DuckDuckGo for Mac Comes with New Privacy Features

DuckDuckGo announced on October 18, 2022, that the beta version of its Mac desktop app is now available for all Mac users. 

DuckDuckGo is a browser that focuses on privacy. It has many new features designed to make web browsing more private and less cluttered, improving the user experience. DuckDuckGo generates objective results without any subjective factors or “user preferences.”

The intent of DuckDuckGo for Mac is to replace “incognito” modes in other browsers that do not fully protect against web tracking. DuckDuckGo’s app for Mac uses roughly 60% less data than Chrome because trackers are blocked before they are loaded. In addition, the app has advanced privacy protection features pre-configured and activated by default to improve the user’s experience.

What’s New

Despite being in beta, DuckDuckGo for Mac has added several updated features since it was released in April 2022. The most significant change is that version 0.30 does not leave blank spaces in place of blocked ads, allowing users to browse without distractions.

Duck Player

Duck Player is one of the exciting highlights of this announcement. The Duck player provides a more private way to watch YouTube videos. This embedded YouTube player prevents the platform from building an advertising profile for users. Using Duck Player will reduce targeted ads and distractions. However, users can switch seamlessly between Duck Player and standard YouTube.

Password Management

There’s a secure password manager in DuckDuckGo’s browser. Like most password managers, DuckDuckGo’s password manager stores and fills in login credentials automatically. However, DuckDuckGo has partnered with Bitwarden, a password manager that’s open-source. Bitwarden users can look forward to activating a new password manager integration through the browser’s settings in the coming weeks. Additionally, DuckDuckGo for Mac now works with 1Password’s universal autofill.

Email protection

DuckDuckGo’s new version of the browser also offers email protection. Users who activate DuckDuckGo’s email protection will be able to protect their email inbox with email tracker blocking and private addresses.

Cookie Pop-Up Manager

The Cookie Consent Pop-Up Manager manages cookie pop-ups much more effectively. The pop-up manager will automatically select the most private option to minimize cookies on various websites. The pop-up manager allows users to browse the internet without being interrupted by annoying pop-ups asking about cookie permissions.

Currently, DuckDuckGo for Windows is in its early beta with testing through family and friends.  A  private waitlist for the Windows DuckDuckGo app in beta is expected to be publically released soon.

Overall, DuckDuckGo’s desktop app for Mac is an exciting new development that offers a more private and less cluttered web browsing experience. The app has several unique features that make it an appealing option for a more secure and private browsing experience. Although the application is still in its early stages of development, it has shown promise as a more privacy-conscious alternative to other web browsers.


Ducktail Malware Returns With New PHP Variant

An advanced PHP variant of the Ducktail malware poses a risk to Facebook users.

On October 13th, 2022, ZScaler, a cloud security firm, published a blog post detailing this latest discovery. The new PHP version is being distributed by “pretending to be a free/cracked program installer.” It also targets numerous platforms, such as Telegram and Microsoft Office applications.

This revised version of the malware uses a PHP script instead of the previously used .Net binary to execute the malware. When the app is installed, the victim is told it is “checking application compatibility.” In reality, two .tmp files are generated. The file then executes two processes to steal data.

The original version of the Ducktail malware was discovered in late 2021. A Vietnamese operator used it to hack into Facebook Business and Ads Manager accounts.

The original strain of Ducktail, as reported by ZScaler, has the ability to steal sensitive financial information and manipulate website content. These cyberattacks were exceptionally well-planned and managed to evade Facebook’s security measures. The attacks targeted high-ranking employees with advanced permissions in a company.

Additionally, the Ducktail malware can attempt to access two-factor authentication codes to bypass extra account security. Ducktail also targets various data, such as client information, email addresses, and payment card information.

Similarly, the PHP variant of Ducktail malware is intent on stealing sensitive data that can be exploited for financial gain. In addition to payment information, this variant of PHP Ducktail malware also targets email addresses, payment records, funding sources, account statuses, and funding records.

Ducktail’s PHP variant and original Ducktail share many similarities, making them a significant threat to Facebook accounts. To enhance the effectiveness of Ducktail’s attacks, Ducktail’s developers are likely to continue developing future versions of their original code. Therefore, users should be vigilant in protecting their account information and be aware of the dangers of this malware.

DDoS IP Protection: A New, Low-Cost Option for SMB

Microsoft announced the Azure DDoS IP Protection released as a public preview on October 19, 2022. Small and medium-sized businesses (SMBs) can now benefit from DDoS protection with a pricing model customized to their specifications.

DDoS Protection provides similar capabilities to DDoS Network Protection (previously known as DDoS Protection Standard). It is designed for enterprises and organizations to protect significant deployments of resources against DDoS attacks.

This new SKU includes all the essential features, such as automatically detecting and mitigating L3/L4 attacks, metrics and alerts, mitigation flow logs, and mitigation policies tailored to the customer’s needs. It also includes Azure Firewall Manager, Microsoft Sentinel, and Microsoft Defender for Cloud Integration.

Unlike the DDos Network Protection product, DDoS IP Protection does not include DDoS rapid response support, cost protection, or WAF discounts.

According to Amir Dahan, Microsoft’s senior product manager for Azure Networking, “With the DDoS IP Protection SKU, customers now have the flexibility to enable DDoS protection on individual public IP addresses. This low-cost DDoS protection option is ideal for SMB clients who only need to secure a handful of public IP addresses.

