Jump to content
nsane.forums

Search the Community

Showing results for tags 'security'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Found 49 results

  1. RegRun Security Suite

    RegRun Security Suite will make your computer-management life easier, and will help protect you from much of the destructive activity of today's Trojans. RegRun Security Suite will make your computer-management life easier, and will help protect you from much of the destructive activity of today's Trojans. Platinum Edition includes integrated anti-rootkit UnHackMe and unique feature for analyzing Windows boot-up process Bootlog XP. Homepage http://www.greatis.com/security Download http://www.greatissoftware.com/regrunplat.zip
  2. Malwarebytes Endpoint Security v1.8.9.0000 Advanced threat prevention Malwarebytes Endpoint Security is an endpoint protection platform that uses multiple technologies to proactively protect your computers against unknown and known threats. Delivering multi-stage attack protection provides companies of all sizes, across all industries, around the globe the ability to stop cybercriminals at every step of the attack chain. Key benefits: Stops advanced malware and ransomware attacks Reduces the chances of data exfiltration and saves on IT resources by protecting against malware that traditional security can miss. Protects against exploits and ransomware Protects unsupported programs by armoring vulnerabilities against exploits. Signature-less behavioral monitoring technology automatically detects and blocks unknown (zero-hour) ransomware. Increases productivity Maintains end-user productivity by preserving system performance and keeping staff on revenue-positive projects. Easy management Simplifies endpoint security management and identifies vulnerable endpoints. Streamlines endpoint security deployment and maximizes IT management resources. Scalable threat prevention Deploys protection for every endpoint and scales as your company grows. Detects unprotected systems Discovers all endpoints and installed software on your network. Systems without Malwarebytes that are vulnerable to cyberattacks can be easily secured. Remediates Mac endpoints Rapidly detects and removes malware from OS X endpoints, including adware.* CORE TECHNOLOGIES: Anti-malware • Advanced malware prevention Anti-exploit • Four layers of exploit protection Anti-ransomware • Automatically detects and blocks ransomware Management console • Security policies, central monitoring, and reporting Anti-malware Features • Proactive anti-malware/anti-spyware scanning • Three system scan modes (Quick, Flash, Full) • Malicious website blocking • File execution blocking • Malwarebytes Chameleon technology • Delete-on-reboot option Anti-exploit Features • Protection against operating system security bypasses • Memory caller protection • Application behavior protection • Application hardening Anti-ransomware Features • Dedicated real-time detection and blocking engine • Proprietary ransomware behavioral technology • Signature-less identification of unknown (zero-hour) ransomware • Small system footprint • Compatible with third-party security solutions Management Console Features • Scalable endpoint management with push install functionality • Flexible scan scheduling • Threat view with central reporting • Virtual deployment simulator • Active Directory integration SYSTEM REQUIREMENTS Endpoints Supported operating systems: Windows 10, 8.1, 8, 7, Vista, XP Windows Server 2016, 2012, 2008, 2003 Windows Small Business Server 2011 Mac OS X (10.8 and newer) Hardware: 800 MHz CPU or better 1 GB RAM or higher (2 GB or higher for Windows Server) 35 MB free disk space Management Console Supported operating systems: Windows Server 2016, 2012, 2008 Supported Microsoft SQL Servers: SQL Server 2016, 2014, 2012, 2008 SQL Server 2008 Express (included with product) Hardware: 2 GHz CPU (dual-core 2.6 GHz or faster recommended) 2 GB RAM or higher (4 GB recommended) 10 GB free disk space (20 GB recommended) Homepage: https://www.malwarebytes.com/business/endpointsecurity/ Download: Site: https://www.solidfiles.com Sharecode: /v/YnQmRwWegNgpw
  3. The by default highly questionable set options concerning privacy and data protection in Windows 10 brought me to the idea for the development of this little program. Microsoft generously enables everybody to change the concerning settings, but hides them in countless menus, where a normal user does not want to search for! The program should therefore be a help, to display the available settings relatively clearly and to set the desired options if necessary. The primary focus is on settings for Windows 10 and its apps (for example the new browser "Edge"). The program will be expanded gradually, if possible and available, with the corresponding Windows 8.1 features in the future. W10Privacy is certainly no programming masterpiece, but meets my envisaged purpose. The software is still in an early development phase: suggestions and requests will be gladly accepted and considered, if necessary, in the further development! Manual/Instructions + Screenshots - EN Manual/Instructions + Screenshots - DE Changes in 3.1.0.0 (17.04.2018) - Add additional privacy settings, as well as a setting for the search function and Cortana - Supplement to the options "retrieve search suggestions and web results disable through Bing" and "disable Windows smart screen" for more Registry Keys. These setting have been set, these will be displayed, now with the new W10Privacy Version first as inactive. The settings are enable again. Removal of one of the two options regarding the refusal to grant the App access to the diagnostic functions ("_app_zugriff_diagnose"). Due to a typing error, the second setting was listed as a separate setting. Many thanks to Joachim for the hint! Homepage Download page Download SHA256-Hash: d892fa2ec007ad20c85c33edea60bf9e26aa8bf5416a98afaa6bd3389726f943 @Geez Portable Online - Mirror: First screen enter: 1523363058 Site: https://www.mirrorcreator.com Sharecode[?]: /files/1AG4NUKR/W10Privacy_Portable_x.x_Rev1_Multilingual_Online.exe_links
  4. The by default highly questionable set options concerning privacy and data protection in Windows 10 brought me to the idea for the development of this little program. Microsoft generously enables everybody to change the concerning settings, but hides them in countless menus, where a normal user does not want to search for! The program should therefore be a help, to display the available settings relatively clearly and to set the desired options if necessary. The primary focus is on settings for Windows 10 and its apps (for example the new browser "Edge"). The program will be expanded gradually, if possible and available, with the corresponding Windows 8.1 features in the future. W10Privacy is certainly no programming masterpiece, but meets my envisaged purpose. The software is still in an early development phase: suggestions and requests will be gladly accepted and considered, if necessary, in the further development! Manual/Instructions + Screenshots - EN Manual/Instructions + Screenshots - DE Changes in 3.0.0.0 (10.04.2018) - Add additional options for Windows 10, 1803, and the adjustment of existing settings, so that these are to be formally published Version compatible. - Add additional options, which versions are in some cases also for older Windows valid. - All App-related settings are now found in the newly created "Apps". - small improvements Homepage Download page Download SHA256-Hash: 4a531da2f9b0c97fc0aad4bdef2106b51889a8407e2478915467b5b1c7e6060a @Geez Portable Online - Mirror: First screen enter: 1523363058 Site: https://www.mirrorcreator.com Sharecode[?]: /files/1AG4NUKR/W10Privacy_Portable_x.x_Rev1_Multilingual_Online.exe_links
  5. Avast Secure Browser 64.0.388.186 Avast Secure Browser is an updated version of the Avast SafeZone browser. It's a 32-bit Chrome knife: Browser includes a Security and Privacy Center where you can select a set of inbuild tools and features to protect your online activities: - stealth mode - anti-fingerprinting - anti-phishing - anti-tracking - https encryption - password manager - extension guard - privacy cleaner - flash blocker Other functions: - Video Downloader allows you to save any video and audio files in one click Optional: - Avast Free Antivirus - Banking mode (Avast Free Antivirus is required) - SecureLine VPN (requires the installation of Avast SecureLine VPN) Homepage: https://www.avast.com/en-gb/secure-browser Download installer for Win 7, 8, 10, 2.5 MB: https://cdn-download.avastbrowser.com/avast/avast_secure_browser_setup.exe
  6. Changing my AV

    Hi, I have been using ESET SS since half a decade now, Now I'm thinking about changing my security setup for a change. I was thinking about MSE with WFC and MBAM, will it be good enough ? In the past I have tried out Nortan, Kaspersky, Avast, Avira but they had huge update size or/and I just found them to be annoying... And then I found ESET I just want an AV with small sized update definitions, just like ESET has. If you guys have tried and experienced or know about such an av, then kindly suggest ! Thanks in Advance !!
