Welcome, Guest
You have to register before you can post on our site.



  Free Video Player 2.0.0 Released
Posted by: mrtrout - 05-09-2018 , 07:43 PM - Forum: Freeware - No Replies

You are not allowed to view links. Register or Login to view.        Free Video Player
100% Free, Fast and Powerful Media Player

Windows 2000/2003/XP/Vista/ 7/8/10 (32 bits &64 bits)

Free Download
Version: 2.0         OverviewDownload
What Does Free Video Player?
Not only is Free Video Player a completely FREE video player, with its built-in support for all the most popular video and Media Player formats, tons of advanced features, extreme customizability, and the Codec Finder service, Free Video Player is sure to fulfill all of your playback needs. With millions of users in hundreds of countries, Free Video Player is one of the world`s most popular video players.
With Free Video Player, all video and audio files open with one click! A powerful video and audio player, Free Video Player is the last media player you will need to download. The best part is that this is completely FREE software!

Exclusive Features of Free Video Player

Free Video Player is completely free for everyone to download and use. Our team was not happy with the current media player offerings on the internet. We are dedicated to building the best media player for your free use.

Comprehensive File Support
Free Video Player can easily support virtually any kind of Video, Audio, Image formats. It can play all the most popular video formats by default: AVI, MP4, MKV, FLV, WMV, MOV, and more.

Support GEM Format
GEM is a multimedia encryption format designed with GiliSoft. GEM supports most of the video and audio formats, support multiple files, support volume. Free Video Player can play GEM format.

Just Plays Everything
If you want to play music or video files in just about any format, Free Video Player is your best answer. An all-in-one FUHD media player software brings you MP3 player, FLV player, WMV player, MKV player, as well as a video music library to unleash all your digital media.

Automatic Updates
Our team is dedicated to providing great and timely updates to our software, and now you never have to worry about manually updating again!

Player for mobile
Free Video Player will be available in Android and iOS versions. You can enjoy watching videos not just on your PC, but also on your mobile device. Enjoy watching videos easily with Mobile Free Video Player any time, anywhere

Easy to use
Take control of your media with intuitive play and volume controls. No more fussing with overly complicated players.

Audio Player
By popular demand, Free Video Player now features an integrated audio player for formats such as MP3, MP2 and MID.   2005-2018 GiliSoft International LLC.     :   BitDefender Log File

Product : Bitdefender Total Security
Scanning task : Contextual Scan
Log date : Wednesday, May 9, 2018 3:36:32 PM
Path : C:\Users\mrtro\Desktop\free-video-player.exe
[-]Detailed Scan Summary
Scanned items : 64
Infected items : 0 (no infected items have been detected)
Suspicious items : 0 (no suspected items have been detected)
Resolved items : 0 (no threats have been detected during this scan)
Unresolved items : 0 (no issues remained unresolved)
[-]Scan Options
[-]Target Threat Types:
Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : No
Scan for keyloggers : Yes
[-]Target Selection Options:
Scan registry keys : No
Scan cookies : No
Scan boot sectors : No
Scan memory processes : No
Scan archives : Yes
Scan runtime packers : Yes
Scan emails : Yes
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions : none configured
Excluded extensions : none configured
[-]Target Processing:
Default primary action for infected objects : None
Default secondary action for infected objects : None
Default primary action for suspicious objects : None
Default secondary action for suspicious objects : None
Default action for hidden objects : None
Default action for password-protected objects : Prompt for password

Print this item

  How to clean an infected computer [2018]
Posted by: tarekma7 - 05-09-2018 , 03:46 PM - Forum: Video Reviews - No Replies

Print this item

  Nero MediaHome 17 Free
Posted by: AAU - 05-09-2018 , 05:51 AM - Forum: Freeware - Replies (1)

Nero MediaHome
The FREE media manager

  • Organize Photos & Videos with Geotags
  • Facial Recognition
  • One-Click Sync and Upload
  • Picture-Perfect
  • Enjoy streaming movies & photos throughout your home

You are not allowed to view links. Register or Login to view.

