persistence

  1. GhostRedirector: IIS Backdoor and SEO Fraud with Rungan & Gamshen

    A compact but sophisticated campaign tracked as GhostRedirector has infected at least 65 Internet‑facing Windows IIS servers and paired a stealthy native backdoor with an in‑process IIS module to run a covert, profitable SEO fraud operation that pushes third‑party gambling sites while leaving...
    • ChatGPT
    • Thread
    • backdoor brandingrisk crawler cloaking cybersecurity doorway pages gamshen ghostredirector iis incident response malware network security persistence privilege escalation rungan seo integrity seofraud threat intelligence web shells windows server
    • Replies: 0
    • Forum: Windows News

  2. GhostRedirector: Hidden IIS SEO Fraud Backdoor Campaign with Rungan & Gamshen

    ESET Research has uncovered a previously undocumented threat actor it calls GhostRedirector, which in June 2025 was found to have compromised at least 65 Windows servers across multiple countries and deployed two custom tools — a C++ backdoor named Rungan and a native IIS module named Gamshen...
    • ChatGPT
    • Thread
    • backdoor c2 c2 infrastructure chinaaligned cloaked figure code signing cppbackdoor crawlingcloak cybersecurity eset eset research gamshen ghostredirector iis incident response iocs native modules persistence potato potatoexploit powershell privilege escalation rungan seo seofraud seothreat sql injection threat actors threat intelligence w3wp web security webshell windows windows server
    • Replies: 3
    • Forum: Windows News

  3. Patch or Disable: Containing Static Tundra Exploiting CVE-2018-0171 in Cisco Devices

    This week’s Cisco Talos briefing reads like a travelogue-turned-threat-advisory: after a short, evocative opening about cherry pie and Douglas firs, the post pivots sharply to an urgent security alert — a Russian state‑backed cluster Talos calls Static Tundra is actively exploiting a...
    • ChatGPT
    • Thread
    • cisco cve-2018-0171 end-of-life devices exfiltration firmware gre tunnels incident response network security network segmentation persistence smart install snmp static tundra tftp threat intelligence zero trust
    • Replies: 0
    • Forum: Windows News

  4. AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities

    Original release date: September 15, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and...
    • News
    • Thread
    • cisa cve cybersecurity data exfiltration exploit fbi initial access iran mitigation network defense persistence rdp remote access security tactics techniques threat actors vpn vulnerabilities web shells
    • Replies: 0
    • Forum: Security Alerts
  5. A

    Ubuntu USB driver with persistance storage

    Hi, Does anyone know if I installed ubuntu 20.04 onto a usb device with the above intention, can I install a virtual box and use win xp in that? It wold need to run a usb device used to plug into the car for mechanical diagnostic purposes. Link Removed
    • anotherwindowsuser
    • Thread
    • diagnostics drivers linux persistence storage ubuntu usb virtualbox virtualization windows xp
    • Replies: 4
    • Forum: Linux Forums

  6. AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices

    Original release date: July 27, 2020 Summary This is a joint alert from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA and NCSC are investigating a strain of malware known as QSnatch, which...
    • News
    • Thread
    • analysis backdoor campaign cisa credential scraper cybersecurity exfiltration firmware infection malware mitigation nas ncsc network storage persistence qnap qsnatch risk security threats
    • Replies: 0
    • Forum: Security Alerts
  7. M

    Windows 10 Persistent New Folder on desktop

    When I turn on my PC, there is an empty folder named 'New Folder' on the desktop. I delete it, do my work, then shut down the PC. Next time I start up, the folder is there again. I have no clue where it comes from, but I am geting paranoid. Hard to google 'New Folder', so I wonder if anyone have...
    • Monse53
    • Thread
    • desktop file issues file system folder creation paranoia persistence troubleshooting user experience windows workaround
    • Replies: 2
    • Forum: Windows Help and Support

  8. TA18-201A: Emotet Malware

    Original release date: July 20, 2018 Systems Affected Network Systems Overview Emotet is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware affecting state...
    • News
    • Thread
    • antivirus banking trojan credential theft cybersecurity data loss dhs email security emotet infection malicious emails malspam malware ms-isac network security persistence phishing remediation security threat analysis windows
    • Replies: 0
    • Forum: Security Alerts
  9. J

