HitmanPro 3.8.16 build 310

Hi all HitmanPro 3.8.16 build 310 https://www.hitmanpro.com/en-us/whatsnew.aspx https://www.hitmanpro.com/en-us/downloads.aspx Changelog ADDED: Black certificate serial support to remnants ADDED: Sophos AV icon to SurfRight vendor ADDED...

AMD ‘Zen 4’ 5nm Products Will Launch In 2021

If this report from China Times is to be believed (and this is usually a reliable source) then TSMC's 5nm testing is going very well and the first 3 customers have already been locked in - including AMD. According to the schedule obtained by...

My Grandmother’s Favorite Scammer

Malware or just spam?

I got this email today from someone called "hacker team", and while I would usually never think too much of it, there was a video in this email (Which I obviously didn't click). But it got me thinking, so I googled the contents of the email, and other people had posted about it. On bitcoinabuse, it was somewhat unclear if people considered it stupid spam or an actual threat, however according to "howtoremoveguide" receving this email is a major threat.
-As mentioned I didn't click anything in the email

KAV\KIS\KTS\KFA\KS\KSOS: 21.0.33.1168 beta

Good news for everyone!

A new version of the beta build is available for download and testing.

You can download the version from the links below

Mirror - 1
Mirror - 2

Can be activated only through Internet. Beta-license is valid for 90 days.

Before installation of the new build, please uninstall the previous build (sometimes kavremover may be needed) and reboot the system

Please pay attention

In this build you can meet problems caused by Anti-Banner: some web sites may not be loaded, some may lose random function, or page could be shown incorrectly. We ask you to switch on Anti-Banner before testing to reveal this problems.

Advices for novice testers
  • Do not proceed with testing without reading the instructions;
  • All found bugs should be posted in the related topics so it would be wise to read their headers at first. Bug reports should contain all useful info (it will be clear after reading the instruction from p.1);
  • The most convenient way to upload big files (traces or dumps): in .zip archive on OwnCloud.;
  • Traces as well as app and driver verifiers are enable in this build.
  • This area of forum is not connected to Tech Support (Bugs of Beta-products are collected here)

Additional Information

Please don't post on the beta forum if you are not participating in the beta testing.
Source

AdGuard advanced rules QUESTION

Hi, I have a question about the advanced block rules of Adguard extension. Maybe one of the forum members with an adguard license is so kind to post this question on AdGuard support.

In the User Rules section of the Adguar extension I have put two rules to increase security. First one is based on W_S thread in MT-forum (link), the second one is made using Adguard advanced rules documentation.

My question is related to the second rule. The Adguard info tells me that they follow CSP syntax, so I should use the $CSP rule on specific domains, but ... AdGuard helps writing user rules by coloring the rules (for correct syntax see picture below). It seems that it allows to use HTTP://* wildcard (in stead of a specific domain name).

So my question is: will the second rule work (or is it ignored because of an syntax error)?

||HTTP://*^$csp=script-src 'self' 'unsafe-eval' *

1575800411965.png

Saying hello

Hello guys.... I am new here and found my way here because of a STOP DJVU new variant RSA encryption and in need of help with it's decryption.
I have tried using emsisoft decryptor for STOP DJVU but it says my encryption is RSA encryption and it was done by the new variant of the malware.

Clever Microsoft Phishing Scam Creates a Local Login Form

A clever phishing campaign has been spotted that bundles the scam's landing page in the HTML attachment rather than redirecting users to another site that asks them to log in.

A typical credential-stealing phishing scam consists of an email where the attacker tries to convince the user to click a link in order to retrieve a document or prevent something from happening. These links will then bring the user to a web site, or landing page, that includes a login form where the user must enter their login credentials to proceed.

With this type of attack, users can either detect the scam by the contents of the email, by a suspicious remote site and landing page, or by alerts from security solutions.

Let's show login form locally instead

To prevent users from becoming suspicious when they are redirected to a site with a strange domain or URL, a clever scammer decided to generate the phishing scam directly in the user's browser without going to a remote site.
... ...

‘Ultimate’ MiTM Attack Steals $1M from Israeli Startup

Researchers uncovers “ultimate man-in-the-middle attack” that used an elaborate spoofing campaign to fool a Chinese VC firm and rip off an emerging business.
Hackers pulled off an elaborate man-in-the-middle campaign to rip off an Israeli startup by intercepting a wire transfer from a Chinese venture-capital firm intended for the new business.

