MrbMiner is a relatively new crypto-mining malware that targets Microsoft SQL Server (MSSQL) databases, and quite similar to MyKings, Lemon_Duck, or Kingminer miners, as regards how the malware gained a foothold on the database servers.

According to researchers at Sophos, the database server process (sqlservr.exe) launched a downloader executable which seemed to spontaneously appear on the server. While the downloader retrieved a cryptominer called MrbMiner, the miner seems to have been created, hosted, and controlled by a software development firm based in Iran.

The malware operations is typically like most of other cryptominer attacks targeting internet-facing servers, albeit, the MrbMiner attacker appears to have jettison all cautions when it comes to concealing their identity.

MrbMiner Crypto-Mining Malware Linked to a Software Company in Iran



Mrbminer operation begins with Microsoft SQL Server (sqlservr.exe) process launching a file called assm.exe, which is a downloader Trojan. The assm.exe file download the cryptominer payload from a web server, which then connects to its C2 (command-and-control) server for further communications.



The MrbMiner cryptojacking payload also included a kernel-level device driver (WinRing0x64.sys), and a miner executable named Windows Update Service.exe which helps to obfuscate its purpose.

Sophos researchers in order to unravel the origin of the malware, began by digging into the domain hardcoded into the miner’s configuration file, vihansoft.ir. And a lot of the records relating to the miner’s configuration, including its domains and IP addresses, all points to a single point of origin, a software company based in Iran.

The Vihansoft.ir domain, used as both a C2 and a payload server, was registered to the software development company based in Iran. With Payloads also downloaded directly from the same IP address used to host the vihansoft.ir domain.

How to stop MrbMiner Cryptojacking



Cryptojacking remains a growing threat that is very difficult to detect, and it presents an open door to other threats, such as ransomware.

Therefore, it is important to thwart cryptojacking in its tracks by looking out for signs such as reduction in your PC speed and performance, overheating, increased demands on the CPU and increased power use.

MrbMiner Malware cryptojacking operation targets SQL servers

Freelancing is a demanding field and can even take a toll on your social interactions. That is why you can find a lot of useful info regarding freelancing tools on Manicreaders.com and how to improve productivity in the mentioned areas. Being a contractor is also another challenging activity that will consume much of your time in a day.

However, everything has been simplified and easier for the freelancer and contractor, thanks to the already available tools. SaaS (Software as a service) has grown widely and spread globally, making tasks easier. Through the SaaS platforms, contractors and freelancers can compile various activities and manage their careers on purely online platforms. Cloud computing has even smoothened the path for both parties.

It is sporadic to encounter a freelance or even a contractor dealing with some junk of papers in the name of documenting projects or even inventories. Developers and programmers are already on a spree to enhance the available tools that can be more substantial to the typical user and freelancers and contractors.

8 Best Online Tools for Contractors and Freelancers





Through these tools or platforms, a freelancer or contractor can keep an eye on the most brilliant and latest ideas, access already prepared inventories, or even prepare the checklists themselves. Find below the best tools and platforms useful for any freelancer and contractor.

