Processor Bug, Beware of the Fake Update That Steals Data

A group of hackers tried to take advantage of the fame of Meltdown and Spectre to spread a dangerous malware disguised as patches.

Meltdown and Spectre, the two bugs of processors discovered at the turn of the end 2017 and beginning 2018, have attracted the attention of the press around the world and prompted users to install any type of update happened to shoot. And, it is worth pointing out, it was not at all an obsessive-compulsive behavior. Indeed.

The only weapon available to defend against the bug of processors and to secure the data of computers and smartphones is represented precisely by the updates that software house and manufacturers are releasing at a pace sustained in recent weeks. A very delicious opportunity that various groups of cyber-criminals have not escaped: As reported Malwerbytes, a few days to this part is available online a fake patch for Meltdown and Specter that infects computers on which it is installed. This way hackers have direct access to PC resources and can steal data and information from the hard drive.

Phishing attack to exploit Spectra and Meltdown

To maximize the spread of the virus, hackers have set up a phishing campaign that verges on perfection. Several thousand users-especially in Germany, but it is not excluded that the campaign can soon extend to other nations-have received messages by e-mail or via chat in which they were invited to visit a web portal (apparently linked to German Federal Office for Information Security) from which to download the Windows patch for Specter and Meltdown.

The file, called “Intel-AMD-SecurityPatch-10-1-V1” has nothing to do with the bug of processors, but tries to take advantage of the notoriety it has acquired to spread the malware smoke Loader, a sort of Trojan that opens the computer ports to other malware and Virus. This allows hackers to access the computer’s hard drive and have free access to all of our information.
Updates only through official channels

In addition to warn against attack attempts, Malwerbyte experts remind all users that updates are circulated only through official channels and not through external portals, they were also linked to government agencies. Among other things, Microsoft has already released its patch for Meltdown and Specter, self-downloaded from the operating system for all those users who have activated Automatic Updates.

5 Tips to Create the Website of Your Clothing Store

To expand the business of your clothes shop you need to open an Internet site: Here’s what to do to make it perfect.

The clothing sector is the one that has suffered the most effects of the economic crisis of past years. To complicate further the business, then, came the many e-commerce that allow you to buy various items and shoes directly from the desk at home at prices usually lower than those of a store.

This does not mean that there is no hope for small-to-medium sellers. In fact, thanks to the web can be able to widen their turnover and increase the volume of sales. The important thing is to be able to carve out – or, even better, create yourself – your own commercial niche and take advantage of all the opportunities that the network offers. Creating a site with e-commerce, therefore, is the starting point for a clothing store that wants to see your online presence grow. To be successful in such a competitive sector, however, you need to follow some steps to create a captivating Internet site and use the tools that makes the network available.

If you are not a major programming expert and you do not have a high budget to create your Internet site a good choice is free pages, the service of Italiaonline that allows you to make a free site starting from the Facebook page of the store. By synchronizing the website with the Facebook page, you can decide to directly import the news, posts, events and photos shared on the social network (but only those that are considered important). Users have great freedom in setting up the website: they can choose the graphic theme (all responsive, that is optimized for navigation even from mobile), the name of the domain and also create an e-commerce. Free pages, in fact, also offers a paid form that allows you to integrate within the website a virtual store where to sell your merchandise. And all spending much less than the communication agencies.

E-Commerce Form

A website “Showcase” is obviously not enough to increase the sales and turnover of a clothing store. With free pages It is very easy to add the e-commerce module to your site and have in a very short time an online store where to start selling your merchandise. Just set up the product catalog, fill in the description of each item, fix a price and a payment method (Paypal) and start promoting your own store!

