The Superfish certificate has been cracked, exposing Lenovo users to attack

 

Lenovo's Superfish bug just went from bad to worse, as researchers have turned up an easy way to take advantage of the security flaws opened up by the pre-installed software. Superfish is present on Lenovo laptops sold between September 2014 and January 2015, although Lenovo says no Thinkpads were shipped with the software. The bug has come under fire for breaking fundamental web security protocols, routing all encryption through a single password-protected certificate authority owned by a third-party adware company that makes Superfish. Anyone with the password that unlocks that certificate authority would be able to completely bypass the computer's web encryption.

This morning, researchers found and published that password, turning a security flaw into an active vector for attack. According to a post by Errata Security's Robert David Graham, the password was stored in the Superfish software's active memory and was trivial to extract.

THE PASSWORD WAS TRIVIAL TO EXTRACT

The cracked certificate exposes Lenovo users to man-in-the-middle attacks, similar to those opened up by Heartbleed. Armed with this password and the right software, a coffee shop owner could potentially spy on any Lenovo user on her network, collecting any passwords that were entered during the session. The evil barista could also insert malware into the data stream at will, disguised as a software update or a trusted site.

Even worse, there's no clear fix for the issue. The software can be uninstalled (instructions are here), but that won't entirely solve the issue. Superfish sets all infected computers to run web encryption through Superfish's certificate authority, which is now easily unlocked by the published password — but simply uninstalling the software won't remove the certificate from your trusted settings. You can remove it manually once the software is out or, for the extra-careful, reinstall the operating system entirely. This test will show if your computer is affected, courtesy of researcher Filippo Valsorda.

In the meantime, anyone affected by the bug should avoid public Wi-Fi networks whenever possible, or connect through a protected VPN. In a statement earlier today, Lenovo said the company had "thoroughly investigated this technology and [does] not find any evidence to substantiate security concerns."

Enjoy Guys! and don't forget to post your comments. © Comrade Pyrate

All Sim Database 2013,2014 Free Download Warid , Jazz , Ufone , Zong , Telenor On Mediafire With Small Size, All Link Work Fine....

Warid , Ufone , Zong , Telenor , Jazz Kisi Be Number Ki Detail Nikalo 
All Sims Data Base All Parts Download On Mediafre With Small Size Part Each Part Is Just 190 MB  Free Download Here All Parts With PasswordHow To Use:
 Download All Parts And Extract Him Then Install  VMware To Open It And Enjoy...

If any problem contact on facebook  

Facebook

Click The Part Number And Download It


                                                    Part 1


                                                    Part 2


                                                    Part 3


                                                    Part 4


                                                    Part 5


                                                    Part 6


                                                    Part 7


                                                    Part 8


                                                    Part 9


                                                    Part 10


                                                    Part 11


                                                    Part 12


                                                    Part 13


                                                    Part 14


                                                    Part 15


                                                    part 16


                                                    Part 17


                                                    part 18


                                                    Part 19


                                                    Part 20


                                                    Part 21


                                                    Part 22


                                                    Part 23


                                                    Part 24


                                                    Part 25


                                                    Part 26


                                                    Part 27


                                                    Part 28


                                                    Part 29


                                                     Part 30


                                                     Part 31


                                                     Part 32


                                                     Part 33


                                                     Part 34


                                                     Part 35


                                                     Part 36


                                                     Part 37


                                                     Part 38


                                                     Part 39


                                                     Part 40


                                                     Part 41


                                                     Part 42


                                                     Part 43


                              Click Here To Password Download


                                           Download Password

Click Here To Download VMware

How to unlock your Samsung Galaxy after Too many pattern Attempts or Forgotten Password

So you finally did it, you locked yourself out of your Samsung Galaxy. You knew you should have used a simple pattern or a password you could remember easily. So what do you do now?, nothing works and you need to use your phone again. The worst thing is you did not associate a
Google account at the first sign in and that option of regaining access to your device has failed.
Well you have come to the right place we have the solution you need.

What will this Fix DO?

Note this method will allow you full access to your Samsung Galaxy after too many pattern attempts or aforgotten password, however this hard reset will wipe the phone clean, so all data on the phones internal memory will be wiped. The contents of your SD card and  SIM card will however remain intact. This will not damage or hinder the functionality of the device in any way.

Which Devices will this work on?

Now this fix will work on all Samsung Galaxy smart phones including the: Samsung Galaxy S3 and theGalaxy Y and many other variants of the galaxy line.

