Welcome, Guest
You have to register before you can post on our site.



  Far Cry 5 Giveaway
Posted by: tofana - 05-04-2018 , 11:25 PM - Forum: Console Games - No Replies

Far Cry 5 Giveaway

You are not allowed to view links. Register or Login to view.

[Image: 31381207_2327456490807887_69570590347551...1525400232]

Print this item

  Switch from Old Gmail to New Gmail in Windows and Mac (2018)
Posted by: tarekma7 - 05-04-2018 , 11:03 PM - Forum: Video Reviews - No Replies

Print this item

  WannaCry dominated 2017 ransomware landscape: report
Posted by: tarekma7 - 05-04-2018 , 10:58 PM - Forum: Security News - No Replies

Quote:The volume of ransomware attacks in 2017 increased dramatically, but almost all of this growth was due to the appearance of WannaCry, a new report states.

F-Secure's The Changing State of Ransomware report found the volume of ransomware attacks increased 400 percent last year with 90 percent of the reported incidents being the ransomware/worm WannaCry. After WannaCry's initial appearance in May 2017 the use of other ransomware types fell off to near zero by the end of the year.

“After the summer, there was a noticeable shift away from the kind of ransomware activity that we've seen in the last year or two,” said F-Secure Security Advisor Sean Sullivan. “The last couple of years saw cybercriminals developing lots of new kinds of ransomware, but that activity tapered off after last summer. So it looks like the ransomware gold rush mentality is over, but we already see hard-core extortionists continuing to use ransomware, particularly against organizations because WannaCry showed everyone how vulnerable companies are.”

Despite WannaCry's dominance, F-Secure said 343 unique types of ransomware were uncovered last year, up 62 percent from 2016, mostly before WannaCry's appearance.

You are not allowed to view links. Register or Login to view.

Print this item

  How to Download Your Entire Facebook History
Posted by: tarekma7 - 05-04-2018 , 10:36 PM - Forum: Guides, Tips & Tricks - No Replies

Quote:[Image: facebook_download.jpg]

Whether you’re leaving Facebook for good or just curious about what data the social network has collected on you, you might want to download your Facebook data.

The option to download your Facebook data has existed since 2010, as Mark Zuckerberg made clear when he promised to fix Facebook after the Senate hearings of April 2018.

So let’s take a look at how to download your Facebook data, what’s included, and, perhaps most importantly, what’s not included.

All Facebook users are able to request the data download via their General Account Settings. It’s not possible to use Facebook’s mobile apps to do this. 

Instead you’ll need to login to the desktop website using a browser:

Open a new tab in your web browser and head to Facebook.com and login.
Click on the downward arrow in the top-right corner and choose Settings, or head to Facebook.com/settings.
At the bottom of the General tab click on “Download a copy of your Facebook data.“
Select what you would like to include, or leave everything selected (default) then click Create File.
Wait until your data is ready to download. You will receive a notification when it’s done.
Click on the notification, review the file size, then click Download.
Enter your account password to confirm your identity, then wait for the download to complete.
Your data will be delivered in a ZIP archive (how to extract files from a ZIP archive). The size of all my data was 178.5MB, which is about a decade’s worth of light use. This took around three minutes for Facebook to process and make available. If you’re a heavy user, expect to wait longer.

Read full article:

You are not allowed to view links. Register or Login to view.

Print this item

  Deadpool 2: The Final Trailer (20th Century Fox)
Posted by: mrtrout - 05-04-2018 , 02:36 AM - Forum: Off Topic Chat - No Replies

You are not allowed to view links. Register or Login to view.      Deadpool 2: The Final Trailer      20th Century Fox
Published on Apr 19, 2018    After surviving a near fatal bovine attack, a disfigured cafeteria chef (Wade Wilson) struggles to fulfill his dream of becoming Mayberry’s hottest bartender while also learning to cope with his lost sense of taste. Searching to regain his spice for life, as well as a flux capacitor, Wade must battle ninjas, the yakuza, and a pack of sexually aggressive canines, as he journeys around the world to discover the importance of family, friendship, and flavor – finding a new taste for adventure and earning the coveted coffee mug title of World’s Best Lover. 

