Welcome to Process-info.org library

Process-info.org is an online library of Computer Operating System's Processes, which helps you to identify processes running at background of computer operating system or at remote computers on your network.

Process-info.org contains a growing database of executable processes (mostly with .EXE extension) and DLL libraries. You can search for processes through search box or navigate alphabeticaly by starting letter of process name.

It is assumed that users are familiar with computer operating system they're using and agree with suggested changes. Process-info.org will not be held responsible, if changes you make cause a system failure.

The Latest News

15 latest global news related to computer security

May 22, 2015 3:09:15 AM CEST

Rootkit:W32/ZAccess – Rootkit:W32/ZAccess constantly displays advertisements on the infected machine and may silently contact remote servers to retrieve additional advertising information.

 

May 22, 2015 3:09:15 AM CEST

Trojan-Spy:W32/FinSpy.A – Trojan-Spy:W32/FinSpy.A is a component of a commercial surveillance product that monitors user activity.

 

May 21, 2015 8:35:47 PM CEST

VU#177092: KCodes NetUSB kernel driver is vulnerable to buffer overflow – KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution.

 

May 21, 2015 6:44:00 PM CEST

NSA planned to hijack Google Play Store, Samsung app store to deliver malware – App stores from Google and Samsung reportedly became targets for government hijacking a few years ago, as the National Security Agency and its allies ramped up their data collection efforts.As reported by CBC News and The Intercept, the plan involved hijacking the connections between smartphones and their app marketplace servers, and then planting malicious software on targeted devices. The NSA and friendly spying agencies could then secretly collect data, and possibly even send "selective misinformation to the targets" for propaganda or confusion purposes.The reports stem from a new document provided by former NSA contractor Edward Snowden. It outlines a series of workshops held by the NSA and its counterparts in Canada, the United Kingdom, New Zealand, and Australia--collectively known as "Five Eyes."While investigating this possible hijacking method, the NSA and its allies also came across a major vulnerability in UC Browser, which is hugely popular in Asia. The program was reportedly leaking phone numbers, SIM card numbers, and other device details to its servers in China, making it a possible treasure trove for spying agencies.The vulnerability persisted until last April, when human rights group Citizen Lab alerted the Alibaba Group, UC Browser's parent company. An Alibaba source said it never heard a word about the leakage from spying agencies.Why this matters: While it's unclear what became of the app store hijacking plan, earlier reports have shown that U.K. spying agency GCHQ designed a suite of spyware aimed at iPhones and Android phones. The new documents could show how agents planned to load that spyware onto target's phones.The documents also speak to a larger issue of whether spy agencies should continue to exploit the software vulnerabilities they discover--thereby putting all users at risk--instead of reporting them. President Barack Obama has said he's in favor of disclosing vulnerabilities, but with exceptions for national security and law enforcement needs. The Electronic Frontier Foundation has sued the NSA for more specifics on when it might keep security flaws secret.

 

