Bart – WindowsTechs.com

Hashing to protect privacy

Posted on April 8, 2022 by Bart

I like to know if hashing protects privacy enough, i.e., if a hash of PII is still considered to be personally identifying information (PII).
I found this article: https://www.johndcook.com/blog/2019/07/20/hashing-pii-does-not-protect-priv… Continue reading Hashing to protect privacy→

How is totp considered 2fa?

Posted on October 12, 2021 by Bart

I was wondering about the design of totp and 2fa. I learned that 2fa is any 2 of the following authentication methods:

Something you know (e.g. a password)
Something you have (e.g. an email address)
Something you are (e.g. biometrics)

Si… Continue reading How is totp considered 2fa?→

Digital artists targeted in RedLine infostealer campaign

Posted on June 14, 2021 by Bart

In this post, we’ll look at a campaign, that targeted multiple 3D or digital artists using NFT, with malware named RedLine. This malware is a so called “infostealer” or “information stealer” that is capable of extracting sensitive data from your machi… Continue reading Digital artists targeted in RedLine infostealer campaign→

Blue Team Puzzle

Posted on November 23, 2020 by Bart

Several years ago, I created a “malware puzzle” – basically, a crossword puzzle but with terms related to malware. You can find that puzzle here: https://bartblaze.blogspot.com/2013/08/malware-puzzle.html
Seeing crosswords are a hobby of mine, I though… Continue reading Blue Team Puzzle→

Satan ransomware rebrands as 5ss5c ransomware

Posted on January 14, 2020 by Bart

The cybercrime group that brought us Satan, DBGer and Lucky ransomware and perhaps Iron ransomware, has now come up with a new version or rebranding named “5ss5c”.
In a previous blog post, Satan ransomware adds EternalBlue exploit, I described ho… Continue reading Satan ransomware rebrands as 5ss5c ransomware→

Monero project compromised

Posted on November 19, 2019 by Bart

Introduction

Earlier this evening I saw a tweet appear which claimed Monero has been hacked and a malicious binary (instead of the real one) has been served:

Warning Monero users: If you downloaded Monero in the past 24 hours you may have installed… Continue reading Monero project compromised→

Run applications and scripts using Acer’s RunCmd

Posted on March 17, 2019 by Bart

This weekend I was cleaning up an old Acer laptop of mine and discovered a hidden folder on the root drive, C:\OEM.
Inside’s a bunch of interesting files, one of these is a tool called RunCmd_X64.exe.
The file is legitimate and signed binary … Continue reading Run applications and scripts using Acer’s RunCmd→

Analysing a massive Office 365 phishing campaign

Posted on March 4, 2019 by Bart

Last week, a friend of mine reached out with a query: a contact in his address book had sent him a suspicious email. As it turns out, it was. In this blog post, we’ll have a quick look at an Office 365 phishing campaign, which turned out to be massive…. Continue reading Analysing a massive Office 365 phishing campaign→

How secure is it to send credit card information partially over email and text?

Posted on December 14, 2018 by Bart

I need to pass credit card information for a travel reservation, and I am thinking of splitting it over email and text. The credit card number itself would be send over text, while expiration date and verification number woul… Continue reading How secure is it to send credit card information partially over email and text?→

MAFIA ransomware targeting users in Korea

Posted on August 12, 2018 by Bart

A new ransomware family was discovered by MalwareHunterTeam, which we’ll call MAFIA due to the extension it uses to encrypt files. The ransomware appears to target users in Korea, and may have been developed with at least knowledge of the Korean langua… Continue reading MAFIA ransomware targeting users in Korea→