Azure’s global network provides cloud-scale DDoS protection so that users can defend their workloads against sophisticated DDoS threats. Users can minimize false negatives while protecting their apps and resources by tuning the application’s scale and actual traffic patterns. In near real-time, users can monitor and respond to DDoS attacks based on visibility into the attack lifecycle, vectors, and mitigation.

With Azure’s firewall manager, users can manage their DDoS protection and other network security services in one place. Microsoft Defender for Cloud security sends alerts and recommendations to the user. In addition, Microsoft Sentinel’s rich attack analytics and telemetry integration allow users to strengthen their security measures.

Upon enrollment, customers can enable the Public IP Standard SKU with DDoS IP protection in selected regions. Within the Azure Preview Portal, the SKU can be managed under the Azure DDoS Protection configuration window.

Billing for the new DDoS IP Protection will begin on February 1, 2023.

DDoS IP Protection is an excellent solution for SMBs that need to secure their public IP addresses against DDoS threats. It offers similar capabilities as DDoS Network Protection but at significantly lower prices. This makes it an ideal choice for small and medium-sized businesses looking to take advantage of Azure’s world-class DDoS protection without breaking the bank.

Common Mistakes To Avoid When Implementing A CRM For Your Business

In order to be successful, it is important for businesses to have a good customer relationship management system in place. However, many small companies make simple mistakes that get them in trouble. If you don’t keep your customer data clean and accurate, your business could be at risk. Here are some common CRM mistakes you need to avoid.

No implementation planning: It is important for businesses to plan and strategize ahead of implementing a CRM. CRM systems can help businesses achieve their goals and objectives if they define them clearly and analyze how they can be achieved. CRM will create problems rather than solve them without a proper plan. Get an outline from your CRM vendor on how to successfully implement the system to meet your goals.

Poor Reporting Interface: Your customer relationship management solution needs to be flexible enough to provide you with the types of reports needed to manage your customer base. Without a reporting interface and an intuitive way of generating, saving, and retrieving the reports you need, you’ll have to spend countless hours on admin tasks instead of concentrating on growing your company and servicing your customers.

Not knowing your CRMs limits: Generally, CRM solutions have customizable features. If you don’t fully understand what’s possible with your CRM solution, you could be setting up your business for disaster by attempting to integrate it. Closely examine your CRM solution’s features, limitations, and review them with your implementation team to head off disaster.

Ineffective Training: Many businesses make the mistake of thinking that once they have the CRM system, their employees will know how to use it. That is seldom the case. It’s important to provide employees with comprehensive training on using the CRM system and what information needs to be entered into it. Ensure you provide ongoing training and support to ensure that employees use the system effectively.

Businesses should avoid common CRM mistakes when implementing a CRM system. To ensure a successful implementation, you need to plan ahead, develop a flexible reporting interface, and know the limits of your CRM solution. Investing in the right CRM solution will allow your company to grow more efficiently and reliably.

Fortinet Security Updates

Fortinet addressed a critical vulnerability that gave remote access to numerous services and was being exploited by threat actors in the wild.

The company described the vulnerability as an authentication bypass on the admin interface, allowing unauthenticated users to connect to FortiProxy web proxies, FortiGate firewalls, and FortiSwitch Manager on-prem management instances. Specifically, the flaw (CVE-2022-40684) is an authentication bypass on the administrative interface that allows remote threat actors access to the previously mentioned services.

In a customer support bulletin released today, Fortinet explains that “an authentication bypass using an alternate path or channel [CWE-88] in FortiOS and FortiProxy may allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.”

The company stated, “This is a critical vulnerability and should be addressed with the utmost urgency.”

Fortinet advised customers using the vulnerable versions to upgrade immediately since it is possible to exploit the problem remotely.

Over 100,000 FortiGate firewalls may be accessed from the Internet, according to a Shodan search; however, it’s uncertain if their control interfaces are also affected.

In addition, the business stated that the fix was deployed on Thursday and alerted some of its clients via email, asking them to disable remote management user interfaces “immediately.”

A few days after issuing the fix, the business provided more information, stating it had discovered proof of at least one real-world campaign using the flaw.

According to the company, “Fortinet is aware of an instance where this vulnerability was exploited and recommended immediately validating your systems against the following indicator of compromise in the device’s logs: user=”Local_Process_Access.”

The following products are susceptible to attacks attempting to exploit the CVE-2022-40 flaw:

FortiOS: From 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1

FortiProxy: From 7.0.0 to 7.0.6 and 7.2.0

FortiSwitchManager: Versions 7.0.0 and 7.2.0

In today’s customer support advisory, Fortinet stated that susceptible devices should be updated to FortiOS 7.0.7 or 7.2.2 and above, FortiProxy 7.0.7 or 7.2.1 and above, and FortiSwitchManager 7.2.1 or above after the company published security fixes on Thursday.

The Fortinet CVE-2022-40684 authentication bypass vulnerability is a critical flaw that allows remote access to numerous services. The company has released security fixes and advises customers to upgrade immediately. Additionally, Fortinet recommends that the internet-facing HTTPS Administration be immediately deactivated until the upgrade can be completed.