FBI recommends that you keep your IoT devices on a separate network

What is the difference between free anti-virus software and paid anti-virus software?

Help with .righ files

Hi there everybody, I need help with files ransomware .righ on my all file after reinstall Windows 10, all document cannot open, help me, i just scan with malwarebyte but scanner cannot found any threats.. Help!!

Microsoft: 44 million Microsoft accounts use leaked passwords

Microsoft ran a password-reuse analysis on over three billion company accounts in 2019 to find out how many of the used password were in use by Microsoft customers.
The company collected password hash information from public sources and received additional data from law enforcement agencies, and used the data as a base for the comparison.
An analysis of password use in 2016 revealed that about 20% of Internet users were reusing passwords, and that an additional 27% were using passwords that were "nearly identical" to other account passwords. In 2018, it was revealed that a large part of Internet users were still favoring weak passwords over secure ones.

Newly discovered Mac malware uses “fileless” technique to remain stealthy

In-memory infection makes it harder for end-point protection to detect it.
Hackers believed to be working for the North Korean government have upped their game with a recently discovered Mac trojan that uses in-memory execution to remain stealthy.
In-memory execution, also known as fileless infection, never writes anything to a computer hard drive. Instead, it loads malicious code directly into memory and executes it from there. The technique is an effective way to evade antivirus protection because there’s no file to be analyzed or flagged as suspicious.
In-memory infections were once the sole province of state-sponsored attackers. By 2017, more advanced financially motivated hackers had adopted the technique. It has become increasing common since then.
The malware isn’t entirely fileless. The first stage poses as a cryptocurrency app with the file name UnionCryptoTrader.dmg. When it first came to light earlier this week, only two out of 57 antivirus products detected it as suspicious. On Friday, according to VirusTotal, detection had only modestly improved, with 17 of 57 products flagging it.
Once executed, the file uses a post-installation binary that, according to a detailed analysis by Patrick Wardle, a Mac security expert at enterprise Mac software provider Jamf, can do the following:

Kaspersky Anti-Virus 2020 - 3 Device - for $9.99

Fake VPN Site Pushes CryptBot and Vidar Info-Stealing Trojans

A cyberthreat actor has created a web site that promotes a fake VPN program that installs the Vidar and CryptBot password-stealing trojans. These trojans will then attempt to steal saved browser credentials and other information from a victim's computer.

While investigating a different malware infection, BleepingComputer stumbled upon a website promoting a VPN program called 'Inter VPN' that claims to be the "fastest VPN". It then shows an image of the VPN client, which is actually an image of the legitimate VPN Pro software.

NVIDIA Patches Severe Flaws in Mercedes Infotainment System Chips

NVIDIA released security updates for six high severity vulnerabilities found in the Tegra Linux Driver Package (L4T) for Jetson AGX Xavier, TK1, TX1, TX2, and Nano chips used in Mercedes-Benz's MBUX infotainment system and Bosch self-driving computer systems.

The chips affected by these flaws are also used in HP and Acer Chromebooks [1, 2], Android tablets, Nintendo Switch video game consoles, and Magic Leap One virtual retinal displays.

These security flaws that could allow local attackers with various levels of user privileges to execute arbitrary code, escalate privileges, trigger denial-of-service (DoS) states, and launch information disclosure attacks against devices featuring unpatched chips.

The high severity vulnerabilities

Potential attackers could run code on devices with vulnerable chips by taking advantage of unpatched code execution flaws, while exploiting the vulnerabilities that lead to a DoS state can render them temporarily unusable.

BMW Infiltrated by Hackers Hunting for Automotive Trade Secrets

The German automotive giant BMW discovered and monitored a group of hackers who infiltrated the company's networks and stayed active since at least the spring of 2019.
BMW's security team spotted the hackers after discovering an instance of the legitimate penetration testing tool Cobalt Strike on a company computer, a tool regularly used in red team testing scenarios to simulate adversaries.

Hackers monitored for months
Following the discovery, the hackers were allowed to stay active with the probable end purpose of collecting more info on who they were, how many systems they managed to compromise, and what data they were after, if any, as Munich-based Bayerischer Rundfunk's reports.

Announcing Windows 10 Insider Preview Build 19037

Hello Windows Insiders, today we’re releasing Windows 10 Insider Preview Build 19037.1 (20H1) to Windows Insiders in the Fast and Slow rings.

If you want a complete look at what build is in which Insider ring, head over to Flight Hub. You can also check out the rest of our documentation here including a complete list of new features and updates that have gone out as part of Insider flights for the current development cycle.

