Google Chrome Adds Protection for NSA's Windows CryptoAPI Flaw

Google just released Chrome 79.0.3945.130, which will now detect certificates that attempt to exploit the NSA discovered CVE-2020-0601 CryptoAPI Windows vulnerability. As part of Microsoft's January 2020 Patch Tuesday, security updates were...

New year, new browser – The new Microsoft Edge is out of preview and now available for download

A little over a year ago, we announced our intention to rebuild Microsoft Edge on the Chromium open source project with the goals of delivering better compatibility for everyone, less fragmentation for web developers, and a partnership with the...

Pls help me remove from Malwarebytes blacklist

Hi Admin,
I need your help. My website, which was hacked a few months ago, all malware have cleaned up yet. It is still in your blacklisted. Pls check and help me remove. Thanks in advance.

LG OLED TV is Dead.......

Watch the video below and decides

OLED is NOT dead. Just LG OLED TV is. OLED display for small devices like laptops, smartphones, smartwatches etc still triumphs over other types of materials

Google Chrome Adds Protection for NSA's Windows CryptoAPI Flaw

Google just released Chrome 79.0.3945.130, which will now detect certificates that attempt to exploit the NSA discovered CVE-2020-0601 CryptoAPI Windows vulnerability.

As part of Microsoft's January 2020 Patch Tuesday, security updates were released for a vulnerability discovered by the NSA in the Windows CryptoAPI library Crypt32.dll.

This vulnerability allows attackers to create TLS and code-signing certificates that spoof, or impersonate, other companies to perform man-in-the-middle attacks or create phishing sites.

With PoCs for the CVE-2020-0601 vulnerability already released that allow attackers to easily create spoofed certificates, it is only a matter of time before we start to see them used in attacks.

The new version of Chrome blocks spoofed certificates
Today, Google released Chrome 79.0.3945.130, which adds new code by Google's Ryan Sleevi to further check the integrity of a web site's certificate before allowing a visitor to access the site.

Added CVE-2020-0601 detections to Google Chrome

Added CVE-2020-0601 detections to Google Chrome
To show the new protections at work, using Kudelski Security's CVE-2020-0601 test site we can see the vulnerability being exploited on an unpatched Windows 10 PC using an older version of Google Chrome.

CVE-2020-0601 exploited in
On the same unpatched Windows 10 machine using Google Chrome 79.0.3945.130, when you visit the site again the browser now warns that "Attackers might be trying to steal your information".

Google Chrome 79.0.3945.130 with  CVE-2020-0601 detection

Google Chrome 79.0.3945.130 with CVE-2020-0601 detection
Sleevi states that this check is "not perfect", but is good enough for now as users roll out the security updates to their operating systems and Google switches to better verifiers.

"This isn't perfect, but is enough of a safety check until we switch to our verifier or tighten down the blocking of 3P modules, even for CAPI."

It would not be surprising to find other browser and security software start integration detection for CVE-2020-0601 into their products so that even if a company can't immediately install the security patches, they will have a modicum of protection against the vulnerability.

PrivaZer v3.0.87 Released (17 January 2020)

JhoneRAT : Cloud Based Python RAT Targeting Middle Eastern Countries

This new RAT is dropped to the victims via malicious Microsoft Office documents. The dropper, along with the Python RAT, attempts to gather information on the victim's machine and then uses multiple cloud services: Google Drive, Twitter, ImgBB and Google Forms. The RAT attempts to download additional payloads and upload the information gathered during the reconnaissance phase. This particular RAT attempts to target a very specific set of Arabic-speaking countries. The filtering is performed by checking the keyboard layout of the infected systems. Based on the analysed sample, JhoneRAT targets Saudi Arabia, Iraq, Egypt, Libya, Algeria, Morocco, Tunisia, Oman, Yemen, Syria, UAE, Kuwait, Bahrain and Lebanon.

What's new? The campaign shows an actor that developed a homemade RAT that works in multiple layers hosted on cloud providers. JhoneRAT is developed in Python but not based on public source code, as it is often the case for this type of malware. The attackers put great effort to carefully select the targets located in specific countries based on the victim's keyboard layout.

How did it work? Everything starts with a malicious document using a well-known vulnerability to download a malicious document hosted on the internet. For this campaign, the attacker chose to use a cloud provider (Google) with a good reputation to avoid URL blacklisting. The malware is divided into a couple of layers — each layer downloads a new payload on a cloud provider to get the final RAT developed in Python and that uses additional providers such as Twitter and ImgBB.

So what? This RAT is a good example of how a highly focused attack that tries to blend its network traffic into the crowd can be highly effective. In this campaign, focusing detection of the network is not the best approach. Instead, the detection must be based on the behaviour on the operating system. Attackers can abuse well-known cloud providers and abuse their reputations in order to avoid detection.

Serious Flaws in WordPress Plugins Used on 400k Sites

Serious vulnerabilities have recently come to light in three WordPress plugins that have been installed on a combined 400,000 websites, researchers said.

InfiniteWP, WP Time Capsule, and WP Database Reset are all affected. The highest-impact flaw is an authentication bypass vulnerability in the InfiniteWP Client, a plugin installed on more than 300,000 websites. It allows administrators to manage multiple websites from a single server. The flaw lets anyone log in to an administrative account with no credentials at all. From there, attackers can delete contents, add new accounts, and carry out a wide range of other malicious tasks.

People exploiting the vulnerability need only know the user name of a valid account and include a malicious payload in a POST request that's sent to a vulnerable site.

