Windows Update deploying malware powered by GitHub C2 Server
According to a report from Malwarebytes on Thursday, North Korean cyber-espionage group’s latest attack was found to be very similar to other attacks from the group. Malwarebytes analysts have discovered that the APT group has been using a new technique that involves spear phishing to steal user data and cryptocurrency.
The focus of the phishing campaign is consistent with the APT group’s style – they impersonate big, global brands. In this case, they pretended to be a huge military and defense company.
Korean hackers are rampaging. They are one of the most active cyber-attackers in the world. The US considers them to be a huge threat. They have been caught red handed attacking companies and stealing secrets for years. Their leader is Lazarus, who has been active since at least 2009. This group is responsible for many cyber attacks, including the WannaCry ransomware attack that has been in the news.… Read the rest
Android Malware steals your money, then wipes your phone
For years, malware has been an issue for computers. While there are different levels of severity, it is extremely dangerous when targeting your smartphone.
Apple’s closed ecosystem is incredibly protective. It has few checks and balances. As a result, it’s very difficult for hackers to infiltrate Apple products and leave malware behind. Unfortunately, Android is the opposite. Its open nature makes it easy for hackers to infiltrate, leaving Android users vulnerable to malicious code.
A new version of a virus has been discovered. Read on to find out how a Brazillian malware became a powerful threat.
Here’s the back story
A Remote Access Trojan (RAT) known as BRATA has been around since 2019. At the time, it was used as spyware and exclusively targeted Android users in Brazil. It was able to capture a victim’s screen in real-time.
In early 2016, a malware called BRATA spread online. It masqueraded as … Read the rest
How To Configure Ubuntu Desktop 20.04 To Access Unifi UDM Pro VPN Tunnel
In this tutorial you will learn how to configure Ubuntu Desktop 20.04 to access Unifi UDM Pro VPN tunnel. You will then be able to use your Ubuntu Desktop 20.04 to VPN into your UDM Pro and browse and access your network files or even remote access other systems on the network.
If you need assistance on creating a Unifi UDM Pro VPN tunnel, click here.
How to install VPN client software on Ubuntu Desktop 20.04
- Log into your Ubuntu Desktop 20.04 and open up the Terminal.
- Elevate your Terminal Access
sudo -s
3. We will now need to install the L2TP VPN package.
sudo apt install network-manager-l2tp network-manager-l2tp-gnome
4. You need to restart your computer to see “Layer 2 Tunneling Protocol (L2TP)” in your VPN access manager.
5. Log back onto your Ubuntu Desktop 20.04 and from here we will use the GUI.
6. Click on your network icon … Read the rest
Complete VestaCP Setup Guide for Ubuntu 18
In this Complete VestaCP Setup Guide for Ubuntu 18 I will show you how to install Ubuntu 18 with all of its updates, Setup VestaCP and configure Name Server and domains. We will also do some security hardening, add SSL’s and update to the latest MariaDB and PHP versions. Finally I will also show you how to configure backups to an external source.
Consider using HestiaCP and Ubuntu 20 as VestaCP has been fading away.
Prerequisites
- Register a Domain to use for your VPS server. I will be using GoDaddy.com as my domain registrar. In my case I have purchased the domain PatricksWebsiteHosting.com for this tutorial.
- Choose and purchase a VPS from a VPS provider. Many factors come into play here but I will be using a2hosting.com they seem to have fair pricing and they provide lots of storage. You could also use your own server at home but it
New UEFI Bootkit called MoonBounce
Researchers have discovered a sophisticated new type of malware that targets UEFI and its called MoonBounce. The Bootkit or also known as rootkit malware is suspected to be associated with (advanced persistent threat 41). APT41 is a group of hackers who have been robbing businesses for many years.
Researchers at Kaspersky Labs discovered a new type of malware. This is the third known type that infects UEFI firmware. The first two types were FinFisher and ESPecter.
- The malware is injected into the SPI flash part of the motherboard, signifying that it cannot be removed even after hard disk replacement.
- The injection is stored in the CORE_DXE component, which is called during the early boot sequence of UEFI.
- Once the MoonBounce rootkit malware makes its way inside the OS, it may reach out to a server to obtain further payloads.