In Theaters May 18, 2018     Category
Film & Animation
Standard YouTube License

Print this item

  Marvel Studios' Ant-Man and The Wasp - Official Trailer
Posted by: mrtrout - 05-04-2018 , 02:31 AM - Forum: Off Topic Chat - No Replies

You are not allowed to view links. Register or Login to view.        Marvel Studios' Ant-Man and The Wasp - Official Trailer     Category
Standard YouTube License

Print this item

  Soft Organizer 7.15 Released
Posted by: mrtrout - 05-04-2018 , 01:56 AM - Forum: Paid - No Replies

You are not allowed to view links. Register or Login to view.        Soft Organizer Version History
v. 7.15 05/03/2018
Visual improvements.
The installed applications updates check can be performed even when Soft Organizer is closed.
Bug fixed: In case the By Developer applications grouping mode was selected, it could work incorrectly.    :   You are not allowed to view links. Register or Login to view.        System Requirements
Operating system: Microsoft Windows XP - 10 (32-bit and 64-bit)
RAM: from 256 Mb
Disk space: 50 Mb
Administrator rights       Features
1. Very simple and intuitive operation
The simple, convenient, and non-overloaded interface doesn’t distract a user from the installing and/or uninstalling process. The Soft Organizer utility looks like a simple list of installed programs, where a user merely needs to select a program and click “Uninstall”. At the same time, the tool features the entire range of capabilities that even programs with much more complex interfaces have. (Most of those programs look like a space shuttle cockpit with many gauges, meters, and obscure instruments.)

2. Has only the functions you really need
Thanks to judicious selection of capabilities, Soft Organizer features only those options you really need in your work. The overall functionality of the program is similar to competitive application removal solutions.

3. Enhanced capabilities for experienced users
Due to the number of enhanced functions in Soft Organizer, experienced users can enjoy more precise control over the process. Such functions keep a low profile and do not distract other users, so installing and uninstalling applications using Soft Organizer remains simple and intuitive.


Search for traces (residues) of the program being uninstalled
Allows you to remove traces of programs that were not tracked while installing (powered by the Full Uninstall technology).

Universal Windows Apps Removal
Allows you to remove universal Windows 8/10 apps that was installed from Windows Store.

Built-in program rating
Program rating allows you to evaluate installed applications. The rating is calculated based on the total number of users who have removed this app from the computer shortly after installation.

Automatic restore points
Automatic creation of restore points during the removal of application residues indemnifies the system against any possible emergency.

Remove multiple programs at once
You can easily remove even multiple applications in Soft Organizer by simply selecting all programs you don’t need anymore and clicking "Uninstall".

"Silent" program installation
For those setup packages that support silent install, you can install applications in the "no questions asked" mode in one click.

Export the list of installed programs to HTML
When you contact the support staff of a company, they may ask you about the programs installed on your computer. You can easily get such a list in a few clicks. The list is saved as an HTML file that is easy to open and to read.

Sorting and grouping of the list
The list of programs can be sorted by various parameters (install date, tracking status, title, and others) for instant search for given apps in the list.

Program quick search function
With quick search, you can find a desired application almost immediately, as long as you know its title or a portion of it. The list dynamically shortens as you type the text in the search box.

Built-in automatic update mechanism
Soft Organizer automatically updates to new versions. You don’t need to visit the website of the program or download or install the tool manually. You simply click the Update button, and the program does the rest.

Program description
If the purpose of some program in the list looks vague, you can view its description by clicking the special question icon near the program title (not available for all programs).

Check for new versions
For installed programs there’s an option to check for newer versions of a program. This allows you to keep applications up-to-date, as well as to eliminate bugs and problems caused by the outdated versions.

This function available in paid Pro-version only
PRO Search for leftovers of the already uninstalled programs
Allows you to remove leftovers of already uninstalled programs.

This function available in paid Pro-version only
PRO Tracked installation of programs
Installs apps and tracks changes in the system to enable removing tracked elements later (powered by the Full Uninstall technology).   Emsisoft Anti-Malware - Version 2018.4.0.8631

Last update: 2018-05-03 9:00:33 PM  OS version: Windows 10x64 

Scan settings:

Scan type: 
Objects: C:\Users\mrtro\Desktop\soft-organizer-setup.exe

Detect PUPs: On
Scan archives: On
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off

Scan start: 2018-05-03 9:13:19 PM

Scanned 1
Found 0

Scan end: 2018-05-03 9:13:39 PM
Scan time: 0:00:20

Print this item

  Keeping your twiiter account secure
Posted by: baziroll - 05-04-2018 , 01:25 AM - Forum: Security News - No Replies

Quote:About The Bug
We mask passwords through a process called hashing using a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter’s system. This allows our systems to validate your account credentials without revealing your password. This is an industry standard.  
Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again.

