Lmao im currently watching jim browning on my laptop

Should be used against them :-))

They usually run pirated versions of vicidial

I’m sure they are petri dishes for malware 😄

One of the guys that scam the scammers should get ahold of this file and execute it on their system, hopefully it would infest their entire network.

Current year is the spider-man meme at all levels.

. Mostly about getting paid? It's *all* about getting paid. The product and customer care are just tools to getting paid

3CX is worse. Their CEO is a complete piece of shit and pathetic excuse for a human being. He got permabanned on reddit for doxxing someone. His policy is "ban anyone who goes against me" on the 3CX forums. 3CX resellers get treated like shit. In short, Nick Galea deserves to be pistol whipped.

That sucks, man.

It needs to get into the NEWS for that to happen. And unfortunately the news won’t report on it until massive damage is done. And then grannies around the world will send bogus claims to all their friends that they should unhook their phones for a week and wrap them in aluminum foil or they’ll get infected. And then granny dies because she can’t call the doctor with a medical emergency.

It just means that their "professionals" in their field are inept at doing their jobs.

What? 30 seconds of googling shows the exact reg command to run to enable EnableCertPaddingCheck and its been released since 2013-02-13. They just don't want to enforce it themselves since they already stated it can break running environments.

​@@TheKaronAwards Oops, I've misread the BleepingComputer article on it which still mentions that upgrading to Windows 11 removes that setting. Nevertheless, it's not a well known bug, I can't blame the company for that at the very least.

@@malwaretestingfan Yeah wouldn't of prevented the attack either way but exploits like this become almost impossible to enforce a fix for when they're trying to stay backwards compatible for software 20+ years old as a slogan.

​@@TheKaronAwards Not just software, hardware as well (which requires dated software in a lot of instances) 😅

That’s however only to hide the first stage, it’s not really the root of the compromise. They could have just ship an unsigned DLL or a DLL signed by the compromised vendor.

ain't every single corporation being ignorant when their customer data was leaked ? and did anyone sue and actually get anywhere ? be real for god sake . if you check your mail it's probably out there in leaks and are you gonna go and sue corporation XYZ cuz they get breached ? ROFLMAO good luck !

I agree, but when talking about security, there's no one to trust. Not even AV companies that this channel advertises. Security is not about slapping on an AV and hoping it prevents what it prevents... Security is about limiting the OS in a manner that these types of attacks are almost non-existent.

@@TheSpanjaMan most defently true. that is where the rule of zero trust comes from. i do realise i ment respect and not trust tho so thank you for yhat XD

Although all the evidence you've meticulously gathered clearly points to me without any doubts whatsoever, it ain't me! Yeah. LOOK AT THIS GUY INSTEAD!

Careful! You could trigger the deluded linux fan boys screaming 'linux can't get malware!' with that suggestion :)

Switch to linux and you won't have problems my friend. You'll leave the comfort zone but for a better place.

​@@fab_81 not true. Linux still has problems with the OS, apps, etc. I use Linux. You're spreading a myth that Linux is safe, like Mac and iPhone users love to spread myths that they're safe. Linux has antivirus, rootkit hunters, etc. Linux is targeted more lately, since it's not focused on much and most servers run on Linux. The most popular smartphone is Droid, my favourite, and it's Linux-based. Smartphones still get malware and such. Plus, Linux doesn't have much capability with gaming since Windows is the designated OS for gaming and even Ubuntu Linux doesn't have too good of drivers. Wine may leave vulnerabilities by making some Windows stuff work on Linux. Not much works with it, and plenty of issues with apps using it. Most games made for Windows will lag on it. I've never used it though. There is another app to make some Windows stuff work better on Linux, but it costs hundreds of dollars to use, and you might as well just have bought a Windows license. Windows 11 is quite secure, sleek, etc. Malware just needs to be written to not have the code known, and it's good. It can also have encrypted code. Other ways to go about it too. Just be more responsible when you use an OS online, around people, and with whatever you put into it from another device. (;

Stay up-to-date with patches, and be more careful, or just don't use smartphones, computers, and tablets then, I guess.

​@@BorisJohnsonMayor beat me to it. Hehe. You got more likes too. I was just writing a longer comment. XD

Just beat it! Haha 😂😂💀MJ. :3 🔥🤝 Astral Realms 💀👻 🔥 FH RIP. Scandal debunked and many misuse the p-word too. Hehe

Finally, Microsoft at the forefront! Forefront of what exactly I don't know, but they did show up. 😄

sued by whom? sueing companies in the tech industry doesn't fair well for most

@@swimfan6292 Didn't this affected companies like Pepsi?

@@nicolasramirez5789 Pepsi 100% has the means to sue if they were affected.

