Jump to content

Search the Community

Showing results for tags 'digital'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 10 results

  1. NOTE: The preview image may belong to older versions. This tool includes 4 different activation methods. KMS Inject activation, Digital activation, KMS 2038 activation and Online KMS activation There is also a script for convert VOLUME verions from RETAIL version for Office 2016 and 2019 products. While this script is being created, abbodi1406’s (MDL) script is referenced. Thank him so much for being a source of inspiration and help. Some security programs will report infected files, that is false-positive due KMS emulating. Digital and Online KMS activations methods are requires internet connection. If use this tool remove any other KMS solutions and temporary turn off AV security protection. $OEM$ Activation About: 3 methods are (Inject, Digital and KMS38) also $OEM$ activation support. To preactivate the system during installation, copy $OEM$ folder to "sources" folder in the installation media (iso/usb). $OEM$ activation method also enable the KMS task scheduling system during installation. (digital and KMS2038 activation method except) Thanks @ShiningDog for the kms server addresses. It is the only KMS application that hosts all methods and receives the least warning by security programs... 😎 Download Links: (English interface) Site: https://mega.nz Sharecode: /#!QAZVnQob!1U3K2_Lk3EyZdUAyGW6PIc9YJHoF7X1x-Ue3FpRsdDU File : KMS-Digital-Online_Activation_Suite_v7.3_ENG.rar CRC-32 : 83d96ad6 MD4 : 794aea8c7fefdaf427e4bbe7f1a2385d MD5 : 22af4d4d626dc93b855bad10afc291ce SHA-1 : 2d9c114c632a0def6b8201389e6b94af96bd7ebe --------------------------------------------------------------------------------------------- (Turkish interface) Site: https://mega.nz Sharecode: /#!FdRD3Ibb!ozpqEa4ZCsbB7oYc4JwnC2RE6cAhQxaub-H54zy6BjU File : KMS-Dijital-Online_Aktivasyon_Suite_v7.3_TUR.rar CRC-32 : ddca4950 MD4 : 77947ecab233d1452faac255763d724c MD5 : 41ea22c779ec36b4bd7adc03e2b00670 SHA-1 : b352c6dded38fc9e4b5201ba1786e6dd260ff544 RAR Pass: 2019 Note: Use WinRar v5x for extract # Special Thanks TNCTR Family Nsane Family abbodi1406 CODYQX4 Hotbird64 qewlpal s1ave77 cynecx qad Mouri_Naruto WindowsAddict angelkyo Virustotal results of the application exe and dll files (April 27, 2019): Virustotal results of dll files of KMSInject method x64 KMS.dll https://www.virustotal.com/gui/file/1902f84a3dae23a598ddda1447957b421511d5df77480aa590f6463830685d7e/detection x86 KMS.dll https://www.virustotal.com/gui/file/6a35996e6fc50af1a1a19d39233cc43055da92adf76cb567c39265ad007459e8/detection Virustotal results of exe and dll files of the Digital & KMS38 Activation method: digi-ltsbc-kms38.exe (March 31, 2019) https://www.virustotal.com/gui/file/528f35bba16c1f0113fa0825dd49fb47c03a7ee0e904a770ef3ad6e99fe8ac73/detection slc.dll (12 May, 2019) https://www.virustotal.com/gui/file/a9863f89076c0e7d891cf622d770d1686ca0e1ee7e8e78efa473e6baf41dba33/detection Changelog:
  2. ------------------------------------------------------------------------------------------------------------------ Activation Type Supported Product Activation Period ------------------------------------------------------------------------------------------------------------------ Digital License - Windows 10 - Permanent KMS38 - Windows 10 / Server - Until the year 2038 Online KMS - Windows / Server / Office - For 180 Days, renewal task needs to be created for lifetime activation. ------------------------------------------------------------------------------------------------------------------ Read Me: File Details: File: MAS_0.8.7z Size: 1.06 MB (11,19,073 bytes) SHA-1: 5055e4dcdaa0bca19347d5867d73f2f835fc7c6a Download links: Password: 2019 Site: https://0x0.st Sharecode: /s3E Mirror: Site: https://tinyurl.com Sharecode: /yysd84n4 *If links are not working then try to enter the URL manually without copy pasting. (Due to bugs, this site adds ASCII hidden characters in text copying) ------------------------------------------------------ Screenshots Changelog Credits
  3. Win 10 PRO Retail/VL & S Edition Digital Entitlement Activation Win 7 Pro Phone Activation Fresh Key Worth to try Win 10 Pro Digital Activat ( Added few new Online Activation Windows 7-8.1 MAK key for Win 10 Digital Activation 14 / 09 / 17) Code: http://textuploader.com Share: /djr9h
