“Last seen” indication in Hangouts

To make it easier to know when people using Hangouts are available to chat, we’ve added timestamps as part of status (e.g. ‘last seen 2h ago’), indicating when one was last using Hangouts.

Comprompt-Google-Hangouts

Individuals can control whether this info is shared from Hangouts chat settings.

This feature is now available on Hangouts in Gmail (gradual rollout), as well as on the latest versions of the Hangouts Android and iOS apps.

 

 courtesy:google apps


WHOIS – Search-Domain Name-Website-IP Tools

WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system, but is also used for a wider range of other information. The protocol stores and delivers database content in a human-readable format.

WHOIS information has to be made publicly available to everyone via the public WHOIS database as required by ICANN, the international governing body for domain names and Everyday, this valuable source of accurate contact information is targeted and harvested by spammers and telemarketers resulting in unwanted and unsolicited contact. Also since your contact information is public, you are at risk for identity theft and fraud and of being contacted by harassers and stalkers. Privacy Protection ensures that your private information is not published by replacing all your publicly visible contact details with alternate contact information.

FEATURES:

1. See Website Information

Search the whois database, look up domain and IP owner information, and check out dozens of other statistics.

2.Save and Follow Domains

Organizing domains across multiple registrars for quick reference has never been so easy.

3.On Demand Domain Data

Get all the data you need about a domain and everything associated with that domain anytime with a single search.

4.New TLD Watcher

New endings to the right of the dot like .Blog, .Web, and .App etc.

 

Courtesy by :

https://who.is


How to remove PostgreSQL in Windows machine

Comprompt-PostgreSQL in Windows machine
PostgreSQL in Windows machine
Auto Uninstallation :-

i)Go to the Add/Remove Programs

ii) uninstall postgresql server
 or
go to the postgresql server installation directory
run the uninstaller.
Manual Uninstallation:
i) Remove the postgresql server installation directory.
 Suppose following default location then command on cmd
 (rd /s /q “C:\Program Files\PostgreSQL\8.3”)
ii) Delete the user ‘postgres’
net user postgres /delete
iii) Remove the Registry entries. (HKEY_LOCAL_MACHINE\SOFTWARE\PostgreSQL\Installations\postgresql-8.3) and (HKEY_LOCAL_MACHINE\SOFTWARE\PostgreSQL\Services\postgresql-8.3)
iv) Remove the postgresql-8.3 service.
sc delete postgresql-8.3
 
 
Courtesy :- 
Embedded System testing

Man in the middle attack

man in middle attack

 

A man-in-the-middle (MITM) attack is an attack where the malicious actor attempts to intercept, read or alter information moving between two computers.

There are a variety of ways that attackers can insert themselves in the middle of your online communications.

  • By distributing malware, a Trojan virus or a malicious script
  • By exploiting the design vulnerabilities in the Wi-Fi networks
  • By exploiting inherent and un-fixed vulnerabilities of an unpatched desktop browser,
  • By exploiting vulnerabilities which are introduced due to a mis-configuration or non-hardening of the operating system

MITM attacks allows the attacker  to :-

  • Receive and request personal information posing as a trusted party (such as a website that you regularly use).
  • Hijack a browser session and steal credit card number,personal detail etc.
  • Deep dive insight into applications of a computer, and gain the usage pattern and other personal details of a person .
  • Record an entire authentication session, decipher the userid and password information from it, which he can use to impersonate the victim and create damage to a greater extent

Having a correctly defined security perimeter defense design, server and network component’s hardening, implementing robust patch management system and following best security practices can help fix MITM attacks.


 

Symantec PGP End Point Encryption Solution.

What is Endpoint Encryption?

When it comes to encrypting data, there are various encryption strategies.

Disk encryption protects a hard drive in the event of theft or accidental loss by encrypting the entire disk including swap files, system files,

and hibernation files. If an encrypted disk is lost, stolen, or placed into another computer, the encrypted state of the drive remains

unchanged, ensuring only an authorized user can access its contents.

Some endpoint encryption solutions (like Symantec™ Endpoint Encryption) also include support to encrypt files stored on or copied to

removable media devices. As with disk encryption, removable media encryption helps prevent unauthorized access to information on lost or

stolen devices (in this case the devices are USB flash drives, external hard drives (USB, FireWire, and eSATA), SD cards, and compact flash

cards). In this way, organizations can benefit from the productivity gains associated from collaboration using removable storage without

putting data at risk.

