I have written about general user security several times over the last years, and the recipe is always the same: Install a good anti-malware product Make sure your applications and operating systems are patched Don't click or open unexpected or unknown links/attachments. Even with the best practices, there is malware that is stealthy enough to avoid detection. Recently security researchers from Nerdlocker followed a trail left by sloppy hackers. To everyone's surprise, they found 1.2TB of files, cookies, 900K images, 600K word files and credentials stolen from over 3M computers.

Continue reading →

Other related articles Popular Ransomware Darknet showcase websites How to access tor sites without the tor browser More Ransomware gang tor darknet sites Today I bring you a link to the Arvin Club darknet (Tor) ransomeware showcase site Onion Link Tor2Web gateway link Arvin Club offers ransomware leaks and leaks from breached sites. As an example, they even offer the Clubhouse scrape data leak <img src="https://ekiledjian2.micro.blog/uploads/2025/769c152f85.jpg" alt="">

Continue reading →

Extensions are interesting little technical widgets. Most assume they are simply tools but some see it as art. I can learn a lot about a computer user by the browser extensions they have installed and use. As a security professional, I have a handful of security oriented extensions (in addition to the ones that make the web more usable or that save me money). I regularly receive requests from readers to list my extensions and to be honest, they often change.

Continue reading →

I wrote a blog post about popular ransomware group TOR (darknet) showcase sites (here). The purpose of this entry is to add additional sites to the list (so you should check that one out first). Astro Tream anewset3pcya3xvk73hj7yunuamutxxsm5sohkdi32blhmql55tvgqad.onion <img src="https://ekiledjian2.micro.blog/uploads/2025/ac10c9b408.jpg" alt=""> CUBA FREE cuba4mp6ximo2zlo.onion <img src="https://ekiledjian2.micro.blog/uploads/2025/9c43198764.jpg" alt=""> Babuk Ransomware wavbeudogz6byhnardd2lkp2jafims3j7tj6k6qnywchn2csngvtffqd.onion <img src="https://ekiledjian2.micro.blog/uploads/2025/9badfa5180.jpg" alt=""> Ragnarok ransomware wobpitin77vdsdiswr43duntv6eqw4rvphedutpaxycjdie6gg3binad.onion <img src="https://ekiledjian2.micro.blog/uploads/2025/640dda0a49.jpg" alt=""> Everest Ransomware ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion <img src="https://ekiledjian2.micro.blog/uploads/2025/ef273e9125.jpg" alt=""> Ransomex ransomware rnsm777cdsjrsdlbs4v5qoeppu3px6sb2igmh53jzrx7ipcrbjz5b2ad.

Continue reading →

The free market determines pricing based on the intersection of supply and demand. For the longest time, an IOS Full Chain Compromise with Persistence (FCP) demanded a significantly higher payout from vulnerability vendors than Android ones. This was a simple question of economics: Android had more easily exploitable vulnerabilities thus each one was worth less. On the other hand IOS was built like Fort Knox. Vulnerabilities were few and far apart and dictatorial regimes and evil doers were willing to write much bigger checks to buy those rarer exploits.

Continue reading →

Not a week goes by without some data breach, leak, hack, attack or other significant cybersecurity failures that spills all over blogs and even national media. Five years ago, only avant-garde companies invested in cybersecurity; today, it has become a must. Companies realize the importance of a solid cybersecurity plan built on the People, Process and Technology pillars. One topic rarely discussed by corporate executives or security leaders is the incredible (and growing) stress the current environment inflicts on CISOs.

Continue reading →

The last couple of articles I wrote referred readers to TOR (darknet/darkweb) sites. These sites are easy to identify because the terminating marker is .onion (instead of .com/.net/org). The right way of accessing TOR sites is with the secure TOR browser designed and distributed by the TOR project. This purpose-built browser uses a hardened firefox to deliver maximum anonymity while browsing the "normal" web or tor sites. There may be times when you are on a device that doesn't have the TOR browser and when speed is more important than privacy or security.

Continue reading →

The recent explosion of breaches by the CL0P Ransomware gang has renewed an interest in the darkweb showcase sites used by these threat actors to prove that they successfully broken into a company and to encourage victims to pay, Many have asked me to share some of these site and I was always hesitant. I recently learned that some “consultants” are charging customers to provide these publicly available links, which is wrong. Most of these are on the TOR darkweb so you will have to use a TOR browser or VPN that bridges to TOR.

Continue reading →

There are hundreds of write-ups about the CL0P Ransomware and the grand behind it. They came back into the spotlight recently claiming to have exploited the Accellion FTA (old file transfer service) and thus customers running unpatched version of the Accellion product. Over the last couple of weeks, more “leaks” have come out claiming many more companies have been breached through this vulnerability and then infected with the Cl0p ransomware. Many have asked if I knew where (on the Darknet, aka TOR network) the CL0P gang is publishing the list of infected companies.