  4. This year’s RSA Conference in San Francisco brings the world’s security professionals together to discuss cybersecurity at a critical time. The past year has witnessed not just the growth of cybercrime, but a proliferation in cyberattacks that is both new and disconcerting. This has included not only cyber-attacks mounted for financial gain, but new nation-state attacks as well. As engineers and other employees across the tech sector meet in San Francisco, we need to ask ourselves what our response should be. We should start by acknowledging that no single step by itself will be sufficient to address this problem. Of course, each of our companies needs to continue to do more to protect and defend our customers around the world, and at Microsoft we’re focused on doing precisely that. So are others across the industry. But in addition, the time has arrived to call on the world’s governments to implement international rules to protect the civilian use of the internet. Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace. And just as the Fourth Geneva Convention recognized that the protection of civilians required the active involvement of the Red Cross, protection against nation-state cyberattacks requires the active assistance of technology companies. The tech sector plays a unique role as the internet’s first responders, and we therefore should commit ourselves to collective action that will make the internet a safer place, affirming a role as a neutral Digital Switzerland that assists customers everywhere and retains the world’s trust. A growing problem in need of new solutions The bad news starts with the fact that 74 percent of the world’s businesses expect to be hacked each year.[1] The estimated economic loss of cybercrime is estimated to reach $3 trillion by 2020. Yet as these costs continue to climb, the financial damage is overshadowed by new and broadening risks. Perhaps most disconcerting, recent years have witnessed the expansion of nation-state attacks. The Sony attack by North Korea in 2014 was not the first nation-state attack, but it represented a visible turning point. While prior attacks had focused on economic and military espionage, the Sony attack in 2014 involved retaliation for free expression in the form of a (not very popular) movie. It was followed in 2015 by even more visible international discussion about nation-state attacks aimed at the theft of companies’ intellectual property. And last year the issue broadened again to include hacking incidents connected to the democratic process itself. We suddenly find ourselves living in a world where nothing seems off limits to nation-state attacks. Conflicts between nations are no longer confined to the ground, sea and air, as cyberspace has become a potential new and global battleground. There are increasing risks of governments attempting to exploit or even weaponize software to achieve national security objectives, and governmental investments in cyber offense are continuing to grow. In fundamental ways, this new plane of battle is different from those of the past. It starts with the fact that cyberspace does not exist in a clearly tangible form in the physical world. But beyond this, cyberspace in fact is produced, operated, managed and secured by the private sector. Governments obviously play all sorts of critical roles, but the reality is that the targets in this new battle – from submarine cables to datacenters, servers, laptops and smartphones – in fact are private property owned by civilians. There’s an additional consequence that results from all this. The tech sector today operates as the first responders to nation-state attacks on the internet. A cyber-attack by one nation-state is met initially not by a response from another nation-state, but by private citizens. The situation has also worsened in one additional and important way. For two-thirds of a century, since 1949, the world’s nations have recognized through the Fourth Geneva Convention that they need to adhere to rules that protect civilians in times of war. But nation-state hacking has evolved into attacks on civilians in times of peace. This is not the world that the internet’s inventors envisioned 25 years ago. But it’s the world that we inhabit today. And as the private citizens thrust into this challenge, the question for all of us in the tech sector is what we will do to address it. Stronger individual tech sector responses Microsoft, like companies across the tech sector, is aggressively taking new steps to better protect and defend customers, including from nation-state attacks. This includes new security features at every level of the technology stack, reflecting the $1 billion that we’re spending annually in the security field. Email is currently at the heart of the cybersecurity battle, as an estimated 90 percent of all hacking begins with an email phishing attack. Reflecting this importance, last year we added Advanced Threat Protection for Microsoft Exchange Online. This identifies recognizable malware and suspicious code patterns in emails and stops them before they can do damage. We then added Office 365 Threat Intelligence to provide enterprises with information on the top targeted users, malware frequency and security recommendations related to their business. And last week we added new data governance features for Office 365 that include alerts that will be sent automatically to users when someone attempts to copy and download their inbox. We’ll be adding new features