Welcome to Process-info.org library

Process-info.org is an online library of Computer Operating System's Processes, which helps you to identify processes running at background of computer operating system or at remote computers on your network.

Process-info.org contains a growing database of executable processes (mostly with .EXE extension) and DLL libraries. You can search for processes through search box or navigate alphabeticaly by starting letter of process name.

It is assumed that users are familiar with computer operating system they're using and agree with suggested changes. Process-info.org will not be held responsible, if changes you make cause a system failure.

The Latest News

15 latest global news related to computer security

October 24, 2014 3:08:52 AM CEST

Rootkit:W32/ZAccess – Rootkit:W32/ZAccess constantly displays advertisements on the infected machine and may silently contact remote servers to retrieve additional advertising information.

 

October 24, 2014 3:08:52 AM CEST

Trojan-Spy:W32/FinSpy.A – Trojan-Spy:W32/FinSpy.A is a component of a commercial surveillance product that monitors user activity.

 

October 23, 2014 3:07:06 AM CEST

Exp.CVE-2014-6352 – Risk Level: Very Low.

 

October 23, 2014 3:07:06 AM CEST

Android.Lockdroid.F – Risk Level: Very Low. Type: Trojan.

 

October 23, 2014 2:40:00 AM CEST

PHISHING - PayPal 'We've temporarily limited your account ' Email – Message purporting to be from PayPal claims that the company needs your help resolving an issue with your account and asks you to open an attached file and follow the instructions.

 

October 23, 2014 12:23:00 AM CEST

New CVE-2014-4114 Attacks Seen One Week After Fix – Despite the availability of fixes related to the Sandworm vulnerability (CVE-2014-4114), we are still seeing new attacks related to this flaw. These attacks contain a new routine that could prevent detection. A New Evasion Technique In our analysis of the vulnerability, we noted this detail: “…[T]he vulnerability exists in PACKAGER.DLL, which is a part of […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroNew CVE-2014-4114 Attacks Seen One Week After Fix

 