How Disk Encryption Works

During the startup process of an operating system, a boot sequence is executed. The boot system is the initial set of operations that the

computer performs when it is switched on. A boot loader (or a bootstrap loader) is a short computer program that loads the main operating

system for the computer. The boot loader first looks at a boot record or partition table, which is the logical area “zero” (or starting point) of

the disk drive.

Disk encryption modifies the boot sector. For example, a computer protected with Symantec™ Endpoint Encryption presents a modified preboot

environment for the user to authenticate to the computer.

This modified pre-boot screen prompts the user for authentication credentials in the form of a passphrase (typically a longer password, often

resembling a sentence). At this point, the computer may ask for additional credentials such as a smart card, token, or other two-factor

authentication.

After the user enters valid authentication credentials, the operating system continues to load as normal and the user can access the

computer.

Most disk encryption software operates in conjunction with the file system architecture. It filters I/O operations for one or more file systems

or file system volumes.

When a drive is encrypted for the first time, it converts unencrypted drive blocks into encrypted blocks one at a time. Disk encryption allows

users to continue working as normal during this initial encryption process by varying the amount CPU power assigned to the initial encryption

process.

When a user accesses a file, disk encryption decrypts the data in memory before it is presented for viewing. If the user makes any changes to

the file, the data is encrypted in memory and written back to the relevant disk drive block just as it would be without encryption. Decrypted

data is never available on the disk. The encryption/decryption process happens at such a speed that it appears completely transparent to the

User.

How Removable Media Encryption Works

Removable media encryption software provides the ability to encrypt files on removable storage devices.

When a user copies files of a system onto a removable storage device, each file is encrypted to a password, a shared key or a certificate. At

the same time, utilities for Windows or Mac systems can be copied (if permitted by policy) allowing authorized access to data without the

endpoint client installed on a machine.

This file encryption can be governed by policy, user action, or Symantec DLP. In the case of Symantec DLP, the Endpoint Prevent software

monitors users’ machines and understands when a person is moving a sensitive file off his computer. With the integration of Symantec DLP

and Symantec Endpoint Encryption, administrators can ensure files with sensitive information that are moving to removable media are

encrypted rather than blocked, allowing business processes to continue in a secure manner.

To access the information, when the user inserts a removable media device like a USB drive with encrypted files into a computer system, the

removable media encryption software will prompt for passphrase, and upon successful authentication, the user can access the file.

Key Features

  • Built PGP Strong – High performing, strong encryption, built with PGP Hybrid Cryptographic Optimizer (HCO) technology and leveraging AES-NI hardware optimization for even faster encryption speeds.
  • Robust Reporting – Administrators can take advantage of out-of-the-box compliance reports or customize their own reports to help ease the burden of proof to auditors and key stakeholders.
  • Active Directory Support – Individual and group policies and keys can be synchronized with Active Directory to help speed deployments and reduce administration burdens.
  • Key Recovery – Multiple recovery options allow organizations to determine the right solution for them to minimize potential lockouts and reduce HelpDesk calls.
  • Single-Sign-On – SSO means fewer passwords for users to remember.

Key Benefits

 
  • User-Friendly – Installation and registration is completely transparent to users, while CPU utilization during initial encryption is minimized to ensure that users can continue being productive while encryption happens in the background.
  • Flexible – Support multi-user deployments in both Active Directory and non-Active Directory environments.
  • Collaborative – Users can access encrypted data on removable media safely even on systems without Symantec Endpoint Encryption installed.
  • Scalable – Scalable management architecture easily adapts to small and large enterprise environments.
  • Stronger Protection – Symantec’s market leading Data Loss Prevention (DLP) software integrates with removable media encryption to analyze data before it’s transferred and automatically encrypt sensitive outgoing data.

Reference by : www.google.com


 

 

Updated version of Google Apps Password Sync (GAPS)

 

Google Apps Password Sync 1.3 is now available with the following new features:

  • GAPS now uses the Admin SDK – Directory API (version 1)
  • Improved Google Apps validation when configuring GAPS
  • Several bug fixes

Note: All customers running a previous version of GAPS must upgrade to GAPS 1.3 before April 20, 2015. Older versions will stop functioning after this date.

Reference by:www.google.com


Offline access to Google Docs editors auto-enabled when signing into Chrome browser on the web

comprompt-Offline access to Google Docs

Offline access to Google Docs – When working in a Chrome browser, people using the Google Docs editors with offline access enabled can work on files even when not connected to the internet. Files are synced so they can be viewed and edited offline, allowing for continued productivity regardless of one’s internet connection.

Setting up offline access manually can be cumbersome, so in a couple of weeks you’ll be able to just sign into Chrome on the web and visit Drive, Docs, Sheets, or Slides―and offline will be enabled automatically. This is already the default behavior  on Chrome OS, so nothing will change there.