  7. Startup Sentinel 1.7.3

    Summary Startup Sentinel (a.k.a. SuS) makes your PC startup faster and more secure by giving you full control on loaded software. Every single program added to your startup sequence is detected on the fly and can be approved, rejected or blacklisted (for further automatic rejection by SuS) Features Automatic detection of startup software Whitelist of trusty allowed software Blacklist of malware or unwanted software Internationalization support. Version History Homepage Download
  8. Windscribe VPN 1.81 Build 42 / 41 Stable Internet As It Should Be Windscribe is a desktop application and browser extension that work together to block ads and trackers, restore access to blocked content and help you safeguard your privacy online. Learn More. https://assets.windscribe.com/video/windscribe_explainer_480p.mp4 What's New: https://blog.windscribe.com/windscribe-1-81-beta-changelog-b9c557906d60 We’ve been working on this version for quite a while, existing installations should prompt you to update the app over the next 48 hrs. Here is what’s new. Changelog: New features IKEv2 protocol support (manual and automatic mode) Emergency Connect / Secure Login Fixed bugs Wifi-sharing not working after wakeup Forcibly close all TCP sockets after tunnel up Don’t forcibly disconnect if currently connected node is missing from the server list Language detection defaults to English instead of Arabic Reinstall/enable WAN miniport adapters if missing/disabled Adjusted DPI to work with multiple scale factors Other Changes Added “Disconnecting” state Eliminated redundant API calls Reduced the server ping frequency Updated OpenVPN binaries to latest version Don't auto-enable the firewall (in Automatic mode) on computer start up if auto-connect is false Simplified installer flow + additional “custom install” options Async DNS resolver Adjusted node selection algorithm to favor lower latency nodes Forcibly expand certain locations when the country name is clicked Detect if LAN range is RFC-1918 complaint To-do list for next version: CLI interface Favorite locations Dedicated IP support IKEv2 connectivity test SOCKS5 server UDP associate support Fix startup error on multi-user computers Mystery feature 1 Mystery feature 2 Downloads: Windscribe for Your Computer: Windscribe for Your Browser: Windscribe for Your Phone: Windscribe for Your TV: Windscribe for Your Router: Config Generators:
  9. SCAM EMAILS I RECEIVED LATELY part 2 I checked my other e-mail account and found there 2 scam emails as well. One from ''Bank of America'' similar to that shown already in the part # 1 of my “scam saga'' . However the second seems to be more interesting; This time it's ''FBI Executive Director'' who reached out to me. Oh gosh ... Looks like scammers' imagination is really limitless ! FBI EXECUTIVE DIRECTOR Christopher A. Wray <[email protected]> Federal Bureau of Investigation (FBI)Anti-Terrorist And Monitory Crime Division. Federal Bureau Of Investigation. J.Edgar.Hoover Building Washington Dc Customers Service Hours / Monday To Saturday Office Hours Monday To Saturday: Dear Beneficiary, We hope this notification arrives meeting your good health and mind.Series of meetings have been held over the past 7 months with the secretary general of the United Nations Organization. This ended 3 days ago. This meeting was scheduled and arranged by the former acting Director of the Federal Bureau of Investigation. It is obvious that you have not received your fund which is to the tune of $10.3M) million due to past corrupt Governmental Officials who almost held the fund to themselves for their selfish reason and some individuals who have taken advantage of your fund all in an attempt to swindle your fund which has led to so many losses from your end and unnecessary delay in the receipt of your fund.for more information do get back to us. The National Central Bureau of Interpol enhanced by the United Nations and Federal Bureau of Investigation have successfully passed a mandate to the government of the states the exercise of clearing all foreign debts owed to you and other individuals and organizations who have been found not to have receive their Contract Sum, Lottery/, Inheritance. we are happy to inform you that based on our recommendation your outstanding contract inheritance funds of over-due payment in tone of USD $10.3M) has been credited in your favor in SunTrust Bank. Having said all this, we will further advise that you go ahead in dealing with the SunTrust Bank, AL accordingly as we will be monitoring all their activities with you as well as your correspondence at all levels. NOTE: There are numerous scam emails on the internet, imposters impersonating names and images. We therefore warn our dear citizens to be very careful with any claim email you receive prior to these irregularities so that they do not fall victim to this ugly circumstance anymore. And should in case you are already dealing with anybody or office claiming that you have a payment with them, you are to STOP further contact with them immediately in your best interest and contact the real bank (SunTrust Bank ) only where your fund is laying, with the below information: Bank Name: SunTrust Bank Address: 402 Cox Creek Pkwy, Florence, AL 35630, USA Attn:Lambert CressWell (Remittance Director) E-mail:[email protected] Department Code:63804 Contact the bank today and furnish them with this information below for processing of your payment/funds accordingly. FULL NAME: CURRENT ADDRESS: CITY: STATE: ZIP CODE: DIRECT CONTACT NUMBER: NOTE: In your best interest, any message that does not come from the above email address should be Nullify and avoided immediately for security reasons. Meanwhile, we will advise that you contact the SunTrust Bankk office in Alabama immediately with the above email address and request that they attend to your payment file as directed so as to enable you receive your payment/fund accordingly. Ensure you follow all directives from SunTrust Bank as this will further help hasten up the whole payment process in regards to the transfer of your fund to you as designated. Also have in mind that the SunTrust Bank equally has their own protocol of operation as stipulated on their banking terms. All modalities has already been worked out before you were contacted and note that we will be monitoring all your dealings with them as you proceed so you don't have anything to worry about. All we require from you henceforth is an update so as to enable us be on track with you and the SunTrust Bank . Without wasting much time, we will want you to contact them immediately with the above email address and phone number so as to enable them attend to your case accordingly without any further delay as time is already running out. Should in case you need any more information in regards to this notification, feel free to get back to us via email so that we can brief you more as we are here to guide you during and after this project has been completely perfected and you have received your payment/fund as stated. Thank you very much for your anticipated co-operation. BEST REGARDS Christopher A. Wray Director Federal Bureau on Investigation J. Edgar Hoover Building 601,4th Street, 935 Pennsylvania Avenue, NW Washington, D.C. 20535-0001, USA HAVE EVEN MORE FUN ! SCAM EMAILS I RECEIVED LATELY - part 1
  10. JUST FOR PRECAUTION & ... FUN ! Still remember @knowledge's concerns related to a strange e-mail he did received. Now it's my turn : I would like to show you 2 scam emails I received recently. Learn yet another scammers tricks ! # 1 Re: GREETINGS THIS IS VERY URGENT MR. NEIL OLGIA<[email protected]> Reply-To: [email protected] Good Day, Please get back to me very quickly for a detailed brief on an ongoing plot to steal your ATM CARD. I do not know your reason for not claiming this ATM CARD before now. My Boss the Director General of Debt Management Office (DMO) is on leave and the person who is his deputy is trying to send your ATM CARD to another beneficiary in Indonesia, I heard him speaking to the person on the telephone about sending some ATM CARD to him for him to withdraw the money and invest on his behalf in Indonesia. When I heard their conversation, I decided to see what I can do to assist you so that your card will not be among the ATM CARD he will steal with the PIN and send to Indonesia, So I quickly went into his office when he went on break and remove the envelope containing your ATM CARD with the PIN. I have made arrangement to send the card to you and it will cost you the sum of $380.00. I want you to send out this amount immediately to avoid loosing your ATM CARD. Also confirm your full name, direct telephone number and your receiver's