  • Hubspot
  • It is one of the most effective platforms where a freelancer can keep an eye on consistent or potential clients. A couple of emails and conversations you have undertaken with your clients as freelancers are coupled more challenging in this powerful platform. Through Hubspot, you can prepare reminders, make notes, and do any other important activity about your freelancer career.
  • QuickBooks
  • Freelancing and smaller businesses benefit a range of services from this powerful tool. With QuickBooks, you can undertake accounting services and also manage all the expenses regarding freelancing. It is also a go-for tool when it comes to taxation.
  • Basecamp
  • As a freelancer or contractor, you might have a broader range of projects to undertake and manage. However, with Basecamp, everything about projects seems to be sorted out. It will help to keep and maintain projects. You can use it to prepare to-do lists. Asana, a tool that enables you to keep track of the client or project deadlines, is more substantial. It is a powerful top-up to Basecamp.
  • LinkedIn Sales Navigator
  • If you want to find the best people in any company or online organization, LinkedIn Sales Navigator can be of great help. With this tool, a freelancer can establish a company's best contract under a non-permanent client's ownership.
  • Harvest
  • Harvest is also another productive and essential tool for the freelancer and contractor. With the tool, a freelancer or even a company can keep track of timings and employee report hours. It can also keep track of project timelines enabling clients and their employees to be at per on the project's status underway. MyHours and Toggle are some more tools that will help you establish hours spent to complete given tasks.
  • Canva
  • Canva is a tool that's vital for the design of exclusive presentations and will enable you to create social assets for your website or blog. It is pretty easy to use, and the outcome is a perfect presentation that everyone will love.
  • Google Drive
  • Google Drive is a common platform essential for sending documents, saving your thesis ideas, and other crucial workpieces. Most freelancers keep an eye on their projects and quickly make adjustments and corrections courtesy of Google Drive. Fortunately, the application is free and easy to use, hence making a contractor and freelancer much easier.
  • Calendly
  • Time management is even more comfortable, courtesy of Calendly. All you need as a freelancer is to ensure strict adherence to its guidelines. Calendly will help you spare time by setting up meetings with various clients across the globe.


Conclusion



Freelancing and contracting is more manageable with the influx of better tools to manage every service undertaken. Usually, most of the applications or tools are substantial to both clients and freelancers.

They revolve around time management, project notifications, online scheduling meetups, and much more. Evernote, Google Analytics, Hootsuite, and Buffer are also primarily for organization and simplification of freelance activities.

8 Best Online Tools for Contractors and Freelancers

Google Project Zero security researcher, Natalie Silvanovich has disclosed several vulnerabilities found in multiple video conferencing applications, including Facebook Messenger, Signal, Google Duo, JioChat, and Mocha messaging apps, but which many are now fixed.

The bugs made it possible to transmit audio to the attackers' devices without having to gain any code execution. Such as the Signal bug which was patched in September 2019, that made it possible to connect the audio call by simply sending the connect message from the caller's device to the callee instead of the other way around, without user interaction.

Now, the vulnerability occurred due to a logic bug in a calling state machine, that is, as the recipient never responded with an "answer" before adding tracks to the connection.

How the Bugs in Signal, Facebook Messenger, and Google chat apps let attackers spy on users?



While the majority of messaging apps rely on WebRTC for communication, the connections are often created by exchanging call set-up using Session Description Protocol (SDP) between peers in what's known as signaling, that typically works by sending SDP offer from the caller to which the callee responds with an SDP answer.



If perhaps, a user starts a WebRTC call with another user, a session description called an "offer" will be created containing all the data necessary to set up a connection, like the kind of media, format, the transfer protocol, and the endpoint's IP address and port being used, among others.

Normally, it is expected that a callee consent is ensured ahead of audio transmission and that no information is shared until the receiver interacts with the app to answer the call, before adding tracks to the connection, but Silvanovich observed a contrary result.

The flaws did not only allow calls to be connected without interaction from the callee, but also, it potentially permitted the caller to force a callee device to transmit audio/video data.

All Affected Messaging Apps have released a Fix



Facebook issued a patch for Messenger in November 2020, against the vulnerability that could have granted an attacker logged into the Messenger app to simultaneously initiate a call and send a maliciously crafted message to a target signed in to both the app as well as any other Messenger client like a web browser, and starts receiving audio from the callee device.

And Signal on its part issued a fix in September 2019 for the audio call flaw in Signal's Android app that made it possible for the caller to get the callee's surroundings sound due to the fact that it didn't check if the receiving device that connect message from the callee was actually the caller device.

Other messaging apps including JioChat and Mocha messaging apps have all issued patches for their respective apps. Albeit, such logic bugs in the signaling state machines remains an under-investigated attack surface of video conferencing applications.

Project Zero discloses Critical Bugs in Signal, Messenger and Google chat apps

The .NET nanoFramework is an open source project that allows developers to leverage on familiar Microsoft technologies to build managed code applications for constrained embedded devices.

While the project will enable developers to use the Visual Studio IDE and C# to write applications for embedded systems without the need to worry about the low-level intricacies of the microcontroller, and suitable for IoT sensors, wearables, robotics and industrial equipment.