and offers in the coming months that provide additional protection. In many ways, however, security-related product features are just the start. Data analytics and machine learning have become game-changing defense mechanisms for detecting nation-state attacks. Microsoft’s datacenters are connected to over a billion computing end points and receive over a trillion data points every day. Advanced Threat Protection alone processes 6 billion emails each day. This provides the foundation for world-class early warning systems to detect cybersecurity attacks. Within Microsoft we’ve forged a unique, internal three-part partnership as part of the 3,500 security professionals from across the company. The Microsoft Threat Intelligence Center (MSTIC) is our reconnaissance arm, combing through the constant stream of data from our more than 200 cloud services and third-party feeds. Using machine learning, behavioral analysis and forensic techniques, this dedicated team creates a real-time picture – a security intelligence graph – of cyber activity related to advanced and persistent threats to Microsoft and our customers. When a threat is detected, MSTIC alerts our Cyber Defense Operations Center (CDOC), an “eyes on glass” command center staffed 24 hours a day, seven days a week by rotating teams of security and engineering professionals from across our product and services portfolio. This team of specialists serves as our frontline, taking immediate action against threats to defend our own systems and protect customers. As we identify threats, we’re not only working with customers, but using legal process, led by our Digital Crimes Unit (DCU), to respond in new and innovative ways that disrupt attacks, including those launched by nation states. Last year MSTIC identified an attack pattern that led to a group associated with a nation-state that had registered internet domains using names that included Microsoft and other companies’ trademarks. We went to federal court, obtained court orders and successfully sought appointment of a Special Master to oversee and expedite additional motions in our case. Working under this judicial supervision, we can notify internet registries whenever this group registers a fake Microsoft domain and request that control of that domain be transferred immediately to a sink-hole operated by DCU. Using this novel approach, we can disrupt the nation-state’s use of these domains within 24 hours. Since last summer, in response to extended nation-state attacks, we have taken down 60 domains in 49 countries spread over six continents. In each instance we stopped the flow of data to the hackers from any customers whose computers were hacked, we notified the customers of the nation-state attack and we helped them clean their environment and increase their security. Across the tech sector, companies are racing to provide stronger cybersecurity protection for customers, including from nation-states. Each of our advances is making an important contribution. But we’re nowhere close to being able to declare victory. Governments are increasing their investments in offensive cyber capabilities. We therefore need to recognize a critical truth – this is not a problem that we can solve solely with each of us acting alone. Calling on governments to do more The time has come to call on the world’s governments to come together, affirm international cybersecurity norms that have emerged in recent years, adopt new and binding rules and get to work implementing them. In short, the time has come for governments to adopt a Digital Geneva Convention to protect civilians on the internet. The foundation for new and international rules is now in place. Over the last two years there has been important progress in developing global cybersecurity norms. For example, in July 2015 governmental experts from 20 nations recommended cybersecurity norms for nation-states “aimed at promoting an open, secure, stable, accessible and peaceful ICT environment.”[2] These include key principles that bar governments from engaging in malicious activity using information and communications technology or similarly damaging other nations’ critical infrastructure. Importantly, leading governments have also proven that they can address these issues through direct and frank bilateral discussions. Following highly visible and even challenging negotiations, in September 2015 the U.S. and China agreed to important commitments pledging that neither country’s government would conduct or support cyber-enabled theft of intellectual property.[3] This paved the way for the Group of 20 to affirm the same principle more broadly at its meeting just two months later.