Welcome to Process-info.org library

Process-info.org is an online library of Computer Operating System's Processes, which helps you to identify processes running at background of computer operating system or at remote computers on your network.

Process-info.org contains a growing database of executable processes (mostly with .EXE extension) and DLL libraries. You can search for processes through search box or navigate alphabeticaly by starting letter of process name.

It is assumed that users are familiar with computer operating system they're using and agree with suggested changes. Process-info.org will not be held responsible, if changes you make cause a system failure.

The Latest News

15 latest global news related to computer security

September 16, 2014 3:08:58 AM CEST

Rootkit:W32/ZAccess – Rootkit:W32/ZAccess constantly displays advertisements on the infected machine and may silently contact remote servers to retrieve additional advertising information.

 

September 15, 2014 2:44:00 AM CEST

FAKE-NEWS - 'Eminem Quits Music After Checking Into Rehab' – Story circulating via social media claims that rapper Eminem has announced that he is quitting music after checking into rehab to deal with a heroin addiction.

 

September 13, 2014 10:33:00 PM CEST

New malware spreads over Twitch chat, targets Steam accounts – If you use gaming video streaming site Twitch, you'll want to be careful what you click on. A new piece of malware spread through Twitch's chat feature will attempt to bleed your Steam account dry, according to security software maker F-Secure.The malware spreads through messages posted to Twitch chat that try to entice users into entering a weekly raffle. Click on the link, and a Java program will open up a phony raffle entry form.Once you fill out and submit the form (which, according to F-Secure, doesn't actually get sent anywhere), the malware goes to work. It installs and runs a Windows binary that can gain access to your Steam account and add friends, accept friend requests, trade items, and sell items in the market at a discount.As a result, the malware can "wipe your Steam wallet, armory, and inventory dry," according to F-Secure, and sell your items at a discount on the Steam Community Market. The idea here is that the attacker can sell uninteresting items from your account, then buy themselves more interesting items. Shady.Since this all happens on your system, it bypasses Steam's security measures to prevent others from logging into your account on another PC. F-Secure recommends that Steam add new security measures "for those trading several items to a newly added friend and for selling items in the market with a low price based on a certain threshold." In the meantime, though, be careful what you click on, and don't enter raffles and giveaways from people or companies you don't know and trust.

 

September 13, 2014 4:12:00 AM CEST

Fake 'Islamic Rights' Facebook Page Inciting Hatred on Gold Coast – A Facebook Page called 'Preserving Islamic Rights on the Gold Coast' has demanded that the Gold Coast mayor incorporate Islamic prayers into the Anzac Day Dawn service to 'honour fallen Islamic diggers'. It also proposes that an Islamic symbol be included on a newly designed Australian flag. It even suggests that an entire Islamic suburb to be called 'New Palestine' and complete with a 'Refugee Ferry Port and Processing Facility is to be built in the area.

 

September 13, 2014 2:52:00 AM CEST

September 2014 Security Bulletin Release Webcast and Q&A – Today we’re publishing the September 2014 Security Bulletin Webcast Questions & Answers page.  We fielded four questions on various topics during the webcast, with specific bulletin questions focusing primarily on Internet Explorer (MS14-052) and a question about the Windows Update client.   We invite you to join us for the next scheduled webcast on Wednesday, October 8, 2014, at 11 a.m. PDT (UTC -7), when we will go into detail about the October bulletin release and answer your bulletin deployment questions live on the air.  Thanks, Dustin Childs Group Manager, Response Communications Microsoft Trustworthy Computing

 

