Hey, Guys, Today I have come with some cool stuff on Google you haven't known before or tried. Some features really make you insane for a moment. So let's begin.

1. Do a barrel roll:-
Type word by word "do a barrel roll" without quotes in a google search. As you hit search its something cool happens. What have you seen cool eh?
If you tired of writing let I help you just click here Do a barrel roll

2. Askew:-
Next trick type "askew" in a google search. As you hit a search button you will find some tilt screen of google. Looks interesting right? Try it right now by clicking here Askew


3. Google gravity:-
Tired of full-day work on mobile or PC let's play the game with the google, go to google search and search for google gravity and hit the first link. You will find some amazing stuff never seen before. How's it looking cool?.
You can go directly from here Google gravity

4. Google space:-
Another better one to google gravity and more interesting is google space. Fly the google as you like just play google like you playing with a ball. Go and search on google with "Google space" hit the first link. And you will see the amazing stuff.
You can go directly from here Google space

5. Google underwater:-
Now you have already played with google search bar now it's time to fly the google search underwater. Look's interesting right? Go on a google search for google underwater and hit the first link. Really amazing stuff you really like it right?
If you haven't checked go directly from here Google underwater

6. Play a breakout game in google images:-
Have you even checkout you can play with google images if not checked yet try right now. You can play breakout game in google images. Really cool if you yet not known. Just go to google images search for "atari breakout" with quotes and try to go to desktop mode if you using mobile. Wow! You can now play the game on google images! Really cool right?
Check it right now if you tired of search Google images breakout game

7. Blink game:-
Oh! Tired of watching the screen lets blink for while. Here is another cool thing go on a google search for "blink HTML" without quotes. Try to switch desktop mode if you using a mobile device.
You go directly from here Blink Blink

8. Zerg rush:-
Now it's a search option which let you access lots of things in the google search bar with a great variety of the stuff. Just search "zerg rush" in google without quotes and hit the first search. Oh! now you can play guitar, play Pacman, play snake game and much more. Looks cool right?.
Checkout directly by clicking here Zerg rush

So, guys, that's some cool tricks and entertaining stuff you really like while doing work and get tired of, it will relive you for short time and it's really fun to play with google search bar.

INTERNET PARANOIACS DRAWN to Bitcoin have long indulged fantasies of American spies subverting the booming, controversial digital currency. Increasingly popular among get-rich-quick speculators, Bitcoin started out as a high-minded project to make financial transactions public and mathematically verifiable — while also offering discretion. Governments, with a vested interest in controlling how money moves, would, some of Bitcoin’s fierce advocates believed, naturally try and thwart the coming techno-libertarian financial order.

It turns out the conspiracy theorists were onto something. Classified documents provided by whistleblower Edward Snowden show that the National Security Agency indeed worked urgently to target Bitcoin users around the world — and wielded at least one mysterious source of information to “help track down senders and receivers of Bitcoins,” according to a top-secret passage in an internal NSA report dating to March 2013. The data source appears to have leveraged the NSA’s ability to harvest and analyze raw, global internet traffic while also exploiting an unnamed software program that purported to offer anonymity to users, according to other documents.

Although the agency was interested in surveilling some competing cryptocurrencies, “Bitcoin is #1 priority,” a March 15, 2013 internal NSA report stated.

The documents indicate that “tracking down” Bitcoin users went well beyond closely examining Bitcoin’s public transaction ledger, known as the Blockchain, where users are typically referred to through anonymous identifiers; the tracking may also have involved gathering intimate details of these users’ computers. The NSA collected some Bitcoin users’ password information, internet activity, and a type of unique device identification number known as a MAC address, a March 29, 2013 NSA memo suggested. In the same document, analysts also discussed tracking internet users’ internet addresses, network ports, and timestamps to identify “BITCOIN Targets.”

The agency appears to have wanted even more data: The March 29 memo raised the question of whether the data source validated its users, and suggested that the agency retained Bitcoin information in a file named “Provider user full.csv.” It also suggested powerful search capabilities against Bitcoin targets, hinting that the NSA may have been using its XKeyScore searching system, where the Bitcoin information and wide range of other NSA data was cataloged, to enhance its information on Bitcoin users. An NSA reference document indicated that the data source provided “user data such as billing information and Internet Protocol addresses.” With this sort of information in hand, putting a name to a given Bitcoin user would be easy.

