do you need antivirus for windows 10 or not?

does windows 10 needs antivirus or not?

Is paying for antivirus a waste of money?

if you have questions like this then you will get an answer of your question in this windows 10 security review.

in this, windows 10 security test, I used "8 molecious url" to test web Prevention of Microsoft edge. and in windows defender test, I used "84 malware sample" to check detection.

Microsoft has done a good thing of making sure that every Windows 10 PC has at least some degree of antivirus protection. It's better than nothing, by a long shot. However, it simply ignores lower-risk malware types, rather than letting you choose whether to block them. Its lab test scores, while improved, still aren't the best.

Read More

Passwords For 540,000 Car Tracking Devices Leaked Online

Another day, another news about a data breach, though this is something disconcerting.

Login credentials of more than half a million records belonging to vehicle tracking device company SVR Tracking have leaked online, potentially exposing the personal data and vehicle details of drivers and businesses using its service.

Just two days ago, Viacom was found exposing the keys to its kingdom on an unsecured Amazon S3 server, and this data breach is yet another example of storing sensitive data on a misconfigured cloud server.

The Kromtech Security Center was first to discover a wide-open, public-facing misconfigured Amazon Web Server (AWS) S3 cloud storage bucket containing a cache belonging to SVR that was left publicly accessible for an unknown period.

Stands for Stolen Vehicle Records, the SVR Tracking service allows its customers to track their vehicles in real time by attaching a physical tracking device to vehicles in a discreet location, so their customers can monitor and recover them in case their vehicles are stolen.

The leaked cache contained details of roughly 540,000 SVR accounts, including email addresses and passwords, as well as users' vehicle data, like VIN (vehicle identification number), IMEI numbers of GPS devices.

Since the leaked passwords were stored using SHA-1, a 20-years-old weak cryptographic hash function that was designed by the US National Security Agency (NSA), which can be cracked with ease.

The leaked database also exposed 339 logs that contained photographs and data about vehicle status and maintenance records, along with a document with information on the 427 dealerships that use SVR's tracking services.

Interestingly, the exposed database also contained information where exactly in the car the physical tracking unit was hidden.

According to Kromtech, the total number of devices exposed "could be much larger given the fact that many of the resellers or clients had large numbers of devices for tracking."

Since SVR's car tracking device monitors a vehicle everywhere for the past 120 days, anyone with access to SVR users' login credentials could both track a vehicle in real time and create a detailed log of every location the vehicle has visited using any internet connected device like a desktop, laptop, mobile phone or tablet.

Eventually, the attacker could outright steal the vehicle or even rob a home when they know a car's owner is out.

Kromtech responsible alerted the company of the misconfigured AWS S3 cloud storage bucket, which has since been secured. However, It is unclear whether the publically accessible data was possibly accessed by hackers or not.  

Read More

Autodesk inventor 2018 tutorials for beginners - autodesk inventor user interface

The interface for Autodesk Inventor is similar to many Windows-based applications, and 3D design software packages. The graphics window, the ribbon, the application frame, and the browser are all contained within the main window. These tutorials show you how to navigate the interface so you can begin building your designs.

Read More

APT33: Researchers Expose Iranian Hacking Group Linked to Destructive Malware

Security researchers have recently uncovered a cyber espionage group targeting aerospace, defence and energy organisations in the United States, Saudi Arabia and South Korea.
According to the latest research published Wednesday by US security firm FireEye, an Iranian hacking group that it calls Advanced Persistent Threat 33 (or APT33) has been targeting critical infrastructure, energy and military sectors since at least 2013 as part of a massive cyber-espionage operation to gather intelligence and steal trade secrets.
The security firm also says it has evidence that APT33 works on behalf of Iran's government.

FireEye researchers have spotted cyber attacks aimed by APT33 since at least May 2016 and found that the group has successfully targeted aviation sector—both military and commercial—as well as organisations in the energy sector with a link to petrochemical.

