Google Kills the Pixel 4, Making it the Shortest-lived Pixel Ever

The Pixel 4 is dead. That's the official confirmation that Google sent to The Verge after people noticed that the Google Store listed the phone as "out of stock." The Pixel 4 started shipping October 24, 2019, so it was available for only...

Lafayette Pays $45,000 Ransom after Cyber-attack

Lafayette officials announced Tuesday the city’s computer systems were hacked and they were forced to pay a ransom to regain access. Lafayette officials said hackers disabled the city’s network services and blocked its access until the city paid...

Microsoft Edge "edging" out Google Chrome?

After reading several postings by some of the tech gurus and others here at MT, the takeaway I got was that the new Microsoft Edge is slightly the better overall browser over Chrome out-of-the-box for average users .

I say this well aware of the "many" original Chromium forks but being so many, and the timing of development schedules, one can get confused as an average user choosing which one is best, and how to tweak it.

Of course, some would say it is matter of personal preference, and some hard core MT vets might say nothing but vanilla Chromium but I just wanted to clarify once and for all if it seems like Edge is now "edging" out Google Chrome, and would be a safe, and good recommendation for anyone asking.

[HowTo] add any YouTube channel to your RSS Feeds

Some YouTube channels provide a easy RSS clickable icon, while other not but at least it's mostly in site source code available.
But some channels doesn't provide even that. But in all cases, RSS can be used anyway!

Let's e.g. use that channel:

The YouTube RSS feeds format is:

So with above channel, the fully RSS URL is:
This can be added to your RSS feeds without also any Google or YouTube account!
  • Like
Reactions: CyberTech

UbO Filter Lists for Best UbO Performance?

I was reading several posts on this site regarding filter lists for UbO with some recommending Custom Filter Lists which I found on the Filter List site and added.

As you can see in the attached image, I have disabled UbO filters because some suggested they are redundant.

My question is do you think my current filter lists are adequate enough for optimal performance of UbO, and browsing? I have not noticed any slowdowns.


Interactive Kaspersky Anti-Ransomware Tool for Business

China is now blocking all HTTPS traffic using TLS 1.3 and ESNI

The Chinese government is currently using the Great Firewall censorship tool to block certain types of encrypted HTTPS connections.

The block has been in place for more than a week, according to a joint report authored by three organizations tracking Chinese censorship -- iYouPort, the University of Maryland, and the Great Firewall Report.

ZDNet also confirmed the report's findings with two additional sources -- namely members of a US telecommunications provider and an internet exchange point (IXP) -- using instructions provided in a mailing list.

Neither of the two sources wanted their identities and employers named due to China's known habit of direct or indirect reprisals against entities highlighting its internet censorship practices.

China now blocking HTTPS+TLS1.3+ESNI
Per the report, China's Great Firewall (GFW) is now blocking HTTPS connections set up via the new TLS 1.3 encryption protocol and which use ESNI (Encrypted Server Name Indication).

The reason for the ban is obvious for experts.

HTTPS connections negotiated via TLS 1.3 and ESNI prevent third-party observers from detecting what website a user is attempting to access. This effectively blinds the Chinese government's Great Firewall surveillance tool from seeing what users are doing online.

There is a myth surrounding HTTPS connections that network observers (such as internet service providers) cannot see what users are doing. This is technically incorrect.

While HTTPS connections are encrypted and prevent network observers from viewing/reading the contents of an HTTPS connection, there is a short period before HTTPS connections are established when third-parties can detect to what server the user is connecting.

This is done by looking at the HTTPS connection's SNI (Server Name Indication) field.

In HTTPS connections negotiated via older versions of the TLS protocol (such as TLS 1.1 and TLS 1.2), the SNI field is visible in plaintext.

In TLS 1.3, a protocol version launched in 2018, the SNI field can be hidden and encrypted via ESNI.

As the TLS 1.3 protocol is seeing broader adoption today, ESNI usage is increasing as well, and more HTTPS connections are now harder to track for online censorship tools like the GFW.


Image: Qualys SSL Labs (via SixGen)

According to iYouPort, the University of Maryland, and the Great Firewall Report, the Chinese government is currently dropping all HTTPS connections where TLS 1.3 and ESNI is used and temporarily blocking the IP addresses involved in the connection for between two and three minutes -- depending on the location of the Great Firewall where the "unwanted" connection settings are detected.

Some circumvention methods exist... for now
Luckily for app makers and website operators catering to Chinese audiences, the three organizations said they found six circumvention methods that can be applied client-side (inside apps and software) and four that can be applied server-side (on servers and app backends) to bypass the Great Firewall's current block.

"Unfortunately, these specific strategies may not be a long-term solution: as the cat and mouse game progresses, the Great Firewall will likely to continue to improve its censorship capabilities," the three organizations wrote in their joint report.

