How to Boost Your Business with Residential Proxies

Proxies have become best friends of online businesses. They give so many opportunities to successfully manage, thoroughly collect the needed data, avoid blocking and a bunch of other things.

Acting like an intermediate proxy meets your request to a resource halfway and changes your IP. The destination site sees only the new address given by proxy. You can find reliable residential proxies here.

How Proxies Influence Business Processes

Special bots can be very helpful in data collection. They do not harm anyone, but bring valuable information for businesses. However, there are lots of maleficent people who use bots with bad intentions. Websites and platforms constantly check and ban suspicious accounts.

For example, you can do nothing bad, but mass-following from the same IP. Such repeated actions can be recognized as suspicious and special authorities can block your account. However, if you use residential proxies, there is nothing to worry about.

Residential proxies make your connection more stable and can even boost speed sometimes.

On one hand with the help of proxies you can restrict access to certain resources so that your workers spent working hours properly.

On the other hand, you can receive access to the resources that are restricted in your area.

All your actions online will be anonymous because proxies mask your real IP. Nobody will be able to track you or steal any important data.

Proxies allow market monitoring and analysis. Your rivals will not be able to hide information you need. Gathering data you will not be afraid of getting blocked.

Structuring Proxy Usage

Proxy usage should become your every-day fellow traveler on the Web. There are different kinds of proxies, but residential proxies are suitable for everyone.

Web crawlers need to gather data from the rivaling companies. Proxies help to do this anonymously. You will know their prices and will be able to monitor any changes in them.

Marketers need proxies to successfully fulfill various promotions and place advertisements. Ad verification will become safe and comfortable with residential proxies.

SEO specialists benefit from scraping with proxies. They also receive an opportunity to check the search engine in any land with proxies.

OnlineSIM Advantages

Get acquainted with OnlineSIM right here. OnlineSIM is a residential proxy service offering more than 60 million proxies from more than 100 countries. It promises 99% of cases without blocking and CAPTCHA. You can either pay for gigabytes or use unlimited traffic. Besides, you can have a trial.

Long-term loans on the card from the first time up to 50 thousand

Where do they give long-term loans to the card from the first time up to 50 thousand?

Microloan If it so happens that you need a small loan within 50 thousand rubles, and it is not possible to get it anywhere else, except in a microfinance organization, there are some tips on how to do it relatively painlessly and quickly.

Want to make money on stocks? Subscribe to Telegram bot @birzevikbot – it sends stock news, trends, lectures – I recommend both beginners and pros.

Select an organization in advance and search for its website on the Internet. Now every small organization has its own page, this is already the first proof that the organization exists in reality.

Check the MFI if it is on the public register.

Collect feedback on the company. It’s good if someone you know has recently applied for a loan there and had a positive experience. You can also look for reviews on the net.

Call the company and ask for a sample contract, and study it yourself in a calm home environment where no one will rush you. Carefully study the percentage (it may be indicated per day or week and may not seem very high at first), additional costs, late fees.

It is advisable to compare several offers, according to the parameters indicated above, to find the optimal solution.

Since MFOs are commercial organizations, it is possible that they offer some kind of discounts – to retirees, when they first apply or, on the contrary, when they are repeated, etc. Feel free to ask the manager about it.

Some of the fastest microloans are bank card or e-wallet loans. Here you also need to study all the additional commissions and card servicing amounts.

Since interest is calculated every day, try to pay off the debt as soon as possible.

Google is blocking unofficial versions of Google from downloading …

Owners of a number of Pixel models complain about problems with installing Google Camera and Google Recorder from third-party sources

The Google Camera application is, perhaps the greatest value of the Google Pixel smartphones. But due to limitations in Android 11, not everyone can install Google Camera 8.0 on their smartphones without problems. The installation of the new version of Google Recorder is also blocked.

Read also: Is a Xiaomi or Huawei smartphone convenient without Google services?

Last October, the Google Pixel 5 was released, which features Google Camera 8.0 and Google Recorder 2.0 … Naturally, there were enthusiasts who began to distribute files for installing software. When users of older Pixel models tried to download unofficial updates, they ran into a problem. Not everyone showed it, some still managed to install the software. But there were quite a few people who could not download the update correctly and had to roll back to factory settings in order to subsequently install Google Camera and Google Recorder.

 Google is blocking the download of unofficial versions of Google Camera and Google Recorder - photo 1

Initially, many attributed everything to errors in updates, but now there are facts that Google is deliberately blocking the installation of Google Camera and Google Recorder from third-party sources by installing a special API for this in Android 11. The search giant itself does not comment on the restrictions imposed on installing photos from unofficial sources. Among the reasons for this step are the improvement of security and prevention of unauthorized distribution of software.