The APT33 victims include a U.S. firm in the aerospace sector, a Saudi Arabian business conglomerate with aviation holdings, and a South Korean company involved in oil refining and petrochemicals.

Most recently, in May 2017, APT33 targeted employees of a Saudi organisation and a South Korean business conglomerate using a malicious file that attempted to entice them with job vacancies for a Saudi Arabian petrochemical company.

"We believe the targeting of the Saudi organisation may have been an attempt to gain insight into regional rivals, while the targeting of South Korean companies may be due to South Korea’s recent partnerships with Iran’s petrochemical industry as well as South Korea’s relationships with Saudi petrochemical companies," the FireEye report reads.

APT33 targets organisations by sending spear phishing emails with malicious HTML links to infect targets' computers with malware. The malware used by the espionage group includes DROPSHOT (dropper), SHAPESHIFT (wiper) and TURNEDUP (custom backdoor, which is the final payload).

 However, in previous research published by Kaspersky, DROPSHOT was tracked by its researchers as StoneDrill, which targeted petroleum company in Europe and believed to be an updated version of Shamoon 2 malware.

"Although we have only directly observed APT33 use DROPSHOT to deliver the TURNEDUP backdoor, we have identified multiple DROPSHOT samples in the wild that drop SHAPESHIFT," the report reads.

The SHAPESHIFT malware can wipe disks, erase volumes and delete files, depending on its configuration.

According to FireEye, APT 33 sent hundreds of spear phishing emails last year from several domains, which masqueraded as Saudi aviation companies and international organisations, including Boeing, Alsalam Aircraft Company and Northrop Grumman Aviation Arabia.

The security firm also believes APT 33 is linked to Nasr Institute, an Iranian government organisation that conducts cyber warfare operations.

In July, researchers at Trend Micro and Israeli firm ClearSky uncovered another Iranian espionage group, dubbed Rocket Kittens, that was also active since 2013 and targeted organisations and individuals, including diplomats and researchers, in Israel, Saudi Arabia, Turkey, the United States, Jordan and Germany.

However, FireEye report does not show any links between both the hacking group. For more technical details about the APT33 operations, you can head on to FireEye's official blog post.

Read More

Red Alert 2.0: New Android Banking Trojan for Sale on Hacking Forums

The Recent discoveries of dangerous variants of the Android banking Trojan families, including Faketoken, Svpeng, and BankBot, present a significant threat to online users who may have their login credentials and valuable personal data stolen.

Security researchers from SfyLabs have now discovered a new Android banking Trojan that is being rented on many dark websites for $500 per month, SfyLabs' researcher Han Sahin told The Hacker News.

Dubbed Red Alert 2.0, the Android banking malware has been fully written from scratch, unlike other banking trojans, such as BankBot and ExoBot, which were evolved from the leaked source code of older trojans.

The Red Alert banking malware has been distributed via many online hacking forums since last few months, and its creators have continuously been updating the malware to add new functionalities in an effort to make it a dangerous threat to potential victims.

Malware Blocks Incoming Calls from Banks

Like most other Android banking trojans, Red Alert has a large number of capabilities such as stealing login credentials, hijacking SMS messages, displaying an overlay on the top of legitimate apps, contact list harvesting, among others.

Besides this, Red Alert actors have also added an interesting functionality to its malware, like blocking and logging all incoming calls associated with banks and financial associations.

This would potentially allow the Red Alert malware to prevent warnings of a compromised account to be received by the victims from their associated banks.

Malware Uses Twitter As Backup C&C Infrastructure

 

Another most interesting thing about Red Alert 2.0 is that it uses Twitter to prevent losing bots when its command and control server is knocked offline.

"When the bot fails to connect to the hardcoded C2 it will retrieve a new C2 from a Twitter account," SfyLabs researchers said in a blog post. 

"This is something we have seen in the desktop banking malware world before, but the first time we see it happening in an Android banking trojan."

