tag:blogger.com,1999:blog-31888864114317524632024-03-12T04:07:58.774-07:00Malware BattleThe Battle Against Malwares & HackersMalwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.comBlogger1528125tag:blogger.com,1999:blog-3188886411431752463.post-2303259353083729572019-10-27T00:56:00.001-07:002019-10-27T00:56:57.764-07:00Ivacy VPN Review<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz8LTZQO2IPsHmThEDpSLAsF7YULY2sU8sZyi7dhX-0BlCI4iwMFrOgod7KRpbamM_PvPMSJy2qogoN6ZkmPjs1Ib9rQTlub3VtIUBuFKlE_vlQrtoxuJCyVF6MexlAyHAjL0uAjnCJto/s1600/ivacy-vpn.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="400" data-original-width="800" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz8LTZQO2IPsHmThEDpSLAsF7YULY2sU8sZyi7dhX-0BlCI4iwMFrOgod7KRpbamM_PvPMSJy2qogoN6ZkmPjs1Ib9rQTlub3VtIUBuFKlE_vlQrtoxuJCyVF6MexlAyHAjL0uAjnCJto/s320/ivacy-vpn.png" width="320" /></a></div>
<div class="MsoNormal" style="line-height: normal;">
<span lang="EN-US" style="color: black; mso-ascii-font-family: Calibri; mso-bidi-font-family: Calibri; mso-fareast-font-family: "Times New Roman"; mso-hansi-font-family: Calibri;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal;">
<span lang="EN-US" style="color: black; mso-ascii-font-family: Calibri; mso-bidi-font-family: Calibri; mso-fareast-font-family: "Times New Roman"; mso-hansi-font-family: Calibri;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal;">
<span lang="EN-US"><span style="color: white;">With
the levels of sophistication that cybercrime has shown, it is important that we
hit back with equal forces. VPNs are one of the most effective weapons in this
war and amongst the pack, a few stand out. Ivacy is undoubtedly one of them.
Launched a little over a decade ago, it has become one of the most honored
names in the business winning the coveted Fastest VPN award by BestVPN.com for
speed. </span></span><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 12.0pt; mso-fareast-font-family: "Times New Roman";"><o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; margin-left: 0cm; margin-right: 0cm; margin-top: 12.0pt; mso-outline-level: 1;">
<span style="color: white;"><span lang="EN-US" style="font-size: 16pt;">Online
Security and Privacy</span><b><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 24.0pt; mso-fareast-font-family: "Times New Roman"; mso-font-kerning: 18.0pt;"><o:p></o:p></span></b></span></div>
<div class="MsoNormal" style="line-height: normal;">
<span style="color: white;"><span lang="EN-US"><a href="https://www.ivacy.com/special-offer-vpn/?aff=24243"><span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: Calibri; mso-fareast-font-family: "Times New Roman"; mso-hansi-font-family: Calibri;">Ivacy</span></a></span><span lang="EN-US">
provides the best when it comes to cybersecurity and user privacy. It has a
strict zero-logging policy which means that no record of your data traffic is
kept. Even if a hacker were to make their way into the system, they are bound
to find nothing. The service also comes with 256-bit encryption, the highest
that exists. Ivacy also offers Public WiFi security to its users. </span><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 12.0pt; mso-fareast-font-family: "Times New Roman";"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; margin-left: 0cm; margin-right: 0cm; margin-top: 12.0pt; mso-outline-level: 1;">
<span style="color: white;"><span lang="EN-US" style="font-size: 16pt;">Fast and
Unrestricted Streaming</span><b><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 24.0pt; mso-fareast-font-family: "Times New Roman"; mso-font-kerning: 18.0pt;"><o:p></o:p></span></b></span></div>
<div class="MsoNormal" style="line-height: normal;">
<span style="color: white;"><span lang="EN-US">In the
beginning, people believed that VPNs were all about accessing blocked websites
and downloading torrents safely. Besides several other functions, Ivacy also
offers the best solution for streaming and downloading. Ivacy helps users get
rid of speed and bandwidth throttling for online viewership. It also allows
Smart Purpose Selection to help you deal with all types of restrictions
easily. </span><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 12.0pt; mso-fareast-font-family: "Times New Roman";"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="line-height: normal;">
<span style="color: white;"><span lang="EN-US">There
are a number of streaming services like Netflix which choose to limit the
viewership of their content for a number of reasons. This hits travelers more
than ever. With Ivacy, not only can you watch your favorite shows without
limitations but also download them via torrent without having to worry about
data leaks. </span><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 12.0pt; mso-fareast-font-family: "Times New Roman";"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; margin-left: 0cm; margin-right: 0cm; margin-top: 12.0pt; mso-outline-level: 1;">
<span style="color: white;"><span lang="EN-US" style="font-size: 16pt;">Advanced
Security Features</span><b><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 24.0pt; mso-fareast-font-family: "Times New Roman"; mso-font-kerning: 18.0pt;"><o:p></o:p></span></b></span></div>
<div class="MsoNormal" style="line-height: normal;">
<span style="color: white;"><span lang="EN-US">There
is a lot that </span><span lang="EN-US"><a href="https://www.ivacy.com/special-offer-vpn/?aff=24243"><span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: Calibri; mso-fareast-font-family: "Times New Roman"; mso-hansi-font-family: Calibri;">Ivacy</span></a></span><span lang="EN-US"> offers
which may others don’t. It provides Split Tunneling and an Internet Kill switch
that kills the internet when The VPN stops. The service has multiple logins
which means that one account can be used to protect up to 5 devices. Ivacy also
has protection for less known protocols like IPv6. </span><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 12.0pt; mso-fareast-font-family: "Times New Roman";"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="line-height: normal;">
<span style="color: white;"><span lang="EN-US">Other
similar features include DDoS protection, secure downloading, a variety of
encryption protocols and a lot more. It is a comprehensive protection pack that
is a must-have for most. Ivacy applications are available for every major
platform including Windows, Mac, Android, iOS even Xbox and PS4. No matter what
gadget you have, Ivacy protects it from cybercriminals. </span><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 12.0pt; mso-fareast-font-family: "Times New Roman";"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; margin-left: 0cm; margin-right: 0cm; margin-top: 12.0pt; mso-outline-level: 1;">
<span style="color: white;"><span lang="EN-US" style="font-size: 16pt;">Affordable
Pricing </span><b><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 24.0pt; mso-fareast-font-family: "Times New Roman"; mso-font-kerning: 18.0pt;"><o:p></o:p></span></b></span></div>
<div class="MsoNormal" style="line-height: normal;">
<span style="color: white;"><span lang="EN-US"><a href="https://www.ivacy.com/special-offer-vpn/?aff=24243"><span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: Calibri; mso-fareast-font-family: "Times New Roman"; mso-hansi-font-family: Calibri;">Ivacy</span></a></span><span lang="EN-US"> has
one of the most affordable bundles among all the top tier services. The pricing
starts at $9.95 per month but as the duration of the package increases, prices
drop and savings grow. The most widely bought package with Ivacy costs just
$1.99 per month and runs over a period of two years. There is also a single
year bundle that costs $3.33 per month. These amounts are billed as one
transaction is advance. </span><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 12.0pt; mso-fareast-font-family: "Times New Roman";"><o:p></o:p></span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; margin-left: 0cm; margin-right: 0cm; margin-top: 12.0pt; mso-outline-level: 1;">
<span style="color: white;"><span lang="EN-US" style="font-size: 16pt;">Conclusion</span><b><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 24.0pt; mso-fareast-font-family: "Times New Roman"; mso-font-kerning: 18.0pt;"><o:p></o:p></span></b></span></div>
<div class="MsoNormal" style="line-height: normal;">
<span style="color: white;"><span lang="EN-US">VPNs
are becoming a crucial part of cybersecurity infrastructure for households and
smaller companies. The only thing to be careful about is selecting the right
service for the job. Without careful evaluation, even with a VPN you will