September 12, 2014 11:34:00 PM CEST

Researcher disputes report BlackPOS used in Home Depot, Target attacks – A security researcher has found that the malware used in the Home Depot and Target breaches are unrelated and cannot be used as an indicator that the same group is behind the attacks.An analysis of the malware code revealed no similarities in architecture or technique that would show the software is even from the same family, Josh Grunzweig, principal security consultant for enterprise search company Nuix, said Friday."With coding, there's a lot of different ways to essentially reach the same goal," Grunzweig said. "When you look at the two samples, pretty much every single decision was in the exact opposite when it came to approach."Grunzweig's analysis contradicts a KrebsOnSecurity report this week that variants of the BlackPOS malware were used in both attacks. Brian Krebs, a former Washington Post reporter, writes the blog.Late last month, security vendor Trend Micro reported that BlackPOS variants were being used to attack retailers, such as Target, but did not say the same malware was used against Home Depot.BlackPOS was designed by a Russian teenager to steal credit- and debit-card data from retailers' electronic payment systems. The malware source code has been available since 2012.Hackers typically stay within the same family of malware in launching attacks. However, it is also possible for the same group to use different malware.Therefore, malware similarities, or dissimilarities, are not conclusive evidence that attackers are from the same group or multiple groups.Krebs also reported that payment card data stolen from Home Depot was for sale on the same underground marketplace where Target data was sold.Grunzweig's analysis focused only on the malware and did not draw any conclusions on whether the attackers behind the breaches were the same. But like other researchers, his instincts told him the attacks were somehow related."I think the groups probably are the same, but I'm just talking about the malware," he said. "I can only speculate on the groups behind them."In breaking down the malware, Gunzweig drew the conclusion that "these were not coded by the same people."While BlackPOS was used in the Target attack, the malware in the Home Depot breach contained different techniques for copying stolen data to another location on the victims' network before sending it to the hackers.In addition, the malware used different techniques for identifying card data after payment cards were swiped. The executable used to run the malware was also different."Under the hood, everything was different," Grunzweig said. "These were not part of the same malware family."The Target breach, which occurred during last year's holiday shopping season, exposed more than 40 million debit- and credit-card accounts. Home Depot reported this week that the attack on its payments systems affected all stores in the U.S. and Canada, which service millions of customers a year.Home Depot did not say how many payment card accounts were affected.

 

September 12, 2014 7:05:00 PM CEST

VMware and Cisco patch vulnerabilities in data-center gear and software – VMware and Cisco Systems released security fixes this week for serious vulnerabilities in networking virtualization and server software typically used in data centers.Cisco patched a persistent denial-of-service vulnerability that could prevent the out-of-band management of Cisco Unified Computing System (UCS) E-Series Blade servers that are deployed in Cisco Integrated Services Routers Generation 2 (ISR G2).The vulnerability is located in the SSH (Secure Shell) service of the Cisco Integrated Management Controller (Cisco IMC), a specialized micro-controller embedded in server motherboards that allows systems administrators to monitor and manage servers from outside their OS.Cisco released version 2.3.1 of the Cisco IMC firmware for UCS E-Series servers on Monday. Customers need to use the Host Upgrade Utility in order to deploy the new firmware.The U.S. Computer Emergency Readiness Team published an alert about the issue Thursday.If left unpatched, an attacker could exploit the vulnerability by sending a specially crafted packet to the vulnerable SSH server, forcing the IMC to become unresponsive. This could impact the availability of the entire server."Recovery of the Cisco IMC will likely require a restart of the affected E-Series Server via physical interaction with the blade's power switch, or a restart of the ISR G2 router that the device is installed in," Cisco said in an advisory. "A restart of the E-Series blades via the power switch will cause a loss of power to the operating system running on the device. A restart of the ISR G2 router will cause a loss of all traffic passing through the router while it restarts as well as impacting the blade servers installed in the device."VMware released security updates Thursday for its NSX and vCloud Networking and Security (vCNS) products in order to patch what the company called "a critical information disclosure" vulnerability. The company's advisory does not clarify what kind of information can be disclosed by exploiting the issue, but both the NSX and vCNS products are used for virtualizing network services.The VMware NSX allows datacenter administrators to create, provision, snapshot, delete and restore complex networks programmatically from software by utilizing the underlying physical network just for packet forwarding. VCNS provides networking and security functionality for virtualized computing environments through services like a virtual firewall, virtual private network (VPN), load balancing, NAT, DHCP and VXLAN-extended networks.

 

September 12, 2014 5:34:48 PM CEST

VU#578598: Iridium Pilot and OpenPort contain multiple vulnerabilities – Broadband satellite terminals using Iridium Pilot and OpenPort have been found to contain undocumented hardcoded login credentials(CWE-798). Additionally,these broadband satellite terminals utilize an insecure proprietary communications protocol that allows unauthenticated users to perform privileged operations on the devices(CWE-306).