General changes, improvements, and fixes for PC

  • The build watermark at the lower right-hand corner of the desktop is no longer present in this build.This doesn’t mean we’re done…
  • Windows PowerShell ISE is now a Feature on Demand (installed by default), and you will see it in the list in Optional Features Settings.
Known issues

  • BattlEye and Microsoft have found incompatibility issues due to changes in the operating system between some Insider Preview builds and certain versions of BattlEye anti-cheat software. To safeguard Insiders who might have these versions installed on their PC, we have applied a compatibility hold on these devices from being offered affected builds of Windows Insider Preview. See this article for details.
  • Some Insiders have reported when attempting to install recent builds, setup rolls back and returns error code 0xc1900101. In some cases, the update completes successfully on a subsequent attempt. If you’re experiencing the issue, please be sure to file feedback in the Feedback Hub.
  • We’re looking into reports of the update process hanging for extended periods of time when attempting to install a new build.
  • We’re looking into reports of certain external USB 3.0 drives not responding with Start Code 10 after they’re attached.
  • We’ve received reports of the Optimize Drives app incorrectly reporting that optimization has never run on some devices.
Continuing our #WIPTurns5 celebrations


In honor of the Windows Insider Program turning 5 this year, we’ll be celebrating with a special holiday treat! Join us on Twitter this month for #25DaysOfWIP to learn about some of the many features and changes your feedback has helped drive in Windows. And don’t forget to tell us your favorites!

Solar System Discovery


The Solar System is fascinating, yet complicated. It can be difficult to understand, but that can change with a little help from Bing. Check out our interactive Solar System feature! We display the distance between the Sun and the objects that orbit it. Learn about mass, speed, periods, and more. Bing breaks this information down, helping others become Solar System experts.

If you want to be among the first to learn about these Bing features, join our Bing Insiders Program.

Thanks,
BLB

The post Announcing Windows 10 Insider Preview Build 19037 appeared first on Windows Experience Blog.

Source: Announcing Windows 10 Insider Preview Build 19037 | Windows Experience Blog

Questions: Windows Defender Sandbox and Tamper Protection - Have they now been combined? Will MS include default WD sandboxing?

A question was raised on Wilders about Windows Defender Sandbox recently and it got me thinking: Has WD sandbox been incorporated into Tamper Protection? M$ as usual provides little documentation and the two official sources I know of are these: Tamper Protection and Windows Defender Sandbox. They are very general explanations and I can find no other current official explanation about them.

Previously, when WD Sandbox was enabled you would see this

1575666253651.png



I was curious so I enabled WD Sandbox on my system and here is what I see

Capture.PNG Clearly the names are not the same in these two images.

I understand some of WD's processes have new names in 1903+ and this only complicates things more in terms of finding answers to my question. Any Windows gurus are free to offer there expertise or opinions.

Suggestion for zemana support.

I think it would be highly appreciated by all if you made it easier for users to obtain they're lost license keys and be able to reset them much like Malwarebytes allows you to do so. This would be a small improvement that would help many.

Mac Users Targetted by Lazarus ‘Fileless’ Trojan

The Lazarus hacking group has been caught trying to sneak a new ‘fileless’ Trojan on to Apple macOS computers disguised as a fake cryptocurrency trading application.

The discovery was reported by K7 Computing’s Dinesh Devadoss to Mac security expert Patrick Wardle, who immediately spotted similarities to previous attacks. The first of these, from 2018, was the ‘Apple.Jeus’ malware, which also used a cryptocurrency trading application to lure high-value targets in order to steal cryptocoins. In October 2019, the hackers retuned with a new backdoor Trojan that spreads using the same approach – a cryptocurrency application posted to GitHub for victims to download. To make the applications appear trustworthy, both campaigns used the ruse of setting up fake software companies using legitimate certificates.
The new Trojan, tagged by Wardle as OSX.AppleJeus.C, continues in the same vein, with one interesting twist – the so-called fileless in-memory execution of a remote payload. As its name suggests, fileless malware avoids writing files to disk to avoid detection by signature scanners, restricting itself to main memory. Once there, the malware attempts to hijack legitimate processes on the target, for example Windows PowerShell or command line scripting tools such as wscript.exe. In the case of the latest Apple campaign, the trading application is the Trojan that initiates infection, borrowing Apple API calls to create an innocent-looking object file image which is written to disk to create persistence (i.e. the ability to survive reboots).

