About:
Icecream Image Resizer is an extremely simple to use software to change the size of the images. The program supports such image formats as JPEG, JPG, GIF, PNG, BMP, TIFF and TIF. The images can be perfectly resized in a bulk. Files can be dragged and dropped into the program's window, added one by one (the “Add image” button) or by folders (the “Add folder” button). There are multiple various resizing presets to choose from (the “Profile” option). Apply the “Vertical images recognition” option to switch width and height values of the added vertically oriented images before the resizing process. Add custom watermark for the resized images and its opacity if needed.

Home:
https://icecreamapps.com/Image-Resizer/

GP:
https://www.giveawayoftheday.com/icecrea...e-resizer/#

Direct:
https://www.giveawayoftheday.com/downloa...8bb4916b1c

License:

Spoiler

Registration key:GOTD-IMRR1-HTTR9-BNA6Y-G6752

Terms and conditions:
Please note that the software you download and install
during the Giveaway period comes with the following important limitations:
1) No free technical support
2) No free upgrades to future versions
3) Strictly non-commercial usage

Quote:Secretary of State Mike Pompeo confirmed to Fox News' "Fox & Friends" program that the government believes China masterminded the Marriott data theft. "They have committed cyber attacks across the world," he told the show, "We consider them a strategic competitor. They are taking actions in the South China Sea. They're conducting espionage and influence operations here in the United States," The Marriott hacking allegation came amid heightened tensions between Beijing and Washington that encompass geopolitics, trade, technology rivalry and espionage.

Last week Canada arrested an executive of China's leading Huawei telecommunications company at the request of the United States, which plans to charge her with fraud charges related to sanctions-breaking business dealings with Iran. China has responded in kind, detaining a former Canadian diplomat, Michael Kovrig, who is now a China expert at the International Crisis Group security consultancy.

Moreover, Washington is expected this week to unveil new charges against Chinese military and intelligence hackers as it seeks to counter what is seen as a broad-based, sustained cyber threat against US government and corporate targets from Beijing. On Wednesday, it also slapped a $2.8 million penalty on a Chinese energy company, Yantai Jereh Oilfield Services Group, for violating US sanctions by shipping US-made equipment to Iran.

The Marriott hackers, who stole detailed data on some 500 million customers of the world's largest hotel company, are believed to have been working for China's Ministry of State Security. Washington sees them as part of an espionage effort that has targeted health insurers and the US civil service employment database. Marriott revealed on November 30 that cyber-thieves had been in the systems of its Starwood brand since 2014, which Marriott took over two years later.It uncovered the breach in September and the Federal Bureau of Investigation is understood to be investigating the matter.

In the past week, Marriott has sent out emails to customers who had used its systems alerting them that their data may have been stolen.
For more than 60 percent of the customers, the data stolen included passport information, addresses, their travel details, and credit card details.
The company said that the credit card data was protected by two decryption components, but added: "at this point, Marriott has not been able to rule out the possibility that both were taken."

Separately, a new report from computer security company McAfee said their researchers had uncovered a new global effort by hackers to infiltrate the computer systems of nuclear, defense, energy and financial companies. "In October and November 2018, the Rising Sun implant has appeared in 87 organizations across the globe, predominantly in the United States," the company said. It said initial indications were that the hackers were North Korean, but also suggested the possibility that the identifiers in the malware that pointed to Pyongyang may have been a "false flag" to distract researchers from the true source.

Source: US believes Chinese intelligence behind Marriott hack

Quote:OVERVIEW:
Multiple vulnerabilities have been discovered in Mozilla Firefox and Firefox Extended Support Release (ESR), the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

THREAT INTELLIGENCE:
There are currently no reports of these vulnerabilities being exploited in the wild.

SYSTEMS AFFECTED:

• Mozilla Firefox versions prior to 64
  
• Mozilla Firefox ESR version prior to 60.4
  

Have you ever had any of your accounts hacked? I don’t know to many people that have not. Nowadays protecting your accounts is essential. I know several people are resistant to using a password manager, and I used to be one of them. These days your better off to be protected and secure with all your passwords.


What Do Password Managers Do?

Password managers generate secure random passwords that are all stored in one place for you. Of course you can create your own passwords, and also securely store lots of other types of information as well. 1Password is super easy to use and their customer support is excellent. I recommend 1Password to everyone I know.