Fraudsters Set Up Site Selling Temporary Social Security Numbers

Some fraudsters have set up a scam site claiming to be for a data protection fund created by the U.S. Federal Trading Commission (FTC) to offer financial compensation to users whose personal data appeared in information leaks.
This is a reinterpretation of the classic advance-fee scam where the victim makes a small payment inebriated by the promise of getting a much larger sum in return.
Despite posing as a site associated with the FTC, this money-making scheme accepts victims from any country and offers to sell "temporary social security numbers (SSNs)" to those that don't have one.

Bait: cash for data leak victims
Named "Official Personal Data Protection Fund," the website promises to pay users of any geography if their personal data was used by an unauthorized third party.
A fake verification service can help users find out if their data ever leaked. The results of the check dictate if the user is entitled to compensation and the exact value.
This "verification" requires some personal data, though. At least the name (first and last) and phone number are required for the check to begin.
There are three specific sources to choose from - social networks, messengers, and ad networks, and details for the selected one are also needed.

PoC Exploits Published For Microsoft Crypto Bug

Two proof-of-concept exploits were publicly released for the major Microsoft crypto-spoofing vulnerability.
Two proof-of-concept (PoC) exploits have been publicly released for the recently-patched crypto-spoofing vulnerability found by the National Security Agency and reported to Microsoft.
The vulnerability (CVE-2020-0601) could enable an attacker to spoof a code-signing certificate (necessary for validating executable programs in Windows) in order to make it appear like an application was from a trusted source. The flaw made headlines when it was disclosed earlier this week as part of Microsoft’s January Patch Tuesday security bulletin. It marked the first time the NSA had ever publicly reported a bug to Microsoft.
The two PoC exploits were published to GitHub on Thursday. Either could potentially allow an attacker to launch MitM (man-in-the-middle) attacks – allowing an adversary to spoof signatures for files and emails and fake signed-executable code inside programs that are launched inside Windows. One PoC exploit was released by Kudelski Security and the other by a security researcher under the alias “Ollypwn”.
[Listen to further analysis of the Microsoft crypto flaw, below, on the Threatpost Podcast]
According to Microsoft’s advisory, the spoofing vulnerability exists in the way Windows CryptoAPI (Microsoft’s API that enables developers to secure Windows-based applications using cryptography) validates Elliptic Curve Cryptography (ECC) certificates. Kudelski Security in a blog post said they launched the PoC using a “curve P384” certificate, which uses ECC (specifically, the USERTrust ECC Certificate Authority). Researcher were able to craft a key used to sign the “curve P384” certificate with an arbitrary domain name. This certificate would subsequently be recognized by Windows’ CryptoAPI as trusted.
Another similar PoC exploit was publicly released by Denmark-based security expert “Ollypwn.”
“When Windows checks whether the certificate is trusted, it’ll see that it has been signed by our spoofed CA,” said “Ollypwn” in a write up of his PoC exploit. “It then looks at the spoofed CA’s public key to check against trusted CA’s. Then it simply verifies the signature of our spoofed CA with the spoofed CA’s generator – this is the issue.”
A third PoC exploit was developed by security expert Saleem Rashid; who said on Twitter, Wednesday, that the PoC allowed him to fake TLS certificates and set up sites that look like legitimate ones. However, Rashid did not make his PoC exploit code public.

1,179 people are talking about this

Researchers say that while the recently-released PoC exploits work, they show that the flaw is not easily exploitable for attackers, particularly because victims would also need to first visit a very specific website, making a targeted attack more difficult.
“In the end, please keep in mind that such a vulnerability is not at risk of being exploited by script kiddies or ransomware,” Kudelski Security researchers said in their analysis. “While it is still a big problem because it could have allowed a Man-in-the-Middle attack against any website, you would need to face an adversary that owns the network on which you operate, which is possible for nation-state adversaries, but less so for a script kiddie.”
Tech support site AskWoody agreed: “There’s no question the code works — but it has a prerequisite. In order to get bitten by the security hole, you have to first visit a specific site. That site will load a security certificate that’s instrumental in making the PoC code work. That severely limits the threat, eh?”
Despite the roadblocks to exploitation, security experts say that publicly-released PoC exploits can pave the way for future exploitation of CVE-2020-0601 by adversaries. Researchers urge Microsoft customers to make sure that their systems are up to date.
“Assume that this vulnerability has already been weaponized, probably by criminals and certainly by major governments,” Bruce Schneier said in a Wednesday analysis. “Even assume that the NSA is using this vulnerability — why wouldn’t it?”

Google chrome updated to 79.0.3945

A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Security Fixes and Rewards

This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$TBD][1018677] Critical CVE-2020-6378: Use-after-free in speech recognizer. Reported by Antti Levomäki and Christian Jalio from Forcepoint on 2019-10-28
[$2000][1033407] High CVE-2020-6379: Use-after-free in speech recognizer. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2019-12-12
[$N/A][1032170] High CVE-2020-6380: Extension message verification error. Reported by Sergei Glazunov of Google Project Zero on 2019-12-09
[$N/A][1040772] High N/A: Protections to mitigate Windows ECC certificate validation vulnerability CVE-2020-0601.

Announcing Windows 10 Insider Preview Build 19546

Hello Windows Insiders, today we’re releasing Windows 10 Insider Preview Build 19546 to Windows Insiders in the Fast ring.

If you want a complete look at what build is in which Insider ring, head over to Flight Hub. You can also check out the rest of our documentation here, including a list of new features and updates.

Not seeing any of the features in this build? Check your Windows Insider Settings to make sure you’re on the Fast ring. Submit feedback here to let us know if things weren’t working the way you expected.

What’s new in Build 19546

Introducing Graphing Mode in Windows Calculator

Today, we’re updating Windows Calculator for Insiders with a preview of our new graphing mode. Adding support for graphing is one of our top feature requests in Feedback Hub, and we’re excited to bring this feature to our users. Graphing capabilities are also essential for students who are beginning to explore linear algebra. With this feature, we hope to empower students to learn mathematics by improving their conceptual understanding and attitudes towards math.