Toshiba officially exits the PC business

End of an era Toshiba was the first company to bring a laptop PC to market in 1985, known as the T1100. Now, decades later, the company that played such an important role in mobile computing, is leaving the PC business behind.

In 2018, Toshiba saw the writing on the wall for its PC business, as it sold a majority stake (80.1%) to Sharp. Sharp, which now operates under Foxconn's conglomerate umbrella, would use the majority stake as a foothold to re-enter the PC market.

Under the terms of the sale, Sharp acquired most of Toshiba's products, technology, brands, and other assets that were formerly part of Toshiba's Client Solutions Group. Sharp then brought the business under the Dynabook brand, and Toshiba retained a 19.9 percent stake.

Windows Defender + Hard Configurator + ???


If I have windows defender with hard configurator set for max or high ,need something else like OSA?


Have you used Safari on Mac? [Poll]

Title + Poll.

Add any other comments you wish to share about your settings.

"I'm Open Sourcing the Have I Been Pwned Code Base"

"Let me just cut straight to it: I'm going to open source the Have I Been Pwned code base. The decision has been a while coming and it took a failed M&A process to get here, but the code will be turned over to the public for the betterment of the project and frankly, for the betterment of everyone who uses it. Let me explain why and how..."

Hundreds of Uber Eats User records leaked on Dark Web

User records of Uber Eats, an American online food ordering service, have been leaked by a threat actor on Dark Web. Cyble, a cybersecurity firm came across the data after its dark web and deep web monitoring.

The security researchers at Cyble revealed that a total of 9 TXT files were leaked by the perpetrator which contained valuable information about Uber Eats delivery drivers, delivery partners, and customer details.

The leaked files included login credentials of 579 customers. Whereas, sensitive information about 100 delivery drivers such as their full name, contact number, bank card details, login credentials, and account creation date was also posted.

Attackers Horn in on MFA Bypass Options for Account Takeovers

An uptick in business email compromise attacks is being attributed to successful compromises of multi-factor authentication (MFA) and conditional access controls, according to researchers. While brute-forcing and password spraying techniques are the most common way to mount account takeovers, more methodical cybercriminals are able to gain access to accounts even with more secure MFA protocols in place.

According to Abnormal Security, cybercriminals are zeroing in on email clients that don’t support modern authentication, such as mobile email clients (for example, iOS Mail for iOS 10 and older); and legacy email protocols, including IMAP, SMTP, MAPI and POP. Thus, even if MFA is enabled on the corporate email account, an employee checking email via mobile won’t be subject to that protection.

“While MFA and modern authentication protocols are an important advancement in account security and should be used whenever possible…this means that it is not possible to enforce MFA when a user signs into their account using one of these applications,” said Erin Ludert, writing in a blog post on Friday.

Thus, she noted that a common pattern in account-takeover attacks is that after being blocked by MFA, an adversary will immediately switch to using a legacy application.

“In fact, most credential stuffing campaigns utilize legacy applications such as IMAP4 to ensure they do not encounter difficulties from MFA at any point,” Ludert said, adding, “Many enterprises are under the mistaken impression that they are fully protected by MFA and do not need to worry about account takeovers. This is a dangerous assumption.”

Coordinated attacks on reddit targeted with Pro-Trump messages

Multiple Reddit subreddits have been compromised by hackers that are posting messages and images promoting U.S. President Donald Trump’s re-election. A post by Reddit Admin details the attacks, noting that the incident involves the compromise of moderator accounts.

The firm is working to lock down accounts of bad actors and “reverting the changes”, and is also investigating the breach.
The firm confirms that all accounts that were impacted did not have 2FA enabled, which made it easier for hackers to get through.

Windows Defender network inspection service fails to start

Windows Defender network inspection service fails to start as reported here: I have the first two error codes showing. The immediate solution is to disable Memory Integrity or perform a repair install. Or do nothing and wait for a fix/ Or, install Bitdefender Free or other AV. :D

"Windows Defender Network Inspection Service fails to start
Repeating Event ids 7000 and 7001 in Windows 10 version 2004 - Windows Defender Network Service fails to start, as "existing buffer is not applicable for this operation" or something like that.
The service is set to Manual, an attempt to launch it manually results in error 1068 - "the dependency service failed to start"

Windows security gives no warnings or malfunction signs in settings.

Anything to do about it?"
Last TenForums post:

"My best guess is that the newest WdNisDrv.sys driver is incompatible with Memory Integrity (even though it doesn't report as such when toggling Memory Integrity); if that is the case then it is ridiculous that this got pushed to the public update channel.

It isn't a balanced solution, but it is what there is for now unless you can roll back to a version of defender that doesn't have this problem and disable updates.

