Tech Blog

OnionShare Lets Anyone Host Anonymous Dark Web Sites

A new version of OnionShare now lets you easily create fundamental dark anonymous websites on Tor so that they can not be censored. This is particularly useful if you want to publish information anonymously, but you don’t want to deal with how to set up your own dark web server. OnionShare is a Windows, Mac,…

Chinese Hackers Use New Cryptojacking Detection Techniques

Chinese-speaking cyber-crimes group Rocke, known for running multiple large-scale malicious cripto-mining campaigns, has now switched to new Tactics, Techniques and Procedures (TTPs). Rocke is an economically motivated group of threats first discovered in April 2018 by the researchers of the Cisco Talos team when targeting unpatched Apache Struts, Oracle WebLogic and Adobe ColdFusion servers. The…

Uses New PortReuse Malware Against Asian Manufacturer Winnti Group

With a new modular Windows backdoor, Winnti group hackers have upgraded their arsenal to infect servers from a highly-professional Asian mobile hardware and software manufacturer. ShadowPad malware has also been added to the hacking group, with random modular IDs and some extra uncertainty being the most noticeable additions according to ESET researchers who have been…

Sodinokibi Ransomware: Following the Money Trail of Affiliate

Following the posting of partial transaction IDs for ransomware payment by a Sodinokibi affiliate, researchers were able to use the information in order to track affiliates ‘ money trail and sometimes how they invest their illegal profits. Earlier this month, McAfee looked at the Gand Crab Ransomware as a collaborator and how the Sodinokibi Ransomware…

Create Windows Sandbox Custom Settings in Windows 10

Windows 10 May 2019 Update (1903 version) included a new feature called the Windows Sandbox that allows programs to be run safely isolated from the rest of the operating system. Once you open the Windows Sandbox, it will fire a separate, isolated lightweight desktop environment, removed from your Windows installation and will permanently delete all…

Nitro PDF Pro to get 7 Real RCE Bugs Micropatches

The new Nitro PDF Pro version has at least one flaw that could be used to execute remote code on the victim’s host. A third party patch is on its way. For this safety bug, a official fix from the developer is not available, with a severity score of 8.8 out of 10. Leverage can…

Windows 10 1703 is Now End of Operation, No More Security Updates

Windows 10 version 1703 is now out of service and will not provide any future security or reliability updates. Creators Update is also called Creators Update. When a Windows version is out of operation, Microsoft will no longer patch bugs in the software or release security updates to address new vulnerabilities. By 8 October 2019…

iTerm2 Patches Effective for Seven Years of Serious Vulnerability

The most popular macOS terminal emulator, iTerm2, has been modified to address a critical security issue that has not been disclosed for at least seven years. Attackers are able to execute remote control systems with a compromised version of iTerm2 if the program is used to connect to a malicious source. Serious risk The vulnerability…

NTLM Security Features Leading to Full Domain Compromise.

There are two security vulnerabilities within the NTLM authentication protocol in Microsoft that allow attackers to bypass MIC (Message Integrity Code). As part of the security updates released yesterday after Preempt’s disclosure, Microsoft fixed two NTLM bugs and provided security advisories. Preempt researchers Yaron Zinar and Marina Simakov discovered that attackers can exploit such defects…

Windows 10 Stack Updates Set Safe Boot Problems

Microsoft released October’s service stack reliability enhancements, which allows users to download and install Windows updates, for all versions of Windows 10. Microsoft says these Critical Service Stack Updates fix “a problem that does not extend the Secure Boot Revocation List (DBX) where the Secure Boot Revocation List is empty,” and “improves the Secure Boot…