Screenshot showing three different equations plotted on the graph.Screenshot showing three different equations plotted on the graph.

Here are a few things you can try out with this new feature:

  • Plot one or more equations on the graph. Enter multiple equations so that you can compare plots against each other and see interactions between the lines. You can also customize the line style and graph viewing window to suit your needs.
  • Add equations with variables. If you enter an equation with a secondary variable (e.g., “y = mx + b”), you’ll be able to easily manipulate those variables so that you can quickly understand how changes to the equation affect the graph.

GIF showing how you can use a slider to manipulate equation variables and see changes live on the graph.

  • Analyze the graph. Trace plots with your mouse or keyboard to better understand the relationship between variables in the equation on the graph. You can also analyze equations to help identify key graph features, like the x- and y- intercepts.

Screenshot showing the analysis of one of the plotted equations.

We’re looking for feedback! Tell us what you want to see next via the Feedback Hub under Apps > Calculator or select the Send feedback button on the About page in the app. If you’re a developer, check out the project on GitHub—we are always accepting contributions! #BuildTogether

Other updates for Insiders

Introducing the Indexer Diagnostics app

Available now in beta via the Microsoft Store, the Indexer Diagnostics app was created to help enhance your understanding of the capabilities of search, as well as increase the troubleshooting ability and support for general Windows Search issues.

The tool will continue to be improved with more functionality added over time—as always, appreciate your feedback! The app is available for anyone running Windows 10 version 1809 or higher.

General changes, improvements, and fixes for PC

  • We fixed an issue resulting in Timeline not showing any activities.
  • We fixed an issue resulting in Outlook search not working for some.
  • We fixed an issue significantly impacting Task View reliability for some.
  • We fixed an issue where pressing Spatial Sound -> Off in the sound menu caused Explorer.exe to crash.
Known issues

  • BattlEye and Microsoft have found incompatibility issues due to changes in the operating system between some Insider Preview builds and certain versions of BattlEye anti-cheat software. To safeguard Insiders who might have these versions installed on their PC, we have applied a compatibility hold on these devices from being offered affected builds of Windows Insider Preview. See this article for details.
  • We are aware Narrator and NVDA users that seek the latest release of Microsoft Edge based on Chromium may experience some difficulty when navigating and reading certain web content. Narrator, NVDA and the Edge teams are aware of these issues. Users of legacy Microsoft Edge will not be affected.
  • The cloud recovery option for Reset this PC isn’t working on this build. Please use the local reinstall option when performing Reset this PC.
  • We’re looking into reports of the update process hanging for extended periods of time when attempting to install a new build.
  • We’re investigating reports that some Insiders are unable to update to newer builds with error 0x8007042b.
  • We’re looking into reports of certain external USB 3.0 drives not responding with Start Code 10 after they’re attached.
  • The Optimize Drives Control Panel is incorrectly reporting that optimization has never run on some devices. Optimization is completing successfully, even though it is not reflected in the UI.
  • The Documents section under Privacy has a broken icon (just a rectangle).
  • Remote Desktop Connection crashes when attempting to connect to multiple sessions.
  • Snipping isn’t working on secondary monitors.
  • The IME candidate window for East Asian IMEs (Simplified Chinese, Traditional Chinese, and the Japanese IME) may not open sometimes. We are investigating your reports. As a workaround if you encounter this, please change the focus to another application or editing area and back to the original and try again. Alternatively, you can go to Task Manager and end the “TextInputHost.exe” task from the Details tab, and it should work afterwards.
Test your Speed with Bing

How fast can you type? Take the typing challenge on Bing and put it to the test! We’ve created a fun and interactive typing challenge that shares your score, speed, and accuracy. Test your typing skills and challenge your friends and family.

If you want to be among the first to learn about these Bing features, join our Bing Insiders Program.


The post Announcing Windows 10 Insider Preview Build 19546 appeared first on Windows Experience Blog.

Source: Announcing Windows 10 Insider Preview Build 19546 | Windows Experience Blog

New Edge: google browsing and microsoft smartscreen?

Norton protection for Windows 7 once Microsoft ends its support

Microsoft has formally announced the end of support for Windows 7 on January 14, 2020. Your Norton products will continue to support Windows 7 for the foreseeable future.

If you are on Windows 7, your Norton client security software will no longer receive the new software updates that the supported versions of Windows (Windows 10, Windows 8, and Windows 7 Service Pack 1) will receive.

However, your Norton client security software will continue to receive the latest malware definitions by LiveUpdate, vulnerability updates, and compatibility fixes.

Be aware that in addition to running the most up-to-date security products, another important aspect of protecting your computer is to keep it current with the latest service pack and patches for the operating system.

As Microsoft announced, they will no longer publish patches for Windows 7, these computers may become targets for cyber criminals, particularly if new vulnerabilities are discovered in the operating system. Depending on the nature of the threats involved, Windows 7 may be susceptible to viruses and risks to which more recent iterations of Windows are immune. Due to this, we strongly recommend that you upgrade your Windows 7 computer to a supported operating system as soon as possible.

Frequently asked questions:

1. Will Windows 7 become less secure after Microsoft ends support on January 14, 2020?

Microsoft has stated, "If you continue to use Windows 7 after support ends, your computer will still work but it might become more vulnerable to security risks and viruses." The reason is that Microsoft is no longer providing technical assistance for users of Windows 7. Microsoft will stop producing any operating system updates required to close any vulnerabilities that are found in Windows 7. Here is the Microsoft announcement about the end of support for Windows 7.

