Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  





 
  Kaspersky warns of rising Telegram Premium phishing scams and malware threats
Posted by: mrtrout - 2 hours ago - Forum: Security News - No Replies

https://www.financialexpress.com/life/te...s-3698395/    Kaspersky warns of rising Telegram Premium phishing scams and malware threats
The attacks have been spreading globally, exploiting the Telegram Premium service’s gifting feature and the general popularity of the app.
Written by Priya Pathak
December 23, 2024 17:17 IST      Telegram Premium, a popular subscription offering exclusive features like faster download speeds, voice-to-text conversion, and an ad-free experience, is being used for malicious reasons by cyber attackers, according to a new warning from Kaspersky. The cybersecurity firm has reported a surge in phishing scams and malware attacks disguised as offers for Telegram Premium, potentially putting users’ accounts and devices at risk. The attacks have been spreading globally, exploiting the Telegram Premium service’s gifting feature and the general popularity of the app. Scammers are using a variety of tactics to trick users into compromising their accounts or downloading malicious software disguised as a Telegram Premium app.

The dangerous lure of free premium offers
According to Kaspersky, one of the most common scams begins with a message that seems to come from a trusted contact. The message typically claims: “You’ve been sent a gift — a Telegram Premium subscription.” It includes a seemingly legitimate link that redirects users to a phishing page, prompting them to log in to their Telegram account. Once users enter their credentials, scammers gain access to their login details, password, and potentially even authentication codes, enabling them to take full control of the account.  However, the phishing attempts do not stop there. Cybercriminals are also using fake giveaways, where victims are lured to participate in Telegram Premium contests. These promotions often lead to phishing sites that request Telegram account credentials, eventually compromising the user’s account.

Malware disguised as Telegram Premium
Another troubling tactic involves cybercriminals sending users a ZIP archive claiming to contain a modified version of Telegram with a built-in Premium subscription. The download links in these messages lead to phishing pages that prompt users to log in, further compromising their accounts.

Even more concerning are the malicious APK files circulating online. Scammers are offering these modified app versions, claiming they unlock Telegram Premium features for free. However, these APK files are actually malware, designed to infect the victim’s device and steal personal data.

Kaspersky has noted that phishing schemes related to Telegram Premium are being observed in multiple languages, suggesting that the attackers are operating on a global scale. While the scams have been most prevalent in certain regions, experts warn that they could spread to other areas, especially during the holiday season when many people are more likely to fall for offers that seem too good to be true. a robust security solution,” Svistunova advised.

How to protect yourself
To protect against these rising threats, Kaspersky recommends several proactive measures:

Verify links: Always double-check the links in messages, especially those claiming to offer Telegram Premium gifts. Scammers may use links that appear legitimate but redirect to phishing sites.
Use official channels: Purchase subscriptions directly from Telegram’s official platform or its special bot. Avoid third-party sources that may be fraudulent.
Enable two-factor authentication (2FA): Adding an extra layer of security to your Telegram account can help protect you even if your credentials are compromised.
Avoid unofficial apps: Stick to official Telegram apps to minimize the risk of downloading malware.
Check for official security tips: Kaspersky’s guide on Telegram security and privacy settings can help you stay ahead of emerging threats.
https://opentip.kaspersky.com/https%3A%2...tab=lookup    Report
Report for web address
https://www.financialexpress.com/life/te...s-3698395/
Good
Overview
IPv4 count ≈ 1,000
Files count 0
Created —
Expires —
Domain financialexpress.com
Registration organization —
Registrar name —



Attached Files Thumbnail(s)
           
Print this item

  Kaspersky reports 135% surge in interest for crypto-stealing drainers on dark web
Posted by: mrtrout - 2 hours ago - Forum: Security News - No Replies

https://www.zawya.com/en/press-release/r...b-uhfzhoh5    CRYPTOCURRENCY
Kaspersky reports 135% surge in interest for crypto-stealing drainers on dark web
Cryptocurrency bitcoin , Getty Images/Getty Images

Kaspersky also reported a 40% spike in corporate database ads on a prominent dark web forum, highlighting cybercriminals’ growing focus on data breaches

Press Release
December 23, 2024

Dark web threads discussing crypto-drainers – malware designed to swiftly drain cryptocurrency wallets – saw a significant rise in 2024, as revealed by the latest Kaspersky Security Bulletin.
Additional trends include a shift of cybercriminals from Telegram back to forums, the proliferation of stealers and drainers via Malware-as-a-Service, a rise in various types cyberthreats targeting the Middle East, and more.
A surge in interest for crypto-drainers. In 2024, Kaspersky Digital Footprint Intelligence experts saw a notable surge of interest in crypto-drainers across dark web markets. A drainer is a type of malware that emerged around three years ago and designed to trick its victims into authorizing fraudulent transactions to steal funds from their wallets. Common methods include fake airdrops, phishing sites, malicious browser extensions, deceptive ads, malicious smart contracts, and fake NFT marketplaces.

The number of dark web threads discussing drainers increased by 135%, from just 55 in 2022 to 129 in 2024. In these threads, cybercriminals discuss various topics, ranging from buying and selling this type of malicious software to assembling teams for distribution, and beyond.


The number of unique threads on drainers on the dark web.
Source: Kaspersky Digital Footprint Intelligence

“In light of this trend, the interest of cybercriminals in crypto-drainers and related attacks is likely to grow further in 2025,” says Alexander Zabrovsky, a security expert at Kaspersky Digital Footprint Intelligence. “This means crypto enthusiasts need to be more vigilant than ever, adopting robust crypto security measures. Meanwhile, companies should focus on educating their customers and employees while actively monitoring their online presence to reduce the risk of successful attacks. Drainers often employ social engineering tactics to ultimately steal funds. They may be exploiting well-known wallet and exchange brands to lure victims into revealing their wallet information or making fraudulent transactions.  Regularly searching for brand mentions on search engines, social media, and marketplaces is essential. If any phishing or fraudulent sites are identified, they can be taken down promptly, preventing potential victims from falling prey to these scams. Utilizing dedicated tools can greatly enhance this monitoring process”.

The rise in advertisements for alleged data breaches

Other threats expected to gain momentum in 2025, include data breaches and leaks. Kaspersky researchers have observed a rise in corporate database advertisements on one of the popular shadow forums. Specifically, the number of posts buying and selling databases increased by 40% between August and November 2024, compared to the same period the previous year. While some of this growth may partially stem from reposting of older leaks, cybercriminals are clearly interested in distributing leaked data – whether new or old.



The number of dark web posts selling and buying databases. One of the popular forums, August 2023-November 2024. Source: Kaspersky Digital Footprint Intelligence

“Not every advertisement of a data breach on the dark web stems from a genuine incident. Some ‘offers’ may simply be well-marketed materials. For example, certain databases might combine publicly available information or previously leaked data, presenting it as breaking news. By making such claims, cybercriminals can generate publicity, create buzz, and tarnish the reputation of the targeted company simply by announcing a data breach. This underscores the growing importance of monitoring corporate mentions and assets on the dark market, allowing for proactive defense and immediate response,” elaborated Alexander Zabrovsky.