experience the same threat levels or even more. </span><span lang="EN-US" style="font-family: "Times New Roman",serif; font-size: 12.0pt; mso-fareast-font-family: "Times New Roman";"><o:p></o:p></span></span></div>
<div class="MsoNormal">
<br /></div>
<br /></div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-3156327264733859542018-09-05T18:00:00.000-07:002018-09-05T18:00:09.580-07:00Google Chrome Will No Longer Show 'Protected' At HTTPS Sites<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjIg-LYBJjEluBHQ_eHr_Bx2bLl6smjidQ1ahpMypn7fxYraKYR8XPQId5eJd7CMh_Cv9wFSefUStlLHWohKY5zyOv_nnVlgUN07rhfxXTWoxk3Pb31CZbbc10p7NOeKgM_JNLSvZeq1Ug/s1600/Chrome.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="624" data-original-width="1408" height="141" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjIg-LYBJjEluBHQ_eHr_Bx2bLl6smjidQ1ahpMypn7fxYraKYR8XPQId5eJd7CMh_Cv9wFSefUStlLHWohKY5zyOv_nnVlgUN07rhfxXTWoxk3Pb31CZbbc10p7NOeKgM_JNLSvZeq1Ug/s320/Chrome.png" width="320" /></a></div>
<br />
To celebrate the <a href="https://blog.chromium.org/2018/09/the-capable-web-10-year-retrospective.html" target="_blank">tenth anniversary</a> of Google Chrome, a new version of the browser has appeared that does not show the word 'secured' at https sites, makes using Flash Player more difficult, introduces an improved password manager and fixes 40 security vulnerabilities.<br />
<br />
On <a href="https://googleblog.blogspot.com/2008/09/fresh-take-on-browser.html" target="_blank">2 September 2008</a> , Google launched its own browser, which has since become the dominant browser. According to StatCounter, Chrome has a market share of almost <a href="http://gs.statcounter.com/browser-market-share/desktop/worldwide" target="_blank">68 percent</a> on the desktop . In the Netherlands, around <a href="http://gs.statcounter.com/browser-market-share/desktop/netherlands" target="_blank">54 percent</a> of desktop users would browse with Chrome. Yesterday evening the <a href="https://developers.google.com/web/updates/2018/09/nic69" target="_blank">69th version of Chrome appeared</a> that contains all kinds of new features and improvements.<br />
<br />
This allows Chrome 69 to enter passwords, address details and credit card numbers more accurately. It is data stored in the user's Google account and accessible directly from the Chrome toolbar. The browser also has an improved password manager that can generate unique passwords for websites and accounts. Saved passwords are then available to users with a Google account on both the computer and mobile devices.<br />
<br />
Furthermore, Chrome 69 does not show the word "secured" on websites with a secure connection. Only the lock icon indicates that a secure connection is being used. Eventually the lock icon will also disappear. Google decided in July to display the message "Unprotected" at all http sites. The internet giant wants https sites to be the norm and users will only see a notification at http sites.<br />
<br />
Also, in the browser measures have been taken to make the use of Adobe Flash Player more difficult. Previously, users could whitelists websites that wanted to access the built-in Flash Player. That has now changed. Users must allow this separately each time a website wants to enable Flash content, regardless of whether they have done so in previous sessions.<br />
<br />
In addition, Google has fixed 40 vulnerabilities in the browser that prevented an attacker from stealing or modifying data from other websites in the worst case scenario. Updating to <a href="https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html" target="_blank">Chrome 69.0.3497.81</a> will happen automatically on most systems. For Android users, <a href="https://chromereleases.googleblog.com/2018/09/chrome-for-android-update.html" target="_blank">Chrome 69.0.3497.76 has been made</a> available.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-1858863456705337072018-09-05T15:00:00.000-07:002018-09-05T15:00:01.945-07:00MEGA Warns Against An Infected Chrome Extension That Steals Data<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx-wWdZAQ1q2NC0pVDPcUuzBqdySJImHHts_qn_yLC-BJuxX3K6rj0B7JXiHZE8QeSVr844ph0mRfxre_07hu_fC72Ueo7svX6xaCwtEWd7zpLH4gksZx0TwD-FsrxdcLqayHA_mR_DoQ/s1600/Mega.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="250" data-original-width="512" height="156" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx-wWdZAQ1q2NC0pVDPcUuzBqdySJImHHts_qn_yLC-BJuxX3K6rj0B7JXiHZE8QeSVr844ph0mRfxre_07hu_fC72Ueo7svX6xaCwtEWd7zpLH4gksZx0TwD-FsrxdcLqayHA_mR_DoQ/s320/Mega.png" width="320" /></a></div>
<br />
The popular cloud storage service MEGA has <a href="https://mega.nz/blog_47" target="_blank">warned</a> users of an infected version of its own Chrome extension that was distributed through the official download channel and tried to steal all kinds of user data. According to MEGA, the cloud storage service of internet entrepreneur Kim Dotcom, an attacker has gained access to the official Chrome Web Store account of the company.<br />
<br />
Then an infected version of the MEGA Chrome extension was placed in the Web Store and automatically offered to existing users. This version required permission to read data on all websites. As soon as users granted this permission, the extension tried to steal private keys for cryptocurrency wallets and user names and passwords for Amazon, GitHub, Google and Microsoft accounts.<br />
<br />
After five hours, the infected Chrome extension was removed from the Chrome Web Store by Google. MEGA states that it has initiated an investigation to find out how the Web Store account could be taken over. The cloud storage service also gets to Google because it does not allow developers to sign their Chrome extensions. The extensions are now automatically signed after being uploaded to the Chrome Web Store. According to MEGA, this will remove an important measure that must protect against attackers.<br />
<br />
Before MEGA gave the warning, <a href="https://medium.com/metacert/warning-latest-update-to-mega-chrome-extension-is-a-phishing-attempt-b1e94e933e2d" target="_blank">Jeremy Nation</a> of MetaCert already came up with an analysis of the infected extension. It is not the first time that attackers get access to the Web Store account of an extension developer and then distribute an infected update or version. At the end of last year, <a href="https://www.proofpoint.com/us/threat-insight/post/threat-actor-goes-chrome-extension-hijacking-spree" target="_blank">eight Chrome extensions were</a> discovered that had been hacked and adware was installed by the 4.6 million users. The attackers had been able to trace the login data for the Web Store through these phishing attacks.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-90788060886281218702018-09-04T19:00:00.000-07:002018-09-05T03:02:07.188-07:00Google Employee Hacks RFID Access System Own Office<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYJec7JiGpJdDIEdIEigC3CJ05dvKvQE6ddLPo3luhHQfTdElfTEaNJBXfTVv2TbKBeBZ0CoNbtDO1DFegZ633BY0Tvj5crRyUUxCQJ1Si_WjTHp3ZKKHuMzBl0yBn-EFdZLy3RFz55qg/s1600/Google.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="198" data-original-width="568" height="111" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYJec7JiGpJdDIEdIEigC3CJ05dvKvQE6ddLPo3luhHQfTdElfTEaNJBXfTVv2TbKBeBZ0CoNbtDO1DFegZ633BY0Tvj5crRyUUxCQJ1Si_WjTHp3ZKKHuMzBl0yBn-EFdZLy3RFz55qg/s320/Google.png" width="320" /></a></div>
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<br />
A Google employee hacked the RFID access system of Google's own office in Sunnyvale, allowing him to open doors without an access pass and prevent other employees from gaining access. Google uses the iStar Ultra and IP-ACM systems from supplier Software House. The access system works via an RFID access pass.<br />
<br />
Google employee David Tomaschik monitored the encrypted network traffic of the iStar Ultra and IP-ACM systems. The encrypted traffic turned out not to be random, whereas it should have been the case. Further research by Tomaschik revealed that all Software House devices used a hard-coded encryption key. This made it possible to forge commands, such as the command to open a door. He was also able to replay captured network traffic and thus open or block a door.<br />
<br />
