icloud unlocking method 100% working

Who is looking for apple icloud unlocking method?

100% workinh easy steps
Limited offer
Hurry up...

https://mega.nz/#!lwVA0TrQ

Email me for more details...

13 Critical Flaws Discovered in AMD Ryzen and EPYC Processors

Security researchers claimed to have discovered 13 critical Spectre/Meltdown-like vulnerabilities throughout AMD's Ryzen and EPYC lines of processors that could allow attackers to access sensitive data, install persistent malware inside the chip, and gain full access to the compromised systems.

All these vulnerabilities reside in the secure part of the AMD's Zen architecture processors and chipsets—typically where device stores sensitive information such as passwords and encryption keys and makes sure nothing malicious is running when you start your PC.

The alleged vulnerabilities are categorized into four classes—RYZENFALL, FALLOUT, CHIMERA, and MASTERKEY—and threaten wide-range of servers, workstations, and laptops running vulnerable AMD Ryzen, Ryzen Pro, Ryzen Mobile or EPYC processors.

Discovered by a team of researchers at Israel-based CTS-Labs, newly disclosed unpatched vulnerabilities defeat AMD's Secure Encrypted Virtualization (SEV) technology and could allow attackers to bypass Microsoft Windows Credential Guard to steal network credentials.

Moreover, researchers also claimed to have found two exploitable manufacturer backdoors inside Ryzen chipset that could allow attackers to inject malicious code inside the chip.

Researchers successfully tested these vulnerabilities against 21 different AMD products and believe that 11 more products are also vulnerable to the issues.

Though AMD is currently investigating the accuracy of these flaws, Dan Guido, the founder of security firm Trail of Bits, who got early access to the full technical details and PoC exploits, have independently confirmed that all 13 AMD flaws are accurate and works as described in the paper.

Here's the brief explanation of all the vulnerabilities:

RYZENFALL (v1, v2, v3, v4) AMD Vulnerabilities

These flaws reside in AMD Secure OS and affect Ryzen secure processors (workstation/pro/mobile).

According to researchers, RYZENFALL vulnerabilities allow unauthorized code execution on the Ryzen Secure Processor, eventually letting attackers access protected memory regions, inject malware into the processor itself, and disable SMM protections against unauthorized BIOS reflashing.

Attackers could also use RYZENFALL to bypass Windows Credential Guard and steal network credentials, and then use the stolen data to spread across to other computers within that network (even highly secure Windows corporate networks).

RYZENFALL can also be combined with another issue called MASTERKEY (detailed below) to install persistent malware on the Secure Processor, "exposing customers to the risk of covert and long-term industrial espionage."

FALLOUT (v1, v2, v3) AMD Vulnerabilities

These vulnerabilities reside in the bootloader component of EPYC secure processor and allow attackers to read from and write to protected memory areas, such as SMRAM and Windows Credential Guard isolated memory.

FALLOUT attacks only affect servers using AMD's EPYC secure processors and could be exploited to inject persistent malware into VTL1, where the Secure Kernel and Isolated User Mode (IUM) execute code.

Like RYZENFALL, FALLOUT also let attackers bypass BIOS flashing protections, and steal network credentials protected by Windows Credential Guard.

"EPYC servers are in the process of being integrated into data centers around the world, including at Baidu and Microsoft Azure Cloud, and AMD has recently announced that EPYC and Ryzen embedded processors are being sold as high-security solutions for mission-critical aerospace and defense systems," researchers say. 

"We urge the security community to study the security of these devices in depth before allowing them on mission-critical systems that could potentially put lives at risk."

CHIMERA (v1, v2) AMD Vulnerabilities

These two vulnerabilities are actually hidden manufacturer backdoors inside AMD's Promontory chipsets that are an integral part of all Ryzen and Ryzen Pro workstations.

One backdoor has been implemented in firmware running on the chip, while the other in the chip's hardware (ASIC), and allow attackers to run arbitrary code inside the AMD Ryzen chipset, or to re-flash the chip with persistent malware.

Since WiFi, network and Bluetooth traffic flows through the chipset, an attacker could exploit the chipset's man-in-the-middle position to launch sophisticated attacks against your device.

"This, in turn, could allow for firmware-based malware that has full control over the system, yet is notoriously difficult to detect or remove. Such malware could manipulate the operating system through Direct Memory Access (DMA), while remaining resilient against most endpoint security products," researchers say.

According to the researchers, it may be possible to implement a stealthy keylogger by listening to USB traffic that flows through the chipset, allowing attackers to see everything a victim types on the infected computer.

