https://www.bbc.com/news/technology-46508234         Technology
Facebook's hidden battle against ad-blockers
9 hours ago    The methods Facebook uses to thwart ad-blocking technology have been criticised by web developers.

The social network injects dozens of lines of code in every page to make it harder for ad blockers to detect and hide sponsored posts.

But that makes the website less efficient and stops software such as screen readers used by visually impaired users from working properly.

The BBC has contacted Facebook for comment.

In order to block advertising, developers look for patterns in a website's code that can be consistently identified and hidden.

It would be easy for a plug-in to spot the word "sponsored" or to find a container labelled "ad" inside the webpage code, so companies, including Facebook, use coding tricks to obfuscate their ads.

The tricks Facebook uses to fool ad-blocking plug-ins include:

breaking up the word "sponsored" into small chunks only one or two letters long
inserting extra letters, as in "SpSonSsoSredS", hidden to the viewer
adding the word to all regular posts on the news feed, even ones that are not ads, and then using another piece of code to hide it on the non-ads
Facebook provides some controls for users to influence the ads they see.

"Although you can't opt out of seeing ads entirely, you can influence the types of ads you see by giving us feedback or hiding ads and advertisers that you don't want to see," it says in its help centre.

Developers working on the uBlock Origin browser plug-in have been documenting their counter-measures on coding site Github.

In one case, they worked at blocking ad containers labelled "feed_subtitle" and "feed-subtitle".

"That solves it quite neatly," one said. But two days later, Facebook had changed its code again.

"These guys act quick. Now the div [container] is named 'feed_sub_title_ 128; 1402960186614717; 0; 2216051248638936; 1542673577: -7185000746684546330: 5:0:47233'," a coder said.

One, posting as filbo, pointed out that the sponsored text was different depending on your language settings, so ad-blocking efforts should not focus on the word "sponsored".

"If a workable UI-language-neutral expression can be written, that's better," they wrote.

Another, posting as okiehsch, suggested development would never stop.

"I doubt very much that Facebook will stop trying to push their ads, so this issue will never be 'fixed'," they wrote.

https://www.darkreading.com/threat-intel...id/1333448        THREAT INTELLIGENCE     12/10/2018
04:04 PMJai VijayanJai Vijayan
News     Satan Ransomware Variant Exploits 10 Server-Side Flaws
Windows, Linux systems vulnerable to self-propagating 'Lucky' malware, security researchers say.
A new version of ransomware that first surfaced about two years ago is garnering attention for its ability to spread via as many as ten different vulnerabilities in Windows and Linux server platforms.

"Lucky," as the new malware is called, is a variant of Satan, a data encryption tool that first became available via a ransomware-as-a-service offering in January 2017. Like Satan, Lucky also is worm-like in behavior and capable of spreading on its own with no human interaction at all.

Security vendor NSFocus spotted the variant on systems belonging to some of its financial services customers in late November, and described it as likely to cause extensive infections worldwide. The malware is capable of exploiting previously known vulnerabilities in Windows SMB, JBoss, WebLogic, Tomcat, Apache Struts 2, and Spring Data Commons.

Sangfor Tech, another security vendor, also heard from a customer in the financial sector about Lucky infecting some of their Linux production servers. In a blog post, Sangfor said its researchers found the ransomware to encrypt files and append the name '.lucky' to the encrypted files.

NSFocus identified the ten vulnerabilities that Lucky uses to propagate itself: JBoss default configuration vulnerability (CVE-2010-0738); Tomcat arbitrary file upload vulnerability (CVE-2017-12615); WebLogic arbitrary file upload vulnerability (CVE-2018-2894); WebLogic WLS component vulnerability (CVE-2017-10271); Windows SMB remote code execution vulnerability (MS17-010); Spring Data Commons remote code execution vulnerability (CVE-2018-1273); Apache Struts 2 remote code execution vulnerability (S2-045); Apache Struts 2 remote code execution vulnerability (S2-057); and Tomcat Web admin console backstage weak password brute-force flaw.