address to avoid any mistake. I am waiting for your urgent reply to this email now. Do not respond to this message if you are not ready to pay $380 for sending of the ATM CARD to you. Thanks. Mr. Neil Olgia mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm # 2 MESSAGE FROM BANK OF AMERICA BANK OF AMERICA<[email protected]> Reply-To: [email protected] Bank of America 115 W 42nd St, New York, NY 10036, USA From Desktop of Mr. Jeff Anderson Our Ref: BOF-0XX2/987/20 E-mail:[email protected] It is my modest obligation to write you this letter as regards the Authorization of your owed payment through our most respected financial institution (Bank of America). I am Mr. Jeff Anderson, TRANSFER INSPECTION OFFICER, foreign operations Department Bank of America, the British Government in Conjunction with us government, World Bank, united Nations Organization on foreign Payment matters has empowered my bank after much consultation and consideration to handle all foreign payments and release them to their appropriate beneficiaries with the help of a Representative from Federal Reserve Bank of New York. As the newly Appointed/Accredited International Paying Bank, We have been instructed by the world governing body together with the committee on international debt reconciliation department to release your overdue funds with immediate effect; with this exclusive vide transaction no.: wha/eur/202,password: 339331, pin code: 78569, having received these vital payment numbers, you are instantly qualified to receive and confirm your payment with us within the next 96hrs. Be informed that we have verified your payment file as directed to us and your name is next on the list of our outstanding fund beneficiaries to receive their payment. Be advised that because of too many funds beneficiaries, you are entitled to receive the sum of $14.5M,(Fourteen Million Five Hundred Thousand Dollars only), as to enable us pay other eligible beneficiaries. To facilitate with the process of this transaction, please kindly re-confirm the following information below: 1) Your Full Name: 2) Your Full Address: 3) Your Contact Telephone and Fax No: 4) Your Profession, Age and Marital Status: 5) Any Valid Form of Your Identification/Driver's License: 6) Bank Name: 7) Bank Address: Account Name: 9) Account Number: 10) Swift Code: 11) Routing Number: As soon as we receive the above mentioned information, your payment will be processed and released to you without any further delay. This notification email should be your confidential property to avoid impersonators claiming your fund. You are required to provide the above information for your transfer to take place through Bank to Bank Transfer directly from Bank of America We Look Forward To Serving You Better. Mr. Jeff Anderson, TRANSFER INSPECTION OFFICER Bank of America Stay safe and ..... have fun PART TWO
  11. Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer. This tool is presented within a simple interface enabling fast configuration and includes internal blocking lists (malware, telemetry). simplewall (WFP Tool) can be considered as an alternative to the default filters provided by Windows Firewall. It will enable you to effectively regulate which of your processes or apps require internet access restriction or not. simplewall (WFP Tool) is designed to make your life easy by automatically blocking malware and telemetry-related data but can also be used with custom rules for blocking particular ports or IP addresses if desired. Features Simple interface without annoying pop ups Dropped packets logging (Windows 7 and above) Internal blocking lists (malware, telemetry) Free and open source Localization support IPv4/IPv6 support Changelog: v2.2.1 Beta (14 March 2018) instant apps list sorting notifications: added information about blocked protocol notifications: replaced "disable notifications for this app" icon notifications: changed default timeout between same notifications notifications: tray popup sometimes won't shown on some systems notifications: ignore button combined with block button notifications: changed texts for remote/local addresses timer does not removed when user manually uncheck apps removed font boldening for itself (issue #135) changed minimal width of main window fixed timers formatting fixed ui bugs fixed bugs v2.2 Beta (4 March 2018) new notification ui now simplewall added to the apps list automatically (issue #106) added windows services support [beta] (issue #88) added profile timestamping new localization engine (single .lng file) more sensitive notifications (issue #107) lock-free dropped events callback (win7+) added group total items count indication added block action for notifications (issue #123) automatic profile backup (issue #110) added network address resolution make internal apps undeletable menu bitmap transparent icons app paths case correction added timers (issue #96) set process high priority ipsec dropped packets logging (win8+) removed wow64 redirection (use simplewall 64-bit binaries for win64) revert "purge unused apps" feature optimized apps types recognition improved tray context menu (issue #103) improved memory allocation changed verify signatures algorithm (issue #94) changed "purge invalid apps" hotkey changed default font cosmetics for filter names cosmetic fixes (issue #108) stability improvements updated default colors updated localization fixed dropped events callback failure (win10 rs3 and above) fixed steal focus at startup and when notification displaying fixed working under blacklist mode fixed multi-monitor support fixed ui bugs fixed bugs v2.1.4 (27 November 2017) do not verify signatures for store apps (win8+) optimized digital signatures verification (issue #94) fixed appcontainers listing (removed firewallapi.dll dependence) (win8+) (issue #104) fixed notifications race conditions (it may fix issue #73) fixed status does not changed when app deleted fixed "system" process marked as pico updated blocklist code cleanup fixed bugs v2.1.3 (22 November 2017) disabled loopback and digital signatures config by default fixed displaying name of store apps (win8+) (issue #98) fixed network paths rules (issue #102) v2.1.2 RC (21 November 2017) added option to disable apps signature checking set selected apps when you are open rules editor from main window reworked special rules (minimized memory usage and speed improvements, also removed limit in apps selection for special rules) removed ocsp signature verification (issue #94) improved apps version receiving renamed "filters" into "rules" fixed various rules editor crashes (issue #89) fixed notifications race conditions (it may fix issue #73) fixed blocklist incorrect check state fixed restoring after hibernation updated localization fixed ui bugs fixed bugs v2.1.1 Beta (17 November 2017) reworked filter settings page added option to disable hosts support for rules added option to load blocklist extra rules cosmetic fixes for ipv6 address format fixed dns resolutions where it does not required (issue #94) fixed various rules editor crashes (issue #89) fixed windows store icon destroying removed filters configuration from menu (use settings dialog instead) removed internal rules files from distro updated internal rules updated localization fixed ui bugs fixed bugs v2.1 Beta (12 November 2017) added windows store apps support (win8+) revert allowing loopback connection feature converted log limit unit to kilobytes dropped packets log cosmetic fixes improved confirmation dialogs updated localization fixed settings will not be applied for main menu fixed displaying icons for some processes fixed rules editor crash (issue #89) fixed color items reorganization fixed ui bugs fixed bugs v2.0.20 (6 November 2017) now custom rules will overwrite system rules added warning message for listen connections option apply filters on demand in settings dialog added port support for ip ranges removed rules configuration from menu (use settings dialog instead) fixed rule apps does not saved when checkbox are checked fixed rule generation from notification window fixed listen connections does not blocked fixed highlighting special rules for apps fixed running under non-admin account fixed skip-uac working directory fixed listview sorting fixed ui bugs fixed bugs Homepage: https://www.henrypp.org/product/simplewall Downloads - stable: Installer: https://github.com/henrypp/simplewall/releases/download/v.2.1.4/simplewall-2.1.4-setup.exe Portable: https://github.com/henrypp/simplewall/releases/download/v.2.1.4/simplewall-2.1.4-bin.zip Downloads - 2.2 beta: Installer: https://github.com/henrypp/simplewall/releases/download/v.2.2/simplewall-2.2-setup.exe Portable: https://github.com/henrypp/simplewall/releases/download/v.2.2/simplewall-2.2-bin.zip Downloads - 2.2.1 beta: Installer: https://github.com/henrypp/simplewall/releases/download/v.2.2.1/simplewall-2.2.1-setup.exe Portable: https://github.com/henrypp/simplewall/releases/download/v.2.2.1/simplewall-2.2.1-bin.zip