2. Does NortonLifeLock recommend updating to another operating system?

Yes. If you have a Windows 7 computer, we strongly recommend that you upgrade to a more modern and supported operating system as soon as possible.

3. Does NortonLifeLock have recommendations if I continue to use Windows 7?

If you choose to continue using Windows 7, we recommend a combination of best practices:

  • Ensure that your Windows 7 system is patched with the latest updates from Microsoft as available before January 14, 2020.
  • Migrate to applications that are supported with security updates and patches on Windows 7.
  • Ensure that your security software is up-to-date and actively supported by your security vendor on Windows 7.

4. If I am running the latest version of Norton AntiVirus, Norton Internet Security, Norton 360, or Norton Security, will I still receive updates and virus definitions on Windows 7?

At the time of this F.A.Q, the latest major version of these solutions is version 22.x. At this time, we support these solutions with the software updates and the virus definitions for all supported versions of Microsoft Windows (including Windows 7 SP1).

5. If I am running an older version of Norton AntiVirus, Norton Internet Security, Norton 360, or Norton Security, will I still receive software updates and virus definitions on Windows 7?

Versions of Norton solutions older than 22.x will be supported based on the following guidelines:

  • We will provide virus definition updates for 3 years after the release of each major software version.
  • If you receive virus definition updates for an earlier version, you will continue to receive the definition sets that are compatible across all Windows platforms which your Norton solution supports.
  • If you require support for an earlier version, you may be required to update to the latest version of the solution during the support process.

6. Will NortonLifeLock support Windows 7 in its next major release of Norton-branded security solutions?

Our goal is to provide the best protection possible on the broadest set of operating systems that are used by our customers. Depending on security demands and development, future versions of Norton-branded security solutions may drop support for retired operating systems. As always, we will provide explicit system requirements in the documentation for every software update that we release.

TrickBot Now Uses a Windows 10 UAC Bypass to Evade Detection

The TrickBot Trojan has received an update that adds a UAC bypass targeting the Windows 10 operating system so that it infects users without displaying any visible prompts.
A UAC bypass allows programs to be launched without displaying a User Account Control prompt that asks users to allow a program to run with administrative privileges.

AdGuard Desktop for Windows -- Tips and Tricks

AdGuard for Windows
AdGuard is a unique desktop program that has all the necessary features for the best web experience. The software combines the world's most advanced ad blocker for Windows, a whole privacy protection module, and a parental control tool — all working in any browser or app.
(From Ad Blocker for Windows by AdGuard: remove all ads forever )

Even though I'm a little skeptical of AdGuard, I went ahead and purchased an AdGuard Family Lifetime Pack. For $30 USD, Nine (9) lifetime licenses seems like a reasonable bet that I may get some value out of this.

Multiple people here at MT who I consider credible have expressed positive feedback for AdGuard Desktop.


I've left my AdGuard License Code on the image, as I trust each and every one of you.

Again, I'm a little skeptical of AdGuard.

I've learned to use (beyond the basic level) and like uBlock Origin and a few other things. With uBO and a few other things, I even passed the @Lenny_Linux 'Pornhub Test.'

So... looking for some help getting started with AdGuard Desktop from experienced users.

-Is there any point in using it with uBO?
-Is there any point in using it with (free) AdGuard for Chrome?
-Any tips for initial setup?
-What are the downsides to AdGuard Desktop?
-Does it block things I may desire?


Your Bestest Buddy,


Google plans to drop Chrome support for tracking cookies by 2022

The ad company wants to protect its revenue model and user privacy at the same time.
DAN GOODIN - Yesterday at undefined

Feeling the pressure from competing browser developers, Google on Tuesday laid out a plan to drop Chrome support of tracking cookies within two years.

Google defends tracking cookies—some experts aren’t buying it
The plan is laid out in a post titled "Building a more private Web: A path towards making third party cookies obsolete." It articulates a shift from a stance Chrome developers took in August, when they warned that the blocking of support for third-party cookies—which allow advertisers to track people as they move from site to site—would encourage the use of an alternative tracking method. Known as browser fingerprinting, it collects small characteristics of a browser—for instance, installed fonts or plugins, screen size, and browser version—to uniquely identify the person using it. Unlike cookies, fingerprinting is harder to detect, and user profiles can't be easily deleted.

Instead, Google's August post unveiled the "privacy sandbox," a proposed set of open standards that would serve as an alternative to the blocking of third-party cookies. Privacy sandbox uses browser-based machine learning and other techniques to determine user interests and aggregate them with other users. Google—whose ad-driven revenue model strongly favors ads that target individuals' interests and demographics—said the proposed standard would allow advertisers to deliver more relevant ads without allowing them to track individual users.

In a shift, Chrome Engineering Director Justin Schuh said on Tuesday that adoption of the privacy sandbox will allow Chrome to drop support of the cookies altogether.

Making third-party cookies obsolete
"After initial dialogue with the Web community, we are confident that with continued iteration and feedback, privacy-preserving and open-standard mechanisms like the Privacy Sandbox can sustain a healthy, ad-supported Web in a way that will render third-party cookies obsolete," Schuh wrote. "Once these approaches have addressed the needs of users, publishers, and advertisers, and we have developed the tools to mitigate workarounds, we plan to phase out support for third-party cookies in Chrome. Our intention is to do this within two years."

One of the most immediate concrete steps in the two-year process will come in February, when Chrome will limit insecure cross-site tracking starting in February. Under the change, Chrome will treat cookies that don't include a SameSite label as first-party only and require cookies labeled for third-party use to be accessed over HTTPS.