"Because the latter has been manufactured into the chip, a direct fix may not be possible, and the solution may involve either a workaround or a recall," researchers warn.

MASTERKEY (v1, v2, v3) AMD Vulnerabilities

These three vulnerabilities in EPYC and Ryzen (workstation/pro/mobile) processors could allow attackers to bypass hardware validated boot to re-flash BIOS with a malicious update and infiltrate the Secure Processor to achieve arbitrary code execution.

Like RYZENFALL and FALLOUT, MASTERKEY also allows attackers to install stealthy and persistent malware inside AMD Secure Processor, "running in kernel-mode with the highest possible permissions," as well as bypass Windows Credential Guard to facilitate network credential theft.

MASTERKEY vulnerabilities also allow attackers to disable security features such as Firmware Trusted Platform Module (fTPM) and Secure Encrypted Virtualization (SEV).

It's notable that all these vulnerabilities require either low-privilege access, or administrative in some cases, on the targeted system to work.

CTS-Lab researchers gave just 24 hours to the AMD team to look at all vulnerabilities and respond before going public with their details—that's hell quick for any company to understand and patch the critical level issues properly.

While Intel and Microsoft are still managing its patches for Meltdown and Spectre vulnerabilities, the newly discovered vulnerabilities could create similar trouble for AMD and its customers.

So, let's wait and watch when the company comes up with fixes, though the researchers said it could take "several months to fix" all the issues.

For more detailed information about the vulnerabilities, you can head on to this paper [PDF] titled, "Severe Security Advisory on AMD Processors," published by CTS-Lab.

Plugins for Popular Text Editors Could Help Hackers Gain Elevated Privileges

Whether you're a developer, designer or a writer, a good text editor always help you save time and make you work more efficiently.

For example, I use Sublime a lot while programming because it includes some useful tools like 'syntax highlighting' and 'autocomplete' that every advanced text editor should have.

Moreover, these advanced text editors also offer users extensibility, allowing users to install and run third-party plugins to extend the editor's functionality and most importantly its scope.

However, it's a known fact that third-party plugins always pose a significant risk of hacking, whether it's about WordPress plugins or Windows' extensions for Chrome, Firefox or Photoshop.

SafeBreach researcher Dor Azouri analyzed several popular extensible text editors for Unix and Linux systems, including Sublime, Vim, Emacs, Gedit, and pico/nano, and found that except for pico/nano, all of them are vulnerable to a critical privilege escalation flaw that could be exploited by attackers to run malicious code on a victims’ machines.

"This method succeeds regardless of the file being opened in the editor, so even limitations commonly applied on sudo commands might not protect from it," the paper reads [pdf]

"Technical users will occasionally need to edit root-owned files, and for that purpose they will open their editor with elevated privileges, using ‘sudo.’ There are many valid reasons to elevate the privileges of an editor."

The issue resides in the way these text editors load plugins. According to the researcher, there's inadequate separation of regular and elevated modes when loading plugins for these editors.

Their folder permissions integrity is not maintained correctly, which opens the door for attackers with regular user permissions to elevate their privileges and execute arbitrary code on the user's machine.

A simple malvertising campaign could allow attackers spread malicious extension for vulnerable text editors, enabling them to run malicious code with elevated privileges, install malware and remotely take full control of targeted computers.

Azouri suggests Unix users can use an open-source host-based intrusion detection system, called OSSEC, to actively monitoring system activity, files integrity, logs, and processes.

Users should avoid loading 3rd-party plugins when the editor is elevated and also deny write permissions for non-elevated users.

Azouri advised developers of text editors to change the folders and file permission models to complete the separation between regular and elevated modes and if possible, provide a manual interface for users to approve the elevated loading of plugins.

Pre-Installed Malware Found On 5 Million Popular Android Phones

Security researchers have discovered a massive continuously growing malware campaign that has already infected nearly 5 million mobile devices worldwide.

Dubbed RottenSys, the malware that disguised as a 'System Wi-Fi service' app came pre-installed on millions of brand new smartphones manufactured by Honor, Huawei, Xiaomi, OPPO, Vivo, Samsung and GIONEE—added somewhere along the supply chain.

All these affected devices were shipped through Tian Pai, a Hangzhou-based mobile phone distributor, but researchers are not sure if the company has direct involvement in this campaign.

According to Check Point Mobile Security Team, who uncovered this campaign, RottenSys is an advanced piece of malware that doesn't provide any secure Wi-Fi related service but takes almost all sensitive Android permissions to enable its malicious activities.

"According to our findings, the RottenSys malware began propagating in September 2016. By March 12, 2018, 4,964,460 devices were infected by RottenSys," researchers said.