  12. Torrent Client uTorrent Suffers Security Vulnerability (Updated) BitTorrent client uTorrent is suffering from an as yet undisclosed vulnerability. The security flaw was discovered by Google security researcher Tavis Ormandy, who previously said he would reveal a series of "remote code execution flaws" in torrent clients. BitTorrent Inc. has rolled out a 'patch' in the latest Beta release and hopes to fix the stable uTorrent client later this week. With dozens of millions of active users a day, uTorrent has long been the most used torrent client. The software has been around for well over a decade and it’s still used to shift petabytes of data day after day. While there haven’t been many feature updates recently, parent company BitTorrent Inc. was alerted to a serious security vulnerability recently. The security flaw in question was reported by Google vulnerability researcher Tavis Ormandy, who first reached out to BitTorrent in November last year. Google’s Project Zero allows developers a 90-day window to address security flaws but with this deadline creeping up, BitTorrent had remained quiet. Late last month Ormandy again reached out to BitTorrent Inc’s Bram Cohen, fearing that the company might not fix the vulnerability in time. “I don’t think bittorrent are going to make a 90 day disclosure deadline, do you have any direct contacts who could help? I’m not convinced they understand the severity or urgency,” Ormandy wrote on Twitter. Nudge While Google’s security researcher might have expected a more swift response, the issue wasn’t ignored. BitTorrent Inc has yet to fix the problem in the stable release, but a patch was deployed in the Beta version last week. BitTorrent’s Vice President of Engineering David Rees informed us that this will be promoted to the regular release this week, if all goes well. While no specific details about the vulnerability have yet to be released (update below), it is likely to be a remote execution flaw. Ormandy previously exposed a similar vulnerability in Transmission, which he said was the “first of a few remote code execution flaws in various popular torrent clients.” BitTorrent Inc. told us that they have shared their patch with Ormandy, who according to the company confirmed that this fixes the security issues (update below). uTorrent Beta release notes “We have also sent the build to Tavis and he has confirmed that it addresses all the security issues he reported,” Rees told us. “Since we have not promoted this build to stable, I will reserve reporting on the details of the security issue and its fix for now.” BitTorrent Inc. plans to release more details about the issue when all clients are patched. Then it will also recommend users to upgrade their clients, so they are no longer at risk, and further information will also be available on Google’s Project Zero site. Of course, people who are concerned about the issue can already upgrade to the latest uTorrent Beta release right away. Or, assuming that it’s related to the client’s remote control functionality, disable that for now. Update: More details about the vulnerability (and a demo) have been published by Ormandy after we finished this article. It is indeed a DNS rebinding issue that potentially allows outsiders to remotely execute code through uTorrent’s remote control feature. Also, uTorrent’s patch appears not to be as solid as BitTorrent Inc. believes, according to Google’s security researcher. “Hmm, it looks like BitTorrent just added a second token to uTorrent Web. That does not solve the DNS rebinding issue, it just broke my exploit,” he writes. Still vulnerable? Fixed? Update 2: BitTorrent inc just released the following statement: “On December 4, 2017, we were made aware of several vulnerabilities in the uTorrent and BitTorrent Windows desktop clients. We began work immediately to address the issue. Our fix is complete and is available in the most recent beta release (build 3.5.3.44352 released on 16 Feb 2018). This week, we will begin to deliver it to our installed base of users. All users will be updated with the fix automatically over the following days. The nature of the exploit is such that an attacker could craft a URL that would cause actions to trigger in the client without the user’s consent (e.g. adding a torrent). A fix for uTorrent Web was released a few hours ago according to BitTorrent Inc and users are recommended to update this to the latest available build as well. To be continued... Note: uTorrent’s Beta changelog states that the fixes were applied on January 15, but we believe that this should read February 15 instead. SOURCE
  13. Browser in the Box 4.6.1

    Browser in the Box The virtual environment for secured and comfortable web browsing Browsing the Internet has become an absolutely necessity in today’s work environments. No-one even considers collecting information without using the web. But our computers also process confidential and critical information such personal and company-internal data. Using the Internet offers huge benefits, but is also subject to constantly changing threats. The development of different browser versions in the past years can be seen not only as functional progress but as a constant race in the battle against various attack scenarios. Ever since the Internet has become active with the advent of Web 2.0, the balance between threats and benefits has been lost. “Active content” has become a standard part of modern web sites. Websites are more and more indistinguishable from full blown native applications. Programming interfaces like JavaScript, Java, ActiveX or VBScript provide a means for accessing the computer and its resources such as its file system or webcam. Trojans and viruses can abuse such powerful tools e.g. to steal confidential data. Companies and authorities alike are facing a dilemma: to substantially limit the use of the Internet or to find a way of living with existing threats. Homepage https://cybersecurity.rohde-schwarz.com/en/products/secure-endpoint/browser-box Downloads Browser in the Box with Firefox for Windows 7/8.1/10 https://cybersecurity.rohde-schwarz.com/sites/default/files/download/browser_in_the_box.4.6.1-r352.firefox.archive.exe Browser in the Box with Chrome for Windows 7/8.1/10 https://cybersecurity.rohde-schwarz.com/sites/default/files/download/browser_in_the_box.4.6.1-r352.chrome.archive.exe User Manual https://myrscs.rohde-schwarz.com/confluence/display/CKB/Documentation?preview=/9306435/9306454/Browser-in-the-Box_user_manual.pdf
  14. Dr.Web Security Space PRO v12.1.1 + Keys Requirements: 4.0+ Overview: Complex protection from all kinds of threats for mobile devices, Anti-virus for TV sets, media players, and game consoles based on Android TV. Complex protection from all kinds of threats for mobile devices, Anti-virus for TV sets, media players, and game consoles based on Android TV. The product is free for 14 days; after that you need to purchase a commercial license valid for a year or more. Use Dr.Web Security Space for Android for free with the purchase of Dr.Web Security Space or Dr.Web Anti-virus for PC/Mac. Features and Advantages • Quick and full file system scanning; scanning of individual files and folders upon a request. Real-time scanning of a file system. Unlocking of data from ransomware Trojans and data safety with no need to pay a ransom to cybercriminals. Even when a phone is fully blocked, even by blockers unknown to the Dr.Web virus databases. • Detection of new, unknown malicious programs using the unique Origins Tracing™ technology. • Moving of detected threats to the quarantine; restoration of files. Password protection of the Anti-virus settings and access to applications Minimal load on the operating system. • Discreet use of battery resources. • Traffic saving due to a small size of the virus database updates. • Detailed statistics. A convenient and informative widget on a device home screen. Call and SMS Filter Protection from unwanted calls and SMS messages. • Selection of filtration modes. - Personal filtering profiles. • Black list. • Review of blocked calls and messages. Caution: The Call and SMS Filter does not operate on devices without a SIM card. Anti-theft It will help in locating a device in case of its loss or theft; its data can be remotely deleted if necessary. • Blocking of a device after a restart • Blocking of a device with a request to enter a password for unlocking • Unlocking using