You are not allowed to view links. Register or Login to view.

Print this item

  Sci-Hub ‘Pirate Bay For Science’ Security Certs Revoked by Comodo
Posted by: mrtrout - 05-03-2018 , 09:38 PM - Forum: Security News - No Replies

You are not allowed to view links. Register or Login to view.         Sci-Hub ‘Pirate Bay For Science’ Security Certs Revoked by Comodo
Sci-Hub, often known as 'The Pirate Bay for Science', has lost control of several security certificates after they were revoked by Comodo CA, the world's largest certification authority. Comodo CA informs TorrentFreak that the company responded to a court order which compelled it to revoke four certificates previously issued to the site.

Sci-Hub is often referred to as the “Pirate Bay of Science”. Like its namesake, it offers masses of unlicensed content for free, mostly against the wishes of copyright holders.

While The Pirate Bay will index almost anything, Sci-Hub is dedicated to distributing tens of millions of academic papers and articles, something which has turned itself into a target for publishing giants like Elsevier.

Sci-Hub and its Kazakhstan-born founder Alexandra Elbakyan have been under sustained attack for several years but more recently have been fending off an unprecedented barrage of legal action initiated by the American Chemical Society (ACS), a leading source of academic publications in the field of chemistry.

After winning a default judgment for $4.8 million in copyright infringement damages last year, ACS was further granted a broad injunction.

It required various third-party services (including domain registries, hosting companies and search engines) to stop facilitating access to the site. This plunged Sci-Hub into a game of domain whac-a-mole, one that continues to this day.

Determined to head Sci-Hub off at the pass, ACS obtained additional authority to tackle the evasive site and any new domains it may register in the future.

While Sci-Hub has been hopping around domains for a while, this week a new development appeared on the horizon. Visitors to some of the site’s domains were greeted with errors indicating that the domains’ security certificates had been revoked.

Tests conducted by TorrentFreak revealed clear revocations on Sci-Hub.hk and Sci-Hub.nz, both of which returned the error ‘NET::ERR_CERT_REVOKED’.

Certificate revoked

These certificates were first issued and then revoked by Comodo CA, the world’s largest certification authority. TF contacted the company who confirmed that it had been forced to take action against Sci-Hub.

“In response to a court order against Sci-Hub, Comodo CA has revoked four certificates for the site,” Jonathan Skinner, Director, Global Channel Programs at Comodo CA informed TorrentFreak.

“By policy Comodo CA obeys court orders and the law to the full extent of its ability.”

Comodo refused to confirm any additional details, including whether these revocations were anything to do with the current ACS injunction. However, Susan R. Morrissey, Director of Communications at ACS, told TorrentFreak that the revocations were indeed part of ACS’ legal action against Sci-Hub.

“[T]he action is related to our continuing efforts to protect ACS’ intellectual property,” Morrissey confirmed.

Sci-Hub operates multiple domains (an up-to-date list is usually available on Wikipedia) that can be switched at any time. At the time of writing the domain sci-hub.ga currently returns ‘ERR_SSL_VERSION_OR_CIPHER_MISMATCH’ while .CN and .GS variants both have Comodo certificates that expired last year.

When TF first approached Comodo earlier this week, Sci-Hub’s certificates with the company hadn’t been completely wiped out. For example, the domain You are not allowed to view links. Register or Login to view. operated perfectly, with an active and non-revoked Comodo certificate.

Still in the game…but not for long

By Wednesday, however, the domain was returning the now-familiar “revoked” message.

These domain issues are the latest technical problems to hit Sci-Hub as a result of the ACS injunction. In February, Cloudflare terminated service to several of the site’s domains.

“Cloudflare will terminate your service for the following domains sci-hub.la, sci-hub.tv, and sci-hub.tw by disabling our authoritative DNS in 24 hours,” Cloudflare told Sci-Hub.

While ACS has certainly caused problems for Sci-Hub, the platform is extremely resilient and remains online.