The NSA’s budding Bitcoin spy operation looks to have been enabled by its unparalleled ability to siphon traffic from the physical cable connections that form the internet and ferry its traffic around the planet. As of 2013, the NSA’s Bitcoin tracking was achieved through program code-named OAKSTAR, a collection of covert corporate partnerships enabling the agency to monitor communications, including by harvesting internet data as it traveled along fiber optic cables that undergird the internet.

Specifically, the NSA targeted Bitcoin through MONKEYROCKET, a sub-program of OAKSTAR, which tapped network equipment to gather data from the Middle East, Europe, South America, and Asia, according to classified descriptions. As of spring 2013, MONKEYROCKET was “the sole source of SIGDEV for the BITCOIN Targets,” the March 29, 2013 NSA report stated, using the term for signals intelligence development, “SIGDEV,” to indicate the agency had no other way to surveil Bitcoin users. The data obtained through MONKEYROCKET is described in the documents as “full take” surveillance, meaning the entirety of data passing through a network was examined and at least some entire data sessions were stored for later analysis.

At the same time, MONKEYROCKET is also described in the documents as a “non-Western Internet anonymization service” with a “significant user base” in Iran and China, with the program brought online in summer 2012. It is unclear what exactly this product was, but it would appear that it was promoted on the internet under false pretenses: The NSA notes that part of its “long-term strategy” for MONKEYROCKET was to “attract targets engaged in terrorism, [including] Al Qaida” toward using this “browsing product,” which “the NSA can then exploit.” The scope of the targeting would then expand beyond terrorists. Whatever this piece of software was, it functioned a privacy bait and switch, tricking Bitcoin users into using a tool they thought would provide anonymity online but was actually funneling data directly to the NSA.

The hypothesis that the NSA would “launch an entire operation overseas under false pretenses” just to track targets is “pernicious,” said Matthew Green, assistant professor at the Johns Hopkins University Information Security Institute. Such a practice could spread distrust of privacy software in general, particularly in areas like Iran where such tools are desperately needed by dissidents. This “feeds a narrative that the U.S. is untrustworthy,” said Green. “That worries me.”

The NSA declined to comment for this article. The Bitcoin Foundation, a nonprofit advocacy organization, could not immediately comment.

Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data.
VPN, or Virtual Private Network, is a great way to protect your daily online activities that work by encrypting your data and boosting security, as well as useful to obscure your actual IP address.
While some choose VPN services for online anonymity and data security, one major reason many people use VPN is to hide their real IP addresses to bypass online censorship and access websites that are blocked by their ISPs.


But what if when the VPN you thought is protecting your privacy is actually leaking your sensitive data and real location?
A team of three ethical hackers hired by privacy advocate firm VPN Mentor revealed that three popular VPN service providers—HotSpot Shield, PureVPN, and Zenmate—with millions of customers worldwide were found vulnerable to flaws that could compromise user's privacy.
The team includes application security researcher Paulos Yibelo, an ethical hacker known by his alias 'File Descriptor' and works for Cure53, and whereas, the identity of third one has not been revealed on demand.
PureVPN is the same company who lied to have a 'no log' policy, but a few months ago helped the FBI with logs that lead to the arrest of a Massachusetts man in a cyberstalking case.
After a series of privacy tests on the three VPN services, the team found that all three VPN services are leaking their users' real IP addresses, which can be used to identify individual users and their actual location.
Concerning consequences for end users, VPN Mentor explains that the vulnerabilities could "allow governments, hostile organizations [sic], or individuals to identify the actual IP address of a user, even with the use of the VPNs."
The issues in ZenMate and PureVPN have not been disclosed since they haven't yet patched, while VPN Mentor says the issues discovered in ZenMate VPN were less severe than HotSpot Shield and PureVPN.



The team found three separate vulnerabilities in AnchorFree's HotSpot Shield, which have been fixed by the company. Here's the list:

• Hijack all traffic (CVE-2018-7879) — This vulnerability resided in Hotspot Shield’s Chrome extension and could have allowed remote hackers to hijack and redirect victim's web traffic to a malicious site.
• DNS leak (CVE-2018-7878) — DNS leak flaw in Hotspot Shield exposed users' original IP address to the DNS server, allowing ISPs to monitor and record their online activities.
• Real IP Address leak (CVE-2018-7880) — This flaw poses a privacy threat to users since hackers can track user's real location and the ISP. the issue occurred because the extension had a loose whitelist for "direct connection." Researchers found that any domain with localhost, e.g., localhost.foo.bar.com, and 'type=a1fproxyspeedtest' in the URL bypass the proxy and leaks real IP address.