Furthermore, it was possible to perform these actions without creating a log. Software House has developed a solution, but organizations where the vulnerable systems are in use are still at risk, according to business magazine <a href="https://www.forbes.com/sites/thomasbrewster/2018/09/03/googles-doors-hacked-wide-open-by-own-employee/amp/" target="_blank">Forbes</a>. Google also mentions that it has segmented its own network to provide protection against vulnerable systems.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-34404496894672235352018-09-04T17:00:00.000-07:002018-09-05T02:54:23.235-07:00British Man Gets 14 Months In Prison For Not Giving Up Facebook Password<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuLYe_kOWKT_-Kgzvw_xIk-YnQxgvBHQhR3B5gaFOR9ufEf3S_7B7qIGNwdkt_g1UwcFgBKjLtquy0kamTItdp03kHlMBGvLfTZv17xQ8HUnGCtEIQh3Vvia5QrcSfuwEL7uV6CE-BGaE/s1600/Facebook.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="264" data-original-width="750" height="112" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuLYe_kOWKT_-Kgzvw_xIk-YnQxgvBHQhR3B5gaFOR9ufEf3S_7B7qIGNwdkt_g1UwcFgBKjLtquy0kamTItdp03kHlMBGvLfTZv17xQ8HUnGCtEIQh3Vvia5QrcSfuwEL7uV6CE-BGaE/s320/Facebook.png" width="320" /></a></div>
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<br />
A 24-year-old British man has been sentenced to 14 months in prison for not giving up his Facebook password. The man is suspected of the murder of a 13-year-old girl. The police had twice asked for his credentials for the social network site, but the Brit refused to provide it.<br />
<br />
Under the British <a href="https://www.legislation.gov.uk/ukpga/2000/23/contents" target="_blank">Regulation of Investigatory Powers Act</a> (Ripa), the man was subsequently charged with not providing 'access codes to an electronic device'. The Ripa legislation gives UK investigative authorities the power to force people to give their password, encryption key or other log-in details to investigate an electronic device such as a telephone or computer, according to <a href="https://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-password-ripa-law-prison-lucy-mchugh-a8517176.html" target="_blank">The Independent</a> . The Ripa legislation was originally intended as an anti-terrorist measure, but the police can use it <a href="https://www.saunders.co.uk/news/prosecuted-for-your-password.html" target="_blank">much more broadly</a>, according to a British law firm. A maximum term of imprisonment of 5 years is imposed on not giving up a password.<br />
<br />
The Briton told the judge that relinquishing his password would reveal information about cannabis. The judge called the defense "entirely inadequate" and stated that the man had thwarted the police investigation into the murder through his actions. The British police are trying to get access to the man's Facebook account through the US Department of Justice, the <a href="http://www.dailymail.co.uk/news/article-6118387/Murder-suspect-Stephen-Nicholson-jailed-refusing-Facebook-password.html" target="_blank">Daily Mail</a> and <a href="https://www.thesun.co.uk/news/7143948/lucy-mchugh-murder-suspect-stephen-nicholson-arrested-facebook-password/" target="_blank">The Sun report</a> . In the past, people in the United Kingdom have more often been sentenced to prison terms for not relinquishing their login details.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-7831342358512186282018-09-04T15:00:00.000-07:002018-09-05T02:42:06.386-07:00Mozilla's New VP Will Focus On Privacy & Security<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi3bJZ1Aj40QrD9Wwirp9HO-rBOs-0Ngj_khLGtMkMoIxN7OTNZa6VGWmrXHigm01GYHsHAQyBB-yLUudcx59oGrJOmIosh_fX3Ob024S2q9fqQowmJZLBmE7C321aCKp6g7O9TgcrI5Q/s1600/Mozilla.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="135" data-original-width="473" height="91" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi3bJZ1Aj40QrD9Wwirp9HO-rBOs-0Ngj_khLGtMkMoIxN7OTNZa6VGWmrXHigm01GYHsHAQyBB-yLUudcx59oGrJOmIosh_fX3Ob024S2q9fqQowmJZLBmE7C321aCKp6g7O9TgcrI5Q/s320/Mozilla.png" width="320" /></a></div>
<br />
Mozilla has a new security chief who will focus on privacy and security. <a href="https://blog.mozilla.org/blog/2018/09/04/welcome-alan-davidson-mozillas-new-vp-of-global-policy-trust-and-security/" target="_blank">Alan Davidson</a> is the new vice president for "Policy, Trust and Security" with the open source developer. He will be responsible for promoting an open internet and a 'healthy web'.<br />
<br />
He will also lead a 'trust and security' team that will focus on promoting innovative privacy and security features in Mozilla products. Previously, Davidson worked at the US Department of Commerce and in 2011 he was the policy leader at Google. "I am very happy to work for an organization that is so dedicated to putting the user first", Davidson said.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-32964905924656749842018-03-15T20:00:00.000-07:002018-03-15T20:00:48.774-07:00DuckDuckGo Starts Privacy Contest With $ 500,000 Prize Money<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh904HtZGQTbbiSCCNRodRJkcfInllzNsMGtf30zUCycs2BJYzBHNaIlauh17TLPDwXsZEIQm6o1Q1-3D982MVR1m19_H-XBzouIMQhUlyds7aSJzlb_eIgNGxboIJAZxxfWyXc_qApSio/s1600/Duckduckgo.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="200" data-original-width="420" height="152" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh904HtZGQTbbiSCCNRodRJkcfInllzNsMGtf30zUCycs2BJYzBHNaIlauh17TLPDwXsZEIQm6o1Q1-3D982MVR1m19_H-XBzouIMQhUlyds7aSJzlb_eIgNGxboIJAZxxfWyXc_qApSio/s320/Duckduckgo.jpg" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Privacy search engine DuckDuckGo has <a href="https://www.crowdrise.com/duckduckgoprivacychallenge?lang=en-us" target="_blank">started</a> a <a href="https://www.crowdrise.com/duckduckgoprivacychallenge?lang=en-us" target="_blank">contest</a> with which organizations that use privacy can win all sorts of cash prizes. The competition will be held on the crowdfunding platform CrowdRise. The organization that gets the most money between 13 March and 10 April will receive the top prize of 50,000 dollars. A total of 253,000 dollars was reserved for the sixteen best participants.<br />
<br />
In addition, there is 247,000 dollars that is distributed through the weekly <a href="https://duckduckgoprivacychallenge.crowdrisetoolkit.com/bonus-challenges.html" target="_blank">bonus challenges</a> . A total of 20 organizations participate in the competition, including the Freedom of the Press Foundation, the <a href="https://blog.torproject.org/tor-project-joined-duckduckgo-privacy-challenge-2018" target="_blank">Tor Project</a> , Let's Encrypt, Tails and Bits of Freedom. Since the start of the game yesterday, a total of $ 4219 in donations has been raised and the Center for Democracy and Technology has topped $ 1130.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-77882114264836654342018-03-15T18:00:00.000-07:002018-03-15T18:00:06.876-07:00Google Removed 3.2 Billion Malicious Ads In 2017<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkupOYxOA1DwchwfV6Ux3bvM719oW9O8tisZatn7L1E5sGQemXkS4qTm2KJYxXoGlpdQOV1OtR3kH3jYkUsFZuBgsv66FbZFhjR9ibbe0SR2P3NnDOvKvkzffhabGU_CoMKoMmvf7P9tQ/s1600/Google.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="265" data-original-width="795" height="106" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkupOYxOA1DwchwfV6Ux3bvM719oW9O8tisZatn7L1E5sGQemXkS4qTm2KJYxXoGlpdQOV1OtR3kH3jYkUsFZuBgsv66FbZFhjR9ibbe0SR2P3NnDOvKvkzffhabGU_CoMKoMmvf7P9tQ/s320/Google.png" width="320" /></a></div>
<br />
Last year, Google removed more than <a href="https://www.blog.google/topics/ads/advertising-ecosystem-works-everyone" target="_blank">3.2 billion malicious ads</a> because they tried to infect Internet users with malware, went to phishing sites, committed advertising fraud, or for other reasons - more than 100 ads removed per second.<br />
<br />
For example, 79 million advertisements were removed because they sent internet users to websites with malware. Google removed another 48 million ads because they let users install unwanted software. Furthermore, 66 million "trick-to-click" ads were removed. In addition to advertising, 320,000 of the advertising network were also banned and Google decided to blacklist 90,000 websites and 700,000 mobile apps.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-16597435169507394982018-03-15T16:45:00.000-07:002018-03-15T16:45:17.969-07:00 Registry Key No Longer Required For Windows 10 Updates<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgq_pAZRcLZDNj9b-WM9ZPYpwG90kjDGG_0-XKfLDgWvNNKYIZ59SC0OmLqHD2jTIIo_OWyzN1Qm2KqW6DtKUVvMZpTvOAYCviZjn6-o_DHrjapvlmnPBOlE-wP1U1TfstbLe_T0DW9RK8/s1600/microsoft-80658_960_720.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="480" data-original-width="960" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgq_pAZRcLZDNj9b-WM9ZPYpwG90kjDGG_0-XKfLDgWvNNKYIZ59SC0OmLqHD2jTIIo_OWyzN1Qm2KqW6DtKUVvMZpTvOAYCviZjn6-o_DHrjapvlmnPBOlE-wP1U1TfstbLe_T0DW9RK8/s320/microsoft-80658_960_720.png" width="320" /></a></div>