I think the ultimate solution will require Microsoft fixing it in a future Defender Platform Update."

Notice of Class Action Settlement re Google Plus - is it legit or scam?


I just got this email in my gmail account today. Is it a scam? It telling me to go to this site w w w . GooglePlusDataLitigation. com to file the claim
  • Like
Reactions: Protomartyr

Settings App will not open

Hey, I have tried system restore, but it hangs, any suggestion what to do?:cry:
  • Like
Reactions: oldschool

Sony reveals new WH-1000XM4 family ANC Headphones

The MDR-1000X started it all in 2016, followed a year later by the WH-1000XM2, and then the XM3 in August 2017. Now, the highly anticipated XM4 noise-canceling headphones have been announced.

Until we tried on a pair of the original 1000X headphones at IFA 2016, we had thought that Bose was going to rule the noise-canceling roost for a long time to come. Sony's over-ears impressively removed the background hustle and bustle from the show floor and allowed us to completely focus on the sample music being offered. The technology has gone from strength to strength with each successive generation, with us noting after taking the XM3s for a proper workout that "it's the noise canceling capabilities that really sell these headphones, setting a new bar for other headphone manufacturers to strive for."

Demystifying Modern Windows Rootkits

This talk will demystify the process of writing a rootkit, moving past theory and instead walking the audience through the process of going from a driver that says "Hello World" to a driver that abuses never-before-seen hooking methods to control the user-mode network stack. Analysis includes common patterns seen in malware and the drawbacks that come with malware in kernel-mode rather than user-mode.

Google Kills the Pixel 4, Making it the Shortest-lived Pixel Ever

The Pixel 4 is dead. That's the official confirmation that Google sent to The Verge after people noticed that the Google Store listed the phone as "out of stock." The Pixel 4 started shipping October 24, 2019, so it was available for only nine-and-a-half months. The Verge writes :

"Google Store has sold through its inventory and completed sales of Pixel 4 [and] 4 XL,” a Google spokesperson confirms to The Verge. “For people who are still interested in buying Pixel 4 [and] 4 XL, the product is available from some partners while supplies last. Just like all Pixel devices, Pixel 4 will continue to get software and security updates for at least three years from when the device first became available on the Google Store in the US."

The Pixel 4 had the shortest life span of any Pixel phone, only lasting half as long as the other high-end models. The Pixel 1, 2, and 3 were all for sale for around 18 months. The midrange Pixel 3a, had a similarly short lifespan and was discontinued after about 13 months of sales.

Both early discontinuations are starting the alarming trend of Google exiting segments of the smartphone market for months at a time. The Pixel 4's successor, the Pixel 5, is not out yet and doesn't even have a firm announcement date. Right now, the best guess for when Google will return to the high-end smartphone market is October 8, a date leaked by Google France as the Pixel 5 pre-order date. That would put Google out of the high-end smartphone market for two months. Google also had a one-month sales gap between the Pixel 3a and 4a. I can't imagine any other business being OK with shutting down sales for a month or two.

Chromium browser shows up on the Microsoft Store (Update: Removed)

If you've ever looked for web browsers in the Microsoft Store, you've probably come up short on finding anything at all. That's because according to Microsoft Store policy, any third-party browser needs to have the same rendering engine as its own Edge. But now, Edge runs on Chromium, which opens up the Store to a wide array of browsers.

One of those is Chromium itself, which has now appeared on the Store, as spotted by Aggiornamenti Lumia.

Chromium is an open source project that's managed by Google, but to be clear, this isn't being published by any big brand. It's published by a developer called Store Ports, who seemingly ran the browser through the Desktop App Converter and threw it up on the Store. The developer does have 10 other apps on the Store, some of which are also ports, and some aren't. One app is labeled as 'Universal (UWP) File Explorer', but the app description says that it's just a shortcut to the app that's hidden in Windows 10.

If you want to check out Chromium on the Microsoft Store, you can find it here. It's unclear how often the browser will be updated

Lafayette Pays $45,000 Ransom after Cyber-attack

Lafayette officials announced Tuesday the city’s computer systems were hacked and they were forced to pay a ransom to regain access.

Lafayette officials said hackers disabled the city’s network services and blocked its access until the city paid a $45,000 fee, the Daily Camera reported. The attack caused city emails, phones, online payments and reservation systems to temporarily shut down. The city’s system servers and computers are still in the process of being cleaned and rebuilt. Once finished, the relevant data will be restored into the system and operations will resume. In the meantime, the city is using temporary phone numbers and emails. “In a cost/benefit scenario of rebuilding the city’s data versus paying the ransom, the ransom option far outweighed attempting to build,” the city said in a statement. “The inconvenience of a lengthy service outage for residents was also taken into consideration.”