SMS/via the website https://asc.drweb.com • GPS coordinates of a device • Possibility to remotely delete data from a device memory and its SD card. • Audio alarm • Possibility to display a text on a screen of a blocked device • Possibility to create a list of contacts that will receive a notification on a change of a SIM card on the lost device with the number of the new SIM card, which can be used when appealing to police. These numbers can be used to unlock a phone, if you forget a password. Caution: Anti-theft does not operate on devices without a SIM card. URL filter Restricts access to unwanted Internet resources. Blocking of websites that distribute viruses. Blocking according to subject categories (drugs, violence, etc.). White and black lists of websites Access only to websites from the White list Parental Control Protects application from an unauthorized access and the Anti-virus settings—from unwanted changes by outsiders and children. Blocking of access to applications. Blocking of Dr.Web settings modification. Password protection Security Auditor • Runs diagnostics, exposes security issues and proposes their solutions. Firewall Controls network activity of applications. • Filtering of external network traffic of applications, that are installed on a device, and system applications—according to a user choice (Wi-Fi, network) and configurable rules (according to IP addresses and/or ports, entire networks, address ranges); • Monitoring of current and already transferred traffic—with information on addresses/ports connected by applications and on incoming and outgoing traffic; • Detailed logs. Features of Dr.Web removal when Anti-theft is installed If Dr.Web Anti-theft is enabled on your device, disable it before the application removal. This app uses the Device Administrator permission. This app uses Accessibility services. What's New * Fixed an issue of an emergency application shutdown that occurred on some devices. * Introduced minor interface changes. 1) Install Dr.Web 2) Unzip key 3) Open Dr.Web 4) Select "Use existing license" 5) Select "Copy from file" then OK 6) Browser for the key and select it 7) It shows "The key file is received" This app has no advertisements More Info: https://play.google.com/store/apps/details?id=com.drweb.pro&hl=en Download Instructions https://uploadocean.com http://turbobit.net
  15. ESET Mobile Security & Antivirus PREMIUM v4.0.8.0 + Key Requirements: 4.0+ Overview: ESET Mobile Security is a premium cyber security solution that protects your smartphone and tablet. After installing, you automatically get to try all PREMIUM features for 30 days – without subscribing. Then you can upgrade to PREMIUM, or continue with basic protection, which is lifetime for FREE. BENEFIT FROM FREE FEATURES ✓ On-demand Scan triggered by the user ✓ On-access Scan of downloaded applications and files ✓ Quarantine ✓ Anti-Theft – with Remote Lock, Remote Siren and GPS Localization activated by SMS ✓ Support ✓ USSD vulnerability protection ✓ Tablet friendly interface SUBSCRIBE TO PREMIUM FEATURES ✪ Proactive Anti-Theft with web interface on my.eset.com ✪ Anti-Phishing ✪ Scheduled scanning ✪ On-charger scan ✪ Automatic updates ✪ SMS/MMS/Call blocking ✪ Device Monitoring of important settings ✪ Application Audit TRY PROACTIVE ANTI-THEFT ★ Integration with _my.eset.com web interface for Android devices and Windows laptops protected by ESET Smart Security ★ Suspicious state – Autonomous action when wrong PIN/pattern is entered or unauthorized SIM change detected ★ Camera Pictures – Front/back camera snapshots ★ On Screen Message – Customizable message to potential device finder ★ Low Battery – If the device hits critical battery level, its current location is sent to my.eset.com ★ User IP Address Details – Listing of IP addresses the device was connected to if marked as missing JOIN OUR BETA TESTING COMMUNITY Get your hands on the latest versions of ESET Mobile Security and help us shape the future of our Android apps by following this link: _https://play.google.com/apps/testing/com.eset.ems2.gp PERMISSIONS In order to protect your Android device and valuable information, we will ask you to grant ESET various permissions. ESET will NEVER use these permissions for data collection or Marketing purposes. Promise! For a detailed explanation of what each type of permission is used for, please see our Knowledge Base _http://kb.eset.com/android IF SOMETHING DOESN’T WORK If you are experiencing any issues with the latest version of ESET Mobile Security & Antivirus, please send us the log files using the in-app form, which you can access by pushing the menu button (generally a hardware button located in the lower part of the device) and then tapping on ‘Customer Care’. FEEDBACK After you install ESET Mobile Security & Antivirus, you will become part of our community, which will enable you to send your feedback. If you have any suggestions, questions or just want to say hello, please send us an e-mail to [email protected] What's New - Small bug-fixes and optimizations Key until 2019 This app has no advertisements More Info: https://play.google.com/store/apps/details?id=com.eset.ems2.gp&hl=en Download Instructions: https://uploadocean.com http://turbobit.net
  16. WikiLeaks Chat Reportedly Reveals GOP Bias Leaked conversations from a private WikiLeaks chat group reportedly reveal founder Julian Assange as favoring a Republican Party candidate in the last US presidential election. Rumors have been swirling for some time that the whistleblowing site in some way colluded with Russia over the leaking of hacked Democratic Party emails during the race for the White House. Special counsel Robert Mueller is also investigating possible collusion between the Trump campaign and Russian intelligence, which is said by the CIA, NSA and others to have leaked the damaging emails under the “Guccifer 2.0” moniker. Hillary Clinton has described the efforts of “Russian WikiLeaks” as contributing to her election loss. The leaked transcripts from the direct message group chat would seem to support her suspicions. “We believe it would be much better for GOP to win,” Assange is reported to have written. “[Clinton]’s a bright, well connected, sadistic sociopath.” The private group chat with several WikiLeaks supporters was leaked to The Intercept by the person who originally set it up in 2015; someone who goes by the pseudonym 'Hazelpress'. That person is said to have decided to go public after reports were published claiming that Donald Trump Jr had secretly contacted the site ahead of the election, during which correspondence he was advised to tell his father to reject the results as rigged if he lost and to ask if he could get Assange an Australian ambassadorship. WikiLeaks claims to be a neutral transparency organization. The leaked transcripts also reveal an underlying current of misogyny and anti-Semitism. There's no direct evidence that Assange penned the WikiLeaks entries in the chat log, although as founder he’s widely believed to be in control of the site’s Twitter feed. He’s currently holed up in the Ecuadorian embassy in London, where he’s been hiding from the police since 2012. SOURCE
  17. FedEx S3 Bucket Exposes Private Details on Thousands Worldwide Personal information for thousands of FedEx customers worldwide has been exposed after a legacy Amazon Web Services (AWS) cloud storage server was left open to public access without a password. Kromtech Security Center researchers stumbled upon the AWS S3 bucket, finding that it contained more than 119,000 scanned documents, including passports, drivers’ licenses and Applications for Delivery of Mail Through Agent forms, which contain names, home addresses, phone numbers and ZIP codes. The victims include citizens of countries around the globe, including Australia, Canada, China, EU countries, Japan, Kuwait, Malaysia, Mexico, Saudi Arabia and others. The server turned out to be an inherited one, with information from Bongo International – a company that FedEx bought in 2014. Bob Diachenko, head of communications at Kromtech, noted that the shipping giant relaunched Bongo in 2016 as FedEx Cross Border International, to enable international shipping delivery and logistics. That service was closed down last April, but the bucket remained exposed. "Technically, anybody who used Bongo International services back in 2009–2012 is at risk of having his/her documents scanned and available online for so many years,” Diachenko said. “Seems like [the] bucket has been available for public access for many years in a row. Applications are dated within [the] 2009–2012 range, and it is unknown whether FedEx was aware of that ‘heritage’ when it bought Bongo International