Archiv: Windows (operating system)


04.09.2021 - 20:16 [ YogaDNS.com ]

Pools and Relays

DNS Servers and DNS relays can be combined into a pool. If you assign such a pool to a rule, YogaDNS will use a random DNS server from this pool to make a resolution. This will improve the redundancy and distribute the load.

Another scenario for the pools is the use of DNS relays (a.k.a. Anonymized DNS). In this case, a pool should contain relay(s) and DNSCrypt server(s). YogaDNS will forward queries over the relay(s) to the DNSCrypt server(s), and, thus, the queries will be anonymized. If a pool contains more than one server or relay, a random server or relay will be used for each query.

To create a pool, open Configuration->DNS Servers via the menu or the toolbar icon.

04.09.2021 - 20:15 [ YogaDNS.com ]

The Most Advanced DNS Client for Windows

YogaDNS automatically intercepts DNS requests at the system level and allows you to process them over user-defined DNS servers using modern protocols and flexible rules.

04.09.2021 - 20:10 [ DNS.sb ]

How to set DoT on Windows 10

1. Download YogaDNS

You can download and install the latest version here (opens new window).

2. Set an empty configuration

3. Set DNS.SB DoT Server

Click DNS Servers, then click Add…

Choose Type to DNS over TLS, set IP address and optional port: to 185.222.222.222

Under DNS over TLS options, set Hostname to dot.sb

Click OK

04.09.2021 - 19:59 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

04.09.2021 - 19:57 [ privacy-handbuch.de ]

DNS-Server

Folgende zensur-freien und vertrauenswürdigen DNS-Server mit No-Logging Policy, DNSSEC Validierung und Anti-Spoofing Schutz (Testseite) kann man als Alternative zu den Default DNS-Servern der Provider für diejenigen empfehlen, die wechseln möchten:

19.07.2021 - 18:07 [ CNBC ]

U.S., NATO and EU to blame China for cyberattack on Microsoft Exchange servers

A new joint effort by NATO members, the European Union, Australia, New Zealand and Japan will call out and confront the threat posed by Chinese state-sponsored cyberattacks.
The nations will share intelligence on cyberthreats and collaborate on network defenses and security, said a senior Biden administration official.
The group will publicly blame China’s Ministry of State Security for a massive cyberattack on Microsoft Exchange email servers earlier this year.

19.07.2021 - 18:02 [ sifi.com ]

‚Israeli spyware firm linked to fake Black Lives Matter, Amnesty websites‘

Using Internet scanning, a team of researchers from the University of Toronto’s Citizen Lab and tech giant Microsoft identified more than 750 websites linked to Candiru’s spyware infrastructure.

„We found many domains masquerading as advocacy organisations such as Amnesty International, the Black Lives Matter movement, as well as media companies and other civil-society themed entities,“ researcher Bill Marczak said in a statement.

19.07.2021 - 17:58 [ Microsoft ]

Fighting cyberweapons built by private businesses

(15.07.2021)

We believe Sourgum is an Israel-based private sector offensive actor or PSOA. Citizen Lab has identified the group as a company called Candiru. Sourgum generally sells cyberweapons that enable its customers, often government agencies around the world, to hack into their targets’ computers, phones, network infrastructure and internet-connected devices. These agencies then choose who to target and run the actual operations themselves.

19.07.2021 - 17:54 [ Reuters ]

Microsoft says Israeli group sold tools to hack Windows

(15.07.2021)

The hacking tool vendor, named Candiru, created and sold a software exploit that can penetrate Windows, one of many intelligence products sold by a secretive industry that finds flaws in common software platforms for their clients, said a report by Citizen Lab.

Technical analysis by security researchers details how Candiru’s hacking tool spread around the globe to numerous unnamed customers, where it was then used to target various civil society organizations, including a Saudi dissident group and a left-leaning Indonesian news outlet, the reports by Citizen Lab and Microsoft show.

11.06.2021 - 10:41 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

11.06.2021 - 10:15 [ Ultrasurf.us ]

ULTRASURF

Why Use Ultrasurf?
– Circumvent internet censorship
– Encrypt online communications
– Hide your IP from websites visited
– Fast page loads
– Easy to use

09.06.2021 - 17:01 [ Duo.com ]

Microsoft Fixes Publicly Known Flaws in Security Update

Overall, Microsoft’s May Patch Tuesday advisory addressed four critical flaws – all of which can allow for remote code execution – as well as 50 important-severity vulnerabilities and one moderate-severity bug.

09.06.2021 - 16:52 [ Heise.de ]

Patchday: Angreifer nutzen sechs Sicherheitslücken in Windows aus

Derzeit haben es Angreifer auf sechs Sicherheitslücken in verschiedenen Windows- und Windows-Server-Versionen abgesehen. In einigen Fällen könnte Schadcode auf Systemen landen. Klappt das, erlangen Angreifer in der Regel die volle Kontrolle über Computer. Microsoft zufolge ist eine weitere Schwachstelle öffentlich bekannt. Attacken könnten bevorstehen.