To evade detection, the fake System Wi-Fi service app comes initially with no malicious component and doesn’t immediately start any malicious activity.

Instead, RottenSys has been designed to communicate with its command-and-control servers to get the list of required components, which contain the actual malicious code.

RottenSys then downloads and installs each of them accordingly, using the "DOWNLOAD_WITHOUT_NOTIFICATION" permission that does not require any user interaction.

Hackers Earned $115,000 in Just Last 10 Days

At this moment, the massive malware campaign pushes an adware component to all infected devices that aggressively displays advertisements on the device’s home screen, as pop-up windows or full-screen ads to generate fraudulent ad-revenues.

"RottenSys is an extremely aggressive ad network. In the past 10 days alone, it popped aggressive ads 13,250,756 times (called impressions in the ad industry), and 548,822 of which were translated into ad clicks," researchers said.

According to the CheckPoint researchers, the malware has made its authors more than $115,000 in the last 10 days alone, but the attackers are up to "something far more damaging than simply displaying uninvited advertisements."

Since RottenSys has been designed to download and install any new components from its C&C server, attackers can easily weaponize or take full control over millions of infected devices.

The investigation also disclosed some evidence that the RottenSys attackers have already started turning millions of those infected devices into a massive botnet network.

Some infected devices have been found installing a new RottenSys component that gives attackers more extensive abilities, including silently installing additional apps and UI automation.

"Interestingly, a part of the controlling mechanism of the botnet is implemented in Lua scripts. Without intervention, the attackers could re-use their existing malware distribution channel and soon grasp control over millions of devices," researchers noted.

This is not the first time when CheckPoint researchers found top-notch brands affected with the supply chain attack.

Last year, the firm found smartphone belonging to Samsung, LG, Xiaomi, Asus, Nexus, Oppo, and Lenovo, infected with two pieces of pre-installed malware (Loki Trojan and SLocker mobile ransomware) designed to spy on users.

How to Detect and Remove Android Malware?

To check if your device is being infected with this malware, go to Android system settings→ App Manager, and then look for the following possible malware package names:

• com.android.yellowcalendarz (每日黄历)
• com.changmi.launcher (畅米桌面)
• com.android.services.securewifi (系统WIFI服务)
• com.system.service.zdsgt

If any of above is in the list of your installed apps, simply uninstall it.

Warning – 3 Popular VPN Services Are Leaking Your IP Address

Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data.

VPN, or Virtual Private Network, is a great way to protect your daily online activities that work by encrypting your data and boosting security, as well as useful to obscure your actual IP address.

While some choose VPN services for online anonymity and data security, one major reason many people use VPN is to hide their real IP addresses to bypass online censorship and access websites that are blocked by their ISPs.

But what if when the VPN you thought is protecting your privacy is actually leaking your sensitive data and real location?

A team of three ethical hackers hired by privacy advocate firm VPN Mentor revealed that three popular VPN service providers—HotSpot Shield, PureVPN, and Zenmate—with millions of customers worldwide were found vulnerable to flaws that could compromise user's privacy.

The team includes application security researcher Paulos Yibelo, an ethical hacker known by his alias 'File Descriptor' and works for Cure53, and whereas, the identity of third one has not been revealed on demand.

PureVPN is the same company who lied to have a 'no log' policy, but a few months ago helped the FBI with logs that lead to the arrest of a Massachusetts man in a cyberstalking case.

After a series of privacy tests on the three VPN services, the team found that all three VPN services are leaking their users' real IP addresses, which can be used to identify individual users and their actual location.

Concerning consequences for end users, VPN Mentor explains that the vulnerabilities could "allow governments, hostile organizations [sic], or individuals to identify the actual IP address of a user, even with the use of the VPNs."

The issues in ZenMate and PureVPN have not been disclosed since they haven't yet patched, while VPN Mentor says the issues discovered in ZenMate VPN were less severe than HotSpot Shield and PureVPN.

The team found three separate vulnerabilities in AnchorFree's HotSpot Shield, which have been fixed by the company. Here's the list:

• Hijack all traffic (CVE-2018-7879) — This vulnerability resided in Hotspot Shield’s Chrome extension and could have allowed remote hackers to hijack and redirect victim's web traffic to a malicious site.
• DNS leak (CVE-2018-7878) — DNS leak flaw in Hotspot Shield exposed users' original IP address to the DNS server, allowing ISPs to monitor and record their online activities.
• Real IP Address leak (CVE-2018-7880) — This flaw poses a privacy threat to users since hackers can track user's real location and the ISP. the issue occurred because the extension had a loose whitelist for "direct connection." Researchers found that any domain with localhost, e.g., localhost.foo.bar.com, and 'type=a1fproxyspeedtest' in the URL bypass the proxy and leaks real IP address.