Investing in SEO

SEO stands for search engine Optimization and indicates the strategies used to emerge on search engines. If you want to succeed with your own e-commerce you can not ignore the investment in SEO: getting traffic from the search engines allows you to introduce your Internet site and your shop and increase sales and turnover. Adopting a good SEO strategy is not simple and you need to invest some time on the matter. First you need to choose which keywords you want to place your Internet site on. It is preferable, at least at the beginning, to focus on a market niche so that the results arrive faster. The keywords to bet on must contain the characteristics of the products we sell. For example, if we are a vintage clothing store the most important keywords are “vintage clothing store”; “Cheap vintage Clothes”, “vintage dresses years ‘ 50”. To choose which keyword “Invest” You can use free programs such as Answerthepublic or Google’s keyword Planner.

Quality and Live Photos

The photos make the difference between success and failure. Especially when it comes to clothes and clothes. One of the main problems from having to defeat when it comes to an e-commerce site is the difficulty of users to choose the size and understand how the shirt is made. For this reason we recommend you to take pictures “live”, with “real” models (you could ask for help to your family and friends) that show how they are made shirts, trousers and everything you have for sale. Do not forget to check the light in the photos: Dark images do not invite to buy.

A way to involve your customers is to send them regular mails where you can hear new arrivals and promotions. Newsletters are one of the easiest ways to attract traffic to your Internet site. But to send emails you need to get the consent and email address of the users/customers. Free pages allows you to integrate in your e-commerce a Newsletter form that helps you to collect the user’s e-mail addresses. All very easy and fast.

About Us and geolocation

One of the secrets to being successful with an e-commerce is the relationship of trust that is established with users/customers. For this reason it is necessary to create an ad hoc page to describe “who we are” and where the physical location of the shop is located. This way, if the user/customer lives nearby, he can make a jump to the store and see live the outfit he wanted to buy (and why decide to buy two products instead of one).

Fingerprint Theft for Android Smartphone at Risk

As part of the Black Hat conference, it was found that the next frontier of hacking could be the theft of fingerprints from smartphones, tablets and notebooks. And it wouldn’t even be that hard to steal, especially from Android phones.

At the Black Hat conference in Las Vegas, two researchers from FireEye (a leading company in the field of computer security solutions) spoke in depth about the new frontier of hacking: fingerprint theft.

Said so it would seem the plot of a spy movie, but in reality there is nothing more current: Many smartphones, especially the iPhone but also many Android, have a fingerprint reader used daily. And if it is true that 90% of people use it to unlock the phone, its purposes go well beyond: fingerprints are used with increasing frequency for payments (think of Apple Pay in America, for example), but also for issues of immigration and Rilvezione of IDE Ntità, which makes their protection fundamental for every device that makes use of it. Stealing them would mean allowing the attacker to access the victim’s payment systems, his records, in practice his identity. Among other things, the fingerprints are not a password, they are not changed from today to tomorrow and-even for this-must be defended at all costs.

According to Tao Wei and Yulong Zhang, the two speakers of FireEye, iphone users can rest assured: the system used by Apple for iPhone 5s, iPhone 6 and iPhone 6 Plus is secure. Even if hackers get access to the fingerprint sensor, they still can’t get the encrypted image.

Different is the case of Android phones, whose producers have obviously underestimated the matter for a long time except then correct the flaws once detected vulnerabilities. Android smartphones with fingerprint reader are numerically lower than the iPhone, but the problem remains serious especially in the future: it is estimated that in 2019 at least half of smartphones will have this functionality and there is therefore need to Equip yourself with a certain advance.

In particular, the researchers have made 4 attacks against Android smartphones and one of these, called fingerprint sensor spying attack and tested on a HTC one Max and a Galaxy S5, would allow a hacker to subtract the fingerprint scans of all People who used the devices. The reason is simple, adds ZD Net, “Device makers don’t fully lock down the sensor”, i.e. the manufacturers have not completely protected the sensor allowing the attackers a fairly easy access, especially if the phone is rooted.

Do not panic, however: companies have been warned and have released patches to correct vulnerabilities, but the basic talk remains, also because-they add researchers-is not limited to smartphones: fingerprints are also used by PCs, especially by High-end notebooks, and could be used in an ever-increasing number of devices from here to five years. And nobody likes to be cloned.