06.06.2021 - 12:22 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

06.06.2021 - 12:00 [ Ultrasurf.us ]

ULTRASURF

Why Use Ultrasurf?
– Circumvent internet censorship
– Encrypt online communications
– Hide your IP from websites visited
– Fast page loads
– Easy to use

17.04.2021 - 18:20 [ Radio Utopie ]

Wie Ihr Eure Emails verschlüsselt – ein für allemal!

Auf pep.security findet Ihr alles Weitere. Die einzelnen Download Links zu den Programmversionen für Outlook, Thunderbird, iOS und Android erspare ich mir hier, die findet Ihr dort.

Wenn Ihr wissen wollt, wer da nun wieder dahintersteckt: hier die Ratsmitglieder der pep Foundation. Der harte Kern. Mehr muss ich dazu nicht sagen.

24.03.2021 - 17:40 [ pep.security ]

Privacy by Default: p=p security

Support for all established encryption methods. And all your devices. Fully automatic. For your peace of mind. And your convenience.

24.03.2021 - 16:44 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

24.03.2021 - 16:41 [ ZDNet.de ]

Simple DNSCrypt: DNS-Abfragen unter Windows verschlüsseln

(05.02.2021)

Bereits 2017 hat der Informatiker Dominik Herrmann in seiner Dissertation „Das Internet-Adressbuch bedroht unsere Privatsphäre“ (PDF) nachgewiesen, wie anhand von unverschlüsselten DNS-Abfragen, die Identität eines Internetnutzers ermittelt werden kann. Herrmann sieht eine Zentralisierung der Namensauflösung für die internationale Konzerne wie Google, OpenDNS und Symantec verantwortlich seien. „Im Jahr 2016 beantworteten allein die DNS-Server von Google schon mehr als 13 Prozent aller DNS-Anfragen pro Tag.“

24.03.2021 - 16:01 [ tenable.force.com ]

How to check for TLS version 1.3 in Linux, Windows, and Chrome

(Dec 8, 2020)

Due to the retirement of OpenSSL v1.0.2 from support. This will result in the addition of support for TLS v1.3 and its cipher suites, as well as 37 new cipher suites for TLS v1.2. There are several performance and security enhancements in TLS v1.3 when upgraded products are at both ends of the connection.

24.03.2021 - 15:35 [ theWindowsClub.com ]

How to enable or disable TLS 1.3 in Windows 10

– Type inetcpl.cpl in the Run prompt (Win + R) and press the Enter key
– It will open the Internet Properties window. Switch to the Advanced section
– Under the security section, check the box against TLS 1.3
– Restart the browser

23.03.2021 - 07:17 [ Netzpolitik.org ]

BKA nutzt Emotet-Takedown als Türöffner für mehr Befugnisse und neue Gesetze

Das Bundeskriminalamt hat ein Schadsoftware-Update auf zehntausenden Windows-PCs weltweit installiert, um sie zu bereinigen. Experten kritisieren die konstruierte Rechtsgrundlage dieser brisanten Aktion. Der BKA-Präsident fordert, das Gesetz an die Praxis anzupassen.

07.03.2021 - 19:47 [ ORF.at ]

Medienberichte: Zehntausende E-Mail-Server gehackt

Betroffen sind laut Microsoft die Exchange-Server-Versionen 2013, 2016 und 2019. Exchange wird von vielen Unternehmen, Behörden und Bildungseinrichtungen als E-Mail-Plattform genutzt.

Bei einer erfolgreichen Attacke über die Schwachstellen ist es möglich, Daten aus dem E-Mail-System abzugreifen. Microsoft wurde auf die Sicherheitslücken von IT-Sicherheitsforschern aufmerksam gemacht.

03.03.2021 - 14:43 [ pep.security ]

Privacy by Default: p=p security

Support for all established encryption methods. And all your devices. Fully automatic. For your peace of mind. And your convenience.

03.03.2021 - 12:56 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

24.02.2021 - 11:12 [ Microsoft ]

Besitz von Dateien und Verzeichnissen übernehmen und Zugriffsberechtigungen verwalten

Besitz übernehmen

Klicken Sie die Datei oder den Ordner mit der rechten Maustaste an und wählen Sie den untersten Eintrag Eigenschaften.

Dann klicken Sie auf die Registerkarte Sicherheit und anschließend auf die Schaltfläche Erweitert.

….

24.02.2021 - 11:09 [ praxistipps.chip.de ]

Trusted Installer sperrt Dateien – was nun?

(2016)

Der Prozess TrustedInstaller.exe, auch bekannt als Windows Modules Installer gehört zum Microsoft Windows Betriebssystem. Die Datei befindet sich im Unterverzeichnis C:\Windows\Servicing. Der Trusted Installer ist unter anderem für die Installation von Windows Updates zuständig und läuft nicht dauerhaft.

24.02.2021 - 10:51 [ exedb.com ]

Tips with two easy steps to remove PKTMON.EXE file.