- Additionally, the infection chain does not leave any evidence and works
How To Open And Forward Ports On Unifi UDM PRO
In this tutorial you will learn how to open and forward ports to an internal LAN IP on your Unifi UDM Pro using Unifi Controller version 6.5.55. In the latest releases of the Unifi Controller, they have simplified the process for us and with a few simple steps you can quickly forward the ports you need.
Let’s get started.
First make sure you are running the latest controller version. At the time of this publication, it is 6.5.55.
- Log into your UDM Pro using unifi.ui.com or its IP address.
- Access the Unifi Controller and click Settings
- Click on Advanced Features and afterwards you will be presented with a page where you can apply your network rules.
- Now scroll down, locate and click on Advanced Gateway Settings.
- You should now be presented with the Advanced Gateway Settings Page.
- Click on the Create new Port Forwarding button.
- In the Port Forwarding window
How To Transfer Unifi UDM Pro Owner
In this tutorial you will learn in a few simple steps on how to transfer Unifi UDM Pro Owner to a new ui.com owner account. This will come handy when you acquired a new client or accidently used the wrong account to register the UDM Pro into unifi.ui.com
Option 1
Step 1: Make sure you have local access via IP to your UDM Pro before proceeding.
Step 2: Log into unifi.ui.com using the old ui.com owner account and all except the owner, remove all accounts that have access to your UDM Pro.
Step 3: Use the old owner account to log into UDM Pro using IP address
Step 4: Create a backup of all UDM Pro configurations.
Step 5: Create a new Super Admin “Local Access Only” account.
Step 6: Now in the UDM Pro settings disable Remote Access by going to
- Settings
- Advanced
- “Remote Access”.
Step 7: Log … Read the rest
How To Configure Unifi UDM Pro Controller 6.5.55 For Windows 10 VPN
In this tutorial you will learn how to configure a Unifi UDM Pro Controller 6.5.55 for Windows 10 VPN access. I will take you through the process of configuring a VPN Connection and a VPN user on Unifi Controller version 6.5.55 for your UDM Pro and then we will finish with configuring Windows 10 VPN client.
How to setup Ubuntu Desktop to access UDM PRO VPN Tunnel
Let’s start by logged into your UDM PRO and then follow these steps below.
- Click on Settings
- Click on Networks
- Click Add New Network
- Apply a Network Name for your VPN. For this tutorial I will name mine VPN-Access.
- Now that we have a name click on the Virtual Private network (VPN) expand arrow.
- Now for VPN Setup click on Advanced.
- Now Select Remote Access.
- Scroll down the page and locate Pre-shared Secret Key. End users will need to use this
Benefits Of Lean Six Sigma In The IT Sector
This article I am recognizing the many benefits of Lean Six Sigma in the IT sector. I believe that Lean Six Sigma can help IT professionals with their company’s growth, if they have a sincere mindset.
Many IT organizations are under pressure to improve their service and process capability. In the quest for improvement methodologies, these businesses often adopt a “pick one” strategy. However, it is possible to integrate Lean and Six Sigma and reap the full benefits that these methodologies can bring to the table.
For businesses to be successful, they must work hard to go above and beyond. Lean Six Sigma is a rigorous method of eliminating defects in any process. It is a data-driven approach and methodology for ensuring near perfection. This approach must not produce more than 3.4 defective results per million opportunities. In order to achieve lean six sigma quality, businesses must focus on improving … Read the rest
How To Remove Splashtop Software
So, we have bumped into Splashtop Software, and we wish to uninstall it from all the computers. Unfortunately, we cannot find the uninstaller in add or remove programs so the next best solution would be to run a Command Script to remove the Splashtop Software.
What is Splashtop anyways?
Splashtop is a family of remote-desktop software and remote support software, developed by Splashtop Inc. Splashtop enables users to remotely access or remotely support computers from desktop and mobile devices. Splashtop enables remote computer access for businesses, IT support and help desks, MSPs, and educational institutions.
In a few steps we will have the Splashtop Software removed.
- Open Notepad.
- Copy and paste the following into notepad.
msiexec /x {B7C5EA94-B96A-41F5-BE95-25D78B486678} /qn
REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Splashtop Inc." /f > nul 2> nul
REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Splashtop Inc." /f > nul 2> nul
RMDIR /S /Q "C:\Program Files (x86)\Splashtop\Splashtop Remote\Server" > nul 2> nul
RMDIR /S 
Loading ...