Posts Tagged ‘Windows’

Hackers Used Windows Bug to Spy on Ukraine Officials

October 14th, 2014

For months this summer, unidentified hackers used a previously unknown hole in Microsoft Corp. MSFT -0.86% ’s Windows operating system to spy on Ukrainian officials and an American academic, according to an investigation by a U.S. cybersecurity company.

Microsoft said it plans to release a patch for the bug Tuesday. But once it is publicized, other hackers could race to exploit the vulnerability before Windows users update their systems, which often doesn’t happen immediately.

The incident underscores the risk to consumers as nations engage in computer espionage by searching for flaws in widely used commercial software. Spy agencies often try to hack very specific targets, but the security holes they exploit can be used by others once they are revealed.

“Every criminal and their brother is going to be trying to exploit this flaw in the next few weeks,” said Christopher Soghoian, principal technologist at the American Civil Liberties Union. For years, Mr. Soghoian has argued that governments put the Internet at risk by using such cyberweapons.

The U.S. government has taken much of that heat following leaks from former National Security Agency contractor Edward Snowden that showed U.S. spies worked to perfect such tools. The new disclosures by pro-Russian hacking illustrate the work done elsewhere.

The bug apparently used against Ukrainian officials could allow an outsider to control a computer running Windows Vista, 7 or 8, the most current version. The hackers deployed it by using malicious PowerPoint documents, said researchers at iSight Partners Inc. who discovered the bug in early September.

On Tuesday, Microsoft expects to patch two other Windows security holes recently exploited in cyberspying campaigns. It isn’t clear who was targeted or behind those attacks, discovered by researchers at FireEye Inc., FEYE +1.79% a Silicon Valley cybersecurity company.

In a statement, Microsoft said it is issuing patches to “help protect customers.”

Vendors release patches continually, but the bugs they fix are rarely linked so explicitly to the work of spies.

Researchers at iSight spotted the Windows flaw as fighting flared in Eastern Ukraine between the Kiev government and pro-Russian secessionists. They said Ukrainian government employees and an American Russian specialist, whom they declined to identify, received the bug this summer in emails that appeared to contain intelligence from Ukraine’s security services on Russian sympathizers.

Once users opened the PowerPoint, the hackers had access to their computers, the iSight researchers said.

Despite the attention given to reports of state-sponsored hacking from China, Iran and Russia, it is challenging to determine the origin or purpose of a cyberattack. Rather, hunches are developed by assessing motives and scraps of digital evidence.

In this case, iSight said it detected several clues that suggested the hackers were working on behalf of the Russian government. At least one of the hackers was fluent in Russian, based on files stored on an unprotected server used by the hackers.

Another clue, said iSight, is the significant time and money needed to find new security holes in complex software such as Windows, suggesting the hackers may have had the resources of a government behind them. Governments can use spy agencies to locate such holes, or buy exploits from elite hackers.

Third, iSight said it had tracked this group of hackers online since late 2013, and found them routinely seeking intelligence from targets of particular interest to Russian national interests. The list of targets includes the North Atlantic Treaty Organization, Polish energy firms and at least one other Western European government, iSight said.

“We cannot say with 100% certainty we’re talking about some guy in a Russian government building,” said Stephen Ward, an iSight spokesman. “But we can say this is cyberespionage, and it’s cyberespionage focused on Russian objectives.”

Representatives for the Russian and Ukrainian embassies in Washington didn’t return requests for comment Monday.

Pro-Russian hackers would hardly be alone in its use of secret security holes, known as 0-day exploits, for espionage. Cyberattacks linked to the Chinese government have relied on holes in Microsoft’s Internet Explorer and the U.S. government has used similar tactics to disable nuclear equipment in Iran, The Wall Street Journal and New York Times NYT -0.08% have reported.

In an April blog post, White House cybersecurity coordinator Michael Daniel said the administration has a “disciplined, rigorous and high-level decision-making process” for determining whether to exploit a security vulnerability in commercial software for espionage purpose.

There is however one unexplained bit, iSight said.

The hackers’ computer code contains numerous obscure references to Dune, the cult science-fiction series known for huge snakelike creatures that roam the desert.

Naturally, iSight has internally dubbed the hacking group, “Sandworm.”

Source:http://online.wsj.com/articles/tinker-tailor-soldier-pc-hacker-1413259264

Nokia Software Recovery Tool 1.3.1 released, supports Windows Phone 8.1

May 9th, 2014

Back in the Symbian days, Nokia had a tool called Nokia Software Recovery. This tool allowed one to wipe the internal software, as well as data, and an option to reinstall the software. Sadly, as soon as Lumia devices hit the market, Nokia had removed the tool. Earlier this year, Nokia Care re-released the Software Recovery Tool for Lumia devices, and today the software has been updated to support Windows Phone 8.1.

First spotted by the guys over at WPCentral, the tool will help you recover your phone if it is having software issues or problems while installing an update. “Use the Nokia Software Recovery Tool to recover your phone if you have software or software update problems. If your phone is not responding, it appears to be stuck or is not starting you can try to recover it at home before initiating a repair,” Nokia Care writes.

The latest update (version 1.3.1) of the Nokia Software Recovery tool adds support for Windows Phone 8.1, along with up to 75% faster downloads for large software packages. You are required to be running Windows 7 or newer, have a USB cable connecting your phone to your computer, and a minimum of 3GB of free storage space. Remember, using Nokia Software Recovery Tool erases all personal content on your phone. If possible, create a backup of your phone’s content before running the tool.

Source:http://www.winbeta.org/news/nokia-software-recovery-tool-131-released-supports-windows-phone-81

Create a list of all installed Windows software

February 7th, 2014

It can sometimes be useful to create a list of all software programs installed on a Windows PC. Maybe you want to hand it over to a friend or publish it on the Internet, or just use it to analyze what software has been installed on a system.

While it is possible to display the installed software using the Control Panel of the Windows operating system, there is no feature to export that list to a file.

You could now go ahead and make screenshots, or even type all the program names into a file, but that would certainly take some time to be accomplished.

There are other solutions on how you can export a list of all installed programs to a text file so that it can be shared or processed easier.

This guide presents you with several options that allow you to export the list of installed software. Lets get started.

Belarc Advisor

Belarc Advisor creates a detailed system profile of your computer that includes software and hardware, network inventory, the patch state of the system, security information and other information that may be useful to you.

All you need to do is download and install the program on your system, and have it scan it afterwards. The scan takes less than a minute to complete, and a results page is opened in your web browser of choice afterwards.

Here you need to scroll down until you find the software licenses and software versions & usage sections.

You can copy and paste the information from here, or work with them right from the local HTML page instead if you prefer to do so.

CCleaner

CCleaner is a popular temporary file cleaner for the Windows operating system. While it is used primarily for that, it ships with a boatload of other tools that help you manage various system features.

One of them lets you uninstall software that is installed on the system. It resembles the native Windows uninstallation program and is not as powerful as Revo Uninstaller or other programs that scan for leftovers after the uninstallation.

There is however a save to text file button here that you can use to export the list of installed software to the local system.

Geek Uninstaller

Geek Uninstaller is an advanced software removal program for Windows. It can not only uninstall installed programs, but also scan the system for leftovers so that they do get removed as well in the process.

You can use it to export the list of software as an HTML file easily. Just run the program — it is portable so no installation is required — and select File > Export to HTML to save the data to your local system.

Source:http://www.ghacks.net/2014/02/06/create-list-installed-windows-software/

Get Adobe Flash player