"This will make third-party cookies more secure and give users more precise browser cookie controls," Schuh wrote in Tuesday's post. "At the same time, we're developing techniques to detect and mitigate covert tracking and workarounds by launching new anti-fingerprinting measures to discourage these kinds of deceptive and intrusive techniques, and we hope to launch these measures later this year."

Google's plan to drop Chrome support for tracking cookies follows moves by Apple and Mozilla to block tracking cookies in Safari and Firefox respectively. Microsoft has also disclosed experimental cookie blocking in Edge.

Google’s phasing out of tracking cookie support came after critics said the privacy sandbox proposal didn’t go far enough in protecting the privacy of Chrome users. So far, the privacy sandbox remains a work in progress with little or nothing tangible to assess its merits, but some critics cheered Google’s plan.

“I've criticized Google in the past for handwaving a hypothetical alternative to cookie blocking without teeth,” privacy advocate Ben Adida wrote on Twitter. “Now they're delivering teeth: a plan to kill tracking cookies in 2 years. So I retract my criticism. Kudos to Google. This is a big deal.”

I've criticized Google in the past for handwaving a hypothetical alternative to cookie blocking without teeth.
Now they're delivering teeth: a plan to kill tracking cookies in 2 years.
So I retract my criticism. Kudos to Google. This is a big deal.
Building a more private web: A path towards making third party cookies obsolete
— Ben Adida (@benadida) January 14, 2020
Schuh, meanwhile, predicted the measure would be a success.

“Fortunately, we have received positive feedback in forums like the W3C that the mechanisms underlying the Privacy Sandbox represent key use-cases and go in the right direction,” he wrote. “This feedback, and related proposals from other standards participants, gives us confidence that solutions in this space can work.”

PoCs for Windows CryptoAPI Bug Are Out, Show Real-Life Exploit Risks

Proof-of-concept exploit code is now available for the Windows CryptoAPI spoofing vulnerability tracked as CVE-2020-0601 and reported by the National Security Agency (NSA), just two days after Microsoft released a patch.

The PoC exploits for the flaw now known as CurveBall (per security researcher Tal Be'ery) were publicly released during the last 24 hours by Swiss cybersecurity outfit Kudelski Security and ollypwn.
British hardware hacker Saleem Rashid also developed a CurveBall PoC exploit but only tweeted screenshots of his exploit code abusing CVE-2020-0601.

sg09's Security Configuration - 2020

The Amount of realtime protection has reduced from the last time I updated the config. It was not a conscious decision, but somewhat forced.

I won a Emsisoft Antimalware License from a MT giveaway. Now with surf protection turned on I have been facing serious upload issues everywhere with files larger than 20 MB. Importantly, the realtime Onedrive sync was getting hampered and that was unacceptable and so I am keeping the surf protection off.

I have been in continuous touch with Emsisoft support and they are trying to diagnose this idiosyncratic issue sincerely for the last few months with no vain so far. It was during those diagnosis that I got rid of most real-time security softwares (although wasn't asked to do that) and then only installed back Adguard Premium, as the online protection was otherwise absent.

I dislike to use softwares, especially full versions with reduced features, and so I am planning to get a system reset done soon. And for this reason I haven't taken a Macrium Backup in the last few months. Once I get the system reset done (hopefully soon), I will take the system backup bimonthly. I do have the last backup handy and nothing much had changed since that time. And, as you can see, my important files are backup online in real-time and also saved in non-system drives.

Unable to link Computer Security configuration in Profile

Referring to below guide, I tried to link Computer Security configuration to my profile but It's giving me error.

Guide link

Computer Security configuration link

Error thrown after entering above link
Please Match the required format

Please help.

Thanks, Grr

Windows XP series

Mozilla lays off 70 employees to prepare for tough years ahead

A Techcrunch report suggests that Mozilla laid off at least 70 employees to better prepare for the challenges that it is facing in the coming years.

Mozilla, which is bests known for its Firefox web browser, depends to a very large degree on a deal with Google. Google pays Mozilla more than 90% of its revenue for being the default search engine in the Firefox web browser in most regions.

The deal is problematic for a number of reasons: first, because Google operates Chrome, the main contender in the browser market and dominating force at the time of writing, and second, because Google's business model, advertising, clashes with Mozilla's mission to strengthen privacy on the Internet.

Mozilla started to implement Tracking functionality in Firefox but the efforts don't go far enough for many users; probably the main factor that is preventing Mozilla from implementing better controls in Firefox is the organization's reliance on Google.
Remove: Mozilla lays off 70 employees to prepare for tough years ahead - gHacks Tech News

SESecurityCenter can't be deleted.

So I have this SESecuritycenter.exe on my computer, it starts on bootup even though it's on on the task managers bootup list and I can't delete it. It tells me I don't have permission to delete it, I've tried using the administrator user and everything. It just won't be deleted.

EndangeredPootis Gaming desktop Config 2020

Opera 66.0.3515.36 Stable update

Terene Security Config 2020

Access to encryption

Debate over access to encryption isn’t going away

by Grant Gross, January 09, 2020


Expect the U.S. Department of Justice and officials from allied countries to push harder for large technology companies to give them access to customers' encrypted communications, and expect the tech companies to continue to resist.

