TRUST Virus Files (getthekey@tutanota.com Ransomware) — How to remove?

The Trust virus was originally discovered by virus analyst Tomas Meskauskas, and belongs to the VoidCrypt ransomware family. This ransomware encrypts all user’s data on the PC (photos, documents, excel tables, music, videos, etc), adds its specific extension to every file, and creates the Decrypt-me.txt files in every folder which contains encrypted files. Trust Virus ☝️ Trust can be correctly identify as a VoidCrypt ransomware-type infection. After the encryption process files will be renamed according to the pattern TRUST, which is laid in ransomware. Your photo, named an example...

Xminer.exe Virus ⛏️ (Coin Miner Trojan) Removal

Xminer.exe is a Trojan Coin Miner that makes use of the infected computer system’s resources to mine digital money without your permission. It can be Monero, Bitcoin, DarkCoin or Ethereum. About “Xminer.exe” Xminer.exe will certainly use greater than 70% of your CPU’s power as well as graphics cards resources What this means, is that when the miners are running you will certainly find that your computer is running slower and also games are stuttering or cold because the Xminer.exe is using your computer’s sources to create profits for themselves. This will create...

⚡ CYBER SECURITY NEWS

Someone Erases Data from WD My Book Live and Manufacturer Advises Unplugging Devices

Western Digital NAS owners worldwide complain that all files have been deleted from their WD My Book Live devices, and they can no longer log in through a browser or app, receiving an “Invalid Password” error. Trying to use the default password (admin) doesn’t help either. victims write that, judging by the logs, their devices received a remote reset command to factory settings. Many users fear that their devices have been compromised, and an attacker has sent a massive reset command to the NAS. But in this case, it is strange that the attackers did not leave ransom notes...

Hackers Erased Data from WD My Book Live Devices through 0-Day Vulnerability

Last week, attacks on Western Digital NAS removed all files from WD My Book Live devices, while users could not log in through a browser or app, receiving an “Invalid Password” error. the developers asked the NAS owners to temporarily disconnect their devices from the Internet. Western Digital engineers reported that, in their opinion, the devices could be compromised using a certain vulnerability, since they were connected to the Internet directly. At the same time, the last firmware update for WD My Book Live was released in 2015, and after that a critical bug CVE-2018-18472 was...

Mercedes-Benz reports data breach of 1.6 million customers

The American division of Mercedes-Benz has reported a data breach affecting some of the company’s customers. incident affected 1.6 million records, which included customer names, addresses, email, phone numbers and some information about the vehicles purchased. The incident reportedly occurred on June 11, 2021 due to unsecured cloud storage. According to the company, the leak affects some customers and potential car buyers who, between January 1, 2014 and June 19, 2017, entered confidential information on the websites of the company and dealers of Mercedes-Benz. The investigation of the...

Kaseya Says Ransomware Attack Affected About 1,500 Companies

As was reported earlier, MSP vendor Kaseya was hit by a massive ransomware attack from REvil (Sodinokibi) at the end of last week. The hackers exploited a 0-day vulnerability in the company’s product (VSA) and attacked Kaseya’s customers. problem is that majority of the affected VSA servers were used by MSP providers, that is, companies that manage the infrastructure of other clients. This means that the cybercriminals have deployed the ransomware in thousands of corporate networks. This incident could be the largest ransomware attack in history. The fact is that unlike the...

Scammers distribute fake patches for Kaseya VSA

The scammers are trying to capitalize on a massive ransomware attack and are distributing fake patches for the Kaseya VSA. are sending spam disguised as updates for Kaseya, but in reality they are Cobalt Strike payloads. Cobalt Strike is a legitimate commercial tool created for pentesters and red teams and is focused on exploitation and post-exploitation. It has long been loved by hackers, from government APT groups to ransomware operators. Although it is not available to ordinary users and the full version is priced at about $3,500 per install, attackers still find ways to use it (for...

REvil ransomware attacks MSP solution provider Kaseya

Late on the last Friday evening, on the eve of July 4th, the REvil (Sodinokibi) ransomware attacked and gained access to the infrastructure of the MSP provider Kaseya, and implemented a malicious update into the VSA program, as a result of which many Kaseya customers were affected. looks like this incident could be the largest ransomware attack in history. The fact is that unlike the attacks of WannaCry, NotPetya and Bad Rabbit, which were more widespread, those incidents were associated with “government” hackers, and not with financially oriented groups, such as REvil. The...