Google Apps admins can still centrally enable or disable offline access for their domain in the Admin console. Existing settings for domain-level offline access will not be altered by this launch.

Note that Google Apps users should not sign into a Chrome browser on public/non-work computers with their Google Apps accounts to avoid unintended file syncing.

Reference by:www.google.com


An update on the migration of older spreadsheets to the new Google Sheets

comprompt- Google Sheets

Back in November 2014, GOOGLE  announced that older spreadsheets (those created prior to Dec 2013, including any subsequent copies) would start being gradually migrated to the new version of Google Sheets for Google Apps domains on the Rapid release track, with Scheduled domains to follow.

While the migration started for consumer spreadsheets, GOOGLE decided to delay the migration for the Rapid release track to ensure a more smooth process. Starting next week, google will formally start the migration for Rapid release domains, with Scheduled release domains to follow 2-3 weeks later (note: we have decided against displaying the migration notification in the Sheets interface for Google Apps customers to prevent unnecessary confusion).

The migrations will take several months to complete, but you’ll be able to take advantage of the new features and capabilities in the new Sheets as older spreadsheets are migrated. Simpler spreadsheets will be upgraded first, while those that use Apps Script and more complex features will be migrated weeks to months later to ensure a seamless transition.

 

Reference by:www.google.com


A new look for the Google Apps Admin console

material design

At Google I/O last June, google introduced material design, a single underlying design system that allows for a beautiful unified experience across platforms and device sizes.These design principles applied to many of Google’s products recently, and today google announcing that the Admin console is next in line.

The Admin console has been redesigned to better meet the needs of Google Apps admins, putting your most important controls front and center and making the most common tasks easier than ever to complete.

To help you get acquainted with the new design, google prepared a design change guide, featuring screenshots of the new navigational elements and guidance on how to change settings, manage and add users, apply filters and access other frequently used features in the new UI. We also pulled together before and after screenshots for context on how things will be changing. google suggest spending some time reviewing these guides to ensure you can hit the ground running with the new design.

reference by:www.google.com


Aware of Cryptolocker / Cryptorbit / Cryptowall Virus.

Kindly find below the detail information about Cryptowall 3.0 Ransomware.

We have seen a series of Ransomware tended to be simple with dogged determinations to extort money from victims. But with the exponential rise in the samples of Ransomware last year, we saw more subtle in design, including “Cryptolocker” that was taken down along with the “Gameover ZeuS” botnet last June. As a result, another improved ransomware packages have sprung up to replace it — CryptoWall.

cryptolocker-cryptorbit-cryptowall-ransomware-virus

Ransomware is an emerging threat in the evolution of cybercriminals techniques to part you from your money. Typically, the malicious software either lock victim’s computer system or encrypt the documents and files on it, in order to extort money from the victims. Since last year, criminals have generated an estimated US$1 million profits.

Now, the infamous Cryptowall ransomware is back with the newest and improved version of the file-encrypting ransomware program, which has been spotted compromising victims by researchers early this week, security researchers warned.

The new version, dubbed Cryptowall 3.0 (or Crowti), uses Tor and I2P (Invisible Internet Project) anonymity networks to carry out communication between victims and controllers keeping it away from researchers and law enforcement officials.

The cryptolocker/Cryptorbit/Cryptowall Malware encrypts files with the RSA algorithm and key to decrypt file is not statically available in mother infector. It spreads through an email that appears to be a tracking notification from unknown people. In the mail there is zip file and inside that zip file is a double-extension file such as *.pdf.exe. The .exe file lets CryptoLocker run on your computer, while the innocuous .pdf extension hides the file’s true function.

Availability of key depends on C&C server communication.

RSA decryption Key generation by brute force is not feasible solution. So decryption of all the encrypted files is not possible in these cases.

Kindly go through below link for your reference about this virus:

http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fCrowti

We recommend you to take below preventive measures:

    1. Stay patched. Keep your operating system and softwares up to date.
    1. Make sure your anti-virus is active and up to date.
    1. Avoid opening attachments you weren’t expecting, or from people you don’t know well. Kindly inform any incoming mail from unknown person/Email ID immediately to your IT Team.
    1. Make regular backups of your important data and store them somewhere safe, preferably offline.
    1. update your firewall and all security patches.
    1. update and re check your gateway level web filtering policies and security.
    1. update your mail server antivirus and all security patches.
    1. update and re check your mail server mail filtering and security policies.
    1. do not click any unknown links.
  1. do not accept/yes any unknown web request.