Jump to content

Search the Community

Showing results for tags 'website'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 19 results

  1. Hello, As u all know, to create a website shortcut on your desktop, all you need to do is click on the website icon, drag and drop it on the desktop. I am using Firefox 69.0. I don't know if this issue began with the latest Firefox update or its was I who turned off a specific option in the settings. Does anyone know how to fix this issue ? Thank you
  2. Have you ever wondered how to find Long Tail Keywords for your website? When you use Google, you may notice a little drop-down box that represents their attempt to predict what you’re about to type next. For example when I type the phrase “How does a website…” then Google assumes I might be looking for: How does a website make money How does a website work How does a website find my location How does a website server work How does a website help a business These are some interesting keywords… Wouldn’t it be great if there was a way to save all these keywords–so we could add them to our website content? Well that is where Keyword Researcher comes in! Keyword Researcher is an easy-to-use Keyword Discover Tool. Once activated, it emulates a human using Google Autocomplete, and repeatedly types thousands of queries into Google. Each time a partial phrase is entered, Google tries to predict what it thinks the whole phrase might be. We simply save this prediction. And, as it turns out, when you do this for every letter of the alphabet (A-Z), then you’re left with hundreds of great Long Tail keyword phrases. HP: https://clevergizmos.com/keyword-researcher/ Site: http://mirr.re Sharecode: /d/IT7
  3. from the this-is-messed-up dept What's up Europe? We've been talking a lot about insanity around the new copyright directive, but the EU already has some pretty messed up copyright/related rights laws on the books that are creating absurd situations. The following is one of them. One area where US and EU laws differ is on the concept of the "database right." The US does not grant a separate copyright on a collection of facts. The EU does. Studies have shown how this is horrible idea, and if you compare certain database-driven industries in the US and the EU, you discover how much damage database rights do to innovation, competition and the public. But, alas, they still exist. And they continue to be used in positively insane ways. Enter Hakon Wium Lie. You might know him as basically the father of Cascading Style Sheets (CSS). Or the former CTO of the Opera browser. Or maybe even as the founder of the Pirate Party in Norway. Either way, he's been around a while in this space, and knows what he's talking about. Via Boing Boing we learn that: (1) Wium Lie has been sued for a completely absurd reason of (2) helping a site publish public domain court rulings that (3) are not even protected by a database right and (4) the judge ruled in favor of the plaintiff (5) in 24 hours (6) before Lie could respond and (7) ordered him to pay the legal fees of the other side. I've numbered these because I had to break out each absurd part separately just to start to try to comprehend just how ridiculous the whole thing is. And now, let's go through how each part is absurd in turn: 1. Wium Lie is being sued as an accomplice to the site rettspraksis.no by an operation called Lovdata. Wium Lie tells the entire history in his post, but way back in the early days of the web, while he was helping to create CSS, Wium Lie also helped put Norway's (public domain) laws online. At the time, that same company, Lovdata, was charging people $1-per-minute to access the laws. Really. Eventually, Lovdata dropped the fees and is the official free publishers of the laws in Norway. Of course, statutory law is just one part of "the law." Case law is also quite important and (thankfully) court orders (that make up the bulk of case law) are also in the public domain in Norway. However, Lovdata charges an absurd $1,500 per year to access those decisions. And, it claims a database right* on the collection it makes available online. 2. And yet, Wium Lie is still being sued. Why? When he saw that the website rettspraksis.no was trying to collect and publish these decisions, he borrowed Lovdata CD-ROMs from the National Library in Oslo. He borrowed the 2002 version of the CD-ROM. This date is important, because the EU's database rights last for... 15 years. 2002 databases (and, yes, Wium Lie points out that it's odd to call a stack of documents a database...) are no longer protected by the database rights. 3. So, yeah, the data is clearly in the public domain, and Wium Lie didn't violate anyone's copyright or database rights. Wium Lie notes that Lovdata didn't even try to contact him or rettspraksis.no before suing, but just told the court that they must be scraping the expensive online database: I'm very surprised that Lovdata didn't contact us to ask us where we had copied the court decisions from. In the lawsuit, they speculate that we have siphoned their servers by using automated «crawlers». And, since their surveillance systems for detecting siphoning were not triggered, our crawlers must have been running for a very long time, in breach of the database directive. The correct answer is that we copied the court decisions from the old discs I found in the National Library. We would have told them this immediately if they had simply asked. 4. This is the most perplexing to me in all of this. I can't read the Norwegian verdict (which, for Lovdata's lawyers, I did not get from scraping your site!), and don't know enough about Norwegian law, but this seems positively bizarre to me. It seems to go against fundamental concepts of basic due process, but how could a judge come out with a verdict like this? 5. ?!?>#[email protected]!%#!%[email protected]!%!#%!! 6. Again: is this how due process works in Norway? In the US, of course, there are things like preliminary injunctions that might be granted pretty quickly, but even then -- especially when it comes to gagging speech, there is supposed to be at least some element of due process. Here there appears to have been something close to none. Furthermore, in the US, this kind of thing would only be allowed if one side could show irreversible harm from leaving the site up. It is difficult to see how anyone could legitimately argue irreversible harm for publishing the country's own (public domain) court rulings. I find it shocking that the judge ordered the take down of our website, rettspraksis.no, within 24 hours of the lawsuit being filed and WITHOUT HEARING ARGUMENTS FROM US. (Sorry for switching to CAPS, but this is really important.) We were ready and available to bring forth our arguments but were never given the chance. Furthermore, upon learning of the lawsuit, we, as a precaution, had voluntarily removed our site. If the judge had bothered to check he would have seen that what he was ordering was already done. There should be a much higher threshold for judges to close websites that just the request of some organization. 7. And, even if this was the equivalent of an injunction, to also tell Wium Lie and rettspraksis.no that they need to pay Lovdata's legal fees is just perplexing. the two of us, the volunteers, were slapped with a $12,000 fee to cover the fees of Lovdata's own lawyer, Jon Wessel-Aas. So, the judge actually ordered that we had to pay the lawyer from the opposite side, WITHOUT HAVING BEEN GIVEN A CHANCE TO ARGUE OUR CASE. This whole situation is infuriating. Being sued is a horrible experience in the first place. But the details here pile absurd upon preposterous upon infuriating. The whole database rights concept is already a troublesome thing, but this application of it is positively monstrous. Wium Lie now has some good lawyers working for him, and hopefully this whole travesty will get overturned, but what a clusterf*ck. * A separate tangent that I'll just note here rather than cluttering up all of the above. I was a bit confused to read references to the EU's database directive/database rights, because Norway is not part of the EU. However, since it is a part of the European Economic Area (yes -- this can all get confusing), it has apparently agreed to enact legislation that complies with certain EU Directives, including the Copyright and Database Directives. Source