Users of Windows 10 no longer need a specific registry key to receive security updates, Microsoft <a href="https://blogs.windows.com/windowsexperience/2018/03/13/march-2018-windows-security-update-expanding-our-efforts-to-protect-customers/">announced</a>. The reason for the <a href="https://support.microsoft.com/en-us/help/4072699/windows-security-updates-and-antivirus-software" target="_blank">mandatory registry key</a> was a compatibility problem with various anti-virus products that can provide a blue screen of death (BSOD).<br />
<br />
To stop these problems from incompatible anti-virus products, Microsoft security updates from January 3 and beyond were only offered to systems that had a compatible virus scanner. Anti-virus vendors had to confirm to Microsoft that their software was compatible with January and beyond security updates, which was added to the Windows Registry by adding a special registry key. In case the virus scanner did not enter this registry key, users no longer received updates and were vulnerable to attack. When users did not run a virus scanner, Microsoft advised to manually enter the registry key to receive the January and after updates.<br />
<br />
Now Microsoft's <a href="https://blogs.windows.com/windowsexperience/2018/03/13/march-2018-windows-security-update-expanding-our-efforts-to-protect-customers/" target="_blank">John Cable</a> reports that there is no longer a check on the compatibility of anti-virus programs. All Windows 10 machines will therefore receive the March security updates as well as the previously released updates for the Spectre and Meltdown attacks, regardless of whether they have the previously required registry key. In the coming weeks, Microsoft will provide more information about the compatibility of anti-virus software on older Windows versions.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-30657606969488495682018-03-15T16:00:00.000-07:002018-03-15T16:00:09.399-07:00Meltdown Update For 32-Bit Versions Windows 7 and 8.1<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4TMF3uRtXP_0CQt8m3BC2Oup4gKPvQb2pGzOoeBEgm_HEoQ352124s4fcLJI_PFSsDOoKLvVq6n4tvwkjVA0N9z4GkUrRIafiHnp4nyOvhbVuBti69T8jjS58flKErXw9ICaw5dsScEQ/s1600/microsoft-80658_960_720.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="480" data-original-width="960" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4TMF3uRtXP_0CQt8m3BC2Oup4gKPvQb2pGzOoeBEgm_HEoQ352124s4fcLJI_PFSsDOoKLvVq6n4tvwkjVA0N9z4GkUrRIafiHnp4nyOvhbVuBti69T8jjS58flKErXw9ICaw5dsScEQ/s320/microsoft-80658_960_720.png" width="320" /></a></div>
Microsoft released two months after the unveiling of the Spectre and Meltdown attacks <a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002">,</a> which should protect users of the 32-bit versions of Windows 7 and Windows 8.1 against Meltdown. In addition, Intel microcode updates for various Intel processors have been rolled out.<br />
<br />
At the beginning of January, the software giant already released security updates for the 64-bit versions of Windows. A Meltdown update for the 32-bit versions of Windows 10 followed on 18 January. Microsoft now announced that <a href="https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown" target="_blank">security updates</a> for the 32-bit versions of Windows 7 and Windows 8.1 have also been made available to protect users from the Meltdown attack.<br />
<br />
To be fully protected against Spectre and Meltdown attacks, systems require both software and firmware (microcode) updates, Microsoft said. That is why in early March it started to offer <a href="https://blogs.windows.com/windowsexperience/2018/03/01/update-on-spectre-and-meltdown-security-updates-for-windows-devices/" target="_blank">microcode updates</a> from Intel via the <a href="https://support.microsoft.com/en-us/help/4090007" target="_blank">Microsoft Update Catalog</a> . Initially, it concerned updates for systems that have a Skylake processor and run the Windows 10 Fall Creators Update. Now, Microsoft has also made <a href="https://support.microsoft.com/en-us/help/4093836">updates</a> for Kaby Lake and Coffee Lake processors on the same platform.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-55608956877744873602018-03-15T11:00:00.000-07:002018-03-15T11:00:35.255-07:00Microsoft: Shift From Ransomware To Cryptominers<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoa5rlqsBVNjlfKHhy47ZDeCmf4v2zUycaO4an2F9CbDitdWnCAR9HlCQByw8DPIyTFWyZlmkQD1H699zsckEHAbhM4V8pjGSdKdwzbqe7a0j-DPlIi0mu2qnpGOZUZRd6NR9HL-qbw-I/s1600/Crypto+Mining.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="379" data-original-width="700" height="173" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoa5rlqsBVNjlfKHhy47ZDeCmf4v2zUycaO4an2F9CbDitdWnCAR9HlCQByw8DPIyTFWyZlmkQD1H699zsckEHAbhM4V8pjGSdKdwzbqe7a0j-DPlIi0mu2qnpGOZUZRd6NR9HL-qbw-I/s320/Crypto+Mining.jpg" width="320" /></a></div>
<br />
Millions of computers have come into contact with cryptominers in recent months, while the number of cases of ransomware has declined, according to Microsoft today. From September last year to January of this year, an average of 644,000 unique Windows computers were detected each month and encountered a cryptominer.<br />
<br />
This involves malware that can be installed on the computer in various ways and allows the system to mine cryptocurrency. While there is a clear increase in the number of cryptominers, the number of computers encountered by ransomware is decreasing. A possible reason is that cryptominers are now also distributed via exploit kits, as well as via malicious e-mail attachments.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhh9XEHIgMu94LAzud775VUrJow6-3U__XYbPTqws93K7lxu3rFEjzGUpwKaBp8Pb4ieMrBOy9tlMgpk8fpBmwHSt0RvKS5UITmCXzrUkWDORKKnp6Fzv1mQSTumy6iRt4a1Ys6Z8poqLs/s1600/3.png" imageanchor="1"><img border="0" data-original-height="365" data-original-width="816" height="178" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhh9XEHIgMu94LAzud775VUrJow6-3U__XYbPTqws93K7lxu3rFEjzGUpwKaBp8Pb4ieMrBOy9tlMgpk8fpBmwHSt0RvKS5UITmCXzrUkWDORKKnp6Fzv1mQSTumy6iRt4a1Ys6Z8poqLs/s320/3.png" width="400" /></a></div>
<br />
"It is unlikely that cyber criminals will completely abandon ransomware in the short term, but the increase in trojanised cryptominers shows that attackers are exploring the possibilities of illegally earning money with this newer method," said <a href="https://cloudblogs.microsoft.com/microsoftsecure/2018/03/13/invisible-resource-thieves-the-increasing-threat-of-cryptocurrency-miners/" target="_blank">Eric Avena</a> of Microsoft. Because cyber criminals now choose more for cryptominers, this malware will also take over the behavior of already known threats, according to Avena. As an example, he points to the NeksMiner, who places a copy of himself in shared network folders and on USB sticks to propagate further, like all kinds of other malware.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-53576073180549952112018-03-15T02:00:00.000-07:002018-03-15T02:00:25.637-07:00Mozilla Is Considering Blocking In-Page Pop-Ups In Firefox<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqf6cfoNu221O-DolD5GPskLH4NM1txWiuCAbrY9NXxKSPRsj8UkHzQLq3fxJd75WV4ECNgVyK8Dw3qdR6zKzBqEelkzXDlOOQxCSDH546McO4Wgj2qrfR15BlouB80UWcZ-no3aupbAY/s1600/mozilla.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="848" data-original-width="1600" height="169" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqf6cfoNu221O-DolD5GPskLH4NM1txWiuCAbrY9NXxKSPRsj8UkHzQLq3fxJd75WV4ECNgVyK8Dw3qdR6zKzBqEelkzXDlOOQxCSDH546McO4Wgj2qrfR15BlouB80UWcZ-no3aupbAY/s320/mozilla.jpg" width="320" /></a></div>
<br />
Mozilla is collecting a dataset of in-page pop-ups in order to automatically block them in Firefox. In-page pop-ups are pop-ups that show pages at different times, such as when loading the website, scrolling, inactivity or opening a tab.<br />
<br />
Experiments are now being done with a pop-up blocker to close these pop-ups automatically. For this Mozilla is working on a collection of such pop-ups. Internet users can report this via <a href="https://docs.google.com/forms/d/e/1FAIpQLSejaT2ia5S4akVM_Zv9OMaAE3n5-S6PmKJG7CuqfwDT5B90sw/viewform" target="_blank">this page</a> . The dataset is only needed to train the pop-up blocker. The plan is to be able to block them automatically without having a complete blocklist. Whether the feature also comes is still unclear. Firefox developer <a href="https://twitter.com/ehsanakhgari/status/972224912634064896" target="_blank">Ehsan Akhgari</a> says on Twitter that Mozilla is exploring it as a possible Firefox feature.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-49865373441560897512018-03-14T23:30:00.000-07:002018-03-14T23:30:10.710-07:00Researchers Let Malware Send Data Via Loudspeakers<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMlEKZ7751ONKoN23cnh-9rjk6EeVZAFDGu5v-BXIioODKJvHrMhpfkcOhkzPgRoGOUMK0lpj289Tl95ieieirVo4O0g-fN9y8BVTWOto2kFQQkdDcrqiPxF1nXm-DPPC61b_mBL15b7Y/s1600/2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="450" data-original-width="800" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMlEKZ7751ONKoN23cnh-9rjk6EeVZAFDGu5v-BXIioODKJvHrMhpfkcOhkzPgRoGOUMK0lpj289Tl95ieieirVo4O0g-fN9y8BVTWOto2kFQQkdDcrqiPxF1nXm-DPPC61b_mBL15b7Y/s320/2.jpg" width="320" /></a></div>
