Categories
Security solutions and antivirus software

AppCheck Anti-Ransomware Is A Nice Security Software You Should Use At Home (Free) Or At The Office (Paid)

As you may know, the ransomware malware is that type of virus that encrypts all your data and asks for a ransom if you want everything back. It has grown a lot lately, becoming a big threat for both enterprise and home users.

In this article I will make a mini-presentation of AppCheck Anti-Ransomware, a complementary security solution that has been designed by Checkmal to run alongside your antivirus software on Windows.

AppCheck Anti-Ransomware is created by a Korean developer and can run on both 32 bit and 64 bit Windows systems, being available as a free and a paid software. The free version provides basic anti ransomware protection, while the pro version provides some functions that may become useful in a corporate environment.

The installation of the app is very easy and straightforward and the app works by itself after installation, but you should configure it as you like if, from the interface, which is very intuitive.

The free version of the app provides real-time protection, exploit protection and MBR protection, but only the paid version provides protection for the network drives. The protection can be toggled on and off from the interface.

Main features:

  • Protection against 800+ ransomware types
  • Ransom Guard: keeps copies of important files, in order to prevent data loss
  • Cleans PUPs/PUAs and common malware
  • Auto Backup and server protection (paid version)
  • Active monitoring the system and providing proactive protection.
  • It is very lightweight and does not require high RAM memory

Conclusion:

This app is really nice to have because it enhances the security of your system. If you don’t need the pro features, you should at least use the free version of it. For more information, see the developer’s website.

AppCheck Anti-Ransomware Is A Nice Security Software You Should Use At Home (Free) Or At The Office (Paid)

Categories
Hackers and hacks News

The GreyKey Is An Expensive Device That Can Crack Any iPhone

A security company named Grayshift has created a device that hacks any iPhone device on the market. It comes with two lightning cables, permitting the users to unlock two Apple devices in the same time. The device has the dimensions of a mini pc and is highly portable.

Depending on the password complexity, the cracking takes from a few hours to a few weeks time. After it is cracked, the passcode is displayed on the iPhone screen.

After the iPhone is cracked, the data is copied on the GreyKey and it can be accessed on a web interface.

The GreyKey costs $15.000 and permits the hacking of 300 devices with an internet connection, but for $30.000, you will benefit of unlimited attempts and offline support also.

Grayshift announcement:

“The offline model does require token-based two-factor authentication as a replacement for geofencing for ensuring security. However, as people often write passwords on stickies and put them on their monitors, it’s probably too much to hope that the token will be kept in a separate location when the GrayKey is not being used. Most likely, it will be stored nearby for easy access,”

While this device could be very useful to the authorities, it can be used for illegal activities on the wrong hands. For now, we don’t actually know what happens with the cracked phone, if it remains jailbreaked or if it can be accessed remotely.

The GreyKey Is An Expensive Device That Can Crack Any iPhone

For more information, read this article from the Malwarebytes blog.

Categories
News Security solutions and antivirus software

Haven app can turn your old phone into a surveillance system

As you may know, Edward Snowden is the guy that has leaked in the press a bunch of NSA documents and created a caused a big scandal with this.

Recently, Edward has developed Haven, an open-source, free Android application that transforms your old mobile phones into surveillance systems. It uses the device’s camera, audio recording ability and the accelerometer to detect movement and notify the user.

Despite the strong encryption methods, every device is vulnerable to physical, in-person tampering which can be done by everyone with the required skill set. The software was created in collaboration with The Guardian Project and Freedom Of The Press and aims to prevent different burglaries.

If you setup a spare Android phone to track down the movement of the front door, the app will record any audio or movement, take a snap of who enters on the door and detect motion, alerting the user via either SMS, Signal (encrypted messaging service) or via a Tor-based website.

Haven can be downloaded for free via Google Play.

Quote from Freedom of the Press:

Imagine you are a journalist working in a hostile foreign country and you are worried about security services breaking into your hotel room and rifling through your belongings and computer while you are away. Haven detects changes in the environment using the sensors in a typical smartphone — the camera, microphone, gyroscope, accelerometer, ambient light, USB power — to alert you if anyone enters your space or attempts to tamper with your devices while you aren’t there.

The Haven app can then send end-to-end encrypted alerts to your phone via Signal, and you can monitor activity remotely through a Tor Onion Service. Importantly, Haven does not rely on the cloud and does not transmit data that third parties can access unless you have SMS functionality turned on in situations where you don’t have data or wifi.