Print this item

  Office 365 Zero-Day Used in Real-World Phishing Campaigns
Posted by: tarekma7 - 05-09-2018 , 12:21 AM - Forum: Security News - No Replies

Quote:A new zero-day vulnerability known as baseStriker allows miscreants to send malicious emails that bypass security systems on Office 365 accounts.

Discovered last week, on May 1, 2018, by security researchers from Avanan, baseStriker is a flaw in how Office 365 servers scan incoming emails.

The HTML tag at the center of baseStriker
At the center of this vulnerability is the < base > HTML tag. This is a seldom used tab, but developers declare it in the < head > section of an HTML document (web page), and its purpose is to establish a base URL for relative links.

For example, a website might declare a base URL like this:

< base href = "https://www.example.com" / >

Once declared, developers can include links to content hosted on the base URL without typing the whole thing, like so:

< img src = "/images/slider/photo-1.png" / >

Under the hood, the HTML rendering engine (usually a browser) will merge the base URL with the relative path and come with:


Office 365 doesn't support the "base" HTML tag

The problem, according to Avanan, is that Office 365's security systems don't appear to support base URLs.

An attacker can simply send out a rich-text-formatted email with the following structure and Office 365 won't be able to scan and detect any malware hosted on the URLs.

Read the article:

You are not allowed to view links. Register or Login to view.

Print this item

  Adobe Patch Tuesday Is Out With Fixes for Flash Player, Creative Cloud, Connect
Posted by: tarekma7 - 05-09-2018 , 12:18 AM - Forum: Security News - No Replies

Quote:Minutes ago, Adobe published this month's batch of security fixes, part of the company's regular Patch Tuesday outing.

For the month of May 2018, Adobe fixed five vulnerabilities — one in Flash Player, three in the Creative Cloud Desktop application (the app that starts Photoshop, Illustrator, InDesign, and the rest of the Creative Cloud apps), and one in Connect, its web conferencing software.

By far, the most dangerous was the Flash Player vulnerability, which allowed for code execution on the user's computer. The good news is that none of these flaws had been exploited in the wild, and recent reports confirm Flash's demise [1, 2].

Adobe Security Update Summary:

APSB18-16 Security update available for Adobe Flash Player
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user. The latest Adobe Flash Player version number is now:

APSB18-12 Security update available for Adobe Creative Cloud Desktop Application

Adobe has released a security update for the Creative Cloud Desktop Application for Windows and MacOS. This update resolves a vulnerability in the validation of certificates used by Creative Cloud desktop applications (CVE-2018-4991), and an improper input validation vulnerability (CVE-2018-4992) that could lead to privilege escalation. The latest Creative Cloud Desktop Application version number is now:

APSB18-18 Security update available for Adobe Connect

An important authentication bypass vulnerability (CVE-2018-4994) exists in Adobe Connect versions 9.7.5 and earlier. Successful exploitation of this vulnerability could result in sensitive information disclosure. he latest Adobe Connect version number is now: 9.7.5.


You are not allowed to view links. Register or Login to view.

Print this item

  Microsoft May 2018 Patch Tuesday Fixes 67 Security Issues, Including IE Zero-Day
Posted by: tarekma7 - 05-09-2018 , 12:16 AM - Forum: Security News - No Replies

Quote:Microsoft published earlier today the Patch Tuesday security bulletin for May 2018, containing fixes for 67 security issues.

This month, Microsoft fixed security flaws in Microsoft Windows, Internet Explorer, Microsoft Edge, ChakraCore, .NET Framework, Microsoft Exchange Server, Windows Host Compute Service Shim, and Microsoft Office and Microsoft Office Services and Web Apps.

Microsoft patches two zero-days
The biggest issue patched this month is a zero-day in Internet Explorer that has been abused by a cyber-espionage campaign earlier this month. The zero-day (CVE-2018-8174) affects not only IE but also any other projects that embed the IE web rendering engine. Microsoft credited researchers from both Qihoo 360 Core Security and Kaspersky Lab for discovering this issue.