In this article I will give you tips with two easy steps to turn off pktmon.exe process, and then I will show you how to block pktmon.exe from running in your computer.

24.02.2021 - 10:47 [ bleepingcomputer.com ]

Windows 10 quietly got a built-in network sniffer, how to use

(16.05.2020)

Microsoft has quietly added a built-in network packet sniffer to the Windows 10 October 2018 Update, and it has gone unnoticed since its release.

A packet sniffer, or network sniffer, is a program that monitors the network activity flowing over a computer down to an individual packet level.

17.02.2021 - 18:35 [ thewindowsclub.com ]

How to enable or disable TLS 1.3 in Windows 10

– Type inetcpl.cpl in the Run prompt (Win + R) and press the Enter key
– It will open the Internet Properties window. Switch to the Advanced section
– Under the security section, check the box against TLS 1.3
– Restart the browser

31.01.2021 - 22:21 [ Mesh.im ]

Mesh – Get a secure, anonymous, peer-to-peer instant messenger

Technitium Mesh is a secure, anonymous, peer-to-peer (p2p), open source instant messenger designed to provide end-to-end encryption. Primary aim of developing this instant messenger is to provide privacy which is achieved using cryptography and anonymity using Tor network. It can be used over Internet and private LAN networks (without Internet) for instant messaging and file transfer with support for private chats and group chats.

30.01.2021 - 16:01 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

18.01.2021 - 16:00 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

08.01.2021 - 23:34 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

08.01.2021 - 23:32 [ inside-it.ch ]

Spoofing: Neue DNS-Angriffsmethode entdeckt

(13. November 2020)

Nachdem der Quellport de-randomisiert worden sei, sei es möglich gewesen, eine böswillige IP-Adresse einzuschleusen und so erfolgreich einen DNS-Cache-Poisoning-Angriff durchzuführen. Die Details haben die Forscher im Paper „DNS Cache Poisoning Attack Reloaded: Revolutions with Side Channels“ publiziert.

Weitere Experimente unter realistischen Serverkonfigurationen und Netzwerkbedingungen würden zudem zeigen, dass ihre grundlegende Methode leicht an das gesamte DNS-System angepasst werden könnte.

08.01.2021 - 23:04 [ .infosecurity-magazine.com ]

SAD Reality for DNS

The researchers determined that 35% of open resolvers are open to the attack, as well as four of six home routers made by well-known brands.

They also found that 12 of 14 popular public resolvers (now 11—Cloudflare says they’ve corrected their systems) are susceptible. Even a patched DNS server could be made vulnerable by an unpatched or misconfigured NAT gateway.

Their 19-page paper on the exploit includes lists of devices and services tested. They have since set up a SAD DNS website featuring a Q&A and a tool that anyone can use to determine whether their DNS is vulnerable.

The flaw is being tracked as CVE-2020-25705, and affects Linux 3.18 – 5.10, Windows Server 2019 version 1809 and newer, macOS 10.15 and newer, and FreeBSD 12.1.0 and newer. The researchers did not test earlier versions of the listed operating system.

16.05.2018 - 14:17 [ zdnet.com ]

SynAck ransomware circumvents antivirus software through Doppelgänging technique

(8.5.2018) Process Doppelgänging was first revealed by enSilo researchers at Black Hat Europe in December last year.

The attack technique targets the Microsoft Windows operating system and is designed to circumvent traditional security software and antivirus solutions by exploiting how they interact with memory processes.

16.05.2018 - 13:57 [ blackhat.com ]

Lost in Transaction: Process Doppelgänging

(4-7.12.2017)
• Advanced Code Injections Overview
• GhostWriting
• AtomBombing
• PowerLoader + PowerLoaderEx
• PROPagate
•…
• Reflective Loading
• Process Hollowing
• Injection method from over 10 years ago
• Has never received much attention

(…)

• Brief history of evasion techniques
• AV scanners
• Transacted NTFS (TxF)
• Evolution of Windows process loader

16.05.2018 - 13:18 [ enSilo.com ]

Microsoft’s Response to AtomBombing is Post-Infection Detection

(21.7.2017) The Microsoft update that addresses both “Process Hollowing” and “AtomBombing” will only be available for those that have purchased Windows Defender and will only be available in October or November 2017. Windows Defender ATP has only been addressing security issues for less than a year and Windows customers have to purchase Windows Defender ATP.

03.05.2018 - 11:21 [ extremetech.com ]

CPU Utilization Is Wrong on PCs, and Getting Worse Every Year

But the takeaway is this: CPU utilization, as reported by Windows, is often incorrect. All too often, what looks like CPU usage is actually a stalled CPU waiting to do something useful.

29.03.2018 - 10:46 [ Digital Trends ]

Microsoft’s Windows 7 Meltdown update granted access to all data in memory

“Windows 7 already did the hard work of mapping in the required memory into every running process,” Frisk states. “Exploitation was just a matter of read and write to already mapped in-process virtual memory. No fancy APIs or system calls required — just standard read and write!”