Dismiss this notice
EaseUS Partition Master Professional Halloween 2020 Giveaway - [Only registered and activated users can see links Click here to register]

Dismiss this notice
SoftMaker Office Standard 2021 Halloween 2020 Giveaway - [Only registered and activated users can see links Click here to register]

Dismiss this notice
Advanced Uninstaller PRO Halloween 2020 Giveaway - [Only registered and activated users can see links Click here to register]

Dismiss this notice
O&O Defrag 24 Professional Halloween 2020 Giveaway - [Only registered and activated users can see links Click here to register]

Dismiss this notice
O&O DiskImage 16 Professional Halloween 2020 Giveaway - [Only registered and activated users can see links Click here to register]

  Malwarebytes: Black Friday and Cyber Monday Deals
Posted by: borys - 9 hours ago - Forum: Software Deals - No Replies

Oprogramowanie zabezpieczające wbudowane w komputer lub urządzenie mobilne obejmuje podstawy, ale nie zawsze może powstrzymać nowe, zaawansowane lub szybko ewoluujące zagrożenia. Nie robi również wiele, aby chronić przed zagrożeniami, takimi jak wiadomości e-mail typu phishing i oszukańcze witryny, które nie są oparte na oprogramowaniu.
Promocja: [Only registered and activated users can see links Click here to register]

Print this item

Information Malwarebytes 4.2.3.204
Posted by: borys - 9 hours ago - Forum: Malwarebytes - No Replies

Malwarebytes is a next-generation antivirus replacement. Malwarebytes is the first of its kind for home users, employing four independent technology modules anti-malware, anti-ransomware, anti-exploit, and malicious website protection to block and remove both known and unknown threats. Malwarebytes has been engineered to provide the most effective layered approach of prevention, detection and remediation technologies. Malwarebytes detects malware automatically, before it can infect, shields vulnerable systems and software from exploit attacks, stops ransomware attacks before your data is held hostage, prevents access to and from known malicious webpages, Detects and removes malware and advanced threats, removes rootkits and repairs the files they damage.

Download: [Only registered and activated users can see links Click here to register]

Print this item

Information Email client Thunderbird 78.5.1 released
Posted by: harlan4096 - Yesterday, 09:55 - Forum: Software & Services News - No Replies

Quote:
[Image: thunderbird-78.5.1.png]

A new version of the open source email client Thunderbird is available. Thunderbird 78.5.1 is a bug fix and security release. The security issue that is addressed has been rated as high, the second highest severity rating after critical.

The new version of the email client is already available. Thunderbird users should get it offered to them automatically; those who don't want to wait can select Help > About Thunderbird in the email client to run a manual check for updates. The "About" window displays the currently installed version of Thunderbird making it easy to compare the installed version to the latest.

Thunderbird 78.5.1

The development team [Only registered and activated users can see links Click here to register] one security issue that has been fixed in Thunderbird 78.5.1. It is not an issue that is actively exploited at this time.
 
Quote:CVE-2020-26970: Stack overflow due to incorrect parsing of SMTP server response codes

When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable.

The official release notes list one new feature, two changes, and a good dozen fixes.

The new feature enables Thunderbird users to disable the encryption of the email subject when using the built-in OpenPGP functionality. The changes introduce support for multi-file selection and bulk importing of OpenPGP keys in the email client, and a change in the getComposeDetails function that extensions may use.

The function will wait for "compose-editor-ready" events in the new version.

The following issues are corrected in Thunderbird 78.5.1:
  • The new mail icon is removed from the System Tray when Thunderbird is closed; it remained visible in previous versions.
  • Thunderbird did not honor the "run search on server" option when running searches.
  • Two OpenPGP fixes: 1) key were missing from key manager, and 2) option to import keys from clipboard always disabled.
  • Dark theme fix that addresses highlight colors for folders with unread messages being not visible when the dark theme was enabled.
  • The option "place replies in the folder of the message being replied to" did not work when "reply to list" was used.
  • Link button did nothing when Filelink was not set up.
  • Incorrect output when printing mailing list members.
  • Addressed a connection isse to LDAP servers that use self-signed certificates.
  • Autoconfig via LDAP did not work as expected.
  • Using Ctrl-Enter in Calendar created duplicate events.
Now You: have you installed the latest Thunderbird version?
...
[Only registered and activated users can see links Click here to register]

Print this item

Information Android Messenger App Still Leaking Photos, Videos
Posted by: silversurfer - Yesterday, 08:08 - Forum: Privacy & Security News - No Replies

Quote:The GO SMS Pro Android app has published two new versions on Google Play since a major security weakness was disclosed in November – but neither fixes the original issue, leaving 100 million users at risk for privacy violations, researchers said.
 