Check Point: SpeakUp backdoor has become one of the most active threats in January

Researchers at Check Point published the traditional report Global Threat Impact Index for January 2019. Experts warned that SpeakUp, a backdoor trojan now spreading mining malware, was one of the most active threats of the past month.

Let me remind you that SpeakUp attacks are mainly aimed at servers in East Asia and Latin America, including machines hosted on AWS. At the same time, malware can be dangerous not only for six Linux distributions, but also for devices on macOS.

Earlier, Check Point analysts have already written that malware comes with a built-in Python script that is used to spread the infection in the local network. The script scans the local network and searches for open ports, brute-force “neighboring” systems using a previously prepared list of logins and passwords, and then tries to use one of seven exploits from its arsenal against them.

Currently, the hack group using SpeakUp, applies backdoor to install mining Malvari on infected servers. In this way, hackers get Monero cryptocurrency. However, malware can deliver any payload and run it on compromised machines, which is why Check Point researchers consider Speakup as a serious threat.

Besides SpeakUp, in January, the first four lines of the ranking of the most active malware programs have traditionally been taken by cryptocurrency miners. Coinhive remains the main malware that has attacked 12% of organizations worldwide. XMRig again became the second most common malware (8%), followed by the miner Cryptoloot (6%).

Despite the fact that the January report presents four miners, half of all malicious forms from the top ten can be used to download additional malicious Software on infected machines.

“In January, there were small changes in the forms of malware targeted at organizations around the world, but we are finding new ways to spread malware. Such threats are a serious warning of future threats. Backdoors, such as Speakup, can avoid detection and then spread potentially dangerous malware to infected machines. Since Linux is widely used on corporate servers, we expect Speakup to become a threat to many companies, the scale and seriousness of which will grow during the year, ”comments Vasily Dyagilev, head of the representative office of Check Point Software Technologies in Russia and the CIS. – In addition, for the second month in a row, BadRabbit is in the top three most active malicious programs in Russia. So attackers exploit all possible vulnerabilities to make a profit. ”

The most active threats in January 2019:

  • Coinhive (12%) is a miner using the power of the victim’s CPU or video card and other resources for cryptocurrency mining.
  • M XMRig (8%)open source software, first discovered in May 2017, is embedded JavaScript uses a large amount of computing resources of end-user computers for mining. Used for mining cryptocurrency Monero;
  • Cryptoloot (6%) – a miner using the power of the victim’s CPU or video card and other resources for mining cryptocurrency.

As for mobile threats, here Hiddad, a modular Android backdoor, which provides the privileges of downloadable Malvari, replaced Triada in the first place. Lotoor ranked second, while Triada Trojan went down to third place.

The most active mobile threats in January 2019:

  • Hiddad is a modular backdoor for Android, which grants the rights to the superuser of the loaded malware, and also helps
  • Lotoor – uses vulnerabilities in the Android operating system to gain privileged root access on hacked mobile devices;
  • Triada – a modular Android Trojan that provides root privileges for behind loaded Malvari, and also helps to introduce it into system processes.

Check Point analysts’ conclusions were commented by Alexei Malnev, the head of the incident monitoring and response center at Jet Jet CSIRT of Jet Infosystems:

“Unlike most modern threats, SpeakUP Trojan is delivered via the communication channel and to Linux servers. Usually, attackers use email for these purposes, and threats, as a rule, target Microsoft Windows platforms.

Not surprisingly, most known anti-virus programs are not yet able to detect the threat. The reason is that 75% of successful attacks are implemented using 0-day vulnerabilities, which are designed to overcome known signature-based protection. You can detect such threats with the help of Web Application Firewall monitoring systems: for example, they allow you to detect any downloads of the shellcode. It is also useful to use a complex of behavioral analysis systems — they can be used to detect anomalies in network traffic, user behavior, and running processes. If an infection has occurred, then the monitoring of information security incidents will help. With it, you can detect malicious activity at the stage of horizontal distribution in the infrastructure – until the final realization of the threat. ”

Scammers impersonate YouTube stars and disguise their operations very badly

The specialists of the company RiskIQ talked about fraudsters who pretend to be popular YouTubeers (including Philip DeFranco, Jeffree Star and Bhad Bhabie) and lure victims to malicious sites with fake polls. And although fraudsters are undoubtedly strong in social engineering, according to experts, they definitely cannot boast of technical knowledge.

