Author - Dana Vioreanu

A new Microsoft Office malware planted by Russian Fancy Bear hackers

A new cyber-attack has been spreading through Office documents without the macros. Fancy Bear, an advanced hacking group is behind this malware and security specialists believe the group has links with the Russian government.

The malware basically infects computers using Microsoft Office documents through the DDE (Dynamic Data Exchange) feature. Fancy Bear hackers send a Word document called “IsisAttackInNewYork.docx” as bait.

If the target opens the file, it connects to a control server, downloads the malware called Seduploader and installs it on the computer.

Read More

Think twice before buying gadgets that invade your privacy

Winter holidays are approaching, and you probably already started to make Santa’s list for your family members and friends. Maybe you even started to look out for bargains (after all, Black Friday is just around the corner). Speaking of the one-time a year shopping extravaganza, you should think twice before buying some awesome gadgets you think you need, even if they’re on sale.

Some of them hide some interesting tricks that are not in your benefit in terms of privacy. You may have already heard (or even experienced yourself) the downsides of incredibly good looking and smart gadgets like Alexa or Echo. These are just a few examples of gadgets that happen to look into your home, or make instant pictures without you even knowing. And you have no idea what happens with those pictures and videos and where they end up. Ok, you have a hunch where they’re going and that’s why it’s so concerning.

Here is a random list of some of the most prying gadgets and IoT (Internet of Things) tools you should avoid if you truly care about your privacy:

Toys

Edwin the Duck rubber duckie

Now, this seems a cute and harmless toy! But don’t be fooled because it’s not a normal rubber duckie (especially if you consider its price, e.g. 49 USD) although it looks like one.

Read More

Latest CyberGhost updates: fresh server locations and streaming channels

CyberGhost largely supports internet freedom and is continually looking to satisfy a larger number of users. That is why in October, we added 10 new countries to our server park, thus reaching a total of 40 server-locations. And that is just in one month, plus more servers are about to be added soon.

Until then, here are the latest CyberGhost server locations (each country including 4 servers, totaling 40 new servers).

  • Brazil
  • Moldova
  • Bulgaria
  • Croatia
  • Albania
  • South Africa
  • Portugal
  • India
  • Costa Rica
  • Slovakia
#CyberGhost added 40 new #servers and launched the most wanted #streaming channels Click to Tweet

If you want to see the entire list of CyberGhost servers and locations, check out our servers overview dedicated web page.

Switching to the SHA256 authentication algorithm

News number 2 is that starting November 2nd, 2017, your connection to CyberGhost will be made through the SHA256 authentication algorithm. This change came due to many requests from our users in this sense. If you are using the CyberGhost app, no need to worry on any new configuration set up. However, if you want to install CyberGhost on Linux, routers and other devices, either download a new configuration file from account.cyberghostvpn.com or manually change from “auth md5” to “auth sha256” from the Security tab.

Read More

Concerning flaws in iOS 11 and news about Apple’s X facial data

If you have mixed feelings about Apple’s iOS 11, you’re not the only one and you’re completely entitled to. iOS 11 has kind of disappointed Apple fans.

First, it was the common complaining many users had about how iOS 11 has slowed down their phones and the functioning of apps in general.

Now, everyone talks about a new flaw: that of turning “off” the Wi-Fi and Bluetooth which doesn’t seem to be OFF after all. Apparently, switching your app from blue to grey does not mean that you disconnected the service.

Here’s what happens:

Your iPhone will disconnect from Wi-Fi networks, but will stay on for Apple services and other Apple devices (like Apple Watch and Pencil) stay connected. Not only this creates a security loophole, but Apple didn’t even communicate this important detail to users.

A similar thing happens when turning Bluetooth “off”: it will disconnect other Bluetooth devices connected to your phone but it does not actually turn off the Bluetooth service on the iPhone or iPad.

Since these two elements didn’t happen with older iOS versions, here is what you can do to fix the trouble:

Go to the “Settings” app and flip the switch to the OFF position to completely disable Wi-Fi and/or Bluetooth.

This is not much of an effort but it’s best that you know about it and take action so you don’t keep your phone exposed to any possible hacks.