All be design when you let bad communist/socialist leaders indoctrinate, steal and deceive. Looking at the public school systems should wake you up. It is all a web. We need the true president, Donald Trump, and better more solid strong American leaders back. These self centered communist socialist leaders like Biden, Obama, Clinton and Harris, and any Congress and educators who go along with them, are why we have the bad policies and failing country right now. The evidence is clear. Corporations are the same in this way.

ROFLMAO it's not like they put this crap in their own software, they been hacked and 3rd party put malware in, he said it in video , it's like you are gonna sue fire cuz your property burned down , WTF you talking about. They prob gonna loose lot of business cuz their reputation is crushed now but only one you can sue is ppls who hacked malware into it and good luck finding out who it was

Same I want to know as well

Yes i wanna know to

Found it, it's VirusTotal Graph

"We'll die with pride, right?"

At least 3CX had a way to be contacted. Many companies try to get customers to only look at some ancient and very general FAQ's. Many companies do not list any contact details on their website.

Is that a freaking dunkey reference?

Wonder whether they word "bigot" got tossed out liberally as they were banning their customers complaining about malware.

@@vincei4252 ea support but without malware

It's VirusTotal.

You need a login for virustotal and at the top of the page is the tool

those are enterprise EDR/antivirus agents installed on (typically) business hardware by MSPs.

That is what I am wondering, Kaspersky and Bitdefender did not detect it at firs, but their firewalls 'should' have blocked the url.

Only with much worse information politics. No analysis available and stupid recommendation to delete the software instead of providing a clean update.

@@berndeckenfels which icks me because it can be dll swap

The more RAM the better, 8GB is not enough anymore, 16GB RAM minimum. More cpu cores would be better also, your cpu has 8 cores.

@@dvuemedia Yeah your right more RAM is better but what happen if I run low on RAM, and I have 10Gb virtual Ram from Nvme ssd, does it make it better ?

@@Cybersecuritystudent1998NVMe will help, but is not a substitute. RAM has lower latency. Remember, You want to run 3 OS on your laptop at the same time, each OS need RAM to operate. Linux with low RAM could be fine, but Windows 11, probably not.

@@dvuemedia thank you for your time, I understand now

Need more RAM

Guacamole could be something for u

Open source...something everyone could edit to inject some malicious code there? Brilliant idea!😂

​@@randomnickify yeah, something that anyone could inject with malicious code, but when detected - could be traced back with ease, as soon as it gets suspicious, and there would be no blame shifting or stalling, yea, that open source

@@nocoz112 I know you're trying to be sarcastic and all, but it's not as easy as it looks.

@@Johnithinuioian but closed-source vs open-source, when shit hits the fan - which one is better? obviously both have pros and cons but come on, if there's a breach in closed-source, you literally can do nothing about it, and as the video showed - it can even work against you

Correction: "an Antivirus installer that I have never downloaded before."

You only need one antivirus running at a time so if youre already using one you can delete the other.

It can only if the legitimate source was hacked or you downloaded from a compromised middleman

I'm guessing it wasn't F-Secure :) :)

Yea this is a good reason to not use auto update and defer the update until you can do it manually later on. If you keep the installer you can do a rollback too

As far as I can see, this would still cause problems even when running as local user rights, because the local user has access to their browser cookie store etc.

@@katrinabryce It really illustrates a major flaw in the fundamental concepts of computer security when these operating systems were being designed. Why are all privileges based on the current user? A chat client doesn't need to look at my browser history, the browser especially doesn't need access to sensitive parts of the system, etc. You really need mandatory access controls, something like SELinux, to keep stuff like this from happening. Android uses a very basic version of this for its permission system - it's certainly better than nothing.

Yes for their business products they rebranded them to WithSecure but the consumer ones are still F-Secure.

Only on Businesses that upgraded to the very latest version of V18, Update 7, which had only been available for like a week. This was caught pretty early in the scheme of things.

Are you being sarcastic? If not, which one of those companies do you work for? Because there's no way you would think that unless you are getting money out of it. Digitizing and centralizing aren't the answer, they're the problem. Physical records are nearly impossible for random people online to get access to. Most data shouldn't be stored anywhere online at all. Post 2007 internet is cancer and so is everyone who joined since thanks to smart devices and wifi.

Likely flags it on download.

It's a Virustotal graph.

I use Bitdefender Anti-virus Plus. I am familiar with Eset NOD. What are your thoughts, and have you ever compared the two side by side extensively over time? The problem is one will catch, another will catch more, same or different, and one program will be top dog one year, and another year won't be. These criminals are incredibly smart and devious, sad to say. I've never been a malware or virus victim, but I'm not a business or government entity either.

i agree

Mehh..

On or before 22 March this year.

@@katrinabryce Thanks, I wasn't sure if that was the first version that was affected. Checked my installer, it's over 10 years old!