[4] And additional inter-governmental discussions are continuing to progress further today. All of this points the way to potential new steps ahead. First, there is a new opportunity for vital bilateral action. Just as the United States and China overcame mutual challenges and made important progress in 2015 to ban intellectual property cyber-theft, the United States and Russia can hammer out a future agreement to ban the nation-state hacking of all the civilian aspects of our economic and political infrastructures. Second, governments around the world should pursue a broader multilateral agreement that affirms recent cybersecurity norms as global rules. Just as the world’s governments came together in 1949 to adopt the Fourth Geneva Convention to protect civilians in times of war, we need a Digital Geneva Convention that will commit governments to implement the norms that have been developed to protect civilians on the internet in times of peace. Such a convention should commit governments to avoiding cyber-attacks that target the private sector or critical infrastructure or the use of hacking to steal intellectual property. Similarly, it should require that governments assist private sector efforts to detect, contain, respond to and recover from these events, and should mandate that governments report vulnerabilities to vendors rather than stockpile, sell or exploit them. In addition, a Digital Geneva Convention needs to create an independent organization that spans the public and private sectors. Specifically, the world needs an independent organization that can investigate and share publicly the evidence that attributes nation-state attacks to specific countries. While there is no perfect analogy, the world needs an organization that can address cyber threats in a manner like the role played by the International Atomic Energy Agency in the field of nuclear non-proliferation. This organization should consist of technical experts from across governments, the private sector, academia and civil society with the capability to examine specific attacks and share the evidence showing that a given attack was by a specific nation-state. Only then will nation-states know that if they violate the rules, the world will learn about it. Building a trusted and neutral Digital Switzerland Finally, those of us in the tech sector need to act collectively to better protect the internet and customers everywhere from nation-state attacks. As the first responders to threats that in part target our own infrastructure, it’s important for global technology companies to adopt concrete commitments to help deter and respond to nation-state cyberattacks. As the Fourth Geneva Convention relies on the Red Cross to help protect civilians in wartime, protection against nation-state cyberattacks requires the active assistance of the tech sector. We need to start with a clear premise. Even in a world of growing nationalism, when it comes to cybersecurity the global tech sector needs to operate as a neutral Digital Switzerland. We will assist and protect customers everywhere. We will not aid in attacking customers anywhere. We need to retain the world’s trust. And every government regardless of its policies or politics needs a national and global IT infrastructure that it can trust. This commitment to 100 percent defense and zero percent offense has been fundamental to our approach as a company and an industry. And it needs to remain this way in the future. If we’re going to turn these words into effective action, we need to come together as an industry to adopt our own clear principles and to help put in place the steps needed to make these principles real. For example, we should commit ourselves to collaborative and proactive defense against nation-state attacks and to remediate the impact of such attacks. We should pledge that we’ll continue to take no efforts to assist in offensive actions anywhere. We should make software patches available to all our users, regardless of the attackers and their motives. We should adopt coordinated disclosure practices for the handling of product and service vulnerabilities. And we should work together to support international defensive efforts, like the new international organization described above.[5] There is strong progress on which we can build. For example, we at Microsoft have been collaborating with other leading cloud companies like Amazon and Google to combat cloud abuse such as spam and phishing sites. We’re working together on a common abuse reporting schema to accelerate the reporting of abuses we may see on each other’s networks. On issues such as customer notification of potential nation-state attacks, we’ve all learned from important work where Google and Facebook have been early and impressive leaders. More broadly, there is good work and common collaboration springing up everywhere, from new startups to the industry’s largest companies. Finally, as we consider these questions, it’s worth reflecting on at least one aspect of some of the other recent issues that have united the tech sector. The recent debates about immigration have brought to the surface an important truth. As an industry, the tech sector has literally brought the world together under its own roof. For example, at Microsoft in Washington state, a strong majority of our employees were born in the United States, but we also have employees who have come from 157 countries. I’ve long arrived at the office each morning feeling that I work at the United Nations of Information Technology. Our company is not unique. As an industry, we’ve brought people together in ways that can promote mutual understanding and respect. We need to harness this global understanding to protect people everywhere, earning their confidence as the world’s Digital Switzerland. Source