back in 2014." FedEx has now removed the server from public access and issued a statement saying that there’s no evidence that the data fell into nefarious hands. “After a preliminary investigation, we can confirm that some archived Bongo International account information located on a server hosted by a third-party, public cloud provider is secure,” FedEx told ZDnet. “The data was part of a service that was discontinued after our acquisition of Bongo. We have found no indication that any information has been misappropriated and will continue our investigation.” Tim Prendergast, CEO of Evident.io, noted that nonetheless, it’s a fact that hackers are actively searching for these kinds of misconfigurations. “Hackers are going after S3 buckets and other repositories because that's where the data is but also because they're easy to find,” he said via email. “There's a whole hacker cottage industry around finding and exploiting S3 buckets, and it's growing because as cloud environments grow, so do the number of unsecured assets that are discoverable.” The incident shows once again that many companies aren’t following best practices when it comes to securing their cloud infrastructure, and many seem confused about whose responsibility it is to provide that security. “The incident, echoing others we’ve seen time and time again…raises the larger issue that many organizations have not yet fully grasped the idea that most public cloud providers are not managing their data – but are just providing a platform or infrastructure, so the management protection of data is left up to the companies themselves,” Obsidian Security CTO Ben Johnson said via email. “It’s critical that enterprises understand the risks of the cloud – that availability and uptime also mean that their data can be easily accessed unless they have the right controls in place.” Brian NeSmith, CEO and co-founder at Arctic Wolf Networks, added: “We need to get our heads out of the clouds, because cloud services are only as secure as you make them. Companies need to start applying the same rigor and discipline to their cloud infrastructure as they do to their on-premises network.” The incident also showcases the need to implement good security practices after a merger or acquisition. “During any M&A transaction it is important that the company who is selling their assets notify their customers that the business is going to be sold and their private data will be transferred to new ownership,” Kromtech’s Diachenko said. “The purchasing company should give customers the option to opt out of their data being transferred and provide a data protection notice. This case highlights just how important it is to audit the digital assets when a company acquires another and to ensure that customer data is secured and properly stored before, during and after the sale. During the integration or migration phase is usually the best time to identify any security and data privacy risks.” SOURCE
  18. Energy-efficient encryption for the internet of things MIT researchers have built a new chip, hardwired to perform public-key encryption, that consumes only 1/400 as much power as software execution of the same protocols would. It also uses about 1/10 as much memory and executes 500 times faster. Credit: Massachusetts Institute of Technology Most sensitive web transactions are protected by public-key cryptography, a type of encryption that lets computers share information securely without first agreeing on a secret encryption key. Public-key encryption protocols are complicated, and in computer networks, they're executed by software. But that won't work in the internet of things, an envisioned network that would connect many different sensors—embedded in vehicles, appliances, civil structures, manufacturing equipment, and even livestock tags—to online servers. Embedded sensors that need to maximize battery life can't afford the energy and memory space that software execution of encryption protocols would require. MIT researchers have built a new chip, hardwired to perform public-key encryption, that consumes only 1/400 as much power as software execution of the same protocols would. It also uses about 1/10 as much memory and executes 500 times faster. The researchers describe the chip in a paper they're presenting this week at the International Solid-State Circuits Conference. Like most modern public-key encryption systems, the researchers' chip uses a technique called elliptic-curve encryption. As its name suggests, elliptic-curve encryption relies on a type of mathematical function called an elliptic curve. In the past, researchers—including the same MIT group that developed the new chip—have built chips hardwired to handle specific elliptic curves or families of curves. What sets the new chip apart is that it is designed to handle any elliptic curve. "Cryptographers are coming up with curves with different properties, and they use different primes," says Utsav Banerjee, an MIT graduate student in electrical engineering and computer science and first author on the paper. "There is a lot of debate regarding which curve is secure and which curve to use, and there are multiple governments with different standards coming up that talk about different curves. With this chip, we can support all of them, and hopefully, when new curves come along in the future, we can support them as well." Joining Banerjee on the paper are his thesis advisor, Anantha Chandrakasan, dean of MIT's School of Engineering and the Vannevar Bush Professor of Electrical Engineering and Computer Science; Arvind, the Johnson Professor in Computer Science Engineering; and Andrew Wright and Chiraag Juvekar, both graduate students in electrical engineering and computer science. Modular reasoning To create their general-purpose elliptic-curve chip, the researchers decomposed the cryptographic computation into its constituent parts. Elliptic-curve cryptography relies on modular arithmetic, meaning that the values of the numbers that figure into the computation are assigned a limit. If the result of some calculation exceeds that limit, it's divided by the limit, and only the remainder is preserved. The secrecy of the limit helps ensure cryptographic security. One of the computations to which the MIT chip devotes a special-purpose circuit is thus modular multiplication. But because elliptic-curve cryptography deals with large numbers, the chip's modular multiplier is massive. Typically, a modular multiplier might be able to handle numbers with 16 or maybe 32 binary digits, or bits. For larger computations, the results of discrete 16- or 32-bit multiplications would be integrated by additional logic circuits. The MIT chip's modular multiplier can handle 256-bit numbers, however. Eliminating the extra circuitry for integrating smaller computations both reduces the chip's energy consumption and increases its speed. Another key operation in elliptic-curve cryptography is called inversion. Inversion is the calculation of a number that, when multiplied by a given number, will yield a modular product of 1. In previous chips dedicated to elliptic-curve cryptography, inversions were performed by the same circuits that did the modular multiplications, saving chip space. But the MIT researchers instead equipped their chip with a special-purpose inverter circuit. This increases the chip's surface area by 10 percent, but it cuts the power consumption in half. The most common encryption protocol to use elliptic-curve cryptography is called the datagram transport layer security protocol, which governs not only the elliptic-curve computations themselves but also the formatting, transmission, and handling of the encrypted data. In fact, the entire protocol is hardwired into the MIT researchers' chip, which dramatically reduces the amount of memory required for its execution. The chip also features a general-purpose processor that can be used in conjunction with the dedicated circuitry to execute other elliptic-curve-based security protocols. But it can be powered down when not in use, so it doesn't compromise the chip's energy efficiency. "They move a certain amount of functionality that used to be in software into hardware," says Xiaolin Lu, director of the internet of things (IOT) lab at Texas Instruments. "That has advantages that include power and cost. But from an industrial IOT perspective, it's also a more user-friendly implementation. For whoever writes the software, it's much simpler." SOURCE
