Search the Community

Showing results for tags 'security'.

  • Search By Tags

    Type tags separated by commas.

  • Search By Author

Content Type


Forums

  • Favorites
  • General Discussion
    • Introduce Yourself
    • General Discussion
    • Jokes & Funny Stuff
    • Members' Metropolis
    • Real World News
  • Technical Help & Support
    • Hardware Hangout
    • Smart Home, Network & Security
    • Tips, Tweaks & Customization
    • Software Discussion & Support
    • Programming (C#, C++, JAVA, VB, .NET etc.)
    • Web Design & Development
  • Platforms (Operating Systems)
    • Microsoft (Windows)
    • Apple (macOS)
    • Linux
    • Android Support
  • Submitted News, Guides & Reviews
    • Essential Guides
    • Back Page News
    • Member Reviews
  • Recreational Activities
    • Gamers' Hangout
    • The Neobahn
    • The Media Room
    • The Sporting Arena
  • Neowin Services & Support
    • Site Announcements
    • Site & Forum Issues

Find results in...

Find results that contain...


Date Created

  • Start

    End

Last Updated

  • Start

    End

Filter by number of...

Found 1,460 results

  1. Martin Hodás
    Did you forget the fortune you earned mining Bitcoin online? Maybe because you didn't by Martin Hodás A lot of tech-oriented people considered getting into the crypto world at some point, either investing in established or promising tokens or simply mining their own coins. Especially when you could simply use the excessive processing power of your computer for mining. And even if you ultimately didn’t jump on the crypto train, just considering that possibility might get you into trouble later down the road. That’s because crypto scammers are trying to trick people into thinking that they actually registered on an online Bitcoin mining platform back then. They are sending phishing e-mails claiming that the user registered for an online Bitcoin mining platform 364 days ago and hasn’t used the service ever since. The scammers then say that due to this inactivity, the account will be closed in 24 hours, a year after an alleged registration. What is the lure? A fake five-digit balance on the fictional account, allegedly gathered by an automatic cloud Bitcoin mining system using your own linked computer. This type of online fraud is not completely new. Like many other scams, it has been running for months. Neowin got to see several such phishing e-mails: the subjects and e-mail bodies differ a little over time, but they have one in common – the text wants you to download and open an attached PDF file. Now, for an experienced internet user, that is a clear red flag. However, not so much for everyone else. Needless to say by opening a suspicious file from an unknown sender you are literally asking for trouble. Neowin has run tests on a few of these malicious files through online analyzing tools, and the results have varied a lot. Some of the files looked like they were hiding their real contents to avoid detection by antivirus software, some seemed to have the ability to communicate with remote command servers and to drop files into your computer. A possibility of a ransomware attack, encrypting your precious data and asking you to pay for it, was also detected. But mostly the files greeted you with a colorful message, slightly more detailed information, and a URL where you are supposed to withdraw your fictional money. It’s the exact type of scheme that security firm Kaspersky had investigated some months ago. The modus operandi? Online scammers want you first to log in to your (yes – non-existent) account where you will see a history of fake transactions. When you try to withdraw the funds, you will be connected with an agent via online chat. Now things get tricky because the agent asks you to fill a form containing personal data, including the number of your payment card. Then comes the payout – but not for you, though. You are instructed to pay a relatively small conversion fee to turn your fictional crypto into real dollars. Essentially, you are promised big money for a small upfront payment, a popular practice among scammers. If you pay the fee, you will hear no more from the fraudsters. And the fee might not be the only money you lose. Do not think that the scammers won’t try to use the card number you gave them just a moment ago. And on top of it all, the aforementioned PDF file could still potentially contain a malicious code for a later execution, for example, to run a ransomware attack in an attempt to strip you of more money. A suspicious PDF file usually contains more information and an external URL for a fake mining service. But there is also a high risk of getting you computer infected by a ransomware. You might think that nobody buys such an obvious, amateurish-looking phishing attempt. But don’t forget that scammers are not expecting high turnover rates. They only need a fraction of recipients to believe that the communication is legitimate. And the stuffed account doesn’t sound as ridiculous when you consider that a single Bitcoin now costs over $40,000. An inexperienced user can conclude that the scenario is real. So, what to look for when you receive a suspicious e-mail? First of all, take a closer look at the sender’s address. It is usually gibberish or something that doesn’t sound like a legitimate service at all. The communication is often not very well stylized and with a lot of mistakes. In this particular case, there was not even a mention of the platform’s name. Also, look for inconsistencies. For example the deadline for withdrawal. At one place the hackers urge you to do it within 24 hours, then it is 48 hours, then less than 24 again... A legitimate business will be unlikely to instruct you over a shady PDF file. You will either get the necessary information right in the e-mail body or through the official website of the service. And the most important advice – never give your sensitive information and card number to an unknown service, no matter how hard they try to convince you that you are their client.
  2. Copernic

    Simplewall (WFP Tool) 3.7.7

    Copernic posted a topic in Front Page News

    Simplewall (WFP Tool) 3.7.7 by Razvan Serea simplewall (WFP Tool) allows simple Windows Filtering Platform (WFP) configuration for your PCs network activity. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and higher operating systems. You can download either the installer or portable version. For correct working, need administrator rights. Features: Simple interface without annoying pop ups Rules editor (create your own rules) Internal blocklist (block Windows spy / telemetry) Dropped packets information with notification and logging to a file feature (win7+) Allowed packets information with logging to a file feature (win8+) Windows Subsystem for Linux (WSL) support (win10) Windows Store support (win8+) Windows services support Free and open source Localization support IPv6 support Simplewall (WFP Tool) 3.7.7 changelog: added error message when loading library on subscribe added comment item for apps/rules (issue #1664) added recheck app hash in properies dialog added highlighting of undelatable apps fixed displaying incorrect error messages fixed high disk usage (issue #1655) updated ports list Download: simplewall (Wfp Tool) 3.7.7 | 652 KB (Open Source) Download: Portable simplewall (Wfp Tool) 3.7.7 | 1.2 MB Links: simplewall Home Page | Project Page @GitHub Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  3. zikalify
    Meta begins rolling out E2E encryption on Messenger chats and calls by Paul Hill Meta’s Messenger is one of the world’s most common ways to send messages with contacts, now the company has said it will roll out end-to-end (E2E) encryption for all personal chats and calls on Messenger and Facebook. To be clear, encryption has been available on these platforms for a while but this latest news means the feature is switched on by default for personal messages and calls. Under the new scheme, messages that you send are protected from the moment they leave your device to the moment they reach your contact’s device, preventing any middlemen, including Meta, from seeing what you said. In the past when messaging clients had or added encryption, it sometimes meant a more restrictive experience in terms of features. With this launch, Meta said that users will retain familiar features like themes and custom reactions but will also get a bunch of new features too including edited and disappearing messages, read receipts control, improved photo and video sending, and improved voice messaging. With message editing, Meta is striking a balance. You will only be able to edit messages for 15 minutes after sending them and if you want to report someone’s original message before they edited it then Meta will be able to read the message edit history. With disappearing messages, they will now last 24 hours after being sent and the chat interface has been updated to inform users that the messages will disappear. As for read receipts control, you’ll be able to decide if you want to let others see that you’ve read their messages. This will reduce the pressure to respond to people right away if you don’t feel like it. When you get the update, you’ll also benefit from higher image quality and improved responding or reacting to any photo or video in a collection. Meta said it’s also testing HD media and file sharing improvements with some users and plans to scale this in the coming months. Finally, Meta said that voice messaging is the fastest growing messaging format today and with this update you’ll be able to listen at 1.5x and 2x speeds as well as begin listening where you left so you can pick up again if you have to leave the app. The roll out will take several months until everyone gets it but when you do, you’ll need to set up a recovery method, such as a pin, to restore your messages if you lose, change, or add a device.
  4. Copernic