A preliminary investigation shows the ransomware entered the city’s network through a phishing scam or by guessing passwords. Mayor Jamie Harkins said using taxpayer dollars to pay a ransom was not ideal.

Facebook blames Apple for not allowing games in Facebook Gaming app

The social media giant says that it has been forced to release an "inferior" version of its Facebook Gaming app in order for Apple to accept it onto the App Store.

Following Microsoft's similar criticism, Facebook says that Apple has forced it to launch a new games app — without any games. The Facebook Gaming app is currently being rolled out on the App Store after around six months of the social media company trying to persuade Apple to allow the same features found on the Android version.

"Unfortunately, we had to remove gameplay functionality entirely in order to get Apple's approval on the standalone Facebook Gaming app," Facebook COO Sheryl Sandberg said in a statement to The Verge, "meaning iOS users have an inferior experience to those using Android."

"We're staying focused on building communities for the more than 380 million people who play games on Facebook every month," she continued. "whether Apple allows it in a standalone app or not."

What happened to Avast Passwords (Free Version is no longer available)?

This post is intended to be informative.

Homepage: [Download Free Password Manager | Log in Faster with Avast Passwords]

I remember it used to be Free, then was included part of the Free Antivirus. Now Avast has dropped Passwords Free/Premium from Avast Free and Premium Security.

It is only available as Passwords Premium. Scroll down to see how to get it.



How to get Avast Passwords Premium?
Avast Passwords Premium is included in Avast Ultimate bundle.


Your "blocked tracker" statistic

Under Edge settings -> privacy & services -> under 3 big tracking prevention buttons -> click on blocked tracker

What is your result?

blocked tracker.png

Smart locks opened with nothing more than a MAC address

Researchers demonstrated how remote attackers could exploit UltraLoq and steal access keys with minimal effort.

A smart lock sold by major US retailers could be opened with no more than a MAC address, researchers say.
Smart locks have slowly been adopted as an intelligent, Internet of Things (IoT) alternative to traditional lock-and-key methods to securing a property.

Complementing other IoT devices including wireless doorbells, smart locks and deadbolts are used by the general public to secure their homes, and they also have business use cases -- such as when properties are listed on Airbnb, as they can be remotely managed by hosts who do not have to organize a key handover on-site to guests.

While convenience is king, such connectivity can also create a new set of security problems. Several years ago, for example, a botched firmware update caused chaos for LockState customers who took to Twitter in their droves to complain they were unable to remotely control their smart locks -- and, therefore, access their properties.
... ...

Cisco: Four high-severity flaws in routers, switches and AnyConnect VPN

Cisco has disclosed four high-severity flaws, but there are no critical flaws in this month's updates.

Cisco is urging customers to update small business switches, its DNA Center software, routers with its StarOS software, and its AnyConnect Secure Mobility VPN client for Windows.

Cisco has disclosed a bug in the IPv6 packet processing engine of several Cisco Small Business Smart and Managed Switches that could allow a remote attacker without credentials to trigger a denial of service on affected devices.
... ...
  • Like
Reactions: security123

Capitol One to Pay $80 Million Fine After 2019 Data Breach

Capital One Financial Corp has agreed to pay an $80 million penalty after the bank suffered a massive data breach that affected more than 100 million customer records in July 2019.

The breach was the result of an unsecured Amazon S3 bucket that housed credit card applications with names, addresses, zip codes/postal codes, phone numbers, email addresses and dates of birth of customers. The exposed data also included 140,000 Social Security numbers, 80,000 of which linked bank account numbers.

According to a notice posted by Capitol One on July 19, 2019, “we determined that an outside individual gained unauthorized access and obtained certain types of personal information about Capital One credit card customers and individuals who had applied for our credit card products.”

The “outside individual” was later identified as a 33-year-old software engineer from Seattle, who was charged with breaching Capital One and 30 additional organizations to mine cryptocurrency.

In addition to the financial settlement, the Capital One is required to focus on its risk-management program and internal controls to boost cyber- and information security.

“The OCC took these actions based on the bank’s failure to establish effective risk assessment processes prior to migrating significant information technology operations to the public cloud environment and the bank’s failure to correct the deficiencies in a timely manner,” the Office of the Comptroller of the Currency (OCC) said.

“In taking this action, the OCC positively considered the bank’s customer notification and remediation efforts. While the OCC encourages responsible innovation in all banks it supervises, sound risk management and internal controls are critical to ensuring bank operations remain safe and sound and adequately protect their customers.”