May 21, 2015 6:42:00 PM CEST

Netgear and ZyXEL confirm NetUSB flaw, are working on fixes – Networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected by a recently disclosed vulnerability in a USB device-sharing service called NetUSB.ZyXEL will begin issuing firmware updates in June, while Netgear plans to start releasing patches in the third quarter of the year.The vulnerability, tracked as CVE-2015-3036, is located in a Linux kernel module called NetUSB that's commonly used in routers and other embedded devices. The module is developed by a Taiwan-based company called KCodes Technology and allows routers to share USB devices with other computers via the Internet Protocol (IP).Researchers from a company called Sec Consult found a buffer overflow vulnerability in the NetUSB service, which listens for connecting clients on TCP port 20005. The vulnerability can be exploited to execute malicious code on vulnerable devices with the highest possible privilege, leading to a complete compromise.Based on firmware scans, the Sec Consult researchers believe that over 90 products from D-Link, Netgear, TP-Link, Trendnet and ZyXEL are likely vulnerable. Products from 21 other vendors might be affected as well.Only TP-Link had begun to release patches by the time the vulnerability was publicly disclosed Tuesday, but many other manufacturers had received advanced notice through the CERT Coordination Center.The vulnerability, which concerns the ReadySHARE feature in Netgear products, can only be exploited from inside the local area network, not remotely from the Internet, Netgear said in an emailed statement.The company has not yet revealed the number of affected products or their names, but said that it plans to start releasing firmware updates in the third quarter of the year.That's quite a long time for Netgear routers to remain vulnerable, considering that there is no workaround available. The NetUSB service can't be manually disabled on Netgear routers and the port it uses cannot be firewalled, the Sec Consult researchers said in a blog post.Netgear said its customers should make sure that Wi-Fi security is turned on, which is the default setting on its routers and gateways. It also recommends that they change the default password for the router to prevent unauthorized devices from accessing their network.That advice might be of little use to small businesses like bars or restaurants that might be using Netgear routers and need to share the Wi-Fi password with customers and guests.Even on home networks, where access is more strictly controlled, if attackers compromise a computer that's inside the network -- for example, through malware -- they could use it to compromise the router from within.Netgear advised users to scan their computers for malware regularly and to enable the firewall feature in their operating systems as a precaution.ZyXEL has developed a fix for the vulnerability and is in the process of rebuilding the NetUSB modules, a company representative said Thursday via email.The company has identified four affected products and estimates that patches for them will be released in June. The affected products have not been named, but the company is working on a public announcement about the issue.The Sec Consult advisory names 38 products from Netgear, 39 from TP-Link, 14 from Trendnet, 4 four ZyXEL and 1 from D-Link that are likely vulnerable. However, the list is likely incomplete, the researchers said.According to the advisory, TP-Link has already provided a release schedule and plans to release firmware updates for most of its affected products by the end of May. However, there are also five affected TP-Link routers that have reached end-of-life and will most likely not receive patches. That will probably also be the case with some affected devices from other manufacturers. Networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected by a recently disclosed vulnerability in a USB device-sharing service called NetUSB.ZyXEL will begin issuing firmware updates in June, while Netgear plans to start releasing patches in the third quarter of the year.The vulnerability, tracked as CVE-2015-3036, is located in a Linux kernel module called NetUSB that's commonly used in routers and other embedded devices. The module is developed by a Taiwan-based company called KCodes Technology and allows routers to share USB devices with other computers via the Internet Protocol (IP).Researchers from a company called Sec Consult found a buffer overflow vulnerability in the NetUSB service, which listens for connecting clients on TCP port 20005. The vulnerability can be exploited to execute malicious code on vulnerable devices with the highest possible privilege, leading to a complete compromise.Based on firmware scans, the Sec Consult researchers believe that over 90 products from D-Link, Netgear, TP-Link, Trendnet and ZyXEL are likely vulnerable. Products from 21 other vendors might be affected as well.Only TP-Link had begun to release patches by the time the vulnerability was publicly disclosed Tuesday, but many other manufacturers had received advanced notice through the CERT Coordination Center.The vulnerability, which concerns the ReadySHARE feature in Netgear products, can only be exploited from inside the local area network, not remotely from the Internet, Netgear said in an emailed statement.The company has not yet revealed the number of affected products or their names, but said that it plans to start releasing firmware updates in the third quarter of the year.That's quite a long time for Netgear routers to remain vulnerable, considering that there is no workaround available. The NetUSB service can't be manually disabled on Netgear routers and the port it uses cannot be firewalled, the Sec Consult researchers said in a blog post.Netgear said its customers should make sure that Wi-Fi security is turned on, which is the default setting on its routers and gateways. It also recommends that they change the default password for the router to prevent unauthorized devices from accessing their network.That advice might be of little use to small businesses like bars or restaurants that might be using Netgear routers and need to share the Wi-Fi password with customers and guests.Even on home networks, where access is more strictly controlled, if attackers compromise a computer that's inside the network -- for example, through malware -- they could use it to compromise the router from within.Netgear advised users to scan their computers for malware regularly and to enable the firewall feature in their operating systems as a precaution.ZyXEL has developed a fix for the vulnerability and is in the process of rebuilding the NetUSB modules, a company representative said Thursday via email.The company has identified four affected products and estimates that patches for them will be released in June. The affected products have not been named, but the company is working on a public announcement about the issue.The Sec Consult advisory names 38 products from Netgear, 39 from TP-Link, 14 from Trendnet, 4 four ZyXEL and 1 from D-Link that are likely vulnerable. However, the list is likely incomplete, the researchers said.According to the advisory, TP-Link has already provided a release schedule and plans to release firmware updates for most of its affected products by the end of May. However, there are also five affected TP-Link routers that have reached end-of-life and will most likely not receive patches. That will probably also be the case with some affected devices from other manufacturers.