    Simplewall (WFP Tool) 3.7.6

    Copernic posted a topic in Front Page News

    Simplewall (WFP Tool) 3.7.6 by Razvan Serea simplewall (WFP Tool) allows simple Windows Filtering Platform (WFP) configuration for your PCs network activity. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and higher operating systems. You can download either the installer or portable version. For correct working, need administrator rights. Features: Simple interface without annoying pop ups Rules editor (create your own rules) Internal blocklist (block Windows spy / telemetry) Dropped packets information with notification and logging to a file feature (win7+) Allowed packets information with logging to a file feature (win8+) Windows Subsystem for Linux (WSL) support (win10) Windows Store support (win8+) Windows services support Free and open source Localization support IPv6 support Simplewall (WFP Tool) 3.7.6 changelog: fixed configuration of windows update (issue #1648) fixed auto update fails to install (issue #1565) updated project sdk Download: simplewall (Wfp Tool) 3.7.6 | 649 KB (Open Source) Download: Portable simplewall (Wfp Tool) 3.7.6 | 1.1 MB Links: simplewall Home Page | Project Page @GitHub Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  5. Chasethebase
    Amazon announces Astro for Business, a robotic security guard for workplaces by Steve Bennett Amazon has announced that its Astro robot now has a new functionality in the form of a security robot, which is available to small and medium businesses in the U.S. starting today as Astro for Business. Amazon originally announced the Astro robot back in 2022 and it has been available through Amazon only by invitation, however today's announcement makes it purchasable for $2,349.99 which includes a free four-month trial of Ring Protect Pro and Astro Secure subscription packages. The device has two wheels to navigate, as well as a large screen for displaying information and a camera mounted on the top of the device which can rotate and record information that it is seeing. Its feature set can also be enhanced through the purchase of various subscriptions, such as the aforementioned Ring Protect Pro ($20/month) and Astro Secure ($60/month), as well as Virtual Security Guard ($99/month), which are detailed below: Ring Protect Pro: Subscribing to Ring Protect Pro lets customers save Astro for Business video history for up to 180 days and sync Astro for Business with Ring Alarm to link Ring Motion Detectors and window and door Ring Alarm Contact Sensors for alerts when a Ring Alarm is triggered. Astro Secure: A new subscription built specifically for business environments that enables Astro to patrol autonomously and lets customers create multiple security monitoring routes tailored to their business, with specific viewpoints and frequencies. Astro can also send customers smart alerts when it hears the sounds of smoke and carbon monoxide (CO) alarms or glass breaking, and with a synced Ring Alarm, Astro can also move autonomously to triggered sensors to investigate. Virtual Security Guard: For even more protection, adding a Virtual Security Guard subscription lets Rapid Response agents respond when Astro is in Home or Away mode. For example, if Astro detects an unrecognized person, hears the sound of glass breaking or a smoke or CO alarm, or receives an alert that a Ring Alarm sensor has been triggered, agents are alerted. The agents can then initiate Astro’s live view and remotely navigate the device to investigate further, and if needed, call emergency services. Amazon touts that Astro for Business brings many security enhancements to businesses, by "providing visibility on blind spots" and "giving business owners peace of mind" through constant monitoring and giving greater flexibility that stationary mounted cameras cannot provide. Furthermore, the device is capable of mapping up to 5,000 square feet, as well as using features seen in its Ring doorbell range such as live view and two-way talking. The device also supports visual ID which can send smart alerts for unrecognised people that it spots.
  6. Copernic

    Simplewall (WFP Tool) 3.7.5

    Copernic posted a topic in Front Page News

    Simplewall (WFP Tool) 3.7.5 by Razvan Serea simplewall (WFP Tool) allows simple Windows Filtering Platform (WFP) configuration for your PCs network activity. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and higher operating systems. You can download either the installer or portable version. For correct working, need administrator rights. Features: Simple interface without annoying pop ups Rules editor (create your own rules) Internal blocklist (block Windows spy / telemetry) Dropped packets information with notification and logging to a file feature (win7+) Allowed packets information with logging to a file feature (win8+) Windows Subsystem for Linux (WSL) support (win10) Windows Store support (win8+) Windows services support Free and open source Localization support IPv6 support Simplewall (WFP Tool) 3.7.5 changelog: fixed saving services and uwp apps (issue #1616) fixed file locked by simplewall (issue #1621) fixed removing unused apps fixed process creation updated project sdk Download: simplewall (Wfp Tool) 3.7.5 | 648 KB (Open Source) Download: Portable simplewall (Wfp Tool) 3.7.5 | 1.1 MB Links: simplewall Home Page | Project Page @GitHub Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  7. Omer Dursun
    Canada now bans Chinese WeChat and Russian Kaspersky from government devices by Omer Dursun The Canadian government has imposed bans on the use of the popular Chinese messaging app WeChat and Russian cybersecurity firm Kaspersky's antivirus software on mobile devices issued to government employees and agencies. According to an announcement by Canada's Treasury Board, the bans were enacted due to "unacceptable risks" the apps present to data privacy and network security. Specifically, the officers noted concerns over the extensive access the apps have to device contents and usage data. Both WeChat, owned by Chinese tech giant Tencent, and Kaspersky, regularly collect large amounts of user information. While no evidence was found of any data breaches, officials said the potential security risks were too high. In a statement, the President of the Treasury Board, Anita Anand, said; The decision to remove and block the WeChat and the Kaspersky applications was made to ensure that government of Canada networks and data remain secure and protected and are in line with the approach of our international partners. The bans take effect immediately, with the apps to be removed from all government mobile devices on Monday. Going forward, government employees will also be blocked from downloading or using the apps through work devices. Kaspersky (via Reuters) expressed disappointment with the move, saying no warning was given and it could not address the concerns raised. The company denies that its software poses any security risks and believes that geopolitics, not product evaluation, drove the decision. As there has been no evidence or due process to otherwise justify these actions, they are highly unsupported and a response to the geopolitical climate rather than a comprehensive evaluation of the integrity of Kaspersky's products and services. This action follows a similar ban imposed by Canada on the Chinese short video app TikTok earlier this year. Officials indicated the policy aims better to protect government data and networks in line with allies.
  8. Copernic