  4. from the whoopsy dept We've been pointing out for a while that, however well-intentioned the GDPR may be, and however important the general concept of protecting user's private data is, that still doesn't make the GDPR any less ridiculous. Indeed, we've pointed out that the setup of the GDPR is such that it's becoming a regulatory nightmare because the compliance costs are high, and the setup of the rules are so vague that the liability risk remains high. I know that some people keep insisting that the requirements to be compliant aren't actually that difficult. Indeed, EU Commissioner Vera Journova recently claimed that complying with the GDPR was so easy that even she could do it. Upon hearing that, software engineer Matthias Gliwka wondered if the EU was actually complying with its own "so easy" GDPR rules. Turns out, not so much. As Gilwka noted, the EU Parliament's own website appears to violate the GDPR. It took me less than five minutes to spot a violation: on the website of the EU Parliament Google Analytics is being used to track the visitors without the neccesary anonymizeIP flag, which in turn causes Google to store the complete IP address without anonymizing the last octet. You can take a look for yourself by checking the source code of this page (archived version in case it gets fixed in the meantime). This is a violation of the GDPR, since the personal data (IP address) in conjunction with analytics data is being stored on Google’s servers without consent or any other legal basis. Oops. This, of course, is not to mock the EU Parliament for screwing up, but rather to highlight the fact that when politicians and regulators insist that certain regulations are "easy" to comply with, they often have no idea what they're talking about -- and the GDPR is a case in point. Over the past couple months, nearly every startup company I've spoken to has discussed the GDPR, and for nearly every single one they have no idea if they're actually in compliance. Many have spent ridiculous sums on lawyers and self-described GDPR experts, but still are working almost entirely blind on how the GDPR will play out in practice. That is not a good recipe for innovation. Nor, frankly, is it a good recipe for protecting your data. No matter how much you think that the GDPR means that websites will better protect your data, it is not particularly helpful when complying with the rules is both expensive and unclear. That the EU Parliament's own website couldn't figure this out is just a shining example of why the GDPR is such a problem. Related to that, the fallout from the GDPR is already being felt -- and it's not being felt by Google and Facebook and the other internet giants that everyone celebrating the GDPR often point to. Instead, it's hitting smaller sites really, really hard. Google and Facebook are fine. They can handle the GDPR. Everyone else is freaked out. Source
  5. Many people tell me that their websites are safe. Why? Because "Who will bother to attack my site?" Or "Our business is too small for anyone to hack." Oh please! There's this popular fallacy that attackers on the internet always target particular sites. They don't. Yes, some do. I'm looking at you Equifax. But most attacks are made by bots, which don't know a thing about you, your business, or your website. Bots don't care who you are or what you do. If you're on the web, you're a target. According to the web security company Imperva, half of all website visitors are bots. Of those, approximately 29 percent of all your "visitors" are there to attack your site. Contrary to those of you who think your website is too small to be noticed, Imperva found the less traffic you get, the more likely you are to be attacked. "In the least trafficked domains -- those frequented by ten human visitors a day or less -- bad bots accounted for 47.7 percent of visits while total bot traffic amounted to 93.3 percent." Indeed, "Bad bots will try to hack [your site] regardless of how popular it is with the human folk. They will even keep visiting a domain in absence of all human traffic." Does that sound crazy? For people, yes, but bots aren't people. They're constantly scanning the web and attacking sites over and over again. Don't believe it? Let's look at the evidence. Honeynet, an international non-profit security research organization, with help from students at Holberton School, recently set up a honeypot to track security attacks on a cloud-based webserver. This ran on a barebones Amazon Web Services (AWS) instance. It was running no services that would be useful to anybody else. It did not even have a domain name. Shortly after starting the server, they started capturing network packets for a 24-hour period with the best network traffic analysis tool available today, Wireshark. They then analyzed the packet capture file with Wireshark; Computer Incident Response Center's (CIRCL) Border Gateway Protocol (BGP) ranking API; and p0f, a passive TCP/IP traffic fingerprinting program. In a day, a mere 24 hours, this unnamed, almost invisible web server was attacked more than a quarter of a million times. Think about that for a minute. Now, start locking down your website. Of those attacks, the vast majority of them, 255,796 connection attempts, were made via Secure Shell (SSH). The researchers then opened a honeypot, a server designed to look like a real website, to collect attack data. To keep the project workable, they chose to open up the web's Hypertext Transfer Protocol (HTTP), SSH, and the Telecommunications Network (Telnet) protocol for attacks. Telnet, some of you may ask? Who uses Telnet anymore? We do, thanks to badly designed Internet of Things (IoT) devices. Some IoT gadgets use Telnet for configuration and management. That's asking for your devices to be hacked. Telnet had never had any security to speak of. The majority of the HTTP attacks were made to PHPMyadmin, a popular MySQL and MariaDB remote management system. Many web content management systems, not to mention WordPress, rely on these these databases. Vulnerable WordPress plugins were also frequently attacked. Mind you, this was on a system that even in honeypot mode hadn't emitted a single packet towards the outside world. Many attempted attacks relied on old malware, known configuration problems, common username/password