Thursday, 8 February 2018
Thursday, 29 September 2016
Kickass alternatives
kickass torrent is down . As it is shut down by the US gov with the owner Artem Vaulin being arrested .
All the official domains have been shut down .
“ Vaulin is accused of running illegal sharing website files today the most visited, responsible for the illegal distribution of more than a billion dollars of materials protected by copyright ” says the Assistant Minister of justice Leslie Caldwell .
These are some working alternatives :
http://dxtorrent.com
https://kickass.la
https://katstorrent.co
https://kickass.unblocked.cat
http://kat.al
http://kickasstorrents.to
http://settorrent.com
http://kickasstorrents.website
BitTorrent is one of the most common communications protocol of peer-to-peer file sharing which is used to distribute data over the Internet. BitTorrent is one of the most common protocols for transferring files
IsoHunt, you may remember, IsoHunt was also behind the resurrection of The Pirate Bay during one of its numerous takedowns. The new mirror isn’t as robust as the mission to keep TPB functional .
“It’s not perfect but if the users need to save and archive something it’s time,” the IsoHunt team said. “We don’t know how long it can last, but at least it’s something.”
Some popular torrent websites :
torrentz ( Alexa rank 205 ) :
Torrentz is a Finland based meta search engine for bit torrent .
https://torrentz.eu/
The Pirate Bay ( Alexa rank 329 ) :
Content is being provided by multiple round robin servers .
https://thepiratebay.org
Flaw in Chromodo
What is
Chromodo?
Comodo’s Chromodo,
a Chromium-based browser based on the open-source project Chromium that claims
to improve the browsing experience by increasing loading speeds of the websites
and online security.
According
to the researchers, Chromodo automatically overrides system settings and set
itself as the Default Browser without users' knowledge. Comodo’s
Chromodo browser contains security failings and puts its users at risk.
According
to the Google report, Comodo's Chromodo browser is less secure than it claims
to be.
If your
default browser had been changed to "Chromodo", then you could
be at risk!
The main
security issue is that the Chromodo browser has SOP - 'Same Origin
Policy' disabled by default. This violates one of the strongest browser
security policy.
SOP permits scripts running in a web
browser to make requests to pages on the same domain.
It must
be enabled to prevent the malicious scripts on one page from obtaining access
to the data on another web page.
Disabling
SOP in Chromodo could allow attackers to steal session authentication
cookies, run malicious script codes and could even Replace websites with
attacker - created HTML design. Some Chromodo browser are vulnerable to
cross - domain attacks. “They also hijack DNS settings, among other shady
practices,” Ormandy wrote.
Embassies at risk from Chinese hackers
According to Kaspersky Labs, a group of Chinese hackers, DANTI
stole some information from the computers of various bureaucrats and Indian
embassies earlier this month.
The origin of Danti is unknown, but the Kaspersky Lab researchers suspect that the group is somehow connected to the Nettraveler and DragonOK groups. They believe it is Chinese hackers who are behind these groups.
Danti is highly focused on diplomatic entities. They may already have full access to internal networks of Indian government organisations, Kaspersky Lab alleged in a statement.
It was first spotted at the beginning of February. Some Danti Trojans have been detected in Kyrgyzstan, Kazakhstan, Uzbekistan, Nepal, Philippines and Myanmar.
The exploit is delivered through phishing emails. In order to grab the attention of potential victims, the threat actors of Danti have created emails in the names of some high-ranking Indian government officials. Once the vulnerability is exploited , the Danti backdoor is installed. This subsequently provides access to the infected machine so they can get sensitive data.
The “CVE-2015-2545” error enables the attacker to execute codes using a specially crafted EPS image file. The severity of the exploit for this vulnerability is very high as it uses PostScript technique and it can evade Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) protection methods embedded in Windows. This group is been spotted lately using this vulnerability.
The origin of Danti is unknown, but the Kaspersky Lab researchers suspect that the group is somehow connected to the Nettraveler and DragonOK groups. They believe it is Chinese hackers who are behind these groups.
Danti is highly focused on diplomatic entities. They may already have full access to internal networks of Indian government organisations, Kaspersky Lab alleged in a statement.
It was first spotted at the beginning of February. Some Danti Trojans have been detected in Kyrgyzstan, Kazakhstan, Uzbekistan, Nepal, Philippines and Myanmar.
The exploit is delivered through phishing emails. In order to grab the attention of potential victims, the threat actors of Danti have created emails in the names of some high-ranking Indian government officials. Once the vulnerability is exploited , the Danti backdoor is installed. This subsequently provides access to the infected machine so they can get sensitive data.
The “CVE-2015-2545” error enables the attacker to execute codes using a specially crafted EPS image file. The severity of the exploit for this vulnerability is very high as it uses PostScript technique and it can evade Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) protection methods embedded in Windows. This group is been spotted lately using this vulnerability.
Flaw in Truecaller
Truecaller is a popular service that search and identify
any phone number and also can block the incoming calls and some SMS
messages from phone numbers that are categorized as spam sources .
Security researchers from Cheetah Mobile Security Research Lab have discovered a remotely exploitable Bug in “ True caller “ app that puts over millions of its users at risk by exposing the personal details of the users .
True caller has apps for many platforms like android , ios , windows , black berry , Symbian .
The Bug discovered by Cheetah Mobile Security Research Lab, affects Truecaller Android version .
Truecaller app asks users to enter phone number, email id, and other personal details, which is verified. It uses the device's IMEI to authenticate users.
Researchers were able to retrieve the personal details of other users based on the IMEI code just by interacting with app's servers.
The attacker can get some personal informations like account name, e-mail, profile picture, home address. Attackers can modify user's application settings, they can disable spam blockers and add or delete blacklist of users .
Attackers can write some scripts that query a random IMEI code to discover details about user and use them in spam and phishing campaigns.
Their servers are updated as well as released an update . In order to prevent get the latest version of truecaller.
Security researchers from Cheetah Mobile Security Research Lab have discovered a remotely exploitable Bug in “ True caller “ app that puts over millions of its users at risk by exposing the personal details of the users .
True caller has apps for many platforms like android , ios , windows , black berry , Symbian .
The Bug discovered by Cheetah Mobile Security Research Lab, affects Truecaller Android version .
Truecaller app asks users to enter phone number, email id, and other personal details, which is verified. It uses the device's IMEI to authenticate users.
Researchers were able to retrieve the personal details of other users based on the IMEI code just by interacting with app's servers.
The attacker can get some personal informations like account name, e-mail, profile picture, home address. Attackers can modify user's application settings, they can disable spam blockers and add or delete blacklist of users .
Attackers can write some scripts that query a random IMEI code to discover details about user and use them in spam and phishing campaigns.
Their servers are updated as well as released an update . In order to prevent get the latest version of truecaller.
Subscribe to:
Posts (Atom)