Microsoft is enabling a new Microsoft Account sign-in option as a handy addition to the company’s iOS and Android Microsoft Authenticator phone app. Instead of using Microsoft Authenticator for two-step authentication, the app user can sign into the account without a password.

The new feature is available for website sign-ins that require Microsoft Account, such as Outlook.com, Skype.com, and OneDrive.com.

How dose it work?
To enable the feature, the user must first install the Microsoft Authenticator app, then select his or her account from the dropdown button and lastly choose enable phone sign-in. From now one, during logging into a Microsoft Account, a new option “Use the Microsoft Authenticator app instead” will appear at t

On April 24, 2017, the Polish Ministry of Digital Affairs has activated a new e-service entitled "Check your penalty points", which allows every driver to verify their actual sum of penalty points earned for traffic offenses.
What is important, the new on-line service is available for FREE on the government portal https://obywatel.gov.pl.
Aside from the amount of the penalty points, each driver can also verify additional informations, such as the date/place of the traffic offense, and the type, brand and the registration number of vehicle involved.

In order to use the service safely, the drivers ought to set up a trusted eGO profile by filling up the on-line registration form, available at the https://pz.gov.pl

Read more

0 - Comment

The experts from threat intelligence firm Recorded Future have informed  about a new threat – the ransomware called Karmen, capable of encrypting files on the infected PC using the strong AES-256 encryption protocol. The files remain inaccessible until the victim decides to pays a large sum of money for the decryption key.

Unlike the most ransomware-type programs, Karmen is a particularly vicious. The virus is known to permanently delete its decryptor if a sandbox environment or antivirus software is detected on the victim's computer. In case like this, even if the victim pays the ransom, she or he will never regain access to the encrypted files.

This is yet another example of how important it is to make backup copy of our data, esp

Some time ago we wrote about a new ATMs biometric security system utilizing fingerprint scanner and about new high-tech form of theft targeting ATMs, called skimming.

Mastercard – a worldwide credit card provider – has decided to reveal their newest type of payment card, equipped with a new security feature – a small biometric area designed to verify the user's fingerprint. Instead of requiring its owner to enter a four-digit personal identification number (PIN), the user needs only to hold the finger over the sensor whilst making a purchase.

According to Mastercard the new technology was successfully tested in South Africa, and will most likely be fully implement throughout Europe and Asia later this year. Mastercard's chief of

Police officers from the Cybercrime Division detained eight people associated with the premium SMS fraud, which affected almost 160,000 of Polish citizens.

The fraudsters registered hundreds of websites and announced several contests offering attractive prizes, such as cash vouchers for all kinds of merchandise (clothing vouchers, top-up vouchers, etc.). In order to participate in the contest, the victim had to send a premium SMS message. The next step was to fill in the form and transfer 50 PLN to the indicated bank account, using on-line payment.

Needles to say that the victim never received any wins.

To make the whole scam took more convincing, the fraudsters employed people who were tasked with posting positive posts and

The experts from McAfee are warning of a new cyberattack that silently installs malware on the computers containing Microsoft Office  Word. The users of this software should be very careful when opening Word documents downloaded from third-party websites or attached to unknown e-mail messages.

Since the beginning of 2017 the unknown group of hackers have been exploiting a serious – and yet unpatched – zero-day vulnerability present in all modern versions of Microsoft Office Word software. The cyberattack begins by downloading a malicious HTA file disguised as a Microsoft's RTF. When opened, the malicious code gets executed, granting the cyberattackers almost complete control over the victim's computer.

The switch

Are you waiting for a parcel from the UPS Express courier company?

If so, be careful, because you may be the target of a cyberattack.

Experts from the Avlab have checked the authenticity of suspicious e-mail massages received lately by many network users. In comparison to the the original, the examen e-mails differed only by order number, while the IP address, content, pdf attachment, and website from which the "invoice" should be downloaded were identical.

To make it look even more credible, the messages contained the invoice number, along with the order amount.

Avlab has confirmed that the attached pdf file is not malicious, but the URL adders, redirecting to the external website, is. If the us

Having the web browser remember passwords and/or logins can be convenient, but it poses some security risks.

The experts from ESET company warn the Internet users about the e-mail messages, presumably sent by the Delta Air Lines, confirming the purchase of air tickets to Washington, DC. In reality it is a clever scam aim at stealing sensitive data (like logins and passwords) stored in a web browser and e-mail programs.