    simplewall (WFP Tool) 3.7.4

    Copernic posted a topic in Front Page News

    simplewall (WFP Tool) 3.7.4 by Razvan Serea simplewall (WFP Tool) allows simple Windows Filtering Platform (WFP) configuration for your PCs network activity. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and higher operating systems. You can download either the installer or portable version. For correct working, need administrator rights. Features: Simple interface without annoying pop ups Rules editor (create your own rules) Internal blocklist (block Windows spy / telemetry) Dropped packets information with notification and logging to a file feature (win7+) Allowed packets information with logging to a file feature (win8+) Windows Subsystem for Linux (WSL) support (win10) Windows Store support (win8+) Windows services support Free and open source Localization support IPv6 support Simplewall (WFP Tool) 3.7.4 changelog: added set option to disable apps removal from profile (issue #1155) fixed cannot save itself as unchecked (issue #1609) fixed could not save profile (issue #1594) fixed crash (issue #1582) updated project sdk Download: simplewall (Wfp Tool) 3.7.4 | 648 KB (Open Source) Download: Portable simplewall (Wfp Tool) 3.7.4 | 1.1 MB Links: simplewall Home Page | Project Page @GitHub Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  9. Omer Dursun
    Microsoft boosts Surface security with new 'Secured core' approach by Omer Dursun Microsoft has announced that all new Surface devices will now be engineered from the ground up as "Secured core PCs." This approach integrates layered hardware, firmware, and software defenses to protect Surface users from sophisticated cyber threats. As part of the Secured core initiative, Microsoft says it will useits own custom firmware and software for Surface devices rather than relying on third-party components. This gives the company more control over security updates and the ability to address any vulnerabilities quickly. The company emphasizes that unified control from chip to software enables faster delivery of critical security patches. As soon as you press the power button, custom firmware springs into action to ensure everything inside is safe and authenticated. This process ensures your computer starts up safely. It also checks essential parts like cameras, microphones and other connectors to make sure they're working securely. In addition to the custom firmware, Surface PCs also benefit from the built-in protections of Windows 11. The OS reduces attack surfaces and enables security tools like Windows Hello, malware protection and firewalls by default. The interplay between Surface hardware and Windows 11 offers enhanced protection to your biometric credentials while enabling a seamless Windows Hello Facial login experience. These enhanced protections use specialized hardware and software components to isolate and protect biometric credentials, offering protection against advanced threats to keep you secure and productive. Additionally, Microsoft is future-proofing Surface security with a shift to the memory-safe programming language Rust. The company's firmware and drivers are being rewritten in Rust, which has been shown to reduce vulnerabilities by up to 70%. This will make the underlying systems even more robust against threats. "We're developing thoughtful solutions for security in an ever more AI-enabled world," Microsoft wrote in a blog. "And we're creating pathways to share these innovations with the entire ecosystem of Windows PCs." With Secured core and integrating hardware and software defenses, Microsoft looks to set a new standard for PC security, protect Surface users from emerging risks, and pave the way for the next-generation Windows.
  10. Copernic

    WinLock 9.1.6

    Copernic posted a topic in Front Page News

    WinLock 9.1.6 by Razvan Serea WinLock ensures that only authorized people can access sensitive information on your computer. With WinLock you can control how long others can use your computer. It runs from the system tray and requires a password to gain access to the available settings. It loads automatically with Windows and allows you to add an optional startup message, provide audio notification, and set the time limit. Once that limit is reached, Windows is summarily shut down. You can toggle the timer on and off from the tray. When enabled, there is no way around it without the proper password. WinLock also allows to disable Windows hot keys (such as Alt-Ctrl-Del, Alt-Tab, Ctrl-Esc, etc.), lock Windows desktop, customize Start menu, hide Start button and Switch bar, and much more... Block Windows and Lock Files features allow to block virtually any application or any part of it (window, popup message, dialog box), Explorer Windows (My Computer, Recycle Bin etc.), and lock selected files. Restricted sites feature filters Internet content and prohibits access to questionable websites. WinLock is available in two editions: Standard and Professional. WinLock Professional offers all features of the WinLock, plus several advanced security capabilities of interest to the professional users. The advanced features of the Professional edition are: Support for multi-user environment Internet Explorer restrictions Google Chrome restrictions Search through website for prohibited keywords Guest password USB key authentication Webcam snapshots Flexible removable drive restrictions WinLock 9.1.6 changelog: Full support for Windows 11. System window frame option. Active days of week under timer settings. Disable right-click app menu. Disable sign-in options. Disable Edge sidebar. Disable browser extensions. Apply profile now supports domain users. Support for TLS connection. Disable Ctrl+D. Redirect now works with most known browsers. Support for the latest version of Remote Administrator. Minor fixes and improvements. Download: WinLock 9.1.6 | WinLock Pro 9.1.6 | ~10.0 MB (Shareware) Links: WinLock Home Page | WinLock Pro Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  11. Copernic

