often get bad press and perhaps this criticism is deserved sometimes. However as we found out during last evening’s tragic act of terror in Manchester social media often steps up and provides help to those caught in terrible events.

Image result for facebook safety check logo

Last night, shortly after the terror attack in Manchester Facebook began helping people connect to those who were impacted by the tragic events at Ariana Grande’s Manchester Arena.

Hours after the incident unfolded, the Greater Manchester Police confirmed that there were 19 fatalities (this number rose to 22) and as many as 50 people injured in an explosion just as Grande wrapped up her set at the 21,000-seat sports and music venue.

Police and emergency services quickly began working at the scene to evacuate those trying to flee the arena and others who’d been injured in the blast.

Police at Manchester Arena

To help those impacted by Monday’s explosion get in touch with their loved ones, Facebook quickly initiated its Safety Feature for anyone in the Manchester area. I have reported on this a couple of times in the past and you can read the earlier articles here.

All you need to do is click this link, and then tick the box for Safe if you are indeed safe. The Safety Check also lets you connect with friends or loved ones who were also in the area.

The service has been used by Facebook in the aftermath of natural disasters, and incidents like the November 2015 terror attack inside Paris’ Bataclan concert hall.

Tragic events bring out the best in most people and as you can see the same is true for social media services like Facebook.

Share This:

1 2 3 4 5 148