The bank must comply with the OCC Consent Order, and within a 90-day deadline submit a written “Risk Assessment Plan” that should include:

• Documentation of expected and potential threats of material changes to the cloud and legacy technology environments and mitigating controls orremediation plans to address such threats
• Risk mitigation testing from the beginning and throughout the new project life cycle
• A threat inventory for use in risk assessment processes
  • Like
Reactions: security123

TeamViewer fixes bug that lets attackers access your PC

Popular remote access and troubleshooting app, TeamViewer has patched a vulnerability that could let attackers quietly establish a connection to your computer and further exploit the system.
When successfully exploited, this bug would let an unauthenticated, remote actor execute code on your Windows PC, or obtain password hashes (e.g., for cracking via brute-force).

Assigned CVE-2020-13699, the high severity bug falls under a special category of security vulnerabilities, dubbed Unquoted Search Path or Element (CWE-428). These take advantage of the fact, arguments being passed to a program are not "quoted."

This can cause a program to treat the arguments as direct commands, rather than an input value.
... ...

Nearly 50% of all smartphones affected by Qualcomm Snapdragon bugs

Several security vulnerabilities found in Qualcomm's Snapdragon chip Digital Signal Processor (DSP) chip could allow attackers to take control of more than 40% of all smartphones without user interaction, spy on their users, and create un-removable malware capable of evading detection.

DSPs are system-on-chip units are used for audio signal and digital image processing, and telecommunications, in consumer electronics including TVs and mobile devices.

Despite their complexity and the number of new features and capabilities DSP chips can add to any device, unfortunately, they also introduce new weak points and expand the devices' attack surface.

The vulnerable DSP chip "can be found in nearly every Android phone on the planet, including high-end phones from Google, Samsung, LG, Xiaomi, OnePlus, and more," according to Check Point researchers who found these vulnerabilities.

Apple's iPhone smartphone line is not affected by the security issues discovered and disclosed by Check Point in their report.

Check Point disclosed their findings to Qualcomm, who acknowledged them, notified device vendors, and assigned them with the following six CVEs: CVE-2020-11201, CVE-2020-11202, CVE-2020-11206, CVE-2020-11207, CVE-2020-11208, and CVE-2020-11209.
Update: Added Qualcomm statement:

It is now up to the vendors, such as Google, Samsung, and Xiaomi, to integrate those patches into their entire phone lines, both in manufacturing and in the market. Our estimations are that it will take a while for all the vendors to integrate the patches into all their phones. Hence, we do not feel publishing the technical details with everyone is the responsible thing to do given the high risk of this falling into the wrong hands. For now, consumers must wait for the relevant vendors to also implement fixes.

NEW AVG Beta version 20.7.3136

  • Mops21
  • AVG
  • Replies: 0
Hi all

NEW AVG Beta version 20.7.3136

Hi everyone,

I`m glad to announce that new beta version is ready - 20.7.3136 (build 20.7.5509)

What is new
  • moving configuration from files to registry keys to improve related performance and reliability
  • accessibility support for blind/impaired people in setup - part 1 (the most of texts in setup should be read by screen reader app if it is installed (NVDA, JAWS) but task is not complete. There are still issues that some elements are not read at all / are read twice or in wrong order -> usability is not perfect. We will try to improve it in next BETA builds)
What was fixed
  • Sensitive Data Shield status reported correctly even after disabling passive mode
  • Icarus.exe process does not ask for connection permission (in Firewall) anymore
Known issues
  • stopping SmartScan may freeze the UI (you need to restart the machine if you encounter the issue)
  • reset and restore (from backup in file) of the settings does not work properly
  • setup can crash during AV uninstall (it is not visible to user and AV should be completely removed from PC but some .mdmp files can be created in the root of the system drive (e.g. c:\)
  • User Interface can show "Expired" status after edition upgrade AVG FREE to Internet Security (it should be fixed after OS restart)
Download links
Avg Free
Avg Internet Security

Enjoy this beta!
We are looking forward to your feedback.


With best Regards

New Avast beta version 20.7.2421

Hi all

New Avast beta version 20.7.2421

Hi everyone,

I`m glad to announce that new beta version is ready - 20.7.2421 (build 20.7.5509).

What is new
  • moving configuration from files to registry keys to improve related performance and reliability
  • "Avast Passwords" component is not installed by default -> user needs to manually check it during setup
  • accessibility support for blind/impaired people in setup - part 1 (the most of texts in setup should be read by screen reader app if it is installed (NVDA, JAWS) but task is not complete. There are still issues that some elements are not read at all / are read twice or in wrong order -> usability is not perfect. We will try to improve it in next BETA builds)
What was fixed
  • Sensitive Data Shield status reported correctly even after disabling passive mode
  • Icarus.exe process does not ask for connection permission (in Firewall) anymore
Known issues
  • stopping SmartScan may freeze the UI (you need to restart the machine if you encounter the issue)
  • reset and restore (from backup in file) of the settings does not work properly
  • setup can crash during AV uninstall (it is not visible to user and AV should be completely removed from PC but some .mdmp files can be created in the root of the system drive (e.g. c:\)
Download links
Avast free
Avast premium

Enjoy this beta!
We are looking forward to your feedback.