October 22, 2014 11:28:18 PM CEST

TA14-295A: Crypto Ransomware – Original release date: October 22, 2014 Systems Affected Microsoft Windows Overview Ransomware is a type of malicious software (malware) that infects a computer and restricts access to it until a ransom is paid to unlock it. This Alert is the result of Canadian Cyber Incident Response Centre (CCIRC) analysis in coordination with the United States Department of Homeland Security (DHS) to provide further information about crypto ransomware, specifically to:Present its main characteristics, explain the prevalence of ransomware, and the proliferation of crypto ransomware variants; andProvide prevention and mitigation information. Description WHAT IS RANSOMWARE?Ransomware is a type of malware that infects a computer and restricts a user’s access to the infected computer. This type of malware, which has now been observed for several years, attempts to extort money from victims by displaying an on-screen alert. These alerts often state that their computer has been locked or that all of their files have been encrypted, and demand that a ransom is paid to restore access. This ransom is typically in the range of $100–$300 dollars, and is sometimes demanded in virtual currency, such as Bitcoin.Ransomware is typically spread through phishing emails that contain malicious attachments and drive-by downloading. Drive-by downloading occurs when a user unknowingly visits an infected website and malware is downloaded and installed without their knowledge. Crypto ransomware, a variant that encrypts files, is typically spread through similar methods, and has been spread through Web-based instant messaging applications.WHY IS IT SO EFFECTIVE?The authors of ransomware instill fear and panic into their victims, causing them to click on a link or pay a ransom, and inevitably become infected with additional malware, including messages similar to those below:“Your computer has been infected with a virus. Click here to resolve the issue.”“Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine.”“All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data.”PROLIFERATION OF VARIANTSIn 2012, Symantec, using data from a command and control (C2) server of 5,700 computers compromised in one day, estimated that approximately 2.9 percent of those compromised users paid the ransom. With an average ransom of $200, this meant malicious actors profited $33,600 per day, or $394,400 per month, from a single C2 server. These rough estimates demonstrate how profitable ransomware can be for malicious actors.This financial success has likely led to a proliferation of ransomware variants. In 2013, more destructive and lucrative ransomware variants were introduced including Xorist, CryptorBit, and CryptoLocker. Some variants encrypt not just the files on the infected device but also the contents of shared or networked drives. These variants are considered destructive because they encrypt user’s and organization’s files, and render them useless until criminals receive a ransom.Additional variants observed in 2014 included CryptoDefense and Cryptowall, which are also considered destructive. Reports indicate that CryptoDefense and Cryptowall share the same code, and that only the name of malware itself is different. Similar to CryptoLocker, these variants also encrypt files on the local computer, shared network files, and removable media.LINKS TO OTHER TYPES OF MALWARESystems infected with ransomware are also often infected with other malware. In the case of CryptoLocker, a user typically becomes infected by opening a malicious attachment from an email. This malicious attachment contains Upatre, a downloader, which infects the user with GameOver Zeus. GameOver Zeus is a variant of the Zeus Trojan that steals banking information and is also used to steal other types of data. Once a system is infected with GameOver Zeus, Upatre will also download CryptoLocker. Finally, CryptoLocker encrypts files on the infected system, and requests that a ransom be paid.The close ties between ransomware and other types of malware were demonstrated through the recent botnet disruption operation against GameOver Zeus, which also proved effective against CryptoLocker. In June 2014, an international law enforcement operation successfully weakened the infrastructure of both GameOver Zeus and CryptoLocker. Impact Ransomware doesn’t only target home users; businesses can also become infected with ransomware, which can have negative consequences, including:Temporary or permanent loss of sensitive or proprietary information;Disruption to regular operations;Financial losses incurred to restore systems and files; andPotential harm to an organization’s reputation.Paying the ransom does not guarantee the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information. In addition, decrypting files does not mean the malware infection itself has been removed. Solution Infections can be devastating to an individual or organization, and recovery can be a difficult process that may require the services of a reputable data recovery specialist.US-CERT and CCIRC recommend users and administrators take the following preventive measures to protect their computer networks from ransomware infection:Perform regular backups of all critical information to limit the impact of data or system loss and to help expedite the recovery process. Ideally, this data should be kept on a separate device, and backups should be stored offline.Maintain up-to-date anti-virus software.Keep your operating system and software up-to-date with the latest patches.Do not follow unsolicited web links in email. Refer to the Security Tip Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.Use caution when opening email attachments. For information on safely handling email attachments, see Recognizing and Avoiding Email Scams.Follow safe practices when browsing the web. See Good Security Habits and Safeguarding Your Data for additional details.Individuals or organizations are not encouraged to pay the ransom, as this does not guarantee files will be released. Report instances of fraud to the FBI at the Internet Crime Complaint Center or contact the CCIRC . References Kaspersky Lab, Kaspersky Lab detects mobile Trojan Svpeng: Financial malware with ransomware capabilities now targeting U.S. United States National Cybersecurity and Communications Integration Center, Cryptolocker Ransomware Sophos / Naked Security, What’s next for ransomware? CryptoWall picks up where CryptoLocker left off Symantec, CryptoDefence, the CryptoLocker Imitator, Makes Over $34,000 in One Month Symantec, Cryptolocker: A Thriving Menace Symantec, Cryptolocker Q&A: Menace of the Year Symantec, International Takedown Wounds Gameover Zeus Cybercrime Network Revision History Initial Publication, October 22, 2014 This product is provided subject to this Notification and this Privacy & Use policy.

 

October 22, 2014 3:30:29 PM CEST

Avast 2015 protection expands to include your home router – Our digital world has expanded from desktop to mobile and now increasingly to the Internet of Things. The gadgets we own and use every day are “smart” – from watches that track our fitness to TVs that know the types of shows we like to watch to digital thermostats that control the temperature in our […]

 