Anti-Virus Vendors Flag uTorrent and BitTorrent as a “Threat”, Again

The popular BitTorrent client uTorrent is currently being flagged as a threat by several anti-virus tools. The issue affects the desktop client as well as the Web version and the BitTorrent Mainline client. According to the anti-virus vendors, the flags were likely triggered by bundled advertisements or other unwanted software.

After the TRON acquisition, uTorrent and BitTorrent’s social media channels have been predominantly ‘crypto’ oriented. The core audience of the file-sharing clients, which still consists of millions of users, remains mostly interested in downloading and sharing files though. This is something uTorrent still does well and the same is true for the BitTorrent Mainline client. However, new users of these clients have repeatedly been warned not to use the software by several leading anti-virus vendors. In the past BitTorrent Inc. classified such warnings as false positives which it could resolve relatively easily. While that may be true, it appears that the problem is rather persistent and likely more structural than some would think.

After alarmed users reported the issue in uTorrent’s forums this week, we decided to scan the latest release for potential threats. According to VirusTotal, nine separate anti-virus vendors currently flag the software as problematic. This includes the popular Windows Defender, which labels the torrent client as a severe threat. While that sounds scary, the detailed description shows that it may include “Potentially Unwanted Software,” a term commonly used for adware. This is not the first time uTorrent has had this problem. Microsoft has flagged the torrent client in the past as well, as the dedicated Utorrent threat page shows as well. This flag was later removed, presumably after the software was updated, but now they are back in full force. Other anti-virus tools that warn users against uTorrent include Comodo, drWeb, Eset and Sophos, as the list below shows.
Any uTorrent users who receive the warning should proceed at their own risk. When we installed the most recent uTorrent we didn’t spot anything nefarious being installed but, in the past, we have noticed that the client was bundled with adware.

Do you think that Desktop PC's will cease to exist, due to smartphones?

HitmanPro 3.8.16 build 310

Hi all

HitmanPro 3.8.16 build 310



Changelog
  • ADDED: Black certificate serial support to remnants
  • ADDED: Sophos AV icon to SurfRight vendor
  • ADDED: HitmanPro icon to HitmanPro vendor
  • FIXED: Freezing problem on Windows 10 while HitmanPro was scanning
  • FIXED: Rare BSOD in HitmanPro driver
  • FIXED: Blacklisted DNS lookups
  • IMPROVED: Hardening of HitmanPro driver
Attached is a detection of the new Black Serial for MegaCortex
"Program is code signed with a known fraudulent certificate"

Download
32-bit https://dl.surfright.nl/HitmanPro.exe
64-bit https://dl.surfright.nl/HitmanPro_x64.exe

With best Regards
Mops21

Norton Mobile Security 1.7 for iOS has been released!

We have released Norton Mobile Security 1.7 for our iOS customers.

Note: This release is being done in a phased manner.

The FAQs below address some common questions:

1. What is the version number for this release?

Norton Mobile Security 1.7.1362 for iOS

2. What are the changes in this build?

  • iOS 13 Support
  • Simplified onboarding
  • Other enhancements, bug fixes and performance improvements

3. How can I download and install the product?


4. What are the system requirements for Norton Mobile Security 1.7?

Requires iOS 10.0 or later. It is compatible with iPhone, iPad and iPod Touch.

5. Where can I post my queries?

Visit our Norton Mobile Security forum to post your queries.

Test Ikarus antivirus in the Malware Hub

U.S. Data Center Provider Hit by Ransomware Attack

CyrusOne, a large data center provider in the U.S., announced on Thursday that some of its systems were affected by a ransomware attack.
Several customers impacted by the incident have availability problems. The company's managed service division is currently working to restore activity to normal.

Limited damage

The official note published by CyrusOne is a forward-looking statement that does not share too much information.
The company informs that six of its customers are affected because of file-encrypted malware. These customers are mainly serviced by the company's New York Data Center.

Managed services are not the main business of the provider as CyrusOne also offers colocation facilities in about 48 data centers across the globe.
Systems affected by this ransomware attack are limited to this division and do not include IX (internet exchange) and IP Network Services.
... ... ...

Facebook Sues Company For Hijacking Accounts to Run Bad Ads

In a lawsuit filed today, Facebook alleges that a Chinese company used malware to compromise user accounts to run deceptive ads on the social media platform.
The end goal of compromising Facebook accounts was distribution of deceptive ads for counterfeit goods and diet pills.