    HiJackThis+ 3.2.0.2 Alpha

    Copernic posted a topic in Front Page News

    HiJackThis+ 3.2.0.2 Alpha by Razvan Serea HiJackThis+ is a free utility for Microsoft Windows that scans your computer for settings changed by adware, spyware, malware and other unwanted programs. Shortly, consider it like Sysinternals Autoruns. HiJackThis+ by Alex Dragokas is a continuation of Trend Micro HiJackThis development, based on v.2.0.6 branch and 100% rewritten at the moment. HiJackThis+ was initially supported by Trend Micro, but they have since refused support and closed its GitHub repository. HiJackThis+ is distributed under the initial GPLv2 license. It also includes several tools and plugins available as freeware. New in version 3: Detects several new hijacking methods Fully supports new Windows versions New and updated supplementary tools Improved interface, security and backups HiJackThis+ includes handy tools for manual malware removal: StartupList 2 (*new*) Process Manager Uninstall Manager Hosts File Manager Alternative Data Spy Services Removing Tool Batch Digital Signature Checker (*new*) Registry Key Type Analyzer (*new*) Registry Key Unlocker (*new*) Files Unlocker (*new*) Check Browsers' LNK & ClearLNK (as downloadable components) (*new*) The difference from classical antiviruses is the ability to function without constant database updates, because HiJackThis+ primarily detects hijacking methods rather than comparing items against a pre-built database (signatures). This allows it to detect new or previously unknown malware - but it also makes no distinction between safe and unsafe items. Users are expected to research all scanned items manually, and only remove items from their PC when absolutely appropriate. Therefore, FALSE POSITIVES ARE LIKELY. If you are ever unsure, you should consult with a knowledgeable expert BEFORE deleting anything. HiJackThis+ is not a replacement of a classical antivirus. It doesn't provide a real-time protection, because it is a passive scanner only. Consider it as an addition. However, you can use it in form of boot-up automatical scanner in the following way: Run the scanning by clicking "Do a system scan only" Add all items in the ignore-list Set up boot-up scan in menu "File" - "Settings" - "Add HiJackThis to startup" Next time when user logged in, HiJackThis will silently scan your OS and display UI if only new records in your system has been found. HiJackThis+ 3.2.0.2 Alpha changelog: Fixed a bug with displaying the user group name. Fixed code looping on some interceptions. The "Hosts file manager" module has been rewritten with more reliable code; added "Reset" and "Update" buttons; The "Open" button now launches the default editor. The style of the main menu buttons has been replaced and unified to be identical in all OS versions. The buttons support themes, however so far only one theme has been drawn (dark). Removed the "Misc Tools" button. The "Online Guide" button has been renamed to "Tutorial & Support", and now opens a submenu with access to a choice of online/offline help and treatment forums. Renamed the "List of Backup" button to "Backups". Renamed the menu button "Help" - "Support" to "Report a bug". The "Do a system scan..." buttons are no longer disabled when scanning; pressing again will switch you to the results window. Fixed quality/cropped logo at DPI >= 150 (thanks to Eduardo and VanGoghGaming for help). References to Dr.Web were deleted because the company no longer uses HiJackThis for the treatment on forum. Minor corrections to the translation and the main project page. Improved debugging mode. HiJackThis+ works on Windows 11, 10, 8.1, 8, 7, Vista, XP, and 2000 (32/64-bit, desktop, and server). IMPORTANT: HiJackThis+ does not distinguish between good and bad items. Avoid altering your computer settings unless you're an expert. Download: HiJackThis+ 3.2.0.2 Alpha | 2.3 MB (Open Source) Links: HiJackThis+ Homepage | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  12. Copernic

    simplewall (Wfp Tool) 3.7.3

    Copernic posted a topic in Front Page News

    simplewall (Wfp Tool) 3.7.3 by Razvan Serea simplewall (WFP Tool) allows simple Windows Filtering Platform (WFP) configuration for your PCs network activity. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and higher operating systems. You can download either the installer or portable version. For correct working, need administrator rights. Features: Simple interface without annoying pop ups Rules editor (create your own rules) Internal blocklist (block Windows spy / telemetry) Dropped packets information with notification and logging to a file feature (win7+) Allowed packets information with logging to a file feature (win8+) Windows Subsystem for Linux (WSL) support (win10) Windows Store support (win8+) Windows services support Free and open source Localization support IPv6 support Simplewall (WFP Tool) 3.7.3 changelog: added error message for saving profile removed redistributable package requirement (issue #1587) fixed profile was not found message (issue #1557) fixed crash on reading version information revert back certificates checking option updated project sdk Download: simplewall (Wfp Tool) 3.7.3 | 648 KB (Open Source) Download: Portable simplewall (Wfp Tool) 3.7.3 | 1.1 MB Links: simplewall Home Page | Project Page @GitHub Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  13. Copernic