October 22, 2014 3:06:00 PM CEST

PCI Compliance Under Scrutiny Following Big Data Breaches – As details filter out about the Home Depot hack (and many, many more data breaches), you can't help but ask: How did this happen -- especially when the company was supposed to adhere to specific safety regulations or else lose its capability to process credit card transactions?According to The New York Times, Home Depot's flawed security system allowed customer information to be stolen for months, unnoticed. These flaws include using outdated Symantec antivirus software from 2007, not continuously monitoring the network for suspicious behavior, and performing vulnerability scans irregularly and at only a small number of stores.This shouldn't have happened happen. Home Depot, like any merchant that accepts credit cards, must comply with security standards set by the Payment Card Industry Security Standards Council. Formed in 2006, this group of credit card issuers sets minimum standards for companies that accept credit cards."The threat landscape is constantly evolving, and PCI SSC expects security standards to do the same," Stephen W. Orfei, GM of PCI SSC, said in a statement. "Recent attacks are concerning, but we are confident that, in partnership with our community of experts, we are keeping our standards and guidance sharply focused on securing payment card data globally."PCI Sets 'Baseline' Security StandardsIn theory, PCI is good for retailers. Security is expensive, but PCI sets a minimum standard that everyone must adhere to, discouraging competitors from cutting corners to maximize profits."PCI standards provide a strong baseline protection and should be part of any risk-based and layered approach to security," Orfei says, adding that version 3.0 of the PCI Data Security Standard addresses "how to make security 'business as usual,' what to consider when working with third parties and how to use layers of defense to protect against malware."[ More:PCI DSS 3.0 an Evolution, Not a Revolution]That said, PCI standards aren't perfect against preventing fraud. Mike Lloyd, CTO of RedSeal Networks, a security risk management solutions firm, equates it to signs in bathrooms that tell employees they must wash their hands before returning to work."It's not the be all and end all of perfect medical care. Those signs aren't perfect hygiene, but it's setting a basic bar, and if everybody follows that, we're all better off," he says. In the same way, PCI standards set that minimum bar: "They require your competitors to come up to the same base level."If your competitors follow those minimums, that is. Based on information Vinny Troia has seen about the Home Depot hack, he doesn't think the retailer should have passed its assessment, as the company allegedly wasn't checking its logs daily."Any time that data was being collected and siphoned off and sent somewhere else, that would have been captured in the security logs," says Troia, CEO of Night Lion Security, an information security consulting firm. "If you have the equivalent of a leaky faucet, and you're looking at it every day, you're going to notice it. Maybe you look at it once a week. If things get really bad, maybe once a month. But Home Depot dragged it on for five months before they figured it out."PCI, Auditor and Client Goals Rarely AlignPCI reporting requirements change depending on the size of your business. Smaller companies self-report. Larger companies such as Home Depot must use a third-party entity called a qualified security assessor (QSA) to perform what's essentially a security audit to make sure they comply.[ Analyses:PCI Compliance a Challenge for Most CompaniesandAfter Breaches, Does PCI Compliance Mean Anything?]The goals of PCI, retailers and QSAs don't often align, Lloyd points out.PCI is meant to protect card issuers and make sure that consumers feel safe enough to keep using credit and debit cards, therefore ensuring card issuers make a profit. That's why they set these standards.Retailers want to make as much profit as possible profit by keeping costs as low as possible. Security is expensive, especially for big retail chains, and it's a tempting spot to start cutting corners.QSAs, a group that includes big names such as PricewaterhouseCoopers and AT&T Consulting Solutions, also look to make a profit. They do that by performing as many security audits as possible -- and retailers pay for those audits.Fixing PCI: Automation, Fewer Cozy Relationships, Penalties?Lloyd points to the relationship between a retailer and QSA as one potential weak point in the system. "Not all QSAs are the same," he says. "They have to compete with each other, too."It's not uncommon for retailers to shop around for QSAs, he adds. Requiring retailers to hire a different QSA at least once every other year would prevent the relationship from being too cozy.Orfei says PCI doesn't control or enforce the merchant/QSA relationship, which it sees as similar to any other client/auditor relationship. "Just like other auditors, QSAs have a responsibility to provide an independent third party assessment," he says.[ How-to:5 Ways to Improve Your PCI Compliance Program]Lloyd also recommends automation. "We're all engaged within this industry and trying to figure out how much of this we can automate, because that's where the profit is," he says. "Take PCI standards and turn them into something a machine can do and try to grab as much automation as we can."Automation would lower the cost of meeting PCI standards. That, in turn, would increase the odds that companies would follow those standards without cutting corners. Automating the work of the QSAs means that there's less room for human error, too.Another tactic: Penalize companies that don't comply. "In the case of all these breaches, it hasn't been done once. Transactions are never suspended," Troia says. "My personal opinion is it's the only way someone is really going to get the message."Orfei says PCI doesn't play a role in managing compliance with its own standards. "PCI SSC is focused on payment security thought leadership including developing technical standards. Incentives or enforcement to comply with PCI Standards is the function of card brands and bank partners."