 

May 21, 2015 3:40:46 PM CEST

Attack Gains Foothold Against East Asian Government Through “Auto Start” – East Asian government agencies came under siege when attackers targeted several servers within their networks. The said attackers, who showed familiarity and in-depth knowledge of their agencies’ network topology, tools, and software, were able to gain access to their targeted servers and install malware. After which, they used the compromised servers not only as gateways to […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroAttack Gains Foothold Against East Asian Government Through “Auto Start”

 

May 21, 2015 3:17:16 PM CEST

Avast Home Network Security is ideal for the self-employed – For those of us who are self-employed and/or work from home, our houses are sacred spaces on both personal and professional levels. Although often overlooked, our routers hold the key to our productivity, as they provide the powerful and consistent network connection that we depend on in order to get our work done. Unfortunately, we […]

 

May 21, 2015 2:25:00 PM CEST

Startup Cyber adAPT takes on threat detection – Cyber adAPT, a startup springing from DARPA funded research, is shipping its first products that detect network compromises and gather data that can be used later for forensic analysis of breaches.The company's appliance-based platform monitors network traffic looking for suspicious communications that might indicate a breach and correlates it with threat feeds to improve its accuracy.The company just landed a $4.1 million Series A round from Alvin Fund, Granite Point Capital Partners, Griffin Fund II, and Fundamental Capital Management. It started work about 15 months ago and grew out of Irvine Sensors, which had done research funded by the Defense Advanced Research Projects Agency.The goal is for the platform to perform predictive threat analysis in which it would determine where threats are moving, the goals of the attackers, where the attack is likely to pivot and what assets it is likely to pivot to, and what phase the attack is in.The company competes against Cyphort, Damballa and Vectra Networks. At the moment its customers are concentrated in energy and retail industries, but it hopes to expand to Fortune 1000 companies in petroleum, finance and healthcare.It makes two appliances, Cyber adAPT and Cyber adAPT . Both are 1U rack-mount devices. The first is a detection device that polls real-time traffic, analyzes it and overlays the results with data from threat feeds in order to correlate network activity with indicators of compromise. This helps reduce false positives that might result from just analyzing network traffic alone.Cyber adAPT performs detection but adds packet capture and stores metadata about network traffic that allows forensic analysis of how compromises happened once they have been found.They are generally deployed on tap or span ports of core routers and switches to monitor communication among critical business assets.

 