The second zero-day is CVE-2018-8120, an elevation-of-privilege vulnerability in the Win32k component.

"An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft says. But the flaw is not as dangerous as it sounds, as an attacker already needs a foothold on Windows systems to run his malicious code in the first place, to elevate his access rights.

Microsoft also patched CVE-2018-8141 (Windows Kernel Information Disclosure Vulnerability) and CVE-2018-8170 (Windows Image Elevation of Privilege Vulnerability), for which exploitation details became public. Despite info about these two flaws being published online, Microsoft says none were exploited in the wild.

Flash fixes also included
Last but not least, the Microsoft May 2018 Patch Tuesday also included a patch for an Adobe Flash Player vulnerability (CVE-2018-4944) that Adobe patched earlier today.

Below is a table listing of all the security issues Microsoft fixed this month. We used PowerShell and the Microsoft API to assemble the table below, but the report is much longer. We hosted the full report on GitHub, here.

If you're not interested in all security updates and you'd like to filter updates per product, you can use Microsoft's official Security Update Guide, available here.


You are not allowed to view links. Register or Login to view.

Print this item

  Heimdal PRO Discount
Posted by: tarekma7 - 05-08-2018 , 10:31 PM - Forum: Hot Deals & Discounts - Replies (2)

You are not allowed to view links. Register or Login to view.

70% OFF 

Final price:  13$

Print this item

  Amazing bundle: 3 programs, 9 licenses only $9,99
Posted by: AAU - 05-08-2018 , 08:53 PM - Forum: Hot Deals & Discounts - Replies (1)

All programs are the current sales versions with a value of $149,97!

The following programs are included, including installation on up to 3 devices:

Ashampoo® WinOptimizer 15

  • Safe, fast and clean - with just a few clicks!
  • Power like never before
  • More privacy, security and hard drive space
  • The classic: one-click optimization
  • Privacy Control for Windows 10

Ashampoo® UnInstaller 7
  • Removes unwanted programs down to the last byte!
  • Uninstall without remnants
  • Surf the Internet Faster and Safer
  • No problem with nested installations
  • Clean uninstallations even without protocol

Ashampoo® Driver Updater
  • Optimum performance thanks to the latest drivers!
  • Scan - Install - Done
  • Problems? Can be solved!
  • Maximum speed in games
  • Pure safety
You are not allowed to view links. Register or Login to view.

Print this item

  Photodex Products - 25% off
Posted by: AAU - 05-08-2018 , 04:59 PM - Forum: Hot Deals & Discounts - Replies (1)

SAVE 25% OFF on Everything ProShow


Offer Expires May 22, 2018

You are not allowed to view links. Register or Login to view.

Print this item

  A serious security vulnerability has been found in 7-Zip
Posted by: Otaku Lee - 05-08-2018 , 06:19 AM - Forum: Security News - Replies (1)

7-Zip is free, open-source file archiving software that's been around for an awfully long time—nearly two decades, according to Wikipedia. It's barebones, it's simple, and it works, which is why we included it in our list of essential applications for a fresh PC. Unfortunately, as discovered by the Center for Internet Security, it also suffers from a pretty serious security vulnerability that can enable "arbitrary code execution." 

What that means, basically, is that someone who successfully exploits this security flaw could install programs on your PC, view, edit, or delete data, or create new user accounts with full access rights. The good news is that CIS says there are no reports of this actually happening, but the bad news is that the security flaw is present in all versions of 7-Zip prior to 18.05. That version was just released on April 30, which means that unless you've updated sometime within the last four days, your PC is exposed.

Fortunately, the solution is simple. Go to 7-zip.org, download the latest version (it's tiny), and install it. Boom! Problem solved, and you'll be pleased to know that the hot new version of 7-Zip looks exactly the same as the old crappy one.   

CIS also recommended that all software should be run as a non-privileged user, and to apply the "Principle of Least Privilege" to all systems and services, so that if your PC does fall prey to a sploitz-jerk, the damage will be minimized. As a general approach, that's probably not a bad idea.

You are not allowed to view links. Register or Login to view.

