The Killswitch : They can remotely modify your Window 8

Last year,a Finnish software developer, was cruising Google’s Android Market for smartphone apps last year when he noticed something strange. Dozens of best-selling applications suddenly listed the same wrong publisher. Google uses a little known kill switch, to forcibly removing the malicious code from more than 250,000 infected Android smartphones. It’s a powerful way to stop threats that spread quickly, but it’s also a privacy and security land mine.

With the rollout of the Windows 8 operating system expected later this year, millions of desktop and laptop PCs will get kill switches for the first time. Microsoft has confirmed that they have remote kill switch installed in to Windows 8 apps. using this access, they can disable and even remove an app entirely from a user’s device. This piece of information was released along with other details of the upcoming Windows Store for Windows 8.

Anyone worried about Microsoft having complete access to your computer can rest easy for now. The company has stated that they can only “kill” programs downloaded from its new Microsoft App Store. This is what the company has to say about it in official terms: -“In cases where your security is at risk, or where we’re required to do so for legal reasons, you may not be able to run apps or access content that you previously acquired or purchased a license for,”.

Any software loaded from a flash drive, DVD, or directly from the Web will remain outside Microsoft’s control. Still, the kill switch is a tool that could help Microsoft prevent mass malware infections. “For most users, the ability to remotely remove apps is a good thing,” says Charlie Miller, a researcher with the security company Accuvant.

Hiroshi Lockheimer, Google’s vice president of Android engineering, says the search company reserves the use of the kill switch for “really egregious, really obvious cases” of harmful content. Microsoft’s Biggs says the company has used the functionality in its smartphones only for “technical issues and content issues.” Apple declined to comment. Amazon did not respond to several messages.

Nonetheless, a “kill switch” for curators of online applications marketplace is common as companies try to protect users of the platforms they develop from malware or hacking attempts implemented through applications.Microsoft’s upcoming Windows 8 operating system is expected to be launched by the middle of next year.

Sandcat Browser 2.0 Released - Penetration Testing Oriented Browser

Sandcat Browser 2.0 Released, Penetration Testing Oriented Browser

Sandcat Browser version 2.0 includes several user interface and experience improvements, an improved extension system, RudraScript support and new extensions.

What is Sandcat Browser?

The fastest web browser combined with the fastest scripting language packed with features for pen-testers. Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team, the same creators of the Sandcat web application security scanner. The Sandcat Browser is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua language to provide extensions and scripting support.

This first Sandcat Browser release includes the following pen-test oriented features:

• Live HTTP Headers
• Request Editor extension
• Fuzzer extension with multiple modes and support for filters
• JavaScript Executor extension -- allows you to load and run external JavaScript files
• Lua Executor extension -- allows you to load and run external Lua scripts
• Syhunt Gelo
• HTTP Brute Force, CGI Scanner scripts and more.

User Interface & Experience Enhancements

• New windows will now open in new Tabs.
• Navigation bar now behaves like Firefox's or Opera's.
• Improved multi-tab support.
• Improved source tab.
• Added a simple cookie logging extension.

Sandcat Browser Extension Development Kit

The Sandcat Browser Extension Development Kit is now available here. It also includes the source of all the Sandcat Browser extensions.

Added RudraScript

Syhunt RudraScript allows you to easily execute code in JavaScript, PascalScript, Perl, PHP, Python, Ruby & VBScript from within the browser and the browser extensions. Details about the RudraScript support can be found at this link

Download Sandcat Browser 2.0

Cyber Criminals took over billion dollar of Brazilian companies

PricewaterhouseCoopers has revealed in a report that cyber criminals are now shifting their attacks towards emerging markets, especially those engaging with carbon emission trades which promote low carbon technologies but whose security measures have not yet grown to combat online attacks.

In Brazil, 8% of the companies under attack of Cyber Criminals and had losses above $ 1 billion of Brazilian companies. A recent survey by PricewaterhouseCoopers (PwC) finding that over one third of Brazilian companies (32%) was the victim of cybercrime last year. The world average is lower, 23% of companies have been targets of cyber attacks in 2011.More than half of Brazilian executives (51%) explained that one of the biggest problems related to awareness and combat electronic crime is the fact that management of their companies adopted only informally or on an ad hoc solutions and security processes.

Cyber criminals are targeting these emerging markets to exploit the vulnerabilities of their systems and extract information which they could use for illegal profit. For example, Greece and Austria have recently suffered from security breaches. In 2010, unsuspecting employees from German companies have received bogus emails allegedly sent by phishers through seemingly legitimate but bogus registries.

"Today the biggest challenge for those working in information security, especially corporate, are the attacks that target specific business environments", Moreno Garcia believes, commercial director and regional manager of Symantec in Brazil. The defense against this type of attack requires the use of remote management services, as the company's IT administrator can not monitor all security incidents at the same time.

Crime with $50 GPS jammer increasing rapidly in UK

Crime with $50 GPS jammer increasing rapidly in UK

Too many are using illegal GPS jamming devices on UK roads, according to a study, and are putting critical emergency systems at risk of failure and it's at extreme risk from criminals, terrorist organizations and rogue states and even someone with a rudimentary GPS jammer that can be bought on the Internet for $50.

It's thought that those using GPS jammers could be doing so to block tracking systems installed on the vehicles, suggesting that they might be stolen. Initial findings using six months' worth of data from 20 probes suggests that between 50 and 450 incidents of deliberate GPS jamming take place every day across the UK.

Jammers vary wildly in effectiveness and power output. A recent study by GPSWorld of 18 commercially available receives showed an effective range that varied from 300 meters up to 6 kilometers. The danger of such devices affecting critical safety systems is obvious. In 2009 investigators discovered that problems with a navigation aid at Newark airport in the US were caused by a GPS jammer used in a truck that passed each day.

Data from Sentinel monitors have already be used to identify one driver using a GPS jammer but with increasing reliance on GPS for navigation, safety systems, financial market transactions and mobile telephone and power network operation, the project hope to develop better detection systems that can detect jammers and identify the vehicle in which is it being used.