The operation

The company in question is ILikeAd Media International Company Ltd, represented by Chen Xiao Cong and Huang Tao, who Facebook says that are the authors of the malware behind the entire promo scheme. In a blog post today, Facebook says that the defendants employed two tactics to disguise the true goal of their campaign.
One method was to use images of celebrities in their ads, also known as 'celeb bait,' to trick users into clicking on them.

New Linux Vulnerability Lets Attackers Hijack VPN Connections

Security researchers found a new vulnerability allowing potential attackers to hijack VPN connections on affected *NIX devices and inject arbitrary data payloads into IPv4 and IPv6 TCP streams.
They disclosed the security flaw tracked as CVE-2019-14899 to distros and the Linux kernel security team, as well as to others impacted such as Systemd, Google, Apple, OpenVPN, and WireGuard.

The vulnerability is known to impact most Linux distributions and Unix-like operating systems including FreeBSD, OpenBSD, macOS, iOS, and Android.
A currently incomplete list of vulnerable operating systems and the init systems they came with is available below, with more to be added once they are tested and found to be affected:
...
... ...

AMD ‘Zen 4’ 5nm Products Will Launch In 2021

If this report from China Times is to be believed (and this is usually a reliable source) then TSMC's 5nm testing is going very well and the first 3 customers have already been locked in - including AMD. According to the schedule obtained by China Times, AMD's 5nm products will be landing in early 2021 with mass production for 5nm scheduled in 2020.
AMD among first three customers to grab TSMC 5nm production capacity, NVIDIA missing from the picture
What is really amazing to hear in the report is that TSMC's 5nm yield has already crossed 7nm - which is quite the feat. This would mean that TSMC's 5nm will become viable sooner than expected and the transition from 7nm to 5nm can begin in earnest as well. The three customers that will be able to grab the first wave of production capacity are Apple, HiSilicon and AMD. While it is not surprising to see Apple get the first bite, it is interesting to see NVIDIA missing from this list - as I would have assumed they would be first in line to grab onto a process advantage (although this might be a questionable assumption considering they have yet to launch 7nm GPUs).

The Motorola One Hyper for $400

Motorola has what might be the best-looking mid-range smartphone with the "Motorola One Hyper," a $400 phone with flagship touches like an all-screen front design and a motorized, pop-up camera. It's like a mini OnePlus 7 Pro! You won't find any notches or other screen blemishes here. For specs, you have a 6.5-inch 2340×1080 IPS LCD, a 2GHz Snapdragon 675, 4GB of memory, 128GB of storage, and a 4000mAh battery. The are two rear cameras: a 64MP main sensor and a 8MP wide angle lens, and a 32MP front camera. Both the main front and back cameras have a pretty high megapixel count, and both have an optional "quad pixel" mode, which merges every four pixels together for better light pickup.

Norton Security app 1.7 is now available for Windows 10 S!

Norton Security app 1.7 is now available for Windows 10 in S mode.

This app is available to Windows 10 in S mode customers from the Microsoft App Store.

1. What's the version number?

Norton Security 1.7.564.0

2. What are the changes in this build?


  • Enhancements to onboarding and setup flow
  • Other minor performance enhancements and bug fixes

3. What countries is the product available in?

Norton Security Universal Windows Platform (UWP) app is available to Windows 10 S users from the Microsoft App Store in US.

UWP is now a New Norton offering, purchase of the app allows the customer to access the Norton product on other devices as well.

To download a copy on your 10 S machine in US, search for Norton Security on the Microsoft App Store. Outside of US, the app can be installed with an existing valid Norton Subscription by going to Norton portal (https://my.norton.com) on a 10S machine.

4. What are the operating system requirements?

Microsoft Windows 10 in S mode (32-bit or 64-bit or ARM32 or ARM64) version 1803 and above.

5. How do I download this app?

To download a copy on your Windows 10 S machine in US, search for Norton Security on the Microsoft App Store (US only)

Outside of US, the app can be installed with an existing valid Norton Subscription by visiting our portal on a 10 S machine.

Post your queries in Norton Security | Norton Security with Backup board.

For more information, visit Norton UWP Install FAQ page.

Why AI Will Be Inhuman - Mikko Hypponen

If we want to create super-human intelligence, we need to think unlike humans. Too much emphasis goes into trying to build AI that functions the same way as humans do, instead of exploring directions that can unlock the unique potential of true machine intelligence. Mikko Hyppönen, Chief Research Officer at F-Secure, takes the audience on a deep dive into new types of collaborative intelligent agents that far surpass the limits of what AI can currently do.