We will be using the Samsung Galaxy Y to demonstrate the procedure,but remember this works with other Galaxy devices as well.

How to Unlock the Samsung Galaxy After too many pattern attempts or forgotten password.

1. Power down the device.

2. Hold down the: up volume key,the home button and the power button all at the same time.

The device should power on into the Recovery  mode shown below:

Recovery Mode

3.Using the home button to select and the volume up and down to navigate either up or down select the third option as shown above which says : Wipe Data/Factory Reset.

4. You should now see the following recovery screen:

Select Yes-Delete all user to wipe all data on the device. Allow the device to do its thing and finally when it gives the options again-  Reboot.

5. That's it the device will boot up similar to the first time you bought it, simply configure it and the device should boot up and not ask for the password.

Be sure to leave a comment if this was helpful and solved your problem.

Enjoy Guys! and don't forget to post your comments. © Comrade Pyrate

Ghost keyboard Typing – Notepad Tricks

 

Hey guys , Today I am going to share with you a Short but Cool Notepad Trick. People Use notepad to type  and save some important or regular  information, But very less people know that there is much more that we can do  with Notepad.

What if i say that we can make Notepad to type automatically what ever we wish to…. Unreal ? Yes it is possible and you will be doing it by yourself in just a few moments.You can show it to your friends and surprise them. Basically it is a prank that you can do with anyone just for fun.

This Process is Also known as ” Ghost Keyboard Typing ” Because you dont even touch your keyboard and words starts displaying in your notepad automatically, When you show this to your friend or anyone else, they will be excited to learn this from you as well.

Notepad trick to Type Automatically

---

Step 1: Right click on your desktop and select create new text document or simply open notepad.

Step 2: Exactly Copy the code given below and Paste it in notepad document that you have just created.

---

set wshshell = wscript.CreateObject(“wScript.Shell”)
wshshell.run “Notepad”
wscript.sleep 400
wshshell.sendkeys “S”
wscript.sleep 100
wshshell.sendkeys “M”
wscript.sleep 120
wshshell.sendkeys “A”
wscript.sleep 200
wshshell.sendkeys “R”
wscript.sleep 100
wshshell.sendkeys “T”
wscript.sleep 140
wshshell.sendkeys “T”
wscript.sleep 100
wshshell.sendkeys “R”
wscript.sleep 50
wshshell.sendkeys “I”
wscript.sleep 120
wshshell.sendkeys “C”
wscript.sleep 170
wshshell.sendkeys “K”
wscript.sleep 100
wshshell.sendkeys “S”
wscript.sleep 50
wshshell.sendkeys “.”
wscript.sleep 120
wshshell.sendkeys “N”
wscript.sleep 160
wshshell.sendkeys “E”
wscript.sleep 200
wshshell.sendkeys “T”
wscript.sleep 100

Step 3: Save the above code in Notepad file As ” smarttricks.vbs ” (Without Quotes ) but make sure  While saving this file select Save as type  “All files” and extension must be .vbs

Step 4: Now double click on The saved File, You will see “SMARTTRICKS.NET ” will be typed  Automatically, This is one of the Most awesome Notepad Trick that You learned today. Moreover  you can edit the Words In the above given Code with any desired words you want Notepad to type for you. e.g. : MY FRIEND READING THIS IS FOOL..vb

---

IMPORTANT !!!

While Double Clicking on the saved file if you see an error box like ” line 1 ” and “Char 37” Then dont worry, Right click on smarttricks.vbs and click on edit,

Now delete all Double quotations ie : ”  and Type them all manullay from your keyboard, save it and now you will have no errors.

Enjoy Guys! and don't forget to post your comments. © Comrade Pyrate

Shellshock attacks against SMTP servers

Reports are emerging from various sources that many of the SMTP servers has been attacked by the Shellshock bug. Cyber hackers are taking advantage of the Shellshock bug and exploiting the vulnerabilities against certain SMTP servers.The campaign seeks to create an IRC botnet for DDOS attacks and other purposes.

Its going to be a month that Shellshock vulnerability was public and it is also being says that Shellshock is the worst then the Heartbleed vulnerability.  After the public release of the Shellshock bug many of the firms and organisation have patch the vulnerabilities but there are still tonnes of the servers which are vulnerable to the Shellshock bug.

Shellshock bug was located in the Bash shell of the Linux operating system which was resides for 20 years. It was deployed on the configuration which makes the bug severity critical and was also easy to exploit.

Hackers are targetting SMTP server because the mail server are often left untouched (outdated or little concerns) for a long time.