With best Regards

Nile Ransomware

My system infected 'nile' Ransomware, my all files are encrypted, any solution for decryption?
  • Like
Reactions: upnorth

Ubuntu 20.04.1 LTS released

The Ubuntu team is pleased to announce the release of Ubuntu 20.04.1 LTS
(Long-Term Support) for its Desktop, Server, and Cloud products, as well
as other flavours of Ubuntu with long-term support.

As usual, this point release includes many updates, and updated
installation media has been provided so that fewer updates will need to
be downloaded after installation. These include security updates and
corrections for other high-impact bugs, with a focus on maintaining
stability and compatibility with Ubuntu 20.04 LTS.

Kubuntu 20.04.1 LTS, Ubuntu Budgie 20.04.1 LTS, Ubuntu MATE 20.04.1 LTS,
Lubuntu 20.04.1 LTS, Ubuntu Kylin 20.04.1 LTS, Ubuntu Studio 20.04.1 LTS,
and Xubuntu 20.04.1 LTS are also now available. More details can be found
in their individual release notes:

FocalFossa/ReleaseNotes - Ubuntu Wiki

Maintenance updates will be provided for 5 years for Ubuntu Desktop,
Ubuntu Server, Ubuntu Cloud, and Ubuntu Core. All the remaining
flavours will be supported for 3 years. Additional security support is
available with ESM (Extended Security Maintenance).

To get Ubuntu 20.04.1 LTS

In order to download Ubuntu 20.04.1 LTS, visit:

New Release : Immunet 7.3.0 ( 16 june 2020 )

Hello all,

We are happy to announce a new release of Immunet: Version 7.3.0!

This latest version of Immunet provides the same great protection against malware and viruses as before but also includes some new features, enhancements and bug fixes as below.

Changes in 7.3.0

New & Enhancements:
  • New endpoint threat activity detection engine
  • New Immunet UI cloud connect status message replacing cloud stats message

Bug Fixes:
  • Connector cloud registration issue fix related to long network interface names
  • Fixed an issue related to support package
  • Mitigating fixes related to no-reboot upgrade and uninstall failures
  • Immunet Installer bug fixes
  • Other bug fixes

You can get the new installer from here

Expected upgrade behaviour for Immunet users:
  • Upgrades from Connector versions < 7.0.0 to 7.0.0+ require a reboot to complete
  • Upgrades from Connector versions 7.0.0+ to any higher version do not require a reboot to complete

Looking forward to your participation in using our new detection engine and some help in cases of upgrade reboot failures issues, if encountered any. We would appreciate it if you can reach out to us via support forum with Support logs as soon as you see upgrade failing or upgrade asking for a reboot on upgrade.

If you are running an older version of Immunet, you should be able to upgrade via the 'Update Now' button in the UI. If you don't see the update in your UI we recommend uninstalling Immunet and reinstalling the version downloaded from Immunet AntiVirus

Source: New Release : Immunet 7.3.0

I have not heard anything about malwaretips users having using immunet in a while, i decided to post this thread because of the new detection engine... has anyone tried it yet? If i remember correct @Evjl's Rain and @imuade were using immunet in the past

Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks

"It turns out that the root cause behind several previously disclosed speculative execution attacks against modern processors, such as Meltdown and Foreshadow, was misattributed to 'prefetching effect,' resulting in hardware vendors releasing incomplete mitigations and countermeasures.

Sharing its findings with The Hacker News, a group of academics from the Graz University of Technology and CISPA Helmholtz Center for Information Security finally revealed the exact reason behind why the kernel addresses are cached in the first place, as well as presented several new attacks that exploit the previously unidentified underlying issue, allowing attackers to sniff out sensitive data.

The new research explains microarchitectural attacks were actually caused by speculative dereferencing of user-space registers in the kernel, which not just impacts the most recent Intel CPUs with the latest hardware mitigations, but also several modern processors from ARM, IBM, and AMD — previously believed to be unaffected..."

Bitdefender/Avira/F-Secure/Norton 360?

Want to get one but confused. I browse and go almost any site so want better protection. According to Av-comparitives and the other av test something, they rank avira, f-secure, k7 as 100% able to block any malware but I think that cant be true.

So which one should I go for, Bit defender or avira or f-secure or norton 360 deluxe?