combinations, and previous well-known attacks. For example, attackers tried to crack the webserver with Shellshock, although patched in 2014, and the Apache Struts vulnerability, which was fixed in March 2017. You can't blame the people who write the bots for using obsolete attack vectors. As well-known security expert SwiftOnSecurity tweeted: "Pretty much 99.99 percent of computer security incidents are oversights of solved problems." As for SSH, most of the attacks were brute-force assaults running through lists of commonly used usernames and passwords over the entire range, 1-65535, of TCP ports. Is it any surprise that Imperva has found that one in three website visitors is an attack bot? Imperva and Holberton also found that "The attack patterns we recorded for HTTP and SSH relied on generic exploit attempts that seemed to scan a range of IP addresses for well-known vulnerabilities. Telnet, on the other hand, relied on even simpler intrusion methods, by bruteforcing with default username and password combinations. Sometimes, these spray-and-pray attacks immediately attempted to download antiquated scripts, or more contemporary trojans, but none of the recorded attempts were covert enough to evade detection or overcome simple protective measures." These attacks aren't sophisticated. They're being driven by bot and botnets to attack any and all sites they find. These automated hackers are hunting for weak, unprotected websites. The moral of this story is if you have any web presence -- and I mean any -- you must secure your site with basic security rules. That starts with using firewalls to block all ports to your site except for the ones you use. You must also disable any internet-facing services unless you're using them. Finally, you must keep your software patched and up to date. Your site will still get hammered on a daily basis, but you'll be safe from the vast majority of automated hackers. source
  6. Hello. My son has joined a website, he playes each game and one game in particualr is so rigged he loses a lot of credits and moans at me to buy more. So imagine you join the site and in front of you there are thirty (30) different graphics for different games. I want to be able to block one game so he cannot click the link. I added a line in AdGuard, till he noticed if he turns it off he can then play the game. So is there an addition to every browser where the element (game) does not show up when he logs in? Thanks in advance.
  7. Vodlocker.to is offering an interesting service that not only provides streaming movies and TV shows in the browser but also allows them to be published anywhere on the web. After entering the movie's IMDb number, users get an embed code which can be entered into any web page, where the movie will play in a YouTube-like window. There's even support for Chromecast. While torrents are still the go-to source for millions of users seeking free online media, people are increasingly seeking the immediacy and convenience of web-based streaming. As a result, hundreds of websites have appeared in recent years, offering Netflix-inspired interfaces that provide an enhanced user experience over the predominantly text-based approach utilized by most torrent sites. While there hasn’t been a huge amount of innovation in either field recently, a service that raised its head during recent weeks is offering something new and potentially significant, if it continues to deliver on its promises without turning evil. Vodlocker.to is the latest in a long list of sites using the Vodlocker name, which is bound to cause some level of confusion. However, what this Vodlocker variant offers is a convenient way for users to not only search for and find movies hosted on the Internet, but stream them instantly – with a twist. After entering a movie’s IMDb code (the one starting ‘tt’) in a box on the page, Vodlocker quickly searches for the movie on various online hosting services, including Google Drive. Entering the IMDb code “We believe the complexity of uploading a video has become unnecessary, so we have created much like Google, an automated crawler that visits millions of pages every day to find all videos on the internet,” the site explains. As shown in the image above, the site takes the iMDb number and generates code. That allows the user to embed an HTML5 video player in their own website, which plays the movie in question. We tested around a dozen movies with a 100% success rate, with search times from a couple of seconds to around 20 seconds maximum. A demo on the site shows exactly how the embed code currently performs, with the video player offering the usual controls such as play and pause, with a selector for quality and volume levels. The usual ‘full screen’ button sits in the bottom right corner. The player can be embedded anywhere Near the top of the window are options for selecting different sources for the video, should it become unplayable or if a better quality version is required. Interestingly, should one of those sources be Google Video, Vodlocker says its player offers Chromecast and subtitle support. “Built-in chromecast plugin streams free HD movies/tv shows from your website to your TV via Google Chromecast. Built-in opensubtitles.org plugin finds subtitles in all languages and auto-selects your language,” the site reports. In addition to a link-checker that aims to exclude broken links (missing sources), the service also pulls movie-related artwork from IMDb, to display while the selected movie is being prepared for streaming. The site is already boasting a “massive database” of movies, which will make it of immediate use to thousands of websites that might want to embed movies or TV shows in their web pages. As long as Vodlocker can cope with the load, this could effectively spawn a thousand new ‘pirate’ websites overnight but the service generally seems more suited to smaller, blog-like sites that might want to display a smaller selection of titles. That being said, it’s questionable whether a site would seek to become entirely reliant on a service like this. While the videos it indexes are more decentralized, the service itself could be shut down in the blink of an eye, at which point every link stops working. It’s also worth noting that the service uses IFrame tags, which some webmasters might feel uncomfortable about deploying on their sites due to security concerns. The New Vodlocker API demo can be found here, for as long as it lasts. Article source
  8. http://www.httrack.com/page/1/en/index.html Changelog v3.49-2 + Fixed: Buffer overflow in output option commandline argument (VL-ID 2068) (Hosein Askari) + Fixed: Minor fixes Downloads: httrack-3.49.2.exe httrack_x64-3.49.2.exe httrack-noinst-3.49.2.zip httrack_x64-noinst-3.49.2.zip httrack-3.49.2.tar.gz PortableApps.comFormat WinHTTrackPortable_3.49.2_32bit_64bit_Multilingual_online.paf.exe Makes application portable Makes application stealth Dependencies: None Compatible: WinAll Synopsis: i use this to rip entire websites, page by page, for offline browsing.. great for tutorials.. Languages: English, Bulgarian, Croatian, Czech, Danish, Dutch, Estonian, Finnish, French, German, Greek, Hungarian, Italian, Japanese, Macedonian, Norwegian, Polish, Portuguese, PortugueseBR, Romanian, Russian, SimpChinese, Slovak, Slovenian, Spanish, Swedish, TradChinese, Turkish, Ukrainian.