Unwanted Programs

Easy Recipes Now browser hijacker removal instructions

The Easy Recipes Now search hijacker is an example of a basic unwanted program; such applications are distributed massively nowadays. In this article you will see the comprehensive information of “Easy Recipes Now” hijacker removal in several methods: using anti-malware programs and manual removal technique. Easy Recipes Now – What is it? “Easy Recipes Now” search hijacker is a potentially unwanted application (PUA), that is spread as a plugin for your internet browser. It is usually advertised as an add-on for Chrome or Firefox, that helps to browse some special...

Unwanted Pop-ups

Remove Profsoma.space Pop-up Virus — How to Remove?

Profsoma.space pop-up notifications may appear out of the blue, covering the post of the page you went to or opening your browser when you do not wish it to be opened. Clicking the Profsoma.space ad may trigger the injection of various malware or unwanted programs. In this article, you will see the guide of Profsoma.space popups removal in a couple of ways, and also checking your computer for other malware existence. What are Profsoma.space pop-ups? Profsoma.space popups are an outcome of adware activity. Adware is a type of malware that presents you the pay-per-view of pay-per-click ads...

💡 TIPS & TUTORIALS

Instructions to Resolve the Most Irritating Issues in Windows 10

Windows 10 is excellent, however, it has got its problems too, starting with unexpected reloads and ending with everlasting alerts. This is how to resolve some of the most annoying troubles with Microsoft’s most recent operating system. It’s quite possible that Windows 10 is the best version of Microsoft company. However, nobody has ever developed a totally ideal operating system. Even though we do like Windows 10, it definitely has got a lot of issues that are absolutely annoying. The good thing is that a lot of such issues in windows 10 can be easily resolve. These are the...

Working with the File Explorer in Windows 10

Windows 10 doesn’t have an integrated assistance for File Explorer anymore, unlike Windows 7. Microsoft encourages customers to search the Internet for data, thus, here’s what you have to know about applying Windows 10’s file manager. File Explorer Interface Common Facts Even though its name has been changed to “File Explorer” in Windows 10, this program is generally the same as Windows Explorer on Windows 7. It does have certain new features, such as a ribbon interface and integrated Microsoft OneDrive for syncing your data to the cloud. The “Quick Access” section in the sidebar...

USOCoreWorker.exe Process. Is It Safe? How to disable USO Core Worker?

USOCoreWorker.exe stands for a process that may in some cases come up on your Event Viewer’s list of events. In case you would like to find out more about it, continue reading this tutorial. USOCoreWorker.exe stands for a process that Windows 10 applies while searching for updates. The operating system also refers to this process in order to install the fresh updates and patches on your workstation. USO stands for Update Session Orchestrator. The fresh Windows 10 operating system versions refer to the Update Session Orchestrator instead of the Windows Update client. To put it simply...

How to decrypt DJVU Ransomware files? Emsisoft Decryptor

STOP/DJVU Ransomware encrypts victim’s files with Salsa20, and appends one of dozens of extensions to filenames; for example, “.wrui”, “.pcqq”, “.ytbn”, “.nusm”, “.ehiz“, etc. The ransom note “_readme.txt” contains the following text: ATTENTION! Don't worry, you can return all your files! All your files like photos, databases, documents and other important are encrypted with strongest encryption and unique key. The only method of recovering files is to purchase decrypt tool and unique key for you. This software will...

How To Increase Internet Speed On Windows 10

Your Internet connection isn’t necessarily the reason for slow download and upload speeds. There are times when your Windows 10 PC restricts your speeds due to different reasons. The good thing is that you can amend such speed-throttling features and obtain faster upload and download speeds on your Windows 10 workstation. You can amend all such features on your own without any guidance from your Internet service provider (ISP). Modify The Bandwidth Limit In Windows 10 It is a well-known fact that Windows 10 assigns a special amount of your bandwidth to download updates for the Windows OS and...

NTLM Authentication: How to Deactivate in Windows 10

In this tutorial, we will give you instructions on “How to deactivate NTLM Authentication Windows 10”. You will be guided with simple recommendations to do so. Let’s begin the story. What is the purpose of ‘NTLM Authentication’ in Windows 10? NTLM Authentication in Windows 10: NTLM is a New Technology LAN Manager. It is a special package for security protocols rendered by Microsoft in order to authenticate customers’ identity and defend the integrity and confidentiality of their actions. This technology is grounded on Challenge-response protocol in order to confirm the customer without the...