KrØØk attack variants impact Qualcomm, MediaTek Wi-Fi chips

Qualcomm and MediaTek Wi-Fi chips were found to have been impacted by new variants of the KrØØk information disclosure vulnerability discovered by ESET researchers Robert Lipovský and Štefan Svorenčík. [...]
Lipovský and Svorenčík discovered new KrØØk variants that have also impacted systems Qualcomm and MediaTek radios used in vehicles, navigation systems, watches, laptops, smartphones, routers, and other devices.

"One of the chips we looked at aside from those from Broadcom and Cypress was by Qualcomm," the researchers explain in a report published today and shared with BleepingComputer earlier this week.
"The vulnerability we discovered (which was assigned CVE-2020-3702) was also triggerable by a disassociation and led to undesirable disclosure of data by transmitting unencrypted data in the place of encrypted data frames – much like with KrØØk."
"We also observed the manifestation of a similar vulnerability (i.e. lack of encryption) on some Wi-Fi chips by MediaTek," including the ASUS RT-AC52U route and the Microsoft Azure Sphere development kit that utilizes the MT3620 microcontroller also used in smart home, commercial, and industrial solutions.

Intel investigating breach after 20GB of internal documents leak online

US chipmaker Intel is investigating a security breach after earlier today 20 GB of internal documents, with some marked "confidential" or "restricted secret," were uploaded online on file-sharing site MEGA.

The data was published by Till Kottmann, a Swiss software engineer, who said he received the files from an anonymous hacker who claimed to have breached Intel earlier this year.

Kottmann received the Intel leaks because he manages a very popular Telegram channel where he regularly publishes data that accidentally leaked online from major tech companies through misconfigured Git repositories, cloud servers, and online web portals.
None of the leaked files contain sensitive data about Intel customers or employees, based on ZDNet's review. However, the question remains to what else the alleged hacker had access to before stealing and releasing Intel's confidential files.

How to link activation code to Avast Account

Hello! My sister has purchased Avast Premium Security from an online store but I could not figure out how to link the key to her online account. Should the key be purchased from Avast to be linked to Avast account? Thank you
  • Like
Reactions: KonradPL

Hekasoft Backup and Recovery V 0.93 update!

Version 0.93 [2020/08/04]

  • Add: Support for CCleaner Browser, Iridium Browser and URBrowser
  • Support for Microsoft Edge Chromium to the Plugin Scanner
  • Modified: Rewritten the check for languages update
  • Modified: Rewritten Thunderbird backup process (now generates 2 files)
  • Fixed: an issue that even when the user click on cancel the software still run the backup or the restore process
  • Fixed: an issue with the restore process that may show the cmd window
  • Fixed: an issue with the Plugin Scanner

Unpatched bug in Windows print spooler lets malware run as admin

Researchers found a way to bypass a patch Microsoft released to address a bug in the Windows printing services, which gives attackers a path to executing malicious code with elevated privileges.

Tracked as CVE-2020-1048, the initial flaw received an initial fix in May and another one is coming with this month’s roll out of security updates from Microsoft.

Discovered and reported responsibly by Peleg Hadar and Tomer Bar of SafeBreach Labs, CVE-2020-1048 affects Windows Print Spooler, the service that manages the printing process.

Bypassing it has been classified as a new vulnerability that received the tracking number CVE-2020-1337. A fix will become available on August 11.

Technical details for the new bug are still private but will be published after the release of the patch, along with a proof-of-concept Mini-Filter driver that shows how to prevent in real time the exploitation of the two vulnerabilities.

CCleaner v5.70.7909 released with fix for Firefox extensions

Important information for Firefox users
If you use Firefox with a Firefox account, we strongly recommend that you update CCleaner to version 5.70 before cleaning. This version of CCleaner fixes an issue that can cause extension settings to be lost in Firefox.

The update also includes performance improvements and improved support for Opera GX.

Important fix for Firefox users
  • Fixed a bug where CCleaner could wipe extension settings in Firefox if using a Firefox account
  • Added Smart Clean support for Opera GX
  • CCleaner now differentiates between Opera and Opera GX processes
  • Fixed a rare bug where Health Check would not close all selected browsers
  • Fixed a performance issue where CCleaner could use more CPU than it needed
  • DetectOS syntax correctly supports full Windows build numbers in WinApp2

Future iPhone may pre-process video on the image sensor to cut size & reduce power demand

Apple is looking at ways of reducing how much processing an iPhone or other device has to do on the image sensor itself in order to produce high quality video, with the aim of saving both file size and battery power.

Currently cameras in iPhones, iPads, or any other device, have an image sensor which registers all light it receives. That video data is then passed to a processor which creates the image. But that processing on the main device CPU can be intensive and make the device's battery run down quickly.

"Generating static images with an event camera," a newly revealed
">US patent application

that proposes only processing the parts of a video image that have changed since the previous frame.