  9. NoFile.io is a large file sharing website that encrypts files in the browser before upload. Using this website, you can easily upload and share large files of up to 10GB per file. This large file sharing website will first encrypt that file in your browser, and will then transfer to its servers over HTTPS, so that it is safely transferred to its servers. It also gives you an option to password protect the sharing URL. The best part is that you do not even need to register with this service. The files that you share are stored on this service for a long time. Its documentation mentions that there is an option to set expiry time for each file, though I wasn’t able to find that option. How to Encrypt Files in the Browser Before Upload Using This Large File Sharing Website: There is no dearth of large file sharing services. We have already covered services like Sharechat, Filemoves.com, Bitzen that provide pretty good options to share large files. What I like in NoFile.io is its inherent focus on security. You can choose to encrypt the files before they are even uploaded, so that the file cannot be compromised even when it is on NoFile.io’s server. Also, all the file transfers happen over HTTPS. And finally, you can choose to password protect the URL as well, so that in case the file sharing URL is accidentally shared with someone, then he / she cannot download the file, unless they have the password. So, there are a lot of security steps built-in. Also, the service provides almost anonymous file sharing, as it does not asks you to register for the service. In fact, it does not even have any option of registration! So, you can share the file without bothering to share your personal details. However, I used the word “almost” anonymous, as I am not sure if saves any records (like, IP details etc.) when you upload a file. And I wasn’t able to find any info regarding that in its FAQ as well. So, if you want to share something that is not too sensitive, then you can go ahead and use this service. Now, coming to using this service itself, it is pretty easy. When you go to the upload page of this service, you will see a big upload box. Just drag and drop any file from your PC on it, and the file will immediately start uploading. Once the upload is complete, it will give a share URL for the file. That is pretty much how you can upload and share files using this large file sharing service. Now, by default, it does not encrypt file while uploading (as that slows the upload speed). In case you want to encrypt file, then click on Settings icon and choose the Encrypt option. In case you do upload files with Encryption option, then the sharing URL that it generates will have encryption key added in the URL itself. This will ensure that when you share that URL with anyone, they don’t have to know the encryption key separately. Also, as soon as they click on download button, the file will start downloading, and while downloading, it will decrypt also in the browser. Do note that it uses JavaScript based encryption / decryption in the browser, so this feature works on modern browsers only. As I mentioned above, you can also choose to password protect the sharing URL. You will see option to password protect the URL once the file has finished uploading and sharing URL is generated. Other features of this Encrypted File Upload and Sharing Service: File Preview Option: This service lets you preview the files, before downloading them. This feature works for image files, audio files, as well as video files. Do note that this feature also relies on browser’s capability to display / play such files. Also, the preview feature didn’t work for me when the files were encrypted. See Upload History in Browser: This large file sharing service does not have any registration option, but it saves your upload history in your browser’s cache. So, whenever you go to homepage of this website, you can see the list of all the files that you have uploaded, and get their sharing URLs. Of course, this information remains only as long as you don’t delete browser cache. Limitations of NoFile.io: No Option to Delete File: I find this a big limitation of NoFile.io. Once you have uploaded a file, it does not give you an option to delete it. There is a Remove Icon, but that actually does not deletes the file. I believe it is meant to only remove the file history from your browser’s cache, but in my case, it didn’t delete that as well. I would have really loved to see sort of delete URL being generated, in addition to share URL, that could be used to anytime delete the file. File Expiry Option Missing: The documentation of this file sharing service mentions that there is “Options” button using which expiration date for a file could be set. But I wasn’t able to see that option anywhere. No Real-Time File Transfer: One of the things I really like in some modern file sharing services (like, JustBeamIt and Snapdrop) is that as soon as you start uploading a file, it can be downloaded by anyone. In that case, it is not required to wait for the entire file to be uploaded before it can be downloaded. This is especially useful in case of large files. However, this service does not have that option. No clarity on Anonymity: As I mentioned above, this large file sharing service places a lot of emphasis on security, but it is not very clear on the anonymity front. I am really not sure how well it covers your tracks when you use this file sharing service. Closing Words: I like NoFile.io large file sharing website, as it places good emphasis on security, as well as uses modern technologies. Also, it provides a decent upload size (10 GB per file, with no limit on number of files that you can upload). However, the limitations that I mentioned above hold me back from completely switching to this service. Specifically, I would like to atleast see an option to delete a file that I have uploaded. You can try NoFile.io here. Article source