How Apple developers can use facial data

Other news about Apple is related to the fact that the company allows developers who work on improving new Apple X features to access users’ facial data. This is done with their consent, but it still raises some privacy issues.

A flaw in Apple's #iOS 11 regarding Wi-Fi and how #iPhoneX wants to improve #facialdata Click to Tweet

The reason behind this decision is to just create a users’ complete map of facial expressions, such as analyzing how people smile, blink or raise an eyebrow. While the arguments seem fair, many have concerns regarding the way these data will be used. Security specialists believe that collected data may be used for advertising or marketing reasons, such as selling it to marketers, so they would know how people react to commercials.

This is just a heads-up alert and maybe you should think twice before saying “Yes” to a new feature or when a company asks your consent for something.

Ready to be scared? Unlock creepy Halloween movie series with Cyberghost

Happy Halloween! Or rather Scary Halloween!? If you’re the kind that enjoys a horror movie on Halloween night, after you satisfied all the trick and treaters, CyberGhost is about to surprise you with some interesting suggestions.

As you know (and if you don’t: surprise!), CyberGhost helps you unlock some popular streaming services so you can enjoy watching your favorite shows or discovering new ones.

Here is what horror and thriller TV series you can watch with CyberGhost and our cool Unlock Streaming profile:

FOX

The Exorcist

Based on the famous novel of the same name, The Exorcist tells the story of a family believed to be either haunted by evil spirits or having their souls captured by the devil. The family brings two priests into their house hoping they could bring their lives to normal. However, priests are caught in a fierce battle against an ancient force of evil.

The Purge

The story of The Purge focuses on a troubled America nation where a governing political organization decides that every year, during is a 12-hour period, any crime including murder is legal. During this time, only certain weapons are allowed to be used, while the police, fire and emergency services are not available.

SKY

Hannibal

Following the same plot as Ridley Scott’s movie from 2001, Hannibal TV series centers on the relationship between FBI special investigator Will Graham and psychiatrist Hannibal Lecter.

Read More

Implementation of ePrivacy Regulation – re-gain control over your personal data

A privacy law proposed by the European Commission is about to set a new model in terms of online privacy for people residing in Europe. The ePrivacy Regulation was initially drafted in 2002 and was revised in 2009. In the beginning of 2017, the EU updated the text and introduced new policies regarding users’ prior consent when it comes to websites and marketing companies processing and controlling their own personal data.

The updates will bring significant changes to the web surfing activity, if they are indeed approved. The legislation still needs to be approved by the member states during a vote that will be held in a Parliament plenary session in Strasbourg next week.

These new privacy proposals align with changes suggested by the GDPR (EU General Data Protection Regulation); the organization has as main aim to make sure EU citizens enjoy online privacy and are protected from data breaches. The difference between the two is that GDPR wants to enhance Article 8 of the European Charter of Human Rights referring to personal data protection, while the ePrivacy regulation is meant to complement Article 7 of the charter in respect to a person’s private life.

The fundamental changes of the ePrivacy rules refer to:

  1. Cookies law – give your consent for web tracking

Read More

Beware of the Bad Rabbit new wave of ransomware

Initially, Bad Rabbit was thought to be similar to the Petya and WannaCry outbreaks that have corrupted Windows computers. However, according to researchers from Kaspersky Lab, Bad Rabbit is actually linked to the ExPetr (notPetya attacks).

The malware has hit the systems in Ukraine, Turkey and Germany, but the largest number of victims affected by the attack are from Russia. Here, three important news agencies have been attacked; Interfax, one of them, has complained their servers were deeply affected, making the company distribute their activity solely on their Facebook account.

In Ukraine, Bad Rabbit has damaged the systems of the Kiev Metro, Odessa airport, and Ukrainian ministries of infrastructure and finance.

Additionally, U.S. security experts have mentioned that they have been receiving complaints regarding malware infections in other countries around the world as well.

This is what we know about Bad Rabbit so far:

How it infects your computer

Security firm Eset has discovered the malware is spread via a bogus Adobe Flash update.

Read More

© 2017 CyberGhost