Card Skimming Malware Targeting 4 Sites Found on Heroku Cloud Platform

Payment card skimmers have hit four online merchants with help from Heroku, a cloud provider owned by Salesforce, a researcher has found.

Heroku is a cloud platform designed to make things easier for users to build, maintain, and deliver online services. It turns out that the service also makes things easier for crooks to run skimmers that target third-party sites. On Wednesday, Jérôme Segura, director of threat intelligence at security provider Malwarebytes, said he found a rash of skimmers hosted on Heroku. The hackers behind the scheme not only used the service to host their skimmer infrastructure and deliver it to targeted sites. They also used Heroku to store stolen credit-card data. Heroku administrators suspended the accounts and removed the skimmers within an hour of being notified, Segura told Ars. This is not the first time cloud services have been abused by payment card skimmers. In April, Malwarebytes documented similar abuse on Github. Two months later, the security provider reported skimmers hosted on Amazon S3 buckets. Abusing a cloud provider makes good sense from a crook's point of view. It's often free, saves the hassle of registering look-alike domain names, and delivers top-notch availability and bandwidth.
We will likely continue to observe web skimmers abusing more cloud services as they are a cheap (even free) commodity they can discard when finished using it. From a detection standpoint, skimmers hosted on cloud providers may cause some issues with false positives. For example, one cannot blacklist a domain used by thousands of other legitimate users.

FBI Puts $5 Million Bounty On Russian Hackers Behind Dridex Banking Malware

The United States Department of Justice today disclosed the identities of two Russian hackers and charged them for developing and distributing the Dridex banking Trojan using which the duo stole more than $100 million over a period of 10 years.

Maksim Yakubets, the leader of 'Evil Corp' hacking group, and his co-conspirator Igor Turashev primarily distributed Dridex — also known as 'Bugat' and 'Cridex' — through multi-million email campaigns and targeted numerous organizations around the world.


The State Department has also announced a reward of up to $5 million—the largest offered bounty to date for a cybercrime suspect—for providing information that could lead to the arrest of Yakubets, who remains at large.

"Bugat is a multifunction malware package designed to automate the theft of confidential personal and financial information, such as online banking credentials, from infected computers," the DoJ said in its press release.
"Bugat malware was specifically crafted to defeat antivirus and other protective measures employed by victims. Later versions of the malware were designed with the added function of assisting in the installation of ransomware."
Besides developing and distributing Dridex, Yakubets has also been charged with conspiracy to commit bank fraud in connection with the infamous "Zeus" banking malware that stole $70 million from victims' bank accounts.

Starting May 2009, Yakubets and his co-conspirators allegedly employed widespread computer intrusions, malicious software, and fraud in an effort to steal millions of dollars from numerous bank accounts in the United States and elsewhere.
complete reading from here: FBI Puts $5 Million Bounty On Russian Hackers Behind Dridex Banking Malware

Malware Hunter Pro - 1 year free license

Malware Hunter Pro


Free license for Glarysoft Malware Hunter Pro for 1 year. The program is an anti-virus scanner with an engine based on Avira technologies and is used to detect and remove various kinds of malicious programs.

With Malware Hunter Pro, you can quickly scan your computer and, if detected, remove even persistent malware. In addition, built-in system optimization utilities will help speed up and clean up your computer.

Acceleration


The professional version of the anti-virus scanner allows you to configure automatic anti-virus scanning on a schedule and maintain additional security for your computer along with the existing anti-virus protection .

How to get Malware Hunter Pro for free
1 . Go to the offer page , enter your email address, confirm " I'm not a robot " and click the " Get My Key Now " button .

Malware Hunter Pro Promotion Page



2 . Take the activation code from the received letter.

3 . Download Malware Hunter Pro and install an antivirus scanner.

System Support : Windows 10 / 8.1 / 8/7 / Vista / 2000 / XP 32 or 64-bit

4 . Activate by entering your mail and received license key.

Activating Malware Hunter Pro


Malware Hunter Pro License Features
  • Free updates for the whole year of use.
  • Provided for three computers.
  • There is no free technical support.
  • For private use only.

Banking Protection (SafePrice, SafeMoney): Do you use them?