The imprudent recipient of such e-mail, who, without a second thought, decides to open the attached file (or a link), will instantly download an malicious malware designed to look like a proper Microsoft Word document. The malware has a password stealing component, desinge to extract bank, PayPal or other financial details along

Experts from CERT Poland have informed about the new e-mail campaign of Polish Stalking Group, aimed at extorting a ransom of 1000 PLN using bitcoin wallet. This new method can be desribed only as a blackmail. The extortionists threaten the victim to send 100 courier parcels from random e-shops, if the victim does not agree to pay the ransom.

In order to confirm the authenticity and seriousness of the threat, the victim revives a e-mail massage containing the victim's sensitive data, such as social security number (PESEL), address and phone number. The message also implies that some courier parcels may contain illegal substances, like drugs, which may endanger the victim to legal repercussions from law enforcement agencies.

The victim is left

Have you ever downloaded pirated content from the P2P network (commonly known as  torrent sites)?
If so... then, you can expect to get an e-mail massage with a warning.

British Internet providers have joined the “Get it right from a genuine site” action. The campaign aims to reduce the scale of piracy, and to support the download of music and movie files from legal sources.

The “Get it Right...” monitors peer to peer (P2P) networks for illegal downloads. Each Internet user that downloads files form torrent sites may receive an email massage with an warning. The email cautions subscribers they have 20 days to stop downloading copyrighted material using P2P websites. Should the warning be ignored a second time – an an

Minecraft – one of the most popular games has been exploited by cyber criminals.
Most recently the experts from ESET company have reported that the Google Play app store contains 87 apps for popular Minecraft game that in reality are malicious malwares disguised as mods. So far the harmful apps have been installed by almost 1 million of Android users.

Among the identified fake mods, 14 were responsible of displaying aggressive advertisement banners while the remaining 73 were redirecting the users to scam websites. ESET security software detects those threats as Android/TrojanDownloader.Agent.JL (ad-displaying downloaders) and Android/FakeApp.FG (fake apps).

Moreover, the language of the scareware advertisements was based on the geo

Cybercriminals have created a fake version of popular Google Chrome browser, which resembles the original application, but in truth can only be described as a scam, designed to fool the Internet users into revealing their payment card details.

Experts from the Malware Hunter Team report that after the fake browser is installed on the victim’s computer, it displays the “standard” Google Chrome icon on the desktop. Moreover, even after launching,  the fake browser behaves almost identical like the authentic application. There is hoverer one impotent difference. Namely, at some point the fake browser asks the user to make a transfer (of 0.50 EUR) and reveal  an critical payment card details, like credit card number,expirat

Another wave of attacks, this time aimed at Netia clients, was reported by a portal Zaufana Trzecia Strona. Thousands of mails with malicious programs have been sent to this group of Internet users. The massages contained all the original data of the clients (previously stolen from the company's database) and an attached folder with false invoice.

After opening such message the computer can be infected with a trojan that was designed to collect sensitive data, such as mailbox logins and passwords. However, the installation process of the virus can not be perform without the “help” from the users themselves. According to the portal Zaufana Trzecia Strona to run malicious code, the user must first unpack the attached folder (RAR file) by entering a password in

Are You a satisfied user of Kodi media player? Stay alert, because You might unwillingly participate in DDoS attacks. How is this possible? Due to recent actualization of Exodus add-on.

The Exodus is the most popular Kodi add-on which allows users to stream movies and TV-shows content from a variety of sources. Unfortunately, the creator of this popular add-on has recently injected a piece of code which turned every Exodus user into an unwilling DDoS botnet (occasionally referred to as a “zombie army”).

The alteration of the code was revealed and described by the users of tvaddons.ag forum. They have noticed that every time a user tried to play something through Exodus add-on, the plugin attempted to e

The Russian group of hackers known as APT28 is targeting MacOS users with a new variant of the X-Agent spyware, which has previously attacked other popular OS systems.

According to the security researchers from Bitdefender Labs the maleware is capable of stealing passwords, taking screenshots, exfiltrating iPhone backups stored on the device, detecting system configurations, and creating a “backdoor” for other malicious wares.

"Once successfully installed, the backdoor checks if a debugger is attached to the process. If it detects one, it terminates itself to prevent execution. Otherwise, it waits for an Internet connection before initiating communication with the C&C (co