<br />
Researchers at Ben-Gurion University have developed malware that can steal data from systems that are not connected to the internet via passive loudspeakers. Because of the risk of attacks, it is a lot of advice to not connect computers with confidential data to the internet.<br />
<br />
This is also called an air gap. An offline computer can still be infected, for example via USB sticks or a malicious employee. In order to steal data from an infected offline computer, Ben-Gurion University researchers have developed various methods in the past, such as the use of <a href="https://arstechnica.com/information-technology/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/" target="_blank">speakers</a> , <a href="http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_055_Mirsky_AirgapTemperature.pdf" target="_blank">air conditioning</a> , <a href="https://arxiv.org/abs/1608.03431" target="_blank">sound from the hard disk</a> , <a href="https://arxiv.org/ftp/arxiv/papers/1606/1606.05915.pdf" target="_blank">fans</a> , <a href="https://cyber.bgu.ac.il/how-leak-sensitive-data-isolated-computer-air-gap-near-mobile-phone-airhopper/" target="_blank">radio waves</a> , <a href="https://cyber.bgu.ac.il//advanced-cyber/airgap" target="_blank">infrared cameras</a> , <a href="http://in.bgu.ac.il/en/Pages/news/scanner_hack.aspx" target="_blank">scanners</a> , <a href="https://cyber.bgu.ac.il/bitwhisper-heat-air-gap/" target="_blank">heat emitted.</a> , <a href="https://cyber.bgu.ac.il//t/USBee.pdf" target="_blank">usb radiation</a> , <a href="https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/guri" target="_blank">mobile phones</a> , <a href="https://cyber.bgu.ac.il//advanced-cyber/system/files/LED-it-GO_0.pdf" target="_blank">hard drive lights</a> and <a href="http://in.bgu.ac.il/en/Pages/news/network_router.aspx" target="_blank">router lights</a> to return the data directly to the attacker or via an infected computer or smartphone connected to the Internet.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsIqI4wB2kZtDG09u13HRvv1mpaOipjDdSV9pPrHxDsyAMx9fXJWV0_2G1fMSstzSX4boOukJKqloKNm2ZG1d56F45bX-mVX63shPV_D_AeouS99MsNZ5_-lJOUaEZMao3Am2vupW5afw/s1600/1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="326" data-original-width="715" height="289" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsIqI4wB2kZtDG09u13HRvv1mpaOipjDdSV9pPrHxDsyAMx9fXJWV0_2G1fMSstzSX4boOukJKqloKNm2ZG1d56F45bX-mVX63shPV_D_AeouS99MsNZ5_-lJOUaEZMao3Am2vupW5afw/s640/1.png" width="640" /></a></div>
<br />
The researchers are now demonstrating a new method called Mosquito ( <a href="https://arxiv.org/pdf/1803.03422.pdf">pdf</a> ) in which "speaker-to-speaker" communication is used to steal data from a computer that is not connected to the internet. The scenario that the researchers sketch consists of a room with two computers, one of which is and one is not connected to the internet. Both computers are infected with malware and have passive speakers or headphones. The malware then exploits a feature of the audio chip that changes the connected speakers of output device into an input device (microphone).<br />
<br />
Malware on one computer can then transmit information via the speakers and the use of ultrasonic waves that are collected by the speakers of the other computer, which have in fact become a microphone. In this way it is possible to send data at a speed of 10 - 166 bits / sec at a distance of 9 meters between the computers. If headphones are used instead of loudspeakers, a distance of 3 meters is possible.<br />
<br />
The researchers state that in heavily guarded settings it is common to ban both active and passive loudspeakers, in order to create an air gap. Less stringent rules prohibit the use of microphones, but allow the use of "one-way" speakers. In many cases, the policy and security measures do not apply to modern headphones, which are basically non-powered and unenhanced loudspeakers. Mosquito could be effective in these situations.<br />
<br />
To prevent such attacks, organizations can take various measures, such as prohibiting the use of speakers, headphones or earphones, using active speakers, disabling the audio codec in the bios, detecting ultrasonic transmissions, and using low-pass filters.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-62005540013229145002018-03-14T23:00:00.000-07:002018-03-14T23:00:14.826-07:00 Mozilla: Many Popular Websites With Symantec Certificates<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1QZlKlUIWvH8ufhQIuvQcPyojWJurNDXGCYBy74eo7Oi-egmdzrA_LX3tOpIKWxRCr3H-2ianABFrKLen_KlwqbIY5tPX0sPGdh4-SrxIWn3lx0G74E0Go1Ulub5EfR7hvTNg1VIC2EI/s1600/symantec-logo.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="423" data-original-width="1600" height="84" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1QZlKlUIWvH8ufhQIuvQcPyojWJurNDXGCYBy74eo7Oi-egmdzrA_LX3tOpIKWxRCr3H-2ianABFrKLen_KlwqbIY5tPX0sPGdh4-SrxIWn3lx0G74E0Go1Ulub5EfR7hvTNg1VIC2EI/s320/symantec-logo.jpg" width="320" /></a></div>
<br />
<br />
There are still many popular websites with Symantec certificates that will soon no longer be trusted by Firefox and will cause an error message, as Mozilla has warned. It is <a href="https://blog.mozilla.org/security/2018/03/12/distrust-symantec-tls-certificates/" target="_blank">about 1 percent</a> of the Top 1 million most popular websites on the internet, which amounts to about 10,000 sites.<br />
<br />
These websites use a tls certificate issued by Symantec to encrypt traffic to and from their visitors. Due to various incidents with tls certificates issued by Symantec, browser developers have decided to cancel the trust in Symantec certificates. This will take place in phases, with all Symantec certificates issued before 1 July 2016 no longer being trusted.<br />
<br />
Google will implement this measure next month with the launch of Chrome 66. Mozilla will follow Firefox 9 on May 9. With the launch of Firefox 63 in October this year, trust in all Symantec certificates will be canceled regardless of issue date. Users who receive a certificate warning when visiting a website can ignore them and still reach the website, Mozilla explains, but security experts advise internet users never to ignore such warnings and not to visit the website in question.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-1376538242504389572018-03-14T18:00:00.000-07:002018-03-14T18:00:40.230-07:00Download.com Distributed Malware That Steals Bitcoins<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihH-coYsnxSGe3QvyMZqLIXp-HprbD6Xlv-xuwTcjECr_JZ9gc7LpFHl0BfpzAlYmi6ebn_miU0Rupylf0y3sMpVAU3AhoHO9IkAiXJEqKMr_3DHMeWY_II58CtlHG6DATNmut6ma5-mE/s1600/cnet_download.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="225" data-original-width="300" height="150" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihH-coYsnxSGe3QvyMZqLIXp-HprbD6Xlv-xuwTcjECr_JZ9gc7LpFHl0BfpzAlYmi6ebn_miU0Rupylf0y3sMpVAU3AhoHO9IkAiXJEqKMr_3DHMeWY_II58CtlHG6DATNmut6ma5-mE/s200/cnet_download.png" width="200" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
The popular download site Download.com has been distributing malware for years that bitcoins from internet users have been stolen, anti-virus company <a href="https://www.welivesecurity.com/2018/03/14/stealing-bitcoin-download-com/" target="_blank">ESET says</a> today. The malware was hidden in bombarded applications called Disk Imager, Code :: Blocks and MinGW-w64.<br />
<br />
The infected version of Disk Imager has been available on Download.com since May 2016 and was downloaded over 4500 times during that time. Code :: Blocks has been on Download.com since June 2016 and was removed from the website last year by Cnet, owner of Download.com. However, the program had already been downloaded 104,000 times. The number of downloads of MinGW-64, which was also on the website since 2016, amounted to just under 500.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDF7mr0UAyMPAaW86rPKr0CqZBCyDutQ5bQwyqW_-An0GLsvQTJd9o-NWKA55f5aL0tTsIPdPlMmFH_d00Gn7QrL4ehnk2-dAZArfPjUqM0PQY1Us3tniSvZ55weFG35mBHuRu5KREoI0/s1600/Disk+Image.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="371" data-original-width="711" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDF7mr0UAyMPAaW86rPKr0CqZBCyDutQ5bQwyqW_-An0GLsvQTJd9o-NWKA55f5aL0tTsIPdPlMmFH_d00Gn7QrL4ehnk2-dAZArfPjUqM0PQY1Us3tniSvZ55weFG35mBHuRu5KREoI0/s320/Disk+Image.png" width="320" /></a></div>