It's a fact many suites come with "banking modules". These usually provide special protection for when you do online transactions such as home banking, or online shopping. They way they usually work is opening a new window or isolating the windows in order to prevent data stealing, infection, or similar.
According to AVLAB.pl

1. Clipboard Hijacking Attack.
2. Clipboard Swapping Attack
.
3. Keylogger Attack.
4. Screenshot Attack.
5. RAM Scraping Attack
.
6. DLL Injecting Attack.
7. First Man-In-The-Middle Attack.
8. Second Man-In-The-Middle Attack.
9. Hidden Desktop Attack
.
10. HOSTS Modifying Attack.
11. Banking trojans
.
Well, do you use this? I don't. I always find myself disabling this module, I find it tedious to open separated windows, and make my experience generally much more slower; plus I don't see the real advantage.

Do you use it?

Newbie Say Hello

Sophos Home Free resource usage.

Hello,

I was wondering what the resource usage is in Sophos Home free because it looks like quite a good Antivirus especially since it has AI and Machine learning detections. I am looking to replace Zemana Anti Malware 3 because I am a bit disappointed in the company they have not been replying to my support requests and development speed is very slow to none.

When I used the Beta about a year ago, it had very high disk usage so I am wondering what it is like now. If it is high I wonder if there are any other light alternatives like Kaspersky Cloud Free, Avira free?

NoScript, uMatrix, uBlock Origin: Medium/Hard Mode

Do any of you use NoScript, uMatrix, or uBlock Origin in Medium/Hard Mode? If so,
  • Which extension/method do you prefer and why?
  • What do you use it for?
  • Is it worth the effort in fixing site breakages?
If you're using an extension I haven't listed, feel free to add it into the discussion!

Context: I'm currently running uBlock Origin with filters for ad blocking and blocking third party requests on HTTP (HTTP://*^$third-party,~image,~stylesheet). I was wondering what benefits I'd see if I explored these other options.

Insider Build 19035 Now Available

Hello Windows Insiders, today we’re releasing Windows 10 Insider Preview Build 19035 (20H1) to Windows Insiders in BOTH the Fast ring and Slow rings.

If you want a complete look at what build is in which Insider ring, head over to Flight Hub. You can also check out the rest of our documentation here including a complete list of new features and updates that have gone out as part of Insider flights for the current development cycle.

NOTE: We are looking to begin releasing new builds from our development branch *very soon*. This means we will be releasing builds to Insiders in the Fast ring from the RS_PRERELEASE development branch again instead of the VB_RELEASE branch. This also means the desktop watermark will be returning with these builds. As is normal with pre-release builds, these builds may contain bugs and be less stable. Now is the time to check your Windows Insider Settings and switch to the Slow ring before if you wish to remain on 20H1.

For Insiders in the Fast ring who have selected to stop getting Insider Preview builds when the next major release of Windows 10 is available under
Windows Insider Settings, we will be moving you to the Slow ring as part of honoring this setting. You will remain here until 20H1 is finalized. This only applies to Insiders in the Fast ring who selected this.

General changes, improvements, and fixes for PC

  • The build watermark at the lower right-hand corner of the desktop is no longer present in this build. This doesn’t mean we’re done…
  • We’ve completed the experiment related to how we deliver driver updates through Windows Update. Devices that were involved in the experiment will no longer see the Optional Updates link under Settings > Windows Update. This also resolves an issue where after successfully installing printer drivers from the Optional Updates section, the same driver is still showing as available for install. Thanks to the Insiders who have provided feedback on this feature.
  • We fixed an issue that could result in fingerprint (if enabled) sometimes unexpectedly not being offered as a sign-in option after waking your device from sleep.
  • We fixed an issue that could result in certain apps not launching the first time you tried after resetting the app via Settings.
  • Thank you for all the feedback you provided on the Store version of Notepad. At this time, we’ve decided not to roll this out to customers. Insiders may notice some changes as we remove this change from this build:
    • If you pinned Notepad to your Taskbar or Start menu, you will need to re-pin after you upgrade to this new build.
    • If you had certain file types set to open in Notepad by default, you will see a prompt when you try to open files of that type again and will need to re-select Notepad.
Known issues

  • BattlEye and Microsoft have found incompatibility issues due to changes in the operating system between some Insider Preview builds and certain versions of BattlEye anti-cheat software. To safeguard Insiders who might have these versions installed on their PC, we have applied a compatibility hold on these devices from being offered affected builds of Windows Insider Preview. See this article for details.
  • Some Insiders have reported when attempting to install recent builds, setup rolls back and returns error code 0xc1900101. In some cases, the update completes successfully on a subsequent attempt. If you are experiencing the issue, please be sure to file feedback in the Feedback Hub.
  • We’re looking into reports of the update process hanging for extended periods of time when attempting to install a new build.
  • We’re looking into reports of certain external USB 3.0 drives not responding with Start Code 10 after they’re attached.
  • We’ve received reports of the Optimize Drives app incorrectly reporting that optimization has never run on SSD devices.
Continuing our #WIPTurns5 celebrations


In honor of the Windows Insider Program turning 5 this year, we’ll be celebrating with a special holiday treat! Join us on Twitter this month for #25DaysOfWIP to learn about some of the many features & changes your feedback has helped drive in #Windows. And don’t forget to tell us your favorites!