Here it must be noted that all the three vulnerabilities were in the HotSpot Shield's free Chrome plug-in, not in the desktop or smartphone apps.

The researchers also reported similar vulnerabilities in the Chrome plugins of Zenmate and PureVPN, but for now, the details of the bugs are being kept under wraps since both the manufacturers have not yet fixed them.

Researchers believe that most other VPN services also suffer from similar issues.

Apple Blocks Sites From Abusing HSTS Security Standard to Track Users

If you are unaware, the security standard HTTP Strict Transport Security (HSTS) can be abused as a 'supercookie' to surreptitiously track users of almost every modern web browser online without their knowledge even when they use "private browsing."

Apple has now added mitigations to its open-source browser infrastructure WebKit that underpins its Safari web browser to prevent HSTS abuse after discovering that theoretical attacks demonstrated in 2015 were recently deployed in the wild against Safari users.

HSTS—HTTP Strict Transport Security—is a great feature that allows websites to automatically redirects user's web traffic to secure page connections over HTTPS if the user accidentally opens an insecure URL and then remembers to route that user to the secure connection always.

Since HSTS does not allow websites to store any information/value on users web browser except remembering the redirect information about turning it on/off for future use, using this information, someone interested in tracking web users can create a so-called supercookie that can then be read by cross-site tracking servers to mark users across websites.

Here's How HSTS-Based Tracking Works:

To understand how HSTS supercookie tracking works, here's a simple example:

• To track each user, sites assign a unique random number to each visitor, for example, 909090, where 32 character binary conversion for 909090 is 00000000000011011101111100100010.
• To set this binary number for a specific user, the site sets HSTS policy for its 32 subdomains (tr01.example.com, tr02.example.com......and tr32.example.com) accordingly, where if HSTS for a subdomain is enabled then the value is 1 and if not then the value is 0.
• Now each time the user visits the same website, it silently opens invisible pixels from 32 of its subdomains in the background that represent the bits in the binary number, signalling the server which subdomains are opened via HTTPS (1) and which via HTTP (zero).
• Voila! Combining the above value reveals the user's unique binary value to the server, helping websites/advertisers to mark users across sites.

However, Apple has now added two mitigations to its Safari's WebKit engine that addresses both sides of the attack: where tracking identifiers are created, and the subsequent use of invisible pixels to track users.

Mitigation One addresses the super cookie-setting problem, where attackers use long URLs that encode the digits in subdomains of the main domain name and the practice of setting HSTS across a wide range of sub-domains at once.

Safari will now limit the HSTS state to either the loaded Hostname, or the Top Level Domain plus one (TLD+1), and "WebKit also caps the number of redirects that can be chained together, which places an upper bound on the number of bits that can be set, even if the latency was judged to be acceptable."

"This prevents trackers from efficiently setting HSTS across large numbers of different bits; instead, they must individually visit each domain representing an active bit in the tracking identifier," says Brent Fulgham, a developer who works on Safari WebKit engine. 

"While content providers and advertisers may judge that the latency introduced by a single redirect through one origin to set many bits is imperceptible to a user, requiring redirects to 32 or more domains to set the bits of the identifier would be perceptible to the user and thus unacceptable to them and content providers."

In Mitigation Two, Safari ignores HSTS State for Subresource Requests to Blocked Domains, where WebKit blocks things like invisible tracking pixels from forcing an HSTS redirect, causing HSTS supercookies to become a bit string of only zeroes.

However, Apple does not name any individual, organisation, or any advertising firm that was using HSTS supercookie tracking to target Safari users.

How To Unlock Locked iPhone iCloud Account?

SUMMARY: Do you have your iCloud locked? If your iPhone has an iCloud lock on it, it means that regardless of how much you paid for your second-hand phone, the previous owner can still block you from using it. They can do this by keeping the device locked to their iCloud account and not allowing you to log into the phone.

The only way around this is to get an iCloud account unlocked. It frees your phone from the previous owner’s account and allows you to setup your account on that phone, meaning you can start making calls, sending messages, and using apps.

Of the 9 iCloud activation unlock services we found and 3 we tested, the fastest, cheapest, and best supported provider is iPhone IMEI. They unlocked all 6 accounts we sent them, for the least money, and did it in the fastest time.

Im going to introduce new method of unlocking icloud lock making your own server for bypass the lock.

if some one interest about this, dont hesitate to contact me via email or send a massage to our official facebook fan page. hit a like on below link...

https://www.facebook.com/blackhathacking123/