  5. The more we rely on technology, the more detailed a technological footprint we leave behind. A recent study from Deloitte shows that, on average, American millennials check their phones roughly 82 times a day. This dependence on technology has led to a world where most people are never more than a few feet away from their cell phone at any given time. Being constantly connected to the world is one of the many benefits of our advanced society, but unfortunately, privacy regulations haven’t kept pace with the advances we’ve made. Your cell phone records every location you visit if the phone’s location services are turned on, which is more often than not. Called cell-site location information, this data is tracked on both Android devices and iPhones. The information can be quite telling; it might show the location of your home, your office, and other places you visit often. The problem is that it can teach police about a person’s behavior and then can be used against them. In some states, the data can be used without a warrant. Across the country police are using this data to track and catch suspects, and the resulting cases are often challenged in court. Since it’s collected by cellular service providers, the data falls under what’s known as the third-party doctrine, which states that by giving information to a third party—banks, internet service providers, email servers, or in this case, phone companies—users have no reasonable expectation to privacy. Still, suspects in these types of cases often claim that by accessing their cell phone data without probable cause or a warrant, law enforcement is violating their Fourth Amendment right against unreasonable search and seizure. In some instances courts have agreed with these arguments, resulting in a patchwork of guidance governing how the data can be used. For instance, in Commonwealth v. Augustine, Massachusetts’ highest court ruled that the government’s acquisition of this data should require a warrant. Meanwhile, four Courts of Appeals have opined on the issue, and only one, the Fourth Court of Appeals, deemed it necessary for government to obtain a warrant first. These divergent rulings mean that a person could travel to four different states and have widely varying levels of privacy protection for the information collected in each places. In some instances, location-specific data can be fully protected, in others not at all. In one state, law enforcement may only be able to access historical data, and in another they may be able to track a person in real-time. Six states—California, Utah, Montana, Minnesota, New Hampshire, and Maine—currently require a warrant for all cell-site location information. Illinois, New Jersey, and Indiana require warrants for real-time tracking only. Thirty-three states have no binding authority or explicitly allow for law enforcement to access this data without a warrant. That is more than half of US states that offer no protection for extremely personal information. Because of this hodgepodge of regulation, or lack thereof, police often claim authority to access this information without a warrant. The absence of consistent protections for citizens opens up the opportunity for rampant abuse by law enforcement. Lisa Marie Roberts of Portland, Oregon, was wrongfully imprisoned for nearly 10 years because of how law enforcement used this data. Her cell phone registered a site near the scene of a murder, and because her attorney wasn’t able to analyze the data or hire an expert, he advised Roberts to plead guilty to receive a reduced sentence. In 2014, a federal judge granted her release after DNA evidence led to another suspect. In Minnesota, Sarah Jean Mann sought a restraining order against her boyfriend, a state narcotics agent who she claimed abused his access to cell-site data information to stalk her. She was granted the order and the man is no longer a police officer. Cell phones aren’t the only devices that can be used for surveillance. Last year, police in Bentonville, Arkansas, investigating a murder case asked Amazon to provide the audio of the suspect’s Echo smart speaker. Amazon refused to provide the information, and the case is still ongoing. In 2014, law enforcement in New York obtained a warrant obligating Sirius XM to provide location data obtained from telematic equipment1 