I’m excited to be able to celebrate New Years Day with this special giveaway. I have been given a FREE YEAR of 1Password (family account) to give one lucky forum member.

All you need to do is answer the question, “How are you currently keeping track of your passwords?” in the comments below to qualify for this giveaway. The giveaway ends at midnight Monday, December 31, 2018.

On New Years Day I’ll randomly choose a winner. Good luck, everyone!

https://news.softpedia.com/news/how-to-c...4246.shtml        
How to Completely Block the “Secret” Activity History Tracking in Windows 10
Block Activity History once and for all in the OS
Dec 12, 2018 13:13 GMT  ·  By Bogdan Popa  ·  Comment  ·             
Activity History settings in Windows 10

Now that we explained how you can check if Windows 10 collects Activity History data without your permission, let’s move to the next step and detail how you can actually stop this secret process from happening on your Windows 10 device.

As we already discussed, simply disabling Activity History from Settings on Windows 10 is no longer enough, as for some reason the operating system ignores your choice and continues to collect information regarding your activity on the device.

And what’s more, it also uploads the data to Microsoft, allowing it to sync between devices should you want Windows Timeline to work on more than one machine.

Fortunately, there are two other ways to block Activity History on a Windows 10 device, as you can turn to the Registry Editor and the Group Policy Editor to do the same thing. The latter, however, only works on Windows 10 Pro and Enterprise, while the Registry Editor trick can be used on Windows 10 Home as well.

In both cases, you’re going to need an administrator account for both hacks, as standard accounts aren’t allowed to make such changes to the system.

Normally, in Windows 10 you should be able to disable Activity History from Settings using the following location:
Settings > Privacy > Activity history

But because this method no longer works, here’s how you can do the same thing with the aforementioned methods:
"Group Policy Editor"

Launch the Group Policy Editor by just clicking the Start menu and typing gpedit.msc. Navigate to the following path in the Group Policy Editor:
Computer Configuration\Administrative Templates\System\OS Policies

On the right side of the screen, there should be at least two policies, and one of them lets you disable Activity History. It’s called:
Allow publishing of User Activities

By default, it should be set to Not Configured, so double-click the policy and then change its mode to Disabled.

There are two additional policies that are worth disabling, just to make sure that Activity History is blocked completely:
Enable Activity Feed
Allow publishing of User Activities

Follow the same steps as before and set both of them to Disabled. Simply saving the changes should apply your settings and Activity History should be blocked entirely.
Disabling Activity History in the Group Policy Editor
"Registry Editor"

The Registry Editor method basically comes down to defining the aforementioned policy manually. So the first thing to do now is to launch the Registry Editor by typing regedit.exe in the Start menu.

Then, navigate to the following path in the Registry Editor:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System

On the right side of the screen, there should be a policy that is called:
PublishUserActivities

If it does not exist, you can simply create it manually by just right-clicking in the right pane and then go to New > DWORD (32-bit) Value. Use the name mentioned above.

Depending on the value that you give to PublishUserActivities you can allow the Activity History tracking or not.
Value 0 = Disabled
Value 1 = Enabled

If you want to disable Activity History on your device, double-click this new item and input value 0. Reboot your system and now Activity History should be blocked completely.

Until now, I’ve seen mixed reports on whether these two methods are effective or not. While some say they do not block Activity History, others claim they do, and no data collection happens anymore.

We’re still waiting for more information from Microsoft, as the software giant has until now remained completely tight-lipped on what exactly happens and why the user configuration is ignored in Windows 10. The two methods, however, will continue to work even after Microsoft fixes the Settings issue.

https://gleam.io/vEG5Y/christmas-giveaway

https://www.tvaddons.co/firetv-vpn-contest/

Neon Void Runner


NeonVoid Runner is a infinite runner in which the player will test their reaction time in a fast virtual reality race placed in a futurist synthwave neon world . A lot of obstacles, various levels that open as you progress and of course crazy speeds await you!
Player controls one of the stylized runners that can jump, slide and run. And they run faster each time player reach a checkpoint in a level. Sometimes you may encounter a blocking wall, but our characters have the power to shoot an energy ball that destroys then.
How to Play:
Up - Jump
Down - Slide
Right - Shoot energy ball

https://game.giveawayoftheday.com/neon-void-runner-2/

GP:
https://sharewareonsale.com/s/free-proce...0-discount
OR
SOS Exclusive Download & License:

Spoiler

Download:
http://downloads.sharewareonsale.com/fil...lities.exe
or
http://www.pcclean.io/process-checker/

Registration Key:
WYMWDMMF602924C1AEF4231XWCG7LxJJbpOI9eNQZjSEuiNCKhsGOLIFETIME

Directions:
After you install the program, you will be asked to register it when you run it for the first time. When registering, make sure to use the name we give you above; if you use your own name, it may not register properly. Also, you may need to run Process Checker as admin for registration to be remembered. Further, if you have this from a prior giveaway, you may not need to register because it might use your registration from before. Enjoy!