It comprises of a reduced version of the .NET Common Language Runtime and subset of .NET base class libraries, also the common APIs included in the Universal Windows Platform, which enables reuse of code from desktop apps, IoT Core applications, .NET code samples, and other open source projects.

What features are included in the .NET nanoFramework?



The .NET nanoFramework seems to pick up where .NET Micro Framework for embedded application development stopped and perhaps, as it uses some of its building blocks, with the project components completely rewritten, and several others improved upon.



Some unique features expected in the .NET nanoFramework include:

  • Support for Native multithreading
  • Execution constrains for device lockups and crashes
  • Support for Interop code which allow developers to write libraries that have both managed (C#) and native code (C/C++)
  • Support for common embedded peripherals and interconnects like SPI, GPIO, UART, I2C, and USB
  • Ability to run on resource-constrained devices of 256kB of flash and 64kB of RAM
  • Fully supports ARM Cortex-M and ESP32 devices, bare metal.


Additionally, there is an inclusion of a mark-and-sweep garbage collector which means no manual memory management.

The project is supported by the .NET Foundation, and the core team members and contributors to .NET nanoFramework are also embedded systems enthusiasts. It will make the development of such platforms easier, faster and less costly by giving developers of embedded systems access to modern technologies and same tools used by desktop app developers.

If you are a developer and want to get onboard, there are several resources available to get you started: from the getting started guides to the code samples repository and you can also find projects on Hackster.io.

What is .NET nanoFramework? Using C# to write embedded applications

There is an ongoing malware campaign that leverages on critical flaws, now fixed, in Laminas Project (Zend Framework) and Liferay Portal, also an unpatched vulnerability in TerraMaster; which malware variant is known as "FreakOut".

According to researchers at Check Point, the malware exploits recently disclosed vulnerabilities in NAS (network-attached storage) devices running on Linux employing the machines as part of an IRC botnet for crypto-mining activity and launching of distributed denial-of-service (DDoS) attacks.

The goal of these attacks is to create IRC botnet (machines infected with the malware that will be controlled remotely), which then can be used for any malicious activities, such as launching DDoS attacks on targeted organizations’ networks.

How FreakOut Malware Exploits vulnerabilities in Linux system?



The FreakOut attacks are specifically aimed at Linux systems that run any of the below listed products, which all products suffers from the new vulnerabilities that are exploited by the malware for the ones that have not being patched, already.



Find the affected products and their various version so as to know which to patch now to block the new “FreakOut” malware that is exploiting the vulnerabilities.

  • Zend Framework: Which is a very popular collection of library packages for building web applications
  • Liferay Portal: An open-source enterprise portal that offer features for developing web portals and sites
  • TerraMaster Operating System (TOS): Another popular vendor of storage devices


Once a device is infected by the FreakOut malware, it can be used as a remote-controlled attack platform to target other vulnerable devices to expand the attackers network of infected machines.

The malware’s capabilities include information gathering, port scanning, creation and sending of data packets, network sniffing, and launching of DDoS and network-flooding attacks.

And the FreakOut attack exploits the following CVE’s: CVE-2020-28188 (TerraMaster TOS), CVE-2021-3007 (Zend Framework) and CVE-2020-7961 (Liferay Portal). While the patches are available for all the affected products, therefore users of these products are advised to check for the update and patch their devices to shut off the vulnerabilities.

FreakOut Attack: New Malware campaign Exploiting vulnerabilities in Linux systems

The hugely popular Google-built web development framework, Angular is set for a host of improvements with the expected release of Angular 12, ranging from improved error messages to better integration with deployment providers.

While current version Angular 11 was released on November 11, bringing improvement to typing of common pipes and bug fixes that ensure TestBed isn't instantiated after the override provider; Angular 12 follows on same improvements with the offering of stricter types and better router performance.

There are several other new changes in the framework, besides the router performance improvements, and stricter types, which is added for DatePipe and number pipes to catch misuses, such as passing an array at compile time.

What's Expected in Angular 12 Update?



