Jump to content

Search the Community

Showing results for tags 'sites'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station


  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions


  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 5 results

  1. An active botnet comprising hundreds of thousands of hijacked systems spread across 30 countries is exploiting "dozens of known vulnerabilities" to target widely-used content management systems (CMS). The "KashmirBlack" campaign, which is believed to have started around November 2019, aims for popular CMS platforms such as WordPress, Joomla!, PrestaShop, Magneto, Drupal, Vbulletin, OsCommerence, OpenCart, and Yeager. "Its well-designed infrastructure makes it easy to expand and add new exploits or payloads without much effort, and it uses sophisticated methods to camouflage itself, stay undetected, and protect its operation," Imperva researchers said in a two-part analysis. The cybersecurity firm's six-month-long investigation into the botnet reveals a complex operation managed by one command-and-control (C2) server and more than 60 surrogate servers that communicate with the bots to send new targets, allowing it to expand the size of the botnet via brute force attacks and installation of backdoors. The primary purpose of KashmirBlack is to abuse resources of compromised systems for Monero cryptocurrency mining and redirect a website's legitimate traffic to spam pages. But it has also been leveraged to carry out defacement attacks. Regardless of the motive, the exploitation attempts begin with making use of PHPUnit RCE vulnerability (CVE-2017-9841) to infect customers with next-stage malicious payloads that communicate with the C2 server. Based on the attack signature it found during once such defacements, Imperva researchers said they believed the botnet was the work of a hacker named Exect1337, a member of the Indonesian hacker crew PhantomGhost. KashmirBlack's infrastructure is complex and comprises a number of moving parts, including two separate repositories — one to host exploits and payloads, and the other to store the malicious script for communication with the C2 server. The bots themselves are either designated as a 'spreading bot,' a victim server that communicates with the C2 to receive commands to infect new victims, or a 'pending bot,' a newly compromised victim whose purpose in the botnet is yet to be defined. While CVE-2017-9841 is used to turn a victim into a spreading bot, successful exploitation of 15 different flaws in CMS systems leads to a victim site becoming a new pending bot in the botnet. A separate WebDAV file upload vulnerability has been employed by the KashmirBlack operators to result in defacement. But just as the botnet grew in size and more bots began fetching payloads from the repositories, the infrastructure was tweaked to make it more scalable by adding a load balancer entity that returns the address of one of the redundant repositories that were newly setup. The latest evolution of KashmirBlack is perhaps the most insidious one. Last month, the researchers found the botnet using Dropbox as a replacement for its C2 infrastructure, abusing the cloud storage service's API to fetch attack instructions and upload attack reports from the spreading bots. "Moving to Dropbox allows the botnet to hide illegitimate criminal activity behind legitimate web services," Imperva said. "It is yet another step towards camouflaging the botnet traffic, securing the C&C operation and, most importantly, making it difficult to trace the botnet back to the hacker behind the operation." Source
  2. Expiration of cross-signed root certificates spells trouble for pre-7.1.1 kit... unless they're using Firefox Let's Encrypt, a Certificate Authority (CA) that puts the "S" in "HTTPS" for about 220m domains, has issued a warning to users of older Android devices that their web surfing may get choppy next year. Let's Encrypt launched four years ago to make it easier to set up a secure website. To jumpstart its trust relationship with various software and browser makers – necessary for its digital certificates to be accepted – it piggybacked on IndenTrust's DST Root X3 certificate. As a result, the non-profit's certificates could be presented by websites and be trusted by all the major web browsers to connect to them securely. The CA, overseen by the Internet Security Research Group (ISRG), subsequently issued its own root certificate (ISRG Root X1) and applied for it to be trusted with the major software platforms. By July, 2018, the ISRG Root X1 had been accepted by Microsoft, Google, Apple, Mozilla, Oracle, and Blackberry, and it was no longer really necessary to have IndenTrust's DST Root X3 vouch for Let's Encrypt's character. Next year, on September 1, 2021, the DST Root X3 certificate that Let's Encrypt initially relied for cross-signing will expire and devices that haven't been updated in the past four years to trust the X1 root certificate may find they're unable to connect to websites securely, not without throwing up error messages, at least. We're looking at you, Android. "Some software that hasn’t been updated since 2016 (approximately when our root was accepted to many root programs) still doesn’t trust our root certificate, ISRG Root X1," explained Jacob Hoffman-Andrews, a lead developer on Let's Encrypt and senior staff technologist at the Electronic Frontier Foundation, in a notice on Friday. "Most notably, this includes versions of Android prior to 7.1.1. That means those older versions of Android will no longer trust certificates issued by Let’s Encrypt." The trust lapse will hit about a third of the Android devices currently operating, Hoffman-Andrews claims. With more than 2.5bn active Android users, the impact will be noticeable, though not too much so – those aging Android devices account for only about one to five per cent of internet traffic, apparently. Still, it's worth mentioning. The Android ecosystem, as Hoffman-Andrews observes, has long had a problem getting Google's mobile hardware partners to push software updates to their Android devices, particularly after a few years. And that remains the case today. Unfortunately, Hoffman-Andrews says that there's not much that can be done to ensure Android hardware partners update their devices. And, he adds, buying everyone a new phone isn't a realistic option. One meaningful thing that affected Android users can do is use Firefox, which comes with its own list of trusted root certificates and thus should recognize the ISRG Root X1 certificate. Hoffman-Andrews says that starting January 11, 2021, Let's Encrypt will implement a change in its API to allow Automatic Certificate Management Environment (ACME) clients like Certbot to serve a certificate chain pointing to the ISRG Root X1 by default. But the plan is to maintain an option to set up an alternate link relation tied to the older DST Root X3 certificate for the sake of compatibility. Those who get Let's Encrypt certs from their hosting provider are advised to get in touch with the provider if there are issues with the root certificate being presented. Source
  3. They can add multiple membership levels too. Everyone needs to make a little extra coin these days, including bloggers and site creators. That’s why Squarespace has introduced a way for its customers -- at least for a fee -- to add a “Member Areas” paywall to their sites. According to Squarespace, this means you can make money from your site by gating certain content behind a paid area. So if you’re a publication using Squarespace, you can now add a paywall to certain articles. Squarespace also gave examples of a fitness educator adding group classes or a running club privately sharing schedules and routes in a members-only area. They’re also able to offer membership levels and create multiple members-only sections. TechCrunch reports that the “Member Areas” subscription could take the form of a recurring membership fee or a one-time payment. Some can also be free with registration. Squarespace customers can also offer paid members specialty content like members-only podcasts and newsletters. The “Member Areas” is available now as an add-on to any Squarespace subscription, with plans starting at $9 a month. Source
  4. If a site offers HTTPS, DuckDuckGo's Smarter Encryption will take you there. It's increasingly common for the data that passes between your browser and a website's server to be encrypted with HTTPS, which makes it impossible for outside snoops to read. But you don't get that protection if the URL drops that crucial "S" after HTTP. And while some mechanisms do redirect you to an encrypted version of a site, they often do so only after exposing that initial request. The makers of the privacy-focused search engine DuckDuckGo think there's a better way. Today DuckDuckGo is releasing a feature called Smarter Encryption that combines its existing private search capabilities and tracker blocking service with a new tool to upgrade encryption for more of the sites you visit. It's available on DuckDuckGo's mobile browser for Android and iOS, and through the company's desktop browser extension for Firefox and Chrome. DuckDuckGo is also open sourcing the code behind the feature so other sites and platforms can adopt it as well. First up? Pinterest. "I think people tend to think it’s a less of a problem because a lot of sites automatically redirect you to an encrypted version now, though a lot of sites also still don’t," says Gabriel Weinberg, DuckDuckGo's founder and CEO. "We wanted to give people a more comprehensive privacy solution no matter where the internet takes you." DuckDuckGo isn't the first organization to tackle the HTTP upgrading problem. The Electronic Frontier Foundation's HTTPS Everywhere browser extension and Chromium's HSTS Preload List provide similar functionality. The latter is enabled by default across Chrome, Firefox, Safari, Opera, Edge, and Internet Explorer. These offerings all function basically the same way, working off a list of sites that offer HTTPS versions to upgrade connections before they're established. But DuckDuckGo's tool has one major difference: Rather than populating a list of upgradable sites manually, Smarter Encryption fills it out automatically using the same web crawling smarts built into DuckDuckGo's private search service. No one needs to add and remove entries from the list on their own; whenever the crawler sees that a site supports HTTPS, it records that as the default for all visitors using Smarter Encryption going forward, regardless of what URL they type or link they click. This automatic element makes the list strikingly comprehensive. Compared to other tools, which have fewer than 150,000 sites on their preload lists, Smarter Encryption already works on 12 million sites, making it more likely that you'll reach for the encrypted version of a given site from the start. Weinberg says DuckDuckGo's auto-populating strategy wasn't as easy to build as he first expected, because of the patchwork of encryption implementations on the web. For example, some sites are only set up to encrypt some of their pages. This means that if Smarter Encryption tries to upgrade your connection to that domain, some functionality and pages may break. It took a number of workarounds—including developing visual tests to automatically assess whether a page looked different after adding encryption upgrading—to make it all work without any browsing disruptions. DuckDuckGo launched a beta of the tool in 2018 to test for any issues. And now it's finally ready for prime time. Search engines and social networks are prime platforms for adding encryption upgrades, because they both incorporate huge numbers of links that are crawler or user-generated and may not include "HTTPS." Pinterest itself is fully encrypted, but implemented Smarter Encryption to protect its users as they click links posted on the platform that lead to outside sites. Pinterest says that after incorporating DuckDuckGo's feature, about 80 percent of outbound traffic routes through HTTPS, up from 30 percent before. "DuckDuckGo was the perfect fit for us because they maintain a comprehensive list of upgradable sites, generated by comparing the HTTP and HTTPS version of a site, and adding a site to the HTTPS upgrade list if the two versions are identical," Pinterest explains in a blog post shared with WIRED. "We can then regularly pull and ingest their list." In an early trial deploying the changes to one percent of its users, the social network found that encryption upgrading didn't erode performance. Smarter Encryption will upgrade more and more of your connections over time, to keep as much of your browsing data safe from prying eyes as possible. Theoretically DuckDuckGo might still be able to access those unencrypted requests, which is something to be aware of. But the company has a strong reputation, and Weinberg says that such behavior would violate its privacy policy. There are a lot of privacy holes on the internet that need plugging and gaps in HTTPS is a prime example. Smarter Encryption is one extra protection, at least, that you can largely set and forget. Source
  5. Cloudflare, a company providing performance and security to websites, is having network problems of its own this morning — and taking down a lot of its customers’ sites and apps in the process. Affected companies include podcast app Overcast, chat service Discord, managed hosting provider WP Engine, eCommerce hosting provider Sonassi, public web front-end CDN service CDNJS, and many others — including the sites that rely on the web hosting or who partner with Cloudflare for their CDN service. According to Cloudflare, it identified a possible route leak that’s impacting some of the Cloudflare IP ranges, and its working now to resolve the issue. The problems were first identified around 7:02 AM EST, says Cloudflare, and the problem was identified shortly thereafter. Its status page has been providing continual updates. The company said at 8:34 AM EST, “this leak is impacting many internet services including Cloudflare. We are continuing to work with the network provider that created this route leak to remove it.” Update: The company at 12:42 AM UTC / 8:42 AM EST says the issue is resolved: The network responsible for the route leak has now fixed the issue. We are seeing improvement and are continuing to monitor this before we consider this issue resolved. Source
  • Create New...