    HiJackThis+ 3.2.0.1 Alpha

    Copernic posted a topic in Front Page News

    HiJackThis+ 3.2.0.1 Alpha by Razvan Serea HiJackThis+ is a free utility for Microsoft Windows that scans your computer for settings changed by adware, spyware, malware and other unwanted programs. Shortly, consider it like Sysinternals Autoruns. HiJackThis+ by Alex Dragokas is a continuation of Trend Micro HiJackThis development, based on v.2.0.6 branch and 100% rewritten at the moment. HiJackThis+ was initially supported by Trend Micro, but they have since refused support and closed its GitHub repository. HiJackThis+ is distributed under the initial GPLv2 license. It also includes several tools and plugins available as freeware. New in version 3: Detects several new hijacking methods Fully supports new Windows versions New and updated supplementary tools Improved interface, security and backups HiJackThis+ includes handy tools for manual malware removal: StartupList 2 (*new*) Process Manager Uninstall Manager Hosts File Manager Alternative Data Spy Services Removing Tool Batch Digital Signature Checker (*new*) Registry Key Type Analyzer (*new*) Registry Key Unlocker (*new*) Files Unlocker (*new*) Check Browsers' LNK & ClearLNK (as downloadable components) (*new*) The difference from classical antiviruses is the ability to function without constant database updates, because HiJackThis+ primarily detects hijacking methods rather than comparing items against a pre-built database (signatures). This allows it to detect new or previously unknown malware - but it also makes no distinction between safe and unsafe items. Users are expected to research all scanned items manually, and only remove items from their PC when absolutely appropriate. Therefore, FALSE POSITIVES ARE LIKELY. If you are ever unsure, you should consult with a knowledgeable expert BEFORE deleting anything. HiJackThis+ is not a replacement of a classical antivirus. It doesn't provide a real-time protection, because it is a passive scanner only. Consider it as an addition. However, you can use it in form of boot-up automatical scanner in the following way: Run the scanning by clicking "Do a system scan only" Add all items in the ignore-list Set up boot-up scan in menu "File" - "Settings" - "Add HiJackThis to startup" Next time when user logged in, HiJackThis will silently scan your OS and display UI if only new records in your system has been found. HiJackThis+ works on Windows 11, 10, 8.1, 8, 7, Vista, XP, and 2000 (32/64-bit, desktop, and server). IMPORTANT: HiJackThis+ does not distinguish between good and bad items. Avoid altering your computer settings unless you're an expert. Download: HiJackThis+ 3.2.0.1 Alpha | 2.3 MB (Open Source) Links: HiJackThis+ Homepage | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  14. zikalify
    Gmail is working to cut down on spam at the source from 2024 by Paul Hill Gmail is going to be getting several changes by February 2024 that aim to cut down on the amount of spam messages being sent by malicious actors. The three changes that Google will be bringing in include senders authenticating their emails, making it easy to unsubscribe from unwanted messages, and ensuring senders are sending wanted emails. Google said that anyone sending significant volumes of emails will be required to ‘strongly authenticate their emails’ following best practices to help close exploited loopholes used by attackers to threaten users of email. To help users stop getting emails they no longer care about, Google is making it so that senders have to give users a one-click option to unsubscribe from their commercial emails. Senders have to remove contacts from their subscription lists within two days of getting the request. Google said that these requirements are now open standards so non-Gmail users benefit as well. The final measure Gmail is taking is the implementation of a clear spam rate which senders must stay below so Gmail recipients aren’t bombarded with unwanted emails. Google said this is an industry first and should result in users getting fewer spammy emails. Google said that Gmail already uses various defenses to cut down on the majority of spam, phishing, and malware. However, it said that the challenges arising now are becoming more complex and that the measures announced today are required to tackle these issues. As a very significant number of people have Gmail addresses, these measures should benefit a lot of people. They should also help to prevent spam from originating from Gmail accounts. Let us know in the comments if you’ve noticed more spam, phishing, or malware delivered to your inbox increasingly over the last few years. Are you happy to see these measures rolling out? Source: Google
  15. zikalify
    McAfee launches AI-powered and identity features in latest products by Paul Hill McAfee has launched a selection of new features for its McAfee+ and McAfee+ Family plans which are available from McAfee.com and select retailers in the US, UK, Germany, France, Italy, Japan, Canada, Spain, Netherlands, and Australia. The new features include AI protections, enhanced identity, and privacy features. Outlining all of the new features, McAfee wrote: Powerful New AI Protections Next-gen Threat Protection: McAfee’s AI-powered security just got stronger, faster and easier to use. Cloud-based and local machine-based protections coupled together has resulted in 75% less background processes on a device and 3x faster scans so consumers will have a quicker, stronger, easier user experience. AI powered security provides the reassurance that consumers are protected against the latest threats on their Windows PC’s including zero-day threats or those that don’t even exist yet. Now also compatible on ARM64 and Intel / AMD processors. Scam Protection: McAfee’s patented and powerful AI technology addresses the rise in AI-generated phishing scams by proactively detecting suspicious URLs in texts before they’re opened or clicked on. If a customer accidentally clicks on a suspicious link in a text, email, social media, or browser search the feature can block the site from loading to prevent the customer from a phishing scam. New and Enhanced Identity & Privacy Features Online Account Cleanup: Helps reduce the likelihood of being impacted by a data breach since your information isn’t there to be compromised. Many Internet users can have over 350 online accounts, many of which they might not know are still active. This feature runs monthly scans to find your online accounts and shows you their risk level to help you decide which to delete, and how to do so.​ Social Privacy Manager: Helps safeguard your privacy on social media with personalized privacy recommendations based on your own preferences. We do the heavy lifting with the ability to adjust more than 100 privacy settings across your social media accounts in just a few clicks to ensure your personal info is only visible to the people you want to share it with. Transaction Monitoring: Helps spot unusual transactions which could be a sign of identity theft. Track deposits, withdrawals, and payments across your accounts, all in one place. (Included with McAfee+ Advanced and Ultimate) Bank Account Takeover Monitoring: Provides alerts when your personal contact info changes on your banking account. If it wasn’t you, McAfee will guide you so you can take quick action. (Included with McAfee+ Ultimate) Increased ID Theft: Provides $2 million identity theft coverage, including 401K plans, stolen funds, and incurred expenses for you and your household members. Also includes $25K ransomware coverage. (Included with McAfee+ Ultimate) McAfee Assist – Protection Setup: Provides a live session with one of our experts. Customers can call whenever it’s convenient for them to set up their account, no scheduling needed. (Included with McAfee+ Ultimate) The company said that its Individual plans cost $49.99 per year and its Family plans start at $62.99. These prices are for the first year and the individual plans are for personal, non-commercial use. In case you missed it, McAfee did fairly well in the recent AV-TEST and AV-Comparatives assessments. Via: Business Wire
  16. Copernic