  10. In the past week, two security firms, Dr.Web and Emsisoft, suffered DDoS attacks at the hands of cyber-criminals who attempted to bring down their websites as payback for meddling with their illegal activities. The first attack hit Russian security firm Dr.Web, who revealed over the weekend that a DDoS attack hit its Russian and Ukrainian domains (drweb.ru & drweb.ua). According to the company, the attack arrived at a rate that ranged between 200,000 to 500,000 packets per second, and it lasted for over two days until its engineers managed to keep it under control and restore full service to its servers. The DDoS attack hit the company on January 25, a day after the security firm published research which exposed a botnet that numbered thousands of infected Linux devices, which crooks were using to relay malicious traffic and hide their IPs. DDoS attacks hit Emsisoft over the weekend Three days later, on Saturday, January 28, Emsisoft suffered a similar fate, when a DDoS attack hit a specific section of the company's portal, the place where Emsisoft hosts ransomware decrypters. Speaking to Bleeping Computer, Emsisoft's CTO Fabian Wosar said the attack clocked in at around 80 Gbps, and its defenses held up just fine, with no downtime to its website. "They didn't manage to take the site down," Wosar said. "According to our provider it was a smaller attack of about 80 GBit. It was [...] kinda slow." MRCR ransomware author behind the attack "The last [DDoS attack] was almost definitely related to MRCR because it coincided with the malware author showing up in our forums," Wosar also added. MRCR is an alternative name for the Merry Christmas (or Merry X-Mas) ransomware that popped up at the start of the year, and for which Emsisoft released a decrypter. On Saturday, the company released an update for the MRCR decrypter, targeting the ransomware's latest version. Moments later, the DDoS attack hit. "The attack itself started on Saturday around 10:00 AM CET, hitting the decrypter site, our email infrastructure, and our self-help portal," said Wosar. "It went on for about 8 hours." Wosar's suspicion that the MRCR author was behind the DDoS attack was confirmed a few hours later when a person using the name COMODO Security signed up on the Emsisoft forum and made preposterous accusations that using Emsisoft decrypters will install ransomware or damage users' computers. In his message, this person used one of the email addresses at which the MRCR ransomware demanded users to get in contact to discuss ransom payment details. According to Wosar, this wasn't the first time the company's decrypter hosting portal was hit by a DDoS attack. "We had a bigger one just a couple of weeks ago of 640 GBps," he said. "Multiple [attacks] actually." The Emsisoft researcher never discovered who was behind those attacks, but he says that at the time, he released three ransomware decrypters in a very short period at the time. More precisely, one of the attacks hit on December 2, shortly after Emsisoft released a free decrypter for the NMoreira ransomware. Cyber-security professionals targeted in the past This is not the first time antivirus companies have been hit by DDoS attacks, according to Andy Shoemaker, founder and CEO of NimbusDDoS, a vendor of DDOS simulation and testing services. Just like Dr.Web and Emsisoft, Kaspersky Lab was too, hit by DDoS attacks in the past, after exposing malware campaigns, Shoemaker told Bleeping Computer. Another case is famous infosec journalist Brian Krebs, who was the target of several mammoth DDoS attacks in the fall of 2016, after exposing a DDoS-for-hire service called vDos. Article source
  11. Since the beginning of November we’ve been cleaning many sites infected with the same SEO spam malware. The malware creates doorways for hundreds of random trending keywords – from news to porn. For its templates, it uses mobile pages of some legitimate sites (probably taking into account the latest Google’s “mobile first” approach). Infection Details The attackers scan sites for known vulnerabilities and then upload a file with a random looking name that consists of 10 hex digits, e.g. 4ae0e06003.php, 4d9d041ee8.php, f18072c6bc.php, etc. This zip file contains full source code of an open-source PclZip library. However, at the top of the file there are a couple of lines that first decode a long base64-encoded string and then write the resulting output into a .zip file. This file always has a random three-letter word for the filename – vlw.zip in the below example. $data = base64_decode("UEsDBAoAAAAAAPigZ0kAAAAAAAAAAAAAAAAEAAAAdmx3L1B… file_put_contents("vlw.zip",$data); At the bottom of the file there is a piece of code that extracts this newly created zip file within current directory (which is typically the site root directory): Extracting zip archive with black hat SEO malware As a result, the following file structure is created: a directory with the same name as the .zip file two .php files hoop1.php and rohel.php .htaccess two subdirectories gknol and templates Rewrite Requests and Cached Spam This is what the structure looks like: Extracted doi.zip file The files perform the following functions: hoop1.php – makes the doorways ready for the SEO spam campaign by creating an .htaccess file with a rewrite rule to make the URLs look as if they were .html pages. rohel.php – the doorway generator script. It creates content for search engine bots, mixing keywords found on search result pages of Ask.com, Yahoo! and Google for targeted keywords. It caches them in the gknol subdirectory. Real visitors get redirected to a link such as: hxxp://coolin[.]in/for/77?d=…. gknol – the subdirectory where the script saves cached doorway pages. templates – the subdirectory with 10-20 page templates for spammy pages. There are some other variations of the same infection. For example, it can be a master.php file (the doorway generator) and two subdirectories: save (cache) and shabs (templates). The following redirect chain normally lands on porn pages: hxxp://82.146.37[.]48/mobi?sub_id_1... -> hstraffa[.]com/l?link= … -> zvip[.]biz/aff_c?offer_id=20008&aff_id=6716& … The actual chain may vary, depending the visitor’s location and browser. Reinfection and Cross-Contamination It is worth mentioning that the attackers try to infect all sites that share the same server account. This malware doesn’t depend on any CMS, so we find it on all sorts of websites from WordPress to pure HTML sites. One site can be infected multiple times by this malware (several spammy directories) and quite often it can be infected with other types of malware and spammy doorways, like Japanese replica spam doorways. This happens because webmasters usually neglect security issues for quite a long time. Even when they notice the problem and try to clean their sites, they either fail to remove backdoors from all of their sites or harden only their most important sites while leaving less important ones with unpatched security holes. In doing so, all of their accounts remain unprotected against reinfection. This shows that every aspect of website security is important and should be done properly – cleaning, hardening (including configuration and proper isolation), monitoring, etc. Article source