May 21, 2015 1:23:00 PM CEST

The Upload: Your tech news briefing for Thursday, May 12 – Senators block vote extending NSA dragnet powersFour U.S. senators ground the chamber's business to a halt Wednesday in an effort to prevent voting on a bill that would extend a law that's legitimized the National Security Agency's bulk collection of telephone and business records. The relevant section of the Patriot Act expires at the end of the month, and to stop it from being renewed, a bipartisan group took control of the Senate floor in a filibuster mid-Wednesday.Hack hits health care target, reaps data on 1.1 millionOffering information that enables medical identity fraud is among the most lucrative crimes for hackers, and they have hit a rich target once again: Health insurer CareFirst revealed that data on 1.1 million people has been stolen in a security breach. The attack took place nearly a year ago, and targeted a single database that contained information about CareFirst members and others who accessed its websites and services.Apple fixes critical security issues in WatchGet used to the idea that a watch can endanger your digital life: Apple's first update for Watch OS includes 14 security patches, and they're not trivial. Watch OS 1.0.1, released this week, fixes vulnerabilities that could enable arbitrary code execution, information disclosure, denial of service, traffic hijacking, privilege escalation and other attacks.Huawei has an OS for the Internet of Things, tooAdd Chinese networking equipment vendor Huawei to the list of companies that want to control the platform that connected devices -- aka the Internet of things -- run on. It's launched LiteOS, saying it wants to help third-party vendors break into the emerging market by giving them a lightweight software platform that can be as small as 10 kilobytes and is designed to run on minimal power.Google said to be readying a photo service for Facebook and TwitterIn a tacit admission that Google is an also-ran in the social networking race, Google is getting ready to take the wraps off a photo sharing and storage service aimed at Facebook and Twitter users, Bloomberg reports. Previously, Google had a photo offering limited to Google . The new option is set to be unveiled at Google i/o later this month, but will face plenty of competition from other cloud-based photo services already available.E-paper gives payment cards ever-changing security codesThat so-called security code on the back of your credit card offers limited protection from fraud since cybercriminals have figured out how to capture it from payment terminals. But now Oberthur Technologies is embedding an e-paper display in cards that replaces the printed 3-digit code with a small screen, where the code changes periodically. To test the technology in the real world, 1,000 customers of French banks Banque Populaire and Caisse d'Epargne will pilot it in September.Former Radio Shack customers should probably set spam filters to 'high'After a lengthy legal tussle, bankrupt Radio Shack will be able to sell some customer data that it had listed among assets it sought to liquidate. Attorneys for 38 states that had objected to the sale have now agreed to a settlement that forces Radio Shack to destroy a good deal of the information. The New York attorney general hailed the deal as a victory for consumer privacy and one that creates a model for how to protect troves of personal data when companies go under.Acquisitions take a bite out of Lenovo earningsLenovo's recent acquisitions have hit hard at the company's earnings, with its net profit in the first quarter dropping 37 percent despite strong PC sales. The Chinese company paid $2.9 billion for Motorola Mobility and $2.1 billion for IBM's x86 server business. Revenue rose 21 percent year-over-year to $11.3 billion, though.Watch nowSports helmets that use Boditrak's pressure-sensing fabric can help monitor and diagnose head injuries. Here's how it works.One last thingFarhad Manjoo wants to know what happened to tech's drive to change the world -- what he sees instead is a rise innovation aimed at the young and the rich.

 

May 21, 2015 8:08:00 AM CEST

Fake-News: 'FDA Approves Tranquilizing Darts for Children' – Circulating 'news' report claims that America's FDA has approved the release of anaesthetic dart guns designed to calm children with ADHD.

 