  19. ShieldApps’ Ransomware Defender deals with known ransomware in a way no other solution can. Specially designed for detecting and blocking ransomware prior to any damage, Ransomware Defender blacklists and stops both common and unique ransomware. Once installed, Ransomware Defender stands guard 24/7 utilizing active protection algorithms enhanced with user-friendly alerts and notifications system. Ransomware Defender is fully automated, taking care of all threats via an advanced Scan > Detect > Lock Down mechanism that proactively stands guard to detected threats, and works alongside all main antiviruses and anti-malware products! Ransomware Defender also features a scheduled automatic scan, secured file eraser, lifetime updates and support! More Screehshots: Homepage: https://shieldapps.com/products/ransomware-defender/ or https://www.shieldapps.online/collections/ransomware-defender Download: https://s3.amazonaws.com/shield-products/RansomwareDefender/ShieldApps/RansomwareDefenderSetup.exe or https://s3.amazonaws.com/shield-products/RansomwareDefender/Reseller/RansomwareDefenderSetup.exe Manual/Guide: https://s3.amazonaws.com/partnertemporary/resellerresources/Ransomware+Defender+Operation+Manual.pdf 3.5.8 - 3.x Patch from URET TEAM - igorca: Site: https://yadi.sk Sharecode[?]: /d/CPeTqzwJ3HqiyP
  20. JenX Botnet Has Grand Theft Auto Hook Researchers at Radware have discovered a new botnet that uses vulnerabilities linked with the Satori botnet and is leveraging the Grand Theft Auto videogame community to infect IoT devices. Satori is a derivative of Mirai, the notorious botnet that in 2016 infamously managed to take down Dyn, a DNS hosting provider that supports some of the world’s largest websites. The vulnerabilities in question are CVE-2014-8361 and CVE-2017-17215, which affect certain Huawei and Realtek routers, Radware researcher Pascal Geenens said in a blog post. Radware’s inquiry into the botnet led it to a command-and-control server hosted at the site San Calvicie, which offers not only multiplayer mod support for Grand Theft Auto: San Andreas, but also DDoS attacks for a fee. Enthusiasts of the venerable videogame series, which places players in an immersive 3-D world of violence and vicarious thrills, have created an extensive universe of add-on features and tweaks, or “mods,” in the name of enriching and extending their experience. Sites such as San Calvicie cater to GTA gamers who want to host their own custom versions of GTA for multiplayer action. “The Corriente Divina (‘divine stream’) option is described as ‘God’s wrath will be employed against the IP that you provide us,” Geenens wrote of the site’s DDoS offering. “It provides a DDoS service with a guaranteed bandwidth of 90-100 Gbps and attack vectors including Valve Source Engine Query and 32 bytes floods, TS3 scripts and a ‘Down OVH’ option which most probably refers to attacks targeting the hosting service of OVH, a cloud hosting provider that also was a victim of the original Mirai attacks back in September 2016. OVH is well known for hosting multi-player gaming servers such as Minecraft, which was the target of the Mirai attacks at the time.” Shortly after Geenens made his initial discovery, he returned to the site and found that the terms of engagement had changed. Now the listing included a reference to “bots,” and offered a DDoS volume of between 290 and 300 Gbps, for the same low price of $20 a pop. While derived from established code, the San Calvicie-hosted botnet, which Geenens has dubbed “JenX”, is deployed in a different manner than its predecessors. “Untypical for IoT botnets we have witnessed in the past year, this botnet uses servers to perform the scanning and the exploits,” he wrote. “Nearly all botnets, including Mirai, Hajime, Persirai, Reaper, Satori and Masuta perform distributed scanning and exploiting. That is, each victim that is infected with the malware will perform its own search for new victims. This distributed scanning provides for an exponential growth of the botnet, but comes at the price of flexibility and sophistication of the malware itself.” The centralized approach employed by JenX trades slower growth for lower detection, he added. The danger from JenX should be mostly confined to GTA San Andreas users, Gessens said, but with a stern caveat. “[T]here is nothing that stops one from using the cheap $20 per target service to perform 290 Gbps attacks on business targets and even government related targets,” he wrote. “I cannot believe the San Calvicie group would oppose to it.” Radware filed abuse notifications related to JenX, resulting in a partial takedown of the botnet’s server footprint, but it remains active. JenX’s implementation makes taking it down a tricky task. “As they opted for a central scan and exploit paradigm, the hackers can easily move their exploit operations to bulletproof hosting providers who provide anonymous VPS and dedicated servers from offshore zones,” he wrote. “These providers do not care about abuse. Some are even providing hosting services from the Darknet. If the exploit servers would be move to the Darknet, it would make it much more difficult to track down the servers’ location and take them down.” SOURCE
  21. [Poster Comment: Personally I don't understand why they would need encryption since they had no protection in the age of film, which could be and was confiscated or destroyed and could be stolen. Just because the medium has changed there doesn't need to be an expensive system put in place that would cost everyone more, not just the professional photographers. And their cards could still be stolen.] A year after photojournalists and filmmakers sent a critical letter to camera makers for failing to add a basic security feature to protect their work from searches and hacking, little progress has been made. The letter, sent in late-2016, called on camera makers to build encryption into their cameras after photojournalists said they face "a variety of threats from border security guards, local police, intelligence agents, terrorists, and criminals when attempting to safely return their footage so that it can be edited and published," according to the Freedom of the Press Foundation, which published the letter. The threat against photojournalists remains high. The foundation's US Press Freedom Tracker tallied more than 125 incidents against reporters last year, including the smashing of reporters' cameras and the "bodyslam" incident. Even when they're out in the field, collecting footage and documenting evidence, reporters have long argued that without encryption, police, the military, and border agents in countries where they work can examine and search their devices. "The consequences can be dire," the letter added. Although iPhones and Android phones, computers, and instant messengers all come with encryption, camera makers have fallen behind. Not only does encryption protect reported work from prying eyes, it also protects sources -- many of whom put their lives at risk to expose corruption or wrongdoing. The lack of encryption means high-end camera makers are forcing their customers to choose between putting their sources at risk, or relying on encrypted, but less-capable devices, like iPhones. We asked the same camera manufacturers if they plan to add encryption to their cameras -- and if not, why. The short answer: don't expect much any time soon. An Olympus spokesperson said the company will "in the next year... continue to review the request to implement encryption technology in our photographic and video products and will develop a plan for implementation where applicable in consideration to the Olympus product roadmap and the market requirements." When reached, Canon said it was "not at liberty to comment on future products and/or innovation." S ony also said it "isn't discussing product roadmaps relative to camera encryption." A Nikon spokesperson said the company is "constantly listening to the needs of an evolving market and considering photographer feedback, and we will continue to evaluate product features to best suit the needs of our users." And Fuji did not respond to several requests for comment by phone and email prior to publication. Trevor Timm, executive director of the Freedom of the Press Foundation, told ZDNet that it's "extremely disappointing the major camera manufacturers haven't even committed to investing resources into more research into this issue, let alone actually building solutions into their cameras." "Dozens of the world's best filmmakers made clear a year ago that camera companies -- in today's world -- have an obligation to build in a way for everyone to encrypt their files and footage to potentially help keep them safe," he added. "I hope the camera companies eventually listen to some of their most important and at-risk customers," he said. Article