The domains You are not allowed to view links. Register or Login to view. and You are not allowed to view links. Register or Login to view. are fully operational with certificates issued by Let’s Encrypt, a free and open certificate authority supported by the likes of Mozilla, EFF, Chrome, Private Internet Access, and other prominent tech companies.

It’s unclear whether these certificates will be targeted in the future but Sci-Hub doesn’t appear to be in the mood to back down.

Tagged in:
American Chemical Society, Comodo CA, sci-hub, ssl

Print this item

  [PC,Xbox One,PS4] Battlefield 4-Dragons Teeth DLC
Posted by: ahmed - 05-03-2018 , 03:55 PM - Forum: Gaming News - No Replies

[Image: h5DspcD.jpg]
[Image: 0JFZsu0.jpg]

Battlefield 4 Dragon’s Teeth ‘ it is one of the five DLCs included in the premium pass, taking us to exotic Asian maps such as a floating restaurant or the bustling Pearl Market.

The expansion pack includes:

  • Urban combat in four new Asian maps.
  • Five new weapons
  • The RAWR (Remote Assisted Weaponized Robot) a remotely controlled vehicle equipped with an LMG and four grenade launchers.
  • Ten missions
  • New multiplayer mode Chain Link

You are not allowed to view links. Register or Login to view.

You are not allowed to view links. Register or Login to view.

Xbox One:
You are not allowed to view links. Register or Login to view.

(Valid Until May 15)

Print this item

  University of Kaspersky 2020 ( RF & CIS only)
Posted by: AAU - 05-03-2018 , 12:55 PM - Forum: Security News - No Replies

It's old news.

The Univeristy of Kaspersky 2020 - an application for increasing the level of information security of social network users VKontakte and Facebook.

Join here: You are not allowed to view links. Register or Login to view.

Rules: You are not allowed to view links. Register or Login to view.

Prizes: You are not allowed to view links. Register or Login to view.

Note: For all legal residents of the Russian Federation and Commonwealth of Independent States only.
Offer from Dr.Web: You are not allowed to view links. Register or Login to view.

Print this item

  New Hacking Tool Lets Users Access a Bunch of DVRs and Their Video Feeds
Posted by: tarekma7 - 05-02-2018 , 09:11 PM - Forum: Security News - No Replies

Quote:An Argentinian security researcher named Ezequiel Fernandez has published a powerful new tool yesterday that can easily extract plaintext credentials for various DVR brands and grant attackers access to those systems, and inherently the video feeds they're supposed to record.

The tool, named getDVR_Credentials, is a proof-of-concept for CVE-2018-9995, a vulnerability discovered by Fernandez at the start of last month.

CVE-2018-9995 —the dangerous flaw that everyone ignored
Fernandez discovered that by accessing  the  control panel of specific DVRs with a cookie header of "Cookie: uid=admin," the DVR would respond with the device's admin credentials in cleartext. The entire exploit is small enough to fit inside a tweet.

$> curl "http://{DVR_HOST_IP}:{PORT}/device.rsp?opt=user&cmd=list" -H "Cookie: uid=admin"

Initially, Fernandez discovered that CVE-2018-9995 affected only DVR devices manufactured by TBK, but in an update to his original report published on Monday, the researcher expanded the list of vulnerable devices to include systems made by other vendors, most of which appeared to be selling rebranded versions of the original TBK DVR4104 and DVR4216 series.

Full article:  You are not allowed to view links. Register or Login to view.

Print this item

  Password Boss Premium: Lifetime Subscription (Unlimited Devices)
Posted by: tarekma7 - 05-02-2018 , 08:45 PM - Forum: Hot Deals & Discounts - No Replies

You are not allowed to view links. Register or Login to view.

93% off

$34.99 $499.99

Print this item

  Dashlane Password Manager: 3-Yr Premium Subscription (50% off)
Posted by: tarekma7 - 05-02-2018 , 02:34 PM - Forum: Hot Deals & Discounts - No Replies

You are not allowed to view links. Register or Login to view.

Print this item

  How to download Windows ISO images (version 1803) April 2018
Posted by: kubik67 - 05-02-2018 , 11:31 AM - Forum: Software Discussion - No Replies

You can download a disk image (. ISO file) that you can use to install or reinstall Windows 10, or to create an installation media using a USB flash drive or a DVD.