Researchers explain that the main problem in this case is rather on the side of YouTube: the site allows attackers to easily forge the profiles of any existing users, and send dangerous spam. The fact is that the account name may differ from the name visible to channel visitors, and you can send a friend request to any platform user (when the request is accepted, you can send a personal message to this person).

This is what attackers use to create “clones” of these popular channels and send spam on behalf of these profiles. Examples of such messages can be seen below.

As you can see, in all cases the victim is invited to follow the short link (most often, bit.ly is used to shorten the URL) and participate in the drawing of a certain prize. As a result, the victim gets to the site, where she is offered to take part in the iPhone draw (the addresses of fraudulent sites correspond, for example, to iPhoneXfree [.] net and GetiPhoneXhere [.] com) or gift certificates.

If the user is not worried, then he is asked to provide information about himself, in lyuchaya name, address, country of residence and your email. It would seem that it remains only to verify this data, but now the attack goes into the main phase, which brings money to the criminals: the user is asked to follow the referral link and go through one of the proposed surveys. Income to the attackers is the personal data of people and clicks on the referral links, as the scammers pay for each visitor scammers.

Experts say that the scammers behind these campaigns are clearly not used to disguise their operations. So, a simple visit to iPhoneXfree [.] net allowed experts to find out how long this server has been used for such activity. Another site, bootstraplugin [.] com, helped discover about 300 other domains that criminals have been using since 2016.

Also, experts managed to track the statistics used by fraudsters for links Bitly. For some of them, thousands of times passed.

VOIPO's unsecured server stored millions of SMS messages and call logs.

");} else {$ ('# mpu0-desktop'). remove (); console.log ('mpu0-desktop removed');}});

");} else {$ ('# mpu1-desktop'). remove (); console.log ('mpu1-desktop removed') ;}});

We recommend to read: [19659008] Xakep # 237. Darknet 2018
  • Issue Content
  • Hacker Subscription

The head of Trust & Safety at CloudFlare, Justin Paine, using a banal search through Shodan, discovered the unprotected ElasticSearch installation, which later became clear belonged to the Californian VoIP-telephony provider VOIPO. The unprotected database found by Paine contained data from the company's customers for at least the last four years.

In total, the expert found 6.7 million call logs, with partial phone numbers of the calling and receiving parties, time stamps, data on the duration of calls. The oldest magazines were dated July 2017. Also on the server were stored 6 million SMS / MMS, including time stamps and the contents of the messages themselves. The oldest of them were dated December 2015. In addition, about a million documents contained API keys for various internal systems, and sometimes you could even stumble upon usernames and passwords in plain text format.

The expert notes that the main problem in this case is the leaked credentials, the use of which In theory, attackers could have led to a complete compromise of various systems.

At the present time, VOIPO employees have already solved the problem and secured the problematic ElasticSearch installation. The company reported that the server was used for test needs and was left unprotected accidentally, and also confirmed that the database contained “reliable data”, but did not specify which ones.

Published an exploit for the RCE vulnerability in the Edge browser

As part of the December Tuesday update, the Edge browser vulnerability CVE-2018-8629 related to the operation of Chakra (Microsoft’s JavaScript browser engine) was eliminated. This problem allows you to execute arbitrary code on the vulnerable machine with the same privileges as the currently logged in user.

Bruno Keith from the team of researchers Phoenhex found a critical vulnerability. He also said that all versions of Windows are vulnerable to the problem, and only for Windows server (2016-2019) the bug poses a smaller threat.

Since the patch for this flaw was released two weeks ago, the experts decided that PoC could already be published -exploit for fresh vulnerabilities. The exploit has 71 lines of code and leads to out-of-bounds reading from memory. Researchers note that the effect of an exploit in its current form may not seem very dangerous to many, but PoC can be modified and get more dangerous results.

Researchers remind that this bug can be used for web attacks. So, it is enough for an attacker to create a malicious site with an exploit and lure him to the victim with vulnerable Microsoft Edge. The exploit can also be implemented on other resources that the victim frequently visits – on any sites, in advertisements, and so on. Given that the patch was released only this month, not all users definitely managed to install the updates.