May 21, 2015 7:25:00 AM CEST

US proposes tighter export rules for computer security tools – The U.S. Commerce Department has proposed tighter export rules for computer security tools, a potentially controversial revision to an international agreement aimed at controlling weapons technology.On Wednesday, the department published a proposal in the Federal Register and opened a two-month comment period.The changes are proposed to the Wassenaar Arrangement, an international agreement reached in 1995, aimed at limiting the spread of "dual use" technologies that could be used for harm.Forty-one countries participate in the Wassenaar Arrangement, and lists of controlled items are revised annually.The Commerce Department's Bureau of Industry and Security (BIS) is proposing requiring a license in order to export certain cybersecurity tools used for penetrating systems and analyzing network communications.If asked by the BIS, those applying for a license "must include a copy of the sections of source code and other software (e.g., libraries and header files) that implement or invoke the controlled cybersecurity functionality."Items destined for export to government users in Australia, Canada, New Zealand or the U.K. -- the so-called "Five Eyes" nations which the U.S. belongs to -- would be subject to looser restrictions. Those nations' intelligence agencies collaborate closely.The proposal would modify rules added to the Wassenaar Arrangement in 2013 that limit the export of technologies related to intrusion and traffic inspection.The definition of intrusion software would also encompass "proprietary research on the vulnerabilities and exploitation of computers and network-capable devices," the proposal said.Tools that would not be considered intrusion software include hypervisors, debuggers and ones used for reverse engineering software.There has long been concern that software tools in the wrong hands could cause harm. But security professionals who conduct security tests of organizations often employ the same software tools as those used by attackers.Thomas Rid, a professor in the Department of War Studies at King's College London, wrote on Twitter that the proposed export regulations "seem too broad; could even damage cybersecurity."Many private computer security companies sell information on software vulnerabilities for commercial purposes, a practice that has been criticized.Those companies have defended their sales models, arguing that without a financial incentive, the software vulnerabilities may not have been found, which ultimately protects users. Many have policies that forbid selling sensitive information to unvetted parties.The proposal said there is a "policy of presumptive denial for items that have or support rootkit or zero-day exploit capabilities."Rootkits are hard-to-detect programs used for electronically spying on a computer, and a zero-day exploit is attack code that can take advantage of a software flaw.Changes to the list of controlled items covered by the Wassenaar Agreement are decided by consensus at its annual plenary meeting in December.Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

 

May 21, 2015 6:33:00 AM CEST

RadioShack, US states reach agreement on sale of customer data – RadioShack has reached agreement with U.S. states over the sale of customer data, by consenting to limit the number of email addresses to be sold, and giving customers the opportunity to be removed from the list.A coalition of 38 U.S. states, led by Texas, objected to the sale of personally identifiable information by the bankrupt electronics retailer, citing its online and in-store privacy policies. The customer data, which was withdrawn from an earlier sale of assets that included RadioShack stores, was included in a second auction this month.The bulk of the consumer data will be destroyed, and no credit or debit card account numbers, social security numbers, dates of birth or phone numbers will be transferred to General Wireless Operations, the winner of both auctions, said Texas Attorney General Ken Paxton in a statement Wednesday.RadioShack also filed in court on Wednesday the result of the mediation talks that started on May 14, in which the states, the prospective buyer and the retailer participated.RadioShack's databases contained about 117 million customer records, including of consumer and commercial customers. The company offered for sale what it considered to be the most relevant data, which consisted of 67 million complete customer names and physical address files, of which around 8.3 million records also included an e-mail address, according to the filing. Some 200,000 email addresses that were not associated with a physical mailing address were also part of the offer.Following the mediation, General Wireless agreed to only buy customer email addresses that were active for the last two years, and will overall be bound by RadioShack's privacy policy that prohibits the further sale or transfer of the information to third parties.Customers with emails will be given an opportunity to opt out from having their information transferred to General Wireless within one week from being served a notice. Opt-out options will also be provided to customers whose email addresses are not available.The agreement also removes 14 data fields from the transaction information that RadioShack proposed to sell. The information on a transaction to be sold will be limited to seven fields, including store number, ticket date and time, stock keeping unit (SKU) number, description and selling price, tender type and amount.The Federal Trade Commission in a letter over the weekend to a court-appointed privacy ombudsman had said that the agency's concerns about the transfer of customer data, "would be greatly diminished" if certain conditions were met, including that the data was not sold standalone, and if the buyer is engaged in substantially the same lines of business as RadioShack, and expressly agrees to be bound by and adhere to the privacy policies.This requirement appears to have been met by General Wireless. The acquirer has obtained approval from a bankruptcy court in Delaware to purchase RadioShack's entire e-commerce business, intellectual property and remaining assets, including the customer data under the settlement, Paxton said.New York's Attorney General Eric T. Schneiderman described the settlement a victory for consumers' privacy nationwide, which could serve as a model for future bankruptcies. The RadioShack dispute brought into sharp focus the need to protect, in the event of a bankruptcy, the large troves of personal data collected by large online and offline companies.John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

 

May 21, 2015 3:15:26 AM CEST

American Express 'Request to Change Phone Number' Phishing Email – According to this email, which purports to be from American Express, the company has recently received a request to change the phone number listed on your account.