<br />
The malware in the three programs was developed to steal bitcoins. Bitcoin users who want to make a payment or transfer money to another wallet often copy the wallet address of the beneficiary and then paste it into a field on the transaction page. At that moment the wallet address is in the clipboard of the computer.<br />
<br />
The malware monitors the clipboard on infected computers and when it sees that a user is copying a wallet address, it changes this address. If the user then wants to paste the wallet address onto the transaction page, he will paste the custom wallet address and transfer money to the wrong party. The bitcoin address that the malware uses would have received a total of 8.8 bitcoin, which is currently 62,000 euros. After being informed, Cnet has removed the infected programs. It is <a href="https://blog.avast.com/2012/11/26/httpdownload-sality-cnet-com/" target="_blank">not the first time</a> that Download.com is in the news due to malware being offered.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-11339413718689725382018-03-14T16:00:00.000-07:002018-03-14T16:00:31.009-07:00 Dofoil Malware (Smoke Loader): Infected MediaGet Update After Recent Cryptominer Outbreak<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisHxkCzmWgSz8TQTcXHZrsqhqY10y_Pa6fWiJEHcd01coNPRPzWO26FZFB9V17njuQrv3nZt_nsL_AWzXwq7o94azq_fUX6f5puLFmB00dsoLH5Hqef1dw-VafS85n5Qa1nDyMnuRnpwk/s1600/MediaGet.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="256" data-original-width="256" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisHxkCzmWgSz8TQTcXHZrsqhqY10y_Pa6fWiJEHcd01coNPRPzWO26FZFB9V17njuQrv3nZt_nsL_AWzXwq7o94azq_fUX6f5puLFmB00dsoLH5Hqef1dw-VafS85n5Qa1nDyMnuRnpwk/s200/MediaGet.png" width="200" /></a></div>
<br />
<br />
An infected update for the torrent client MediaGet is responsible for the large <a href="https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign/" target="_blank">cryptominer outbreak</a> that Microsoft warned last week. The software giant quickly discovered 400,000 cases of Dofoil malware on computers, which eventually downloaded the cryptominer.<br />
<div>
<br /></div>
<div>
<b><i><u>Following screenshot is Dofoil Malware Timeline:</u></i></b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhri26QobIV_k9R8t-DBaW3-Behq8L1DPwRbQ2dPPvfby9XtPQeyiSvqQ67S_ByR5kJATnigxnMuaR4JqOmBNF3Uciqz5MtlWiPQ3cKWY-hFUu4zCfWhv9pdTjzXG2I4IuRMoEML3DFouw/s1600/Mediaget_Timeline.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="252" data-original-width="840" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhri26QobIV_k9R8t-DBaW3-Behq8L1DPwRbQ2dPPvfby9XtPQeyiSvqQ67S_ByR5kJATnigxnMuaR4JqOmBNF3Uciqz5MtlWiPQ3cKWY-hFUu4zCfWhv9pdTjzXG2I4IuRMoEML3DFouw/s640/Mediaget_Timeline.png" width="640" /></a></div>
<br />
The cryptominer uses the computational power of the infected computers to mine cryptocurrencies. In particular computers in Russia, Turkey and Ukraine were affected by the malware. Dofoil, also known as Smoke Loader, normally spreads via infected e-mail attachments and exploit kits. Striking in the outbreak last week was that most infected files came from a process called mediaget.exe. MediaGet is a program to download torrents. In this case, the malware was not downloaded via infected torrents, but from the program itself.</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQiA5BBvIJNyHxJGcMTMwfz_OQDgKdf_1ps1ApzjV2TDxVRsXGqtZ-A4Iko12ZiKYKQKxZoQTPz0XRuJNSn3qkWzEUiJiD_kDbZl6e8UOSjv73x1AKk5AGesAImi4AjMx2gjtc2GFaTSw/s1600/Mediaget_Infection+Chain.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="631" data-original-width="351" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQiA5BBvIJNyHxJGcMTMwfz_OQDgKdf_1ps1ApzjV2TDxVRsXGqtZ-A4Iko12ZiKYKQKxZoQTPz0XRuJNSn3qkWzEUiJiD_kDbZl6e8UOSjv73x1AKk5AGesAImi4AjMx2gjtc2GFaTSw/s400/Mediaget_Infection+Chain.png" width="222" /></a></div>
<div>
<br />
Further research showed that it was a carefully planned attack, <a href="https://cloudblogs.microsoft.com/microsoftsecure/2018/03/13/poisoned-peer-to-peer-app-kicked-off-dofoil-coin-miner-outbreak/" target="_blank">according to Microsoft</a> . The attackers distributed an infected user update from February 12 to February 19 this year via the MediaGet update servers. This update installed a backed up version of the torrent client. From March 1 to March 6, this backdoor was then used to install malware among users. Microsoft says it has shared information with the MediaGet developers, but they have not yet reported the incident on their website.</div>
</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-61916228815877901832018-03-14T15:00:00.000-07:002018-03-14T15:00:45.030-07:00Privacy OS Tails Introduces Screen Lock<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAfvkPs-yXfxs8lJgYPwWn0Q5r9MGzYTUIbkCz0nZWj_ZMgBcWX8b1mrhcpG0JmhPbPfBmPvFYQ3V-fYSalCDJszzjHpjXl1duHsk9KaYaZo5X77EEmcAKPs1oZxwUrSE1fu1rcWoHRSA/s1600/Tails1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="106" data-original-width="497" height="68" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAfvkPs-yXfxs8lJgYPwWn0Q5r9MGzYTUIbkCz0nZWj_ZMgBcWX8b1mrhcpG0JmhPbPfBmPvFYQ3V-fYSalCDJszzjHpjXl1duHsk9KaYaZo5X77EEmcAKPs1oZxwUrSE1fu1rcWoHRSA/s320/Tails1.png" width="320" /></a></div>
<br />
A new version of the privacy-oriented operating system Tails has been released that now also offers users the possibility to lock their screen. When users have set an administrator password, they can unlock the screen.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRlg54llw47rU3EXU5Mg63qI4T5vW3smgXP_rAWwFHG7TY7GC6AU1RCcub1f8nouRtKIliStsKm37Dl4Svo0W2I3XbeKXEaPTFa6XFLH_MkDoR29CVzsRm4pkCRIWIcaexoqjPo6-FKEs/s1600/Privacy_Screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="175" data-original-width="279" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRlg54llw47rU3EXU5Mg63qI4T5vW3smgXP_rAWwFHG7TY7GC6AU1RCcub1f8nouRtKIliStsKm37Dl4Svo0W2I3XbeKXEaPTFa6XFLH_MkDoR29CVzsRm4pkCRIWIcaexoqjPo6-FKEs/s1600/Privacy_Screenshot.png" /></a></div>
<br />
Otherwise, a separate password can be set for the first time the screen is locked. Furthermore, <a href="https://tails.boum.org/news/version_3.6/index.en.html" target="_blank">Tails 3.6</a> contains various upgrades, security updates and other adjustments. Tails stands for The Amnesic Incognito Live System and is a fully Linux-based operating system that contains all kinds of tools to anonymously use the internet. It can be used from a DVD or USB stick and is recommended by various civil rights movements and privacy experts. Some <a href="https://tails.boum.org/news/report_2018_01/" target="_blank">22,000 people</a> use Tails every day.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-92110162804563432772018-03-12T16:00:00.000-07:002018-03-12T16:00:16.404-07:00Android Manufacturer: Included Malware Is False Alarm<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7dOjKCRWTyAUDjNLVockS6cYKMILW3SrMO8lDBlsmeXBomgi0uJbbdqj3NxYIEcLt46qPsOEE8EIybO7NxYiPlEjdPAtOod96uIWKuLwBWBbwcQuW40Rpb09t9g3rdzEjZlhkki1cX_o/s1600/Leagoo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="66" data-original-width="284" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7dOjKCRWTyAUDjNLVockS6cYKMILW3SrMO8lDBlsmeXBomgi0uJbbdqj3NxYIEcLt46qPsOEE8EIybO7NxYiPlEjdPAtOod96uIWKuLwBWBbwcQuW40Rpb09t9g3rdzEjZlhkki1cX_o/s1600/Leagoo.png" /></a></div>
<br />
The Chinese manufacturer of Android devices Leagoo has removed to anti-virus company Doctor Web, which claimed that the manufacturer supplied devices with malware. The virus fighter claimed that it had found the Triada Trojan in the firmware of more than <a href="https://news.drweb.com/show/?i=11749&lng=en&c=5" target="_blank">40 models</a> , including that of Leagoo.<br />
<br />
The malware, which can download and execute additional malware and apps, without users knowing this, turned out to be present in a custom Android system library. This system library is used by all Android apps, which means that the malicious code is present in the memory of all running apps. According to Doctor Web, the malware was added at the request of a Leagoo partner and the manufacturer made this request.<br />
<br />