  12. Corel Website Creator X7 13.50.0100.5566 Corel® Website Creator™ continues to make website design easy for everyone with dozens of new templates and SiteStyles, and many new and enhanced features. Offering an easy-to-use Site Wizard, templates, drag-and-drop functionality and seamless integration with HTML, CSS and JavaScript, Corel Website Creator makes it easy to build standout websites. Discover the smart way to build your web presence! Features: System Requirements 660 MHz Intel Pentium III processor or AMD equivalentMicrosoft Windows 8/8.1 (32-bit or 64-bit editions), Windows 7 (32-bit or 64-bit editions), all with latest service packs installed250 MB of available hard disk space512 MB RAM – 1 GB recommended if running multiple applications simultaneously32-bit ODBC drivers for external database connectivityTCP/IP compliance for Internet connectivityBroadband Internet connection recommendedSVGA display capable of 1024 x 768, 32-bit recommendedWindows Internet Explorer 7 or later (installed with Website Creator)Adobe Flash Player 9 or later (installed with Website Creator. For live rendering of Flash Components)Verdana TrueType font (available with Internet Explorer 7)Website: www.coreldraw.com/ OS: Windows 7 / 8 / 8.1 (x86-x64) Language: ML Medicine: Patch
  13. Just a few hours ago, the Official website of the Tails Operating System has been hacked and it appears that a self-proclaimed 17-year old hacker breached and defaced it. Tails is a Linux-based highly secure Operating System, specially designed and optimized to preserve users' anonymity and privacy. Hacker, who named himself "Sum guy", managed to access the website as administrator and edited the homepage content with the following message: You has been haxoredeszed by sum dumb 17 year old by accident... Sorry about that please forgive me! I accidentally logged myself in as someone important and changed the site, not knowing that what I was changing would save! So sorry about that... I hope you have a backup, Oh and btw I love your OS! Yours sincerely, Sum guy And before I leave, Hi ed... and zoin Defaced Link: https://tails.boum.org/index.en.html. However, all other pages on the Tails website are working just fine, but at this moment it is not clear whether the hacker has also modified the OS Image or not. So readers are advised to do not download the Tails OS from the website, at least for a few days. Tails, also known as 'Amnesiac Incognito Live System', is free software based on Debian GNU/Linux and you install it on a DVD or USB drive, boot up the computer from the drive. This allows you to work on a sensitive file on any computer and prevent the data being recovered after the computer is turned off. Tails was reportedly used by the NSA Whistle-blower Edward Snowden in discussions with journalists because it includes a range of tools for protecting your data by means of strong encryption. I will update the story after receiving more details on the hack. Stay Tuned. Source
  14. Incomedia WebSite X5 Evolution Multilingual | 340.78 MB WebSite X5 is the most versatile and complete software for creating attractive, professional and functional websites, blogs and online stores. You don’t need programming skills. It’s easy to use, flexible and open to your customization. You don’t need any programming skills to create a website, all you need is a mouse! You work with a fully-visual intuitive interface, with plenty of previews of your work that are constantly updated in real time. WebSite X5 guarantees simplicity of use, flexibility and maximum customization so that you can create exactly the website you want. A Websites In 5 Steps The secret of WebSite X5′s success is that you don’t have to spend time learning to use complicated software: all you have to do is follow the 5 easy steps to create top quality websites. Each step has been designed to help you obtain professional results with the minimum effort. 1. Choose a design from the 1,500 templates available, or create a new one from scratch. 2. Create the site’s structure, adding all the pages you want. 3. Add your contents: text, pictures, videos, photo galleries, maps, social network buttons or any other type of object. 4. Make your pages unique and professional, thanks to the many advanced features: online stores, blogs, RSS feeds, members’ areas, multi-language sites, etc… 5. And lastly, get your website online using the built-in FTP engine. Save time and effort, because WebSite X5 includes everything you need to create eye-catching and fully-comprehensive websites. There’s a specific tool for every job, from editing images and photos, to creating buttons, to automatically generating menus, right up to going online with the built-in FTP engine. You don’t need any other software – WebSite X5 has it all. If you’re looking for some extra ideas for your website then WebSite X5 can help: browse through more than 6,000 exclusive and royalty-free photos, buttons and graphic libraries, a gallery of ready-to-use widgets, and much more. OS: Windows XP/Vista/7/8 DOWNLOAD HERE http://www.tusfiles.net/h9cxczt3y884