2020 Grammy Awards Nominees


Have you heard? The 2020 Grammy nominees are here! To prepare for the Awards ceremony scheduled for January 2020, check out our Grammy nominees carousel on Bing. Our carousel highlights all nominees, categories and additional information for each artist.

If you want to be among the first to learn about these Bing features, join our Bing Insiders Program.

Thanks,
BLB

The post Announcing Windows 10 Insider Preview Build 19035 appeared first on Windows Experience Blog.

Source: Announcing Windows 10 Insider Preview Build 19035 | Windows Experience Blog

Wiper Discovered in Attacks on Middle Eastern Companies

IBM X-Force, the company's security unit, has published a report of a new form of "wiper" malware connected to threat groups in Iran and used in a destructive attack against companies in the Middle East.

The sample was discovered in a response to an attack on what an IBM spokesperson described as "a new environment in the [Middle East]—not in Saudi Arabia, but another regional rival of Iran." Dubbed ZeroCleare, the malware is "a likely collaboration between Iranian state-sponsored groups," according to a report by IBM X-Force researchers. The attacks were targeted against specific organizations and used brute-force password attacks to gain access to network resources. The initial phase of the attacks was launched from Amsterdam IP addresses owned by a group tied to what IBM refers to as the "ITG13 Group"—also known as "Oilrig" and APT34. Another Iranian threat group may have used the same addresses to access accounts prior to the wiper campaign. "While X-Force IRIS cannot attribute the activity observed during the destructive phase of the ZeroCleare campaign," the researchers noted, "we assess that high-level similarities with other Iranian threat actors, including the reliance on ASPX web shells and compromised VPN accounts, the link to ITG13 activity, and the attack aligning with Iranian objectives in the region, make it likely this attack was executed by one or more Iranian threat groups."

In addition to brute force attacks on network accounts, the attackers exploited a SharePoint vulnerability to drop web shells on a SharePoint server. These included China Chopper, Tunna, and another Active Server Pages-based webshell named "extensions.aspx," which "shared similarities with the ITG13 tool known as TWOFACE/SEASHARPEE," the IBM researchers reported. They also attempted to install TeamViewer remote access software and used a modified version of the Mimikatz credential-stealing tool—obfuscated to hide its intent—to steal more network credentials off the compromised servers. From there, they moved out across the network to spread the ZeroCleare malware.

Opera 65.0.3467.62 Stable update

Hi,

here is a fresh Opera Stable build, where chromium version is updated to 78.0.3904.108.

It contains few bugfixes, such as:

  • [macOS] URL is not correctly aligned when the Geolocation is ON
  • media indicator animation consumes a lot of CPU
  • pages won’t load after closing private mode

The full changelog can be found here.

Installation links:


Source: Opera 65.0.3467.62 Stable update - Blog | Opera Desktop

Malicious Python Package Available in PyPI Repo for a Year

Two malicious versions of two Python packages were introduced in the Python Package Index (PyPI) with the purpose of stealing SSH and GPG keys from Python developers' projects.
One of them, using typosquatting to impersonate a legitimate library, resisted for about a year in the repository. The other survived for just a couple of days.
PyPI is a collection of software created and shared by the Python community to help developers in their projects.

Undetected for a year

The fake library that spent the least amount of time in PyPI available under the name 'python3-dateutil,' a clear impersonation of the 'dateutil' package with extensions to the standard Python datetime module.
... ...

Update from ubuntu 18 ssh php wordpress

Hello, I'm trying to update my VPS server with Ubuntu 18 wordpress php, in the server I already have php 13 since I do the command

$ php -v

and I see that I am using php 13, but when I see the wordpress system I see that it is working with php 12, how can I change the php in wordpress from my server with ssh?

ifacedown's Security Config 2019

Using Windows 10 1909 on Laptop with ESET Smart Security Premium. What do I add, Zemana Anti-malware or Zemana Antilogger?

I do not do online banking and I do just casual browsing, and just make documents. Also using McShield.

Or is ESET and McShield enough?

Thank you!