Leagoo says in a <a href="https://chinagadgetsreviews.com/leagoo-company-official-announcement.html" target="_blank">statement</a> that it is a false alarm. "The problem with the" virus warning "on Leagoo phones is mainly caused by differences in the virus detection of Chinese and foreign anti-virus software", according to the manufacturer. Leagoo states that all phones are scanned for malware by "top Chinese anti-virus software" to ensure that all devices are virus-free. In the future, Leagoo will also use "foreign algorithms" during scanning to prevent new virus warnings.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-26215155440243680802018-03-12T15:00:00.000-07:002018-03-12T15:00:17.309-07:00Recent Adobe Flash Player Vulnerability Leak Attacked Via Exploit Kits<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7XmD1cs2p3tDmIpS7d0E1iitirkbFU0oOb3qIOt74WseBl4ETtheCmhCAV4YjU0ok9QciAiO-MxOaU-bRYonXwbQMUaWuxKrGbCgaJXwfQWvNaVH3PxatQCOXmYztFgPClx-Iy4TbaLE/s1600/Adobe+Flash+Player.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="320" data-original-width="600" height="170" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7XmD1cs2p3tDmIpS7d0E1iitirkbFU0oOb3qIOt74WseBl4ETtheCmhCAV4YjU0ok9QciAiO-MxOaU-bRYonXwbQMUaWuxKrGbCgaJXwfQWvNaVH3PxatQCOXmYztFgPClx-Iy4TbaLE/s320/Adobe+Flash+Player.jpg" width="320" /></a></div>
<br />
A recently patched vulnerability in Adobe Flash Player is being actively attacked via exploit kits. This means that visiting a hacked website or seeing infected ads with a vulnerable Flash Player version is sufficient to infect with malware.<br />
<br />
The vulnerability in question was resolved by Adobe on February 6 through an <a href="https://helpx.adobe.com/security/products/flash-player/apsb18-03.html" target="_blank">emergency patch</a> . The vulnerability appeared to have been targeted against South Korean organizations since <a href="https://www.flashpoint-intel.com/blog/targeted-attacks-south-korean-entities/" target="_blank">last November</a> . Here Excel and Word files with embedded Flash objects were used. Now it appears that cyber criminals also have the exploit to use them via the web.<br />
<br />
Flash Player was and still is the most popular target for exploit kits. Due to the absence of new exploits, and the fact that more and more browsers are phasing out the support of Flash Player, the effectiveness of exploit kits <a href="https://researchcenter.paloaltonetworks.com/2018/02/threat-brief-declining-rig-exploit-kit-hops-coinmining-bandwagon/" target="_blank">has declined sharply in</a> the past period . According to researcher Kaffeine of the <a href="https://malware.dontneedcoffee.com/2018/03/CVE-2018-4878.html" target="_blank">Malware do not need coffee</a> blog , this is the first new Flash exploit that has been added to an exploit kit since July 2016 for a Flash leak. The new Flash exploit will be deployed via infected ads and will successfully install the Hermes ransomware. Users are therefore advised to upgrade to <a href="https://helpx.adobe.com/security/products/flash-player/apsb18-03.html" target="_blank">Flash Player version 28.0.0.161</a> or later, as the vulnerability has been corrected.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-12419130670428612242018-03-12T09:15:00.000-07:002018-03-12T09:15:22.855-07:00McAfee: Two Botnets Behind 97 Percent Of All Spam In Q4<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3mpUKTBVSWFkLMBiF5PSICg7R9YwA7fNxjG29EbDASv2fHWc69bMU5_hBWuhDo7iqp9bcm6jRfGrRy2DrAELKxX7UTyZG7vwIu91TISyAaKD8Wz3JFwNor9y8FFVU4Di3TD5o1ENNUPk/s1600/botnet.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="417" data-original-width="600" height="220" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3mpUKTBVSWFkLMBiF5PSICg7R9YwA7fNxjG29EbDASv2fHWc69bMU5_hBWuhDo7iqp9bcm6jRfGrRy2DrAELKxX7UTyZG7vwIu91TISyAaKD8Wz3JFwNor9y8FFVU4Di3TD5o1ENNUPk/s320/botnet.jpg" width="320" /></a></div>
<br />
Two botnets accounted for 97 percent of all spam sent in the fourth quarter of last year, according to <a href="https://securingtomorrow.mcafee.com/mcafee-labs/necurs-botnet-leads-the-world-in-sending-spam-traffic/" target="_blank">McAfee</a> in a new report. These are the Necurs and Gamut botnets, which are rented by spammers for sending spam, phishing emails and malware.<br />
<br />
Necurs was the most used with a share of 60 percent, followed by Gamut with 37 percent ( <a href="https://www.mcafee.com/us/resources/reports/rp-quarterly-threats-jun-2017.pdf" target="_blank">pdf</a> ). According to McAfee, Necurs is currently the largest spambot network in the world. The contaminated machines that are part of the botnet are controlled via a peer-to-peer model. In the fourth quarter of last year, the Locky ransomware and Dridex bank malware were sent via Necurs, among other things. Gamut focused more on e-mails during this period to recruit money mules and phishing e-mails.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-53801123732130039712018-03-11T18:00:00.000-07:002018-03-12T05:13:50.579-07:00Popular Privacy Plug-In Ghostery Made Open Source<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSuCgGeXUMGExbASeRZmrT_MBLFgJvF22SW5kk4J7v1Ae2rfsDnN5WG0cOwo4k8_x0sbvPM81OshcOj4uMI-npcdUk3gy3cshD2WTjpK6IHk-XaOrY7g1LyB14HvQfeVxoWi1y52QZqr8/s1600/Ghostery.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="63" data-original-width="270" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSuCgGeXUMGExbASeRZmrT_MBLFgJvF22SW5kk4J7v1Ae2rfsDnN5WG0cOwo4k8_x0sbvPM81OshcOj4uMI-npcdUk3gy3cshD2WTjpK6IHk-XaOrY7g1LyB14HvQfeVxoWi1y52QZqr8/s1600/Ghostery.png" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
The German software company Cliqz, owner of the popular privacy plug-in <a href="https://www.ghostery.com/" target="_blank">Ghostery</a> , has decided to make the tool open source. Ghostery blocks ads and trackers and has millions of users. A year ago Ghostery was <a href="https://www.ghostery.com/blog/ghostery-news/ghostery-acquired-cliqz/" target="_blank">taken over</a> by Cliqz .<br />
<br />
In the interests of transparency and an open internet, Cliqz has made the choice to make Ghostery open source. By looking at the source code, users can see how Ghostery works and what kind of data it collects. In addition, other developers can now contribute to the privacy plug-in. "Only when people understand what data digital products collect can they make meaningful decisions about what information they want to share and with whom," says <a href="https://cliqz.com/en/magazine/cliqz-open-sources-anti-tracking-tool-ghostery" target="_blank">Jeremy Tillman</a> , Ghostery's product director.<br />
<br />
According to Cliqz, most Ghostery users share stats with which new trackers are found. The software company emphasizes that it is anonymous statistics that also assess the relevance and safety of websites. However, it is also possible to set Ghostery so that no data is shared. The source code of Ghostery can be found on <a href="https://github.com/ghostery/ghostery-extension" target="_blank">GitHub</a> .</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-27974948835338611642018-03-11T15:00:00.001-07:002018-03-12T05:05:55.186-07:00Leaked Source Code Ammyy Admin Uses For Malware<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWYG8ZNSQ8ePQvyGtCrj7sSg9oZT1CvF_xahn39dZwsP3wHBH4Q_MMCxyfrCBo65fbM20-tWHbdaL_OXv1m82JI3uzvj0SONkC4GGhSVr6Icxan-14d3fcbATyoLOjs1mS50wiLdE8dfs/s1600/ammyy-admin.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="191" data-original-width="378" height="161" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWYG8ZNSQ8ePQvyGtCrj7sSg9oZT1CvF_xahn39dZwsP3wHBH4Q_MMCxyfrCBo65fbM20-tWHbdaL_OXv1m82JI3uzvj0SONkC4GGhSVr6Icxan-14d3fcbATyoLOjs1mS50wiLdE8dfs/s320/ammyy-admin.png" width="320" /></a></div>
<br />
Source code of the remote desktop software Ammyy Admin has been used for malware that has been used for both targeted and large-scale attacks, according to security <a href="https://www.proofpoint.com/us/threat-insight/post/leaked-source-code-ammyy-admin-turned-flawedammyy-rat" target="_blank">firm Proofpoint</a>. Ammyy Admin is a program that allows remote access to computers.<br />
<br />
Some time ago the source code of Ammyy Admin version 3 appeared on the Internet and cyber criminals have used it to develop malware called "FlawedAmmyy". This malicious version has been used in attacks since the beginning of 2016, but only recently discovered, Proofpoint says. Among other things, the automotive industry would be the target of the attacks.<br />
<br />