 

October 22, 2014 3:02:13 PM CEST

Microsoft Releases Advisory for Unpatched Windows Vulnerability – Original release date: October 22, 2014 Microsoft has released a security advisory to provide recommended mitigations for an unpatched vulnerability, (CVE-2014-6352) which affects all Microsoft Windows releases except Windows Server 2003. This vulnerability could allow an attacker to take control of an affected system if a user opens a specially crafted Microsoft Office file.US-CERT recommends users and administrators review the Microsoft Security Advisory and apply the recommended workarounds. This product is provided subject to this Notification and this Privacy & Use policy.

 

October 22, 2014 1:41:25 PM CEST

Operation Pawn Storm: The Red in SEDNIT – Pawn Storm is an active economic and political cyber-espionage operation targeting a wide range of entities, mostly those related to the military, governments, and media. Specific targets include: Military agencies, embassies, and defense contractors in the US and its allies Opposition politicians and dissidents of the Russian government International media The national security department of a US […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroOperation Pawn Storm: The Red in SEDNIT

 

October 22, 2014 1:17:00 PM CEST

Android ransomware 'Koler' turns into a worm, spreads via SMS – A malicious Android app that takes over the screen of devices and extorts money from users with fake notifications from law enforcement agencies was recently updated with a component that allows it to spread via text message spam.Known as Koler, the ransomware Trojan has been on malware researchers' radar since May when it started being distributed through porn websites under the guise of legitimate apps. A new variant of the threat found recently by researchers from security firm AdaptiveMobile spreads through SMS messages that attempt to trick users into opening a shortened bit.ly URL.Once installed on a device, Koler opens a persistent window that covers the entire screen and displays a fake message from local law enforcement agencies accusing users of viewing and storing child pornography. Victims are asked to pay a "fine" using MoneyPak prepaid cards in order to regain control of their phones.The Koler ransomware is capable of displaying localized ransomware messages to users from at least 30 countries, including the U.S., where the impersonated law enforcement agency is the FBI.The new version found by AdaptiveMobile sends a text message to all contacts in the victim's address book. The message reads: "someone made a profile named -[the contact's name]- and he uploaded some of your photos! is that you?" followed by a bit.ly URL.The URL points to an Android application package file called IMG_7821.apk that's hosted on a Dropbox account. When installed, this application uses the name PhotoViewer, but is actually the ransomware program."Due to the Worm.Koler's SMS distribution mechanism, we are seeing a rapid spread of infected devices since the 19th of October, which we believe to be the original outbreak date," Yicheng Zhou, a security analyst at AdaptiveMobile, said in a blog post. "During this short period, we have detected several hundred phones that exhibit signs of infection, across multiple US carriers. In addition to this, other mobile operators worldwide -- predominantly in the Middle East, have been affected by this malware."The best protection against ransomware threats like Koler is to have the "unknown sources" option turned off in the Android security settings menu. When this setting is disabled -- and it typically is by default -- users won't be able to install applications that are not obtained from the official Google Play store. Some users do turn this option on though, because there are legitimate applications that are not hosted on Google Play for various reasons.Koler is not easy to uninstall through the regular application management menu because of the persistent window it keeps displaying over everything else that makes navigation impossible. Affected users should first reboot the device in safe mode and then uninstall the app, Zhou said.Instructions on how to reboot the device in safe mode should be available in the phone's manual, but it generally involves pressing and holding the power button until the power menu appears, then taping and holding Power Off until the option to reboot in safe mode appears.