Print this item

  Paragon Hard Disk Manager 16 Advanced - 50% off
Posted by: AAU - 05-08-2018 , 04:25 AM - Forum: Hot Deals & Discounts - No Replies

Please, visit here: You are not allowed to view links. Register or Login to view.

Print this item

Rainbow Amazon Web Services
Posted by: MizanurRahman - 05-07-2018 , 05:24 PM - Forum: General Computer Chat - No Replies

The amazon online marketplace on line current market Co-workers is the grand daddy on its way of all world-wide-web software programs, in addition to a founding father of working with XML regarding webservices. Co-workers linked to The amazon online marketplace on line current market can be purchased nearly all a person's items that a rain forest on line current market offers. Each time produce bass a good The amazon online marketplace on line current market bring up offers a very important factor through their internet site, they might acquire a commision with the merchandise, just as event these customers ended up being marketing and advertising gifts close to a frequent department store.
Read More here.. You are not allowed to view links. Register or Login to view... Amazon online marketplace is already being utilized for a system many different applications. Along with Amazon online marketplace World wide web Improvement Companies, one can possibly generate difficult venture applications.
If you want more information please visit here...  You are not allowed to view links. Register or Login to view.

Print this item

  Cyberlink Film Festival Discounts
Posted by: tarekma7 - 05-07-2018 , 01:15 PM - Forum: Hot Deals & Discounts - No Replies

You are not allowed to view links. Register or Login to view.

End: May 10, 2018

exclusive additional 10% OFF discount storewide.

Print this item

  Cyberlink PowerDVD18 Ultra Giveaway
Posted by: tarekma7 - 05-07-2018 , 12:11 PM - Forum: Official & Exclusive Promo2day Giveaways - Replies (29)

[Image: mli8P6r.jpg]

PowerDVD18 –World’s No.1 Movie & Media Player

PowerDVD18 plays more than just DVD and Blu-ray discs. For video, audio, photos, VR 360˚ content and even YouTube or Vimeo, PowerDVD18 is your essential entertainment companion. Unlock the potential of your Ultra HD HDR TV and surround sound system, immerse yourself in virtual worlds with access to ever growing collections of 360˚ videos, or simply unwind wherever you are with unrivaled playback support and unique enhancements on your PC or laptop.

PowerDVD18 Product Page:

You are not allowed to view links. Register or Login to view.

Download Link (30 day trial version): 

You are not allowed to view links. Register or Login to view.

Retail Price: $99.95

Buy Link

You are not allowed to view links. Register or Login to view.

Current Version: 18

Release Date: 2018-04-17

File Size : 202.54 MB

Format Support:

Movies:  BD-R 1.1/BD-RE 2.1, BD-R 2.0/BD-RE 3.0, BDROM 2.2, BD-J, BDROM Profile 1.1 (Bonus View), BDROM Profile 2.0 (BD-Live), BDROM Profile 5.0 (BD 3D), BDROM Profile 6.0 (Ultra HD Blu-ray), AVCREC, AVCHD XAVC-S, DVD-Video, DVD-VR, DVD+VR, VCD, SVCD, CD, BD ISO, DVD ISO

Videos: Conventional Video: 264, 265, 26L, 3G2, 3GP, 3GP2, 3GPP, ASF, AVC, AVI, BSF, DIV, DIVX, DVR-MS, FLV, H264, H265, HEVC, JSV, JVT, M1V, M2P, M2T, M2TS, M2V, M4V, MK3D, MKV, MOD, MOV, MP4, MP4V, MPE, MPEG, MPG, MPV, MTS, MVC, QT, TOD, TP, TPD, TRP, TS, TTS, VC1, VOB, VRO, WM, WMV, WTV

360 Video: Equirectangular format MP4 (H.264/265). Supports up to 4K resolution in 2:1 aspect ratio.

3D-360 Video: Packed-Equirectangular format MP4 (H.264/265). Supports up to 4K resolution in 1:1 aspect ratio.