"There is a risk of extensive infections because [of the] big arsenal of vulnerabilities that [the malware] attempts to exploit," says Apostolos Giannakidis, security architect at Waratek, which also posted a blog on the threat.

All of the vulnerabilities are easy to exploit, and actual exploits are publicly available for many of them that allow attackers to compromise vulnerable systems with little to no customization required, he says. Several of the vulnerabilities used by Lucky were disclosed just a few months ago, which means that the risk of infection is big for organizations that have not yet patched their systems, Giannakidis says.

All but one of the server-side vulnerabilities that Lucky uses affect Java server apps. "The vulnerabilities that affect JBoss, Tomcat, WebLogic, Apache Struts 2, and Spring Data Commons are all remote code execution vulnerabilities that allow attackers to easily execute OS commands on any platform," he notes.

Ransomware attacks have not been quite as high-profile this year as they were in 2017, with the WannaCry and NetPetya outbreaks. But as the new Lucky variant shows, ransomware still remains a popular tool in the attacker's arsenal.

SecureWorks recently analyzed threat data from over 4,000 companies and found that low and mid-level criminals especially are maintaining a steady level of malicious activity against enterprises using ransomware and cryptomining tools. The firm found no discernable difference in ransomware activity between this year and 2017.

Ransomware Pivots to Servers

Like other self-propagating malware, Lucky attempts to spread right after it completes encrypting files on the victim system. The malware scans for specific IPs and ports on the local network and then sends its malicious payload to any systems that are discovered to be vulnerable.

Lucky is an example of how attackers have evolved ransomware tools over the past two- to three years. Instead of targeting OS vulnerabilities—such as Windows SMB protocol—on desktop and other end-user systems, attackers have pivoted to attacking servers instead, Giannakidis notes.

"Instead of targeting OS vulnerabilities their focus is now applications and services on servers," Giannakidis says. "This is also evident by the fact that the ransomware targets Linux systems, which are primarily used for servers."

One reason for the shift in attacks could be that patching server-side applications is a considerably more difficult task than patching desktops. Servers with vulnerabilities in them are likely to remain unpatched—and therefore exposed to attack—for longer periods than vulnerable end-user systems, Giannakidis notes. "According to recent studies, organizations need on average at least three to four months to patch known vulnerabilities with windows of exposure of more than one year to be very common in the enterprise world."

What to Do

NSFocus recommends using an egress firewall or similar functionality to check for suspicious port scanning activity as well as for vulnerabilities getting exploited. Security admins also should check for requests to access to a list of four specific IP addresses and domains and provided steps that organizations can follow to remove the virus from infected systems.

And upgrade to the latest versions of affected software, NSFocus says, and install patches where available.

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio

https://venturebeat.com/2018/12/10/japan...a-be-next/       Japan bans Huawei and ZTE 5G networking hardware; will Canada be next?   
JEREMY HORWITZ@HORWITZ DECEMBER 10, 2018 12:02 PM      If 5G equipment bans from the United States, Australia, and New Zealand weren’t enough this year, Huawei will end 2018 on an even worse note: Kyodo News reports that Japan’s government has decided to block the Chinese company and its smaller rival ZTE from network hardware procurement. Not coincidentally, Canadian authorities are publicly discussing a similar ban following last week’s arrest of Huawei’s CFO.

Japan’s decision comes less than a month after the United States reportedly lobbied several overseas allies to block Chinese cellular hardware from their wireless networks, in part due to concerns over monitoring of U.S. military base communications. According to reports, the U.S. floated the prospect of financial subsidies for compliant countries, alongside the threat of reduced assistance to non-compliant ones.       Kyodo reports that the Japanese government complied, and is coordinating with top cellular providers to remove Huawei and ZTE hardware from their networks. Three carriers have agreed to stop using Chinese 4G equipment and not introduce new 5G hardware into their networks. A soon-to-be-launched fourth carrier has also said it will not use Chinese networking gear.

“It’s extremely crucial not to procure equipment that embeds malicious functions including information theft and destruction,” said Yoshihide Suga, Japan’s Chief Cabinet Secretary, noting that the country is now studying what to do with already purchased Chinese hardware. Top carrier Softbank has indicated that it will replace Chinese 4G cellular products with U.S. and European alternatives, while rivals NTT Docomo, KDDI, and Rakuten will avoid using Huawei and ZTE networking hardware in their 5G infrastructures.