Angular 12 has some major improvements in the works such as ng build compiler command and the yarn build bundler command running production builds by default. The aim is to improve integration with several providers, like Netlify, Heroku, and many others.



Also, another prospective feature is the improved error messages, with top 10 errors having much more detailed error messages and docs. Other expected features for Angular 12 include:

  • Updated version of Ivy language service to provide improved type checking
  • Tearing down of the test module and environment after every test, which would significantly improve test speed
  • Trimming of non-critical CSS for inlined styles in Universal. Though, an experimental feature, it would be an opt-in or opt-out enabled capability
  • Debut of the ng-linker for distribution of Angular Ivy libraries to NPM. It would allow deprecation of the compatibility compiler and improve build time
  • Use of CLI strict mode by default for new projects


Additionally, there will be support for inline Sass in components, and Angular Universal will render Angular applications in the server.

Angular 12 Roadmap and Release Date



The Angular roadmap published by the development team cited new point releases of Angular 11 still in development, with planned Angular 11.1 release to boost performance and offer improvements for the compiler CLI, and language service, including bug fixes. While Angular 12 is scheduled for release in May 2021.

All major Angular releases are supported for 18 months, with 6 months of active support, during which regularly-scheduled updates and patches are released. With 12 months of long-term support (LTS), during which only critical fixes and security patches are released.

Angular 12 Update: Expected Features and the final release date

DNS over HTTPS (DoH) protocol works by altering normal DNS, which queries in plaintext are made from a given app to the DNS server, using settings on the operating system received from the network provider.

Now, the United State's National Security Agency (NSA) has recommended DNS over HTTPS (DoH) that is configured appropriately in enterprise environments, could help to prevent initial access, and exfiltration techniques used by threat actors.

It encrypts DNS requests using HTTPS to provide both privacy and integrity, with 'last mile' source authentication for client's DNS resolver.

Why DNS-over-HTTPS protocol is recommended for Enterprise environments?



If someone visits a website that uses HTTPS, the DNS query and response is sent over an unencrypted connection, which could allow any third-party to eavesdrop on the network to track the websites a user visits. Also, man-in-the-middle (MiTM) attacks can simply be carried out by changing the DNS responses to redirect unsuspecting visitors to malicious sites.



While using HTTPS to encrypt the data from the DoH client and the DoH-based DNS resolver, it increases user privacy and security by preventing both eavesdropping and MiTM attacks by the manipulation of DNS data.

The NSA recommends that the gateway used to forward query to external authoritative DNS servers in any event that the enterprise DNS resolver doesn't have the DNS response cached, should be able to block DoH, DNS, and DNS over TLS (DoT) requests to external DNS servers and resolvers that are not from the enterprise.

Experts caution on the DNS-over-HTTPS protocol



There is the DoH fear that if it is widely deployed, bypassing enterprise filters by employees to access blocked content, as traffic to certain malware domains are blocked within the enterprises, will become easy.

Thus, IT administrators will need to keep an eye on the DNS settings across the various operating systems to prevent DNS hijack attacks, with hundreds of apps running their own unique DoH settings, this will be a herculean task for the administrators.

DNS over HTTPS (DoH) recommended by the NSA for Enterprise environments

DarkMarket is the largest illegal marketplace on the dark web, which has now been taken down in an operation involving Europol with coordinated cross-border collaborative effort of other countries.

According to Europol, DarkMarket had about 500,000 users and over 2,400 vendors, with more than 320,000 transactions leading to the transfer of 4,650 bitcoin and 12,800 monero (€140 million). The notorious dark web marketplace mainly have vendors who trade in all kinds of drugs, stolen or counterfeit credit/debit card details, anonymous SIM cards and counterfeit money.

Europol's initiatives is to create a coordinated approach to tackle crime on the dark web, which involves law enforcement agencies from across and outside the EU and other relevant partners, such as Eurojust.

Europol-led operations against DarkMarket



The operator of DarkMarket was arrested near the German-Danish border, while investigation by the cybercrime unit of the Koblenz Public Prosecutor's Office led to the location and closure of the marketplace.