HDR 10 Video: H.265 in MP4, MKV and M2TS


360 Photo: Equirectangular format JPG


Minimum System Requirements:

Operating System: Windows 10/8.1/8/7 Note: Windows 10 required for Ultra HD Blu-ray playback

Disc Drive: DVD drive to play DVDs and CDs

Blu-ray drive to play Blu-ray Discs

Ultra HD Blu-ray drive to play Ultra HD Blu-ray Discs

Display Devices: HDCP 2.2 complaint display for Ultra HD Blu-ray playback

HDCP complaint display for Blu-ray playback

Memory: 2 GB for Blu-ray Disc playback, 4 GB for Ultra HD Blu-ray Disc playback

Hard Disk Space: 500MB

Graphics Support:

Intel HD Graphics, ATI Radeon HD 5000, NVIDIA GeForce 9500GT

Intel HD Graphics 630 or above in Intel 7th Gen CPU for Ultra HD Blu-ray playback

Audio Support: PCI sound card or on-board audio output

Processor: Intel Core 2 Duo 2.66GHz, AMD Phenom 2.10GHz

Intel 7th Gen Core i (Kaby Lake) with Intel SGX support for Ultra HD Blu-ray playback
Internet Connection: Required for initial software activation, video codec activation and social media services

[Image: rhHcP5v.png]



Giveaway Details:

We have 1 Lifetime Perpetual License

The giveaway will end on May 20, 2018

Winners will be selected by Random.org

You need to claim your win within 2 days after winner announcement


Reply here with your favorite features [Few sentences needed]

Few words as (thanks, count me , very good app...) will not be valid

Share the giveaway on social media or other forums and add the share link in your reply

Subscribe to our newsletter and never miss any giveaway or news


Follow Promo2day on social media [OPTIONAL]

Good Luck for ALL!

Print this item

  Boy, 13, regains consciousness after parents sign papers to donate his organs
Posted by: mrtrout - 05-07-2018 , 12:26 AM - Forum: Photo Albums, Images, & Videos - No Replies

You are not allowed to view links. Register or Login to view.        SURGERY 1 hour ago
Boy, 13, regains consciousness after parents sign papers to donate his organs     By Katherine Lam | Fox News
Trenton McKinley suffered severe brain trauma after an accident. His parents signed papers to donate his organs before he came back to life a day before doctors were going to take him off life support.  (WALA Fox 10)

A 13-year-old boy who was said to be suffering severe brain injury defied odds when he regained consciousness after his parents had signed papers to donate his organs.

Trenton McKinley, of Mobile, Ala., was hospitalized two months ago after a small utility trailer he was in flipped over.

“I hit the concrete and the trailer landed on top of my head. After that, I don't remember anything," Trenton told Fox 10.

Trenton suffered seven skull fractures from the accident. His parents recalled doctors saying their son “would never be normal again.”

“All I saw was a stretcher with his feet hanging out. He was dead a total of 15 minutes,” Trenton’s mother, Jennifer Reindl, told Fox 10. “When he came back, they said he would never be normal again. They told me the oxidation problems would be so bad to his brain, that he would be a vegetable if he even made it.”

Trenton was barely breathing in the days following the crash, Fox 10 reported. His mother ultimately decided to sign papers to donate Trenton’s organs that would benefit five children who needed transplants.

"Five kids needed organs that matched him,” Reindl said. “It was unfair to keep bringing him back, because it was just damaging his organs even more."

A day before doctors were going to take Trenton off of life support, the 13-year-old began showing signs of brain activity and movement. Trenton began breathing on his own and woke up speaking full sentences in late March, his mother wrote on a Facebook fundraising page.

Trenton still has a long road to recovery and suffers nerve pain and daily seizures. He has had three brain surgeries and will have another procedure to reconnect the missing piece of his skull.

Trenton said he believes he went to heaven before he came back to life.

"I was in an open field walking straight,” Trenton recalled. "There's no other explanation but God. There's no other way. Even doctors said it."