Continue reading →

Security and usability are contradictory forces. Ultimate usability means less security and ultimate security mean less usability. It is a fine balancing act tat every user must perform themselves. The iPhone is a well designed and fairly safe device out of the box but there are some settings you can change to reduce your odds of getting attacked. Each setting that you change will make your device a bit more secure but will limit a useful functionality. This article will walk you through some of the settings that will reduce your susceptibility to software exploitation.

Continue reading →

This is not a sponsored post and the links are not affiliate links. The links are provided to simplify your journey. I wrote this post to help the average consumer user. Many believe bad things only happen to other people, but the quantity and severity of breaches are growing quickly. Once you have accepted that you may be part of the unlucky, how do you know if your information was leaked in a breach? Was my information leaked in a breach?

Continue reading →

If you. are performing Open Source Intelligence (OSINT) or Signals Intelligence (SigInt), you may need to generate fake identification information. The information in this article is being provided for educational purposes only. Don’t do anything illegal. Fake Name Generator This site generates believable fake identities with name, address, Date of birth, telephone number and much more. If you need a “complete” fake identity then this free site may be useful. <img src="https://ekiledjian2.micro.blog/uploads/2025/dd287684d6.jpg" alt=""> Data Fake Generator also performs the same function.

Continue reading →

The purpose of this blog article is to share some useful sites that will allow you to create temporary contact mechanisms for OSINT, SIGINT or other cyber activities. This is not an exhaustive list and I am simply listing these here to help you. This listing should not be considered a personal endorsement by me. Do your own research ;-) Disposable email 10 minute email offers a quick way to receive email with an email address that disappears in 10 minutes.

Continue reading →

Everyone on the internet knows what a search engine is. It allows you to find internet connected resources (webpages) quickly and easily without having to catalog the web yourself. Well Shodan.io is a search engine used by researchers and hackers to find Internet of Things devices connected to the internet (printers, webcams, industrial systems, WindowsXP, etc). The purpose of this article is to provide some hyperlinked examples to help the Open Source Intelligence student play with Shodan and make it immediately useful.

Continue reading →

I am a Canadian and politically independent. As a Canadian, I have been watching many on the left cheer as the top 5 biggest tech companies killed the right-wing social media app Paler. Apple and Google removed the app from the app store. Twitter and Facebook removed their social media accounts and Amazon turned off their cloud hosting. The left touted this as a significant win “for the good guys”. Let’s talk Alibaba Alibaba is one of the biggest tech companies in China.

Continue reading →

I wrote an article on how to browse Twitter anonymously using Nitter. I talk about the issues and dangers of tracking by Twitter, the Facebook owned Instagram takes all those risks and pumps them up 10 times. Nitter is a consumption service for Twitter posts, wellbibliogram.art is a consumption service for public Instagram posts. Bibliogram is a website that scrapes Instagram public profiles and then displays it in a cleaner, faster loading interface that stops trackers, removes ads, generates an RSS feed and doesn’t require an account.

Continue reading →

Twitter changed its privacy policy this year, preventing its user from opting out of profiling for advertising purposes and informed users that it would be sharing more data with said advertisers. I know that most users couldn't care less about their privacy but for the small band of privacy crusaders wanting to use Twitter without giving up their privacy, keep reading. This Twitter front end is called Nitter. It is an open-source front end that redirects Twitter links to its interface, stripping all tracking code from the page or links.

Continue reading →

Most of us have multiple streaming service subscriptions (Netflix, Hulu, Disney+, etc). As money becomes tighter, some want to lighten their monthly subscription spend and here are some legal ways to stream. Kanopy Kanopy offers an interesting portfolio of artistic and classic films. Before you close this page thinking the content is low-grade, know that they even have some films from the Criterion collection. Kanopy also supports AppleTV, Roku, Chromecast, AndroidTV, FireTV and SamsungTV. <img src="https://ekiledjian2.micro.blog/uploads/2025/b9ed1af417.jpg" alt=""> The catch is that you have to be a member of an organization that is subscribed to their service (local library or University ) The one important note is that their film catalogue changes regularly so if you see a film you want to watch, stream it quickly.

Continue reading →

I remember a time before Google maps when navigation meant buying paper maps from the petrol station and required a navigator. Then came the smartphone with its GPS magic powered by Google Maps, and our lives became instantly better. There are times when GPS is unreliable (like dense city centers), or you want to maximize your smartphone battery life, or there are times you simply don't want to give Google your precise location for privacy reasons. This is where an Android app called SmartNavi shines.

Continue reading →

There are lots of “less than reputable” websites that scrape the web for your information and then make it cheaply available to anyone willing to spend money. I recently found a website that has a ton of information about many Americans including address, telephone number and even some relationship information. Once you enter your name and state, it will show you a list of possible “victims”. You choose your listing and prepare to be astounded by the amount of information they have about you.

Continue reading →