"Traditional cameras use clocked image sensors to acquire visual information from a scene," says the application. "Each frame of data that is recorded is typically post-processed in some manner [and in] many traditional cameras, each frame of data carries information from all pixels."

"Carrying information from all pixels often leads to redundancy, and the redundancy typically increases as the amount of dynamic content in a scene increases," it continues. "As image sensors utilize higher spatial and/or temporal resolution, the amount of data included in a frame will most likely increase."
  • Wow
Reactions: security123

US trying for 'clean network' by banning 'untrusted Chinese apps' like WeChat, TikTok

Describing them as "untrusted Chinese apps," the US government says it wants WeChat, TikTok, and other unspecified services to be banned from all of the app stores in the US.

As Microsoft is in talks to buy TikTok. and Apple is not, US Secretary of State Mike Pompeo has unveiled plans to ban similar services that, he says, pose "significant threats to the personal data of US citizens."

Following President Trump's recent announcement that TikTok will be banned from the US after September 15, unless it is bought by an American firm, the Secretary described five actions the government intends to take.

According to BBC News, these include banning apps from WeChat, TikTok, and potentially other Chinese firms such as Alibaba, Baidu, and Tencent.

ASUS announce HDMI 2.1 Certified gaming monitors

  • ASUS announced a new series of what it calls the "world's first HDMI 2.1 certified gaming monitors."
  • The company is scant on details, but they note the monitors, which range up to 43 inches, will handle 4K at up to 120Hz.
  • The Xbox Series X and PlayStation 5 will also support the HDMI 2.1 specification.
Microsoft and Sony have both already announced that the Xbox Series X and PlayStation 5 will support HDMI 2.1. It's expected that the next generation of graphics cards from NVIDIA and AMD will as well. What it brings to the table is a 48 Gbps bandwidth, which is an increase from the current HDMI 2.0 bandwidth capacity of 18 Gbps.

That increase translates to the ability to support much higher framerates for 4K content. In terms of games, Microsoft has already announced that Xbox Series X will support running games at up to 4K resolution at 120 FPS. Developers still have to specifically design their games for this, but we've already seen that Ori and the Will of the Wisps will run at 120 FPS on Xbox Series X.

According to ASUS, this monitor line will be available in 27-, 32- and 43-inch models. There's no word on the screen technology they'll use, nor the release date. However, with next-gen consoles on the horizon, they'll likely make a solid pairing.

Project xCloud is not allowed on Apple App Store, Microsoft not giving up

Progress on Project xCloud, Microsoft's upcoming mobile game streaming platform for Xbox games, has seemingly hit a brick wall.

Public trials have now come to a halt on iOS, with its latest Project xCloud app build having expired on August 5, 2020. That follows 90 consecutive days without an update to the pre-release app via the TestFlight developer platform, and as per Apple policy, the app has automatically expired for all 10,000 testers. Users attempting to open the Project xCloud iOS app are greeted with an expiration notice, with the app ceasing to function.
  • Like
Reactions: upnorth

Solarlynx Security Config 2020

It's my work PC, IT boss flatly refused to give me possibility to use SUA: "these accounts types are of the same security".
So I have to use my notebook on Admin account. :(

Android Phones at Risk of BlueRepli Bluetooth Attack

At the Black Hat USA 2020 virtual event on August 5, a new attack was added to the list of Bluetooth vulnerabilities, with the public disclosure of BlueRepli.

Security researchers Sourcell Xu and Xin Xin described the BlueRepli attack as a way to bypass Bluetooth authentication on Android phones, without detection. In a series of recorded demos, the researchers demonstrated how, with limited or no user interaction, they were able to abuse Bluetooth to steal a target device’s phone book as well as all of the SMS text messages it had received.

For reasons, not fully shared by the researchers, the BlueRepli attack does currently not work on Apple iOS devices. Additionally, the researchers noted that they had disclosed the issues to Google and the Android Open Source Project (AOSP), but according to them, to date the issue has not been patched.

At the core of the BlueRepli attack is an abuse of what are known as Bluetooth Profiles. Xu explained that Bluetooth Profiles detail specific application scenarios that can be used to enable connectivity. For example, there is the Phone Book Access Profile (PBAP) to enable access to a user’s phone book, while the Message Access Profile (MAP) provides access to text messages.

Xu noted that a Bluetooth vulnerability disclosed in 2019 dubbed “BadBlueTooth” also took advantage of Bluetooth Profiles. Although in that attack scenario, the victim needed to install a malicious app, whereas with BadRepli, nothing needs to be installed. Any Android device within Bluetooth range can potentially be at risk from the BadRepli attack.

To help demonstrate the attack and allow others to test, the researchers created a software project called BlueRepli Plus that is set to be demonstrated during the Black Hat Arsenal tools demonstration on August 6.