Sources: TechCrunch and BetaNews.

Categories
Editorials and informational articles Security solutions and antivirus software

The Ultimate Guide For Protecting Yourself From Malicious CPU Minigolf Websites

Lately, the crypto currency mining has risen a lot. Many malicious sites have started using the CPU to mine for Monero bitcoin, similar to what PirateBay did until they were caught. Also, the Trend Micro team has discovered Digmine, a crypto malware that spreads through Facebook Messenger and infects the systems with Monero miners.

The virus spreads via Facebook Messenger, when the malicious videos are opened in the Chrome browser, allowing the hackers to access the infected account and spread the malware to other friends from the list.

The Opera developers have already added a NoCoin feature starting with Opera 50, which blocks all the malicious CPU miners.

Instructions for protecting yourself against CPU minors:

Add an anti-mining extension:

To protect your computer against this type of threats, you should use one of the anti-mining extensions available for either Chrome or Firefox. The software works like an adblocker software, but prevents only the malicious sites from mining.

Anti-mining extensions for Firefox: MiningBlocking, NoCoin, AntiMiner, CoinBlock and others.

Anti-mining extensions for Chrome: NoCoin, MinorBlock, AntiMiner and others.

Add the NoCoin list to your current adblocking software:

You can add the NoCoin list to AdBlocker Plus, AdGuard, uBlock and other adblocking services. The easiest way to do that is to access FilterLists, scroll till you find NoCoin and press the Add button to implement the list.

To manually add the NoCoin list in uBlock, you need to access the Dashboard from the addon menu, go to the 3rd-party filters and add the below link:

https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/resource-abuse.txt

To add the NoCoin list in Adblock Plus, you need to access Options, go to Add your own list and add the below link:

https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/nocoin.txt

To add the NoCoin list in AdGuard, you need to access Options, go to User Filter and add the content of the file in the field (the content of the file, not the link):

https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/nocoin.txt

Restrict the access from the hosts file:

You need to add in the C:\Windows\System32\drivers\etc\hosts file the below line:

0.0.0.0 coin-hive.com

Power users can create  custon DNS or adblocker by using a Linux system (or a Raspberry Pi), to add in a list all the sites you don’t want to get resolved and set the device as DNS server.

It is enough to use only one of the methods above to protect yourself from malicious mining.

Categories
Editorials and informational articles Security solutions and antivirus software

OSArmor Is An Anti Exploit Free Software That Blocks Malicious Processes From Running

As you may know, OSArmor is a free anti exploit software that stays in the Windows Tray and protects the computer against auto executable scripts. The software has been designed by the NoVirus Thanks and is officially supported on Windows 7, Windows 8.1 and Windows 10.

Main features:

  • Block execution of pif, com and double file extensions.
  • Block USB spreading malware.
  • Prevent “important” system modifications via bcedit.exe.
  • Block direct execution of scripts and exe files from archives.
  • Prevent regsrv32 from executing remote scripts and /i: parameter.
  • Block processes executed from wscript.exe, cscript.exe, mshta.exe and wmic.exe.
  • Block executionpolicy bypass and windowstyle hidden in PowerShell.
  • Block remote URL downloads from the command line.
  • Block direct execution of JavaScript and VBscript code.
  • Limit Windows Screensaver files to Windows folder.
  • Block execution of schtasks.exe.

After the application has been installed, the configuration parameters can be modified via File -> Open Configurator. If you ask me, the default settings are enough for regular users. For extra security, the software can block running apps from Local AppData, Roaming AppData, Common AppData, but I do not recommend this setting for regular users, do to the fact that it may break some programs.

Also, it can be configured to block apps created by NirSofer, VNC software and LogMeIn, software which is commonly used by IT support specialists.

Tjhe interface is simple and clean and displays the number of blocked processes, the last blocked process and the date and time when the process was blocked. If you need to perform troubleshooting, you can read the logs.

When this article was written, the latest version available was OSArmor 1.3. The software can be downloaded for free from here.

I have toyed a little with OSArmor and decided to keep it installed on the system.