 

September 12, 2014 5:30:14 PM CEST

AVAST invites you to the WebExpo 2014 in Prague! – WebExpo is the largest Central European conference focused on topics related to the digital world. Among many topics, this year’s focus is security and big data. AVAST Software is not only a proud general sponsor of this event, but also an active participant. One weekend, over 1,400 online professionals, presentations, workshops, and lots of fun. WebExpo is […]

 

September 12, 2014 2:35:00 PM CEST

Apple Pay could put an end to data breaches – The retail data-breach epidemic highlighted by Target now has other famous victims, including UPS, Home Depot, and Dairy Queen. If you've used a credit card sometime in the past year or two, there's a very good chance your information has been compromised or exposed by at least one of these data breaches. If you use Apple's new Apple Pay system, though, such worries just might be behind you.The current point-of-sale (POS) system carries a number of risks when it comes to processing credit card transactions. As we've seen with the data breaches mentioned above, the POS system itself can be compromised. There are also stories of restaurant workers using card skimmers, or card skimmers being surreptitiously attached to card swiping mechanisms at gas stations. Basically, any transaction that involves handing your physical card to someone, or reading the data from the magnetic stripe on the back of the card, could lead to your credit card data's compromise in some way.NFC (Near Field Communication) technology enables mobile devices to communicate wirelessly with a POS system, no physical card required. NFC itself isn't new, but Apple Pay has better security, broader support, and the clout of the Apple brand behind it. In other words, Apple Pay might actually catch on, and make wireless payments with a mobile device mainstream.The recent hack of nude celebrity photos, and the implications that has for iCloud security, might cause some to think twice about trusting credit card information on an Apple device. While it's always prudent to exercise caution, Apple has security features in place that make a compromise highly unlikely--if not impossible.First, Apple does not store the actual credit card data on the iOS device, or on iCloud. The payment information is encrypted and stored in a "Secure Element." When you initiate a transaction, Apple Pay generates a one-time key based on the encrypted information, and that's what is shared with the point-of-sale system. For added protection, Apple Pay transactions from an iPhone also require fingerprint authentication using Touch ID.Even if attackers were able to intercept the one-time code information, it wouldn't be useful anymore. The cashier doesn't see your credit card number or security code, and there is no physical card to be swiped. In a nutshell, had everyone who shopped at Target or Home Depot used Apple Pay, the data breach news would be fairly trivial.In the event that your iPhone is lost or stolen, you'll be able to disable Apple Pay payments through the Find My iPhone site. However, the Touch ID authentication requirement should be sufficient to prevent anyone from making unauthorized transactions with your device.Android loyalists and Apple bashers are quick to point out that Apple is actually late to the NFC party. That is true. As I mentioned above, NFC technology has been available on competing mobile devices, and mobile payments have existed on rival platforms for some time. The major difference is that Apple has the support and momentum to make it mainstream. Apple has enlisted Visa, Mastercard, and American Express--which account for more than 80 percent of the credit cards in use--as well as individual banks, including Bank of America, Capital One, Chase, and CitiBank, with more on the way.Apple boasts that there are 220,000 stores ready to support Apple Pay. That sounds impressive, but it's a drop in the bucket, more or less, when weighed against all of the possible stores and retailers. The bad news is that Apple Pay won't be available everywhere you shop, but Apple has a plethora of major retailers on board, including Walgreens, McDonald's, Petco, Staples, and Subway. Apple Pay will also work within iOS through third-party apps like Target, Panera, and Starbucks.

 

September 12, 2014 2:06:00 PM CEST

HOAX - 'Send Message to 10 Contacts to Activate WhatsApp with 'F' Logo' – Message purporting to be from the director of instant messaging application WhatsApp claims that the service has been bought by Mark Zuckerberg and you must therefore send the same message to at least 10 contacts to activate your account with Facebook.

 

September 12, 2014 2:06:00 PM CEST

HOAX - 'Belgium Mayor Explains Why he Refused to Ban Pork From School Canteens' – Circulating message features a strident letter supposedly sent to parents by Marc Duvivier, the mayor of the Belgium municipality of Ath, explaining why he refused to give in to demands from local Muslims to remove pork from school canteen menus.