Notably, none of the Japanese carriers will stop selling consumer devices such as phones and tablets from Huawei or ZTE, as they are not believed to impact core network security. That’s unlikely to change in the immediate future, giving users the ability to keep purchasing comparatively inexpensive Chinese products — albeit with potential security risks.

Huawei has strongly denied accusations that its products constitute any form of security risk, and continues to offer its 5G networking hardware to carriers in South America, Africa, and Asia. ZTE was nearly forced to stop doing business entirely after a brief but hastily modified ban by the U.S. government, and actively turned its attention to pitching Japanese cellular companies, apparently without success.

China’s government has responded forcefully to each of the international bans, most recently defending Huawei and ZTE in a statement (via Google Translate) ahead of the Japanese government’s decision. But the protestations have generally fallen on deaf ears, and U.S. officials have continued to lobby friendly intelligence agencies across the world.

Northern neighbor Canada could be the next major U.S. ally to block Huawei from its communications networks. U.S. lawmakers lobbied Canadian Prime Minister Justin Trudeau for a ban on Huawei 5G gear in October, but the government was largely quiet until shortly after Huawei CFO Meng Wanzhou — daughter of the company’s founder, Ren Zhengfei — was arrested in Canada last week on charges of violating U.S. sanctions against Iran.

Though Canadian authorities have described the arrest as non-political, it brought longstanding issues with Huawei to greater attention in the Canadian media. Shortly after The Globe and Mail published a scathing opinion piece on Huawei, former Prime Minister Stephen Harper called for the company to be banned, suggesting that western allies needed to hold China accountable for “rule breaking” that imperiled its trade relationships with partners. “I obviously note that the United States is encouraging western allies to essentially push Huawei out of the emerging 5G network,” Harper said, “and my personal view is that that is something western countries should be doing in terms of our own long-term security issues.”

Soon thereafter, the Toronto Sun built upon Harper’s comments in an anti-Huawei editorial, saying that the company couldn’t be trusted to participate in Canada’s 5G network. And in a separate interview today, Canada’s Infrastructure Minister Francois-Philippe Champagne told the National Post that the country is relying upon input from its intelligence services in deciding whether to ban Huawei, putting national security first in the decision.

While there’s no timetable yet for Canada’s decision on Huawei, and Champagne has said that the issue is too important to be rushed, time is running out if the country hopes to deploy 5G over the next year. Huawei participated in 5G testing with Canadian carrier Telus in February, but by March, Canadian authorities began to question the wisdom of deploying Huawei 5G hardware. The first live Canadian 5G network, dubbed ENCQOR, is scheduled to begin serving business customers in early 2019.

Russian Car Feel like the legendary driver of VAZ 2108! Participate in a race through the countryside.
Try yourself on rally. Custom your car. Drift! Participate in a drag race. Get out of the chase ...
https://game.giveawayoftheday.com/russian-car/

Win one of the 5 licenses for WebSite X5 Professional 17!
WebSite X5 Professional 17 offers you the best way to launch and grow your online activities. Impeccably designed websites tailored for every kind of business, advanced features to sell physical products, and management that's all in one place, including your mobile device, with the included WebSite X5 Manager and Feedready apps. In just minutes, create original websites, product landing pages, and professional online stores for you and your clients.

GP:
https://www.giveawayoftheday.com/website...sional-17/

5 days or less Time Remaining!

Ashampoo Video Optimizer Pro
 

• Quote:“Ashampoo Video Optimizer Pro is an effective solution to enhance the quality of your videos. Stabilize shaky footage super easily, optimize contrasts and colors or sharpen your clips. Remove digital noise and flicker with incredible ease. Create slow motion or time-lapse effects and fix lens distortions at the click of a button. Use the built-in editor to rotate, crop or merge your videos.” ~ 

• This contest will be active beginning Monday, December 10 and will expire at midnight Thursday, December 20, 2018. Winner(s) will be chosen by random drawing and will be notified by eMail
  
  
• Winner(s) must claim their prize within five (5) days
  

Quote: Bug dealt with in Chrome and Edge, but still a problem for Firefox users.