The Red Alert 2.0 is currently targeting victims from more than 60 banks and social media apps across the world and works on Android 6.0 (Marshmallow) and previous versions.

Here's How the Red Alert 2.0 Trojan Works:

Once installed on victim's phone via the third-party app store, the malware waits for the victim to open a banking or social media app, whose interface it can simulate, and once detected, the Trojan immediately overlays the original app with a fake user interface.

 

The fake interface then informs the victim that there is an error while logging the user in and requests the user to re-authenticate his/her account.

As soon as the user enters the credentials into the fake user interface, Red Alert records them and sends them to the attacker-controlled command and control (C&C) server to be used by the attackers to hijack the account.

In case of banking apps, the recorded information is being used by attackers to initiate fraudulent transactions and drain the victim's bank account.

Since Red Alert 2.0 can also intercept SMS text messages received by the infected smartphone, the trojan could work around two-factor authentication techniques that otherwise are designed to throttle such attacks.

Ways to Protect Yourself Against Such Android Banking Trojans

The easiest way to prevent yourself from being a victim of one such mobile banking Trojan is to avoid downloading apps via third-party app stores or links provided in SMS messages or emails.

Just to be on the safer side, go to Settings → Security and make sure "Unknown sources" option is turned off on your Android device that blocks installation of apps from unknown sources.

Most importantly, verify app permissions before installing any app, even from official Google Play Store, and if you find any application asking more than what it is meant for, just do not install it.

It is always a good idea to install an anti-virus app from a reputed vendor that can detect and block such Trojan before it can infect your device.

Also, always keep your system and apps up-to-date.

Read More

how to change width of blogger template 2017

if you want to Modify Blog Widths, For Old and New Blogger Templates then you came to right place, because in this video, I have shown one blogspot trick to change width of body, posts, and sidebar.

Blogger provides several pre-made templates that you can customize -- and this customization includes the width. If you find that you want to customize the overall size of your blog layout, you can do this directly from Blogger's Template Designer. You don't need any HTML or CSS knowledge to do this. When you change the width of the template, the main content section of your blog will automatically re-size in relation to how you set the width of your overall template.


Why increase the width:-

1- You can have bigger images in your blogs.

2- Good result in old browsers like Internet Explorer 6.

3- Sidebar in perfect position.

4- It gives your blog an overall clean look.

Read More

Windows 10 to Give More Control Over App-level Permissions

Microsoft has been gradually changing its privacy settings in Windows 10 with the Fall Creators Update to give its users more controls over their data.

In April, Microsoft addressed some initial privacy concerns in the Windows 10 Creators Update with simplified data collection levels—Security, Basic, Enhanced, and Full—and eventually revealed its data collection practices.

Now, the software giant is making another privacy-related change with the upcoming Windows 10 Fall Creators Update, which is due for release in October 2017, giving you much more control over what apps can do with your device.

Just like apps on your smartphone's app store, apps on Windows Store also require permission to access your computer's critical functionalities like camera, microphone, calendar, contacts, and music, pictures and video libraries.

While Android and iOS allow you to limit an app's permissions to access these sensitive things, these permissions have currently been provided to all apps implicitly in the Fall Creators Update, except for access to location data that needs an explicit user permit.

But that's going to be changed.

For each new app installed on the Windows 10 Fall Creators Update, the operating system will prompt users for access to their device's camera, microphone, contacts, calendar, and images and other information, requiring an explicit opt-in for each app.

"Starting with the Fall Creators Update, we’re extending this experience to other device capabilities for apps you install through the Windows Store," Microsoft wrote in a post detailing the privacy improvements.

"You will be prompted to provide permission before an app can access key device capabilities or information such as your camera, microphone, contacts, and calendar, among others. This way you can choose which apps can access information from specific features on your device."

However, when users install the Fall Creators Update, existing applications on their device will retain their permissions, but new apps installed from the official Windows Store will require their access to be enabled explicitly.

In order to review and manage your existing app permissions, head on to Start → Settings → Privacy. To learn more about Windows app permissions, head on to this link.