 

September 12, 2014 2:03:00 PM CEST

Disruption set to force dramatic change in the datacentre: Gartner – Four disruptive factors are set force dramatic changes in the datacentre market by year-end 2016, according to Gartner.A Gartner report found highly disruptive competition, big Cloud provider dominance, economic warfare and nationalism will occur with different intensities over different time frames.However, at least two of these factors will drive significant disruption within the next three years, and elements of all four will drive the opportunities and risks in the datacentre market during the next three to four years.In Australia, spending on datacentre hardware is forecast to reach almost A$1.7 billion in 2014, and A$1.8 billion next year.Gartner vice president distinguished analyst, Joe Skorupa, forecasts that Chinese suppliers will increase their share of the datacentre infrastructure market by 2 percent by the end of 2017, at the expense of western companies, partly due to increasing anti-U.S. sentiment. He also says that expansion of the big Cloud providers will spell the end of growth for traditional datacentre vendors, partners will become competitors and the 'Snowden effect' leads buyers to believe that none of the large multinational providers are trustworthy, so emphasis shifts to in-country-developed technologies.Although, on the surface, the DC market is poised for growth, existing assumptions regarding the ongoing growth of the DC market are unlikely to be realised, according to the report."They rely heavily on the current base of traditional enterprise IT end users, and a vendor community that is more likely to support the status quo, rather than introduce risk and break the enterprise IT mould," the report said.The report said an uneasy peace existed among the incumbents in the market."While there is some heightened tension as former partners now compete, no one wants an all-out slugfest because everyone is addicted to the high 50 per cent or more gross margins in storage and networking hardware and DC infrastructure software," the report said."New workloads may be going to external IT providers, and these buyers are not interested in high-price/high-margin commercial off-the-shelf products as they shift toward open-source software and embedded manageability. However, vendors are focused on maintaining the status quo for as long as possible."If a powerful incumbent aggressively enters an adjacent market with a new offering, it could trigger severe shockwaves throughout the industry.Read more:Violin Memory promises resellers a 'true channel' modelThe report said there were numerous potentially disruptive technologies, including software-defined networking and software-defined storage, network function virtualization, extreme low-energy processors and webscale-integrated infrastructure.The centre of gravity for new application development and deployment is shifting from in-house to Cloud-first as consumer/mobile needs dominate, according to the report.This is also starting to influence the expectations around new internal applications, which require more-flexible, distributed and hybrid IT.The SaaS/Cloud-first approach to new, high-growth workloads means that growth in infrastructure hardware is generally aligned to webscale architectures.While workloads may not run more efficiently in the cloud, providers ensure that excess capacity is used, in some cases, at lower prices to ensure highest utilisation, and, therefore, highest monetary return for the provider.This result is top-level improvement in efficiency, which, as Cloud provider dominance increases, has the immediate effect on the DC market of reducing the demand of total amount of compute to total workload.The report said traditional managed service providers (MSPs) and infrastructure providers were failing to deliver compelling alternatives to platform as a service (PaaS) from Amazon, Google, IBM, Microsoft and Baidu."MSPs are relegated to providing basic transport, or, at best, become managed service brokers," the report said."Amid this churn, traditional vendors find it increasingly hard to compete."Their growth gradually slows as large Cloud providers acquire greater market share.Read more:Nuance appoints former SAP exec to drive regional growth"In a very short time, these providers will come to dominate the infrastructure as a service (IaaS) and PaaS markets, and strongly influence the price of DC infrastructure.According to the report, the two camps of DC infrastructure providers, East and West, cannot peacefully coexist in any market, given the need to protect and increase their influence."The impact is that the market is in constant flux, as both sides try to achieve some sort of dominant constant state over the majority of the markets,""China has invested in its national high-tech research and development program (also known as the 863 Program) since 1986, as a response to the growing technological and innovation gap between China and the West."China also has various subsidised programs that are targeted to help high-tech Chinese enterprises to reduce research and development costs in core electronic components, high-tech application-specific integrated circuits (ASICs) and fundamental software development.Gartner predicts that China, buoyed by deep resources, increasingly respected brands and strong original design manufacturer suppliers (with headquarters in Taiwan and electronics manufacturing service in China), alongside increasing anti-US sentiment, will increase its share of the DC infrastructure market by two percentage points by the end of 2017, at the expense of western companies.Furthermore, as buyers come to believe that none of the large multinational providers are trustworthy, emphasis will shift to in-country-developed technologies, and OSS and hardware.The report predicted Intel, AMD, Western Digital and Seagate would maintain their positions for the next several years.But Intel and AMD should see erosion as mobile and light-medium workload processors shift to ARM and other architectures."As high-performance rotating media becomes less important, the storage component market shifts steadily to flash," the report said."Software vendors will have to invest more to ensure their applications are compatible with a wider range of hardware, or pick and choose which hardware vendors to work with."Read more:Tufin in Australia: software-defining datacentres and automating channel

