By continuing to use the site or Forum, you agree to the use of cookies, find out more by reading our GDPR policy.

Google security researchers have revealed this week that the immensely popular Fortnite Android app is vulnerable to so-called man-in-the-disk (MitD) attacks. This vulnerability allows low-privileged malicious apps already installed on a users' phone to hijack the Fortnite app's installation process and install other malicious apps that have a higher permissions level. Epic Games, the Fortnite game developer, has released version 2.1.0 that patches this attack vector. The concept of man-in-the-disk attacks has been recently detailed in more depth by security researchers from Israel-based cyber-security firm Check Point. In a simplified explanation, MitD attacks are possible when an Android app stores data on External Storage mediums, outside its highly-secured Internal Storage space. An attacker can watch a specific app's External Storage space and tamper with the data stored in this storage space because this space is shared by all apps. The Fortnite app is vulnerable to this attack because the app does not contain the actual game, but is merely an installer. Once users install the app, this installer uses the device's External Storage space to download and install the actual game. "Any app with the WRITE_EXTERNAL_STORAGE permission can substitute the APK immediately after the download is completed and the fingerprint is verified. "Any app with the WRITE_EXTERNAL_STORAGE permission can substitute the APK immediately after the download is completed and the fingerprint is verified. This is easily done using a FileObserver. The Fortnite Installer will proceed to install the substituted (fake) APK," a Google researcher wrote in a bug report recently made public.Complete details are posted on OUR FORUM.

Millions of mobile devices from eleven smartphone vendors are vulnerable to attacks carried out using AT commands, a team of security researchers has discovered. AT (ATtention) commands or the Hayes command set, is a collection of short-string commands developed in the early 1980s that were designed to be transmitted via phone lines and control modems. Different AT command strings can be merged together to tell a modem to dial, hang up, or change connection parameters. Unknown to the common user is that modern smartphones include a basic modem component inside them, which allows the smartphone to connect to the Internet via its telephony function, and more. While international telecommunications bodies have standardized basic AT commands, dictating a list that all smartphones must support, vendors have also added custom AT command sets to their own devices —commands which can control some pretty dangerous phone features such as the touchscreen interface, the device's camera, and more. In massive and groundbreaking research, a team of eleven scientists from the University of Florida, Stony Brook University, and Samsung Research America, have looked into what types of AT commands are currently supported on modern Android devices. The research team analyzed over 2,000 Android firmware images from eleven Android OEMs such as ASUS, Google, HTC, Huawei, Lenovo, LG, LineageOS, Motorola, Samsung, Sony, and ZTE. They say they discovered that these devices support over 3,500 different types of AT commands, some of which grant access to very dangerous functions. Videos and more are posted on OUR FORUM.

T-Mobile USA announced a security breach late last night. The company says its cyber-security team discovered and shut down unauthorized access to its customers' data on Monday, August 20. The telco says an attacker was exfiltrating personal data such as customer names, billing ZIP codes, phone numbers, email addresses, account numbers, and account types (prepaid or postpaid). T-Mobile said the hacker (or hackers) did not gain access to passwords, social security numbers, or any financial information. Impacted customers will receive an SMS, letter in the mail, or a phone call to notify them. The US telco says it informed law enforcement authorities about the breach. A T-Mobile spokesperson told Motherboard that less than 3% of its customer base was affected. T-Mobile reported 75.62 million customers at the end of Q2 2018. That would put the breach at around 3.9 million customers, still, a considerable number. As some T-Mobile users have pointed out, even if the hackers did not get their hands on any financial data or passwords, the breach makes it easier for the attacker to port  (SIM swap) numbers. More details posted on OUR FORUM.

According to the latest reports from AdDuplex, Microsoft’s latest entrant to the Surface family, the Surface Go now holds a market share of 1.24% of among the Surface devices. Microsoft which launched the Surface Go device on August 2nd in the US market enters the list of Surface devices and is now placed between the Surface Laptop and Surface Studio. Surface Pro 4 still remains the most popular Surface device beating other two Surface Pro models. The Surface Pro 4 currently holds a market share of around 33% with Surface Pro 3 and Surface Pro at 18% and 17% respectively. Microsoft launched the Surface Go keeping in mind the education sector with the device featuring a 10″ display and offering 7th Generation Intel Pentium Gold Processor 4415Y with 4 GB and 8 GB RAM options. The Surface Go has been termed as the most affordable device among the Surface family with the device priced at $399. The device comes with Windows 10 in S Mode pre-installed and you can get a full Windows 10 experience when upgraded from S Mode. AdDuplex has also shared some new data about the Windows popularity for the month of August 2018. The current data shows the percentage of devices running the Windows 10 April Update. Graphics and more is posted on OUR FORUM.

While Microsoft has moved to Edge for Windows 10 on the desktop, Internet Explorer still remains available as an option.  Unlike three years ago when we first wrote this article on how to find and run Internet Explorer, Microsoft has since developed Edge much further, Users can now expect a plethora of features built around reading, inking and similar. Edge is also easier on the eyes, comes with a beautiful built-in dark mode and fluent design, and can support progressive web apps. In short, Edge is for the modern computer user. Still, if you do want to run Internet Explorer for reasons like legacy app support or just familiarity, you can find it by searching with Cortana, or in the Start Menu where it’s buried. Now, Internet Explorer isn’t for everyone. It’s actually for almost no-one right now. Microsoft leaves it enabled for users who want to run legacy web apps that will (for some reason) only run in Internet Explorer. If you don’t particularly care like 99% of people, there’s a quick way to disable Internet Explorer so it’s completely out of the way. Internet Explorer is an aging browser that tends to be riddled with security vulnerabilities, whose had its time in the spotlight and now more and more people are using alternative web browsers and realize they want to completely remove the older less reliable Internet Explorer, now is their chance to do just that. Visit OUR FORUM for further details.

Windows released its newest operating system, "Windows 10," back in July 2015. Since then it has become a popular OS, and is found running on most PCs. It is constantly updated, and overall has been pretty well received. As of November 2017 it was running on some 600 million devices, and in 2018 Windows 10 become more widespread than Windows 7, thereby becoming the most single used Windows version overall. But just because many people have it does not mean everyone has it. The good news is if you have not yet upgraded to Windows 10 you still can.
Here's what you should know
When Windows was first released, Microsoft's upgrade tool (GWX) was delivered via Windows Update to eligible computers. The free upgrade offer officially ended July 30, 2016, and the upgrade tool was removed. Now, using the Media Creation Tool from the Windows 10 download site, you can choose to upgrade your PC immediately or download a copy of the latest version of Windows 10 to install later. Download the file to a USB flash drive, a DVD, or as an ISO file to your hard drive. You'll need roughly 4GB of space for the 64-bit version, and about 3GB for the 32-bit version. read more on our Forum