Hide-and-seek with Windows 10. Testing spyware and privacy protection tools

Over four years have passed since the release of Windows 10, and throughout this entire period, user data have been ‘leaking’ to Microsoft servers. The problem has been further exacerbated by Microsoft repeatedly forcing a reset of the users’ privacy settings and reactivating Windows Update disabled by the user. In this article, I will discuss and compare several utilities developed to control Microsoft’s ‘spying’ activities, and test their efficiency on two Window 10 builds.

Read full article →


FUCK 2FA! Bypassing two-factor authentication with Modlishka

Underground forums are full of offers to hack an account or two (or sell you the login credentials of some ten million accounts if you like). In most cases, such attacks involve phishing (sorry, social engineering) and use fake authentication pages. However, this method is ineffective if the user gets pushed a prompt or receives a text message with a six-digit verification code. I am going to demonstrate how to breach the two-factor authentication system by hacking a Google account belonging to one of this magazine’s humble editors.

Read full article →