 

September 12, 2014 12:24:00 PM CEST

Data protection authorities find privacy lapses in majority of mobile apps – Many mobile apps request too many permissions and don't explain how they collect users' personal information, a study of 1,211 popular apps by the Global Privacy Enforcement Network has found.The majority of the apps reviewed did not adequately explain to users how they were collecting and using information, according to the study, carried out by 26 privacy enforcement authorities in 19 countries. It also found that a third of the tested mobile applications requested excessive permissions that were outside the scope of their functionality.The issue of overly broad permissions has been brought up by privacy advocates and security experts before. It is often the result of the advertising-based revenue model used by many applications and which involves the bundling of ad frameworks in their code.To provide targeted and interactive ads, ad libraries typically require access to a larger set of user data and device functionality than the host apps would normally need. Since these frameworks become part of the apps that use them, the access they require is reflected in the permissions requested by those apps.The problem is further exacerbated by platform-dependent behavior. For example, iOS allows users to revoke an application's access to certain data after installation, but Android has no such mechanism, forcing users to choose between granting apps any permissions they request or not using them at all.According to the GPEN study results published on the website of the Privacy Commissioner of Canada, reviewers found that almost one in three tested apps provided no privacy information other than permission requests. An additional 24 percent provided some information, but didn't explain how the information is collected, used and disclosed.In 31 percent of cases the privacy information provided by developers somewhat explained the app's collection practices, but left open questions about certain permissions, the reviewers concluded.Sixty percent of apps had too little privacy information available prior to their download, and forty percent of them did not have privacy communications tailored for the small screens of phones and tablets."Many apps provided a link to a webpage with a tough-to-read privacy policy that wasn't designed to be read on a handheld device," the Office of the Privacy Commissioner of Canada said. "In other cases, the apps linked to social media pages. Sometimes users would have to log in to view the policy or the links were simply broken. A number of apps raised questions about who the developer or data controller was."The U.K.'s Information Commissioner's Office (ICO), which also participated in the study, published a document with guidance for mobile application developers on how to present privacy information to users and obtain their consent.In the case of free ad-funded applications "the ad network is a data controller, but as the developer you will likely have a duty to inform your users of what personal data will be collected, how it will be used, by whom, and what control your users can exercise," ICO said in the document."Consider just-in-time notifications, where the necessary information is provided to the user just before data processing occurs," the ICO said. "Notifications like this could be particularly useful when collecting more intrusive data such as GPS location, or for prompting users about features of an app that they are using for the first time. You could avoid excessive notification by remembering the user's choice for a certain time period before reminding them again."

 

September 12, 2014 5:28:00 AM CEST

Sony launches security cameras that see in the dark – Sony on Friday began selling new security cameras that can operate in very low light conditions thanks to infrared exposure technology.The cameras "can literally see in the dark," according to Sony, because they have infrared light that shines on objects up to 30 meters away.When shooting in the dark, conventional infrared cameras can produce images with washed-out features and blurry details, but exposure-compensation technology in the Sony cameras can reveal features such as faces and vehicle license plates in darkened areas.The system, featured on the SNC-EB602R and SNC-EB632R cameras, can render details of footage of people standing near the camera as well as vehicles parked in the distance even when the ambient light is less than 0.1 lux.Another camera, the SNC-VB632D, available at the end of November, has an extra feature -- a white LED illuminator that is triggered by movement. When it senses motion within 5 meters, it shines a powerful light to deter potential intruders.In a promo video for the camera, a man is filmed in infrared black and white as he approaches a door. When he gets within range, the LED light comes on and the footage changes to color."It's an industry first to have both these systems combined in a single HD network camera," a Sony spokeswoman said.The SNC-VB632D also has image stabilization to dampen the effects of wind or traffic, a 2.14-megapixel sensor and 3x optical zoom.The three cameras carry suggested prices starting at ¥120,000 (US$1,122) and are being targeted at security firms, warehouses, offices and other commercial users. They will be sold around the world.Earlier this year, Sony unveiled the Alpha 7S, an interchangeable-lens consumer camera that can shoot 4K video. It also features a sensitivity range that extends from ISO 50 to 409600, meaning users can shoot clear videos in very low light conditions.

 
 
 

Navigate through library of processes alphabeticaly by first letter: