Don’t Install TikTok On Your Phone, It’s A Spyware

Don’t Install TikTok On Your Phone, It’s A Spyware: Reddit CEO

TikTok, one of the most popular video-sharing platform, has welcomed a lot of criticism all around the world. Now, Reddit CEO and co-founder Steve Huffman said that the app is “fundamentally parasitic”. Huffman pointed out TikTok’s practice of fingerprinting to track devices as a major security issue in the Social 2020 venture capital conference.

As reported by TechCrunch, Steve Huffman said that maybe he has to regret what he is going to say but he doesn’t know what Tiktok is up to. He added that Tiktok is fundamentally parasitic as it always keeps a check on its users via the fingerprinting technology used by the app.

He concluded his statement by saying that he will never install an app like that on his smartphone. Huffman also said that he actively warns people to avoid installing TikTok as it is a spyware. Steve Huffman’s comments were mostly controversial throughout the conference.

What Is Fingerprinting?

Fingerprinting is the process of tracking a website or app to determine the visiting users, user agents and for tracking users’ browsing activities within and across sessions. Companies can collect information using fingerprinting for the purpose of profiling and thus it poses a risk to the privacy of users.

TikTok’s Take

However, ByteDance, the parent company of TikTok, has said that it uses the fingerprinting technology to track malicious or inappropriate behavior of the browser. As per the research performed by Matthias Eberl, the app was working smoothly even after disabling the fingerprinting scripts.

Not only Steve Huffman, but many tech executives in the industry are worried due to the practices of TikTok. Sheryl Sandberg, Facebook COO also raised her concern and said that TikTok is growing at a very fast pace with the help of fingerprinting and has a huge database.

Read More

Jazz Becomes First Pakistani Telecom Operator To Provide WhatsApp Self-Care Services

Jazz Becomes First Pakistani Telecom Operator To Provide WhatsApp Self-Care Services

In an industry first move, Jazz, Pakistan’s leading digital communications company, has started offering its post-paid subscribers a self-care service window on WhatsApp, the world’s most-used messenger app.

Under this partnership, WhatsApp will act as a self-service portal for Jazz users where either the customer can send a message to the Jazz WhatsApp number or vice versa.

Jazz postpaid customers can send “Hi” to 0300-3008000 to connect with Jazz WhatsApp channel. On connecting to the channel, customers will be able to pay their bills, get last generated invoice and view their billing information along with support FAQs. All conversations during this time will be completely free of charge.

Talking about this industry first move, Sadia Khuram, Chief Customer Experience Officer (CCEO) at Jazz said,

"In keeping with evolving habits of our customers in the digital space, Jazz is committed to providing friction-free and effortless services to its customers, and is proud to announce the launch of WhatsApp as a social support channel for its valued customers".

In the first phase of the launch, this channel will provide self-service options to its postpaid customers, who will now be able to get their billing information, pull invoices & make payments using a simple menu. Going forward, the ambition is to grow this into a full-fledged conversational channel and extend it to pre-paid customers as well.

She continued,

"As customers increasingly inhabit the world of WhatsApp and their preference is moving from ‘traditional call center care’ to ‘social care’ models, Jazz will continue to be responsive to its customers’ needs for easy, fast and convenient care channels".

“We are happy to help Jazz enhance their customer experience by enabling their post-paid users an improved interaction with the operator through their preferred chat app. We aim to create innovative solutions that continuously enhance services our clients and partners provide and are thrilled that Jazz recognized this as an opportunity to upgrade their customer care and prove their position as a market leader in Pakistan,” said Dino Ibrahimović, Managing Director Infobip MENA.

With 1.5 billion global users, WhatsApp is the most used messaging app in the world with its popularity growing day by day in Pakistan, where it is the top instant messaging app. This partnership with Jazz is via WhatsApp’s local partner Infobip, which operates one of the world’s leading proprietary messaging and communications platforms, designed to connect mobile network operators with enterprises.

Read More

WPA3 The New Wi-Fi Security Protocol To Be Launched In 2018

WPA3 The New Wi-Fi Security Protocol To Be Launched In 2018

Remember the Krack Wi-Fi vulnerability from October last year that has put all internet users to a dismay? Well, the good news is that it’s very possible we won’t have to go through that risky situation again.

Just a few days ago, during the annual CES event (one of the biggest technology and innovation shows), the Wi-Fi Alliance has announced the launch of a new wireless security protocol—Wi-Fi Protected Access WPA3 this year.

WPA3 will replace the current WPA2—the security protocol that all Wi-Fi networks have been using for over 15 years.

Why is WPA2 considered vulnerable?