OSArmor Is An Anti Exploit Free Software That Blocks Malicious Processes From Running

OSArmor Is An Anti Exploit Free Software That Blocks Malicious Processes From Running

OSArmor Is An Anti Exploit Free Software That Blocks Malicious Processes From Running

OSArmor Is An Anti Exploit Free Software That Blocks Malicious Processes From Running

Categories
Editorials and informational articles Security solutions and antivirus software

Opera 50 NoCoin Feature Will Prevent Malicious Sites From Performing CPU Bitcoin Mining

Starting with Opera 50 stable, the Chromium based internet browser will receive two awesome changes: enhanced VPN service, which will be using the Opera data centers instead of the SurfEasy LLC ones used in the present and a new function called NoCoin, designed to block websites from performing CPU mining while you navigate on the internet.

The revised VPN function:

Starting with the new VPN function, Canada, US, Germany, Netherlands and Singapore will be replaced with Europe, America and Asia. Despite this, the functionality will remain the same.

If you don’t know this yet, the VPN feature can be enabled by going to the Settings menu (ALT + P) -> Privacy and Security – Enable VPN.

NoCoin – the anti mining service:

The NoCoin feature forbids the websites to perform malicious CPU mining while you navigate on the internet. For this to work, you need to also enable the built-in Opera adblocker and along with it, the NoCoin gets also activated (but can be disabled by user, if needed).

Basically, the NoCoin feature is just a list of malicious websites that get blocked by the adblocker.

So, if you want to enable both the built-in adblocker and NoCoin, you need to go to the Settings Menu (ALT + P) -> Block Ads.

Funcționalitatea antibitcoin nu permite siteurilor infectate sa mineze monede virtuale și să folosească putere de procesare în plus, in timpul navigării pe internet. Funcția este foarte bună și cred că va fi repede adoptată de celelalte browsere. Pentru ca noua funcție să funcționeze (și să apară în opțiuni), e nevoie să se activeze și mecanismul integrat adblocker.

The NoCoin function will be included in the stable version of Opera 50, but it is already present in both Opera 50 Beta and Opera 51 Dev.

For more information, see this article from the official Opera Blog.

Like usual, Opera is the browser that implements new features the fastest. The NoCoin feature should be adopted quickly to by the other internet browsers as well.

Opera 50 NoCoin Feature Will Prevent Malicious Sites From Performing CPU Bitcoin Mining

Opera 50 NoCoin Feature Will Prevent Malicious Sites From Performing CPU Bitcoin Mining

 

Categories
News

How To Remove The Troubleshooter Malware That Generates Fake BSODs And Asks Users To Buy A Non Existent Windows Defender AV

According to Myce, the security researchers from Malwarebytes have discovered a malware called Troubleshooter, which generates fake Blue Screen of Deaths (BSODs) and asks the user to buy Windows Defender Essentials (fake Windows Defender version) to clean the computer.

The malware inserts a BSOD image and disables the key combinations that permit the user to close the windows (e.g. ALT+F4) and asks for 25$ on Paypal, for buying the fake version of Win Defender.

How To Remove The Troubleshooter Malware That Generate Fake BSODs And Asks Users To Buy A Non Existent Windows Defender AV

How To Remove The Troubleshooter Malware That Generate Fake BSODs And Asks Users To Buy A Non Existent Windows Defender AV

How To Remove The Troubleshooter Malware That Generate Fake BSODs And Asks Users To Buy A Non Existent Windows Defender AV

A security researcher found out that if the user pays for the fake software, the website http://hitechnovation.com/thankyou.txt gets opened and the malware kills himself. If you get in this situation, just use the CTRL + O combination and navigate to the website yourself (without paying the ransom).

Apparently, this type of malware spreads with cracked software, so if you are a good samaritan and use only genuine software or open-source alternatives, you should be safe.

To remove this software completely, you need to reboot in safe mode, delete the Troubleshooter.exe file from %temp%, disable the csrvc service and scan your computer with Malwarebytes. More detailed instructions can be found on this Malwarebytes forum thread.

Categories
Offers and promotions Security solutions and antivirus software

Get Shadow Defender for free

Shadow Defender is an easy-to-use security solution (for Windows operating systems) that protects your PC/laptop real environment against malicious activities and unwanted changes.

Shadow Defender can run your system in a virtual environment called ‘Shadow Mode’. ‘Shadow Mode’ redirects each system change to a virtual environment with no change to your real environment. If you experience malicious activities and/or unwanted changes, perform a reboot to restore your system back to its original state, as if nothing happened.

With Shadow Defender, you have the flexibility to specify which files and folders are permanently saved to the real environment. This ensures important files and folders are kept after a reboot.