To spread the malware, the attackers use e-mails that contain Word or ZIP files as an attachment. The Word files have a malicious macro that, when enabled by the user, downloads the malware on the system. Once active on a system, FlawedAmmyy can be used to steal trade secrets, customer data and other information from companies, according to the researchers.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-38659458230879979592018-03-11T15:00:00.000-07:002018-03-12T04:35:31.512-07:00Avast: Attackers CCleaner Also Wanted To Install keylogger<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHQu6waFnonVXIjHhXPCebrJY8GoGXfCWkvwyZhwoGKv3dKhqSOsauKfvR35Gv-q7U0W0s26PjZbzdLnWSHMC3i-TCfF3hmb27utsQZWE8ikIULU0_09xprQYDrnAlNfrPEC3F-QZFQiY/s1600/ccleaner.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="184" data-original-width="205" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHQu6waFnonVXIjHhXPCebrJY8GoGXfCWkvwyZhwoGKv3dKhqSOsauKfvR35Gv-q7U0W0s26PjZbzdLnWSHMC3i-TCfF3hmb27utsQZWE8ikIULU0_09xprQYDrnAlNfrPEC3F-QZFQiY/s1600/ccleaner.png" /></a></div>
<br />
The attackers who hacked software company Piriform last year and added a backdoor to the popular CCleaner tool were also likely to install a keylogger on infected systems, according to anti-virus company <a href="https://blog.avast.com/new-investigations-in-ccleaner-incident-point-to-a-possible-third-stage-that-had-keylogger-capacities" target="_blank">Avast</a> , which is the owner of CCleaner.<br />
<br />
Last September, Avast announced that attackers had hacked CCleaner developer Piriform and added malware to the official version. This infected version was downloaded by 2.27 million users. The malware was added to the Piriform development platform between 11 March and 4 July 2017. The software company was acquired by Avast two weeks later on 18 July.<br />
<br />
The first phase of the malware was to gather information about CCleaner users, such as the name of the computer, installed software and active processes. The second phase consisted of downloading additional malware. However, this was done with a select number of machines. Eventually, 40 computers received this additional malware. These included systems from major tech companies such as Intel, Samsung, Sony, Asus, NEC and the South Korean telecom provider Chunghwa Telecom.<br />
<br />
There is no evidence that a third step has been carried out, but Avast has now found information indicating that it may have been planned. During the investigation into the hacked Piriform infrastructure, early versions of the first and second phase of the malware were discovered, as well as a tool called ShadowPad. ShadowPad is used by cyber criminals to control computers remotely. The tool was installed on four Piriform computers on April 12, while the second phase of the malware was already installed on March 12.<br />
<br />
The older version of the second phase malware connected to a command & control server. The servers were no longer active at the time Avast analyzed the computers, so it is unknown what was downloaded, but given the time window it was probably ShadowPad. The Avast researchers also discovered ShadowPad log files with keystrokes from a keylogger installed on the computers. The keylogger had been active since 12 April and had stored keystrokes of all kinds of programs. The encountered version of ShadowPad appeared to have been specially made. Avast thinks that the attackers who had adapted especially for Piriform.<br />
<br />
In addition to the keylogger, the attackers also installed a password builder and tools to install other software. According to Avast, there are no indications that ShadowPad is installed on the computers of CCleaner users. The virus fighter does state that it was the third phase of the attack. It is not known whether the attackers wanted to install the keylogger on all 40 attacked computers in the second phase, or just a few or not at all, this is still in under investigation.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-24222702111112695462018-02-28T21:00:00.000-08:002018-02-28T23:21:56.653-08:00Decrease Of Malicious Advertisements In The Second Half Of 2017<div dir="ltr" style="text-align: left;" trbidi="on">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFFSvWOVeBwBH3jEkoE5-FsBhWsPmBI1aDSnjG1GNEIQYq_u1FhSmvAaS-q64P5YDb3AXvdlhJjOIACqRZBIP-dOIlOpAxhhPkOWrGBcmvNaWbFjiEmSYY7Ja0ptSiEQs177DqByUOTPI/s1600/RiskIQ-logo.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="474" data-original-width="1577" height="95" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFFSvWOVeBwBH3jEkoE5-FsBhWsPmBI1aDSnjG1GNEIQYq_u1FhSmvAaS-q64P5YDb3AXvdlhJjOIACqRZBIP-dOIlOpAxhhPkOWrGBcmvNaWbFjiEmSYY7Ja0ptSiEQs177DqByUOTPI/s320/RiskIQ-logo.jpg" width="320" /></a></div>
<br />
The number of malicious advertisements that Internet users tried to infect with malware, tried to deprive data or attempted to defame it in another way, was reduced in the second half of 2017, security company <a href="https://www.riskiq.com/blog/external-threat-management/q4-malvertising-roundup/" target="_blank">RiskIQ</a> claims. In the third quarter, the security company detected 53 percent less malvertising than in the second quarter of 2017. In the fourth quarter, this decline continued and 10 percent fewer malicious ads were detected.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAk1UrKp21KQcbXmcY1B2Hdm7ZjTn3TlpaQFK7uVqnZhoyD_rS7qFOugCHJogmbRvZ0OXu67U1FoKTyo7PbFrhzT5GzjzFpwdSDRUOKndi0Hqwd9Tnl1yUqrlX1aN5gU95J68Gs4SuuXo/s1600/RiskIQ-Q4-Malvertising-Graphic.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="500" data-original-width="800" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAk1UrKp21KQcbXmcY1B2Hdm7ZjTn3TlpaQFK7uVqnZhoyD_rS7qFOugCHJogmbRvZ0OXu67U1FoKTyo7PbFrhzT5GzjzFpwdSDRUOKndi0Hqwd9Tnl1yUqrlX1aN5gU95J68Gs4SuuXo/s400/RiskIQ-Q4-Malvertising-Graphic.jpg" width="400" /></a></div>
<br />
The use of advertisements to attack unpatched internet users, for example through vulnerabilities in Adobe Reader or Internet Explorer, decreased by 36 percent in the third quarter and 20 percent in the fourth quarter. Other malware in ads decreased by as much as 67 percent in the fourth quarter. The fourth quarter, however, saw an increase of 16 percent in the number of ads pointing to a scam, but overall there were fewer rogue ads in both the third and fourth quarters.</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0tag:blogger.com,1999:blog-3188886411431752463.post-86207820071789591912018-02-28T19:00:00.000-08:002018-02-28T23:10:52.197-08:00Coinhive Code Injected On LA Times Website<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQ_TqIgwxo4P4NhBX-ZxpHLuITvEnT610IVOetbf7GoeJ8chyphenhyphenu2u_iEHhjoapfqCUE_HMKfbpYDlBMT06WEscueNx4pzSbScIHT8-oIaIuBUNKIBPF-zToiJen4ku1hPSDvn7vJ8Ab17Y/s1600/LA+Times.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="517" data-original-width="429" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQ_TqIgwxo4P4NhBX-ZxpHLuITvEnT610IVOetbf7GoeJ8chyphenhyphenu2u_iEHhjoapfqCUE_HMKfbpYDlBMT06WEscueNx4pzSbScIHT8-oIaIuBUNKIBPF-zToiJen4ku1hPSDvn7vJ8Ab17Y/s200/LA+Times.png" width="165" /></a></div>
<br />The website of the American newspaper the LA Times has unknowingly implemented Coinhive code in order to minate Monero's. The code has certainly been on an <a href="http://homicide.latimes.com/" target="_blank">interactive map</a> of the newspaper about murders in cities since 9 February , researchers from Bad Packet's report have discovered. The code let the CPU run just below 30 percent of its power to remain unnoticed, writes John Dunn from security company <a href="https://nakedsecurity.sophos.com/2018/02/27/unsecured-aws-led-to-cryptojacking-attack-on-la-times" target="_blank">Sophos</a> .<br /><br />The code has been injected via a poorly secured Amazon AWS S3 bucket. This S3 bucket offered visitors write permissions. The researchers also found a message that suggested that someone else had access, in addition to the <a href="https://badpackets.net/how-to-find-cryptojacking-malware/" target="_blank">Bad Packet Report</a> researchers and the cryptojackers themselves. The message was as follows:<br /><br /><blockquote class="tr_bq">
<i>Hello, this is a friendly warning that your Amazon AWS S3 bucket settings are wrong.<br />Anyone can write to this bucket. Please fix this before a bad guy finds it.</i></blockquote>
<br />After the researchers informed the newspaper about the incident, the code was cleaned up and the cloud environment better secured. Coinhive has also lifted the account that was linked to the code. The researchers suspect that approximately 24 dollars of crypto currencies have been generated.<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-60886050-1', 'auto');
ga('send', 'pageview');
</script>
</div>
Malwaredevhttp://www.blogger.com/profile/00512955871593403351noreply@blogger.com0