The project TechBench by WZT allows without tedious search and registration to download official ISO images of Windows by direct links directly from Microsoft servers.
To use this method, follow these steps:
Go to the project website at this You are not allowed to view links. Register or Login to view..

Next, set the following values in the form:

- Select type: Windows (Final)
- Select version: Windows 10, Version 1803 - Redstone 4 [Apr 2018] (build 17134.1)
- Choose your edition: Windows 10
- Selected language.
- Selected file. 
- Click To Download.

By URL-link download file you can make sure that the download comes from the official Microsoft server. Links are valid for 24 hours from the time of creation.

Note:the selected files include Pro editions, Home and Home for the same language in the same ISO image, direct selection occurs during installation).

Print this item

  Firefox 59.0.3 Released
Posted by: mrtrout - 05-02-2018 , 12:30 AM - Forum: Freeware - No Replies

You are not allowed to view links. Register or Login to view.         See what’s new in Firefox!
Release Notes tell you what’s new in Firefox. As always, we welcome your feedback. You can also file a bug in Bugzilla or see the system requirements of this release.

Download Firefox
Firefox Privacy Notice
Firefox Release
April 30, 2018

Version 59.0.3, first offered to Release channel users on April 30, 2018
Fix for compatibility with Windows 10 April 2018 update (Bug 1452619)       100% Scanned Malware Free & Clean With Comodo Internet Security Premium  & Digital Signature: ( Mozilla Corporation)   (On Comodo Trusted Vendors List)

Print this item

  DDoS attacks in Q1 2018
Posted by: tarekma7 - 05-02-2018 , 12:19 AM - Forum: Security News - No Replies

[Image: 180426-ddos-report-q1-2018-en-1.png]

Quote:News overview
In early January, it was reported that an amateur hacker had come close to pulling off a botnet attack using “improvised” materials. Armed with information gleaned from hacker forums, the DIYer created a Trojan using a zero-day exploit in Huawei routers and released it online. The attack was soon nipped in the bud, but the wannabe cybercriminal could not be traced.

Other slightly weightier news: first, experts reported growth in the Reaper (or IoTroop) botnet (not to be confused with North Korean hacker group The Reaper), first discovered last quarter; second, IT security resources hinted at the emergence of new “strains” of Mirai and Satori (the latter, known as Okiru, is intended for ARC processors), but so far without details. Moreover, in early February a platform selling JenX botnet services was detected and neutralized. JenX was found to be using a fan server for the video game GTA: San Andreas as its C&C. In terms of power, JenX was nothing to write home about, but the originality of its creators deserves a mention. On the topic of original botnets, another worth noting is DoubleDoor: the first known piece of “wild” malware to bundle two IoT vulnerabilities together.

As for new methods and vulnerabilities, besides the multiget hole in Memcached, last quarter news broke of a vulnerability in WordPress that makes it easy to down a web server. Fortunately, no in-the-wild attacks were observed.

The attack targets for this new weaponry remained largely the same. Profit is still the main motive behind DDoS attacks (the number of attacks on business in Russia alone doubled in 2017), although high-profile “commercial” attacks in the last three months were not so numerous. Within the space of three days in early February, players of Final Fantasy encountered problems signing into certain services. At roughly the same time, BusinessWire experienced similar difficulties lasting more than a week, during which period neither editors nor readers could access the news portal. There was no reported ransom demand, so the motive behind the attack can be assumed to be competition-related.

It would be amiss not to mention a series of attacks that hit GitHub and an unknown service provider in early March, which produced record volumes of garbage traffic — over 1 TB/s. This capacity was achieved by leveraging Memcached, a popular caching service for Linux servers. Interestingly, in some of these attacks the garbage traffic itself contained ransom demands in Monero.

Political motives are less common, but often more visible due to their topicality. The most headlining incident of late was, of course, the threat to sabotage the opening ceremony of the Winter Olympics in early February, most likely through a DDoS offensive. Even before that, in late January, the US Department of Defense repelled an influx of spam, and in late March their Russian counterparts had to survive a DDOS attack. In addition, experts reported that North Korean group The Reaper was extending its reach. Despite not showing any DDoS activity, it could soon start moving in that direction.

Another hard-hitting DDoS attack on major financial institutions in the Netherlands was initially thought to be political, but on closer inspection turned out to be pure hooliganism: Dutch police arrested a teen suspect for causing week-long mayhem at several banks simply to prove that it was possible.