  15. Malicious advertisements on domains belonging to Disney, Facebook, The Guardian newspaper and others are leading people to malware that encrypts a computer's files until a ransom is paid, Cisco Systems has found. The finding comes shortly after technology companies and U.S. law enforcement banded together in a large operation to shut down a botnet that distributed online banking malware and so-called "ransomware," a highly profitable scam that has surged over the last year. Cisco's investigation unraveled a technically complex and highly effective way for infecting large number of computers with ransomware, which it described in detail on its blog. "It really is insidious," said Levi Gundert, a former Secret Service agent and now a technical lead for threat research and analysis at Cisco, in a phone interview Friday. Cisco has a product called Cloud Web Security (CWS) which monitors its customers web surfing and reports if they are browsing to suspected malicious domains. CWS monitors billions of web page requests a day, Gundert said. The company noticed that it was blocking requests to 90 domains, many of those WordPress sites, for more than 17 percent of its CWS customers, he said. Further investigation showed that many of the CWS users were ending up on those domains after viewing advertisements on high-traffic domains such as "apps.facebook.com," "awkwardfamilyphotos.com," "theguardian.co.uk" and "go.com," a Disney property, among many others. Certain advertisements that appeared on those domains, however, had been tampered with. If clicked, they redirected victims to one of the 90 domains. The style of attack, known as "malvertising," has long been a problem. Advertising networks have taken steps to try and detect malicious advertisements placed on their network, but the security checks aren't foolproof. Occasionally, bad advertisements slip in, which are shown on a vast array of websites that have signed up with the network or its affiliates. The websites where the ads appear are often unaware they're being abused. "It goes to show that malvertising is a real problem," Gundert said. "People expect when they go to a Tier 1 website that it is a trustworthy place to visit, but because there are so many third-party external links, that's not really true." The 90 domains the malicious advertisements pushed traffic to had also been hacked, Gundert said. In the case of the WordPress sites, it appears the attackers used brute-force attacks -- which involves guessing login credentials -- to access the site's control panels. Then, an exploit kit called Rig was inserted, which attacked the victim's computer, Gundert said. The Rig exploit kit, first spotted in April by Kahu Security, checks if users are running an unpatched version of Flash, Java or the Silverlight multimedia program. If someone's computer isn't patched, "you're instantly exploited," Gundert said. In the next stage of the attack, a ransomware program called "Cryptowall," a relative of the infamous Cryptolocker malware, is installed. It encrypts the user's files, demanding a ransom. In another sign of the operation's sophistication, the website where users can pay the ransom is a hidden website that uses The Onion Router, or the TOR network. To navigate to a TOR hidden website, a user must have TOR installed, which Cryptowall helpfully provides instructions for how to install. Those who delay paying the ransom find it increases as time passes. Because of the use of TOR and the technically complex attack chain, Cisco hasn't yet been able to identify a group behind the attacks. Gundert said it is likely that several groups or people with different skills -- such as malvertising, traffic redirection, exploit writing and ransomware campaigns -- are working together. "You could have a threat actor putting together all of these pieces on their own, but there are so many different specialties involved in this attack chain," he said. Source
  16. By Robert T. Gonzalez Today 11am Just a friendly reminder that the NSA's children's website, "CryptoKids," is an actual thing that exists. In today's New York Times, Michael S. Schmidt reports on the "furry, smiley face" the Agency puts on its mission: The turtle wearing a hat backward, baggy jeans and purple sunglasses looks just like other cartoon characters that marketers use to make products like cereal and toys appealing to children. But the reptile, known as T. Top, who says creating and breaking codes is really "kewl," is pushing something far weightier: the benefits of the National Security Agency. "In the world of diplomacy, knowing what your enemy is planning helps you to prepare," the turtle says. "But it is also important that your enemies do not know what you have planned. It is the mission of the National Security Agency and the Central Security Service to learn what it can about its potential enemies to protect America's government communications." Such an enthusiastic endorsement of the N.S.A.'s mission might seem particularly timely given the criticism directed at the agency since one of its former contractors, Edward J. Snowden, began leaking documents he had stolen from it. But T. Top and a troupe of eight other smiley-faced cartoon characters have been busy promoting the N.S.A.'s mission for the past nine years as part of a governmentwide attempt to make agencies more understandable to the public. With cartoon characters, interactive games and puzzles, the N.S.A.'s CryptoKids website for "future codemakers and codebreakers" tries to educate children about spying duties and recruit them to work for the agency. You can check out the rest of Schmidt's piece here, where you'll read all about the NSA's efforts to remind children with cartoon characters that, while the Internet is a "great" place, "there are people out there who don't have your best interests in mind." (Just remember kids: Every month should be cybersecurity awareness month. No matter what the NSA tells you.) http://io9.com/the-nsas-website-for-kids-isnt-creepy-nope-not-cree-1508865211