The researchers also reported similar vulnerabilities in the Chrome plugins of Zenmate and PureVPN, but for now, the details of the bugs are being kept under wraps since both the manufacturers have not yet fixed them.
Researchers believe that most other VPN services also suffer from similar issues.

Twitter hunting jihadists accounts: They have been closed over 125,000 online profiles with “terrorist content”

Microblogging platform, Twitter, has begun using antispam technology to detect accounts that promote terrorism, suspending in recent months, 125,000 online profiles with Islamist character,  informs  The New York Times. The Twitter company has launched this campaign to urge of Administration of Washington, who asked online social networks to intensify actions to combat terrorist messages.

Online social networks have become a recruiting tool and radicalization used by groups such as  Islamic State terrorist organization. Twitter, based in San Francisco American city, announced additional staff specialized in the detection of terrorist content to reduce “significant” reaction time. Twitter experts use technology similar to anti-spam to detect and suspend accounts that promote terrorism.

Barack Obama administration welcomed the microblogging platform announcement.
“We committed to take all possible measures to block terrorist activities, including in cyberspace; welcome the measures taken by the private partners in this field”, has sent the White House.

According to Check Point Mobile Security Team, who uncovered this campaign, RottenSys is an advanced piece of malware that doesn't provide any secure Wi-Fi related service but takes almost all sensitive Android permissions to enable its malicious activities.

"According to our findings, the RottenSys malware began propagating in September 2016. By March 12, 2018, 4,964,460 devices were infected by RottenSys," researchers said.

Instead, RottenSys has been designed to communicate with its command-and-control servers to get the list of required components, which contain the actual malicious code.
RottenSys then downloads and installs each of them accordingly, using the "DOWNLOAD_WITHOUT_NOTIFICATION" permission that does not require any user interaction.

Hackers Earned $115,000 in Just Last 10 Days

"RottenSys is an extremely aggressive ad network. In the past 10 days alone, it popped aggressive ads 13,250,756 times (called impressions in the ad industry), and 548,822 of which were translated into ad clicks," researchers said.

How to Detect and Remove Android Malware?

To check if your device is being infected with this malware, go to Android system settings→ App Manager, and then look for the following possible malware package names:
com.android.yellowcalendarz (每日黄历)
com.changmi.launcher (畅米桌面)
com.android.services.securewifi (系统WIFI服务)
com.system.service.zdsgt
If any of above is in the list of your installed apps, simply uninstall it.

Memcached reflections that recently fueled two most largest amplification DDoS attacks in the history have also helped other cybercriminals launch nearly 15,000 cyber attacks against 7,131 unique targets in last ten days, a new report revealed.
Chinese Qihoo 360's Netlab, whose global DDoS monitoring service 'DDosMon' initially spotted the Memcached-based DDoS attacks, has published a blog post detailing some new statistics about the victims and sources of these attacks.
The list of famous online services and websites which were hit by massive DDoS attacks since 24th February includes Google, Amazon, QQ.com, 360.com, PlayStation, OVH Hosting, VirusTotal, Comodo, GitHub (1.35 Tbps attack), Royal Bank, Minecraft and RockStar games, Avast, Kaspersky, PornHub, Epoch Times newspaper, and Pinterest.


Overall, the victims are mainly based in the United States, China, Hong Kong, South Korea, Brazil, France, Germany, the United Kingdom, Canada, and the Netherlands.





According to Netlab researchers, the frequency of attacks since 24th February has increased dramatically, as listed below:

• Before 24th February, the day when Memcached-based DDoS attacks were first spotted, the daily average was less than 50 attacks.
• Between 24th and 28th February, when Memcached as a new amplification attack vector was not publicly disclosed and known to a small group of people, the attacks raised to an average of 372 attacks per day.
• Soon after the first public report came on 27th February, between 1st and 8th March, the total number of attacks jumped to 13,027, with an average of 1,628 DDoS attack events per day.

The maximum number of active vulnerable Memcached servers at a time that participated in the DRDoS attacks was 20,612.
I don't want to exaggerate this but expect hundreds of thousands of Memcached-based DDoS attacks in coming days, as hackers and researchers have now released multiple easy-to-execute exploits that could allow anyone to launch Memcached amplification attacks.
However, researchers have also discovered a 'kill-switch' technique that could help victims mitigate Memcached DDoS attacks efficiently.
Despite multiple warnings, over 12,000 vulnerable Memcached servers with UDP support enabled are still exposed on the Internet, which could fuel more cyber attacks.
Therefore, server administrators are strongly advised to install the latest Memcached 1.5.6 version which disables UDP protocol by default to prevent amplification/reflection DDoS attacks.