DDoS is also becoming more popular as a means of personal revenge. California, for instance, witnessed the case of David Goodyear, who was found guilty of trying to launch a DDoS attack against an amateur astronomy forum when it blacklisted him for using bad language. True, he can’t be accused of not trying other methods before turning his hand to cybercrime: Goodyear repeatedly registered on the forum under different chat names, but each time earned himself a ban for boorish behavior.

Read full article You are not allowed to view links. Register or Login to view.

Print this item

  How to Download Windows 10 April 2018 Update from Windows Update Right Now
Posted by: tarekma7 - 05-02-2018 , 12:15 AM - Forum: Software Discussion - No Replies

[Image: how-to-download-windows-10-april-2018-up...0920-3.jpg]

Quote:New version only offered on manual update checks

Microsoft has finally published the Windows 10 April 2018 Update as a manual download, allowing users who don’t want to wait any longer to get the new tidbits right away.

The automatic rollout is projected to begin on May 8, the same day when Microsoft also kicks off this month’s Patch Tuesday cycle, at which point Windows 10 April 2018 Update will start showing up in Windows Update for the first waves of systems flagged as compatible.

Just like in the past, Microsoft will use a global rollout in waves, which means that systems across the world will gradually receive the OS update as the company addresses software and hardware compatibility issues. With the Windows 10 Fall Creators Update, Microsoft introduced a machine learning (ML) system to select devices that were supposed to upgrade flawlessly, and based on the initial results, this update mechanism would be further expanded to the April 2018 Update as well.

“For the April 2018 Update rollout, we will expand our use of ML to identify the devices ready to update, incorporating things like additional compatibility data. This will allow us to deliver updates to devices as fast as possible while providing even better customer experiences,” Microsoft explains.

“With the April 2018 Update, we have also further shortened the amount of time your device is offline during updates up to 63% compared to the Windows 10 Creators Update. The April 2018 Update will follow the same phased rollout approach of proactively monitoring all available feedback and update experience data and making the appropriate product updates during the rollout.”

How to get April 2018 Update from Windows Update

But as compared to the Fall Creators Update, Microsoft has also made it easier for users to manually download and install the new OS build.

If for version 1709 users had to turn to the Media Creation Tool or the Windows 10 Update Assistant to do this manually, the April 2018 Update introduces a manual download option via Windows Update.

In other words, the update is there in Windows Update, but the download process isn’t triggered until you manually check for updates. To do this, all you have to do is to go to the following path:

Settings > Update & security > Windows Update > Check for updates

Once you press the Check for updates button, Windows Update should scan for new OS updates and begin the process of downloading the Feature update to Windows 10, version 1803. An automatic check won’t be performed until May 8, the day when Microsoft ships Patch Tuesday security fixes, so checking for updates manually is the only way to get it until now.

Needless to say, it takes some time to download the Windows 10 April 2018 Update, and it all depends on a series of factors, like your computer’s configuration and the Internet connection speed. On the other hand, once the download process comes to an end, your system should spend less time in offline stage, as Microsoft has tweaked this process to perform more tasks before the machine needs to be restarted.

Microsoft says that in some cases installing the Windows 10 April 2018 Update could take only 30 minutes, though on systems here at Softpedia the average time spent for installing this new OS version is somewhere around 40 minutes, with slower machines requiring an extra 10 minutes.

No upgrade issue was experienced whatsoever, and judging from early reports, the process appears to be a lot smoother than it was in the case of previous Windows 10 versions. We’ll continue to monitor forums and social networks and let you know should any bugs be discovered.

You are not allowed to view links. Register or Login to view.

Print this item

  Features Removed and Discontinued in Windows 10 April 2018 Update
Posted by: tarekma7 - 05-02-2018 , 12:13 AM - Forum: Software Discussion - No Replies

Quote:Microsoft publishes list of features going away

Just like it happens when a new Windows 10 update gets the green light, the debut of April 2018 Update marks the end of several OS features, as they are replaced with better options or no longer make sense given the new functionality.

Microsoft has published the list of features going away beginning with the April 2018 Update, including removed and deprecated (projected to be removed in a future release) options.

While you can check out the entire table in the pictures included in this article, of particular highlight is the removal of HomeGroup, which is finally going away with the April update. While HomeGroup is being ditched, Microsoft is still offering options to share printers, files, and folders with share tools that are available across the OS.