Europol's involvement included facilitating international information exchange, specialist operational support and providing of advanced analytics that assisted the German authorities to identify and track down the alleged operator of DarkMarket.

The takedown of DarkMarket also means that law enforcement will seize the criminal infrastructure, including over 20 servers in Moldova and Ukraine, used to conduct the operations.

Europol's Dark Web Commitments



In May 2019, Wall Street Market and Silkkitie also known as the Valhalla Marketplace was shut down through a Europol-led police operation. With about 1.15 million users and 5,400 vendors of drugs, malware, and other criminal goods, the Wall Street Market was a huge dark web marketplace.

But despite the clampdown, cybercriminals still find their ways to alternative services for selling their wares, including services like Elude and Sonar, private channels on Discord that facilitate such illegal transactions.

DarkMarket Takedown: Secret Wars Against Illegal Dark Web Marketplaces

How to crack WinRAR password protected file has been one of the questions raised by several people who have heard about the advantages that can be obtained from such a software.

In case you are not aware, WinRAR is a data compression software developed by Eugene Roshal in 1995 for compressing large files, or encrypting it for privacy concerns. The WinRAR file is available in all over the Internet and they are easily accessible. You need not have to be an expert in order to be able to make use of these files. Simply you need to download the WinRAR utility program from its official site and start using it.

But what if you have downloaded a WinRAR file that is password protected? Or if you have encrypted a WinRAR file and you accidently lost or forgotten your password, then what would be the solution?

In this article, I’ll be sharing a great tool known as “RAR password recovery” that will help you in recovering your password protected RAR files.

How to Crack WinRAR Password Protected Files



There are several ways of recovering WinRAR file password such as using a recovery tool or without using any software. Today, we’ll discuss breaking WinRAR password using a software since not everyone is expert and everyone wants to save time. Therefore, using a software will be a better choice.



And there are many benefits of recovering WinRAR file using software such as it will ensure that all of your data is completely safe because it will prevent the possibility of a "dirty rip". When you rip a file, you are actually exposing sensitive data to being hacked into. This is the very reason why security is mandatory for this program.

If you choose to download free RAR password recovery tool, you will have to look for a legitimate one. There are many sites that offer recovery tools but you have to be aware that some of them are fake and they can cause damage to your computer.



Another advantage of using RAR password recovery is that you’ll not have to reveal anything to anyone because everything you download will be saved onto your computer. This means that your personal details and private files will always remain safe from prying eyes. To some, this is one of the major disadvantages to download free software since majority of them have malicious codes that hacks into your system and destroy your data so beware of not downloading any of the free programs that claim to recover RAR archive password.

It's because there is a high chance that these are just thinly disguised viruses that will do more harm than good for your system. However, RAR password recovery has managed to remove this flaw since it is completely safe to use. You can use it without worrying about anything. They do have a paid option too with more benefits but free version is enough to satisfy your need.

Conclusion



This software is quite user friendly and takes small size of installing setup file. This process of breaking WinRAR password is so easy that you don't have to pay money to a professional as it will do the work for you.

So give it a try to RAR password recovery tool and let us know your feedback about it.

How to Break WinRAR Password Protected Files?

WebP images make your website more SEO friendly and more visually appealing. And also, they have a shorter loading time than most graphics formats such as JPG, PNG, SVG or BMP formats and are relatively inexpensive when compared to Flash and other animated content.

WebP or web graphics, as they're commonly known, can be implemented in WordPress with the use of a WebP plugin. There are a number of popular websites that feature WordPress themes and plug-ins with WebP support, and you may want to browse these websites to get an idea of how easy it is to integrate WebP images in your WordPress blog.

WordPress offers lots of benefits to users, but one of the most important and often overlooked features is the ability to add image galleries to their web site. Since blogs are built around certain topics or themes, using images to enhance your blog is a great way to give your readers a visual depiction of what your blog is about without actually having to include them in your post.

You can add WebP support to your WordPress blog by adding a new WordPress gallery plug-in. The plugin will manage all of your web images, saving you time and allowing you to focus on other more important things such as creating great content for your blog.