The main insecurity issue of WPA2 is given by the “unencrypted” open Wi-Fi networks that makes it incredibly easy for anyone who uses the same network to access other devices.

Secondly, one of the WPA2 protocols is that the same password is used by clients and business owners when joining a Wi-Fi network (for instance the clients of a coffee shop and the owner of the coffee shop).

Due to these vulnerabilities, hackers can intercept Wi-Fi traffic and steal online data quite effortlessly.

In what way is WPA3 going to be safer?

• Improved user privacy

WPA3 will increase users’ privacy when they connect to open Wi-Fi networks (such as those in cafes, restaurants, etc.) by introducing individualized data encryption.

• Higher security standard

The future Wi-Fi security protocol will introduce a 192-bit security suite for increased protection; the 192-bitis a security requirement used by governments and big industrial organization.

• Protection on IoT devices

Wi-Fi Alliance, which is composed of 15 major tech companies (including Apple, Cisco, Dell, Intel, Microsoft, Qualcomm and more) stated that WPA3 will also offer smoother security for IoT devices.

• New handshake protocol

WPA3 standard will use a new handshake protocol, which will be far less vulnerable to dictionary attacks (the method hackers use of exhausting all possible password possibilities).

Transition from WPA2 to WPA3 could take a while

WPA3 won’t come into force until in a few months. Meanwhile, Wi-Fi Alliance said it will continue to optimize WPA2 since it was the target of severe attacks.

Regardless of WPA2 or WPA3, you should always secure your Wi-Fi network with the help of a VPN, simply to supplement the protection of your data.

Read More

Three more Malicious Backdoor plugins with More than 89,000 Active Installs found in WordPress Repository

Three more Malicious Backdoor plugins with More than 89,000 Active Installs found in WordPress Repository

WordPress has such a massive ecosystem consist of a number of plugins and themes, threat actors involved in various malicious activities such as hiding the PHP backdoor scripts into the WordPress Security Plugin.

In this incident, the attackers sell existing unsupported plugins to new authors with backdoor code inserted and their goal is to insert SEO spam to the sites with the plugin installed.

Wordfence uncovers the incident and WordPress security team has closed the plugin from the store which means the plugin not available to download from the repository.

There is too many up’s and down’s in WordPress usage, it requires a security improvement, so the WordPress Penetration testing is essential to find the vulnerabilities and to secure your WordPress powered blog.

Malicious WordPress backdoor Plugins

Duplicate Page and Post

The Functionality of the plugin is to create a cloned post or the page, now the Current Owner of the plugin inserted backdoor scripts which makes a request to cloud-wp.org and injects cloaked backlinks to the site.

It has more than 50,000+ Active Installs and the plugins Removed from WordPress.org on December 14, 2017.

No Follow All External Links

Behaviour same as like Duplicate Page and Post this backdoor requests to cloud.wpserve.org and returns content based URLs and the backdoor used in injecting backlinks for SEO. It has more than 9,000++ Active Installs and the plugins Removed from WordPress.org on December 19, 2017.

WP No External Links

It is same as the previous two backdoors it requests wpconnect.org and returns content based on the URL and the backdoor used in injecting backlinks for SEO.

It has more than 30,000+ Active Installs and the plugins Removed from WordPress.org on December 22, 2017.

If you have the plugin installed it is highly recommended to uninstall them immediately and scan the website for infection with sucuri and gravity scan.

Thousands of WordPress websites get hacked every day, so securing your blog must be top of mind. Luckily, it’s not all rocket-science as you need to make most of the tweaks only once.Here you can find Most Important Considerations Check to Setup Your WordPress Security.

Read More

How To Create A FaceBook Virus

How To Create A FaceBook Virus

Creating virus is illegal but creating funny virus is not.
Here I will show you how to make a funny virus to panic
your friends.

In this tutorial I will show you how to make Facebook virus
using simple commands on notepad. .
This will make the victim think they have got a virus when
they click on an icon such as Internet Explorer.

1) Open notepad
2) Type this in :

@echo off msg * WARNING
VIRUS DETECTED!! AFTER 5
MINUTES YOUR FACEBOOK ACCOUNT WILL
BE DELETED!!TO REMOVE THE
VIRUS CLICK OK OR CLOSE THIS
BOX!
PAUSE shutdown -r -t 300 -c
?SORRY!!! YOUR FACEBOOK ACCOUNT
IS NOW BEING DELETED!!!
PLEASE WAIT ..........."

4)Save as facebook password breaker .bat

5) Send it to your friends and say them it can break Facebook
accounts

When He/She double click it a message will open and their
computer will restart. After five minutes windows will restart, that is all.
This is totally harmless and will give you a laugh.

Read More