CCleaner Hacked

CCleaner was hacked I can’t get a good url to post but if you google Ccleaner hack it will bring up a story or two about the hack. The hack effects 32bit version and updates around sept 12-15 .

If you got a version that was updated lately its good to check.
I have an old version and I don’t do updates on that one.

Maybe someone could clean this url up so its a hot link.  (done – Greg)

Link to CC Cleaner Hack (Tom’s Hardware)

Link to”The Verge” Tech about CrapCleaner Hack

Dennis E

Password Manager

What kind of free password managers do club managers use.
So far asking I have come up with “a three ring binder” and ” 3×5 cards”
We aren’t real high tech here aren’t we now.
I used RoboForm for years but it got a BOT in it somehow and I had to dump it.
No second chance for that one. Toying with LastPass free but it has some quirks I don’t like.
Should I be picky its free.

I have been using windows Defender but when I was marked as having a virus by a email server I put on my Norton.
The Norton caught the “bot” right off where as Defender didn’t even see it. Norton also found some other questionable file that I new about but again Defender didn’t see them.
This is why I question using the built in password manager in windows 10 are they as flakey as the Defender ?


Outlook 2007

On all my machines that I have outlook 2007 I am getting a warning on server can’t be verified or is out of date.
Option to go on button lets the email program to open and all works then. Is this only because Microsoft outlook 2007 date of use goes out this next month?
I have service pak 3 outlook installed that is what took care of this warning a few years ago.
I know its old but serves purpose. I know a lot of you don’t use Outlook and I might have to change to get past this problem.
Dennis E

Apple Cloud In Danger

Article came out of Techconnect email I get daily.

Lucian Constantin By Lucian Constantin

Romania Correspondent, IDG News Service |
Mar 22, 2017 9:43 AM PT

A group of hackers is threatening to wipe data from millions of Apple devices in two weeks if the company doesn’t pay them US$150,000.

The group, which calls itself Turkish Crime Family, claims to have login credentials for more than 627 million, and email addresses. These are email domains that Apple has allowed for users creating iCloud accounts over the years.

Even though the Turkish Crime Family hasn’t been in the media spotlight before, its members claim that they’ve been involved in selling stolen online databases in private circles for the past few years.

The group said via email that it has had a database of about 519 million iCloud credentials for some time, but did not attempt to sell it until now. The interest for such accounts on the black market has been low due to security measures Apple has put in place in recent years, it said.

Since announcing its plan to wipe devices associated with iCloud accounts, the group claimed that other hackers have stepped forward and shared additional account credentials with them, putting the current number it holds at over 627 million.

According to the hackers, over 220 million of these credentials have been verified to work and provide access to iCloud accounts that don’t have security measures like two-factor authentication turned on.

This was determined by testing the credentials using automated scripts and a very large number of proxy servers to avoid getting banned by Apple, the hackers said.

Initially the group asked Apple for the equivalent of $75,000 in Bitcoin or Ethereum cryptocurrency. The ransom value has been raised to $150,000 and the group intends to increase it further if Apple doesn’t pay in three days.

News website Motherboard reported seeing alleged emails between the hackers and Apple in which a member of the company’s security team said that the company does not plan to reward cybercriminals for breaking the law and that the communications have been archived and sent to the authorities.

Apple did not immediately respond to a request for comment.

In the absence of payment, the group plans to launch an automated attack on April 7 that would log into iCloud accounts and wipe their contents and the devices associated with them.

“We are doing this because we can and mainly to spread awareness for Karim Baratov and Kerem Albayrak, which both are being detained for the Yahoo hack and one of them is most probably facing heavy sentencing in America,” a representative for the group said via email. “Kerem Albayrak on the other hand is being accused of listing the database for sale online.”

The representative said that the group’s members are originally from Istanbul, Turkey, but that they now “rep” Green Lanes, an area in North London.

Karim Baratov, a Canadian national, was indicted last week for allegedly hacking into email accounts at various email providers at the request of two officers from the Russian Federal Security Service, the FSB. The same indictment accuses the two FSB officers and a Russian hacker for breaking into Yahoo’s infrastructure and gaining access to over 500 million Yahoo accounts.

The Turkish Crime Family’s claims haven’t been confirmed by Apple so far, but someone posted a video on YouTube showing some of the leaked credentials being used to access iCloud accounts.

The group claims that the person who posted the video is not one of their members, but that he had access to one of the servers hosting their database, which is how he managed to get the credentials and record the video.

The video shows usernames and passwords in plain text, even though Apple most likely doesn’t store passwords in plain text in its database. This would be a very bad security practice and one that serious websites have avoided for many years.

However, it is possible that these passwords were stolen as part of other breaches or cracked from stolen cryptographic hashes and then matched to iCloud accounts due to password reuse practices. Most passwords shown in the video are not complex enough to withstand brute-force attacks.

If Apple does confirm the group’s claims, it could force password resets for its entire iCloud user base just to be on the safe side. Until then, concerned users can change their passwords on their own and turn on the iCloud two-factor authentication feature.

Related: Security

Lenovo Echo Clone

The Lenovo Smart Assistant ($130) looks like a mashup of an Amazon Echo and a Google Home, blending the former’s cylindrical form factor with the latter’s pastel-colored fabric speaker grill (buyers can choose light gray, green, or orange). The base model will come with a single tweeter powered by a 5-watt amplifier and a woofer driven by a 10-watt amp. Lenovo also plans to offer a Harman Kardon Edition that will come in black and be priced at $180, but the only other explanation it’s provided for the $50 price bump is that the Harman model will have “an additional 2-inch sound cavity for a clearer tweeter and deeper bass.” Surely there’s more to it than that, Lenovo.

Like Amazon, Lenovo is using an array of six far-field microphones on top of the speaker to capture your voice queries and commands from any direction, but the computer manufacturer has added a second mic in the center, so there are eight in all. The Lenovo Smart Assistant will be powered by an Intel Celeron N3060 CPU, with 2GB of DRAM and 8GB of onboard storage. It will connect to your home Wi-Fi network with an onboard 1×1 802.11n Wi-Fi adapter and will also be equipped with a Bluetooth 4.0 radio. Lenovo expects to bring its smart speaker to market in May 2017.

Windows 10 version 1704

Windows 10 Creators Update will become version 1704, set to be released in April 2017

New information has become available about the upcoming feature update for Windows 10. Currently known as Windows 10 version 1703 “Windows 10 Creators Update”, it seems it will be released officially in April 2017. So, Windows 10 Creators Update will become version 1704.
The post Windows 10 Creators Update will become version 1704, set to be released in April 2017 appeared first on Winaero.Com