Given the rising trend of supply chain and similar attacks, 2025 is anticipated to witness an increase in data breaches overall, particularly those stemming from attacks on major companies’ contractors.

Other emerging trends on the dark web market in 2025 include:

Escalating threat landscape in the Middle East. The region is witnessing an increase in hacktivism driven by ongoing geopolitical tensions. If these tensions do not subside in 2025, hacktivism is expected to intensify further. Furthermore, Kaspersky experts anticipate a continued rise in ransomware attacks in the Middle East, given that the number of ransomware victims increased from an average of 28 per half-year in 2022-2023 to 45 in the first half of 2024.
Migration from Telegram to dark web forums: despite a spike in cybercriminal activity on Telegram in 2024, the shadow community is expected to shift back to forums. Telegram channels are increasingly being banned, as reported by their administrators, driving this migration.
Increase in high-profile law enforcement operations against cybercrime groups. This year was a significant one in the global high-profile fight against cybercrime. Kaspersky experts anticipate that 2025 will bring an increase in arrests and takedowns of cybercriminal group infrastructures and forums that receive publicity. In turn, in response to the successful operations of 2024, threat actors are likely to shift their tactics, migrating to invitation-only forums.
Fragmentation of ransomware groups. Ransomware groups may fragment into smaller, independent units, making them harder to track. This decentralization allows cybercriminals to operate more flexibly while staying under the radar of law enforcement and cybersecurity firms.
Stealers and drainers will likely see a rise in promotion via Malware-as-a-Service model. Moreover, various data and credentials stolen with the use of these types of malware are expected to be increasingly sold on shadow forums.
To guard against data-stealing malware, leaks, and other dark web-related activities, individuals are advised to use comprehensive security solutions on all devices. These solutions help prevent infections and alert users to potential dangers. Businesses, on the other hand, should proactively monitor the dark web for signs of cybercriminal activity that could threaten corporate assets. Kaspersky Digital Footprint Intelligence has developed a comprehensive playbook to guide companies on how to respond to dark web activities involving their organization.

Read more on dark web market trends on Securelist.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
https://opentip.kaspersky.com/https%3A%2...tab=lookup  Report
Report for web address
https://www.zawya.com/en/press-release/r...b-uhfzhoh5
Good
Overview
IPv4 count ≈ 1,000
Files count 0
Created
23 Aug, 1999
17:00
Expires
23 Aug, 2025
18:00
Domain zawya.com
Registration organization Financial and Risk Organisation Ltd
Registrar name MarkMonitor, Inc.



Attached Files Thumbnail(s)
       
Print this item

  Kaspersky appoints distributor to boost B2C presence in Sri Lanka and Maldives
Posted by: mrtrout - Yesterday, 01:43 AM - Forum: Security News - No Replies

https://www.ft.lk/it-telecom-tech/Kasper.../50-770906    Kaspersky appoints distributor to boost B2C presence in Sri Lanka and Maldives
Monday, 23 December 2024 02:30    Kaspersky, the global cybersecurity and digital privacy company has appointed Technocity as its exclusive B2C distributor in Sri Lanka, and as the second B2C distributor in the Maldives.

The partnership, officiated in a special event at Kingsbury Hotel in Colombo, Sri Lanka recently, is expected to enable Kaspersky to expand and reinforce its mark in the consumer market in both countries, where consumers are increasingly seeking solutions to protect their sensitive data and digital assets.

Kaspersky Head of Consumer Business for South Asia Purshottam Bhatia said, “We are very excited to partner up with Technocity as this partnership is in line with our strategy to boost growth in the consumer segment in both Sri Lanka and the Maldives. Cyber threats are increasingly rising and evolving complexity and sophistication. As consumers increase their online presence, including usage of banking and digital financial services, cybersecurity measures are critically imperative for them to safeguard themselves against threats that are growing voluminously and maliciously.”

Technocity Managing Director Fahmy Ismail, said “We are pleased to be appointed as official distributor for Kaspersky, one of the world’s leading cybersecurity solution brands, known for its cutting-edge innovations and as a leader in endpoint protection. This partnership marks a significant step forward in the local cybersecurity landscape, bringing value and positive contribution to further bolster cyber defence for the community. As a leading IT distributor, we are committed to ensuring that we avail Kaspersky’s world-class solutions to every consumer in both countries.”

The Technocity will carry Kaspersky’s award-winning solutions that are designed to provide robust and full protection against all cyber threats, which include Kaspersky Standard, Kaspersky Plus and Kaspersky Premium.

In 2024, Kaspersky’s security solutions stopped 302 million malware attacks, detected 85 million unique malicious URLs, blocked 72 million unique malicious objects and prevented over 300,000 ransomware attacks..
"I am thrilled to share some incredible statistics about Kaspersky’s security solutions for 2024!"  Smile Big Grin Thumb Clap   https://opentip.kaspersky.com/https%3A%2...tab=lookup  Report for web address
https://www.ft.lk/it-telecom-tech/Kasper.../50-770906
Good
Overview
IPv4 count ≈ 1,000
Files count 0
Created —
Expires —
Domain ft.lk
Registration organization —
Registrar name —
Kaspersky
Threat Intelligence Portal



Attached Files Thumbnail(s)
   
               
Print this item

  Kaspersky: The Crown Jewel of Cybersecurity in 2024!
Posted by: mrtrout - 12-21-2024 , 08:28 PM - Forum: Security News - No Replies

https://www.kaspersky.com/about/awards?f...ar%5D=2024  Awards      AV-Test: bi-monthly certification 2024
Kaspersky Endpoint Security for Business
Kaspersky Small Office Security
(February, April, June, August, October, December)

AV-Test: bi-monthly certification 2024
Kaspersky Plus for Windows
(February, April, June, August, October, December)

AV-Test: Mobile product certification 2024
Kaspersky Plus for Android
Kaspersky Premium for Android
(January, March, May, July, September, November )

AV-TEST: Advanced Threat Protection 2024
Kaspersky Endpoint Security for Business
Kaspersky Small Office Security
The both solutions confirmed 100% protection from advanced Ransomware attacks
(February, April)

AV-TEST: Advanced Threat Protection 2024
Kaspersky Plus for Windows
The solution confirmed 100% protection from advanced Ransomware attacks
(February)

AV-Test: Mac product certification 2024
Kaspersky Plus for Mac
The solution showed 100% of protection rate without false positives and any affect to system performance
(Q1, Q2, Q3, Q4)