    simplewall (Wfp Tool) 3.7.2

    Copernic posted a topic in Front Page News

    simplewall (Wfp Tool) 3.7.2 by Razvan Serea simplewall (WFP Tool) allows simple Windows Filtering Platform (WFP) configuration for your PCs network activity. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and higher operating systems. You can download either the installer or portable version. For correct working, need administrator rights. Features: Simple interface without annoying pop ups Rules editor (create your own rules) Internal blocklist (block Windows spy / telemetry) Dropped packets information with notification and logging to a file feature (win7+) Allowed packets information with logging to a file feature (win8+) Windows Subsystem for Linux (WSL) support (win10) Windows Store support (win8+) Windows services support Free and open source Localization support IPv6 support Simplewall (WFP Tool) 3.7.2 changelog: dropped windows 7 and windows 8 support fixed launch of several copies of the application fixed create filters for inaccessible apps fixed displaying update dialog at startup fixed retrieving version information for some files fixed slow apps search fixed periodicaly crashing fixed retrieving some apps icons fixed saving input on settings fixed saving unused apps fixed process creation improved signature checking updated project sdk Download: simplewall (Wfp Tool) 3.7.2 | 548 KB (Open Source) Download: Portable simplewall (Wfp Tool) 3.7.2 | 1.1 MB Links: simplewall Home Page | Project Page @GitHub Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  17. Qblade_
    GitHub goes passwordless with Passkey now available for everyone by Mehrotra A GitHub has joined a long list of services like TikTok and Google that have ditched passwords in favor passkeys which offer better security. Passkey allow users to sign in using biometrics or face ID, eliminating the need of entering passwords. The technology was developed by FIDO Alliance in collaboration with companies like Apple, Google and Microsoft. In July, GitHub had announced that the company is offering passkey authentication as a part of its beta program to users. Now, the company has announced the general availability of passkey for all the GitHub users. You can head to your account security settings and click on "Add a passkey" to get started. GitHub is also giving users with hardware security keys an option to upgrade to passkey. The company also acknowledged instances with various devices or systems that may prevent users from logging via a passkey. Currently, Linux and Firefox may have issues when setting up passkey as the platforms don't support them at the moment. However, GitHub has also added cross-device registration allowing users to register passkey on a different device like their phone. We found that Linux and Firefox users struggled to use passkeys, as those platforms don’t yet have strong support for passkeys. As a result, we decided to enable cross-device registration of passkeys. That means, you can register a passkey on your phone while you’re using your desktop. The passkey lives in the phone, but users can connect it to their desktop and set-up and authenticate through the desktop’s browser. This enables Linux and Firefox users to set up passkeys. Last year, GitHub announced its commitment to having 2FA enabled on all the accounts on the platform by 2023. Passkey support will go a long way in assisting the company in reaching that goal. With the general availability of passkey, GitHub will now prompt users to add a passkey when they log in from a compatible device. Earlier today, Microsoft also announced the OS-wide passkey support, allowing users to set up passkey regardless of the web browser. Yesterday, 1Password announced that it is rolling out support for passkey for its iOS app.
  18. hellowalkman
    GDS: Microsoft, Intel confirm "Downfall" of 7th, 8th, 9th, 10th, 11th Gen CPUs, firmware out by Sayan Sen Update: Microsoft has now removed the mitigation-disability. Intel and Microsoft have confirmed that almost all of Intel's desktop processors, prior to 12th Gen CPUs, are vulnerable to a new Transient Execution or Speculative execution side-channel attack called Gather Data Sampling (GDS) vulnerability. The new GDS flaw, dubbed "Downfall", is tracked under CVE-2022-40982. Intel says that 12th Gen and newer chips, like Alder Lake and Raptor Lake, come with Intel's Trust Domain eXtension or TDX which isolates virtual machines (VMs) from virtual machine managers (VMMs) or hypervisors, hence isolating them from the rest of the hardware and the system. These hardware-isolated virtual machines are essentially what "Trust Domains" are and hence the name. On its support document KB5029778, Microsoft explains: Microsoft is aware of a new transient execution attack named gather data sampling (GDS) or "Downfall." This vulnerability could be used to infer data from affected CPUs across security boundaries such as user-kernel, processes, virtual machines (VMs), and trusted execution environments. Intel goes into more detail about Downfall or GDS on its website explaining how attackers can exploit stale data on Intel's 7th Gen (Kaby Lake), 8th Gen (Coffee Lake), 9th Gen (Coffee Lake refresh), 10th Gen (Comet Lake) and 11th Gen (Rocket Lake on desktop/Tiger Lake on mobile), which lack previously mentioned TDX. It writes: Gather Data Sampling (GDS) is a transient execution side channel vulnerability affecting certain Intel processors. In some situations when a gather instruction performs certain loads from memory, it may be possible for a malicious attacker to use this type of instruction to infer stale data from previously used vector registers. These entries may correspond to registers previously used by the same thread, or by the sibling thread on the same processor core. Intel has confirmed the issue is resolved by microcode update (MCU) or Intel Platform Update (IPU) version 20230808 as the mitigation is enabled by default. Hence, users with 7th Gen, up to 11th Gen Intel CPUs are advised to update their motherboard firmware. You can do so by visiting the support section of your motherboard manufacturer's website. Though it notes that there may be some performance hit, in which case users can choose to "opt out". Head over to Intel's security advisory (INTEL-SA-00828) for more details.
  19. Anurag Singhh
    Gmail to ask for verification when adding a forwarding address or changing filters by Anurag Singh Google is adding an extra security measure to Gmail to help protect your account from unauthorized access. You may now be asked to verify your identity when taking sensitive actions related to forwarding addresses and editing your filters. Google writes in a blog post that verification will be asked in the following scenarios: Filters: creating a new filter, editing an existing filter, or importing filters. Forwarding: Adding a new forwarding address from the Forwarding and POP/IMAP settings. IMAP access: Enabling the IMAP access status from the settings. (Workspace admins control whether this setting is visible to end users or not) When you take these actions, Google will evaluate the session and, if it deems it risky, will challenge you with a "Verify it's you" prompt. You can confirm the validity of the action by entering a second and trusted factor, such as a 2-step verification code. If you fail to complete the verification challenge, you will receive a "Critical security alert" notification on your trusted devices. Google notes this feature is only available to users who sign in to Google products using their Google account. It does not currently support those who login through a Security Assertion Markup Language (SAML). As for availability, the new security feature will start rolling out to most Gmail users in the two weeks following August 23. The full rollout of the feature will begin on September 6. All Google Workspace accounts and free Google accounts will have access to the additional protection. Google has been busy adding new features to Gmail in recent months. In addition to a native translation feature for Android and iOS, Gmail now offers scheduling and ability to set working locations. That said, Google also launched Help Me Write, its AI email drafting tool, for both Android and iOS devices.
  20. Omer Dursun
    New Russian-backed Mac malware found on dark web...by ChatGPT by Omer Dursun ChatGPT has recently uncovered a new form of malware targeting Mac computers. A cybersecurity firm, Guardz Cyber Intelligence Research (CIR), conducted the investigation and found the malware called ShadowVault. It is being sold on a Russian cybercrime forum for prices up to $60,000. According to Guardz CIR, their researchers used an AI chatbot to initially prompt them to look for new Mac threats being sold on the dark web. After being directed by ChatGPT to search Russian cybercrime forums, Guardz researchers discovered ShadowVault being advertised. ShadowVault is a Hidden Virtual Network Computing (HVNC) tool that allows remote access and control of a victim's Macs without their knowledge. The sellers of ShadowVault boast that it can give full access to a target's machine and that additional capabilities can be added for extra fees. Since April 2023, the malware is reportedly for sale. Guardz stated that there are not yet any known cases of ShadowVault being used in the wild. Apple also has not yet provided any comment on Guardz's findings. However, the accessibility of the malware on criminal forums raises concerns about potential future attacks on Mac users. The cybersecurity team explained how HVNC tool works: For a lifetime price of $60,000, the threat actor will provide you with a malicious tool that supports persistence, runs without requesting any permission from the user, has a reverse shell plus remote file manager, and was tested on a wide array of macOS versions from 10 up to 13.2. The discovery highlights the growing threats facing MacOS as cybercriminals seek to exploit more victims. Users are advised to keep their software up-to-date and utilize security tools to help detect and prevent malware infections. Guardz recommends Mac users implement robust endpoint protection to defend against HVNC and other emerging threats being developed and sold on dark web forums. The cyber firm's report demonstrates the potential for AI like ChatGPT to assist human researchers in uncovering the latest schemes by criminal hackers.