 

October 22, 2014 12:39:00 PM CEST

Apple CEO Tim Cook meets with Chinese official after iCloud attack – Just after Apple's iCloud service faced a hacking attack from China, Apple CEO Tim Cook met with a Chinese official on Wednesday to discuss protecting users' privacy.Cook met with Chinese Vice Premier Ma Kai in Beijing to talk about "strengthening" cooperation in the telecommunication sector, in addition to discussing security issues and other topics, China's state-run Xinhua News Agency said.Even before becoming CEO, Cook has regularly visited mainland China, which is one of Apple's biggest markets and where many of its contract suppliers are based. Apple did not immediately respond to a request for comment on the latest visit.Days prior to the visit, Internet experts began noticing that Apple's iCloud service had been targeted in a "man-in-the-middle attack" coming from China. Visits to the iCloud website within the country mysteriously returned untrusted digital certificates, a sign that a hacker had tampered with the connection to intercept username and password information.On Tuesday, Apple began alerting users about the attack, although China was not named in the online posting.All this occurred just after the company began selling its iPhone 6 in mainland China last Friday. Anti-censorship group GreatFire.org has alleged that the Chinese government is behind the attack, but the country's foreign ministry has denied supporting any form of hacking.Who might be behind the attack is still a mystery, but China has shown growing concern about the security around Apple products. In July, the country's state-run broadcaster CCTV ran a report alleging that the "Frequent Locations" feature in iOS could be used to spy on users, a claim that Apple later dismissed.Before the iPhone 6 went on sale in China, government regulators also expressed concern with suspected security flaws in Apple's iOS software, and demanded the company makes changes.In an online posting, the regulator said it was paying "great attention" to protecting user's privacy on mobile phones. "If it's discovered that any related businesses are involved in violating user's privacy, they will be investigated and dealt with according to the law," the regulator said. Apple later made the changes, and pledged to never interfere with users' information without their permission.Android remains the dominant mobile OS in China, with a 93 percent market share in the second quarter, according to research firm Canalys. But Apple products remain popular in the country, with the latest iPhones attracting big demand from Chinese customers, and local merchants wanting to resell the devices for a higher price.In an internal letter circulated online after its latest financial results, Cook said he would be visiting with Apple employees in Beijing this week. On Wednesday, a user on a Chinese social-networking site spotted Cook visiting with workers from its major supplier Foxconn Technology Group.

 

October 22, 2014 12:17:00 PM CEST

New European Commission, approved by Parliament, will focus on the digital domain – The digital domain will be an important focus for the new members of the European Union's executive branch, the European Commission, following their approval by the European Parliament on Wednesday.Members of the European Parliament (MEPs) approved the new Commissioners by 423 votes to 209, with 67 abstentions.The new President of the Commission, Jean-Claude Juncker, emphasized how important digital matters are ahead of the vote: "Every day, Europe is losing out by not unlocking the great potential of our huge digital single market. Jobs that should be there are not being created. Ideas -- the DNA of Europe's economy -- do not materialize to the extent they should. Let us change this for the better."Harmonizing tech-related policy and laws across the European Union will now be the responsibility of two Commissioners who will replace outgoing digital commissioner Neelie Kroes in a realignment of that area. The portfolio will be split between Andrus Ansip, the new Vice President of the Commission responsible for the Digital Single Market, and Günther Oettinger, the new Commissioner for Digital Economy and Society.Ansip will lead a project team focusing on telecom regulation; copyright and data protection legislation; the management of radio spectrum, and the application of competition law, all while making better use of the opportunities offered by digital technologies.During his confirmation hearing in the Parliament last month, he showed himself to be a hardliner when it comes to data protection. He warned the U.S. that the EU might suspend the Safe Harbor data-sharing agreement if U.S. lawmakers don't get their act together when it comes to protecting European citizens' data. This could have major implications for companies such as Google, Facebook and Microsoft, among others, which process European citizens' data in the U.S.However, the 58-year-old Ansip could have been more precise on when exactly he would be willing to suspend the agreement and, and in general, his replies often lacked concrete proposals, the Parliament said in its evaluation report. Overall, the former Estionian prime minister had a professional attitude and far reaching experience in the digital domain while making convincing political commitments, the Parliament found.MEPs welcomed in particular his intention to push for a quick adoption of the new data protection package. They also appreciated his intention to continue to push for the abolition of roaming charges and the completion of the telecoms single market, as well as his support for greater harmonization on spectrum allocation and his bid to enshrine net neutrality in law.Ansip is set to regulate net neutrality together with Oettinger, the new Commissioner for Digital Economy and Society.Oettinger will focus first on rolling out broadband and other key infrastructure while dealing with proposals to complete the digital market in the EU and concentrate on copyright reform, he said during his confirmation hearing.Oettinger, a German who has been the EU's Commissioner for Energy until now, got a good review from the parliament, except from a small group of Greens. They seriously questioned his political views, according to the evaluation report.Others asked for a stronger focus on data protection, media freedom and the related fundamental rights aspects. Oettinger should work very closely with Ansip as well with Vra Jourová, Commissioner for Justice, and Frans Timmermans, the First Vice-President for Fundamental Rights, to ensure that, in particular, data protection is fully embedded in his policy mandate, they said.Another important player in the digital domain will be Commissioner for Competition Margrethe Vestager, who will keep a close eye on tech companies operating in Europe. During her confirmation hearing she said she would continue an anti-trust investigation against Google over visibility of competitors' search results that has been running since 2010.She also committed to apply EU state aid guidelines vigorously, cracking down on member states' illegal tax deals with companies. Apple and Amazon.com are already the subjects of Commission investigations into alleged favorable tax treatment, in Ireland and in Luxembourg.Now that the Parliament has given its consent, the European Council will formally appoint the Commissioners, who are expected to take their seats on Nov. 1.Loek is Amsterdam Correspondent and covers online privacy, intellectual property, online payment issues as well as EU technology policy and regulation for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to loek_essers@idg.com