Malware authors, ad farmers, and scammers are abusing a Firefox bug to trap users on malicious sites.

This wouldn't be a big deal, as the web is fraught with this kind of malicious sites, but these websites aren't abusing some new never-before-seen trick, but a Firefox bug that Mozilla engineers appear to have failed to fix in the 11 years ever since it was first reported back in April 2007.

The bug narrows down to a malicious website embedding an iframe inside their source code. The iframe makes an HTTP authentication request on another domain. This results in the iframe showing an authentication modal on the malicious site, like the one below.
....
.....
Sure, Mozilla is an open source project, and it doesn't have unlimited resources to handle all the reported issues, but you'd think that after more than 11 years a Firefox engineer would find the time to fix an actively exploited issue.

https://news.softpedia.com/news/don-t-ex...4180.shtml        Don’t Expect 2019 iPhones to Look Much Different from the Current Models

Apple still thinks it knows what you want better than you
Dec 8, 2018 20:34 GMT  ·  By Bogdan Popa ·                  
Tim Cook doesn't believe iPhones need a visual makeover
Remember the days when we were joking that the iPhone 8 looked like the iPhone 7, which looked like iPhone 6s, which looked like the iPhone 6?

We might be able to do that again next year if an analyst note to clients is anything to be believed.

Nomura analyst Anne Lee says the 2019 iPhone generation won’t be changed too much versus the current models, which means the next iPhone X will be very similar to the iPhone XS, which in its turn was an original iPhone X lookalike.

Apple is expected to launch the same three models next year with a 5.8-inch model, a larger Max sibling, and an LCD variant that will boast a 6.1-inch display. Nothing will change in terms of design, so expect bezels that will have the size of the current configuration, as well as a notch that wouldn’t get significantly smaller.

Three iPhones launching in 2019
“We think the three new iPhones in 2H19F will likely have the same form factors (body size and displays) as the 2H18 iPhone XR, XS, and XS Max, with some added AR [augmented reality]-related features,” the analyst was quoted as saying.

“We think 2019 could be the last year the iPhone uses the iPhone X design architecture, in preparation for initial hardware specs for 5G (sub-6GHz) and AR (augmented reality), before greater architecture upgrades in 2020F for 5G and a more comprehensive AR system.”

By the looks of things, the days when Apple thinks that it knows what you want better than you aren’t gone entirely and the company keeps insisting for a device that no longer sells in record numbers anymore.

In fact, as if Apple’s crisis wasn’t obvious, the analyst said there’s a good chance iPhone sales would go down even more in fiscal year 2019, with estimates pointing to 204 million units sold. And because no significant change would happen on the next generation, the drop would continue in FY 2020 to 200 million units sold.

In the meantime, Apple rivals Samsung and Huawei are working on all kinds of design overhauls, including front-facing cameras and fingerprint sensors embedded into the glass.

https://news.softpedia.com/news/open-sou...pd_related         'Open-Source' DarthMiner Malware Targets Adobe Pirates with Cryptominer

Also contains a disabled encrypted traffic sniffer module
Dec 7, 2018 20:37 GMT  ·  By Sergiu Gatlan ·                 
OSX.DarthMiner camouflaged as Adobe Zii
A slightly weird malware strain has been observed using the open source XMRig cryptominer and EmPyre backdoor utilities to target software pirates as reported by Malwarebytes Labs.

The OSX.DarthMiner malware was designed to emulate the Adobe Zii tool used to pirate various Adobe apps, although it failed to also copy its icon instead bundling an Automator applet icon that stands out, potentially breaking the "illusion."

Although the malware contains code that might potentially intercept encrypted traffic with the help of a mitmproxy root certificate, the OSX.DarthMiner authors commented it out, deciding to only use it as a dropper for the Python-based EmPyre backdoor.

In the next step of the infection, after the backdoor script capable of running arbitrary commands is downloaded and launched on the compromised system, the malware makes sure that it gains persistence between reboots with the help of a launch agent named com.proxy.initialize.plist.

Next, the XMRig cryptominer together with a configuration file is downloaded into the /Users/Shared/ folder and a new launch agent dubbed com.apple.rig.plist is set up to make sure the cryptominer will always use the malware's authors mining configuration.

DarthMiner could also have other malware-like behavior besides cryptomining
Even though the OSX.DarthMiner malware seems to be harmless at first sight given that malicious cryptominers will at most slow down the victim's Mac by sucking up all CPU and GPU resources, there's more to it than meets the eye.

"It’s important to keep in mind that the cryptominer was installed through a command issued by the backdoor, and there may very well have been other arbitrary commands sent to infected Macs by the backdoor in the past," added Malwarebytes' Thomas Reed.

Furthermore, "It’s impossible to know exactly what damage this malware might have done to infected systems. Just because we have only observed the mining behavior does not mean it hasn’t ever done other things."

Among the malicious tasks OSX.DarthMiner could allow the bad actors to run in the background secretly, data collection and exfiltration is probably the least dangerous.

Some would say that software pirates are probably the most deserving targets when it comes to malware attacks and we also tend to agree. After all, when karma hits, it hits hard.

The best screen recorder:
With ScreenVideo, you can create videos of everything on your screen with just one click. You decide whether you want to record the whole screen or just a part of it. Optically and technically the best screen recorder on the market.

For beginners and professionals:
Whether you're already a screencast pro or creating a video from your desktop for the first time, ScreenVideo gives you intuitive operation and just the right features for demanding shots.

Show yourself with the moderator function:
To explain something to someone, a video is ideal. The practical moderator function uses picture-in-picture technology to integrate you directly into the corner of your screen video. All you need is a webcam and off you go!

Support OS:
Windows 10, Windows 8.1, Windows 8, Windows 7

Home:
https://www.abelssoft.de/en/windows/Mult...creenVideo

Giveaway Download:
https://www.deskmodder.de/blog/wp-conten...modder.zip

Note:
After installation, it must be registered. With the link from the incoming mail, the program will be unlocked.

Source

About:
Powerful data recovery software to recover deleted, formatted or inaccessible data from any hard drive or storage device.

TogetherShare Data Recovery is fast, safe and powerful data recovery software. It not only can recover deleted data, but it also can recover lost data due to format, virus infection, logical error, human error, etc. It even can help you recover deleted/lost hard drive partition and recover inaccessible or damaged data.This powerful data recovery software can recover all types of lost files such as MS Office documents, audio, PDF, videos, archives, emails, and more. It can recover lost data from PC/laptop, HDD/SSD, USB flash drive, memory card, SD card, digital camera, digital camcorder, MP3/MP4 player, RAID, Server system and other storage media device.TogetherShare Data Recovery is complete easy-to-use data recovery software. It is pretty simple to use. And it is fully compatible with all popular Windows operate systems. If you want to quickly and completely recover lost data, just try it.

Home:
https://www.togethershare.com/data-recov...tware.html

GP:
https://giveaway.download.hr/windows/tog...ofessional

To get your serial key please share this offer on social network or wait 300 seconds.
OR
Download & License:

GP:
https://www.giveaway-club.com/
Download:
https://www.giveaway-club.com/afterdownload

Registration/License policy,Terms of the offer,tech info etc:
https://www.giveaway-club.com/afterdownload/key
OR

Bias FX Lite Software


For guitar enthusiasts. Note - signup required.

Key Features:
3 amps and 6 effects pedals, ranging from clean tones to high gain
Smart-Splitter switches between and combines dual signal paths
Preview presets on ToneCloud®
Audio plug-in with any DAW (supports VST, AU, AAX)
Stand-alone app operation (PC/Mac)
https://www.positivegrid.com/bias-fx/#section_addToCart

Get BIAS FX LE for Free

3 DAYS ONLY!

About:
Exclusive offer from Giveaway of the Day and MyPlayCity! No third-party advertising and browser add-ons!

In the game Voyage to Fantasy: Part 1 you are to enjoy the amazing adventure in the distant lands where you will look for tons of hidden objects. Be attentive and you'll manage to get combos, extra scores and emeralds! Use boosters wisely to unlock challenging levels. You are to cope with several missions where the each member of your team will help you. Lots of levels await you in the marvelous game!



GP:
https://game.giveawayoftheday.com/voyage...sy-part-1/#


System Requirements:
Windows XP/ Vista/ 7/ 8/ 10; Processor 1.7 Ghz or better; 2048 Mb RAM; DirectX 9.0

About:
Effectively recover lost data from iPhone, iPad, iPod touch and iTunes and iCloud backup under many data loss scenarios. Professional iOS Data Recovery software which can easily recover all kinds of lost or deleted files including contacts, messages/SMS/iMessages, photos/pictures, videos, voice memos, message attachments, notes, notes attachments, Whatsapp messages, call log, bookmarks, reminders, calendars, etc. from iPhone, iPad, iPod Touch and iTunes/iCloud Backup.

GP:
https://www.giveawayoftheday.com/safe365...overy-pro/#
OR
Download & License:

Quote: Sextortion emails take a dark turn and are now trying to infect users with the GandCrab ransomware.
... ...
...
But this week, sextortion scams took another very dangerous turn. Security researchers at Proofpoint have told ZDNet that they've seen a variation of a sextortion scam campaign that included a link at the bottom of the blackmail message [in full here].

The scammers claimed to have a video of the user pleasuring himself while visiting adult sites, and they urged the user to access the link and see for himself. But Proofpoint says that instead of a video, users received a ZIP file with a set of malicious files inside.
Users who downloaded and ran these files would be infected by the AZORult malware, which would immediately download and install the GandCrab ransomware.
Even if the user had no intention of paying the sextortion demand, curious users would still end up being held for ransom if they were careless enough to follow the link and ran the files they received.
Users who receive these types of messages are urged to ignore them. Proofpoint says this campaign has been active since December 5. More technical details and indicators of compromise about these emails and associated malware files are available in Proofpoint's report here.

Quote:Researchers identified a widespread campaign of brute force attacks against WordPress websites.

WordPress sites are being targeted in a series of attacks tied to a 20,000 botnet-strong army of infected WordPress websites. Behind the WordPress-on-WordPress assault is a widespread brute-force password attack leveraged through a Russian proxy provider and targeting a developer application program interface (API).

The attacks, first identified by the Defiant Threat Intelligence Team and reported by Wordfence on Wednesday, utilized four command-and-control (C2) servers that in turn send requests to over 14,000 proxy servers tied to a Russian internet firm called Best Proxies, according to the Wordfence.

“[The attackers] use these proxies to anonymize the C2 traffic. The requests pass through the proxy servers and are sent to over 20,000 infected WordPress sites. Those sites are running an attack script which attacks targeted WordPress sites,” wrote Mikey Veenstra, a web security researcher at Wordfence, in a post.

The historic Clifton mill, built in 1802 and still working, opened its Legendary Lights for the 2018 holiday season on Friday, Nov. 23. Clifton Mill won the $50,000 grand prize on the ABC’s “The Great Christmas Light Fight” Monday night and earned bragging rights as the heavyweight champ.

For 31  years Clifton Mill has celebrated the Christmas season in a very special way. Their light display is one of the country’s finest with over 4 million lights illuminating the mill, the gorge, the riverbanks, trees and bridges. There is even a 100 foot “waterfall” of twinkling lights. The flip of one switch turns all the lights on at once transforming night into a fantastical winter wonderland.



WANT TO GO?

Legendary Lights at Clifton Mill

Where: 75 Water St. Clifton, Ohio

When: 5-9:30 p.m. through Dec. 31. Lights go on at 6 p.m. Display closes at 8 p.m. on Christmas Eve, Christmas Day and New Year’s Eve.

Cost: $10, children 6 and younger are admitted free.

More Info: 937-767-5501 | www.cliftonmill.com

To All of Our Veterans out there, This is For You. Thank You, And May You all Have a Very Merry Christmas.