If you want to make a maintenance-free computer, Shadow Defender will be your best choice.

Shadow Defender users…

  • Maintain a system free from malicious activities and unwanted changes.
  • Test software and game installations in a safe environment.
  • Protect against unwanted changes by shared users (suitable for workplaces and educational institutions).

Shadow Defender Features

  • Prevent all viruses and malwares.
  • Surf the internet safely and eliminate unwanted traces.
  • Protect your privacy.
  • Eliminate system downtime and maintenance costs.
  • Reboot to restore your system back to its original state.

The installer is very light, only 3,5 MB and also the use of the application is self explanatory. The offer is still available through SharewareOnSale. Get it now and save up to $35. In case you miss out the offer, you could always check the producers website and get a 30 days trial.

Disclaimer

You are allowed to use this product only within the laws of your country/region. Zeroviruses and its staff are not responsible for any illegal activity. We did not develop this product; if you have an issue with this product, contact the developer. This product is offered “as is” without express or implied or any other type of warranty. The description of this product on this page is a marketing description, written by the developer with few more notes written by the ZeroViruses team. The quality and performance of this product is without guarantee. Download or use at your own risk. If you don’t feel comfortable with this product, then don’t download it.

Categories
Offers and promotions Security solutions and antivirus software

Get MalwareFox for free

Malwarefox is advanced, yet simple-to-use anti-malware solution for Windows computers. It gets rid of adware, spyware, browser hijacker and other malware and keeps PC safe from Ransomware. It provide aggressive detection capabilities and effective malware removal tool to keep your systems safe and secure.

Considering the advent newer form of cyber crimes, Anti-Malware software have become necessity these days. This is because traditional Antivirus programs are incapable of catching every threat.

MalwareFox is a lightweight yet powerful anti-malware program. It has clean and simple user interface. It is strong against adware, ransomware, and zero-day exploits. MalwareFox provides real-time protection against different malware attacks.You can turn to this application if you need a quick, efficient way to detect if your system has been targeted by malicious attacks and whether or not they had succeeded to infect it.

Just as you launch the program you will notice that the main window displays a bunch of statistics, which include the status of your PC, when you performed the last scan and the real-time protection status. Running a scan can be simply done by pressing the “Scan” button.

All things considered, if you’re looking for a handy malware scanner that lets you quarantine detected items, you can opt for MalwareFox AntiMalware.

MalwareFox

Installer size: 5 MB.

Other notes: the software is very similar to Zemana Antimalware. In case you already have Zemana installed you will notice an error when installing MalwareFox stating that you have a newer version of MalwareFox, and I’m guesing that this is the case since it seems to use the same engine and algorithm for scanning against malware.

The offer is available for the next 2 days and a half through SharewareOnSale. Take advantage now and save $24.95. In case you miss the offer, please go to the developers website.

Disclaimer

You are allowed to use this product only within the laws of your country/region. Zeroviruses and its staff are not responsible for any illegal activity. We did not develop this product; if you have an issue with this product, contact the developer. This product is offered “as is” without express or implied or any other type of warranty. The description of this product on this page is a marketing description, written by the developer with few more notes written by the ZeroViruses team. The quality and performance of this product is without guarantee. Download or use at your own risk. If you don’t feel comfortable with this product, then don’t download it.

Categories
Editorials and informational articles Security solutions and antivirus software

After few months Locky ransomware reappeared

According to a Malwarebytes article, after it went dark for months, Locky ransomware returned with two new ‘flavors’. The new versions use new command and control servers. They also use two new affiliate IDs: AffillD3 and AffillD5.

The way that the ransomware is spreading has not changed much. It still uses phishing e-mails that contains malicious code into MS Office files or archived attachments.

Back in 2016, Locky ransomware was in top 3 along with Cryptowall and Cerber. It came back in 2017 but a little more quitter. On August the 9th it reappeared using a new ransomware note and the extension .diablo6 for encrypted files. After another week, a second version appeared using the .Lukitus extension for encrypted files.

Locky ransomware has its base code based on the banking trojan Dridex and it is associated with Necrus malware as distribution botnet. The Dridex trojan seems to be behind the theft of approximately 20 million punds from UK bank accounts. It was then reorganized for ransomware instead of stealing authentication data from online bank account platforms.

Stay alert when opening attachments that come from unknown sources and also a antivirus or antimalware solution is always welcomed. Better safe than sorry! is a phrase we use.