  21. Aditya Tiwari
    Google TAG deleted 21,000+ YouTube channels in April, May, and June by Aditya Tiwari Google's Threat Analysis Group (TAG) has released its latest bulletin on the coordinated influence operation campaigns it disrupted in the second quarter of 2023. The group deleted a total of 21,700 YouTube channels between April, May, and June. These coordinated influence operations were linked to various countries, including China, Russia, Lithuania, Ukraine, Turkey, Iran, Azerbaijan, Uzbekistan, etc., where YouTube channels were terminated. In addition, there were a number of related Google Ads accounts and Blogger blogs that were purged as part of the investigation. The recent number is upwards of what Google TAG reported earlier this year. The group took action against 20,126 YouTube channels between January, February, and March this year. Again, as per the bulletin, China has been linked to the majority of YouTube channels terminated in the second quarter, with their total count exceeding 19,000. Google TAG said it also got leads from other platforms such as Graphika and LinkedIn which helped in their investigation. Apart from that, the group which has been tracking 0-day exploits since 2014 released its Year in Review report for 2022. There was a drop in the number of "in-the-wild 0-days" that the group detected and disclosed in 2022 when compared to the previous year. One of the takeaways is that publicly disclosed vulnerabilities (N-days) can act like 0-days on Android as "there were multiple cases where patches were not available to users for a significant time." In recent news, Google agreed to change its data portability tools in an attempt to settle an investigation by the Italian competition authority AGCM (Autorita' Garante della Concorrenza e del Mercato). The search giant's Web Environment Integrity API which sparked controversy has been denounced by rival browsers such as Brave, Vivaldi, and Firefox. Moreover, the company has started warning users again that it will delete inactive accounts by the end of the year 2023. Google's updated policy allows it to pull the plug on accounts that have been dormant for two years. However, the company said it won't take a toll on accounts that have YouTube videos and will consider your account as "active" if you sign in at least once every two years.
  22. Omer Dursun
    FBI allegedly used NSO Group spyware after Biden's ban by Omer Dursun Earlier this year, the New York Times revealed that the US government had purchased and used spyware created by Israeli hacking firm NSO Group. This spyware, Pegasus, can discreetly hack into mobile phones and download personal information without the user's knowledge. In March 2022, President Biden signed an executive order banning the use of commercial spyware like Pegasus by US government agencies. However, a new NYT report has revealed that the FBI continues to use NSO Group's Landmark tracking software to track suspects in Mexico. The FBI claimed it was misled by the private contractor Riva Networks, who failed to disclose they would be using NSO software. Riva Networks provided location tracking services to the FBI to help track drug cartels in Mexico. Even after the March executive order, the FBI reportedly used Landmark as recently as this year before terminating the contract with Riva Networks. The FBI now says it used the tool unwittingly and that Riva Networks misled the bureau. Once the agency discovered in late April that Riva had used the spying tool on its behalf, Christopher A. Wray, the FBI director, terminated the contract, according to U.S. officials. This is not the first time the FBI has had ties to NSO Group's controversial spyware tools. Before the ban, the FBI considered utilizing Pegasus for domestic criminal investigations within the US. NSO Group and its spyware products have faced widespread criticism for enabling government surveillance and suppressing political dissent globally. In 2021, at least nine iPhone devices belonging to U.S. State Department employees were spied on by NSO-backed spyware. The software has been used numerous times to target government officials, journalists, business people, activists, academics, and embassy workers. Apple, on the other hand, sued NSO Group for spying on its customers. The latest revelations that the US government continued to use these tools raise concerns about the proliferation of unregulated spyware.
  23. Ishtiaqe Hanif
    Self-replicating worm malware infects exposed Redis data store used for live streaming by Ishtiaqe Hanif Researchers at Cado Security Labs detected a malware campaign named P2Pinfect attacking Redis data stores. In a press release today, Cado, a UK-based cloud forensics and first response provider, summarizes the capabilities of the virus, its payload, and its method of attack. Redis (REmote DIctionary Server) is an in-memory multi-modal database popular for its sub-millisecond latency, with the concept of a cache being a durable data store. This open-source NoSQL database is most popular with live-streaming and quick-response use cases with companies like Twitter, GitHub, Snapchat, Craigslist, and StackOverflow. P2Pinfect is a botnet agent malware written in RUST with the following capabilities: Attempts multiple Redis exploits for initial access Utilizes Rust for payload development, making analysis tricky Uses multiple evasion techniques to hinder dynamic analysis Conducts internet scanning for Redis and SSH servers Self-replication in a worm-like manner Unit42 researchers previously encountered the virus infecting Windows and Linux servers. In their findings, out of 307,000 unique Redis systems, at least 934 may be vulnerable to this CVE-2022-0543 peer-to-peer worm variant. Cado Security uses honeypot telemetry, a military espionage technique, to steal enemy secrets by baiting and trapping targets. Researchers created instances of Redis data store, compromised by the P2Pinfect malware once exposed. It created a malicious instance to enable replication and became part of the distribution network. It is a typical attack pattern against the leader/follower Redis topology. The connecting point to the network is through the issuance of the "SLAVEOF" command. Once compromised, attackers can load a malicious Linus shared object file to extend the functionalities of the data store. The screenshot below shows how the command is used to gain initial access. After access is gained, the "MODULE LOAD" command is used by the attackers to load exp.so object files to the network, providing reverse shell access. The primary payload is an ELF (Executable and linking format) written in C and RUST that ultimately gains access to the SSH server by adding the following key to the authorized_keys file for the current user: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/2CmHl/eiVchVmng4TEPAxOnO+6R0Rb/W+zlwCR+/g3mHqsiadebQx4rd5Ru/2HnSIut2kxm9Pz4ycxMIP4tNqyeHGpXhngTHnCduUwDofkVwzuy1GtDWXwlZbW3a4FDkPB4QwyHzB62+8G2L8CaG/3v26acRef9UWO2JepanMAkJo0oOrFg/chMbTcrhXwhbesTnb12yhaXBS8KgF1bWkMEqPvAGAFBj1G19dBcThK/qw1Wg2wIEl23kDdc5P4tRVvisYj9s5pqIG/+i9AjAlpS8AEqymmYjA3xUyWc/2D1BytbHIZCn5rGlrTNM1GcB/cCTByqdOEbckBi17cOXBDKmG/NRSj7in71Rh81R54xhIn5FTGGBxtrxXhHVkfyRl23IRCnZevrM41Lra3WaFYNMVgmfjf78L98mAByoSI2ztwYpSksVnrtjLC7o73fLff2Ttyie7tRIkbGcm7wlUP81U6Qk+4AwuxfxRQhol9glY7JqdRmmqjYjfviy10wgLRBhtjdIDWSF18CsL0qW60/3YvYt+AtW0JXMMXq8KKUOWEAqbJTddKTsd0H5nvxbz+pBgeB850DcNwUm+Ko1x6zKbM4KqM8xpQDfFf139ZLsq6aW34jZJ1/2HxNtVs39tt/N1BvoZcsV8yH/du09LWf113BFNmkMYz1YUrT+1w== root@localhost.localdomain By adding the key to the authorized users' list, the malware can do the following operations in the system: Renames the wget and curl binaries to wgbtx and clbtx respectively. This is likely an attempt to hinder any incident responders from using them to pull down forensics tools, as well as preventing EDR solutions from detecting the usage of the command. This is a common TTP for cloud threat actors. Checks for the iptables command, and installs it if it is not found. It has several commands specific to individual package managers, so it can be installed regardless of the Linux distribution in use. Checks for the awk command, and installs it if it is not found. Like the previous command, it will try to use several package managers. Checks for the netstat command, and installs it if it is not found. Like the previous commands, it will try to use several package managers. Uses netstat and awk to collect a list of all IPs that are currently connected to the Redis server running on the target host. Adds an iptables rule to allow traffic from each of these IPs to the redis server. Adds an iptables rule to deny all other traffic to the redis server. Adds an iptables rule to allow all traffic to a randomly chosen port that the primary payload listens on for botnet communications. This sophisticated malware is difficult to detect for several reasons, including using Rust and mixing it with C's Foreign Function Interface feature, which adds high complexity to the code and a lack of tooling to analyze them. Cado's analysis did not observe any activity similar to cryptocurrency mining, something that could be added as the malware is capable of updating itself to add more functionalities. You can identify a compromised host with the following indicators: Filename SHA256 Linux 87a3fc1088449dbd3554fe029a1878a525e64ab4ccf71b23edb03619ba94403a miner b1fab9d92a29ca7e8c0b0c4c45f759adf69b7387da9aebb1d1e90ea9ab7de76c bash ce047893ac5bd2100db3448bd62c324e471ffcddd48433788bfe885e5f071a89 You can learn more in-depth malware behavior analysis at Cado Security Lab's report here.
  24. Copernic