Encryption has "empowered criminals" as terrorists, human traffickers, and sexual predators shield their activities from police, Barr said in a speech in October. "As we work to secure our data and communications from hackers, we must recognize that our citizens face a far broader array of threats," he said. "While we should not hesitate to deploy encryption to protect ourselves from cybercriminals, this should not be done in a way that eviscerates society's ability to defend itself against other types of criminal threats."...
"We all want people to have the ability to communicate privately and safely, without harm or abuse from hackers, criminals, or repressive regimes," the letter said. "Every day, billions of people around the world use encrypted messages to stay in touch with their family and friends, run their small businesses, and advocate for important causes. In these messages, they share private information that they only want the person they message to see."
"You're going to find a way to do this, or we're going to go do it for you," said Graham, a Republican from South Carolina. "We're not going to live in a world where a bunch of child abusers have a safe haven to practice their craft. Period. End of discussion."
Many cybersecurity experts, however, have warned against the push for encryption back doors. ...
Read more on Debate over access to encryption isn’t going away

And too:
Without encryption, we will lose all privacy. This is our new battleground: Without encryption, we will lose all privacy. This is our new battleground

Scientists Develop ‘Absolutely Unbreakable’ Encryption Chip Using Chaos Theory: Scientists Develop ‘Absolutely Unbreakable’ Encryption Chip Using Chaos Theory

'NOW!': Trump rips Apple for not cooperating with DOJ request: 'NOW!': Trump rips Apple for not cooperating with DOJ request

Ako Ransomware Uses Spam to Infect Its Victims

It has been discovered that the network-targeting Ako ransomware is being distributed through malicious spam attachments that pretend to be a requested agreement.

Last week we reported on the Ako Ransomware and how it was targeting companies with the intent to encrypt their entire network. At the time, it was not known how it was being distributed and when we asked the ransomware operators they told us it was a "secret".

Since then, the ransomware identification site ID-Ransomware has seen an increasing amount of victims.


Please help me generate a fixlist.txt. I'm having a problem which from these files will be deleted or not. I think I have svchost.exe Trojan virus which keeps on using huge amounts of memory on my disk. Already tried using malwarebytes and it says nothing suspicious. I have done resetting my laptop but svchost.exe keeps on repopulating. NEED HELP ASAP!

P&N Bank Data Breach Exposes Trove of User Data

P&N Bank is reportedly sending out notifications to customers of a data breach that resulted in a large amount of sensitive information being compromised.
The affected system, P&N says in the notice, stored a great deal of personally identifiable information (PII), as well as other sensitive data, including names, addresses, email addresses, phone numbers, customer numbers, age, account numbers and balance, and other details, which the bank refers to as non-sensitive.

According to information shared on Twitter by Australian security researcher @vrNicknack, the incident took place on December 12, 2019, during a server upgrade on a third-party hosting provider.

The Australian bank, a division of Police & Nurses Limited, informed customers that unknown threat actors managed to access personal information stored within its customer relationship management (CRM) system.

Passwords, birth-date, health information, driver’s license numbers, passport numbers, social security numbers, tax file numbers, and credit card numbers were not included in the breach, the bank says.
Upon becoming aware of the attack, we immediately shut down the source of the vulnerability,” P&N reveals.
The bank also says that, because its core banking system is completely isolated from the impacted system, the data breach did not cause the loss of customer funds, that credit card details were not accessed, and that banking passwords were not exposed.

P&N told customers it has already informed authorities on the incident. The bank says it has been working with West Australian Police Force (WAPOL), the involved hosting provider, expert advisers, and regulators on investigating the breach.

Microsoft Office January Security Updates Fix Code Execution Bugs

Microsoft released the January 2019 Office security updates, bundling a total of seven security updates and three cumulative updates for five different products, six of them patching flaws allowing remote code execution.

Redmond also released the January 2020 Patch Tuesday security updates, with security updates for 49 vulnerabilities, seven of them being classified as Critical and 41 as Important.
Unlike previous Patch Tuesday releases, Microsoft did not publicly disclose any vulnerabilities found to be actively exploited in the wild.

To download Microsoft Office security updates on your device, you have to click on the corresponding Knowledge Base article in the table below and then scroll down to the "How to download and install the update" section to grab the update packages for each product.
... ...

Process Explorer 16.31

New year, new browser – The new Microsoft Edge is out of preview and now available for download

Microsoft Edge logo on a body of water

A little over a year ago, we announced our intention to rebuild Microsoft Edge on the Chromium open source project with the goals of delivering better compatibility for everyone, less fragmentation for web developers, and a partnership with the Chromium community to improve the Chromium engine itself. At Ignite, we unveiled our new vision for the web and search, our colorful new icon, and how Microsoft Edge + Bing are the browser and search engine for business — and we are thrilled by the growing excitement we’ve heard from all of you who’ve tried it out and sent feedback!

From this incredible momentum, today I’m pleased to announce the new Microsoft Edge is now available to download on all supported versions of Windows and macOS in more than 90 languages. Microsoft Edge is also available on iOS and Android, providing a true cross-platform experience. The new Microsoft Edge provides world class performance with more privacy, more productivity and more value while you browse. Our new browser also comes with our Privacy Promise and we can’t wait for you to try new features like tracking prevention, which is on by default, and provides three levels of control while you browse.

Another innovative new feature in Microsoft Edge allows you to customize your online experience. Choose a new tab page layout or design, and select the types of news you want.

Microsoft Edge user interface

The last several months have been nothing short of inspiring for all of us working to deliver great new capabilities for Microsoft Edge including AAD support, Internet Explorer mode, 4K streaming, Dolby audio, inking in PDF, Microsoft Search in Bing integration, support for Chrome-based extensions, and more.

If you’re a business or education IT administrator looking to deploy widely in your organization or school, we have you covered as well – you can download offline packages and policies and learn more on the new commercial site.

Internet Explorer legacy mode animation

People have downloaded the preview channels of the new Microsoft Edge millions of times to their devices, and we’ve seen many organizations begin to pilot these channels for their users. Enterprises and schools who have mission critical legacy applications and websites – but also want modern web and security – have turned to our new Internet Explorer mode as a “best of both worlds” solution. And for Microsoft 365 customers, using Microsoft Search to find files, people, office floor plans and more on your organization’s intranet is as easy as typing in the Microsoft Edge address bar. Our early customers are calling it “a win.”