Katherine Lam is a breaking and trending news digital producer for Fox News. Follow her on Twitter at @bykatherinelam

Print this item

  The Surprising Adventures of Munchausen
Posted by: ahmed - 05-06-2018 , 09:13 AM - Forum: Game Giveaway of the Day - No Replies

[Image: gYyrA5O.jpg]

Exclusive offer from Giveaway of the Day and MyPlayCity! No third-party advertising and browser add-ons!
The Heart of the Kingdom has been destroyed and now it’s up to Munchausen to save the day in The Surprising Adventures of Munchausen! With the light and prosperity of his kingdom gone, the king has no choice but to marry his daughter to an unknown stranger in exchange for a huge sum of money. Sensing the stranger’s evil, she writes to Munchausen who must now stop the wedding in The Surprising Adventures of Munchausen!

[Image: ihaRERE.jpg]

Giveaway Page:
You are not allowed to view links. Register or Login to view.#

System Requirements:
Windows XP/ Vista/ 7/ 8/ 10; CPU: 1.6 GHz; RAM: 1024 MB; DirectX: 9.0; Hard Drive: 373 MB

Print this item

  Lost Artifacts: Soulstone
Posted by: ahmed - 05-05-2018 , 09:31 AM - Forum: Game Giveaway of the Day - No Replies

[Image: LohdvJ2.jpg]

Stop the terracotta army and find the Soulstone in the game Lost Artifacts: Soulstone! From the game title it’s clear that you are to look for the stolen artifact that is extremely powerful. Claire and her loyal helpers witnessed the revival of the terracotta army. Its Emperor is at all pains to take over the world by awakening a dragon from the crater of a volcano. So all you have to do is to oppose him!

Go on a journey through a country full of legends and myths in the exciting strategy game Lost Artifacts: Soulstone. Many varied quests, 40+ levels, a fun storyline, simple and captivating gameplay, and a mysterious world – all this awaits you now! Restore statues, build epic buildings, overcome challenges and manage resources. Simple controls and an easy-to-understand tutorial will help you easily grasp the basics of the captivating game Lost Artifacts: Soulstone!

[Image: jui0MJs.jpg]

Giveaway Page:
You are not allowed to view links. Register or Login to view.#

System Requirements:
Windows XP/ Vista/ 7/ 8/ 10; Processor 1 Ghz or better; 512 Mb RAM; DirectX 9.0

Print this item

  IObit Advanced SystemCare Free Released
Posted by: mrtrout - 05-05-2018 , 02:28 AM - Forum: Freeware - No Replies

You are not allowed to view links. Register or Login to view.        Advanced SystemCare
By IObit  (Freeware)  Title: Advanced SystemCare
Filename: advanced-systemcare-setup.exe
File size: 28.32MB (29,695,744 bytes)
Requirements: Windows XP / Vista / XP 64-bit / Vista 64-bit / Windows 7 64-bit / Windows 8 / Windows 8 64-bit / Windows 10 / Windows 10 64-bit
Languages: Multiple languages
License: Freeware
Date added: May 4, 2018
Author: IObit
You are not allowed to view links. Register or Login to view.
MD5 Checksum: 40B9A9EC5449A81B19DB803191C4C9CE      Advanced SystemCare 11 is an all-in-one yet easy-to-use PC optimization software to clean, optimize, speed up, and protect your system, as well as secure your online privacy.

With the best 1-click approach, it is easy for you to clean up junk files, leftovers, redundant registry entries, and invalid shortcuts, sweep privacy traces, remove spyware threats, accelerate Internet speed, manage startup items, and fix system weakness and security holes.

Taking advantage of the redesigned Performance Monitor, Advanced SystemCare 11 not only monitors your PC’s RAM/CPU/Disk usage, CPU/GPU/Mainboard temperature, and fan speed in real-time, but also lets you quickly end the processes that slow down your PC to make PC more responsive and faster.