AV-Test: Advanced EDR Test 2024
Kaspersky Endpoint Detection and Response
"The overall performance of KEDRE in both scenarios (which include APT18, TA577, Turla, FIN6) was impressive. The product's consistent high-quality detections and blocking of all tactics and techniques underscore its potential to safeguard organizations against evolving and complex cyber threats.", see report.
(Article, Report)

AV-Comparatives: Endpoint Prevention and Response Test 2024
Kaspersky Endpoint Detection and Response
The solution has stopped all the attacks automatically, reporting them correctly and with consist mapping to MITRE’s TTPs. As a result, it achieved a 100%cumulative Active Response rate and was awarded "Strategic Leader" the third time in row.
Comparative PDF, KEDR PDF

AV-Comparatives: Business Security Test 2024
Kaspersky Endpoint Security for Business
The product has shown the high protection level against RealWorld threats with the lowest level of False Positives
(H1, H2)

AV-Comparatives: Credential Dumping Test 2024
Kaspersky Endpoint Security for Business
The solution has demonstrated 100% protection against the LSASS credential dumping attacks in the dedicated research, and got certified.
(report, article)

AV-Comparatives: Process Injection Test 2024
Kaspersky Endpoint Security for Business
The solution has passed 14 out 15 test-cases in the dedicated research, and got certified.
(report, article)

AV-Comparatives: Anti-Phishing Certification 2024
Kaspersky Premium for Windows
The product has passed the certification with 93% of detection rate of Phishing URLs and zero false positives, and finished TOP1 among all participating products
(Kaspersky report, all reports of 2024)

AV-Comparatives: Real-World Protection Test 2024
Kaspersky Standard for Windows
The solution demonstrated Protection Rate = 99,8% and zero False positives during the first half of 2024
(June, November)

AV-Comparatives: Performance Test 2024
Kaspersky Standard for Windows
Low impact score is shown by the solution in user scenarios and synthetic benchmark
(April, October)

AV-Comparatives: Malware Protection Test 2024
Kaspersky Standard for Windows
(March, September)

AV-Comparatives: Mobile security certification 2024
Kaspersky Premium for Android
The product has demonstrated Detection Rate=100% and zero False Positives and "offers a comprehensive set of tools to protect against malware, phishing, theft, and privacy violations" - AV-Comparatives, report.

AV-Comparatives: Mac Security Test&Review 2024
Kaspersky Premium for Mac
The product demonstrated 100% protection against MacOS and Windows threats.

AV-Comparatives: Parental Control Test 2024
Kaspersky Safe Kids
The product demonstrated high Block Rate and zero False Positives. It became the only one certified in 2024 out of five solutions submitted by different vendors.
(report, press-release)

AV-Comparatives: Advanced Threat Protection test 2024
Kaspersky Standard for Windows
The solution demonstrated TOP2 result in protecting from 15 Advanced Persistent Threats and earned the highest award

AV-Comparatives: Advanced Threat Protection test 2024
Kaspersky Endpoint Security for Business
The solution demonstrated TOP3 result in protecting from 15 Advanced Persistent Threats and earned the highest award

SE Labs: Annual Top Award 2024
Kaspersky Plus for Windows
Based on a combination of continual public testing, private assessments and feedback from clients who use SE Labs to help choose security products and services.

SE Labs: Home Endpoint Security (EPS) comparative test 2024
Kaspersky Plus for Windows
The product has received the highest grade AAA and got the highest Total Accuracy Rating of 100% (TOP1) in all certification of 2024, in addition to all certifications of 2023.
(Q1, Q2, Q3, Q4)

SE Labs: Enterprise Endpoint Security (EPS) comparative test 2024
Kaspersky Endpoint Security for Business
The product has received the highest grade AAA and got the highest Total Accuracy Rating of 100% (TOP1) in all certification of 2024, in addition to three certifications of 2023.
(Q1, Q2, Q3, Q4)

SE Labs: Small Business Endpoint Security (EPS) comparative test 2024
Kaspersky Small Office Security
The product has received the highest grade AAA and got the highest Total Accuracy Rating of 100% (TOP1) in all certification of 2024, in addition to three certifications of 2023.
(Q1, Q2, Q3, Q4)

Testing Ground Labs: Android product certification 2024
Kaspersky Plus for Android
The solution reached 100% of protection with zero False Positives and has earned 5 star rating the in both certification of 2024, compliant with AMTSO Testing Protocol Standard v.1.3.
(February, April, June, August)

Testing Ground Labs: Android product certification 2024
Kaspersky Endpoint Security for Android
The solution reached 100% of protection and zero False Positives and has earned 5 star rating the in the first certification of 2024, compliant with AMTSO Testing Protocol Standard v.1.3.
(April, August)



Attached Files Thumbnail(s)
   
                   
                   
   
Print this item

  calibre ebook Release: 7.23 [20 Dec, 2024] completely free and open source
Posted by: mrtrout - 12-20-2024 , 11:29 AM - Forum: Freeware - No Replies

https://calibre-ebook.com/whats-new    Release: 7.23 [20 Dec, 2024]
New features
? Happy holidays to everyone!
Content server: Allow managing the data files associated with a book by clicking the three dots in the top right corner of the book's page and choosing "Manage data files"
Closes tickets: 2091646

Edit metadata dialog: Allow right clicking on the cover to view it in a popup window at larger size
Closes tickets: 2091216

Add an option to expand the Tag browser tree to show the item that was current when the library was closed
Add import and export stored template to Preferences / template functions
Various Quality-of-Life improvements to the dialog used to edit columns with fixed sets of values
Resolve doi.org links when pasting identifiers
Closes tickets: 2091152

Bug fixes
Viewer: Fix some HTMLZ files not opening on some systems
Closes tickets: 2091451

Amazon metadata plugin: Update for changed markup for some books on amazon search results page
Closes tickets: 2091542

New news sources
Le Canard Enchaine by Kabonix
Improved news sources
Economist
Irish Times
Popular Science
ACM Queue        Download calibre 64bit  https://download.calibre-ebook.com/7.23....7.23.0.msi
calibre-ebook 7.23 [20 Dec, 2024] has undergone comprehensive scanning and is verified to be 100% clean, WITH Kaspersky Standard  ensuring it is free from a range of potential threats. The software is validated against multiple types of malware, including: Viruses
Malware
Ransomware
CryptoLockers
Spy Apps
Worms
Trojans
Botnets
Rogues
Keyloggers
Adware
Spear Phishing
Rootkits



Attached Files Thumbnail(s)
               
   
Print this item

  FlexiPDF Standard 2022 (Lifetime)
Posted by: Igoreha - 12-19-2024 , 08:38 AM - Forum: External Giveaways/Contests - No Replies

FlexiPDF Standard 2022 (Lifetime)

[Image: 2024-12-19-103753.png]

FlexipDF - This program was created to work with files in PDF format, capable of editing them, can process multi -page documents, there is the possibility of investing with bookmarks and you can add comments, there is a tool for recognizing the text.

https://shop.softmaker.com/?selection=fl...=flexifree

Full version
License for 3 computers in the same house, or 1 computer computer

Print this item

  DRmare Apple Music Converter Full Version Free
Posted by: Annie Yazbeck - 12-19-2024 , 04:45 AM - Forum: External Giveaways/Freebies - No Replies

Share an amazing giveaway for all Apple Music users – the **DRmare Apple Music Converter** is available for FREE for a limited time!

? **What is DRmare Apple Music Converter?**

The DRmare Apple Music Converter is a powerful tool that helps you download and convert Apple Music tracks, albums, playlists, and even audiobooks to popular formats like MP3, AAC, WAV, and FLAC. This means you can enjoy your favorite Apple Music content offline and on any device without limitations.

? **How to Claim Your Free Copy:**

1. **Visit the DRmare Giveaway Page**: https://www.drmare.com/special/
2. **Click the Get Now Button**: Click on the download button to get your free registration code for DRmare Apple Music Converter.
3. **Install & Start Converting**: Launch the software, activate your code, and start converting Apple Music tracks to your preferred format.

? **Hurry! This giveaway won’t last long, so grab it while you can!**

Happy listening!

Print this item

  DRmare Apple Music Converter Free Giveaway
Posted by: Annie Yazbeck - 12-19-2024 , 04:31 AM - Forum: Giveaway of the day - No Replies

About:
DRmare Apple Music Converter for Windows and Mac is an all-in-one audio converter, which can convert Apple Music, iTunes audiobooks, and Audible audiobooks to MP3, M4A, FLAC, WAV, etc. at 30X speed while removing DRM protection for playing them on any devices.

Free Giveaway Page:
https://www.drmare.com/special/

System Requirements:
Windows XP/ Vista/ 7/ 8/ 10/11
macOS 11/12/13/14/15

Print this item

  Kaspersky detected 467,000 malicious files daily in 2024
Posted by: mrtrout - 12-14-2024 , 01:36 AM - Forum: Security News - No Replies

https://www.kaspersky.co.za/about/press-...ly-in-2024 
The cyber surge: Kaspersky detected 467,000 malicious files daily in 2024
10 December 2024
Kaspersky’s detection systems discovered an average of 467,000 malicious files per day in 2024, marking a 14% increase compared to the previous year. Certain types of threats saw significant growth with experts reporting a 33% surge in Trojan detections compared to 2023. These and other findings are described in the Kaspersky Security Bulletin (KSB) – an annual series of reports analysing major developments in the cybersecurity landscape.

Windows continued to be the primary target for cyberattacks, accounting for 93% of all malware-filled data detected daily. Malicious families disseminated through various scripts and different Microsoft Office document formats ranked among the top three threats, accounting for 6% of all malicious files detected daily.

Kaspersky-number-of-the-year2024

Average daily number of malicious files detected by Kaspersky security solutions from 2021 to 2024 (1st January – 31st October)

Kaspersky’s detection systems discovered a significant increase in Windows malware – 19% from 2023 to 2024. The most widespread type of malware continues to be Trojans – malicious programs that disguise themselves as legitimate software – with a surge of 33% from 2023 to 2024. There has also been a 2.5-fold (150%) increase in the use of Trojan-droppers – programs designed to deliver other malware to a victim’s computer or phone without the victim noticing.

"The number of new threats grows every year as adversaries continue to develop new malware, techniques and methods to attack users and organisations. This year was no exception to this, and there were dangerous trends observed, such as attacks on trusted relationships and supply chains, including those on open-source packages (e.g., the XZ case). There were massive phishing and malicious campaigns targeting social media users and a rise in banking malware. And, of course, the use of AI tools to generate new malware or facilitate phishing attacks. In this evolving cyber threat landscape, the use of reliable security solutions is vital. Kaspersky experts are always dedicated to countering new and challenging cyberthreats, ensuring a secure online experience for users as well as robust cybersecurity and the latest threat intelligence for organisations," comments Vladimir Kuskov, Head of Anti-Malware Research at Kaspersky.

To stay protected, follow the recommendations below.

Individual users:

Do not download and install applications from untrusted sources.
Do not click on any links from unknown sources or suspicious online advertisements.
Always use two-factor authentication when available. Create strong and unique passwords, using a mix of lower-case and upper-case letters, numbers, and punctuation. Use a reliable password manager to help to remember them.
Always install updates when they become available; they contain fixes for critical security issues.
Ignore messages asking to disable security systems for office or cybersecurity software.
Use a robust security solution appropriate to your system type and devices, such as award-winning Kaspersky Premium.
Organisations:

Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities.
Do not expose remote desktop services (such as RDP) to public networks unless absolutely necessary and always use strong passwords for them.
Use solutions such as Kaspersky NEXT EDR Expert for comprehensive visibility across all endpoints on a company’s corporate network to get superior defense, automate routine EDR tasks, enable analysts to speedily hunt out, prioritise, investigate, and neutralise complex threats and APT-like attacks.
Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors.
Back up the corporate data regularly. Backups should be isolated from the network. Make sure you can quickly access the backups in an emergency if needed.
These discoveries are ba­sed on Kaspersky detections of malicious files from January to October and are part of Kaspersky Security Bulletin (KSB) – an annual series of predictions and analytical reports on key shifts within the cybersecurity world. Follow this link to learn more about other KSB reports.



Attached Files Thumbnail(s)
           
Print this item

  Kaspersky Security Bulletin 2024. Statistics
Posted by: mrtrout - 12-14-2024 , 01:15 AM - Forum: Security News - No Replies

https://securelist.com/ksb-2024-statistics/114795/  Kaspersky Security Bulletin 2024. Statistics 
All statistics in this report come from Kaspersky Security Network (KSN), a global cloud service that receives information from components in our security solutions voluntarily provided by Kaspersky users. Millions of Kaspersky users around the globe assist us in collecting information about malicious activity. The statistics in this report cover the period from November 2023 through October 2024. The report doesn’t cover mobile statistics, which we will share in our annual mobile malware report.

The year in figures
During the reporting period, Kaspersky solutions:

Stopped 302,287,115 malware attacks launched from online resources across the globe.
Detected 85,013,784 unique malicious URLs.
Blocked 72,194,144 unique malicious objects with the help of Web Anti-Virus components.
Prevented ransomware attacks on the computers of 303,298 unique users.
Stopped miners from infecting 999,794 unique users.
Prevented the launch of banking, ATM or PoS malware on the devices of 208,323 users.



Attached Files Thumbnail(s)
   
       
Print this item

  Revo Uninstaller Freeware version 2.5.5 & 2.5.6 Released
Posted by: mrtrout - 12-09-2024 , 11:53 PM - Forum: Freeware - No Replies

https://www.revouninstaller.com/version-history/  Version History
Release history of Revo Uninstaller Freeware
Dec 09, 2024 Revo Uninstaller Freeware version 2.5.6
Fixed minor bugs    Dec 09, 2024 Revo Uninstaller Freeware version 2.5.5
Added – “Show last notification” command to the Helper module
Improved – Listing of Windows Apps
Improved – Scanning algorithms for leftovers
Fixed minor bugs
Updated language files    https://www.revouninstaller.com/products...ller-free/  Revo Uninstaller Free
Revo Uninstaller helps you to uninstall software and remove unwanted programs easily.

Download  https://download.revouninstaller.com/dow...osetup.exe
Download Free Portable    https://download.revouninstaller.com/dow...rtable.zip    https://opentip.kaspersky.com/https%3A%2...tab=lookup  Report
Report for web address
https://www.revouninstaller.com/products...ller-free/
Good
Overview
IPv4 count ≈ 110
Files count 0
Created
29 May, 2007
17:00
Expires
29 May, 2030
18:00
Domain revouninstaller.com
Registration organization Statutory Masking Enabled
Registrar name FastDomain Inc
Revo Uninstaller Freeware version 2.5.5  & Revo Uninstaller Freeware version 2.5.6 Released Alone with The Free Portable Version  Was is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors.  & was SCANNED  WITH KASPERSKY STANDARD  CAMEBACK 100% MALWARE FREE & CLEAN  & SAFE  & CONTAIN NONE OF THESE MALWARE THREATS  it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors.



Attached Files Thumbnail(s)
           
                   
                   

Print this item

  WINDOWS SERVERS UNDER ATTACK RIGHT NOW
Posted by: mrtrout - 12-09-2024 , 08:48 PM - Forum: Security News - No Replies

WINDOWS SERVERS UNDER ATTACK IN USA   RIGHT NOW BY HACKERS HERE SOME SCREENSHOTS I TOOKS FROM THE ATTACKS TODAY     Live Cyber Threat Map | Check Point



Attached Files Thumbnail(s)
               
Print this item

  Check Out the Latest Game: Pandora Defense
Posted by: LeoFreskos - 12-09-2024 , 02:15 PM - Forum: General Computer Chat - No Replies

Pandora Tower Defense — Exciting Strategy with RPG Elements

Pandora Defense is a new game that combines the strategic thinking of Tower Defense with immersive RPG elements. Players defend colonies, develop defenses, and deploy spaceships, each with unique abilities.

Key Features:
- Colony Defense and Development: Players strategically position towers and create tactical advantages to defend their corporation against waves of enemies.
- Tower Upgrades: Each tower in Pandora Defense has unique abilities that can be upgraded throughout the game, enhancing its effectiveness.
- Spaceships: Special spaceships with unique skills can join the battle, and players can level them up for added strength and tactical possibilities.
- Nostalgic Graphics and Atmosphere: The game’s visual style is reminiscent of StarCraft, giving it a special appeal for fans of classic strategy games.

Why Play Pandora Defense?
The game keeps players on edge with each new wave of enemies. The blend of Tower Defense and RPG gameplay makes it engaging and unpredictable, creating a unique experience that keeps players coming back to try new strategies.

The game is now available! If interested, download it and share your feedback—what you enjoyed and what could be improved. Enjoy the game!

Google Play: Pandora Defense
YouTube: https://www.youtube.com/watch?v=264cg-Wj1qA

[Image: MTsZ3RjsYIpe2pyNmT4qcAAGvuXZv2xZy8tm0BDU...pZ7eXpNfOg] [Image: SID7p_y2g3j734W0POVrLPePh7_xyLLX_FK34KMn...CAOCxieUTK]

Print this item

  Christmas gift Ashampoo !
Posted by: Jeanjean - 12-07-2024 , 09:13 PM - Forum: External Giveaways/Freebies - Replies (1)

Experience the Christmas spirit on your PC or smartphone

New wallpapers :

[Image: Ashampoo_Wallpaper_2024_5_desktop.png]

[Image: Ashampoo_Wallpaper_2024_4_desktop.png]

[Image: Ashampoo_Wallpaper_2024_3_desktop.png]

[Image: Ashampoo_Wallpaper_2024_2_desktop.png]

[Image: Ashampoo_Wallpaper_2024_1_desktop.png]

Downloading wallpapers from 2021 to 2024 : https://img.ashampoo.com/assets/images/s...s_2024.zip

Print this item

  Aiarty Image Matting
Posted by: Igoreha - 12-07-2024 , 06:29 AM - Forum: External Giveaways/Freebies - No Replies

[Image: 2024-12-07_082830.png]

Aiarty Image Matting v.2.0

This is a modern AI tool for your PC. Using the advanced algorithms of artificial intelligence, it exactly isolates the front plan objects and smoothly mixes them with continuous colors or other images. Whether you are working on a commercial product, personal portfolio or publication on social networks, AIARTY processes complex details, such as hair, fur, translucent objects and weak lighting conditions, maintaining clear edges and raising your work to a new level.

AIARTY IMAGE MATTING uses AI to automatically process complex images, which simplifies work with products, portraits, logos and many others. Thanks to an optimized, convenient interface, anyone can achieve professional quality results in just a few clicks - manual editing is not required.

https://www.aiarty.com/de/event/ai-image...y-chip.htm

https://www.aiarty.com/de/event/ai-image...IATE=53928

https://www.aiarty.com/event/exclusive-g...3928&__c=1

https://www.aiarty.com/event/ai-image-ma...3928&__c=1

Terms & Conditions
This is a lifetime license
Non-commercial usage
No free upgrades for new AI models in future versions.
No free upgrades for new features.

Print this item

  Q-Dir 11.93 & Portable Q-Dir 11.93 Released
Posted by: mrtrout - 12-04-2024 , 11:20 PM - Forum: Freeware - No Replies

https://www.softwareok.com/?Freeware/Q-Dir    The Quad-Directory-Explorer makes your files and folders easy to manage, either installed or as a Portable Windows program as an alternative Freeware to Windows File Explorer.
Fast and easy access to your hard disks ergo advanced file management for network folders, USB-sticks, floppy disks and other storage devices  Is the most popular tool from the category file management on Software OK! 

Important! ► add to trusted application under Windows 10 from 2020, 2021!

Key features in the alternative File-Explorer

◆ File management in 4-window with tabs
◆ Folder size with extra information
◆ Color filter for files and folders
◆ Classic and modern address bar
◆ Directory structure with visible tree branches
◆ Print what you see in Explorer Views
◆ Based on the MS Windows OS File Manager
◆ Full Unicode Support 


Other options and specifications
◆ Save folder combinations as favorites
◆ Moving and copying the data via "drag and drop"
◆ Mark selected folders and files
◆ Small program great in file management
◆ improved quad explorer file preview
◆ Multilingual
◆ Low System Resource usage
◆ Freeware
◆ ... and much more

TOP-INFO: ► Complete Deactivation of Grouping TOP-FAQ: ► Disable or Enable the Auto-Update

Warning! ► Once Q-Dir, always Q-Dir!



Why alternative file manager!

Q-Dir is a great alternative file manager for Windows with a amazing Quadro-View technique.

You don't have to give up your usual work habits, Drag'n Drops, view types, and other standard functions of your current file manager.

No! Q-Dir gives you extra useful functions to make you happy. Save time by reducing mouse-clicks and hand movements . Q-Dir does not have to be installed and can be executed easily from any location, such as the Desktop, and can be carried on a small USB-stick or other memory device.

Q-Dir's file management is based on MS Windows Explorer, but 4x plus Explorer Tab Views and with more functionality! More and more data makes for a larger file management challenge on you Windows OS.

Q-Dir allows you to save folder combinations as a favourite to open any time. Up to 64 folder combinations can be saved in a favorite, since each of the four windows is equipped with tabs  (ie 4 x 16 tabs 4 x Tree View plus 4 x Address Bar),  different colors for different file types ...

Frequently asked business question!

Yes Q-Dir is free for company, business and private use!

The first time you start Q-Dir you will be presented with a license screen.
The program is free and the license info is only displayed the first time (per PC). 

Some Features!
Favourites: Quick access to your most often used folders.
Preview filter settings: ... Change preview filter settings?
Drag&Drop: Move files by dragging in Q-views and other Explorers.
Clipboard: Copy / Paste between Q-views and other Explorers.
Folder-Types: ZIP, FTP, cabinet, network, system folders, shortcuts ...
Views: Large icons, tiles, list, detail, thumbnail (Vista: extra large symbols) .
Export: To XLS, CSV, TXT, HTML.
Popup Menus: Desktop, My Computer.
Screen magnifier: Enlarge anything on the screen.
Color Filter: Different colors for different item types (e.g. *.log;*.txt).
Highlight-Filter: Highlight files by extension type.
File-Filter: Allows quick and easy filtering of files.
Columns: Edit and save displayed columns.
Quick-Link's: For fast folder access.
Folder-Select: Fast & flexible folder selection address-bar / desktop menu / my-computer menu /...
Multi-INI: Q-Dir saves settings to several INI files.
Quadro-View technique: Quad-Pumped x 16 Tabs, (-: quad core + :-).
Tree-View: Single and quadruple.
Preview: Allows a quick preview.
Portable: from v2.77 Q-Dir is portable.
Printing: from v3.77 List, Details ...
Folder size Column: from v3.83 file and folder size Column.
Settings transfer: from v3.83 Improved transfer for folder and view settings.
Faster edit: from v3.86 Faster edit or rename of files.
File association: from v3.91 Internal file association rules.
Tree View: Auto expand folders.
Separate tree view for each explorer list view.
and, much more........ ;)


# Q-Dir Versions History

New in version 11.93 // 4 December 2024
Bug fix: in the window split of the single file explorer in Quad Explorer
Update the language files in Quad File Explorer for Windows     
download Q-Dir_Installer.zip <<<<< for Windows 830 K    https://www.softwareok.com/?Download=Q-D...taller.zip        download Q-Dir_Portable_x64.zip for 64-Bit (x64) Windows 1044 K      https://www.softwareok.com/Download/Q-Di...le_x64.zip    Q-Dir 11.93 & Portable Q-Dir 11.93  is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors.  https://www.kaspersky.com/standard  Antivirus
Multilayered protection designed to prevent and neutralise viruses and malware.
Real-Time Antivirus
Continuously scans your devices for viruses, worms, Trojans, CryptoLockers, rootkits, and spyware — guarding you against both new and established online threats.
Instant Threat Detection
Delivers real-time, non-stop analysis of files, apps, and websites across your computers, safeguarding you and your data via rapid threat detection.  Q-Dir 11.93 & Portable Q-Dir 11.93 were Both 100% Scanned Malware Free & Clean & Safe With Kaspersky Standard No Malware Traces Of Anykind Were Found



Attached Files Thumbnail(s)
   
                   
                   
       
Print this item

  Backup and Restore Google Workspace Data
Posted by: AlbertTaylor - 12-04-2024 , 06:32 AM - Forum: External Giveaways/Freebies - No Replies

Shoviv G Suite Backup and Restore Tool offers a complete solution for backup and restore Google Workspace mailboxes. This user-friendly tool allows you to effortlessly backup your entire G Suite data, including emails, contacts, and calendars, to various file formats like PST, MBOX, MSG, EML, OLM, HTML, and MHT. You can also restore these backed-up files to your G Suite mailbox or export them to other platforms. This tool also restores data from PST/OST, MBOX, and another file formats to Google Workspace account.

Key features of Shoviv G Suite Backup and Restore Tool include:

  • Selective Backup: Choose specific mailboxes or folders for backup.
  • Incremental Backup: Backup only new or modified items to save time and storage space.
  • Scheduling: Automate the backup process with built-in scheduling options.
  • Search and Filter: Easily find and filter specific items for backup or restoration.
  • Email Notifications: Receive timely notifications about backup status and errors.
With Shoviv G Suite Backup and Restore Tool, you can safeguard your critical G Suite data and ensure business continuity in case of data loss or accidental deletion.

Read also - Backup Google Workspace Mailboxes

Print this item

  Trojans in AI models (KASPERSKY )
Posted by: mrtrout - 12-03-2024 , 09:52 PM - Forum: Security News - No Replies

https://www.kaspersky.com/blog/trojans-i...els/52724/    artificial intelligence
Trojans in AI models
Hidden logic, data poisoning, and other targeted attack methods via AI systems.


Stan Kaminsky

December 3, 2024    Over the coming decades, security risks associated with AI systems will be a major focus of researchers’ efforts. One of the least explored risks today is the possibility of trojanizing an AI model. This involves embedding hidden functionality or intentional errors into a machine learning system that appears to be working correctly at first glance. There are various methods to create such a Trojan horse, differing in complexity and scope — and they must all be protected against.

Malicious code in the model
Certain ML model storage formats can contain executable code. For example, arbitrary code can be executed while loading a file in a pickle format, the standard Python format used for data serialization (converting data into a form that is convenient for storing and transferring). Particularly, this format is used in a deep learning library PyTorch. In another popular machine learning library, TensorFlow, models in the .keras and HDF5 formats support a “lambda layer”, which also executes arbitrary Python commands. This code can easily conceal malicious functionality.

TensorFlow’s documentation includes a warning that a TensorFlow model can read and write files, send and receive network data, and even launch child processes. In other words, it’s essentially a full-fledged program.

Malicious code can activate as soon as an ML model is loaded. In February 2024, approximately 100 models with malicious functionality were discovered in the popular repository of public models, Hugging Face. Of these, 20% created a reverse shell on the infected device, and 10% launched additional software.

Training dataset poisoning
Models can be trojanized at the training stage by manipulating the initial datasets. This process, called data poisoning, can be either targeted or untargeted. Targeted poisoning trains a model to work incorrectly in specific cases (for example, always claiming that Yuri Gagarin was the first person on the Moon). Untargeted poisoning aims to degrade the model’s overall quality.

Targeted attacks are difficult to detect in a trained model because they require very specific input data. But poisoning the input data for a large model is costly, as it requires altering a significant volume of data without being detected.

In practice, there are known cases of manipulating models that continue to learn while in operation. The most striking example is the poisoning of Microsoft’s Tay chatbot, which was trained to express racist and extremist views in less than a day. A more practical example is the attempts to poison Gmail’s spam classifier. Here, attackers mark tens of thousands of spam emails as legitimate to allow more spam through to user inboxes.

The same goal can be achieved by altering training labels in annotated datasets or by injecting poisoned data into the fine-tuning process of a pre-trained model.

Shadow logic
A new method of maliciously modifying AI systems is to introduce additional branches into the model’s computational graph. This attack does not involve executable code or tampering with the training process, yet the modified model can exhibit a desired behavior in response to specific pre-determined input data.

The attack leverages the fact that machine learning models use a computational graph to structure the computations required for their training and execution. The graph describes the sequence in which neural network blocks are connected and defines their operational parameters. Computational graphs are designed for each model individually, although in some ML model architectures they are dynamic.

Researchers have demonstrated that the computational graph of an already trained model can be modified by adding a branch at the initial stages of its operation that detects a “special signal” in the input data; upon detection, the model is directed to operate under a separately programmed logic. In an example from the study, the popular video object detection model YOLO was modified to ignore people in a frame if a cup was also present.

The danger of this method lies in its applicability to any models, regardless of storage format, modality, or scope of application. A backdoor can be implemented for natural language processing, object detection, classification tasks, and multimodal language models. Moreover, such a modification can be preserved even if the model undergoes further training and fine-tuning.

How to protect AI models from backdoors
A key security measure is the thorough control of the supply chain. This means ensuring that the origin of every component in the AI system is known and free of malicious modifications, including:

The code running the AI model
The computing environment in which the model operates (usually cloud hosting)
The files of the model
The data used for training
The data used for fine-tuning
Major ML repositories are gradually implementing digital signatures to verify models’ origins and code.

In cases where strict control over the origins of data and code is not feasible, models from questionable sources should be avoided in favor of reputable providers’ offerings.

It’s also crucial to use secure formats for storing ML models. In the Hugging Face repository, warnings are displayed when loading models capable of executing code; also, the primary model storage format is Safetensor, which blocks code execution.



Attached Files Thumbnail(s)
           

Print this item

  Revo Uninstaller Pro VERSION 5.3.4 DEC 02, 2024
Posted by: mrtrout - 12-03-2024 , 04:23 AM - Forum: Paid - No Replies

https://www.revouninstaller.com/revo-uni...n-history/    Version History
Release history of Revo Uninstaller Pro    DEC 02, 2024 Revo Uninstaller Pro VERSION 5.3.4 / PORTABLE 5.3.4
Improved – Uninstall History module
Improved – Scanning algorithms for leftovers
Fixed minor bugs
Updated language files      Revo Uninstaller Pro VERSION 5.3.4  Download: https://44581b6373a4ec0a6882-ec5a86ebfeb...oSetup.exe      https://www.revouninstaller.com/products...aller-pro/    computer with revo uninstaller
Revo Uninstaller Pro
Revo Uninstaller Pro helps you to uninstall software and remove unwanted programs easily.

Buy Now Buy Portable
Download free trial

windows logos

Latest Version: 5.3.4 / Version History

Alternative translations

System requirements: 32-bit and 64-bit versions of Windows Vista, 7, 8, 8.1, 10, 11 and Windows Server Editions, 512MB RAM, 85MB HDD Free Space, 800MHz Pentium-Compatible CPU

Features
main screen of revo uninstaller pro
Uninstaller
Remove programs completely and effortlessly with Revo Uninstaller Pro.

Revo Uninstaller Pro removes programs by first running the program’s built-in uninstaller and then scanning for leftover data, which can include files, folders, and entries in the Windows Registry, that may still exist and potentially cause various issues.

Show more
screen of forced uninstall
Forced Uninstall
The Forced Uninstall is a powerful module designed to tackle situations when a program’s built-in uninstaller is missing or isn’t functioning properly, allowing removal of programs that lack a built-in uninstaller, have been only partially installed or removed, or have become damaged. You can also use Forced Uninstall to perform manual leftover scans for programs that had been uninstalled without Revo Uninstaller Pro.

Show more
screen of quick uninstall
Quick/Multiple Uninstall
The Quick Uninstall is a 2-in-1 feature that is Revo Uninstaller Pro’s solution for users who prefer to simplify and streamline the removal process as much as possible and/or wish to uninstall multiple programs in one go.

Quick Uninstall will create one Registry backup and System Restore Point for the entire queue of programs, then proceed to uninstall each program.

Show more
screen of real-time installation monitor
Real-Time installation monitor
The Real-Time Installation Monitor tracks changes made to your system during the installation of a program, and records all that data to a so-called "trace log". The Trace log can be used later when uninstalling the program, allowing for a precise and more thorough program removal, deleting obscure leftovers that a traditional leftover scan may have otherwise missed.

Tip Tip For maximum accuracy and effectiveness while tracing an installation, we recommend closing all unnecessary programs and not starting other programs or installations while the process takes place.
It is also a good practice to start the program once, close it, and then save the log.

screen of windows apps
Windows Apps
Windows Apps, being an integral part of the most recent versions of Windows, can also be removed by Revo Uninstaller Pro. All apps (the ones that are pre-installed with Windows and any that are installed later by the user) are listed separately from regular programs for better organization.

Show more
screen of browser extensions
Browser Extensions
Most popular browsers support extensions, which can enhance existing functionality in a browser, or even add completely new features.

The Browser Extensions module is where you will find all of the aforementioned extensions, grouped by browser to provide a better overview.

Supported are the following browsers: Google Chrome, Mozilla Firefox, Microsoft Internet Explorer, Microsoft Edge, and Opera.

screen of logs database
Logs Database
Revo Uninstaller Pro’s Logs Database is a large collection of trace logs for many different programs. These logs are created by our team using the Real-time Monitor feature and are stored on our server. They behave the exact same way as the trace logs that users create themselves, and can be used to uninstall a program or to perform additional cleanup, in case of any doubts that there are still leftovers remaining or as a troubleshooting step.

screen of traced programs
Manage Installation Logs
The Traced Programs module not only lists all created trace logs, but allows additional options as well. Users can perform a complete removal using an existing trace log, or they can use the available Custom Uninstall option, which allows AN INDIVIDUAL selection of the files, folders, and Registry entries to be removed.


screen of backup manager
Multi-level Backup System
Revo Uninstaller Pro creates a Restore Point (if the option is activated) using Windows' own System Restore feature and also creates a backup of the entire Windows Registry at the beginning of every uninstall. Leftovers are deleted in a way that allows an easy restoration if necessary: files and folders are deleted to the Recycle Bin, whereas Registry entries are automatically backed up by Revo Uninstaller Pro's own Backup Manager. Its own Backup Manager can also automatically backup files


icon and context menu of hunter mode
Hunter Mode
Hunter Mode is an innovative feature that allows users to easily uninstall or manage the automatic startup of programs.

In Hunter Mode, Revo Uninstaller Pro’s window disappears, and a new targeting icon appears in the upper right portion of the screen. Users can then drag and drop that icon over another program’s window, shortcut on the Desktop, or icon in the System Tray. Doing that will display multiple options.


screen of all cleaning tools in revo uninstaller pro
6 Additional Cleaning Tools included
Autorun Manager – control Windows startup
Junk Files Cleaner – remove unnecessary files
Windows Tools – useful Windows tools in one place
History Cleaner – includes Browsers Cleaner, MS Office Cleaner, Windows Cleaner
Evidence Remover – erase permanently confidential data
Unrecoverable Delete – erase permanently files and folders        https://opentip.kaspersky.com/https%3A%2...tab=lookup    Report
Report for web address
https://www.revouninstaller.com/revo-uni...n-history/
Good
Overview
IPv4 count ≈ 119
Files count 0
Created
29 May, 2007
17:00
Expires
29 May, 2030
18:00
Domain revouninstaller.com
Registration organization Statutory Masking Enabled
Registrar name FastDomain Inc  Report
Report for hash
CB3D5139C4C545056C96DC7934DF475B886A3BEC8F4608E5589DB2C4E4131E83
Clean
Overview
Hits ≈ 100
First seen
2 Dec, 2024
01:12
Last seen
2 Dec, 2024
19:41
Format exe x32
Size 17.12 MB (17948560 B)
Signed by VS REVO GROUP OOD
Packed by —
MD5 385A558C685D455D4C199F62D736BA0D
SHA1 7B6A25A8B8BD7EE2C95F319B29D72A4D5818F45C
SHA256 CB3D5139C4C545056C96DC7934DF475B886A3BEC8F4608E5589DB2C4E4131E83
Categories
General
Detection names
No data found
Dynamic analysis summary
Last scan performed on 2 Dec, 2024 23:11 with an anti-virus databases updated on 2 Dec, 2024 02:12

Detects
0
Total
Malware
0
Adware and other
0
Suspicious activities
9
Total
High
0
Medium
2
Low
7
Extracted files
96
Total
Malware
0
Adware and other
0
Clean
70
Not categorized
26 Kaspersky
Threat Intelligence Portal    Revo Uninstaller Pro VERSION 5.3.4 was also 100% SCANNED WITH KASPERSKY STANDARD & WAS FOUND TO BE MALWARE FREE & CLEAN & SAFE OF ALL MALWARE THREATS



Attached Files Thumbnail(s)
                   
               
Print this item

  Kaspersky Team Message boards hit by new video-call scam
Posted by: mrtrout - 12-03-2024 , 03:02 AM - Forum: Security News - No Replies

https://www.kaspersky.com/blog/message-b...cam/52717/    Message boards hit by new video-call scam
Scammers posing as buyers snatch one-time codes during online product demos.


Kaspersky Team

December 2, 2024

Attackers target sellers on message boards
Large online marketplaces do what they can to combat fraud, but cybercriminals remain one step ahead when it comes to scamming both buyers and sellers. This year has seen the rise of an online video-call scam where fake buyers ask for a video-demo of a product, during which they swipe one-time codes. Here’s all about this scheme — in four acts.

Act one. Suspicion
A seller of a high-end product (say, a fancy TV) is approached by someone posing as a buyer who wants to pay and collect as quickly as possible. But there’s a catch: that someone requests a video-demo first. Most message boards don’t let you do this, and even if they do — the “buyer” will mysteriously have some issue at their end: “Strange, it’s not working, how about we use WhatsApp instead?” And so the conversation moves seamlessly to a messenger or other chat platform. The request to switch to WhatsApp, Telegram or whatever is a BIG red flag. On their own home turf, scammers have an easier job of luring you to a phishing site, because many message boards don’t allow sharing links in chats.

Act two. Certainty
The “buyer” asks the seller lots of questions about the product: where did they buy it, does it work ok, and, if so — why are they selling it? With each passing minute, this dialogue between strangers becomes all the more like a conversation between long-time buddies. The “buyer” seems keen and ready to fork out — the seller just needs to provide a card number for the transfer of funds and the deal is done: “What a pleasure doing business with this guy. He sure is trustworthy.” But here’s when the trap springs…

Act three. Discovery
Without even naming the screen-sharing feature, the “buyer” asks the seller to turn on screen-sharing in WhatsApp. If the seller complies, their banking app screen becomes visible to the scammers, who attempt to log in to the seller’s online bank account. At this point, the victim’s smartphone receives an unexpected text message with a one-time code. On most devices, the code is displayed in a pop-up message that the cybercriminals also get to see. And if the victim, still in screen-sharing mode, checks to see what message just arrived, the scammers don’t even need the pop-up — they get the code anyway!

Act four. Loss
Depending on what information the “buyer” had beforehand, and what access they gained to the victim’s bank account, they can either siphon off funds immediately, or, if the amount in the account is too large to transfer, switch to another scam involving a call from an “investigator” who promises to investigate the incident of fraudulent bank access and persuades the victim to transfer the money to “a safe account”. One way or another, the money disappears.

How to guard against message board scams
Bear in mind that message boards are often teeming with fake sellers and buyers. Sure, such accounts eventually get exposed and blocked after user complaints, but the perpetrators simply create or buy new ones. So we’ve made a list of tips to help you stay safe when buying or selling on any message board:

Chat with other buyers or sellers only within the platform. Never switch to a messenger app — even (or especially) if the other party really wants to. Outside the marketplace itself, scammers can slip you a phishing link to steal your account — or worse.
Use reliable protection on both your smartphone and computer, for example Kaspersky Premium.
Decline offers to use alternative delivery or money transfer services — opt for the platform’s native tools or accept payments in cash only.
Do not give anyone your phone number (and hide it in your marketplace profile) or card number.
Get yourself a virtual card with a limit on online payments.
Never give out one-time codes, because then even two-factor authentication won’t save your account.
Disable pop-up notifications and on-screen text messages.
Check the domain registration date before entering payment details on the site (see here for details of how to do this).



Attached Files Thumbnail(s)
   
           
Print this item