Microsoft is set to test these privacy changes with Windows Insiders shortly. The Windows 10 Fall Creators Update will be released on October 17th. 

Read More

methods to create arcs in autocad

if you want to learn how to use arc command in autocad 2018 then you came to the right place because in this video shown how to draw arcs in autocad 2018.

Arc command Applies to AutoCAD, AutoCAD Architecture, AutoCAD Civil 3D, AutoCAD Electrical, AutoCAD MEP, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD P&ID, AutoCAD Plant 3D, AutoCAD Structural Detailing, & AutoCAD Utility Design

you can Create arcs by specifying various combinations of center, endpoint, start point, radius, angle, chord length, and direction values.

Arcs are drawn in a counterclockwise direction by default. Hold down the Ctrl key as you drag to draw in a clockwise direction.



"Methods to create arcs in autocad" :-

Draw Arcs by Specifying Three Points:
You can create an arc by specifying three points.


Draw Arcs by Specifying Start, Center, End:
You can create an arc using a start point, center, and a third point that determines the endpoint.

The distance between the start point and the center determines the radius. The endpoint is determined by a line from the center that passes through the third point.


Draw Arcs by Specifying Start, Center, Angle:
You can create an arc using a start point, center, and an included angle.

The distance between the start point and the center determines the radius. The other end of the arc is determined by specifying an included angle that uses the center of the arc as the vertex.

Using different options, you can specify either the start point first or the center point first.

The included angle determines the endpoint of the arc. Use the Start, End, Angle method when you know both endpoints but cannot snap to a center point.


Draw Arcs by Specifying Start, Center, Length:
You can create an arc using a start point, center, and the length of a chord.

The distance between the start point and the center determines the radius. The other end of the arc is determined by specifying the length of a chord between the start point and the endpoint of the arc.

Using different options, you can specify either the start point first or the center point first.

The length of the chord of the arc determines the included angle.


Draw Arcs by Specifying Start, End, Angle:
You can create an arc using a start point, end point, and an included angle.

The included angle between the endpoints of the arc determines the center and the radius of the arc.

Draw Arcs by Specifying Start, End, Direction:
You can create an arc using a start point, end point, and a tangent direction at the start point.

The tangent direction can be specified either by locating a point on the desired tangent line or by entering an angle. You can determine which endpoint controls the tangent by changing the order in which you specify the two endpoints.


Draw Arcs by Specifying Start, End, Radius:
You can create an arc using a start point, end point, and a radius.

The direction of the bulge of the arc is determined by the order in which you specify its endpoints. You can specify the radius either by entering it or by specifying a point at the desired radius distance.

Read More

how to create facebook page for youtube channel

1) What is a Page?
A Page gives your nonprofit a voice and presence on Facebook. Posting to your Page creates an opportunity for new people to discover your organization and can serve as a hub for connecting your community. People who like your Page may see your posts in News Feed when they visit Facebook. People can also like your posts, add comments and share them with their friends.

2) When Should You Use a Facebook Page for Your Nonprofit?
A Facebook Page may be a good option for you if your organization wants to grow its community of supporters and create more connections and interactions with people. Having a Facebook Page connects you to a global network of over a billion people. When people share interests and ideas on Facebook, it helps you find and connect with those who care most about your work. If your organization already has a Page and you’re thinking of creating an additional Page, first consider if Groups, Events or Messenger will fit your needs instead. For many organizations, having a single Facebook Page helps people find and stay up-to-date with them and allows them to have a unified voice and message. For others, particularly those that are decentralized or highly regional, having multiple Pages helps them share tailored content.

3) How Can you Use your Page To Support your Mission?
You can use your Page to:
- Educate your community about your cause and update them on your organization
- Find and connect with new supporters who share your passion
- Engage your community by creating opportunities for people to interact with you and each other
- Inspire people to take action by spreading the word, attending events, volunteering or donating funds

Read More