Best Way to use WebP on WordPress





There are a few different ways to add this kind of support to your WordPress site. You can do a manual search for images using a search engine such as Google, Yahoo or MSN and copy the URL of the images you want to include (you can find an example of this in the plug-in examples folder in your WordPress software).

Another way to add this support is by installing the plugin called WebP PHP Uploader. This plugin automatically takes care of preloading WebP images that you can use in your posts.

WebP Express is another useful way to create images. This plugin provides support for a wide range of image formats including, but not limited to, JPEG, GIF and PNG. You can even store these images on your WordPress database, which is useful for restoring later. You can also preview the images before adding them to your website or blog.

Another great option to use WebP images on your website is to convert your existing images to WebP format using the WebP converter online that allows you to convert any format to WebP and vice versa in a matter of few clicks. Simply upload your images and get your images converted into WebP easily.

Conclusion



WebP images are an excellent way to display images without worrying about size restrictions. The WordPress repository has many plugins that helps you in resizing these images easily and quickly. Using images on your webpage can open up new levels of interaction with your visitors. These images have been used widely across the web for several years to enhance both web sites and graphic presentations.

Since it is the most optimized and the fastest image format for websites, you should definitely use WebP images and see a significant change in your load times.

Best Way to use WebP Image format on WordPress

Sophos threat researchers has uncovered new spyware operation that is targeted at users in Pakistan by leveraging on trojanized versions of legitimate apps to carry out espionage on Android users.

The malicious app variants obfuscate their operations by stealthily downloading a payload in form of an Android Dalvik executable (DEX) file, with the DEX payload containing the malicious features, which include ability to covertly exfiltrate sensitive data such as user's contacts and the full SMS messages contents.

Among the trojanized apps masquerading as legitimate apps are the Pakistan Citizen Portal, and a Muslim prayer-clock app known as Pakistan Salat Time, Registered SIMs Checker, Mobile Packages Pakistan, and TPL Insurance.

How the Trojanized apps Spy on Android users



On installation, the app would request some intrusive permissions, like the ability to location, access contacts, file system, microphone, and read SMS contents, which then allow it to gather personal data from a victim's device.



These apps all have one purpose, that is, to carry out espionage and exfiltrate data from a target device. Furthermore, the DEX payload in addition to sending the unique IMEI identifier, relays detailed profile information about the device, location, contact lists, call logs and the contents of text messages, with the listing of internal or SD card storage on the device.

The malicious apps after gathering this information then sends it to one of a number of command-and-control (C2) servers hosted in eastern Europe.

How to Safeguard against spying and covert espionage on Android phone



While Android apps are cryptographically signed to certify that the code originates with a legitimate source, thus tying the app to its developer, but exposing to end user when signed app's certificate isn't legitimate or not valid is still wanting on Android.

Therefore, Android users need to stick to trusted sources to download apps, verify if an app is actually built by a genuine developer, and scrutinize every app permissions carefully before installation.

Trojanized Apps employed by Hackers to Spy on Android users

WhatsApp is the most popular messaging app, but recently, the instant messenger is losing huge number of users as a result of privacy issues in its updated privacy policies.

The Facebook-owned messaging app is at the center of worldwide angst by users to clarify how it handles personal data within Facebook’s other family of apps and products. Whatever may be your concerns that warrants your leaving WhatsApp, below are list of 5 best WhatsApp alternatives for Free Instant Messaging in 2021.

5 WhatsApp Alternatives You Should Use in 2021



In this list, we've outlined instant messaging apps with focus on privacy, and also, those that features almost all the capabilities of WhatsApp. So, you can check out the list of WhatsApp alternative apps below and use any of the app that suits you.

1. Signal Private Messenger





Signal Messenger brings a number of security benefits compared to WhatsApp and it also offers self-destructing of messages, screen security to prevents anyone from taking screenshots of your messages, and many more.

It encrypt its backups, calls, group calls, and other persoanl data within the app, including the files sent via Signal are all protected. Furthermore, Signal doesn’t link your data to your identity according to its Apple’s App Store listing.

And Signal is very popular with journalists, as it is best suited for people who're looking for a secure messaging app and if you're such looking for simple and yet funtional messenger that doesn't compromise your privacy, Signal is the best WhatsApp alternative for you.