XPS Viewer is no longer included in the installation image and needs to be installed manually from Settings > Apps and Features > Features on Demand.

Bye bye, Phone Companion
When it comes to features that are no longer being developed, the Windows Help Viewer is one of the apps already on the table to be pulled in a future update.

“All Windows help information is available online. The Windows Help Viewer is no longer supported in Windows 10. If for any reason you see an error message about ‘help not supported,’ possibly when using a non-Microsoft application, read this support article for additional information and any next steps,” Microsoft explains.

Additionally, Phone Companion is deprecated as well in April 2018 Update, as the entire functionality has been moved to the Phone page in the Settings app, so it no longer makes sense being offered separately.

The next stable release for Windows 10 is Redstone 5, projected to land in the fall of this year. The update should be finalized in September and then pushed to devices across the world in October.

You are not allowed to view links. Register or Login to view.

Print this item

  FacexWorm Spreads via Facebook Messenger, Malicious Chrome Extension
Posted by: tarekma7 - 05-02-2018 , 12:06 AM - Forum: Security News - No Replies

[Image: FacexWorm.png]

Quote:Facebook, Chrome, and cryptocurrency users should be on the lookout for a new malware strain named FacexWorm that infects victims for the purpose of stealing passwords, stealing cryptocurrency funds, running cryptojacking scripts, and spamming Facebook users.

This new strain was spotted in late April by Trend Micro researchers and appears to be related to two other Facebook Messenger spam campaigns, one that took place last August, and another one from December 2017, the latter spreading the Digmine malware.

Researchers say FacexWorm's modus operandi is similar to the previous two campaigns, but with the addition of new techniques aimed at cryptocurrency users.

How FacexWorm spreads and infects users
The infection chain has remained the same and usually starts with users receiving link spam via Facebook Messenger.

Clicking the link leads users to a web page mimicking YouTube, which tries to trick the user into installing a YouTube-themed Chrome extension.

Trend Micro says it analyzed this extension and found numerous malicious functions. For starters, the rogue extension adds code to users' Chrome browsers to steal login credentials from login forms.

This behavior isn't active on all sites, but only when users are accessing Google, Coinhive, or MyMonero web accounts. Collected credentials are sent to the FacexWorm gang's servers.

FacexWorm redirects users to scam pages

Second, the rogue FacexWorm extension automatically redirects users to a web page pushing a cryptocurrency scam, asking users to send over a small Ether sum to verify their account.

The redirection takes place only when users try to access cryptocurrency-related sites. The extension comes with a list of 52 websites on which the redirection becomes active. In addition, it will also show up on sites whose URLs also include terms such as "eth," "ethereum," or "blockchain."

Third, the extension also inserts a cryptojacking mining script, loading an instance of the Coinhive in-browser miner, which mines Monero for the FacexWorm gang.

FacexWorm can also steal cryptocurrency

Fourth, the rogue extension also switches recipient information for cryptocurrency transactions on trading platforms such as Poloniex, HitBTC, Bitfinex, Ethfinex, and Binance, and Blockchain.info.

Trend Micro says FacexWorm can replace details for Bitcoin (BTC), Bitcoin Gold (BTG), Bitcoin Cash (BCH), Dash (DASH), ETH, Ethereum Classic (ETC), Ripple (XRP), Litecoin (LTC), Zcash (ZEC), and Monero (XMR) transactions, switching the recipient's address with one owned by the FacexWorm malware creators.

According to Trend Micro, crooks didn't manage to make a profit out of this scheme, as researchers caught and reported the extension early on, and the cryptocurrency addresses associated with this campaign only recorded one transaction worth a meager $2.49.

Crooks also tried to make money via referral URLs

Last but not least, when users try to access certain sites, the FacexWorm rogue extension also redirects users to referral URLs, which is another way in which the malware authors are earning money via their infected hosts.

The referral URL redirection has been spotted for sites such as Binance, DigitalOcean, FreeBitco.in, FreeDoge.co.in, and HashFlare.

Trend Micro said it had an integral role in shutting down this campaign as soon as it got started, reporting it to both Google and Facebook. The Chrome Web Store staff intervened by removing the extension, while Facebook banned domains associated with the spam messages.

You are not allowed to view links. Register or Login to view.

Print this item