Meanwhile, a raft of exploitation tools have been released in the wild for the bug. That’s according to Trustwave SpiderLabs, which originally discovered a security issue that can be exploited to [Only registered and activated users can see links Click here to register] private voicemails, video missives and photos sent using the popular messenger app.
 
With GO SMS Pro, when a user sends a multimedia message, the recipient can receive it even if they don’t themselves have the app installed. In that case, the media file is sent to the recipient as a URL via SMS, so the person can click on the link to view the media file in a browser window. The issue is that there’s no authentication required to view the content, so anyone with the link (and links can be guessable) can click through to the content.
 
“With some very minor scripting, it is trivial to throw a wide net around that content,” according to Trustwave. “While it’s not directly possible to link the media to specific users, those media files with faces, names, or other identifying characteristics do that for you.”
 
A new version of the app was uploaded to the Play Store the day before the original Trustwave advisory on Nov. 19; followed quickly by a second updated version on Nov. 23. Trustwave has now tested both versions, specifically v7.93 and v7.94.
 
“We can confirm that older media used to verify the original vulnerability is still available,” researchers explained in a [Only registered and activated users can see links Click here to register]. In other words, past messages that have been sent are still accessible. “That includes quite a bit of sensitive data like driver’s licenses, health insurance account numbers, legal documents, and of course, pictures of a more ‘romantic’ nature.”

Read more: [Only registered and activated users can see links Click here to register]

Print this item

Information Misconfigured Docker Servers Under Attack by Xanthe Malware
Posted by: silversurfer - Yesterday, 08:05 - Forum: Privacy & Security News - No Replies

Quote:Researchers have discovered a Monero cryptomining botnet they call Xanthe, which has been exploiting incorrectly configured Docker API installations in order to infect Linux systems.
 
Xanthe was first discovered in a campaign that employed a multi-modular botnet, as well as a payload that is a variant of the [Only registered and activated users can see links Click here to register]. Researchers said that the malware utilizes various methods to spread across the network – including harvesting client-side certificates for spreading to known hosts via Secure Shell (SSH).
 
“We believe this is the first time anyone’s documented Xanthe’s operations,” said researchers with Cisco Talos [Only registered and activated users can see links Click here to register]. “The actor is actively maintaining all the modules and has been active since March this year.”
 
Researchers first discovered Xanthe targeting a honeypot, which they created with the aim of discovering Docker threats. This is a simple server emulating certain aspects of the Docker HTTP API.
 
Vanja Svajcer, Cisco Talos researcher, told Threatpost that researchers do not have access to the amount that has been collected by Xanthe.
“Typically crypto miners go for big numbers and this usually means Windows desktop systems,” said Svajcer. “But with the growth of cloud environments there are more and more hosts on the internet that run Linux and that are exposed to attacks and are not as well secured as in-house Windows systems. Xanthe demonstrates that non-Windows systems are quite attractive targets for malicious actors.”

Read more: [Only registered and activated users can see links Click here to register]

Print this item

Information Magecart Attack Convincingly Hijacks PayPal Transactions at Checkout
Posted by: silversurfer - Yesterday, 08:03 - Forum: Privacy & Security News - No Replies

Quote:Just in time for a busy online holiday shopping season, the Magecart gang has come up with a new credit-card skimming technique for hijacking PayPal transactions during checkout.
 
A security researcher who identifies himself as [Only registered and activated users can see links Click here to register] discovered the technique, which uses [Only registered and activated users can see links Click here to register] to inject convincing PayPal iframes into the checkout process of an online purchase, “the first skimmer to deploy such a method,” he [Only registered and activated users can see links Click here to register]. BleepingComputer [Only registered and activated users can see links Click here to register] his research.
 