2. Telegram Messenger





Telegram Messenger is an open-source messaging app and one of the best WhatsApp alternative out there. It brings such features as super groups made up of about 100,000 people, public channels, usernames, and the ability to share files of up to 1.5 GB, with pass code lock and self-destructing messages, coupled with end-to-end encryption in secret chat among other features.

There are also Telegram Bots, which further enhances the experience, as the bots not only bring important information to you on the go but there are several game bots that allow you to play games within the messaging app.

Unlike WhatsApp, Telegram is multi-platform compliant and can be user in several platforms at once, so you can begin texting on your smartphone and continue on your PC in the Office.

3. Snapchat





Snapchat isn't just a messaging app, but also a full-fledged social media app, you can use it as a messaging application thanks to some unique features that it boasts of, for instance, you can send messages which self-destruct after a set period of time. Also, it notifies you when someone takes a screenshot of your chats with them.

It features are mostly copied by Facebook, such as the ability to create group chats, group voice calls, gifs, and many more. Snapchat is one of the most innovative messaging services you'll ever come across.

Furthermore, it offers the best face-mask collection of all the messaging apps that you may have ever used which makes the app super fun to use.

4. Viber





Viber is a hugely popular messaging and VoIP app that can stand toe-to-toe with WhatsApp, as the app offers end-to-end encryption in its calls, messages and shared media.

The messaging app brings multi-device support, which WhatsApp obviously lacks and messages saved in multiple devices are fully encrypted.

Viber also lets you make video and voice calls just like WhatsApp, but the app goes even a step ahead with its Viber Out feature, which allows you to make international calls to non-Viber users at very nominal rates.

5. Skype





This list can't be complete without mentioning Microsoft-powered Skype, which is perhaps is the best business chat applications of them all.

Skype is far ahead of the other business chat applications, and when it comes to personal chats also, it has earned its keep among normal users. It is the most ideal chatting application if you make a lot of video and voice calls.

Even as most other apps don’t actually support group video calls, several that try to often lag when more than three to four people are added. If you're someone who makes a ton of video calls with business associates and friends and family, then you can certainly find solace in Skype over WhatsApp or any other chat application.

5 Best WhatsApp Alternatives for Free Instant Messaging in 2021

Security Keys offers a phishing-resistant two-factor authentication (2FA) system that help to protect high-value enterprise users from the most sophisticated attacks.

But according to NinjaLab researchers, if an adversary is in possession of such two-factor authentication (2FA) device, it can be cloned by exploiting an electromagnetic side-channel within the chip. The vulnerability is tracked as CVE-2021-3011 and allows attackers to extract the encryption key or the ECDSA private key linked to victims' account from a FIDO Universal 2nd Factor (U2F) device like Google Titan Key, which completely defeats the 2FA protection.

The report published by the research team demonstrated how an adversary can sign in to a victim's account without using the U2F device, and the victim not noticing it.

How Attackers Could Clone Your 2FA Security Keys?



The researchers demonstrated how an attacker can clone the U2F key, by tearing down the device to remove the plastic casing and thus, exposing the two microcontrollers, which is a secure enclave (NXP A700X chip) used to perform the cryptographic operations and includes a general-purpose chip serving as a router between the USB/NFC interfaces and the microcontroller.



After this step, the researchers claim it is pretty possible to glean the ECDSA encryption key through a side-channel attack by observing the NXP chip during ECDSA signatures, which comprises the core cryptographic operation of the FIDO U2F protocol performed when a U2F key is registered for the first time.

Albeit, the security of hardware security key isn't reduced by the above attack scenario due to the limitations involved, but a potential exploitation in the wild isn't inconceivable.

List of 2FA Security Keys impacted by the flaw



The products affected includes all versions of Google Titan Security Keys, Feitian FIDO NFC USB-A / K9, Yubico Yubikey Neo, Feitian MultiPass FIDO / K13, Feitian FIDO NFC USB-C / K40 and Feitian ePass FIDO USB-C / K21.