Christmas DDoS canceled: law enforcers shut down 15 hacker services

");} else {$ ('# mpu0-desktop'). remove (); console.log ('mpu0-desktop removed');}});

");} else {$ ('# mpu1-desktop'). remove (); console.log ('mpu1-desktop removed') ;}});

We recommend to read: [19659008] Xakep # 236. FPGA
  • Content of the issue
  • Subscription to the "Hacker"

Law enforcement agencies of the United States, Britain and the Netherlands have reported the closure of 15 major services of DDoS attacks for hire. Interestingly, the operation was carried out on the eve of the Christmas and New Year holidays, which for many years in a row are the “golden times” for DDoS attacks on gaming services. Attacking's favorite targets are PlayStation Network, Xbox, Steam, Blizzard and EA Online servers, and attackers choose this time of year specifically to troll as many people as possible who are going to spend the weekend at home with the prefix.

The “tradition” mentioned begins in 2013 year, when the DDoS-attacks arranged a hack group DerpTrolling. In 2014, hackers from Lizard Squad also joined DerpTrolling, and in 2015 and 2016, the Phantom Squad and R.I.U groups took up the baton. Star Patrol. Only last 2017 turned out to be relatively calm, since DDoS was then trying to organize scattered singles.

This year, it seems, there will not be a Christmas DDoS either, and it is unclear whether the law enforcers acted on their own, or campaigns. Together, 15 of the following services were closed, offering the services of DDoS attacks to understand:

• anonsecurityteam.com;
• booter.ninja;
• bullstresser.net;
• critical-boot.com;
• defcon.pro;
• defianceprotocol.com;
• downthem.org;
• layer7-stresser.xyz;
• netstress.org;
• quantumstress.net;
• ragebooter.com;
• request.rip;
• str3ssed.me;
• torsecurityteam.org;
• vbooter.org.

It is worth remembering that At the end of April 2018, Europol was notable for eliminating one of the world's largest services for DDoS attacks, WebStresser. However, this, of course, does not mean that there are no hackers selling DDoS to order on the network. For example, many of these services work in China and other countries where the jurisdiction of Europol and the FBI simply does not apply.

According to the US Department of Justice, the authorities have already charged the 23-year-old operator of the Quantum Stresser service, David Bukoski, from Pennsylvania . It is reported that since its launch in 2012, Quantum Stresser has managed to work with more than 80,000 customers, and this year alone more than 50,000 DDoS attacks against various targets around the world have been carried out using it.

Also, charges have been brought The 30-year-old Illinois resident Matthew Gatrel and the 25-year-old Juan Martinez from California are suspected of organizing Ampnode and Downthem services.

According to the investigation, Downthem had more than 2,000 clients and service He was responsible for 200,000 DDoS attacks from October 2014 to November 2018. As you can see, Ampnode does not appear in the list above. The authorities explain that this service worked a little differently: it offered technical assistance and resources for creating independent DDoS services on the customer’s side.

More than two dozen apps on Google Play contained a dangerous backdoor

Sophos experts found 22 dangerous applications in the official Google Play catalog that were installed more than 2,000,000 times in total (Sparkle Flashlight alone was downloaded over 1,000,000 times.)

Researchers They write that three malicious applications were added to the catalog as early as 2016-2017, and the rest appeared in the summer of 2018. Moreover, the malicious functionality appeared in the already mentioned Sparkle Flashlight and two more “old” applications in March of the current year, and later applications downloaded to Google Play contained a malicious code from the very beginning.

This family of Malvari was named Andr / Clickr-ad and, as is easy to understand by this identifier, mostly applications were used for background clicking All applications were launched and continued to work, even if the user tried to terminate them forcibly, while actively spending traffic and battery. So, the malware contacted the mobbt [.] com domain, from which it received modules for the advertising fraud and new instructions, every 10 minutes and 80 seconds, respectively.

To avoid suspicion and merge with the traffic of real users, the applications forged the user-agent and impersonating other products and devices, including the iPhone. Thus, the malware imitated the activity allegedly emanating from iPhone from 5 to 8 Plus, as well as 249 models from 33 manufacturers of Android devices (supposedly running Android from version 4.4.2 to 7.x). And here is Apple? The fact is that advertising on Apple devices is more expensive than on Android, Linux or Windows.

Experts point out that malware could harm not only users, but advertising networks and even the entire Android ecosystem. Worse, malicious applications were completely controlled by hackers from the management server and could at any time be used to install additional malware on the infected device.

Currently, all dangerous applications have already been removed from Google Play. Below you can see a list compiled by Sophos analysts.