Moving to the new Microsoft Edge – what to expect

Now that we’ve reached this milestone, you might be wondering what to expect on your PC. To get the new Microsoft Edge you have two choices: you can either manually download it today, or if you are a general consumer user, you can wait for it to be automatically released to your device via Windows Update. When you do make the switch, your favorites, passwords, form fill information and basic settings will carry over to the new Microsoft Edge without you having to do anything. You can read more about our rollout plans here.

If you’re an IT administrator, you will need to download an offline deployment package to pilot within your corporate environment—the new Microsoft Edge will not automatically deploy for commercial customers. Additionally, none of the Microsoft Edge preview channels will update to the new Microsoft Edge, as they can be used side-by-side for testing and validation.

We also know that deploying a new browser isn’t just “flipping a switch,” so we want to make the process as easy as possible. In addition to simplifying deployment with tools like Intune and Configuration Manager, we are committed to helping your organization transition to the new Microsoft Edge. At Ignite we announced FastTrack and App Assure support for Microsoft Edge. FastTrack will help you deploy Microsoft Edge to your organization at no extra charge if you are a customer with an eligible subscription to Microsoft 365, Azure, or Dynamics 365. And if your sites are compatible on Internet Explorer 8 and above, Google Chrome, or legacy Microsoft Edge, then they’ll work on the new Microsoft Edge. If not, contact App Assure and we’ll help you fix it.

What’s next

Of course, the innovation, testing, and new features don’t stop coming today, and this initial release is only just the beginning. If you want a sneak peek of what’s coming, we encourage you to keep using our preview channels – Beta, Dev and Canary – which will remain available for download on the Microsoft Edge Insider site. Not only will you get an insider’s look at our features pipeline for Microsoft Edge, but you’ll continue to have the opportunity to help improve Microsoft Edge with your valuable feedback. Your input helps make both the new Microsoft Edge, and the web, better for everyone.

Thank you!

A huge thank you to our community of Microsoft Edge Insiders as well as the engineers within the Chromium community who have worked with us to develop the new Microsoft Edge. We remain committed to actively participating in and contributing to the Chromium open source project. To date we’ve made more than 1900 contributions across areas like accessibility, modern input including touch, speech, digital inking, and many more.

Keep telling us what’s working well, what needs to change and what you’d like to see in the new Microsoft Edge.

Our heartfelt thanks – we couldn’t have made it here without you!


The post New year, new browser – The new Microsoft Edge is out of preview and now available for download appeared first on Windows Experience Blog.

Source: New year, new browser - The new Microsoft Edge is out of preview and now available for download | Windows Experience Blog

360 Total Security released (January 15, 2020)

VirtualBox 6.1.2

VirtualBox 6.1.2 (released January 14 2020)

This is a maintenance release. The following items were fixed and/or added:
  • Virtualization core: fixed performance issue observed with Windows XP guests on AMD hosts (6.0.0 regression; bug #19152)
  • Virtualization core: consistent IBRS/IBPB CPUID feature reporting, avoids crash of NetBSD 9.0 RC1 installer (bug #19146)
  • GUI: fixed updating of runtime info
  • GUI: in Display settings, do not show "2D video acceleration" checkbox if it is meaningless for the selected graphics adapter
  • Audio: fixed audio input handling when VRDE is enabled
  • Audio: fixed crash in the HDA emulation when using multi-speaker configurations
  • Storage: fixed use of encrypted disks with snapshots involved (6.1.0 regression; bug #19160)
  • Storage: improve performance of virtio-scsi
  • Storage: read-only support for compressed clusters in QCOW2 images
  • Windows installer: include unintentionally dropped vbox-img.exe utility again
  • Windows host: when installing or removing an extension pack, retry the sometimes failing directory renaming (usually caused by anti-virus software accessing the directory)
  • Linux host: Support Linux 5.5 (guest additions not yet)
  • Windows guest: accelerate 2D video decoding (scaling and color space conversion) if the VM is configured to use VBoxSVGA with 3D enabled
  • Windows guest: fix guest additions installer to upgrade the mouse filter driver reliably
  • Windows guest: when uninstalling older Guest Additions with old 3D support enabled try restoring original Direct3D files
  • Linux guest: improve resize and multi-monitor handling for VMs using VMSVGA (known remaining issue: do not disable a monitor "in the middle", causes confusion)

Brace yourselves, Radeon RX 5950 is coming

If the OpenVR benchmarks are anything to go by then we are looking at at least a 15% increase over NVIDIA's flagship: the RTX 2080 Ti.
A mysterious RX 5950XT was recently spotted getting EEC certification (Komachi via Videocardz) and considering we have seen leaks of a very powerful 'Big Navi' GPU already, is this the card we have been waiting for? Well, only time will tell, but in the meantime here are the details on the Radeon RX 5950 XT.

Quarantine function query

Have you ever come across security software that does not ask what is to be done with quarantined files while uninstalling? What happens to these files in case of software not asking for action while removal of software?

Adobe Releases Their January 2020 Security Updates

Adobe has released its monthly security updates that fix vulnerabilities in Adobe Experience Manager and Adobe Illustrator CC. All users are advised to install the applicable updates as soon as possible to resolve these vulnerabilities.

This is the first security update from Adobe in 2020 and surprisingly does not contain any fixes for Adobe Flash Manager, which is typically in the top spot when it comes to the number of vulnerabilities fixed.

There are, though, four vulnerabilities in Adobe Experience Manager and five in Adobe Illustrator CC, with the vulnerabilities in Illustrator being more critical as they can lead to arbitrary code execution.