    simplewall (Wfp Tool) 3.7.1

    Copernic posted a topic in Front Page News

    simplewall (Wfp Tool) 3.7.1 by Razvan Serea simplewall (WFP Tool) allows simple Windows Filtering Platform (WFP) configuration for your PCs network activity. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and higher operating systems. You can download either the installer or portable version. For correct working, need administrator rights. Features: Simple interface without annoying pop ups Rules editor (create your own rules) Internal blocklist (block Windows spy / telemetry) Dropped packets information with notification and logging to a file feature (win7+) Allowed packets information with logging to a file feature (win8+) Windows Subsystem for Linux (WSL) support (win10) Windows Store support (win8+) Windows services support Free and open source Localization support IPv6 support Simplewall (WFP Tool) 3.7 changelog: added profile encryption [oldest versions cannot open new profile] (issue #599) added terminate process into notification window (issue #1398) added checksum calculation for the apps (issue #394) added error message for log subscription improved search performance (issue #1383) fixed timer and apps timestamp displays incorrect information (32-bit only) fixed sometimes application displays incrorrect icons fixed possible crash when clearing log fixed silent uninstaller do not worked fixed arm64 build crash (issue #1228) fixed internal bugs fixed memory leaks updated nuget package updated project sdk updated locale Changes in Simplewall 3.7.1: fixed import not correcly worked (issue #1466) fixed crash when checking files (issue #1455) updated project sdk Download: simplewall (Wfp Tool) 3.7.1 | 645 KB (Open Source) Download: Portable simplewall (Wfp Tool) 3.7.1 | 1.1 MB Links: simplewall Home Page | Project Page @GitHub Get alerted to all of our Software updates on Twitter at @NeowinSoftware
  25. Gerowen
    So, as somebody who isn't a cryptography expert, let me see if I understand something right. I hope y’all don’t mind me trying to educate myself, and would appreciate some high level/layman type feedback so that I can at least have a big picture idea of how the encryption is working, and what is or isn't safe against quantum computers. First off, I know that (or am pretty sure that), if all you have is an encrypted message, without its plain text original as a reference, then symmetric encryption algorithms like AES, Twofish, ChaCha20, etc. are quantum safe. I know that asymmetric algorithms like RSA, ElGamal or even asymmetric eliptic curve algorithms like X25519 are NOT quantum safe, and that variations of Shor's algorithm could theoretically break them, given a quantum computer with enough qbits. If you encrypt something with just a password using AGE or PGP, it uses symmetric encryption, and puts that password through a KDF to turn it into a private key to be used for that. The encrypted copy of that encryption key is stored with the data itself and can only be accessed when the correct password is put through the same KDF. So, this is quantum safe, correct? If you use asymmetric encryption, it generates a one time symmetric key for something like AES or ChaCha20, encrypts the data with that, then encrypts that symmetric key with the public half of the asymmetric key pair and stores it with the data. This is NOT quantum safe because even though the symmetric encryption is used on the data, the private key for that symmetric encryption is protected by an asymmetric algorithm, so attackers don’t need to break AES or ChaCha20, they just need to break the RSA/ElGamal/ECC that’s protecting the encryption key. If you use a password protected asymmetric key pair, does it use a KDF and symmetric algorithm to then protect your asymmetric key pair? Does entering the pass-phrase then decrypt and unlock that pair? So in effect, if you encrypt data with a password protected asymmetric key pair, it could essentially work like: SYM → ASYM → SYM So is it essentially going through 3 layers of encryption for this kind of scenario? One to unlock the asymmetric pair, then another to unlock the symmetric key, then another to unlock the data itself. So when it comes to quantum computers, would asymmetric cryptography be safe if it’s password protected, or not safe because the public key is still available and can be used to break it, regardless of the password protection on your private key?