Aside the above mentioned security keys, the attack scenario can also be carried out against NXP JavaCard chips, such as NXP J3D081_M59_DF, NXP J3D081_M59, NXP J3E145_M64, NXP J3A081, NXP J2E081_M64, NXP J3D145_M59, and NXP J3E081_M64_DF, and other such variants.

It is recommended that users who are security concious should probably switch to other FIDO U2F hardware security keys, for the meantime, until a solution or patch has been made available by the vendors.

2FA Security Keys could be Exploited via a Side-channel attack

ElectroRAT is a malware written in Golang, designed from the ground up to target multiple operating systems, including Linux, Windows, and macOS.

According to cybersecurity researchers at Intezer, the malware dubbed ElectroRAT is part of a wide-ranging scam targeting cryptocurrency users which started as early as January 2020 with trojanized applications distributed to install previously undetected RAT on target systems.

The malware campaign is believed to have claimed about 6,500 victims based on number of unique visitors to the Pastebin page used to locate the C&C (command and control) servers.

How ElectroRAT Malware targets Crytocurrency users?



The campaign dubbed "Operation ElectroRAT" involved attackers who created three different rogue applications, with each having a Linux, Windows, and Mac version; two of the apps pose as cryptocurrency trading and management applications and goes by the name of "Jamm" and "eTrade," while the third app is called "DaoPoker" which poses as a cryptocurrency poker platform.



And on installation, the app opens a harmless-looking UI, but in reality, the ElectroRAT is what runs hidden in the background as "mdworker," with intrusive capabilities that aim to capture keystrokes, screenshots, and upload files from disk, downloading of arbitrary files, and execution of malicious commands received from the C&C server on victim's machine.

The ElectroRAT attacker named "Execmac" who posted on Pastebin Pages as early as January 8, 2020 was discovered to have used same C2 servers commonly employed by Windows malware like Amadey and KPOT, suggesting the attackers may have pivoted from well-known trojans to new RAT capable of targeting multiple operating systems.

How to mitigate against the ElectroRAT Malware



It is rare to find such a wide-ranging and targeted campaign with various components such as fake apps and promotional efforts via popular forums and social media as ElectroRAT Malware.

Nonetheless, web users are urged to kill the malware spread process, by deleting all files related to the malware, and moving funds to new wallet with changed passwords.

ElectroRAT Malware used by Hackers to target Crypto Users

Septor Linux is a Debian GNU/Linux-based operating system that offers private computing environment for anonymous surfing of the Internet.

While the Septor Linux team has released a new edition dubbed Septor Linux 2021 with upgraded core applications and upstream version, including the update to latest Linux kernel and KDE Plasma desktop environment to new versions 5.9.15 and 5.20.4 respectively.

Septor Linux 2021 also brings other updated software for secure experience such as HexChat, qTox instant messaging, Tor Browser 10.0.7, Thunderbird, QuiteRSS, and OnionShare file sharing utility.

What's New in Septor Linux 2021 Release?



Besides the upgraded core applications, Septor Linux 2021 also include a bundle of new KDE Application 20.12 along with other updated software within productivity, graphics, and multimedia varieties of applications.



Other new changes in Septor Linux 2021 includes:

  • Graphics and Multimedia Apps: GIMP, Gwenview. VLC, K3b, Guvcview, and VokoscreenNG
  • Productivity Apps: LibreOffice, Kontact, KOrganizer, Okular, Kwrite, and Kate
  • Dolphin and KFind file management and search applications
  • Synaptic and DEBiTool for management and installation of software
  • Sweeper, KGpg, Cleopatra, Mat2, KWallet, zuluCrypt, ISO Image Writer, Gufw, Ark, and Cup-backup


Additionally, Septor Linux 2021 instead of the earlier stable Debian 10 “Buster” is based on a testing branch of the upcoming Debian 11 “Bullseye”.

How to Download or Upgrade to Septor Linux 2021



The ISO image of Septor Linux 2021 is now available for download, and you can follow the instructions on how to prepare the media for installation and plug it into your system to install it here.

Septor Linux 2021 Release: A Debian GNU/Linux-based OS for anonymous surfing