installed in a customer’s car. Congress has yet to regulate this area and the Supreme Court hasn’t weighed in, but, legislatures across this country are taking up the issue and pushing for broader protections for civilians. Both the Texas and New Mexico legislatures are expected to take up the issue this year; in New Mexico, lawmakers will consider Senate Bill 61, the Electronic Communications Privacy Act, which would require government officials to have a warrant or wiretap order in order to obtain cell-site information. Since this policy area currently resembles the Wild West, cell phone companies are taking advantage of the lax regulations as well. Many are offering a range of surveillance techniques to law enforcement for a fee, including text and call tracing and cell phone location services. Judges in an Indiana case last summer wrote, “In the current digital age, courts have continued to accord Fourth Amendment protection to information entrusted to communications intermediaries but intended to remain private and free from inspection.” Regardless of how far technological advancements go, Americans’ civil rights should always be protected. As long as the issue remains ignored by the federal government or dueled out in courtrooms, state legislatures should continue to strengthen privacy protections by making this data only accessible to law enforcement with a warrant or if they can show that it is relevant to an investigation. Source
  6. The following guide explains to you how to change digital pen shortcuts on devices running Windows 10. Windows 10's Anniversary Update brought along with it a new home for digital pens called Windows Ink. It is the new Hub for digital pens, and if you have ever connected a pen to your device, you will notice the Windows Ink icon in the system tray which opens it right away on selection. Some digital pens come with a button that you may press to activate features on the operating system. This is for instance the case for many Surface devices, like my Surface Pro 4. Configure digital pen shortcuts on Windows 10 The button is mapped to the following functionality by default: Single-click to opening OneNote Universal. Double-click to taking a screenshot, and sending it to OneNote Universal. Press and hold to interacting with Cortana. While those shortcuts are useful to Windows users who make use of OneNote or Cortana, they are useless for users who don't. Maybe you are using a different note taking app, or want to open your favorite image editor instead, or any other program. You may change those shortcuts in the Settings application of Windows 10. Please note that you only see the Pen & Windows Ink settings section if you have connected a pen to the system in the past (by pairing it usually). Do the following to open the Pen & Windows Ink settings section: Use the keyboard shortcut Windows-I to open the Settings application. Navigate to Devices > Pen & Windows Ink. Pen & Windows Ink Settings The page lists several options to control digital pen behavior on Windows. You may switch from right hand to left hand writing there for instance, disable the cursor visual effects. Tip: You may disable recommended app suggestions if you use Windows Ink but don't like the app suggestions that Microsoft displays in the Windows Ink Workspace. The pen shortcuts section enables you to map new functions to single-click, double-click and press and hold. The latter may only be supported by some pens but not by all. The options for a single-click are the following ones: Do Nothing. Launch Windows Ink Workspace. Launch OneNote Universal. Launch a classic app. Launch a universal app. Launch OneNote 2016. Double-click and "press and hold" share most of the options. Double-click however offers actions to send screenshots to OneNote Universal or OneNote 2016, and "press and hold" an action to activate Cortana. Classic apps are desktop programs that you may launch when you use the pen's button. You may use it to open a program that you use regularly when using the pen, or a program that you want to open quickly with the help of the pen. You may select .exe or .lnk files for the operation. This means that you may create special shortcuts with parameters, for instance to replace the screenshot taking functionality by mapping the action to the screenshot tool you are using. Article source