  17. Incomedia WebSite X5 Evolution Multilangual | 338.29 MB WebSite X5 is the most versatile and complete software for creating attractive, professional and functional websites, blogs and online stores. You don’t need programming skills. It’s easy to use, flexible and open to your customization. You don’t need any programming skills to create a website, all you need is a mouse! You work with a fully-visual intuitive interface, with plenty of previews of your work that are constantly updated in real time. WebSite X5 guarantees simplicity of use, flexibility and maximum customization so that you can create exactly the website you want. A Websites In 5 Steps The secret of WebSite X5′s success is that you don’t have to spend time learning to use complicated software: all you have to do is follow the 5 easy steps to create top quality websites. Each step has been designed to help you obtain professional results with the minimum effort. 1. Choose a design from the 1,500 templates available, or create a new one from scratch. 2. Create the site’s structure, adding all the pages you want. 3. Add your contents: text, pictures, videos, photo galleries, maps, social network buttons or any other type of object. 4. Make your pages unique and professional, thanks to the many advanced features: online stores, blogs, RSS feeds, members’ areas, multi-language sites, etc… 5. And lastly, get your website online using the built-in FTP engine. Save time and effort, because WebSite X5 includes everything you need to create eye-catching and fully-comprehensive websites. There’s a specific tool for every job, from editing images and photos, to creating buttons, to automatically generating menus, right up to going online with the built-in FTP engine. You don’t need any other software – WebSite X5 has it all. If you’re looking for some extra ideas for your website then WebSite X5 can help: browse through more than 6,000 exclusive and royalty-free photos, buttons and graphic libraries, a gallery of ready-to-use widgets, and much more. OS: Windows XP/Vista/7/8 Home Page: www.websitex5.com DOWNLOAD HERE http://www.tusfiles.net/ya7pr54jqae9
  18. FukenGruven

    WinHTTrack Website Copier 3.47.27

    http://www.httrack.com/page/1/en/index.html Changelog v3.47-27 Fixed: fixed logging not displaying robots.txt rules limits by defaultFixed: license year and GPL link, libtool fixes (cicku)Fixed: Keywords field in desktop files (Sebastian Pipping)Downloads: httrack-3.47.27.exehttrack_x64-3.47.27.exehttrack-noinst-3.47.27.ziphttrack_x64-noinst-3.47.27.zip PortableApps.comFormat WinHTTrackPortable_3.47.27_32bit_64bit_Multilingual.paf.exe | CRC: FE213D32 | 4.25 MB (4,459,779 bytes)WinHTTrackPortable_3.47.27_32bit_64bit_Multilingual_online.paf.exe | CRC: B154D9B3 | 1.36 MB (1,430,396 bytes)Makes application portableMakes application stealthDependencies: NoneCompatible: WinAllSynopsis: i use this to rip entire websites, page by page, for offline browsing.. great for tutorials.. Languages: English, Bulgarian, Croatian, Czech, Danish, Dutch, Estonian, Finnish, French, German, Greek, Hungarian, Italian, Japanese, Macedonian, Norwegian, Polish, Portuguese, PortugueseBR, Romanian, Russian, SimpChinese, Slovak, Slovenian, Spanish, Swedish, TradChinese, Turkish, Ukrainian.
  19. Intuisphere WebAcappella Professional 4.4.0 Build 2224 ML + Crack + Portable WebAcappella Professional - a powerful program to create professional web-sites. The program will help create a website using infusible templates or from scratch. Does not require knowledge of programming or HTML code for beautiful websites with online shop and many useful functions. Just add items to your website and implement all according to your taste and expectation. Add your own product catalogs a very simple way and choose your online selling options (price, weight, availability, shipping options, taxes ...). Create your Website and your E-business shop with complete freedom! For professionals (online business, commercial promotion...) or personals (passion, collection, travels..) who want to create a Website in few click and publish it in just one click! List of features: E-commerce elementPhoto albumsVideo and soundsImagesSearch engineContact formBlogsCounterButtonsMaximum file size*Multi sitesHTML AnchorAutomatic Site Map managementYou can accept payments by credit card, check and transfer without any complicated manipulations. Web Accappella compatible with all web hosting services. The Web is Constantly Moving Forward: These following Evolutions Ensures the visibility and the Compatibility for your Website. WebAcappella 4 offers a publication format that is respectful of the latest web standards (HTML5, CSS3 and JQuery) and is totally compatible with the latest Internet browsers (IE9, Firefox 4 9, Safari 5, Chrome, Opera, etc ..) and your Smartphone or other mobile technology (Tablet). You can create Web pages as easily as you would create a word processing document. Instead of guessing what the published Web site may look like, Web Acappella allows you to constantly see your Website appearance even before it is published. Professional users will be able to create, publish and update their Website without difficulties and in record time! Web Acappella includes all the tools needed to create a professional look like Website and gives you the ability to easily add many useful tools such as photo albums, buttons, interactive menus, multimedia objects (videos and sounds), multilanguage tools, frames, forms, images, and many other possibilities. Clicking a single button is the only thing you need to do to publish your Website to your Web space. You can use the provided list of countries and hosts or edit very easily your own publishing parameters. Using Flash technology, Websites published with Web Acappella will be part of the new Websites generation. With the new features available in the workspace, organize your pages and elements in a better way. Group, isolate, hide, lock or align your elements to work on your Website more effectively and more quickly. Whether you are an amateur or a professional Webmaster, these new features make your life easier. You will enjoy creating websites like never before! All the other features in WebAcappella 4 Automatically convert your favorite fonts into image.The design and ergonomics have been reviewed for a professional presentation.Create very original shapes with the custom corners.New slide show presentation and management of your Flickr photo albums.Manage orientation, color, offset, and the opacity of your shadows.Create buttons with cool and nice design (new automatic color management).New look, lighter and advanced customization for the new video player.Apply many effects and use the Fancy Box feature (click on the image)Easily insert location maps with the new "Google Maps" element.In the wink of an eye, access a wide range of colours to harmonise and customise your colours.Customise your htaccess and httpassword files (Advanced users only).Place templates in your pages and increase productivity. Website: http://www.webacappella.com Year: 2013 OS: Windows XP / Vista / 7 / 8 Language: ML Medicine: Crack Size: 73,74 / 62,61 Mb.
  • Create New...