 

October 22, 2014 10:30:00 AM CEST

Swann ADS-456 SwannCloud HD review: Wireless security camera offers affordable home security – Price: 135 Rating: 9 Some people may have need for surveillance cameras for home or work, but when it comes to paying for a security system, it may be the reluctance of spending hundreds or thousands of pounds that prevents further investigation. Swann has already established a reputation for devising effective surveillance systems that won’t break the bank and its latest solo security camera, the ADS-456 SwannCloud HD is an inexpensive model that still aims to give user satisfaction. An upgrade on last year’s ADS-450, the Swann ADS-456 weighs a mere 131 g and comfortably fits in the palm of your hand. It comes with a small stand that doubles as a mountable bracket - complete with screws and plugs - should you want to fix it to the wall, ceiling or furniture. Swann ADS-456 SwannCloud HD security camera: connectivity The useful feature of this camera is its Wi-Fi connectivity, although you will need to be within reach of a power socket as it still requires mains power. You can also connect more securely by ethernet. Establishing a Wi-Fi connection can be through WPS, pressing the WPS button on the back to link to your router. A flashing blue light on the camaera signals confirmation. Once connected, you can then download the SwannCloud app to your Android or iOS device to start watching live streaming from your ADS-456. You can also access the same information via the SwannCloud website. A built-in microphone on the front of the camera provides live sound, while a circle of infrared LEDs enable night vision up to 5m. The camera sensor captures video footage in basic HD, 720p at framerates up to 30 fps. A microSD card slot can be used to grab snapshots on the fly. Picture quality is surprisingly good - bright and sharp with strong contrasts in the daylight and clear IR outlines at night even in pitch-black conditions. You can preset 10-second video captures for motion detection (there’s a Passive Infra-Red motion sensor on the front), intrusion detection (which angle an object enters the frame), camera tampering and face recognition. Swann ADS-456 SwannCloud HD security camera: alerts Alerts can automatically be triggered and all the footage can be stored on the SwannCloud for later viewing. If you have an existing alarm system, this can also be directly linked to the back of the camera. Apart from occasional bursts of howl-round caused by the onboard speaker responding to a high volume setting and the occasional tendency of the mount angle to slip, it’s hard to imagine a more compact system providing so many effective features for less than £140. Swann have also released the companion ADS-446 model, which has all the same features plus the ability to pan up to 350 degrees horizontally and tilt 100 degrees vertically - all remotely controlled and costing about an extra £20. See all camera reviews. Buying Advice Swann is on to a winner here with an affordable Wi-Fi HD surveillance camera that has multiple record settings as well as live monitoring via your mobile device.

 
 
 

Navigate through library of processes alphabeticaly by first letter: