NTT Com Security today released its annual Global Threat Intelligence Report (GTIR), which examines the threat landscape by analyzing the attacks, threats and trends from the previous year.
This year’s report is the most comprehensive to date, featuring key findings from partners including Lockheed Martin and the Center for Internet Security and pulling information from 24 security operations centers, seven R&D centers, 3.5 trillion logs, 6.2 billion attacks and nearly 8,000 security clients across six continents.

The report finds that, on average, only 23 percent of organizations are capable of responding effectively to a cyber incident, with 77 percent having no capacity to respond at all.
In terms of the types of attacks, spear phishing accounted for 17 percent of incident response activities, with the attacks targeting executives and finance personnel in many cases. The volume of Distributed Denial of Service (DDoS) attacks fell by 39 percent compared to 2014 and all of the top 10 vulnerabilities targeted by exploit kits during 2015 were related to Adobe Flash. Furthermore, the number of publicized Flash vulnerabilities jumped by a massive 312 percent from 2014.
There is also bad news for the retail sector, which experienced the most attacks per client in 2015 -- despite the finance sector being hit by the highest volume of attacks overall. The hospitality, leisure and entertainment sector came in second, followed by insurance, government and manufacturing.
Rather worryingly, for vulnerabilities with a Common Vulnerability Scoring System (CVSS) score of 4.0 or higher, nearly 21 percent detected in client networks were more than three years old, with some dating as far back as 1999.
The full report can be found here.

source

Release Date: 18 April 2016

Easily Control Automatic and Unwanted Windows 7 & 8.1 Upgrading to Windows 10

The name “Never 10” is a bit of an overstatement, since this utility may also be used to easily re-enable Windows operating system automatic upgrading. But the primary reason for using this is to disable Windows' pestering insistence upon upgrading Windows 7 or 8.1 to Windows 10.
Many users of Windows 7 and 8.1 are happy with their current version of Windows, and have no wish to upgrade to Windows 10. There are many reasons for this, but among them is the fact that Windows 10 has become controversial due to Microsoft's evolution of their Windows operating system platform into a service which, among other things, aggressively monitors and reports on its users activities. This alone makes many users uncomfortable enough to cause them to choose to wait. In line with this, a few months into 2016, Windows 10 started displaying unsolicited advertisements on its users' desktops. Others dislike the changes Microsoft made by merging their failed “tiled” smartphone user-interface into the Windows UI. And, finally, some object to being force-fed whatever Microsoft wants and simply wish to choose for themselves.
In July of 2015, responding to the significant user backlash, Microsoft added features to its Windows Update facility which allow it to be configured, on a machine-by-machine basis, to not forcibly upgrade qualifying Windows 7 and 8.1 operating systems to Windows 10. However, Microsoft did not make this configuration simple. It requires the use of the group policy editor (which is not present in some qualifying systems) and/or the system registry. In other words, they created some deep internal configuration options but chose not to provide a simple user-interface to give their users the choice. “Never10” provides that choice.

What's new:
IMPORTANT NEW v1.3 RELEASE REMOVES ~6.5GB OF WIN10 FILES
Full command-line control for corporate deployment

Homepage:
https://www.grc.com/never10.htm

Download:
https://www.grc.com/files/never10.exe

Are you looking for amazing wallpapers to spicy up your device? Or just looking for a cool way to pimp up your gadget? Well look no further because this app will provide you with the best themed images you need.

Features:

• Compatible with iOS 8, iOS 7 & iOS 6;
  
  
• Optimal for all iOS devices (iPhone, iPod Touch & iPad);
  
  
• 100+ New wallpapers added everyday;
  
  
• Wallpapers made to fit both home screen & lock screen;
  
  
• User friendly interface;
  
  
• Quick and responsive navigation;
  
  
• Super fast loading with faster cloud servers near you;
  
  
• Auto clearance of cached data;
  
  
• Filter wallpapers as popular, latest and random;
  
  
• Share wallpapers to Facebook, Twitter, Instagram, Email;
  
  
• Use wallpapers as photo with any of your phone contacts;
  
  

Welcome to the exciting game “Sausage Day”. Watch out, it’s addictive.

Eat more sausages than your friends and set new records. Play the exciting game “Sausage Day”. Watch out, it’s addictive. Prove yourself and your friends that you are the best in this game. Play the exciting game “Sausage Day”. Watch out, it’s addictive. Earn as many points as possible. We will be glad to answer you at any time. Your opinion is very important to us.

https://iphone.giveawayoftheday.com/sausage-day-2/

Monitor your heart rate while you are receiving guided breathing sessions and keeping a high level of Coherence between your heart rate and breath. Three functions cooperate in one application for your well-being.

Why is this important to you? REDUCE STRESS, IMPROVE PERFORMANCES, BE PREPARED FOR ACTION. Breathing exercises have been shown to help reduce stress, improve performances and make you feel more relaxed and energized. But how do you know you are actually doing your breathing exercise well?

ARE YOU DOING WELL?

Heart Rate + is the first application able to measure how well you are doing your breathing exercise by monitoring your heart rate variations and showing the level of Coherence you have reached.

MAIN FEATURES
Heart Rate + is the first application to accomplish all the following tasks:

- Real Time Heart Rate Monitor
- Guided Breathing Exercises
- Heart Rate / Breath Coherence Monitor
- History of exercises
- Sharing on Twitter, Facebook and email
- Customizable Breathing Pattern

https://iphone.giveawayoftheday.com/hear...rmances-2/

Interval training timer 4 HIIT Workout is handy fitness trainer app. Created with various fitness programs needs in mind, it's easy to use. The right interval training timer to help your workout motivation. Doesn't matter if you do tabata, 7 minute workout, boxing workouts, hiit, some home exercise or you need a running tracker.

The full version of Interval Timer 4 HIIT Training drops from $1.29 to FREE!

Download Interval training timer 4 HIIT Workout and you'll get:

★ 10 workout routines including 4 minute tabata training and 7 minute workout routine
★ create own simple and extended training routines
★ workout tracker (training log) shows history and calories burned
★ achievements for workout motivation
★ import and export to files
★ backup of your trainings, exercise log and achievements
★ set custom sounds for each interval
★ add notes to your exercise log entries

https://android.giveawayoftheday.com/int...t-workout/

Quote:Enjoy Ultra HD videos as they should be. With Splash 2.0 you will be able to watch and convert your videos like never before. Picture2 features will improve your video experience with smooth motion, crisp details and vivid colors. Enjoy the best video quality and unique user experience!

Please note: The license provided is valid for 6-months.

http://sharewareonsale.com/s/cloudapp-pr...1-discount

Final Price:   24.99$

92% Discount

http://www.bitsdujour.com/software/vole-...deals-home

90% Discount


final price:  3.98$

companion book to the number one film, is a game changer in the world of health and nutrition. The result of broadcast journalist C.J. Hunt’s unprecedented global exploration for a solution to our exploding epidemic of obesity and diet-related disease– the #1 killer in America.
Uniquely easy to put into use, C.J. Hunt explains a new method of eating to optimize your health based on these breakthrough scientific facts, including detailed grocery shopping advice and great tasting recipes. Described as “irrefutable” and “the answer to the obesity epidemic” The Perfect Human Diet will forever change the way you think about food – and guide you to the health and life you deserve.


http://sharewareonsale.com/s/free-the-pe...0-discount

Defend Against Viruses
Malware are bad and Anvi Smart Defender PRO is big to defend against mushrooming threats including trojans, rootkits, spyware, rogueware, ransomware and more.
Malware Detect & Remove
Detect and remove malware, Trojans, worms, rogueware, ransomware, spyware and many others.
Double Scan Engine for Utmost Efficiency
High efficiently scan your system with double scan engine (local engine & cloud engine).
Anti-Hacker
Check all system services and settings that may be used by hackers to attack your system and offer one-click fix to keep it safe away from hacker attacks.
Basic File System Guard
Protect computer files, registry and startup items that may be modified or changed during the virus infiltration.
Basic Network Guard
Real-timely protect your computer, privacy and downloads when you are surfing online.
Advanced File System Guard
Scan inserted USB drivers and monitor system behaviors to prevent no potential risks.
Advanced Network Guard
Particularly guard against adware install or any other potential risks while you are shopping online.
Anti-Hacker & Anti-Exploit
Positively guard against any potential hacker attacks as well as multiple exploits.
Browser Repair
Conveniently repair browser problems caused by infections such as redirect virus or browser hijackers.
Facilitate Windows Updates
Repair issues occurring when windows updates in order to ensure the system is updated timely to be more secured.
Ultimate Solution to Ransomware Infections
Anvi Rescue Disk integrated to remove any desperate hard-to-remove computer blocked virus, alas ransomware.
Virus Scan Scheduler
Make virus scan at a scheduled time on regular basis or just schedule the virus scan when the system is idle.
Main Features
Anti-malware/Antispyware
Detecting and removing multiple malware, e.g. viruses, Trojans, rogueware, spyware, ransomware, etc.
Daily Utilities in Toolbox
Browser Repair Tool and more.
Basic Guard
Basically file system guard and network guard including File Guard, Registry Guard, Startup Guard, Web Guard, Privacy Guard and Download Guard.
Daily Database Update
Update the database on daily basis to defend against latest threats in the wild.
Anti-rootkit
Preventing your computer being attacked through exploits.
Scan Scheduler
Make virus scan at a scheduled time on regular basis.
Scan with Local & Cloud Engine
Double engine scan (local engine and cloud engine) for utmost virus scan efficiency.
Anti-Hacker
Protecting your computer from rampant hacker attacks by checking and fixing all related system services and settings.
USB Guard
Preventing your computer getting infected from malicious files in inserted USB driver
Behavior Guard
Avoiding system damages and data loss from any potentially risky operation by person
Shopping Guard
Protecting your PC system and sensitive info when you are shopping online.
Anti-Exploit
Preventing your computer attacked using exploits.
Malicious Ads Blocking
Blocking malicious ads popups or banners resulted from adware install.
Positive Guard of Anti-Hacker
Disabling any hacker attack through remote access or remove execute


http://sharewareonsale.com/s/anvi-smart-...eebie-sale

Contest expires in : 21 days left

http://www.couponbuffer.com/coupon/nero-...upon-code/

Professional photos without the work

It works great on every photo, and it’s easy to use. That’s why millions of users put their trust in us.





Zoner Photo Studio 18: A Modern Classic

We’ve joined dozens of years of experience with the trends of today. Take a look at how Zoner Photo Studio 18 will make your work with photos easier.


https://www.zoner.com/

Ad blockers don't just block ads on the internet - they actually break websites such as British Airways and Vodafone, a new study has found.

According to tests conducted on the UK's 100 most popular websites, ad blockers didn't just block pop-ups, but accidentally corrupted useful parts of a website,

Story continues - HERE

BlackBerry CEO, John Chen, took time aside from his busy daily schedule to pen a carefully worded blog post explaining the "lawful access" granted its global decryption key to Canadian police.
The scandal that hit BlackBerry at the end of last week has its roots in a murder case from 2011 when Canada's Royal Canadian Mounted Police (RCMP) requested and got access to a BlackBerry global decryption key in order to decrypt messages from the subsequent investigation.
Canadian prosecutors tried to hide this detail from the public and asked the judge to seal the case's technical details. After privacy groups sued the Canadian government, Canada's Supreme Court ordered the prosecution to unseal the documents, which proved BlackBerry's collaboration with local law enforcement.
BlackBerry CEO doesn't see anything wrong in the company's actions
Regarding the accusations from privacy groups and global media of BlackBerry being complicit to government surveillance, BlackBerry's CEO says that this is not true.
“  When it comes to doing the right thing in difficult situations, BlackBerry’s guiding principle has been to do what is right for the citizenry, within legal and ethical boundaries. We have long been clear in our stance that tech companies as good corporate citizens should comply with reasonable lawful access requests. I have stated before that we are indeed in a dark place when companies put their reputations above the greater good.  ”
Mr. Chen's point is that company should be willing to collaborate with law enforcement when this is the case, and for legitimate investigations. When this is not the case, and requests are only forwarded to access data without a legitimate reason, and only for surveillance, this is where companies should draw the line.
Mr. Chen then goes on to remind everyone that only a few months before, his company bravely stood its ground, even announcing its exit from the Pakistani market, after receiving unwarranted government requests for access to BlackBerry Enterprise Server (BES) email and messaging content.
What Mr. Chen didn't touch was the fact that BlackBerry allowed Canadian police to keep a copy of the global decryption key on its servers, instead of having police come to the company with data it needed unlocked.
Something like this opens the company to having its encrypted communications exposed in a data leak, if the decryption key is ever leaked or stolen. We won't even touch the subject of government abuse, if the police decides to use this key for anything outside warranted police investigations.

source

Pro-ISIS hacking outfit Team System Dz spent April 14, 15, and 16 hacking and defacing multiple websites from France, Israel, the US, and the UK.
The group has been around for a few years now, is based in Algeria, and flaunts an affiliation with the Anonymous hacker collective on its Facebook page.
Last week, from Thursday to Saturday, the group started posting links to hacked websites on its Facebook page, racking up quite an interesting collection by the weekend's onset.
All in all, the group defaced 88 websites, leaving pro-ISIS messages on their frontpage, along with a stylized Daesh logo. At the time of writing this article, most of the messages were removed.
Richland County should fire their webmaster
The most interesting targets were the US ones, which were government websites belonging to the Richland County in Wisconsin. Back in November 2015, Team System Dz defaced these very same websites, then it came back and did it again at the end of March, only to return in this recent wave of attacks.
This time around, the hackers defaced the websites for Richland County Sheriff’s Department, Fairgrounds, Parks Commission, Land Conservation, Ambulance Service, and the central Richland County government portal.
Most of the websites are running WordPress, and some look like they are running in multi-site mode, which means that if one was compromised, so were the rest.
All websites were defaced for the second time in the past month, and Richland County may want to look for a new webmaster after having its websites pwned for the third time in less than six months.
A full list of compromised websites along with mirrors can be found here. As it looks right now, the hackers aren't skilled enough to carry out other types of attacks except defacements, since there was no mention during the first two intrusions of any data leaks on the Dark Web.

source

CryptXXX is a new ransomware variant discovered during the past weeks, which, besides encrypting the user's data, is also capable of stealing Bitcoin from infected targets, along with passwords and other personal details, security researchers from Proofpoint have found.
The first signs of the CryptXXX ransomware appeared towards the end of March. Security experts say the ransomware is distributed via Web pages that host the Angler exploit kit. This crimeware kit uses vulnerabilities to push the Bedep click-fraud malware on the users' systems.
Bedep is also known for having "malware downloading" capabilities, so it will download the CryptXXX ransomware as a second-stage infection, dropping it as a delayed execution DLL, set to wait 62 minutes before launching.
CryptXXX asks for 1.2 Bitcoin
After infecting users, the ransomware changes the users' wallpaper with its ransom note and drops text and HTML ransom notes all over your computer.
You can spot CryptXXX infections by the ransom notes, which are named de_crypt_readme.txt and de_crypt_readme.html, or by the extension they add to all encrypted files, which is .crypt.



The standard ransom note asks for 1.2 Bitcoin, which is roughly $515 (€455), a sum that is well above the average of recent ransomware infections.
CryptXXX comes with a data harvesting component
In past infections with the Bedep click-fraud malware, Proofpoint said it also saw Bedep deliver an infostealer component. After an in-depth analysis, it was revealed that this is also true with CryptXXX, which too includes such a feature.
CryptXXX is capable of harvesting information and credentials about the user's local instant messenger clients, email clients, FTP clients, and Internet browsers.
Proofpoint has also said CryptXXX can "steal Bitcoin" but has not elaborated on how this takes place.
CryptXXX is from the same group that created the Angler exploit kit
But the most interesting detail about CryptXXX comes at the end of the company's analysis. Having a closer look at the big picture, Proofpoint saw similarities between CryptXXX and the older Reveton ransomware.
Similarities to Reventon include details such as the fact that both ransomware families were coded in Delphi, both use a delayed start, DLLs are called with a custom entry function, both include Bitcoin and credential stealing functions, and also use a custom C&C protocol on TCP 443.
Even worse, all clues point to the fact that CryptXXX was created by the same criminal group that came up with the Angler exploit kit itself, the Bedep click-fraud malware, and Reveton in the past.
Expect CryptXXX to have the same impact as Locky
This situation is similar to how the Locky ransomware came out of nowhere at the start of 2015 and became one of the top three ransomware families around, mainly thanks to the fact it was running on the infrastructure of the Dridex banking trojan.
Taking into account that the person behind Bedep, Angler, and Reveton is the same as he one behind even older tools such as the Cool exploit kit, CryptXXX is not your ordinary ransomware variant put together by script kiddies who stole code from open-sourced (and flawed) ransomware variants uploaded on GitHub.
"Given Reveton's long history of successful and large-scale malware distribution, we expect CryptXXX to become widespread," Proofpoint researcher Kafeine explains. "While we have observed many new ransomware instances in recent months, many have been written and/or distributed by less experienced actors and have not gained significant traction."
"Those associated with more experienced actors, however, (such as Locky) have become widespread quickly. Based on the large number of translations available for the payment page, it appears that the Reveton team shares those expectations."



source

Yesterday, Google announced a new notification and remediation system for dealing with hijacked websites that were compromised to spread malware or scam users.
The new webmaster notification system was perfected during joint research with the University of California, Berkeley, which was also presented at last week's 25th International World Wide Web Conference.
Google says that the study analyzed 760,935 hijacking incidents from July 2014 to June 2015, as identified by the company's Safe Browsing and Search Quality features.
The company explains it used these security incidents to test and compare a new notification system that informed users their site was hacked.
Contacting webmasters via email yielded the best remediation rates
Google says that when webmasters added their domains to Google's Search Console and the company had the owner's email address on hand, webmasters cleaned out compromised websites in 75 percent of cases if contacted directly by email.
In cases where the webmaster's email was not on hand, relying solely on Safe Browsing alerts (browser-based warnings) yielded a much smaller remediation efficiency of only 54 percent.
When Google relied on search results warnings by adding the "This site may harm your computer" notification next to each search listing, only 43 percent of the compromised websites were cleaned.
Google says it achieved the best results when it also included remediation tips with its emails, which cut down clean-up time by 62 percent, usually within three days.
One in eight websites gets reinfected in the first month
Despite all the good intentions, Google's researchers also noted that 12 percent of the cleaned websites ended up getting compromised again in less than 30 days after being declared clean.
"To improve this process moving forward, we highlighted three paths: increasing the webmaster coverage of notifications, providing precise infection details, and equipping site operators with recovery tools or alerting webmasters to potential threats before they escalate to security breaches," Google noted.
Moving forward, Google plans to improve the communications and notifications sent to webmasters, primarily by adding early warnings for outdated software or for urging webmasters to introduce additional authentication systems when necessary.



source

BitPay, one of the top Bitcoin payment processors, has published a public service announcement regarding a new emerging threat named Coinbitclip.
Discovered at the start of February, Coinbitclip is a trojan that, after infecting users, works by keeping a watchful eye over the victim's clipboard.
When the user copies or cuts a string that resembles the format of a Bitcoin wallet address, Coinbitclip looks at an internal list of Bitcoin addresses, all under the attacker's control, finds the one that looks most like the user's address and replaces the address in the victim's clipboard with its own.
With the help of this sneaky trick, the crooks behind Coinbitclip can hijack Bitcoin transactions and make a profit on the back of infected users.
Back at the start of February, when Symantec detected Coinbitclip for the first time, the company said the crooks behind this trojan were bundling it with the Hearthstone Hack Tool, an app that promises to provide unlimited gold and dust for Hearthstone players.
BitPay says it didn't receive complaints from customers who reported hijacked transactions traced back to Coinbitclip, but it's raising the alarm nevertheless so that the clients would know and be aware that such threat exists.
With companies involved in the Bitcoin ecosystem falling left and right to all kinds of cyber-attacks, BitPay is playing the "better be safe than sorry" card, warning customers in advance.

source

Security firm Kaspersky Lab today announced a new, specialized security solution, aimed at critical infrastructure and industrial facilities.
The solution, called Kaspersky Industrial CyberSecurity, is built to protect technological processes in industrial environments from cyber-attacks because, as the company says, these threats now have the potential to cross the realms, from the virtual one into the physical one, threatening not only businesses, but humanity and nature, as well.

The solution is aimed for today’s industrial facilities such as nuclear power plants, refineries and assembly lines, facilities which require, as Kaspersky puts it, "faultless continuity and consistency of the technological process".
Another problem industrial facilities are faced with are strict regulations and compliance issues, which can lead to unprotected critical systems, Kaspersky says. Therefore, their system covers all of that.
It combines conventional security such as anti-malware, whitelisting and vulnerability assessment, and pairs it with technologies designed specifically to protect industrial environments, including Integrity check for PLC programs, Semantic monitoring of process control commands and Telemetry data.
There’s also the Observability Mode, which is designed only to detect cyber-attacks, operation personnel faults and anomalies which can occur inside the network.
"Today, the cybersecurity of industrial systems and critical infrastructures is of vital importance. An increasing number of such systems are using devices and channels that interact with the outside world", said Kaspersky Lab CEO Eugene Kaspersky.
"Sometimes they use equipment that was never intended for external access, not to mention software that was created decades ago and has not been upgraded since! This is a very serious issue because not only is the continuity of the production process at stake; the environment and even human lives can be at risk. Our solution is capable of ensuring the cybersecurity of the technology cycle at all levels of automated process control. We are also actively cooperating with manufacturers of automation systems in order to develop equipment that takes new cybersecurity standards and requirements into consideration".


source