  22. After a year of headline-grabbing ransomware campaigns, it looks like hackers are launching the attacks less frequently. Ransomware is malicious software that can lock up your files until you send hackers a ransom payment. It featured in the WannaCry attacks in May and the NotPetya attacks in June, both of which swept through hospitals, banks and governments in several countries. But after July, the rates of ransomware infections dropped sharply, according to a report from Malwarebytes. If the trend continues, it would mean a reprieve from an attack that targeted institutions where time is money, like banks, or where lives could hang in the balance, like hospitals. So why would hackers ditch one of their favorite attacks? It turns out that computer users have a really valuable tool against ransomware: backing up their files. That's according to Chris Boyd, a malware analyst at Malwarebytes, who told ZDNet that publicity around the major ransomware attacks probably helped educate people about how to avoid needing to pay by uploading files to the cloud or a backup device. "This alone, even without additional security precautions, effectively deadens the otherwise considerable sting of the threat," Boyd told ZDNet, a CNET sister site. The company sells a product that detects and blocks malicious software for businesses and regular computer users. That's not to say hackers aren't hacking. They've simply turned to other kinds of attacks to steal money, such as banking trojans and adware, both of which are old-school hacking tricks. Hackers are also still innovating. Adam Kujawa, director of malware intelligence at Malwarebytes, said the biggest trend he observed in December was the rise of "crypto-jacking." That's when websites you visit secretly use your computer's processing power to run a program that creates bitcoins. That lets hackers make money off your computer. And, Kujawa said, "it wears down resources really fast," slowing down your computer's performance. But hey, at least you can still access your files. Source: https://www.cnet.com/news/wannacry-notpetya-ransomware-hackers-2017-less-popular-malwarebytes/
  23. Web browsers are the main target for attacks targeting the recently disclosed Spectre vulnerability. For home systems, one could argue that web browsers are the major attack vector. Why? Because browsers connect to remote sites, and these sites may run JavaScript to exploit the vulnerability. Some browser makers pushed out patches fast. Mozilla and Microsoft did for instance whereas Google and the whole Chromium-based group of browsers are not patched yet. There are ways to mitigate the issue in Chrome and other Chromium-based browsers such as Opera or Vivaldi. To mitigate known attack forms, users or admins have to enable strict site isolation in the web browser to do so. While you can check whether your Windows operating system is vulnerable, you could not check whether your web browser is patched or vulnerable up until now. Web Browser Spectre Check This uncertainty is a thing of the past however as Tencent’s XUANWU Lab released an ONLİNE TESTER that checks whether web browsers are vulnerable to Spectre. Visit the Lab’s website to get started. You find a “click to check” button at the top that you need to activate to run the test. It does not take long to test browsers. Some checks complete almost right away while others take longer to complete and involve cache processing. Here is a quick list of tested browsers and their vulnerability status (always assume the latest version): Firefox — not vulnerable Firefox ESR — not vulnerable Internet Explorer 11 — not vulnerable Microsoft Edge — not vulnerable Pale Moon — not vulnerable Waterfox — not vulnerable Chromium (latest) — not vulnerable Google Chrome Canary — not vulnerable Google Chrome Stable — vulnerable* Opera Stable — vulnerable* Vivaldi Stable — vulnerable* *not vulnerable if you enable strict site isolation in the web browser. Tencent’s security team notes that a result of vulnerable means that Spectre-based attacks will work in the browser. A status of not vulnerable, however, does not necessarily mean that the browser is adequately protected. It is protected against a known attack, but it is possible that unknown attack methods may exist that can exploit the issue still. Closing Words While there is still a bit of uncertainty left after your browser tested as not vulnerable in the test, it is still reassuring that known attacks can’t exploit the vulnerability. A good defense against potential attacks is the disabling of JavaScript or scripts in general. This makes the web less usable, however. Now You: Is your browser vulnerable?
  24. Flaw exists in Transmission app and possibly other clients A major vulnerability in the Transmission BitTorrent app allows hackers to remotely control a vulnerable computer, and Google Project Zero researcher Tavis Ormandy says there’s a good chance the same security flaw exists in other clients as well. The bug resides in the feature that allows users to control BitTorrent clients from their browsers, and such functionality is available in the majority of apps, including Transmission. Ormandy says many users run this feature without a password because they believe physical access to the system is required to control it, but a hacker turning to a method called domain name system rebinding can hijack it and in the end get remote control of the computer. Loading a malicious site that hosts the code needed to exploit the vulnerability is all it takes for a hacker to get access to the system, and right now, it appears that both Google Chrome and Mozilla Firefox on Windows and Linux can be used as part of an attack. Transmission ignored the private disclosure The technical analysis of the vulnerability indicates that hackers can change the download directory of torrents and, at the same time, use Transmission to run commands when downloads come to an end. The worst thing about the vulnerability is that Transmission developers have until now ignored the private disclosure, with Ormandy explaining that he even included a patch to address the flaw when he first contacted the company. “I'm finding it frustrating that the transmission developers are not responding on their private security list, I suggested moving this into the open so that distributions can apply the patch independently. I suspect they won't reply, but let's see,,” the Google researcher said. “I've never had an open source project take this long to fix a vulnerability before, so I usually don't even mention the 90-day limit if the vulnerability is in an open source project. I would say the average response time is measured in hours rather months if we're talking about open source.” Security flaws discovered as part of the Project Zero program are typically disclosed after 90 days since the first report if the parent company does not issue a patch and sooner if a fix is released. This time, however, Ormandy decided to make the details public after only 40 days following Transmission’s failure to answer his disclosure. Source
  25. simplewall 2.0.19

    Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer. This tool is presented within a simple interface enabling fast configuration and includes internal blocking lists (malware, telemetry). simplewall (WFP Tool) can be considered as an alternative to the default filters provided by Windows Firewall. It will enable you to effectively regulate which of your processes or apps require internet access restriction or not. simplewall (WFP Tool) is designed to make your life easy by automatically blocking malware and telemetry-related data but can also be used with custom rules for blocking particular ports or IP addresses if desired. Features Simple interface without annoying pop ups Dropped packets logging (Windows 7 and above) Internal blocking lists (malware, telemetry) Free and open source Localization support IPv4/IPv6 support Changelog: v2.0.19 (1 November 2017) new rules editor ui added highlighting rules with errors automatically sorting rules after changing added feature to set custom dns ipv4 server ("DnsServerV4" in .ini) added option to exclude blocklist rules from notifications show process information in statusbar on menu item hover optimized signature information retrieving from binaries updated localization fixed saving profile in some cases fixed parsing rules types (issue #70) fixed dns queries fixed ui bugs fixed bugs Downloads: Installer: https://github.com/henrypp/simplewall/releases/download/v.2.0.19/simplewall-2.0.19-setup.exe Portable: https://github.com/henrypp/simplewall/releases/download/v.2.0.19/simplewall-2.0.19-bin.zip 566 Bytes simplewall-2.0.19-setup.sig 372 Bytes simplewall-2.0.19.sha256 Source code (zip) Source code (tar.gz)
×