[Only registered and activated users can see links Click here to register] is an umbrella term encompassing several different threat groups who all use the same attack method: They compromise [Only registered and activated users can see links Click here to register] to inject card-skimming scripts on checkout pages, stealing unsuspecting customers’ payment card details and other information entered into the fields on the page. The info is then [Only registered and activated users can see links Click here to register] to a server under the attackers’ control.
 
Affable Kraut used data from [Only registered and activated users can see links Click here to register], a security firm aimed at combatting digital skimming, to peer under the hood of the new card-skimming technique. While most methods that try to emulate PayPal pages to trick users into entering details even when the process is being hijacked don’t look very authentic, the one he observed “goes through a lot of work to try and be as convincing as possible,” Kraut [Only registered and activated users can see links Click here to register].
 
One of the key factors lending to this appearance is its use of a script called window.postMessage, which enables cross-origin communication between a Web page and a pop-up that it spawned, or between a page and an iframe embedded within it.

Read more: [Only registered and activated users can see links Click here to register]

Print this item

Information Cayman Islands Bank Records Exposed in Open Azure Blob
Posted by: silversurfer - Yesterday, 08:01 - Forum: Privacy & Security News - No Replies

Quote:A Cayman Island investment firm has removed years of backups, which up until recently were easily available online thanks to a [Only registered and activated users can see links Click here to register]. The blob’s single URL led to vast stores of files including personal banking information, passport data and even online banking PINs — which in addition to a security problem, presents a potential public-relations nightmare for a firm in the business of discreet, anonymous offshore financial transactions.
 
The massive cybersecurity blunder was pointed out by a researcher to The Register, which agreed not to disclose the name of the compromised bank in return for details about how this happened. Once evidence was given to the bank of the exposed data, the information was passed onto a bank staffer with a college computer science background, the report added. There was no one else on staff specifically dedicated to cybersecurity.
 
The Register added that the firm’s staff were “completely unaware” how the Azure blob worked (the Azure blob is the Microsoft backup storage solution that competes with Amazon Web Services S3 bucket and other cloud storage solutions). The entire operation was completely dependent on an outside provider for cybersecurity. The Register said the firm claims it manages $500 million in investments.
 
“This was a backup solution provided by our IT vendor in Hong Kong which we saw as a fairly normal cloud provision,” the bank employee said in response to The Register. “Clearly there’s some issue here!”

Read more: [Only registered and activated users can see links Click here to register]

Print this item

Information Electronic Medical Records Cracked Open by OpenClinic Bugs
Posted by: silversurfer - Yesterday, 07:59 - Forum: Privacy & Security News - No Replies

Quote:Four vulnerabilities have been discovered in the OpenClinic application for sharing electronic medical records. The most concerning of them would allow a remote, unauthenticated attacker to read patients’ personal health information (PHI) from the application.
 
[Only registered and activated users can see links Click here to register] is an open-source health records management software; its [Only registered and activated users can see links Click here to register] is 0.8.2, released in 2016, so the flaws remain unpatched, researchers at Bishop Fox said. The project did not immediately return Threatpost’s request for comment.
 
According to researchers, the four bugs involve missing authentication; insecure file upload; cross-site scripting (XSS); and path-traversal. The most high-severity bug (CVE-2020-28937) stems from a missing authentication check on requests for medical test information.
 
Authenticated healthcare users of the application can upload medical test documents for patients, which are then stored in the ‘/tests/’ directory. Unfortunately, there’s no requirement for patients to sign in in order to view the test results.
 
“Anyone with the full path to a valid medical test file could access this information, which could lead to loss of PHI for any medical records stored in the application,” according to the firm, writing in a Tuesday posting.
A mitigating factor is the fact that an attacker would need to know or guess the names of files stored in the “/tests/” directory in order to exploit the vulnerability.
“However, medical test filenames can be predictable, and valid filenames could also be obtained through log files on the server or other networking infrastructure,” researchers wrote.

Read more: [Only registered and activated users can see links Click here to register]

Print this item

Information Microsoft has a fake extensions problem in its Microsoft Edge Store
Posted by: harlan4096 - 01 December 20, 21:46 - Forum: Privacy & Security News - No Replies

Quote:
[Image: microsoft-edge-extensions-fake.png]

Microsoft has a serious problem with fake extensions for its Microsoft Edge web browser that are hosted on the company's own store for the web browser.