• This is a 1-computer lifetime license, for noncommercial use
  
• No free updates; if you update the giveaway, it may become unregistered
  
• No free tech support
  
• You must redeem the license key before this offer has ended
  
• May not be resold
  
• Developed By:YL Computing
  
• Download size is 4.61 MB
  
• Supports Windows 7, 8/8.1, and 10 (32-bit and 64-bit)
  

Have you ever stuck in data loss issue of iOS devices? If the answer is yes, then you may need to read on this to learn how to recover lost or deleted iOS data with the most efficient iPhone data recovery software, TunesKit iPhone Data Recovery for Mac, which can completely bring those lost files back in the shortest amount of time no matter how you lost them, whether it's because of system crash, screen broken, iOS upgrade failure, virus attack, device damaged or lost, password locked, jailbreak error, etc.

About:
TunesKit iPhone Data Recovery for Windows is the most advanced iPhone data recovery software on the Internet. You can use it to recover lost or deleted messages, contacts, photos, videos, calendar, notes, safari bookmark, etc from iOS devices, iTunes backup files and iCloud backup files in 3 simple steps. No matter which devices you are using, like iPhone XS max/ iPhone XS/ iPhone XR/iPhoneX/8/8plus/7/7plus/6s/SE/6/5/4, iPad Mini 4/3/2, iPod, etc. 

Home:
https://www.tuneskit.com/iphone-data-rec...r-win.html

GP:
https://www.giveawayoftheday.com/tuneski...ery-2-1-0/
OR
Download:
https://www.giveawayoftheday.com/downloa...c915e9f0b8
OR
Download,License,Terms etc:

Spoiler

Download:
https://www.tuneskit.com/download/iPhone...covery.exe

License:
2acbf07205131953c85976fa049ed77acea2a0fcc6


NB: After you have successfully registeredthe software, please do not register it again or reinstall it,
otherwise the registered version would be turned into a trial.

You have to install and activate it before the Giveaway offer for the software is over.

Terms and conditions:
Please note that the software you download and install
during the Giveaway period comes with the following important limitations:
1) No free technical support
2) No free upgrades to future versions
3) Strictly non-commercial usage

Quote:Since September, the cyber espionage actors have targeted more than 130 victims in 30 organizations including NGOs, oil and gas, and telecom businesses.

Cyber espionage group Seedworm has been on a tear recently, extending its targets to the telecom, IT services, and oil and gas industries.

According to new research from Symantec's DeepSight Managed Adversary and Threat Intelligence (MATI) team, Seedworm - aka MuddyWater - is constantly evolving, as well as relying on publicly available tools to launch hundreds of successful attacks. Seedworm has been in operation since at least 2017, with its most recent activity occurring this month. Recent attacks aimed to collect data on targets mostly in the Middle East, Europe, and North America.

https://news.softpedia.com/news/eset-une...pd_related     ESET Unearths Android Trojan That Steals Funds from 2FA-Secured PayPal Accounts

The Android malware can steal funds in under 5 seconds   
Dec 11, 2018 19:58 GMT  ·  By Sergiu Gatlan ·                   
Android malware

An Android Trojan capable of using a malicious Accessibility service to steal funds from two-factor authentication protected PayPal accounts was discovered by ESET's security researchers embedded in a battery optimization app distributed outside the Google Play store.

As detailed in ESET's analysis, the Android malware also uses phishing overlays displayed over legitimate banking and messaging apps to steal credit card info and login credentials.

Moreover, to siphon money out of the PayPal wallets of users that installed the fake battery optimization tool, the Trojan asks the victim to activate a malicious Accessibility service.

The just-enabled "Enable statistics" Android service will ask the target to launch the Paypal app and, after a successful login, it will automatically start clicking around the PayPal app transferring money to its masters' accounts.

The Trojan waits for users to log into PayPal before stealing their money
What is impressive in this novel attack is that the bad actors behind this Android Trojan have figured out that stealing two-factor authentication (2FA) codes is too time-consuming and requires too much effort and instead will just wait for their victims to log in and swoop right in for a taste of the money.

Furthermore, this Trojan is especially menacing given that the malicious Android service will be launched automatically every time the PayPal app is opened, potentially leading to vast amounts of money being stolen if enough funds are available in the account.

Phishing overlays are the second less-dangerous yet just as effective method used by this Trojan to take advantage of their victims' decision to install it on their Android devices.

The malware will display HTML-based overlays over Google Play, WhatsApp, Skype, Viber, and Gmail, as well as over some legitimate banking apps to capture and exfiltrate login credentials.

The overlays used to steal login credentials cannot be dismissed without filling in the login forms
Because the overlays used by the malware are displayed on the lock foreground screen, its victims have to fill out the login forms to get rid of it. Fortunately, as ESET states, "even random, invalid inputs make these screens disappear."

Besides the PayPal looting and credential plundering abilities, the Android Trojan analyzed by ESET is also capable of interfering in the SMS delivery process, exfiltrating contacts and installed app lists, make and forward calls, install and launch apps, as well as start communication sockets.

Apps with a similar behavior were also found in the Google Play store camouflaged as location tracking and using Accessibility services to steal funds from Brazilian banks.

ESET previously discovered a similar Android Trojan capable of using overlays to steal banking credentials in the official Google Play store, also with the help of Android's accessibility services even when SMS two-factor authentication was enabled.

https://news.softpedia.com/news/third-pa...4225.shtml        Third-Party Investigation Finds No Malicious Chips on Supermicro Motherboards

No malicious hardware found by customers, US agencies either     
Dec 11, 2018 19:19 GMT  ·  By Sergiu Gatlan ·                 
The big hack that never was?

Supermicro launched an investigation to see if any malicious chips were indeed added on its server motherboards as reported by Bloomberg at the start of October 2018 and the results were negative.

"After thorough examination and a range of functional tests, the investigations firm found absolutely no evidence of malicious hardware on our motherboards," stated Supermicro in its press release.

The audit was conducted by a third-party investigations firm hired by Supermicro to eliminate any suspicions of bias and to prove beyond doubt that their products were not in any way compromised throughout the supply chain as Bloomberg outlined in their report.

The analysis used a collection of representative sample motherboard models including recently released motherboard models, as well as the model affected by the supply chain hardware hack mentioned by Bloomberg in its article.

"We appreciate the industry support regarding this matter from many of our customers, like Apple and AWS," also said Supermicro.

Supermicro also detailed the safeguard measures it uses to ensure its products are not compromised
The company added that "We are also grateful for numerous senior government officials, including representatives of the Department of Homeland Security, the Director of National Intelligence, and the Director of the FBI, who early on appropriately questioned the truth of the media reports."

In support of their findings, Supermicro stated that they have never been informed about malicious hardware being found in their products by any U.S. government agencies.

Furthermore, Supermicro failed to ever discover any proof of maliciously added chips or similar hardware in their server motherboard nor did their customers until Bloomberg's report or after.

The information tech company also said in its press release addressing Bloomberg's October report that it continuously tests every motherboard it manufactures against their design to detect any defects or aberrations that could appear during the assembling process.

The Humble Software Bundle: VEGAS Pro Even More Creative Freedom

Even more awesome software for you. We're bringing the Magix back with another VEGAS Pro bundle! Get applications like VEGAS Pro 15 Edit and SOUND FORGE Audio Studio 12. Plus, your purchase will support charity!
Pay what you want. Normally, the total cost for the software in this bundle is as much as $788. Here at Humble Bundle, you choose the price and increase your contribution to upgrade your bundle! This bundle has a minimum $1 purchase.

Tier 1 ($1 USD)

• Fastcut Plus Edition
  
• Voucher Code for Producer Planet
  

• SOUND FORGE Audio Studio 12
  
• VEGAS Movie Studio 15
  

• VEGAS Pro 15
  
• VEGAS DVD Architect
  
• HitFilm Movie Essentials
  

I got some games left, so as promised listing those below for a tiny giveaway.

Note: I get some of these from friends & take these in good faith. You can understand that its impossible to check if serial is working or already redeemed, unless you activate it on Steam. So if a key turns out to be a duplicate its unfortunate & hopefully I can offer a different replacement game if I have it. You have to active it on Steam & hope all are ok & you get the game. This is the only term/condition I got for such personal giveaways of mine.
Fortunately none turned out as dup yet.  

Games:

Action Henk 
Overwatch (Humble gift)
Serial Cleaner
Immortal Redneck
Zombie army trilogy
Amnesia Dark descent
Amnesia Machine for Pigs
Interplanetary: Enhanced Edition

First come first serve. 1 game per user.

This is the first batch, will arrange another dump of games by Christmas

Quote:Victims fell for phishing trick

According to Group-IB, the hackers were able to grab the username/password pairs via malicious emails that distributed well-known spyware tools like Pony Formgrabber, AZORult, and Qbot (Qakbot).
The phishing operation targeted both personal and corporate email accounts and disguised the malware as a legitimate file or archive. When the victim opened the attachment, the malware would deploy and start looking for sensitive information on the system.
Pony targets over 70 software programs, searching for credentials in configuration files, databases, and secret storages. Once it collects the data, it sends it to the attacker's command and control (C2) server.
AZORult pilfers passwords from web browsers and also forages for data related to cryptocurrency. This particular trojan comes with a diverse set of capabilities that includes downloader functionality to deliver other threats, such as the Aurora ransomware.

Quote:Is it possible for attackers to equip integrated circuits with hardware Trojans that will not change the area or power consumption of the IC, making them thus indiscernible through power-based post fabrication analysis?

A group of researchers from the National University of Sciences and Technology (Islamabad, Pakistan), the Vienna University of Technology and New York University have proven it is.

They have also demonstrated that hardware Trojans (HTs) can be implanted not only by adding logical gates to the original circuit, but also by identifying and safely removing expendable, redundant gates and embedding malicious circuitry at the appropriate locations.

War Hunter is a first person shooter where you take control of the special agents and must fight your way through a cold and mean scenery and find the arms dealer Talib.
The world public is panic-stricken. A well-known arms dealer, Talib, stole a nuclear device from the Russian government.
The media is buzzing about the imminent extermination of all of humanity. The US government has sent a special unit to neutralize the enemy.
The Russians, in turn, send the best agent of the FSB. Will they be able to save the whole world together? Everything depends on you!
You have the classic FPS controls, with WASD and arrows to move your character and mouse to point and shoot.


https://game.giveawayoftheday.com/war-hunter/

Mockplus iDoc, handoff designs with specs, assets and code snippets automatically.
Mockplus iDoc is a powerful product design collaboration tool for designers and engineers. It helps connect the entire product design workflow. It facilitates handoff by taking designs from PS, Sketch, Adobe XD and exporting into a format that can generate code snippets, specs, and assets.
 Export designs in one click from Sketch, XD and PS
 Generate accurate specs, assets, code snippets automatically
 Show design tasks and workflow in full-view storyboard
 Comment right on designs to give instant feedback
 Build hi-fi interactive prototypes with real design files




https://sharewareonsale.com/s/free-mockp...0-discount

Download: (Web App) Mockplus iDoc Professional
DIRECTIONS
Mockplus iDoc is a web app that works directly in your browser, so there is nothing you need to download. However, you need to create an account to activate your free Professional subscription. To get your free subscription, do the following:

• Click here to go to the developer's website. For new users, click the REGISTER button at the top of the page. You are then asked to enter your desired valid email address and password to create an account. Click CONTINUE to confirm. For existing users, you simply need to log in with your email and password.
  
• Once registered and logged in, you must create a new team by clicking the down arrow button next to the default team name displayed at the top-left. Click CREATE TEAM and enter your new team name on the field provided. Click OK to confirm.
  
• Once you’ve created a new team, click here to go to the upgrade page and an UPGRADE IDOC message should appear. Under PLEASE SELECT A TEAM TO UPGRADE, make sure to select the name of the new team you just created. After that, enter/paste the following giveaway activation code where it says PLEASE ENTER AN ACTIVATION CODE:
  • SharewareOnSale exclusive activation code: giveaway11
    
• Finally, click UPGRADE to confirm. If successful, you will see a confirmation message that says ACTIVATED SUCCESSFULLY. That’s it!