Windows BSOD Betrays Cryptominer Hidden in WAV File

The infamous blue screen of death (BSOD) on computers belonging to a company in the medical tech sector was the tell for a malware infection that spread across more than half the network.
The malware was hiding its modules in WAV audio files and spread to vulnerable Windows 7 machines on the network via EternalBlue, the exploit for SMBv1 used in the devastating WannaCry and NotPetya cyber attacks from 2017.

Vasudev Security Config

My Cataract Eye Operation Experience

Just went for my left eye operation 2 days back. If everything goes smoothly I'll be having another operation on my right eye in the middle of next month.

I'm sharing my experience here. This experience is for eyes with cataract issue ONLY and without other eye problems. Note that the symptoms may not happen to everyone. Also, if your eyes have other problems you may require to wear spectacles after the cataract operation.


Had this blurred vision a few years back. I went for a check up then and was told my condition was not too serious so I held back the operation till now.


1) Blurred vision. Initially, I see double vision, later more images and now 6 images. Like seeing 6 moons, 6 car headlights with my non-operated eye. Even with spectacles I cannot see a person clearly 6 feet away
2) Can see a rainbow halo around the moon, car headlights, street lamps etc
3) Whatever true white and bright colors was actually slight yellowish in color and not so bright. I confirm the color differences and contrast between my non-operated eye and the just-operated eye. I supposed the eyes adapted the dull brightness/colors over the years.

Operation Method

They used ultra sound to break up the cataract layer and then suck out the broken pieces. No laser method.

Lens Implantation

2 types of lens available for implantation.

1) Single focal lens. The lens implanted is to allow you to see far and middle (arm length) objects. You'll need a pair of reading glass for close up viewing. I opted for this as it's cheaper and don't have the issues of the multi-focal lens below.

2) Multi-focal lens. Allow the user to see far, middle and near. No spectacles required after operation. CONS include more expensive, you'll see rainbow halo around lamps and the images won't be as sharp as the single focal lens as informed by the eye surgeon.

How soon can you operate the 2nd eye?

The operation is a day operation. That is you go in and after 2 hrs you'll be discharged if everything goes smoothly. The actual surgical operation is about half an hour. You feel no pain during the operation.

According to the eye surgeon it's strongly advisable to have a month interval before the next operation. This is to ensure no complications arise after the first cataract operation which can affect the 2nd eye.

After the Operation

Wearing of dark glass is recommended initially because

1) to protect against accidental knocking to the eye
2) from flying sand and dust
3) against strong sunlight

Risks and Precautions

Yes, there are risks and complications during the operation just like any surgical operation. A list of risks will be given to you. If you are lucky then nothing will happen to you. As for precautions there's a list of DON'Ts given to you after the operation

What happens in future if the lens get blurred?

The implanted lens is just like your spectacle lens. They can get blurred over the years because of abrasion. In this case you can return to the eye clinic to have them polish if they affect your vision. They'll NOT operate to replace the lens.


Now, I see everything in true white and clear bright colors with my operated eye. I'm very happy that my vision is being partially restored. Looking forward to operate the next eye

I keep receiving all of these NetSpend and $1,000 Walmart gift card offers, need help have Google pixel 4 XL phone

Please help me know what to do to make sure I'm removing all malware and potentially installed applications that I was not aware I had given permission to install

Releasing Windows 10 Insider Preview Build 19041.21 to the Slow ring

Hello Windows Insiders, today we’re releasing 20H1 Build 19041.21 (KB4535550) to Windows Insiders in the Slow ring. This Cumulative Update includes quality improvements. Key changes include:

  • Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Graphics, Microsoft Scripting Engine, .NET Framework, Windows Cryptography, Windows Subsystem for Linux, Windows Peripherals, Windows Storage and Filesystems, and Windows Server.

For more information about the resolved security vulnerabilities, please refer to the Security Update Guide.


The post Releasing Windows 10 Insider Preview Build 19041.21 to the Slow ring appeared first on Windows Experience Blog.

Source: Releasing Windows 10 Insider Preview Build 19041.21 to the Slow ring | Windows Experience Blog

Why do people want to test malware?


Why test malware? Do people think they can be better at manually detecting malware than the likes of BitDefender, Kaspersky and the like? Are they planning to write a new detection engine?

To my inexperienced mind, there are only 2 classes of malware: 1) one that establishes remote control and try to exfiltrate valuable data, 2) those that are pitiless and torment the unhappy user that they lack good security by wrecking their Windows.

5 major US wireless carriers vulnerable to SIM swapping attacks

When it comes to protection against this insidious type of scam, the telcos’ authentication procedures leave a lot be desired, a study finds

Five major US wireless carriers – AT&T, T-Mobile, Verizon, Tracfone and US Mobile – are susceptible to SIM swap scams, a danger apparently looming large especially over prepaid accounts, a study by Princeton University researchers has found.

SIM swapping attacks, also known as port-out or SIM swap scams, have been a serious and growing problem of late, with its victims including Twitter CEO Jack Dorsey. It has previously been shown that attackers can, with relative ease, execute these attacks to commandeer control of people’s phone numbers. From there, they can break into the victims’ banking, social media and other accounts that use the same phone number for multi-factor authentication.

Microsoft's January 2020 Patch Tuesday Fixes 49 Vulnerabilities

... ...
With the release of the January 2020 security updates, Microsoft has released fixes for 49 vulnerabilities. Of these vulnerabilities, 7 are classified as Critical, 41 as Important, and 1 as Moderate.
One of the 'Critical' vulnerabilities fixed today was discovered by the NSA and could allow attackers to spoof digital certificates or perform man-in-the-middle (MiTM) attacks.
... ... ...