[Only registered and activated users can see links Click here to register], Microsoft once again had to remove a fake extension. Last week, it became known that several fake extensions were removed by Microsoft that were made to look like extensions from legitimate services. Affected products were the content blocker uBlock Origin, the VPN services NordVPN, Adguard VPN and TunnelBear VPN, and other legitimate browser extensions.

Many companies and developers have not created extensions for Microsoft Edge or ported existing extensions to the Microsoft Store. The fake extensions were created and uploaded by third-parties; all used the names of popular products, likely to get users of Microsoft Edge to install these extensions without much inspection beforehand. The extensions would redirect searches through OKSearch when installed in the web browser.

The makers of Windscribe, a popular free and paid VPN providers, revealed yesterday that they have been a target as well. A fake Windscribe extension was uploaded to the Microsoft Store, and like all the others, accepted by Microsoft.
 
Quote:That was not our extensions, because MS review process is useless. Someone uploaded a modified version of the extension, and MS just approved it. We looked at it, it didn't seem to contain any actual malware at first glance, however we encourage you to change your Windscribe password.

Microsoft did flag the fake extension as malicious in the meantime. The extension is no longer available as a consequence, and users who have it installed should see it being disabled automatically in the browser. The real Windscribe extension that is created by the makers of the service is still in Microsoft's review queue.

Affected users should consider changing passwords to the service, and maybe also to other services that they signed-in while using the extension.

Microsoft's review process did not catch the fake extensions that were released to the store in the past two weeks. It is not the first time that malicious extensions were made available in the store. If Microsoft does not change the review process, it is likely that it won't be the last time that users will install fake extensions from the official Edge extensions store.

It is recommended that users check with the maker of the product to see if a browser extension for Microsoft Edge is available before installing any extension from the Microsoft Store.

Now You: Did you install any of these extensions? What needs to change in your opinion to block fake extensions outright?
...
[Only registered and activated users can see links Click here to register]

Print this item

Information Microsoft fixes Windows 10 BSOD crashes caused by NVMe SSDs
Posted by: silversurfer - 01 December 20, 15:22 - Forum: Microsoft Windows News - No Replies

Quote:Microsoft has fixed a known issue causing Windows 10 blue screens of death (BSOD) crashes when users plugged in a Thunderbolt NVMe (Non-Volatile Memory Express) Solid State Drive (SSD).
To be impacted by this known issue Windows 10 device would have to feature at least one Thunderbolt NVMe SSD and one Thunderbolt port.
Affected Windows 10 devices would also display a "DRIVER_VERIFIER_DMA_VIOLATION (e6). An illegal DMA operation was attempted by a driver being verified." stop error.
After discovering the BSOD issue, Microsoft also added a compatibility hold to prevent impacted devices from being offered Windows 10, version 2004 or Windows 10, version 20H2 upgrades.
 
Microsoft addressed this issue with the release of the optional [Only registered and activated users can see links Click here to register] non-security cumulative update preview for Windows 10 versions 2004 and 20H2.
Since this is a preview update, it is considered optional and it will not be installed automatically. To install KB4586853, download it manually from the [Only registered and activated users can see links Click here to register] or open Windows Update and click the 'Check for updates' button.
The safeguard hold added to block upgrades on Windows 10 devices with affected Intel drivers will be removed in mid-December.
Until then, the company [Only registered and activated users can see links Click here to register] affected users to "not attempt to manually update using the Update now button or the Media Creation Tool."

Read more: [Only registered and activated users can see links Click here to register]

Print this item

[-]
Welcome
You have to register before you can post on our site.

Username


Password





[-]
Recent Posts
Malwarebytes: Black Friday and Cyber Mon...
Oprogramowanie zabez...borys — 22:08
Malwarebytes 4.2.3.204
Malwarebytes is a ne...borys — 21:48
Giveaway suggestions.
AOMEI Partition Assi...borys — 21:47
Email client Thunderbird 78.5.1 released
A new version o...harlan4096 — 09:55
Android Messenger App Still Leaking Phot...
The GO SMS Pro And...silversurfer — 08:08

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (38)ivyhuv
avatar (36)Enlargedterrestrial20

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>