  7. The technique, which doesn't break the original file's signature, can allow malware to bypass antivirus detection A new technique allows attackers to hide malicious code inside digitally signed files without breaking their signatures, and then to load that code directly into the memory of another process. The attack method, developed by Tom Nipravsky, a researcher with cybersecurity firm Deep Instinct, might prove to be a valuable tool for criminals and espionage groups in the future, allowing them to get malware past antivirus scanners and other security products. The first part of Nipravsky's research, which was presented at the Black Hat security conference in Las Vegas this week, has to do with file steganography -- the practice of hiding data inside a legitimate file. While malware authors have hidden malicious code or malware configuration data inside pictures in the past, Nipravsky's technique stands out because it allows them to do the same thing with digitally signed files. That's significant because the whole point of digitally signing a file is to guarantee that it comes from a particular developer and hasn't been altered en route. If an executable file is signed, information about its signature is stored in its header, inside a field called the attribute certificate table (ACT) that's excluded when calculating the file's hash -- a unique string that serves as a cryptographic representation of its contents. This makes sense because the digital certificate information is not part of the original file at the time when it is signed. It's added later to certify that the file is configured as intended by its creator and has a certain hash. However, this means that attackers can add data -- including another complete file -- inside the ACT field, without changing the file hash or breaking the signature. Such an addition will modify the overall file size on disk, which includes its header fields, and this file size is checked by Microsoft's Authenticode technology when validating a file signature. However, the file size is specified in three different places inside the file header and two of those values can be modified by an attacker without breaking the signature. The problem is that Authenticode checks those two modifiable file size entries and doesn't check the third one. According to Nipravsky, this is a design logic flaw in Authenticode. Had the technology checked the third, unmodifiable file size value, attackers wouldn't be able to pull off this trick and still keep the file signature valid, he said. The malicious data added to the ACT is not loaded into memory when the modified file itself is executed because it's part of the header, not the file body. However, the ACT can serve as a hiding place to pass a malicious file undetected past antivirus defenses. For example, attackers could add their malicious code to one of the many Microsoft-signed Windows system files or to a Microsoft Office file. Their signatures would still be valid and the files functional. Moreover, most security applications whitelist these files because they're signed by trusted publisher Microsoft to avoid false positive detections that could delete critical files and crash the system. The second part of Nipravsky's research was to develop a stealthy way to load the malicious executable files inside signed files without being detected. He reverse-engineered the whole behind-the-curtain process that Windows performs when loading PE files to memory. This procedure is not publicly documented because developers don't typically need to do this themselves; they rely on the OS for file execution. It took four months of eight-hours-per-day work, but Nipravsky's reverse-engineering efforts allowed him to create a so-called reflective PE loader: An application that can load portable executables directly into the system memory without leaving any traces on disk. Because the loader uses the exact process that Windows does, it's difficult for security solutions to detect its behavior as suspicious. Nipravsky's loader can be used as part of a stealthy attack chain, where a drive-by download exploit executes a malware dropper in memory. The process then downloads a digitally signed file with malicious code in its ACT from a server and then loads that code directly into memory. The researcher has no intention of releasing his loader publicly because of its potential for abuse. However, skilled hackers could create their own loader if they're willing to put in the same effort. The researcher tested his reflective PE loader against antivirus products and managed to execute malware those products would have otherwise detected. In a demo, he took a ransomware program that one antivirus product normally detected and blocked, added it to the ACT of a digitally signed file, and executed it with the reflective PE loader. The antivirus product detected the ransom text file created by the ransomware program only after it had already encrypted all of the user's files. In other words, too late. Even if attackers don't have Nipravsky's reflective PE loader, they can still use the steganography technique to hide malware configuration data inside legitimate files or even to exfiltrate data stolen from organizations. Data hidden inside a digitally signed file would likely pass network-level traffic inspection systems without problems. Article source
  8. Google has identified and blocked unauthorized digital certificates for a number of its domains issued by the National Informatics Centre (NIC) of India, a unit of India’s Ministry of Communications and Information Technology. National Informatics Center (NIC) holds several intermediate Certification Authority (CA) certs trusted by the Indian government’s top CA, Indian Controller of Certifying Authorities (India CCA), which are included in the Microsoft Root Store and so are trusted by a large number of applications running on Windows, including Internet Explorer and Chrome. The use of rogue digital certificates could result in a potentially serious security and privacy threat that could allow an attacker to spy on an encrypted communication between a user’s device and a secure HTTPS website, which is thought to be secure. Google became aware of the fake certificates last Wednesday on July 2 and within 24 hours, the Indian Controller of Certifying Authorities (India CCA) revoked all the NIC intermediate certificates and also issued a CRLSet to block the fraudulent certificates in Chrome. CRLSets enable Chrome to block certificates in an emergency. The search engine giant believes that no other root stores include the Indian CCA certificates, which means that Chrome on any other operating systems, Chrome OS, Android, iOS and OS X were not affected. “Additionally, Chrome on Windows would not have accepted the certificates for Google sites because of public-key pinning, although misused certificates for other sites may exist,” saidGoogle security engineer Adam Langley. Langley added that “Chrome users do not need to take any action to be protected by the CRLSet updates. We have no indication of widespread abuse and we are not suggesting that people change passwords.” It’s the second high-profile incident of a government agency caught issuing fake SSL certificates since December, when Google revoked trust for a digital certificate for several of its domains, mistakenly signed by a French government intermediate certificate authority. Google has taken many measures to advance the security of its certificates, as SSL certificates are still one of the core elements of online security and still, since hundreds of entities issue certificates, it makes the company difficult to identify fake certs that aren’t following proper procedures. One such measure is Google’s recently launched Certificate Transparency project, which provides an open framework for monitoring and auditing SSL certificates in nearly real time. Specifically, Certificate Transparency makes it possible to detect SSL certificates that have been mistakenly issued by a certificate authority or maliciously acquired from an otherwise unimpeachable certificate authority. DigiCert was one of the first Certificate Authority’s to implement Certificate Transparency after working with Google for a year to pilot the project. Google also upgraded its SSL certificates from 1024-bit to 2048-bit RSA to make them more secure and unbreakable. Because longer key length would make it even more difficult for a cyber criminal to break the SSL connections that secure your emails, banking transactions and many more. Source
  9. National Geographic HD Wallpapers Resolution: Varies198 dpi24 bitSynopsis: im always in search of quality walllpapers..we tend to get sick of the same wallpapers.. and the freebies posted Online are crap, or watermarked. Download: National Geographic.7z 1.10 GB (1,190,355,132 bytes) CRC32: CE200456 Note: i've never uploaded to GoogleDrive.. but i've downloaded from GoogleDrive and it's very fast.. i was averaging 3-4 MB/sec.. Let me know if there are any issues downloading. ==================================================== UPDATE: January 10, 2014 1 Link Mirror | CRC32: CE200456 1 Link Mirror | CRC32: CE200456 1 Link Mirror | CRC32: CE200456 400 MB Mirror Part 1 | CRC32: 37198E11 Part 2 | CRC32: 5F9C8261 Part 3 | CRC32: 5EAD051D [email protected] 1GB Mirrors 1 Link Mirror 1 Link Mirror Explanation: Google drive has a daily bandwidth limit of 20 users.. So i've uploaded to different GoogleDrive accounts.. if a link has reached it's limit.. try the mirrors.. fortunately.. this limit resets daily :) if these links are not enough.. let me know... i have tons of Google accounts.
  10. Liraan Ráca

    Please! Help me!

    Please, help me clicking this link: Thank you very much! P.S. a token of my appreciation: (my reflink where i get some of your earnings) here you can get money for sharing your cpu! I do this, is a serious company and have cash flows in my account is only good! try it the first thread is free! (if you have questions i can answer some here or you can pm me) Staff Note: Posts which include spamming, advertising, solicitation, profanity or otherwise are not permitted. This includes and is not limited to links via cash sites, affiliate marketing and links requiring a premium/ paid account to access. As these are generally considered more serious than other infractions, members may be warned or banned on the first instance.
  • Create New...