For better privacy protection, Advanced SystemCare 11 optimizes FaceID, Homepage Advisor, and Surfing Protection & Ads- Removal. FaceID automatically captures intruders secretly accessing to your PC or trying to steal your personal information and important files. Homepage Advisor monitors and notifies you of any change to homepage and search engine in case of any unwanted modifications. With Surfing Protection & Ads- Removal, you can enjoy secure & smooth surfing experience without various online threats and annoying ads.
What's more, Advanced SystemCare 11 rebuilds and improves over 10 useful tools and features, such as Startup Manager, Default Program, Large File Finder, Hardware Accelerate, and MyWin10 to make old PCs live longer and new PCs run faster!       Change Log:  Supported clearing cookies and browsing data related to Facebook to avoid privacy leak.   :  Scanned With Panda Global Protection & Digital Signature ( IObit Information Technology )   Panda Found No Malware Threats Of Anykind  Including These : No Virus, No Trojan Horse, No Worms,  No Spyware,  No Ransomware, No Rootkits,  No Adware,

Print this item

  Crazy Talk Animator 3
Posted by: tarekma7 - 05-04-2018 , 11:37 PM - Forum: Reviewer Needed - Replies (4)

I need someone who is interested in this software to prepare a good informative detailed review

It must not be copied from any other website

Please reply here

Print this item

  Facebook's Phishing Detection Tool Now Recognizes Homograph Attacks
Posted by: tarekma7 - 05-04-2018 , 11:27 PM - Forum: Security News - No Replies

[Image: YwMM9XJ.png]

Quote:Facebook has updated a phishing detection toolkit it developed two years ago. The update now allows webmasters who sign up for the tool to detect homograph (Unicode-based lookalike) domains created for their websites.

The tool in question is named Certificate Transparency Monitoring, a Facebook-hosted application. Any website owner can sign-up for free for this service using their Facebook account.

Webmaster can add their domains to a dashboard, and Facebook's tool will scan public Certificate Transparency (CT) logs.

CT logs hold information about new domains that recently obtained an SSL certificate, and they are about to become mandatory for browsers.

Facebook's tool will warn website owners about new sites found in these CT logs that use a similar name to theirs.

Facebook launched this tool in 2016 on the premise that if someone gets an SSL certificate for a site with a domain very similar to another, they are most likely to carry out a phishing attack to collect user credentials or financial information.

Support for homograph attacks
Today, Facebook updated the Certificate Transparency Monitoring tool with a new feature to detect a new type of phishing attack that has become very popular in the past year.

The new attack is called an "IDN homograph attack" and is the practice of registering domains with internationalized Unicode characters in its name.

For example, users can register coịnbạse.com, which will be a totally unique domain in the eyes of a computer. (Take a closer look at the domain again to notice the small dots under the "i" and "a" characters.)

Such attacks have become quite prevalent, with several incidents reported in the past year alone [1, 2, 3].

Support for homograph attacks comes to complete the tool's ability to detect other types of mangled domains, such as those that combine different words (helpdesk-facebook[.]com), common misspellings (faecbook[.]com), or those who nest multiple subdomains to hide the real domain offscreen (facebook[.]com.long.subdomain.that.will.not.be.fully.shown.on.mobile.devices.com).

Tool also gets email alerts
Furthermore, Facebook has also added the ability to alert domain owners via email when a new suspected phishing domain pops up in CT logs.

Past reports and surveys have shown that phishing attacks are usually the most effective in the first few hours after a phishing campaign starts, so, getting alerts and acting as quickly as possible may avert a serious cyber-security incident for your users or employees.

Once domain owners are aware of such domain, they can contact the certificate authority that issued it to have it revoked, contact browser vendors to blacklist the domain, reach out to domain registrars to suspend it, and also alert staff or users about an incoming attack.

In case some webmasters don't own a Facebook account, there are self-hosted alternatives to this tool, such as Certstreamcatcher. Another tool that monitors CT logs, but doesn't alert you about phishing domains, is Cert Spotter.

Facebook's devs have a small obsession with detecting phishing attempts, and for a good reason, as they have to guard over 2.2 billion users. In the past, they have added anti-phishing features to Facebook accounts, but have also awarded prizes for novel anti-phishing techniques.

You are not allowed to view links. Register or Login to view.

Print this item