 

May 21, 2015 3:00:00 AM CEST

Live ID as a bait: Kaspersky Lab warns of a new scam – Experts are warning of a new scam that uses Windows Live ID as a bait to catch personal information stored in user profiles on services like Xbox LIVE, Zune, Hotmail, Outlook, MSN, Messenger and OneDrive.

 

May 21, 2015 2:37:00 AM CEST

New protocol from Guardtime hopes to unseat RSA for authentication, digital signatures – Data integrity vendor Guardtime hopes its newly announced protocol will replace RSA for the purposes of authentication and digital signatures, touting it as easier to manage and less vulnerable to hacking.Called BLT, the protocol name comes from the last initials of its inventors, Ahto Buldas, Risto Laanoja and Ahto Truu, just as RSA comes from the last initials of its inventors, Ron Rivest,  Adi Shamir and Leonard Adleman.Rather than relying on public and private keys (PKI) as RSA does, BLT is based on hash-function cryptography, which requires no keys and so requires no issuing, updating or revoking of keys. As a result, it can scale to cover exabytes (1018 bytes) with little overhead, says the company's CEO Mike Gault. And there are no cryptographic secrets to be compromised.In addition, the protocol, which is built on Guardtime's Keyless Signature Infrastructure (KSI) technology, invokes one-way hashes that cannot be broken, even under attack from the theoretical capabilities of quantum computers. The company points to its recently published mathematical proof of BLT's effectiveness to back up its claim with further proof here and here.KSI is the technology on which the company bases Black Lantern system for ensuring the integrity of digital assets. It can be used to create a hashed signature of a digital asset when it is in a known good state. Based on constant monitoring of these time-stamped hashes, the system can verify that data, operating systems, applications and configurations have not been altered.The hash signatures are reviewed every second, so any changes are caught almost immediately. The changes mean something about the asset itself has changed, and that might represent an attack that can then be checked out by third-party security platforms or security staff."That's the true value of it," says Phil Hochmuth, an analyst with Strategy Analytics. "It's a way to get rapid alert to a breach. It could be applied to the Internet of Things or any vastly distributed network."Gartner Analyst Mary Ruddy says the distributed, scalable and light-weight nature of the system make it seem feasible for deploying on digital assets that it might otherwise not be economically viable to cover.Like Bitcoin, Black Lantern uses an open-ledger system in which derived hash-value trees are maintained by Guardtime in order to monitor for changes. In the case of Bitcoin the values represent transactions; in the case of Guardtime, it's the hashed signatures of the assets being tracked.Guardtime's technology also underpins a service being sold commercially by Ericsson that determines whether systems customers purchase have been altered after delivery, as well as to verify the integrity of operating systems, applications and configurations, says Jason Hoffman, head of technology and cloud systems for Ericsson.He says it can be used not only to verify the integrity of, say, a sensor in a network, but also the data gathered by the sensor. That makes it possible to verify that the data collected matches the data delivered from the sensor.Ericsson's service is being offered only to limited customers right now but will be rolled out generally to customers in North America and Europe next year, Hoffman says.BLT will be available on Black Lantern gear this fall.Based in Estonia, Guardtime was founded in 2006 and backed privately by Gault initially, but by other private investors since then. Gault, a former derivatives trader, met the Estonian researchers while he was a graduate student in Japan, heard about their scheme and relocated to Estonia to help with the company.Guardtime says its annual revenue has grown from $100,000 in 2012, to $10 million last year. Revenues for the first quarter of this year were $20 million, it says.

 
 
 

Navigate through library of processes alphabeticaly by first letter: