Jump to content

Search the Community

Showing results for tags 'security'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 933 results

  1. malakai1911

    Comprehensive Security Guide

    Comprehensive Security Guide i. Foreword The primary purpose of this guide is to offer a concise list of best-of-breed software and advice on selected areas of computer security. The secondary purpose of this guide is to offer limited advice on other areas of security. The target audience is an intermediately skilled user of home computers. Computer software listed are the freeware versions when possible or have free versions available. If there are no free versions available for a particular product, it is noted with the "$" symbol. The guide is as well formatted as I could make it, within the confines of a message board post. This guide is constantly evolving, if it is not as in-depth as you require in any specific area, you can try Google if you're interested in more. ii. Table of Contents i. Foreword ii. Table of Contents 1. Physical Security .. a. Home .. b. Computer .. c. Personal 2. Network Security .. a. Hardware Firewall .. b. Software Firewall 3. Hardening Windows .. a. Pre-install Hardening .. b. Post-install Hardening .. c. Alternative Software .. d. Keep Windows Up-To-Date 4. Anti-Malware .. a. Anti-Virus .. b. HIPS / Proactive Defense .. c. Malware Removal 5. Information and Data Security .. a. Privacy / Anonymity .. b. Encryption .. c. Backup, Erasure and Recovery .. d. Access Control (Passwords, Security Tokens) 6. Conclusion 1. Physical Security I just wanted to touch on a few things in the realm of physical security, and you should investigate physical and personal security in places other than here. a. Home How would you break in to your own home? Take a close look at your perimeter security and work inwards. Make sure fences or gates aren't easy to climb over or bypass. The areas outside your home should be well lit, and motion sensor lights and walkway lights make nice additions to poorly lit areas. If possible, your home should have a security system featuring hardwired door and window sensors, motion detectors, and audible sirens (indoor and outdoor). Consider integrated smoke and carbon monoxide detectors for safety. Don't overlook monitoring services, so the police or fire department can be automatically called during an emergency. Invest in good locks for your home, I recommend Medeco and Schlage Primus locks highly. Both Medeco and Schlage Primus locks are pick-resistant, bump-proof, and have key control (restricted copying systems). Exterior doors should be made of steel or solid-core wood and each should have locking hardware (locking doorknob or handle), an auxiliary lock (mortise deadbolt) with a reinforced strike plate, and a chain. Consider a fireproof (and waterproof) safe for the storage of important documents and valuables. A small safe can be carried away during a robbery, and simply opened at another location later, so be sure and get a safe you can secure to a physical structure (in-wall, in-floor, or secured to something reasonably considered immovable). You may be able to hide or obscure the location of your safe in order to obtain some additional security, but don't make it cumbersome for yourself to access. b. Computer Computers are easy to just pick up and take away, so the only goal you should have is to deter crimes of opportunity. For desktop computers, you may bring your desktop somewhere and an attacker may not be interested in the entire computer, but perhaps just an expensive component (video card) or your data (hard drive), and for that I suggest a well-built case with a locking side and locking front panel. There are a variety of case security screws available (I like the ones from Enermax (UC-SST8) as they use a special tool), or you can use screws with less common bits (such as tamper resistant Torx screws) to secure side panels and computer components. There are also cable lock systems available for desktop computers to secure them to another object. For laptop computers, you are going to be primarily concerned about a grab-and-go type robbery. There are a variety of security cables available from Kensington, which lock into the Kensington lock slot found on nearly all laptops, which you can use to secure it to another object (a desk or table, for example). Remember though, even if it's locked to something with a cable, it doesn't make it theft-proof, so keep an eye on your belongings. c. Personal Always be aware of your surroundings. Use your judgment, if you feel an area or situation is unsafe, avoid it altogether or get away as quickly and safely as possible. Regarding hand to hand combat, consider a self-defense course. Don't screw around with traditional martial arts (Karate, Aikido, Kung-Fu), and stay away from a McDojo. You should consider self-defense techniques like Krav Maga if you are serious about self defense in a real life context. I generally don't advocate carrying a weapon on your person (besides the legal mess that may be involved with use of a weapon, even for self-defense, an attacker could wrestle away a weapon and use it against you). If you choose to carry any type of weapon on your person for self-defense, I advise you to take a training course (if applicable) and to check with and follow the laws within the jurisdiction you decide to possess or carry such weapons. Dealing with the Police Be sure to read Know Your Rights: What to Do If You're Stopped by the Police a guide by the ACLU, and apply it. Its advice is for within the jurisdiction of the US but may apply generally elsewhere, consult with a lawyer for legal advice. You should aso watch the popular video "Don't talk to the police!" by Prof. James Duane of the Regent University Law School for helpful instructions on what to do and say when questioned by the police: regent.edu (Mirror: )Travelling Abroad Be sure and visit the State Department or Travel Office for your home country before embarking on a trip abroad. Read any travel warnings or advisories, and they are a wealth of information for travelers (offering guides, checklists, and travel advice): (US, UK, CA). 2. Network Security As this is a guide geared towards a home or home office network, the central theme of network security is going to be focused around having a hardware firewall behind your broadband modem, along with a software firewall installed on each client. Since broadband is a 24/7 connection to the internet, you are constantly at risk of attack, making both a hardware and software firewall absolutely essential. a. Hardware Firewall A hardware firewall (router) is very important. Consider the hardware firewall as your first line of defense. Unfortunately, routers (usually) aren't designed to block outbound attempts from trojans and viruses, which is why it is important to use a hardware firewall in conjunction with a software firewall. Be sure that the firewall you choose features SPI (Stateful Packet Inspection). Highly Recommended I recommend Wireless N (802.11n) equipment, as it is robust and widely available. Wireless N is backwards compatible with the earlier Wireless G (802.11g) and B (802.11b) standards. 802.11n supports higher speeds and longer distances than the previous standards, making it highly attractive. I recommend any of the following Wireless N compatible routers: Asus: RT-N16, WL500W, RT-N12, RT-N10. Linksys: E3000, E2000, WRT610Nv2, WRT320N. If price is a concern, Wireless G (802.11g) equipment is generally less expensive, as it has been around longer than Wireless N equipment. Range extender antennas and boosters exist if range is an issue, and 125HSM (Afterburner) technology exists to boost single-channel throughput. I recommend any of the following Wireless G compatible routers: Asus: WL-500G Premium, WL500G Deluxe, WL520GU. Linksys: WRT54-GL (or GS v1-v4), WRT54G-TM, WRTSL54GS. Use WPA2/WPA with AES if possible, and a passphrase with a minimum of 12 characters. If you are really paranoid, use a strong random password and remember to change it every so often. Alternatives A spare PC running SmoothWall or IPCop, with a pair of NIC's and a switch can be used to turn a PC into a fully functional firewall. b. Software Firewall A software firewall nicely compliments a hardware firewall such as those listed above. In addition to protecting you from inbound intrusion attempts, it also gives you a level of outbound security by acting as a gateway for applications looking to access the internet. Programs you want can access the internet, while ones you don't are blocked. Do not use multiple software firewalls simultaneously. You can actually make yourself less secure by running two or more software firewall products at once, as they can conflict with one another. Check out Matousec Firewall Challenge for a comparison of leak tests among top firewall vendors. Leaktests are an important way of testing outbound filtering effectiveness. Highly Recommended Comodo Internet Security Comodo is an easy to use, free firewall that provides top-notch security. I highly recommend this as a first choice firewall. While it includes Antivirus protection, I advise to install it as firewall-only and use an alternate Antivirus. Alternatives Agnitum Outpost Firewall Free A free personal firewall that is very secure. Be sure to check out the Outpost Firewall Forums, to search, and ask questions if you have any problems. Online Armor Personal Firewall Free Online Armor Personal Firewall makes another great choice for those who refuse to run Comodo or Outpost. Online Armor 3. Hardening Windows Windows can be made much more secure by updating its components, and changing security and privacy related settings. a Pre-install Hardening Pre-install hardening has its primary focus on integrating the latest available service packs and security patches. Its secondary focus is applying whatever security setting tweaks you can integrate. By integrating patches and tweaks, you will be safer from the first boot. Step 1 - Take an original Windows disc (Windows 2000 or later) and copy it to a folder on your hard drive so you can work with the install files. Step 2 - Slipstream the latest available service pack. Slipstreaming is a term for integrating the latest service pack into your copy of windows. Step 3 -Integrate the latest available post-service pack updates. This can be done with a utility such as nLite or vLite, and post-service pack updates may be available in an unofficial collection (such as the RyanVM Update Pack for XP). Step 4 - Use nLite (Windows 2000/XP) or vLite (Windows Vista/7) to customize your install. Remove unwanted components and services, and use the tweaks section of nLite/vLite to apply some security and cosmetic tweaks. Step 5 - Burn your newly customized CD, and install Windows. Do not connect the computer to a network until you install a software firewall and anti-virus. b. Post-Install Hardening If you have followed the pre-install hardening section, then your aim will be to tweak settings to further lock down windows. If you hadn't installed from a custom CD, you will need to first update to the latest service pack, then install incremental security patches to become current. After updating, you'll then disable unneeded Windows services, perform some security tweaks, and use software such as xpy to tweak privacy options. Disable Services Start by disabling unneeded or unnecessary services. By disabling services you will minimize potential security risks, and use fewer resources (which may make your system slightly faster). Some good guides on disabling unnecessary services are available at Smallvoid: Windows 2000 / Windows XP / Windows Vista. Some commonly disabled services: Alerter, Indexing, Messenger, Remote Registry, TCP/IP NetBIOS Helper, and Telnet. Security Tweaks I highly recommend using a strong Local Security Policy template as an easy way to tweak windows security options, followed by the registry. Use my template (security.inf) to easily tweak your install for enhanced security (Windows 2000/XP/Vista/7): 1. Save the following attachment: (Download Link Soon!) 2. Extract the files. 3. Apply the Security Policy automatically by running the included "install.bat" file. 4. (Optional) Apply your policy manually using the following command: [ secedit /configure /db secedit.sdb /cfg "C:\<Path To Security.inf>\<template>.inf" ] then refresh your policy using the following the command:[ secedit /refreshpolicy machine_policy ] (Windows 2000), [ gpupdate ] (Windows XP/Vista/7) This template will disable automatic ("administrative") windows shares, prevent anonymous log on access to system resources, disable (weak) LM Password Hashes and enable NTLMv2, disable DCOM, harden the Windows TCP/IP Stack, and much more. Unfortunately my template can't do everything, you will still need to disable NetBIOS over TCP (NetBT), enable Data Execution Prevention (AlwaysOn), and perform other manual tweaks that you may use. Privacy Tweaks xpy (Windows 2000/XP) and vispa (Windows Vista/7) These utilities are great for modifying privacy settings. They supersede XP AntiSpy because they include all of XP Anti-Spy's features and more. You should use them in conjunction with the security tweaks I've listed above. c. Alternative Software Another simple way of mitigating possible attack vectors is to use software that is engineered with better or open security processes. These products are generally more secure and offer more features then their Microsoft counterparts. Highly Recommended Mozilla Firefox (Web Browser) Mozilla Thunderbird (Email Client) OpenOffice.org (Office Suite) Alternatives Google Chrome (Web Browser) Opera (Web Browser) The Bat! (Email Client) Google Docs (Online) (Office Suite) Firefox Additions Mozilla has a Privacy & Security add-on section. There are a variety of add-ons that may appeal to you (such as NoScript). And although these aren't strictly privacy related, I highly recommend the AdBlock Plus add-on, with the EasyList and EasyPrivacy filtersets. d. Keep Windows Up-To-Date Speaking of keeping up-to-date, do yourself a favor and upgrade to at least Windows 2000 (for older PC's) and Windows XP Pro (or later) for newer PC's. Windows 9x/Me is completely broken in terms of the possibilities for a secure computing environment, and as such updates for them have been removed from the list. Be sure to keep up-to-date on your service packs, they're a comprehensive collection of security patches and updates, and some may add minor features. Microsoft Windows Service Packs Windows 2000 - Service Pack 4 with Unofficial Security Rollup Package Windows XP - Service Pack 3 with Unofficial Security Rollup Package Windows XP x64 - Service Pack 2 with Unofficial Security Rollup Package Windows Vista - Service Pack 2 Windows 7 - Service Pack 1 Microsoft Office Service Packs Office 2000 - Service Pack 3 with the Office 2007 Compatibility Pack (SP3). Office XP (2002) - Service Pack 3 with the Office 2007 Compatibility Pack (SP3). Office 2003 - Service Pack 3 with the Office 2007 Compatibility Pack (SP3) and Office File Validation add-in. Office 2007 - Service Pack 3with the Office File Validation add-in. Office 2010 - Service Pack 1 After the service pack, you still need to keep up-to-date on incremental security patches. Windows supports Automatic Updates to automatically update itself. However, if you don't like Automatic Updates: You can use WindowsUpdate to update windows periodically (Must use IE5 or greater, must have BITS service enabled), or you can use MS Technet Security to search for and download patches individually, or you can use Autopatcher, an unofficial updating utility. In addition to security patches, remember to keep virus definitions up-to-date (modern virus scanners support automatic updates so this should not be a problem), and stay current with latest program versions and updates, including your replacement internet browser and mail clients. 4. Anti-Malware There are many dangers lurking on the internet. Trojans, viruses, spyware. If you are a veteran user of the internet, you've probably developed a sixth-sense when it comes to avoiding malware, but I advocate backing up common sense with reliable anti-malware software. a. Anti-Virus Picking a virus scanner is important, I highly recommend Nod32, but there are good alternatives these days. Check out AV Comparatives for a comparison of scanning effectiveness and speed among top AV vendors. Highly Recommended Nod32 Antivirus $ I recommend Nod32 as a non-free Antivirus. Features excellent detection rates and fast scanning speed. Nod32 has a great heuristic engine that is good at spotting unknown threats. Very resource-friendly and historically known for using less memory than other AV's. There is a 30 day free trial available. Alternatives Avira AntiVir Personal I recommend Avira as a free Antivirus. Avira is a free AV with excellent detection rates and fast scanning speed. Kaspersky Anti-Virus $ Kaspersky AV is a good alternative to Nod32. Features very good detection rates, and fast scanning speed. Online-Scanners Single File Scanning Jotti Online Malware Scan or VirusTotal These scanners can run a single file through a large number of different Antivirus/Antimalware suites in order to improve detection rates. Highly recommended. Whole PC Scanning ESET Online Scanner Nod32 Online Antivirus is pretty good, ActiveX though, so IE only. There is a beta version available that works with Firefox and Opera. b. HIPS / Proactive Defense Host-based intrusion prevention systems (HIPS) work by disallowing malware from modifying critical parts of the Operating System without permission. Classic (behavioral) HIPS software will prompt the user for interaction before allowing certain system modifications, allowing you stop malware in its tracks, whereas Virtualization-based HIPS works primarily by sandboxing executables. Although HIPS is very effective, the additional setup and prompts are not worth the headache for novice users (which may take to just clicking 'allow' to everything and defeating the purpose altogether). I only recommend HIPS for intermediate or advanced users that require a high level of security. Highly Recommended I highly recommend firewall-integrated HIPS solutions. Comodo Defense+ is a classic HIPS built into Comodo Internet Security, and provides a very good level of protection. Outpost and Online Armor provide their own HIPS solutions, and the component control features of the firewalls are powerful enough to keep unwanted applications from bypassing or terminating the firewall. If you want to use a different HIPS, you can disable the firewall HIPS module and use an alternative below. Alternatives Stand-alone HIPS solutions are good for users who either don't like the firewall built-in HIPS (and disable the firewall HIPS), or use a firewall without HIPS features. HIPS based on Behavior (Classic) ThreatFire ThreatFire provides a strong, free behavioral HIPS that works well in conjunction with Antivirus and Firewall suites to provide additional protection. HIPS based on Virtualization DefenseWall HIPS $ DefenseWall is a strong and easy-to-use HIPS solution that uses sandboxing for applications that access the internet. GeSWall Freeware GeSWall makes a nice free addition to the HIPS category, like DefenseWall it also uses sandboxing for applications that access the internet. Dealing with Suspicious Executables You can run suspicious executables in a full featured Virtual Machine (such as VMware) or using a standalone sandbox utility (such as Sandboxie) if you are in doubt of what it may do (though, you may argue that you shouldn't be running executables you don't trust anyway). A more advanced approach to examining a suspicious executable is to run it through Anubis, a tool for analyzing the behavior of Windows executables. It displays a useful report with things the executable does (files read, registry modifications performed, etc.), which will give you insight as to how it works. c. Malware Removal I recommend running all malware removal utilities on-demand (not resident). With a firewall, virus scanner, HIPS, and some common sense, you won't usually get to the point of needing to remove malware... but sometimes things happen, perhaps unavoidably, and you'll need to remove some pretty nasty stuff from a computer. Highly Recommended Anti-Spyware Spybot Search & Destroy Spybot S&D has been around a long time, and is very effective in removing spyware and adware. I personally install and use both Spybot & Ad-Aware, but I believe that Spybot S&D has the current edge in overall detection and usability. Anti-Trojan Malwarebytes' Anti-Malware Malwarebytes has a good trojan detector here, and scans fast. Anti-Rootkit Rootkit Unhooker RKU is a very advanced rootkit detection utility. Alternatives Anti-Spyware Ad-Aware Free Edition Ad-Aware is a fine alternative to Spybot S&D, its scanning engine is slower but it is both effective and popular. Anti-Trojan a-squared (a2) Free a-squared is a highly reputable (and free) trojan scanner. Anti-Rootkit IceSword (Mirror) IceSword is one of the most capable and advanced rootkit detectors available. 5. Information and Data Security Data can be reasonably protected using encryption and a strong password, but you will never have complete and absolute anonymity on the internet as long as you have an IP address. a. Privacy / Anonymity Anonymity is elusive. Some of the following software can help you achieve a more anonymous internet experience, but you also must be vigilant in protecting your own personal information. If you use social networking sites, use privacy settings to restrict public access to your profile, and only 'friend' people you know in real life. Don't use (or make any references to) any of your aliases or anonymous handles on any websites that have any of your personal information (Facebook, Amazon, etc..). You should opt-out from information sharing individually for all banks and financial institutions you do business with using their privacy policy choices. You should opt-out of preapproved credit offers (US), unsolicited commercial mail and email (US, UK, CA), and put your phone numbers on the "Do Not Call" list (US, UK, CA). Highly Recommended Simply install and use Tor with Vidalia to surf the internet anonymously. It's free, only downside is it's not terribly fast, but has fairly good anonymity, so it's a tradeoff. Keep in mind its for anonymity not for security, so make sure sites you put passwords in are SSL encrypted (and have valid SSL certificates), and remember that all end point traffic can be sniffed. You can use the Torbutton extension for Firefox to easily toggle on/off anonymous browsing. POP3/IMAP and P2P software won't work through Tor, so keep that in mind. Portable Anonymous Browsing The Tor Project now has a "Zero-Install Bundle" which includes Portable Firefox and Tor with Vidalia to surf anonymously from a USB memory stick pretty much anywhere with the internet. It also includes Pidgin with OTR for encrypted IM communications. Note: These won't protect you from Trojans/Keyloggers/Viruses on insecure public terminals. Never type important passwords or login to important accounts on a public computer unless it is absolutely necessary! Alternatives I2P functions similar to Tor, allowing you to surf the general internet with anonymity. IPREDator $ is a VPN that can be used to anonymize P2P/BitTorrent downloads. Freenet is notable, but not for surfing the general internet, it's its own network with its own content. b. Encryption For most people, encryption may be unnecessary. But if you have a laptop, or any sort of sensitive data (whether it be trade secrets, corporate documents, legal or medical documents) then you can't beat the kind of protection that encryption will offer. There are a variety of options available today, including a lot of software not listed here. A word to the wise, please, please don't fall for snake oil, use well established applications that use time tested (and unbroken) ciphers. Regardless of what software you use, the following "what to pick" charts will apply universally. If you have to pick an encryption cipher: Best: AES (Rijndael) (128-bit block size) Better: Twofish (128-bit block size), Serpent (128-bit block size) Good: RC6 (128-bit block size) Depreciated: Blowfish (64-bit block size), CAST5 (CAST-128) (64-bit block size), Triple-DES (64-bit block size) When encrypting large volumes of data, it is important to pick a cipher that has a block size of at least 128-bytes. This affords you protection for up to 2^64x16 bytes (264 exabytes) . 64-bit block ciphers only afford protection of up to 2^32x8 bytes (32 gigabytes) so using it as a full disk or whole disk encryption cipher is not recommended. The depreciated list is only because some of you might be stuck using software that only supports older encryption methods, so I've ordered it from what I feel is best to worst (though all three that are on there are pretty time tested and if properly implemented, quite secure). If you have to pick a hash to use: Best: Whirlpool (512-bit) Better: SHA-512 (512-bit), SHA-256 (256-bit) Good: Tiger2/Tiger (192-bit), RIPEMD-160 (160-bit) Depreciated: RIPEMD-128, SHA-1, MD-5. With all the recent advances in cryptanalysis (specifically with work on hash collisions) These days I wouldn't trust any hash that is less than 160-bits on principle. To be on the safe side, use a 192-bit, 256-bit, or 512-bit hash where available. There will be cases where your only options are insecure hashes, in which case I've ordered the "depreciated" list from best to worst (they are all varying levels of insecure). Many older hashes (MD4, MD2, RIPEMD(original), and others) are totally broken, and are not to be used. A quick software rundown, these applications are popular and trusted: Highly Recommended Freeware Whole Disk Encryption TrueCrypt Based upon E4M, TrueCrypt is a full featured disk encryption suite, and can even be run off a USB memory stick. TrueCrypt supports the whole disk encryption of Windows, with pre-boot authentication. Very nice. If you can't use whole-disk encryption (WDE), you can use the TCTEMP add-on to encrypt your swapfile, temp files and print spooler, and you can use the TCGINA add-on to encrypt your windows home directory. (Note: TCTEMP/TCGINA is less secure than WDE, and only preferable if WDE is not an option. WDE is highly recommended.). Freeware PKI Encryption GnuPG (GPG) GnuPG provides public-key encryption, including key generation and maintenance, signing and checking documents and email messages, and encryption and decryption of documents and email messages. Freeware Email Encryption Enigmail Enigmail is truly a work of art, it integrates with GnuPG and provides seamless support for encryption and decryption of email messages, and can automatically check PGP signed documents for validity. (Enigmail requires both Mozilla Thunderbird and GnuPG) Alternatives Encryption Suite (with Whole Disk and Email Encryption) PGP Full Disk Encryption $ PGP provides public-key encryption, including key generation and maintenance, signing and checking documents and email messages, encryption and decryption of documents and email messages, volume disk encryption, whole disk encryption, outlook integration, and instant messenger encryption support. c. Backup, Erasure and Recovery // This section is under construction. Backups Your data might be safe from prying eyes, but what if you are affected by hardware failure, theft, flood or fire? Regular backups of your important data can help you recover from a disaster. You should consider encryption of your backups for enhanced security. Local Backup Cobian Backup Cobian Backup is a fully-featured freeware backup utility. SyncBack Freeware, Macrium Reflect Free SyncBack Freeware and Macrium Reflect Free are feature-limited freeware backup utilities. Off-site Backup SkyDrive (25GB, filesize limited to 100MB), box.net (5GB) SkyDrive and box.net offer free online storage, useful for easy offsite backups. Be sure to utilize encrypted containers for any sensitive documents. Data Destruction It would be better to have your data residing in an encrypted partition, but sometimes that may not be possible. When sanitizing a hard drive, I recommend using a quality Block Erase tool like DBAN followed by a run-through with ATA Secure Erase if you really want a drive squeaky clean. Block erasing is good for data you can normally reach, but ATA secure erase can hit areas of the drive block erasers can't. As for multiple overwrite passes, there is no proof that data overwritten even one time can be recovered by professional data recovery corporations. For moderate security, a single pseudorandom block-erase pass (random-write) followed by an ATA Secure Erase pass (zero-write) is sufficient to thwart any attempts at data recovery. For a high level of security, a "DoD Short (3 pass)" block-erase pass followed by an ATA Enhanced Secure Erase will ensure no recovery is possible. Single-File/Free Space Erase - If you are interested in just erasing single files or wiping free space, you can use the Eraser utility. Block Erase - For hard drive block-erasure, use DBAN. ATA Secure Erase - For ATA Secure Erasing, use the CMRR Secure Erase Utility. CMRR Secure Erase Protocols (.pdf) - http://cmrr.ucsd.edu...seProtocols.pdf NIST Guidelines for Media Sanitation (.pdf) - http://csrc.nist.gov...800-88_rev1.pdf File Recovery Software This is kind of the opposite of data destruction. Keep in mind no software utility can recover properly overwritten data, so if it's overwritten there is no recovery. Highly Recommended Recuva Recuva is an easy to use GUI-based recovery utility. Alternatives TestDisk and PhotoRec These tools are powerful command-line recovery utilities. TestDisk can recover partitions, and PhotoRec is for general file recovery. Ontrack EasyRecovery Professional $ EasyRecovery is one of the best paid utilites for file recovery. d. Access Control (Passwords, Security Tokens) // This section is under construction. Secure Passwords //Section under construction. Your security is only as strong as its weakest password. There are a few basic rules to follow when creating a strong password. Length - Passwords should be at least 12 characters long. When possible, use a password of 12 or more characters, or a "passphrase". If you are limited to using less than 12 characters, you should try and make your password as long as allowable. Complexity - Passwords should have an element of complexity, a combination of upper and lowercase characters, numbers, and symbols will make your passwords much harder to guess, and harder to bruteforce. Uniqueness - Passwords should avoid containing common dictionary words, names, birthdays, or any identification related to you (social security, drivers license, or phone numbers for example). Secret - If you have a password of the utmost importance, do not write it down. Do not type them in plain view of another person or share them with anyone. Avoid use of the same password in multiple places. Security Tokens Security Tokens are cryptographic devices that allow for two-factor authentication. Aladdin eToken Safenet iKey IronKey Basic 6. Conclusion And here we are at the end! I would like to thank all of you for taking the time to read my guide, it's a few (slow) years in the making and I've kept it up to date. This guide is always changing, so check back from time to time. Revision 1.10.018-upd3 Copyright © 2004-2012 Malakai1911, All Rights Reserved The information contained within this guide is intended solely for the general information of the reader and is provided "as is" with absolutely no warranty expressed or implied. Any use of this material is at your own risk, its authors are not liable for any direct, special, indirect, consequential, or incidental damages or any damages of any kind. This guide is subject to change without notice. Windows_Security_Template__1.10.015_.zip
  2. The secrecy surrounding the work was unheard of at Google. It was not unusual for planned new products to be closely guarded ahead of launch. But this time was different. The objective, code-named Dragonfly, was to build a search engine for China that would censor broad categories of information about human rights, democracy, and peaceful protest. In February 2017, during one of the first group meetings about Dragonfly at Google’s Mountain View headquarters in California, some of those present were left stunned by what they heard. Senior executives disclosed that the search system’s infrastructure would be reliant upon a Chinese partner company with data centers likely in Beijing or Shanghai. Locating core parts of the search system on the Chinese mainland meant that people’s search records would be easily accessible to China’s authoritarian government, which has broad surveillance powers that it routinely deploys to target activists, journalists, and political opponents. Yonatan Zunger, then a 14-year veteran of Google and one of the leading engineers at the company, was among a small group who had been asked to work on Dragonfly. He was present at some of the early meetings and said he pointed out to executives managing the project that Chinese people could be at risk of interrogation or detention if they were found to have used Google to seek out information banned by the government. Scott Beaumont, Google’s head of operations in China and one of the key architects of Dragonfly, did not view Zunger’s concerns as significant enough to merit a change of course, according to four people who worked on the project. Beaumont and other executives then shut out members of the company’s security and privacy team from key meetings about the search engine, the four people said, and tried to sideline a privacy review of the plan that sought to address potential human rights abuses. Zunger — who left his position at Google last year — is one of the four people who spoke to The Intercept for this story. He is the first person with direct involvement in Dragonfly to go on the record about the project. The other three who spoke to The Intercept are still employed by Google and agreed to share information on the condition of anonymity because they were not authorized to talk to the media. Their accounts provide extraordinary insight into how Google bosses worked to suppress employee criticism of the censored search engine and reveal deep fractures inside the company over the China plan dating back almost two years. Google’s leadership considered Dragonfly so sensitive that they would often communicate only verbally about it and would not take written notes during high-level meetings to reduce the paper trail, two sources said. Only a few hundred of Google’s 88,000 workforce were briefed about the censorship plan. Some engineers and other staff who were informed about the project were told that they risked losing their jobs if they dared to discuss it with colleagues who were themselves not working on Dragonfly. “They [leadership] were determined to prevent leaks about Dragonfly from spreading through the company,” said a current Google employee with knowledge of the project. “Their biggest fear was that internal opposition would slow our operations.” In 2016, a handful of Google executives — including CEO Sundar Pichai and former search chief John Giannandrea — began discussing a blueprint for the censored search engine. But it was not until early 2017 that engineers were brought on board to begin developing a prototype of the platform. The search engine was designed to comply with the strict censorship regime imposed by China’s ruling Communist Party, blacklisting thousands of words and phrases, including terms such as “human rights,” “student protest,” and “Nobel Prize.” It was developed as an app for Android and iOS devices, and would link people’s search records to their personal cellphone number and track their location. (Giannandrea could not be reached for comment.) The company managed to keep the plan secret for more than 18 months — until The Intercept disclosed it in August. Subsequently, a coalition of 14 leading human rights groups, including Amnesty International and Human Rights Watch, condemned the censored search engine, which they said could result in Google “directly contributing to, or [becoming] complicit in, human rights violations.” Employees who opposed the censorship staged protests inside the company. Meanwhile, a bipartisan group of U.S. senators called Dragonfly “deeply troubling,” and Vice President Mike Pence demanded that Google “immediately end” its development. Google employees who had worked on Dragonfly watched the furor unfold and were not surprised by the backlash. Many of the concerns raised by the human rights groups, they noted, had already been voiced inside the company prior to the public exposure of the plans, though they had been brushed aside by management. Every new product or service that Google develops must be reviewed by legal, privacy, and security teams, who try to identify any potential issues or problems ahead of the launch. But with Dragonfly, the normal procedure was not followed: Company executives appeared intent on watering down the privacy review, according to the four people who worked on the project. In January 2017, Zunger, the 14-year veteran engineer at the company, had been tasked with producing the privacy review. However, it quickly became apparent to him that his job was not going to be easy. His work was opposed from the outset by Beaumont, Google’s top executive for China and Korea. Beaumont, a British citizen, began his career in 1994 as an analyst for an investment bank in England and later founded his own company called Refresh Mobile, which developed apps for smartphones. He joined Google in 2009, working from London as director of the company’s partnerships in Europe, Asia and the Middle East. In 2013, Beaumont relocated to China to head Google’s operations there. He described himself in his LinkedIn biography as a “technology optimist” who cares about “the value and responsible use of technology in a range of fields.” According to Zunger, Beaumont “wanted the privacy review [of Dragonfly] to be pro forma and thought it should defer entirely to his views of what the product ought to be. He did not feel that the security, privacy, and legal teams should be able to question his product decisions, and maintained an openly adversarial relationship with them — quite outside the Google norm.” Three sources independently corroborated Zunger’s account. Beaumont did not respond to multiple requests for comment, and Google declined to answer questions for this story. During one meeting, Zunger recalled, Beaumont was briefed on aspects of Dragonfly that Google’s privacy and security teams planned to assess. He was told that the teams wanted to check whether the Chinese search system would be secure against state and non-state hackers, whether users in China would have control over their own data, and whether there may have been any aspects of the system that might cause users to unintentionally disclose information about themselves. “I don’t know if I want you asking those questions,” Beaumont retorted, according to Zunger, who said the comment was “quite surprising to those in the room.” Beaumont micromanaged the project and ensured that discussions about Dragonfly and access to documents about it were tightly controlled. “Different teams on the Dragonfly project were actively segmented off from one another and discouraged from communicating, except via Scott’s own team, even about technical issues,” said Zunger. This was “highly unusual,” according to Zunger. Normally, even for extremely confidential work inside the company, he said, there would be “open and regular communication within a project, all the way up to senior leadership.” With Dragonfly, the opposite was true. The restrictions around the project limited the ability for discussion and seemed intended “to prevent internal objections,” Zunger said. Some members of the Dragonfly team were told that if they broke the strict confidentiality rules, then their contracts at Google would be terminated, according to three sources. Despite facing resistance, the privacy and security teams — which together included a total of between six and eight people — proceeded with their work. Zunger and his colleagues produced a privacy report that highlighted problematic scenarios that could arise once the censored search engine launched in China. The report, which contained more than a dozen pages, concluded that Google would be expected to function in China as part of the ruling Communist Party’s authoritarian system of policing and surveillance. It added that, unlike in Europe or North America, in China it would be difficult, if not impossible, for Google to legally push back against government requests, refuse to build systems specifically for surveillance, or even notify people of how their data may be used. Zunger had planned to share the privacy report and discuss its findings during a meeting with the company’s senior leadership, including CEO Sundar Pichai. But the meeting was repeatedly postponed. When the meeting did finally take place, in late June 2017, Zunger and members of Google’s security team were not notified, so they missed it and did not attend. Zunger felt that this was a deliberate attempt to exclude them. By this point, Zunger had already decided to leave Google, due to a job offer he had received from Humu, a startup company co-founded by Laszlo Bock, Google’s former head of human resources, and Wayne Crosby, Google’s former director of engineering. Had Zunger not received the offer to join Humu when he did, he said, he would likely have ended up resigning in protest from Google over Dragonfly. “The project, as it was then specified, was not something I could sign off on in good conscience,” he told The Intercept. Zunger does not know what happened to the privacy report after he left Google. He said Google still has time to address the problems he and his colleagues identified, and he hopes that the company will “end up with a Project Dragonfly that does something genuinely positive and valuable for the ordinary people of China.” Google launched a censored search engine in China in 2006 but stopped operating the service in the country in 2010, saying it could no longer tolerate Chinese government efforts to limit free speech, block websites, and hack activists’ Gmail accounts. At that time, Google co-founder Sergey Brin had advocated inside the company to pull out of China because he was uncomfortable with the level of government censorship and surveillance. The “key issue,” Brin said, was to show that Google was “opposing censorship and speaking out for the freedom of political dissent.” The Dragonfly revelations prompted questions about whether Brin had dramatically reversed his views on censorship in China. But in a meeting with Google employees in August, Brin claimed that he knew nothing about Dragonfly until The Intercept exposed it. According to three sources, employees working on Dragonfly were told by Beaumont, the company’s China chief, that Brin had met with senior Chinese government officials and had told them of his desire to re-enter the Chinese market, obeying local laws as necessary. However, the Dragonfly teams were instructed that they were not permitted to discuss the issue directly with Brin or other members of Google’s senior leadership team, including Pichai, co-founder Larry Page, and legal chief Kent Walker. Two sources working on Dragonfly believed that Beaumont may have misrepresented Brin’s position in an attempt to reassure the employees working on Dragonfly that the effort was fully supported at the highest levels of the company, when that may not have been the truth. “How much did Sergey know? I am guessing very little,” said one source, “because I think Scott [Beaumont] went to great lengths to ensure that was the case.” Inside Google, a deep ideological divide has developed over Dragonfly. On one side are those who view themselves as aligned with Google’s founding values, advocating internet freedom, openness, and democracy. On the other side are those who believe that the company should prioritize growth of the business and expansion into new markets, even if doing so means making compromises on issues like internet censorship and surveillance. Pichai, who became Google’s CEO in 2015, has made it clear where he stands. He has strongly backed Dragonfly and spoken of his desire for the company to return to China and serve the country’s people. In October, Pichai publicly defended the plan for the censored search engine for the first time, though he tried to play down the significance of the project, portraying it as an “experiment” and adding that it remained unclear whether the company “would or could” eventually launch it in China. Staff working on Dragonfly were confused by Pichai’s comments. They had been told to prepare the search engine for launch between January and April 2019, or sooner. The main barrier to launch, the employees were told, was the ongoing U.S. trade war with China, which had slowed down negotiations with government officials in Beijing, whose approval Google required to roll out the platform in the country. “What Pichai said [about Dragonfly being an experiment] was ultimately horse shit,” said one Google source with knowledge of the project. “This was run with 100 percent intention of launch from day one. He was just trying to walk back a delicate political situation.” The launch plan was outlined during a July meeting for employees who were working on Dragonfly. The company’s search chief, Ben Gomes, instructed engineers to get the search engine ready to be “brought off the shelf and quickly deployed.” Beaumont told employees in the same meeting that he was pleased with how things were developing for the company in the country, according to a previously undisclosed transcript of his comments obtained by The Intercept. “There has been a really positive change in tone towards Google during [Pichai’s] recent visits” to China, Beaumont said. “Part of our task over the past few years has been to re-establish that Google can be a trusted operator in China. And we’ve really seen a pleasing turnaround, relatively recently in the last couple of years. We are fairly confident that, outside of the trade discussions, there is a positive consensus across government entities to allow Google to re-engage in China.” A few weeks later, details about Dragonfly were emblazoned across international newspapers and the internet, and the company was scrambling to contain the outpouring of internal and external protest. Beaumont was furious that information about the project had leaked, said two sources familiar with his thinking, and he told colleagues that he feared the disclosures may have scuppered the prospect of Google launching the platform in the short term. “[Beaumont’s] endgame was very simple — his ideal circumstance was that most people would find out about this project the day it launched,” said one Google source. “He wanted to make sure there would be no opportunity for any internal or external resistance to Dragonfly, but he failed.” Source
  3. UPDATE 1 UPDATE 2 ------------------------------------------ 1) - Spycar What is Spycar? Spycar is a suite of tools designed to mimic spyware-like behavior, but in a benign form. Intelguardians created Spycar so anyone could test the behavior-based defenses of an anti-spyware tool. Spycar runs only on Windows, the same platform most targeted by spyware developers. What does Spycar do? The following links are Spycar. Clicking on each of the links will make Spycar try to take some benign action on your system. When you first run it, Spycar will ask you to name a test profile, a small file where we'll store state information about a given series of Spycar tests you perform. Then, when you click on each link, Spycar works by pushing a Windows executable to your browser. Currently, Spycar runs only on Windows, and its browser-centric alterations focus on IE, although it can be triggered by any Windows browser (Firefox-altering Spycar modules will be released soon!). Spycar does not include any exploits, so you must click "OK" in the message that appears in your browser to run the given Spycar function. If, after you click "OK", your anti-spyware tool blocks the given Spycar action, good for you! If not, this benign alteration will occur. Then, when you have clicked each of these links, you can click on the Results/Clean-Up link to have the Spycar tool called TowTruck automatically measure how your anti-spyware tool did, and to restore your machine to the pre-Spycar settings. Note that we designed Spycar as a series of different links and associated executables. We did not make it a monolithic one-click-to-conduct-all-actions programs, because an anti-spyware tool may shut down a given program early on in its cycle, without letting Spycar accurately test later modules. That's why you have to click on each link, giving your anti-spyware tool a fair shot at stopping each individual action. Spycar Tests Spycar Homepage 2) -Shields UP Without your knowledge or explicit permission, the Windows networking technology which connects your computer to the Internet may be offering some or all of your computer's data to the entire world at this very moment! GRC Shields UP Test 3) - DNS Nameserver Spoofability Test Can you trust your Domain Name Servers? You and your web browser would believe you were at your banking site. You entered the URL correctly, or used a reliable link or shortcut. Everything would look right. But you would be logged onto a malicious foreign web site which was ready and able to capture your private banking information. DNS Spoofability test 4) -Symantec Security Check Symantec Security Test 5) -PC Security Test PC Security Test is a free program for Windows that checks computer security against viruses, spyware and hackers. With a few mouse clicks, users can easily control the efficiency of their protection software (anti-virus programs, spyware scanners and firewalls). PC Security Test simulates virus, spyware and hacking attacks and monitors the responses of your protection software. Don't worry, no real viruses are involved !After the tests are complete, PC Securtiy computes a security index and provides tips on improving PC security. Download PC Security Test Homepage 6) -PC Flanks Battery of Tests PC Flanks Tests 7)- Security Scan from Audit My PC scans done - Firewall Scanner , Privacy Scanner , Exploit Scanner Audit My PC 8 ) -Test My PC Security Battery of Tests . Test My PC Security has a wide range of downloadable firewall leak and HIPS tests so you can find out just how good your security software is. Firewall Leak Tests – Firewall leak tests are written to test how effective the firewall component of your security software is at detecting and blocking outgoing connection attempts. If a program is able to connect to the internet without your knowledge then it is capable of transmitting any private data you may have on your machine. The techniques used by these programs are sophisticated but are representative of real world threats – so your firewall needs to block them. HIPS Tests – Tests designed to check how well your security software protects your internal system from attack by malicious executables such as viruses. A good HIPS system will restrict access to your critical operating system files, registry keys, COM interfaces and running processes. It should block untrusted processes from modifying the memory space of other programs and stop malware whenever it tries to install itself. Firewall Leak and HIPS tests – These tests are designed to test both of the above at the same time (both the Firewall and Host Intrusion Prevention components of your software). Download Complete Set of tests (Zip ) Individual Tests Home Page 9) -Belarc Advisor - Free Personal PC Audit The Belarc Advisor builds a detailed profile of your installed software and hardware, missing Microsoft hotfixes, anti-virus status, CIS (Center for Internet Security) benchmarks, and displays the results in your Web browser. All of your PC profile information is kept private on your PC and is not sent to any web server. Download BelArc Security Advisor BelArc Home Page 10) - Qualys Browser Check Perform a security analysis of your browser and its installed and missing plug ins and / or any other security patches or any other security issues . Qualys Browser Check 11) - Browser Spy BrowserSpy.dk is a collection of online tests that shows you just how much personal information can be collected from your browser just by visiting a page. BrowserSpy.dk can tell you all kinds of detailed information about you and your browser. Information ranging from simple stuff like the name and version of your browser to more detailed stuff like what kind of fonts you have installed and what hardware you're running on. You name it, BrowserSpy.dk shows it! When you surf around the internet your browser leaves behind a trail of digital footprints. Websites can use these footprints to check your system. BrowserSpy.dk is a service where you can check just what information it's possible to gather from your system, just by visiting a website.Privacy to the ultimate test! Browser Spy 12) - Eicar Test File The Eicar Test file , your anti virus should alert you to both the files when you click on them . if it doesnt , let them download , and then extract them or use them or scan your pc with your AV scanner . if working , your AV scanner should alert you this ( FAKE ) threat ... Eicar2com test Zip eicar.com 13) - Firewall Leak Tester Download Firewall Leak Test Leak Test Home Page 14) - Zemana Logging Tests . These test programs simulate the activities of different loggers. If your security software is protecting you proactively, then the simulation should trigger a warning message. No warning means no proactive protection... and probably no protection at all! If the simulation does not trigger a warning, then your current security software does not protect you . http://zemana.com/SecurityTests.aspx 15) - Spy Shelter Security Test Tool Download Spy Shelter Test Spy Shelter Home Page 16) - BufferZone Security Test Tool In the following demo, we will simulate what will happen when you receive a malicious file. It could come in through any number of ways: browsing, as an email attachment, from a USB storage device, just to name a few. We will attempt to prove that none of your security system's defense layers will identify or alert you to our intrusion attempt. Note: This is only a demo and no actual damage will be caused to your PC. Download Test File BufferZone Test Homepage 17) - Matousec Security Software Testing Suite Security Software Testing Suite (SSTS) is a set of tools used for testing Windows security software that implement application-based security – i.e. most of the Internet security suites, HIPS, personal firewalls, behavior blockers etc. SSTS is based on the idea of independent programs that attempt to bypass various features of the security software. Each test of SSTS is directed against a single feature or against a few closely connected features of the security software. Download SSTS. Matousec SSTS Homepage 18) - RUBotted - Test if your PC is Acting like a BOT . RUBotted monitors your computer for potential infection and suspicious activities associated with bots. Bots are malicious files that enable cybercriminals to secretly take control of your computer. As more bots secretly take control of computers and use these infected machines in malicious activities, bot networks are becoming more resilient. The emergence of new bot families and the continued proliferation of some of the threat landscape's most notorious botnets only reinforce the need for a reliable solution against botnets. It is capable of detecting known and unknown variants of known botnet families including some of the most notorious botnets today: ZBOT/ZeuS – bank information stealerKOOBFACE – most successful Web 2.0 botnetWALEDAC – infamous spamming botDownload RUBotted RUBotted Homepage 19) Comodo Tests ( Thanks to Alienforce1) Comodo Parent Injection Leak Test Suite (contains 3 Tests) The CPIL suite contains three separate tests especially developed by Comodo engineers to test a firewall's protection against parent injection leak attacks Download CPIL -- -------------------- Comodo HIPS and Firewall Leak Test Suite (contains 5 tests) Comodo's latest suite of tests cover a wider range of exploits and will tell quickly inform you if your computer is vulnerable to Root kits, Background Intelligent Transfer attacks and process injection attacks. Download HIPS and Firewall Test 20) Phish Test Verify the authenticity of a URL with this online live tool . suspect a link to be Phishy test it here . and see if its been reported a web forgery or not . other way to use the tool is to check your system for Phishing safety . copy a link from the website which has already been reported to be a web forgery . open it in your browser and see if you get any alerts . PhishTank PS-- please read all the instructions on a tests web site thoroughly and completely before running or performing a test . the post can not be held responsible for any loss of data , loss of system stability , system crashes , BSOD, system failures or for that reason , any thing that may arise while or after performing a test .!! nothing serious , just a random precautionary statement , all tests are safe . go ahead and try them and test your system ...
  4. Bitdefender 2019 - Stable - Final - Online/Offline Standalone Installers For Windows[x86 & x64] More Info/Official News: https://www.bitdefender.com/news/bitdefender-new-security-line-will-stop-most-sophisticated-attacks-3533.html BD 2019 Home/Home Office Forum: https://forum.bitdefender.com/index.php?/forum/536-bitdefender-2019-products/ BD TS 2019 Support: https://www.bitdefender.com/consumer/support/product/26925/ Improvements in BD 2019: https://www.bitdefender.com/consumer/support/answer/13353/ Changelog - gathered by Wortex/bitdefender forum: https://www.bitdefender.com/media/html/consumer/new/launch2019-opt/ Online Installers: Bitdefender Antivirus Plus 2019 Online: https://download.bitdefender.com/windows/installer/en-us/bitdefender_antivirus.exe XP | Vista: https://download.bitdefender.com/windows/installer/en-us/xp-vista/bitdefender_antivirus.exe Bitdefender Internet Security 2019 Online: https://download.bitdefender.com/windows/installer/en-us/bitdefender_isecurity.exe XP | Vista: https://download.bitdefender.com/windows/installer/en-us/xp-vista/bitdefender_isecurity.exe Bitdefender Total Security 2019 Online: https://download.bitdefender.com/windows/installer/en-us/bitdefender_tsecurity.exe XP | Vista: https://download.bitdefender.com/windows/installer/en-us/xp-vista/bitdefender_tsecurity.exe Offline Installers and Install Guide: Bitdefender 2019 Offline Installation Guide: Bitdefender 2019 AV Plus / Internet Security / Total Security - Standalone Installers [Windows]: 32bit [x86] - [Size: 428 MB]: https://download.bitdefender.com/windows/desktop/connect/cl/2019/all/bitdefender_ts_23_32b.exe 64bit [x64] - [Size: 456 MB]: https://download.bitdefender.com/windows/desktop/connect/cl/2019/all/bitdefender_ts_23_64b.exe Bitdefender Agent - 2019 - Universal [Same Agent for AV Plus / IS / TS]: Screenshots: Install Notes: Precaution Note: If you've already installed older version of Bitdefender[incl. 2016 version], we are sure that you'll lose your settings. Please take note of configuration, settings. whitelisted files and links. Also read the support page link above for upgrade/install Bitdefender 2019. Download and Install Bitdefender Agent. When it starts downloading the install files, Stop/Close it immediately. Note: Check whether there the Agent is installed only once in "Add/Remove Programs" or "Programs & Features". Note: Check in "Program Files" for folder named "Bitdefender Agent". Now, start installing offline installer and proceed with installation. Note: Please choose respective download link based on architecture x86/x64 for smooth installation. Note: Don't worry about AV Plus/IS/TS. The installer automatically modifies the installation depending on the license you entered. Once installation is done, configure accordingly for best protection and to avoid files from getting deleted. Configure Whitelist files and links if you have any. It is better to keep note of the configured settings for future use. User Guide: Bitdefender Antivirus Plus 2019: https://download.bitdefender.com/resources/media/materials/2019/userguides/en_EN/bitdefender_av_2019_userguide_en.pdf Bitdefender Internet Security 2019: https://download.bitdefender.com/resources/media/materials/2019/userguides/en_EN/bitdefender_is_2019_userguide_en.pdf Bitdefender Total Security 2019: https://download.bitdefender.com/resources/media/materials/2019/userguides/en_EN/bitdefender_ts_2019_userguide_en.pdf Uninstall Tool: Uninstall Tools Home: https://www.bitdefender.com/site/view/uninstall_consumer_paid.html Uninstall Tool For Bitdefender 2018 Products: https://www.bitdefender.com/files/KnowledgeBase/file/Bitdefender_2018_UninstallTool.exe NOTE: Bitdefender 2018 Uninstall Tool require KB2999226. If you didn't install, you'll get error "api-ms-win-crt-runtime-l1-1-0.dll" missing. You can download it here - KB2999226 Uninstall Tool For Bitdefender 2017 Products: http://www.bitdefender.com/files/KnowledgeBase/file/Bitdefender_2017_UninstallTool.exe NOTE: Bitdefender 2017 Uninstall Tool require KB2999226. If you didn't install, you'll get error "api-ms-win-crt-runtime-l1-1-0.dll" missing. You can download it here - KB2999226 Uninstall Tool For Bitdefender 2016 Products: http://www.bitdefender.com/files/KnowledgeBase/file/Bitdefender_2016_UninstallTool.exe Uninstall Tool For Bitdefender 2015 / 2014 / 2013 Products: http://www.bitdefender.com/files/KnowledgeBase/file/The_New_Bitdefender_UninstallTool.exe Uninstall Tool For Bitdefender 2012 Products and Earlier: http://www.bitdefender.com/files/KnowledgeBase/file/BitDefender_Uninstall_Tool.exe @[email protected] my revealed new ac extn method - modified as Jedi II 2018 TR tool by Jedi/Polylak work with 2019? If not, check TR release 2019. Thanks.
  5. Betternet Free VPN is a free multi-platform app that allows users to connect anonymously to the internet. A VPN or virtual private network sends your internet connection through a separate server meaning that any website you visit will not be able to track your location. This can be used for a number of reasons from accessing region-locked content to simply wanting to avoid being tracked. While many VPN services have an annual charge Betternet Free VPN does not. Homepage: https://www.betternet.co/ Download: https://control.kochava.com/v1/cpi/click?traffic_source=organic&campaign_id=kobetternet-windows-0xvqb82z5431ed7d40d2f&network_id=6184&site_id=1&device_id=device_id ============================== Cracker/Team: Jasi2169 / TEAM URET Medicine: Crack File Size: 0.99 MB Site: https://www.upload.ee Sharecode[?]: /files/8473047/Betternet.VPN.For.Windows.v4.1.0_Crack-URET.rar.html ==============================
  6. HandyPAF

    Noralabs Norascan 3.3

    Scans and detects malware, spyware, and other threats. Noralabs Norascan is an antivirus application built specifically for helping you scan the computer for potential threats. Sometimes, even if you use a good antivirus application, malware, spyware, and other threats may infiltrate into your computer without even being able to detect their presence. The tool provides two different scanning modes, namely quick or full. Of course, the first one is the fastest one because it scans only some locations from your computer. The full mode is the most comprehensive one, as it makes sure every item is scanned for possible threats. At the end of the scanning operation, you can view details about the suspicious items found on the system. Features: Scan known and unknown malware No need to reboot after installation Works together with other anti malware software Can scan in Windows safe mode Very fast and new technology of scan engine Auto update of signatures and new program versions Dual scanning and in the cloud scanning First Pattern Wave scanner ----- Changelog: Improvements: - Major enhancements - Auto update wave pattern analysis database - Cloud verification waiting time drastically improved - Main form screen adapted , so it can better match safe mode resolution - Improved compatibility with several antivirus software programs - Added server OS version detection Bug Fixes: - Fixed: Sometimes OS version wasn’t correctly displayed. - Compatible with Norascan server 5.0 Note: Noralabs Norascan is only able to scan the computer for suspicious files and send them to the quarantine. Hence, it doesn’t come packed with cleaning capabilities for helping you get rid of the potential threats. ----- Homepage http://www.noralabs.com/ Download http://www.noralabs.com/index.php/downloads?download=1:norascan-v3-3
  7. Mine is extremely light, but undoubtedly powerful. Here is my setup: Defensewall ShadowDefender Keyscrambler Sandboxie (custom rules) (A2, SAS, MBAM used rarely, on demand)
  8. HandyPAF

    AutorunsVTchecker 2018.08.29

    This tool is intended to check all files from system Autostart on VirusTotal. It is simply a launcher for Mark Russinovich's Autorunsc. AutorunsVTchecker was made for remote help with infected system. You don't have to ask user to check each different file separately and don't have to explain how to do it. You just have to give user a link to download and run it. When it ends checking, it'll show appropriate message. Helper should see needed report on virustotal by file hash. No logs. If you still need an Autoruns log, it is better to get it through the Autoruns GUI. First start of AutorunsVTchecker could take a long time. It depends of amount of files that weren't checked at VirusTotal and time wasted to send file and then to get an answer result. Sometimes it seems that tool is hang. But it is just waiting for server respond and you have to wait a little more. ----- Changelog: - Autoruns updated to version 13.91 ----- Homepage https://toolslib.net/downloads/viewdownload/669-autorunsvtchecker/ Download https://toolslib.net/downloads/finish/669-autorunsvtchecker/1743/ https://www.majorgeeks.com/files/details/autorunsvtchecker.html
  9. Though Encryption is not a new topic, you might have heard it online, while doing purchases, etc. Whats App messages are protected with end-to-end encryption. Your credit card details, id& password, payment information are transferred over an encrypted network. You might have already read these things on various sites and services. So, every time you read about or heard of encryption, what was the first thing that came to your mind? Most of the people would think that encryption is complex, has something to do with security and only computer programmers or geeks can understand it. But it is not that complicated you might be thinking right now. I mean the encryption techniques you may find hard to understand but the basic essence of encryption and decryption is very simple. So, What is Encryption? In simple words, Encryption is the process of encoding a data in such a way that only intended or authorized recipient can decode it. Encryption does not secure the data but it makes your data un-readable to other parties. Which means, even if an unauthorized person or hacker is able to read the network he/she won’t be able to make any sense out of it without the correct decryption key. The science of encryption and decryption is called cryptography. Why is Encryption important? In today’s scenario, we perform a lot of data exchange online. When much of your personal information and financial transactions are processed via the Internet, no business or individual can afford to get their data stolen. Not only the financial data or business files, even the messages we exchanged with our friends, the photos/files shared with family or emails sent to our clients, we need encryption for all of these data. Cybercrime is already at its peak. Nothing is really safe. We witness cases of identity theft on daily basis. Keeping your personal data secure while using the system or at your end can be done. But when the same information is sent over the Internet, you want that information to be only viewed by the particular person and no one else. The data is first sent to the local network and then travels to Internet Service Provider. Finally, a person for whom the information was meant for, finally receives it. Meanwhile, there are numerous of people who can access your information that you are sending. That is the reason why encryption is important. Individuals use it to protect personal information, businesses use it to protect corporate secrets and government uses it to secure classified information. Basic Encryption Techniques For Network Security You Should Know About The strength of encryption is measured by its key size. No matter how strong encryption algorithm is being used, the encrypted data can be subjected to brute force attacks. There are some basic encryption techniques that are used by online services and websites that you should know about. 1. AES (Advanced Encryption Standard) Advanced Encryption Standard is a symmetric encryption technique. Symmetric encryption means it involves secret key that could be a number, word or a string of random letters which is known to both sender and receiver. This secret key is applied to messages in a particular way after which the data becomes encrypted. As long as the sender and recipient know the secret key, encryption and decryption can be performed. AES is extremely efficient in 128-bit form and it uses 192 and 256 bits for encryption purposes. In present day cryptography, AES is widely supported in hardware and software with a built-in flexibility of key length. The security with AES is assured if and only if it is implemented correctly with the employment of good key management. AES-256 bit is a very heavy and strong encryption. Most of the governments use it. 2. Blowfish Encryption Blowfish is symmetric cipher technique ideal for domestic and exportable purpose as this symmetric cipher splits messages into blocks of 64 bit each and then encrypts them individually. Blowfish encryption technique can be used as a drop-in replacement for DES. The technique takes variable length key varying from 32 bits to 448 bits. Blowfish is found in software categories ranging from e-commerce platform from security passwords to various password management tools. It is one the most flexible encryption methods available. 3. RSA Encryption The Rivest Shamir Adleman (RSA) encryption technique is one of the most popular and secure public key encryption methods. This public key encryption technique is also known as asymmetric cryptography that uses two keys, one public and one private. In RSA encryption technique, both public and private key can be used to encrypt the message. But for the decryption of the message, the opposite key that has been used for encryption will be used. Most of the times, the data is encrypted with public key and decrypte using the private key. RSA encryption method assures the confidentiality, authenticity, integrity and non-reputability of electronic communication and data storage. 4. Triple DES Encryption Triple DES encryption method is a more secure procedure of encryption as the encryption is done three times. Triple DES encryption technique takes three keys each of 64bit, so overall key length is 192bis. The data is encrypted with the first key, decrypted with the second key and then again encrypted with the third key. The procedure of decryption is somewhat same as the procedure included in encryption expect that it is executed in reverse. 5. Twofish Encryption Twofish is a symmetric block cipher method, in which single key is used for encryption and decryption. Twofish could be the best choice when among AES techniques as this encryption technique is unique in terms of speed, flexibility, and conservative design. Twofish is new encryption technique which is highly secure and flexible. This encryption technique works extremely well with large microprocessors, dedicated hardware, and 8-bit or 32-bit card processors. Also, twofish encryption technique can be used in network applications where keys tend to change frequently and in various applications with little or no ROM or RAM available. 6. DES Encryption Data Encryption Standard (DES) is symmetric block cipher which uses 56-bit key to encrypt and decrypt 64-bit block of data. The Same key is used to encrypt and decrypt the message, so both the sender and the receiver should know how to use the same private key. DES has been suspended by more secure and advanced AES encryption technique and triple DES encryption techniques. 7. IDEA Encryption International Data Encryption Algorithm (IDEA) is another block cipher encryption technique that uses 52 sub keys, each 16-bit long. This technique was used in pretty good privacy version 2. Conclusion Encryption is a standard method for making a communication private. The sender encrypts the message before sending it to another user. Only the intended recipient knows how to decrypt the message. Even if someone was eavesdropping over the communication would only know about the encrypted messages, but not how to decrypt the message successfully. Thus in order to ensure the privacy in electronic communication, various encryption techniques and methods are used. As with the growth of electronic commerce and Internet, the issue of privacy has forefront in electronic communication. In this era of internet, where every kind of data is transferred in digital format, it is important that we know how our data is transferred, saved and used. Everyone must know about these basic encryption techniques. You can share this information with your friends and family to make them aware of encryption techniques. Article source
  10. With the launch of a new national cyber strategy, President Donald Trump has authorized the use of “offensive cyber operations” against U.S. adversaries, National Security Adviser John Bolton told reporters on Thursday. The U.S. hopes by deploying offensive measures it can deter cyberattacks targeting critical infrastructure and other systems, Bolton said, by demonstrating to adversaries that the cost “is higher than they want to bear.” In a letter, Trump said the new guidelines demonstrated his commitment to securing America from digital threats. “It is a call to action for all Americans and our great companies to take the necessary steps to enhance our national cybersecurity,” he said. “We will continue to lead the world in securing a prosperous cyber future.” Trump’s strategy, which he calls the “first fully articulated cyber strategy in 15 years,” replaces one implemented under the Obama administration. It is said to considerably relax rules surrounding the use of cyberweapons by the Pentagon and other agencies. “We’re going to do a lot of things offensively,” Bolton said. The move comes as U.S. intelligence warns of ongoing foreign operations aimed at undermining the 2018 midterm elections, including cyberattacks against voting infrastructure and computer intrusions targeting election officials. Asked if he considered the U.S. to be actively involved in a “cyberwar,” Bolton said he didn’t accept that “characterization.” But with its hands no longer tied, he said, expect the U.S. to strike back more frequently. Source
  11. Brian12

    Malware Removal Guide

    "This guide will help you remove malicious software from your computer. If you think your computer might be infected with a virus or trojan, you may want to use this guide. It provides step-by-step instructions on how to remove malware from Windows operating system. It highlights free malware removal tools and resources that are necessary to clean your computer. You will quickly learn how to remove a virus, a rootkit, spyware, and other malware." Guide: http://www.selectrealsecurity.com/malware-removal-guide I'll be posting updates. :)
  12. By Bruce Schneier The Five Eyes -- the intelligence consortium of the rich English-speaking countries (the US, Canada, the UK, Australia, and New Zealand) -- have issued a "Statement of Principles on Access to Evidence and Encryption" where they claim their needs for surveillance outweigh everyone's needs for security and privacy. ...the increasing use and sophistication of certain encryption designs present challenges for nations in combatting serious crimes and threats to national and global security. Many of the same means of encryption that are being used to protect personal, commercial and government information are also being used by criminals, including child sex offenders, terrorists and organized crime groups to frustrate investigations and avoid detection and prosecution. Privacy laws must prevent arbitrary or unlawful interference, but privacy is not absolute. It is an established principle that appropriate government authorities should be able to seek access to otherwise private information when a court or independent authority has authorized such access based on established legal standards. The same principles have long permitted government authorities to search homes, vehicles, and personal effects with valid legal authority. The increasing gap between the ability of law enforcement to lawfully access data and their ability to acquire and use the content of that data is a pressing international concern that requires urgent, sustained attention and informed discussion on the complexity of the issues and interests at stake. Otherwise, court decisions about legitimate access to data are increasingly rendered meaningless, threatening to undermine the systems of justice established in our democratic nations. To put it bluntly, this is reckless and shortsighted. I've repeatedly written about why this can't be done technically, and why trying results in insecurity. But there's a greater principle at first: we need to decide, as nations and as society, to put defense first. We need a "defense dominant" strategy for securing the Internet and everything attached to it. This is important. Our national security depends on the security of our technologies. Demanding that technology companies add backdoors to computers and communications systems puts us all at risk. We need to understand that these systems are too critical to our society and -- now that they can affect the world in a direct physical manner -- affect our lives and property as well. This is what I just wrote, in Click Here to Kill Everybody: There is simply no way to secure US networks while at the same time leaving foreign networks open to eavesdropping and attack. There's no way to secure our phones and computers from criminals and terrorists without also securing the phones and computers of those criminals and terrorists. On the generalized worldwide network that is the Internet, anything we do to secure its hardware and software secures it everywhere in the world. And everything we do to keep it insecure similarly affects the entire world. This leaves us with a choice: either we secure our stuff, and as a side effect also secure their stuff; or we keep their stuff vulnerable, and as a side effect keep our own stuff vulnerable. It's actually not a hard choice. An analogy might bring this point home. Imagine that every house could be opened with a master key, and this was known to the criminals. Fixing those locks would also mean that criminals' safe houses would be more secure, but it's pretty clear that this downside would be worth the trade-off of protecting everyone's house. With the Internet+ increasing the risks from insecurity dramatically, the choice is even more obvious. We must secure the information systems used by our elected officials, our critical infrastructure providers, and our businesses. Yes, increasing our security will make it harder for us to eavesdrop, and attack, our enemies in cyberspace. (It won't make it impossible for law enforcement to solve crimes; I'll get to that later in this chapter.) Regardless, it's worth it. If we are ever going to secure the Internet+, we need to prioritize defense over offense in all of its aspects. We've got more to lose through our Internet+ vulnerabilities than our adversaries do, and more to gain through Internet+ security. We need to recognize that the security benefits of a secure Internet+ greatly outweigh the security benefits of a vulnerable one. We need to have this debate at the level of national security. Putting spy agencies in charge of this trade-off is wrong, and will result in bad decisions. Cory Doctorow has a good reaction. Source
  13. Microsoft’s Obscure ‘Self Service for Mobile’ Office Activation Microsoft requires a product activation after installing. Users of Microsoft Office currently are facing trouble during telephone activation. After dealing with this issue, I came across another obscure behavior, Microsoft’s ‘Self Service for Mobile’ solution to activate Microsoft Office via mobile devices. Microsoft describes how to activate Microsoft Office 2013, 2016 and Office 365 within this document. There are several possibilities to activate an installed product, via Internet or via Telephone for instance. Activation by phone is required, if the maximum Internet activation threshold is reached. But Office activation by phone fails Within my blog post Office Telephone activation is no longer supported error I’ve addressed the basis issue. If a user re-installs Office, the phone activation fails. The activation dialog box shows the message “Telephone activation is no longer supported for your product“. Microsoft has confirmed this issue for Office 2016 users having a non subscriber installation. But also users of Microsoft Office 2010 or Microsoft Office 2013 are affected. A blog reader posted a tip: Use Mobile devices activation… I’ve posted an article Office 2010: Telefonaktivierung eingestellt? – Merkwürdigkeit II about the Office 2010 telephone activation issue within my German blog, back in January 2017. Then a reader pointed me within a comment to a Self Service for Mobile website. The link http: // bit.ly/2cQPMCb, shortened by bit.ly, points to a website https: // microsoft.gointeract.io/mobileweb/… that provides an ability to activate Microsoft Office (see screenshot below). After selecting a 6 or 7 Digits entry, an activation window with numerical buttons to enter the installation id will be shown (see screenshots shown below). The user has to enter the installation id and receives the activation id – plain and simple. Some users commented within my German blog, that this feature works like a charm. Obscurity, conspiracy, oh my God, what have they done? I didn’t inspect the posted link until writing last Fridays blog post Office Telephone activation is no longer supported error. My idea was, to mention the “Self Service for Mobile” page within the new article. I managed to alter the link to direct it to the English Self Service for Mobile language service site. Suddenly I noticed, that both, the German and also the English “Self Service for Mobile” sites uses https, but are flagged as “unsecure” in Google Chrome (see the screenshot below, showing the German edition of this web page. The popup shown for the web site „Self Service for Mobile“ says, that there is mixed content (images) on the page, so it’s not secure. That catches my attention, and I started to investigate the details. Below are the details for the German version of the web site shown in Google Chrome (but the English web site has the same issues). First of all, I noticed, that the „Self Service for Mobile“ site doesn’t belongs to a microsoft.com domain – in my view a must for a Microsoft activation page. Inspecting the details, I found out, the site contains mixed content (an image contained within the site was delivered via http). The content of the site was also delivered by Cloudflare (I’ve never noticed that case for MS websites before). The image flagged in the mixed content issue was the Microsoft logo, shown within the sites header, transferred via http. The certificate was issued by Go Daddy (an US company) and ends on March 2017. I’ve never noticed, that Go Daddy belongs to Microsoft. I came across Go Daddy during analyzing a phishing campaign months ago. A compromised server, used as a relay by a phishing campaign, has been hosted (according to Whois records) by Go Daddy. But my take down notice send to Go Daddy has never been answered. That causes all alarm bells ringing in my head, because it’s a typical behavior used in phishing sites. Also my further findings didn’t calm the alarm bells in my head. The subdomain microsoft used above doesn’t belongs to a Microsoft domain, it points to a domain gointeract.io. Tying to obtain details about the owner of gointeract.io via WhoIs ended with the following record. Domain : gointeract.io Status : Live Expiry : 2021-03-14 NS 1 : ns-887.awsdns-46.net NS 2 : ns-1211.awsdns-23.org NS 3 : ns-127.awsdns-15.com NS 4 : ns-1980.awsdns-55.co.uk Owner OrgName : Jacada Check for 'gointeract.sh' --- http://www.nic.sh/go/whois/gointeract.sh Check for 'gointeract.ac' --- http://www.nic.ac/go/whois/gointeract.ac Pretty short, isn’t it? No Admin c, no contact person, and Microsoft isn’t mentioned at all, but the domain has been registered till 2021. The Owner OrgName Jacada was unknown to me. Searching the web didn’t gave me more insights at first. Overall, the whole site looks obscure to me. The tiny text, shown within the browser’s lower left corner, was a hyperlink. The German edition of the „Self Service for Mobile“ site opens a French Microsoft site – the English site opens an English Microsoft site. My first conclusion was: Hell, I was tricked by a phishing comment – somebody set up this site to grab installation ids of Office users. So I deactivated the link within the comment and I posted a warning within my German blog post, not to use this „Self Service for Mobile“ site. I also tried to contact the user, who has posted the comment, via e-mail. … but “Microsoft” provides these links … User JaDz responded immediately in an additional comment, and wrote, that the link shortened via bit.ly has been send from Microsoft via SMS – after he tried the telephone activation and selected the option to activate via a mobile device. I didn’t noticed that before – so my conclusion was: Hell, this obscure „Self Service for Mobile“ site is indeed related to Microsoft. Then I started again a web search, but this time with the keywords Jacada and Microsoft. Google showed several hits, pointing to the site jacada.com (see screenshot below). It seems that Jacada is a kind of service provider for several customers. I wasn’t able to find Microsoft within the customer reference. But I know, that Microsoft used external services for some activities. Now I suppose, that somebody from Jacada set up the „Self Service for Mobile“ activation site. The Ajax code used is obviously able to communicate with Microsoft’s activation servers and obtain an activation id. And Microsoft’s activation mechanism provides an option to send the bit.ly link via SMS. Closing words: Security by obscurity? At this point I was left really puzzled. We are not talking about a startup located within a garage. We are having dealing with Microsoft, a multi billion company, that claims to run highly secured and trustable cloud infrastructures world wide. But what’s left, after we wipe of the marketing stuff? The Office activation via telephone is broken (Microsoft confirmed that, after it was reported by customers!). As a customer in need to activate a legal owned, but re-installed, Microsoft Office is facing a nasty situation. Telephone activation is refused, the customers will be (wrongly) notified, that this option is no longer supported. Internet activation is refused due “to many online activations” – well done. But we are not finish yet. They set up a „Self Service for Mobile“ activation site in a way, that is frequently used by phishers. They are sending links via SMS to this site requesting to enter sensitive data like install ids. A site that is using mixed content via https, and is displaying an activation id. In my eyes a security night mare. But maybe I’ve overlooked or misinterpreted something. If you have more insights or an idea, or if my assumptions a wrong, feel free, to drop a comment. I will try to reach out and ask Microsoft for a comment about this issue. Article in German Source Alternate Source reading - AskWoody: Born: Office activation site controlled by a non-Microsoft company
  14. Yahoo Mail and AOL Mail, which both fly under the Oath banner, a Verizon owned company, scan emails that arrive in user inboxes to improve advertisement targeting. An article published by The Wall Street Journal (sorry, no link as it is paywalled), suggests that Oath's email scanning may go beyond what users of the service may deem acceptable. According to the article, Yahoo is scanning commercial emails of all free users who did not opt-out of personalized advertisement to improve targeted advertising. Yahoo creates profiles of users by assigning them to certain groups or categories. A user who receives receipts for online purchases may be put into different categories based on the purchases, frequent traveler for example for users who get emails about several plane tickets in a period of time. Yahoo Mail users who get brokerage emails, e.g. trade confirmations, may be assigned to the investors group. While the exact classification and profiling system is unknown, it is clear that it uses information found in emails to profile users. The system places a cookie on users systems that identifies the interest groups the Yahoo user is associated with. Companies and advertisers may use the data to serve personalized advertisement to users and the paper suggests that Oath may also use receipts in the Yahoo Mail inbox as proof to advertisers that a particular campaign worked. Yahoo confirmed to The Wall Street Journal that it scans commercial emails only, and that the algorithms the company uses strip out personal information to make sure that those are not leaked in any way. The company claimed that the majority of emails that arrive in user inboxes are commercial in nature, and that the system is adjusted when the need arises to avoid wrong classifications and other issues. Yahoo customers have some options to deal with the email scanning: Close the account. Opt-out of interested-based ads and hope for the best. Closing an email account is problematic for a number of reasons. Users have to find another email provider, may want to back up all emails they received over the years, and may even want to keep the account open for a period to make sure no mail is lost. Closing the account may require that users change email addresses on websites, for instance those that they signed up for using the email address. One good option to back up all emails is the free MailStore Home software for Windows. It is capable of backing up all emails on the local system. You can read my review of MailStore Home here. The desktop email client Thunderbird is another option. Tip: Find out how to delete your entire Yahoo account. We published the guide after a Reuter's article suggested that Yahoo has been working with U.S. intelligence services to search all customer emails. Opt-out of interest-based ads on Yahoo Yahoo customers can opt-out of interest-based ads. Yahoo notes on the page that opting-out will stop the analysis of communication content for advertising purposes among other things. You can opt out of interest-based advertising, analysis of communications content for advertising purposes, and the sharing of your information with partners for data matching and appends using the tools on this page. Perform the following steps to opt-out. Visit The Ad Internet Manager page on the Yahoo website. Click on the opt-out button to opt-out of interest-based ads and thus also the analysis of communication content for advertising purposes. The button should change to a "opt-in" button after the request has been processed. Switch to "On Yahoo", and opt-out there as well. Note that the use of ad-blockers or content-blockers may prevent the opt-out from working correctly. Closing Words I don't know how good Yahoo's algorithms are to distinguish between commercial emails and others; the past has shown that it is tricky to get it right. Yahoo customers who use email may want to opt-out of the automated scanning to avoid any issues related to the scanning; some may want to create new email accounts at providers that don't scan emails or put privacy first. Examples of such providers are Startmail or ProtonMail. Now You: Would you use email providers that scan your emails for commercial purposes? Source
  15. More than half of professionals think they have a good shot at a successful insider attack. Computer professionals may think their enterprise security is good, but they think their skills are better. In fact, almost half think they could pull off a successful insider attack, according to a new report by Imperva. Indeed, 43% of the 179 IT professionals surveyed said they could successfully attack their own organizations, while another 22% said they would have at least a 50/50 chance at success. When it came to the attack surface, only 23% said they would use their company-owned laptops to steal information, while nearly 40% said their personal equipment would be the chosen avenue of attack. This information is most worrisome, according to the report, in light of Verizon's "2018 Data Breach Investigations Report," which found nearly 60% of all attacks take months to detect and days more to begin mitigation efforts after discovery. Read here for more. Source
  16. A team of Belgian researchers discovered privacy issues in how browsers, ad-blocking, and anti-tracking implementations handle third-party cookie requests. A team of Belgian researchers from KU Leuven analyzed third-party cookie policies of seven major web browsers, 31 ad-blockers and 14 anti-tracking extensions and discovered major and minor issues in all of them. Major issues include Microsoft Edge's unwillingness to honor its own "block only third-party cookies" setting, bypasses for Firefox's Tracking Protection feature, and use of the integrated PDF viewer in Chrome and other Chromium-based browsers for invisible tracking. Cookie requests can be sorted into two main groups: first-party requests that come from the address listed in the address bar of the browser and third-party requests that come from all other sites. Advertisement displayed by websites makes use of cookies usually and some of these cookies are used for tracking purposes. Internet users can configure their browsers to block any third-party cookie requests to limit cookie-based tracking. Some browsers, for instance Opera or Firefox, include ad-blockers or anti-tracking functionality that is used in addition to that. Anti-tracking mechanisms have flaws The research paper, "Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies", detailed information about each web browser, tests to find out if a browser is vulnerable to exploits, and bug reports are linked on the research project's website. The researchers created a test framework that they used to verify whether "all imposed cookie- and request-policies are correctly applied". They discovered that "most mechanisms could be circumvented"; all ad-blocking and anti-tracking browser extensions had at least one bypass flaw. In this paper, we show that in the current state, built-in anti-tracking protection mechanisms as well as virtually every popular browser extension that relies on blocking third-party requests to either prevent user tracking or disable intrusive advertisements, can be bypassed by at least one technique The researchers evaluated tracking protection functionality and a new cookie feature called same-site cookies that was introduced recently to defend against cross-site attacks. Results for all tested browsers are shown in the table below. The researchers tested the default configuration of Chrome, Opera, Firefox, Safari, Edge, Cliqz, and Tor Browser, and configurations with third-party cookie blocking disabled, and if available, tracking protection functionality enabled. Tor Browser is the only browser on the list that blocks third-party cookies by default. All browsers did not block cookies for certain redirects regardless of whether third-party cookies were blocked or tracking protection was enabled. Chrome, Opera and other Chromium-based browsers that use the built-in PDF viewer have a major issue in regards to cookies. Furthermore, a design flaw in Chromium-based browsers enabled a bypass for both the built-in third party cookie blocking option and tracking protection provided by extensions. Through JavaScript embedded in PDFs, which are rendered by a browser extension, cookie-bearing POST requests can be sent to other domains, regardless of the imposed policies. Browser extensions for ad-blocking or anti-tracking had weaknesses as well according to the researchers. The list of extensions reads like the who is who of the privacy and content blocking world. It includes uMatrix and uBlock Origin, Adblock Plus, Ghostery, Privacy Badger, Disconnect, or AdBlock for Chrome. The researchers discovered ways to circumvent the protections and reported several bugs to the developers. Some, Raymond Hill who is the lead developer of uBlock Origin and uMatrix, fixed the issues quickly. At least one issue reported to browser makers has been fixed already. "Requests to fetch the favicon are not interceptable by Firefox extensions" has been fixed by Mozilla. Other reported issues are still in the process of being fixed, and a third kind won't be fixed at all. You can run individual tests designed for tested web browsers with the exception of Microsoft Edge on the project website to find out if your browser is having the same issues. Closing Words With more and more technologies being added to browsers, it is clear that the complexity has increased significantly. The research should be an eye opener for web browser makers and things will hopefully get better in the near future. One has to ask whether some browser makers test certain features at all; Microsoft Edge not honoring the built-in setting to block third-party cookies is especially embarrassing in this regard. (via Deskmodder) Now You: Do you use extensions or settings to protect your privacy better? Source
  17. A new version of the Waterfox web browser for Google's Android operating system has been released that improves privacy significantly. A new version of the Waterfox web browser for Google's Android operating system has been released. The developer of Waterfox released a first public version of Waterfox for Android in 2017. The new version is available on Google Play and soon also on the alternative marketplace for Android applications F-Droid. The developer of Waterfox, Alex Kontos, released the new Android version of the web browser with big privacy improvements that should appeal to Android users who are interested in privacy. The new version is based on Tor and features all the privacy improvements that Tor developers added to the base Firefox version the project is based on. Waterfox for Android The developer promises that Waterfox for Android does not restrict users in regards to extensions that they can run in the browser, and that it does not collect or transfer Telemetry data to Mozilla, the Waterfox project, or installation trackers. The browser comes without Google Play Services integration. Pocket, a read-it-later and recommendation service that Mozilla integrated in Firefox has been removed, and all telemetry and data collecting of Firefox has been disabled next to that. Tracking Protection has been enabled by default, patches from Tor integrated to limit fingerprinting, and as many app permissions as possible has been removed without compromising core functionality. Thanks to Tor, Waterfox users don't have to worry about third-party cookies as those are blocked by default. You may enable them under Settings > Privacy if you wish so however. Waterfox works pretty much as you'd expect a browser to work. Fire it up and you are greeted with a list of top sites, bookmarks and history that you can tap on to load automatically. Only two top sites come with default installations and they both point to the Waterfox project. You can use the address bar to load any website; if you have used a copy of Firefox for Android in the past you will notice the resemblance with Mozilla's browser. Sync is integrated in the browser but the browser seems to crash when you select the option to sync browsing data under History on the new tab page. Waterfox does not restrict add-ons that you can install in the browser (provided that they are compatible with that particular version). Select Menu > Tools > Add-ons to display installed extensions and to open the official Firefox add-ons repository to download and install browser extensions in the mobile browser. Web compatibility should be good in general but you may run into sites optimized for Google Chrome and other Chromium browsers that may refuse to work in Waterfox for Android, or may not work as good as in Chrome. Closing Words The new version of Waterfox for Android feels quite snappy. I only had limited time to take the mobile browser for a test drive but what I saw was promising. I installed some browser add-ons in the mobile browser and visited popular sites such as YouTube, Amazon, or eBay to make sure they worked well in the browser (which they did). Sorry for the lack of screenshots but Waterfox for Android prevents the screenshot function of Android (just like Tor does). If you have played around with Waterfox for Android already let me know about your experience by leaving a comment below. Source PS: Almost a week ago, the developer hinted about this: “Currently testing the next Waterfox for Android version. Is based on Tor (including all its privacy focused patches) and will be built without Google Play Services! #fdroid here we come! #opensource #privacy” Now: “Waterfox for Android has finally been updated ?! The app has been pushed to the Play Store and should be available for all in a couple of hours. Will keep you all updated when roll-out is complete!”
  18. Mozilla removed today 23 Firefox add-ons that snooped on users and sent data to remote servers, a Mozilla engineer has told Bleeping Computer today. The list of blocked add-ons includes "Web Security," a security-centric Firefox add-on with over 220,000 users, which was at the center of a controversy this week after it was caught sending users' browsing histories to a server located in Germany. Mozilla follows through on the promised investigation "The mentioned add-on has been taken down, together with others after I conducted a thorough audit of [the] add-ons," Rob Wu, a Mozilla Browser Engineer and Add-on review, told Bleeping Computer via email. "These add-ons are no longer available at AMO and [have been] disabled in the browsers of users who installed them," Wu said. "I did the investigation voluntarily last weekend after spotting Raymond Hill's (gorhill) comment on Reddit," Wu told us. "I audited the source code of the extension, using tools including my extension source viewer." "After getting a good view of the extension's functionality, I used webextaware to retrieve all publicly available Firefox add-ons from addons.mozilla.org (AMO) and looked for similar patterns. Through this method, I found twenty add-ons that I subjected to an additional review, which can be put in two evenly sized groups based on their characteristics. "The first group is similar to the Web Security add-on. At installation time, a request is sent to a remote server to fetch the URL of another server. Whenever a user navigates to a different location, the URL of the tab is sent to this remote server. This is not just a fire-and-forget request; responses in a specific format can activate remote code execution (RCE) functionality," Wu said. "Fortunately, the extension authors made an implementation mistake in 7 out of 10 extensions (including Web Security), which prevents RCE from working." "The second group does not collect tab URLs in the same way as the first group, but it is able to execute remote code (which has a worse effect), This second group seems like an evolved version of the first group, because the same logic was used for RCE, with more obfuscation than the other group. "All of these extensions used subtle code obfuscation, where actual legitimate extension functionality is mixed with seemingly innocent code, spread over multiple locations and files. The sheer number of misleading identifiers, obfuscated URLs / constants, and covert data flows left me with little doubt about the intentions of the author: It is apparent that they tried to hide malicious code in their add-on." Wu reported these issues to fellow Mozilla engineers, who not only removed the add-ons from the Mozilla website, but also disabled them inside users' browsers. "Although I could have taken down the extensions myself (as a add-on reviewer at AMO), I did not do so, because just taking down the listings would prevent new installations, but still leave a few hundred thousand users vulnerable to an extension from a shady developer," Wu told Bleeping Computer via email. List of banned add-ons A bug report includes the list of all add-ons removed today in Mozilla's purge. The bug report lists the add-ons by their IDs, and not by their names, although Wu provided Bleeping Computer with the names of some add-ons. Besides Web Security, other banned add-ons include Browser Security, Browser Privacy, and Browser Safety. All of these have been observed sending data to the same server as Web Security, located at 136.243.163.73. The other banned add-ons include: YouTube Download & Adblocker Smarttube Popup-Blocker Facebook Bookmark Manager Facebook Video Downloader YouTube MP3 Converter & Download Simply Search Smarttube - Extreme Self Destroying Cookies Popup Blocker Pro YouTube - Adblock Auto Destroy Cookies Amazon Quick Search YouTube Adblocker Video Downloader Google NoTrack Quick AMZ All in all, over 500,000 users had one of these add-ons installed inside Firefox. Offending add-ons have been disabled in users' browsers After a quick test, true to its word, Mozilla has indeed disabled the Web Security add-on in a Firefox instance Bleeping Computer used yesterday for tests. Users of any of the banned add-ons will see a warning like this: The warning message displayed at the top redirects users to this page, where it provides the following explanation for the ban: Sending user data to remote servers unnecessarily, and potential for remote code execution. Suspicious account activity for multiple accounts on AMO. In the bug report, another Mozilla engineer gave additional explanations, consistent with Wu's investigation: A number of reports have come up that the Web Security add-on (https://addons.mozilla.org/addon/web-security/) is sending visited URLs to a remote server. While this may seem reasonable for an add-on that checks visited webpages for their security, other issues have been brought up: 1) The add-on sends more data than what seems necessary to operate. 2) Some of the data is sent unsafely. 3) The add-on doesn't clearly disclose this practice, beyond a mention in a large Privacy Policy. 4) The code has the potential of executing remote code, which is partially obfuscated in its implementation. 5) Multiple add-ons with very different features, and different authors, have the same code. Further inspection reveals they may all be the same person/group. Article updated with the names of other banned add-ons and additional investigation details provided by Wu. Source Source - 2
  19. The final version of TLS 1.3 -- Transport Layer Security -- has been published by the IETF, the Internet Engineering Task Force, and popular browsers such as Firefox support it already (an earlier draft version and soon the final version). Tip: point your browser to the SSL/TLS capabilities test on SSLLabs to find out which versions your browser supports. Check the protocol features on the page to find out which protocols the browser supports. If you want to check out which TLS versions a server supports, run the company's SSL Server Test tool instead. TLS 1.3 is a major update to TLS 1.2 even though the minor increase of the version might indicate otherwise. Transport Layer Security is what is used by devices for secure transactions on the Internet. Basically, if you see HTTPS being used in the browser it is powered by TLS. Whether that is TLS 1.3 already or TLS 1.2 depends on the browser and the site that the browser connects to. Multiple drafts of the new TLS 1.3 specification were released in the past four or so years ever since work began in earnest on the new standard. Browser makers like Mozilla or Google implemented support for various draft versions and the functionality was considered experimental at that time. Some sites did make use of TLS 1.3 already; Mozilla notes that about 5% of Firefox connections use TLS 1.3 already and that companies like Google, Facebook or Cloudflare support TLS 1.3 already. Firefox supports a draft version that is essentially identical to the final published version. Mozilla plans to release the final version in Firefox 63 which the organization plans to release in October 2018. Google Chrome supports an earlier draft version already as well and will support the final version of TLS 1.3 in an upcoming version. Chrome and Firefox include options to manage TLS support in the browsers. Mozilla started to enable TLS 1.3 support in Firefox Stable in 2018. What makes TLS 1.3 special? TLS 1.3 is a major update of the standard that improves speed and security significantly. One of the main advantages of TLS 1.3 is that basic handshakes take a single round-trip compared to TLS 1.2's two round-trips. The time it takes to connect to servers that support TLS 1.3 is reduced because of that which means that web pages that support TLS 1.3 load faster in browsers that support the new standard. Security is improved as well in TLS 1.3 when compared to previous versions. TLS 1.3 focuses on some widely known and analyzed cryptographic algorithms while TLS 1.2 includes support for more algorithms of which some were exploited successfully in the past. TLS 1.3 encrypts most of the handshake next to that which improves privacy when connecting to servers as much of the information that is in the open when TLS 1.2 is used is now encrypted and unreadable while in transit. Cloudflare published a technical overview of TLS 1.3 on the company blog; a good read for anyone interested in the topic. Source
  20. With the peak of the Internet more and more people are getting their business and personal stuff online. But that also has it consequences: it is the privacy and security, or more importantly, lack of. Here are some basic tips to make your life more private and secure: Don’t open shady links. Now that’s an obvious one but often forgotten. ‘X tagged you in this’ or ‘look at this cute photo’ should always be taken with the grain of salt. Especially if you don’t often communicate with that person or that link doesn’t look too good like www.asdgsdg.com/photo.exe' Use quality antivirus software. Use something free like Avast or Microsoft Security Essentials or if you are willing to pay: Eset NOD32. Don’t skimp on this, it could save your digital life. Use a premium VPN. Nowadays you can barely trust your ISP to not log or use your data for potential gains. Especially in the US where they can sell your data to the advertisers. Pretty scary right? Pick something like NordVPN and get military grade security with respect to your privacy. I’ve dug out this coupon code earlier (USENORD60) which gets you 1 year of VPN for $60. A pretty good value I think. Use social media conservatively. Even if you take all the necessary precautions but post on Facebook that you aren’t home right now, it isn’t really safe, is it? Even more, I recommend not using social media, because they track you. Everybody tracks you online. Limit yourself of Google, use Duck Duck Go for searching, Privacy Badger for tracking cookies and HTTPS Everywhere extensions for security, ProtonMail for securely encrypted mail. Also, you could get one of the safest OS out there, Tails. Here are my 2 cents. Hope these tips are useful to someone. If you have any questions do let me know.
  21. Jime234

    Changing my AV

    Hi, I have been using ESET SS since half a decade now, Now I'm thinking about changing my security setup for a change. I was thinking about MSE with WFC and MBAM, will it be good enough ? In the past I have tried out Nortan, Kaspersky, Avast, Avira but they had huge update size or/and I just found them to be annoying... And then I found ESET I just want an AV with small sized update definitions, just like ESET has. If you guys have tried and experienced or know about such an av, then kindly suggest ! Thanks in Advance !!
  22. Is there any good security software for laptop, Point should be : Good Security. Light weight. Good Detection rate. less falls detection. Please consider :)
  23. Incident slammed as the 'greatest breach in the history of telecommunications in Spain' SPANISH OPERATOR Telefonica has suffered a security breach that exposed the personal data of millions of customers. The breach allowed anyone to access the billing data of other customers, according to a report at El Espanol, which noted that the incident is similar to a serious failure that hit Spain's system in July 2017 that left personal data accessible to intruders without a high level of technical skill. To access the data of other customers, users only had to be logged into the system, access their invoice and make a small change in the URL, according to the report. From here, anyone could access the personal data of "millions" of Telefonica customers, including landline and mobile numbers, national ID numbers, addresses, banks, names, billing history and records of calls and other data. All of these data could be downloaded in CSV format files. "Although this involved accessing random data, it would have been possible to design a program that would collect information in large quantities from the operator's systems and then analyze it," El Espanol notes. The breach came to light after a Movistar customer reported the screw-up to Spanish consumer rights group FACUA, which has since filed a complaint with the Spanish Agency for Data Protection (AEPD) and is calling the incident the "greatest security breach in the history of telecommunications in Spain." Spain's AEDP is responsible for enforcing the EU's newly-introduced GDPR rules, under which Telefonica could face a fine between €10m and €20m, or 2 to 4 per cent of its annual turnover. However, Spain's data protection law limits these fines to between €300,000 and €600,000. FACUA has slammed the reduced fines as "absolutely ridiculous" and is calling on the Spanish government to update the regulation. Telefonica told El Espanol that "no fraudulent access has been detected " adding that it's made "all the competent authorities" aware of the breach. < Here >
  24. Once again, a medical company has suffered a cyber attack with suspicions for a possible data breach. This time, it is a US-based diagnostic laboratory LabCorp. Though the investigations are still underway, authorities suspect that the LabCorp system was possibly hacked by some unknown hackers to gain access to the private medical data. LabCorp System Hacked Causing Nationwide Website Shut Down The medical diagnostic laboratory LabCorp suffered a hacking attempt earlier this week. The hackers possibly hacked the company’s system to gain access to the private records. Upon noticing a suspicious activity, the IT officials shut down the company’s system. LabCorp disclosed details in an SEC filing: “During the weekend of July 14, 2018, LabCorp detected suspicious activity on its information technology network. LabCorp immediately took certain systems offline as part of its comprehensive response to contain the activity.” After the system shut down on Sunday morning, the patients could not access their test results and other required details over the weekend. However, the firm assures that the workers are trying their best to restore the system. “Work has been ongoing to restore full system functionality as quickly as possible, testing operations have substantially resumed today, and we anticipate that additional systems and functions will be restored through the next several days.” Possible Data Breach Suspected – Investigations Underway After the incident, the firm took quick actions to stop the suspicious activity. They also began investigations to find out the extent of this cyber attack. “LabCorp has notified the relevant authorities of the suspicious activity and will cooperate in any investigation.” For now, LabCorp has not released any general explanation about the incident, nor does it currently suspect any data breach. LabCorp is among the largest US diagnostic laboratories holding records of millions of patients. As stated on their company website, “The company provides diagnostic, drug development and technology-enabled solutions for more than 115 million patient encounters per year. LabCorp typically processes tests on more than 2.5 million patient specimens per week and supports clinical trial activity in approximately 100 countries.” This is quite impressive and in the event of a data breach, one can anticipate the extent of damages caused to millions of patients globally. For now, it seems that should a data breach of occurred it could be a massive acceleration of the medical data breaches which have happened recently at NHS and MedEvolve. We shall keep you updated about the matter as we continue to find out more. < Here >
×