Package name name Sha1
com.sparkle.flashlight Sparkle FlashLight 9ed2b260704fbae83c02f9f19a2c4e85b93082e7
com.mobilebt.snakefight Snake Attack 0dcbbae5d18c33039db726afd18df59a77761c03
com.mobilebt.mathsolver Math Solver be300a317264da8f3464314e8fdf08520e49a55b
com.mobilebt.shapesorter ShapeSorter e28658e744b2987d31f26b2dd2554d7a639ca26d
com.takatrip.android Tak A Trip 0bcd55faae22deb60dd8bd78257f724bd1f2fc89
com.magnifeye.android Magnifeye 7d80bd323e2a15233a1ac967bd2ce89ef55d3855
com.pesrepi.joinup Join Up c99d4eaeebac26e46634fcdfa0cb371a0ae46a1a
com.pesrepi.zombiekiller Zombie Killer 19532b1172627c2f6f5398cf4061cca09c760dd9
com.pesrepi.spacerocket Space Rocket 917ab70fffe133063ebef0894b3f0aa7f1a9b1b0
com.pesrepi.neonpong Neon Pong d25fb7392fab90013e80cca7148c9b4540c0ca1d
app.mobile.justflashlight Just Flashlight 6fbc546b47c79ace9f042ef9838c88ce7f9871f6
com.mobile.tablesoccer Table Soccer fea59796bbb17141947be9edc93b8d98ae789f81
com.mobile.cliffdiver Cliff Diver 4b23f37d138f57dc3a4c746060e57c305ef81ff6
com.mobile.boxstack Box Stack c64ecc468ff0a2677bf40bf25028601bef8395fc
net.kanmobi.jellyslice Jelly Slice 692b31f1cd7562d31ebd23bf78aa0465c882711d
com.maragona.akblackjack AK Blackjack 91663fcaa745b925e360dad766e50d1cc0f4f52c
com.maragona.colortiles Color Tiles 21423ec6921ae643347df5f32a239b25da7dab1b
com.beacon.animalmatch Animal Match 403c0fe a7d6fcd0e28704fccf5f19220a676bf6c
com.beacon.roulettemania Roulette Mania 8ad739a454a9f5cf02cc4fb311c2479036c36d0a
com.atry.hexafall HexaFall 751b515f8f01d4097cb3c24f686a6562a250898a
com.atry.hexablocks HexaBlocks ef94a62405372edd48993030c7f256f27ab1fa49
com.atry.pairzap PairZap 6bf67058946b74dade75f22f0032b7699ee75b9e

WWW: JPEG Archive – a set of utilities for optimal photo compression

You select the Photos folder, request information and, while the computer thinks, you have time to estimate how much another hard disk will cost.The problem of the growing mountain of pictures is familiar to many photo enthusiasts, and if you sort and delete is not an output, then an interesting solution would be a set of scripts and utilities called the JPEG Archive.

The purpose of the JPEG Archive is to prepare large arrays of unnecessary pictures for long storage, compressing them exactly the same To the eye it was unnoticeable. Included:

  • jpeg-hash – gives an image hash – for further comparison with other hashes;
  • jpeg-compare – compares two pictures and tells how visually they are (in percents);
  • jpeg-recompress – compresses a photo several times and then selects an optimal size-quality ratio (the threshold can be adjusted);
  • jpeg-archive – a script that accepts The input is a set of snapshots and consistently applies previous utilities for duplication screening and compression.

I p ka that he did not communicate with the jpeg-archive: you need to put to him yet exiftool, dcraw and Ladon or GNU Parallel to work in parallel on multiple processor cores. But I played with jpeg-recompress as the most interesting utility of the entire set.

It’s hard to say what I was waiting for, but not exactly what the developer promised: compression with almost no visual changes with a decrease in the size of the source file from 30% to 70% default settings. And if the pictures taken on the Phone 6, the maximum percentage is reduced by 20, then several times more weighty shots of the iPhone X – already by 40-50%. And all this is complete nonsense compared to 70-80%, which lose huge images in weight with the Canon 7D. It was 10 megabytes, it was 2-3. Cool? But there must be a trick!

Of course, lossy compression always means … well, loss. Without an increase in the eye, there can be no difference, but under the “microscope” it is immediately obvious how warm lamp tube tags turn into cool digital squares. The whole point of JPEG!

However, if you are not going to do a sixfold increase and look at the noise of the matrix, then the results of jpeg-recompress are almost perfect. Only in one case, I noticed the difference, turning the frames back and forth (the bare branches of the bushes lost sharpness), but when I put the images side by side, it was no longer so obvious.

For special aesthetes, there is a key -a which prioritizes the accuracy of selection, neglecting the consumption of resources. In my opinion, the brakes are not worth it: the force of compression changes somewhere around 1%, which is completely imperceptible to the eye.