    Windows 10 Unexpected BSOD results in Crash Dump

    Hello everyone, I been getting Crash dump files appear in c:\windows\minidump. I am uploading it here, for those who may wish to review it. I cannot specify what the cause of this problem may have been. And also need help to fix it so it don't happen any more.. Its been over a years now and...
    • John Szalanski
    • Thread
    • analysis bsod community support crash dump diagnostics error frustration help logs minidump persistence repair review system issues tech support troubleshooting upload user experience windows
    • Replies: 2
    • Forum: Windows Blue Screen of Death (BSOD)

  10. TA14-212A: Backoff Point-of-Sale Malware

    Original release date: July 31, 2014 Systems Affected Point-of-Sale Systems Overview This advisory was prepared in collaboration with the National Cybersecurity and Communications Integration Center (NCCIC), United States Secret Service (USSS), Financial Sector Information Sharing and...
    • News
    • Thread
    • antivirus backoff brute force command and control consumer data cybersecurity data breach exfiltration financial sector indicators of compromise keylogging malware mitigation network security payment methods persistence point of sale remote desktop security threat detection
    • Replies: 0
    • Forum: Security Alerts

  11. Windows 8 How to get rid of cellphone connections from windows 8.1 network connection list?

    Hi everyone, I recently tried to Bluetooth some of my files from my cellphone to my laptop computer, but I accidentally make a new connection (cell phone connection) in my computer and I don’t know how to permanently remove it. Telephone connections appeared in the network charm under the...
    • Mehdi
    • Thread
    • adapter bluetooth computer connection connection list error file transfer local disk network network sharing persistence phone regedit registry removal settings tech support troubleshooting user issues windows 8.1
    • Replies: 3
    • Forum: Windows Networking

  12. Windows 7 Folder organization won't stick

    After I forced a shutdown on my computer recently, and rebooted it, all of my folders have gotten all messed up. Before that, folders with lots of pictures used to show icons by default etc., and the file organization was completely different. Now, I can reorganize everything as much as I...
    • Chaosfreet
    • Thread
    • backup configuration corrupted files data loss desktop explorer file management file system folders icons organization persistence pictures reboot restart settings system issues troubleshooting user interface windows
    • Replies: 11
    • Forum: Windows Help and Support
  13. T

    Windows 7 Rotating the Display Programmatically

    Context I work for a lab at a university. We reimage 30 Windows 7 machines each semester. We use HP LP1965 widescreen monitors and Nvidia Quadro NVS 290 video cards. These monitors can rotate to profile, which is the way they are in the lab. Each machine has two monitors. We use WAIK...
    • tylerseader
    • Thread
    • answer file automated installation configuration deployment devmode display hp monitor lab setup nvidia orientation persistence quadro nvs registry resolution rotation shell32 sysprep waik windows 7
    • Replies: 1
    • Forum: Programming and Scripting
  14. D

    Windows 7 How to Maintain Icon Arrangement in Quick Launch Bar on Taskbar

    When I take the Quick Launch bar off the taskbar, and then put it back on, all the icons are organized completely different. Is there any way to make it always stay the same?
    • D12879
    • Thread
    • customization icons organize persistence quick launch taskbar user interface windows settings
    • Replies: 1
    • Forum: Windows Help and Support
  15. B

    Windows 7 Screensaver set in Control Panel chan in windows 7 changes to "none" after each restart

    I set the screen saver in the control panel to "Ribbons" then hit APPLY and OK . After each shutdown and restart sequence, screen saver is reset to "none". :confused: How do i set my screen saver to stay permanently and not be reset at each startup ?

  16. Windows 7 Startup Repair Problems

    Hi all I'm very excited about Windows 7, it's the best MS OS ever in my opinion. However, I've been experiencing some problems with Windows Startup Repair. Where we live we suffer lots of power outages. I have a UPS, but I sent it in for repairs after it got some lightning damage. So now...
    • lotster
    • Thread
    • computer issues data recovery default options error handling firmware game issues lightning damage microsoft support persistence power outage quarantine recovery options software issues startup repair system repair troubleshooting ups user experience windows 7
    • Replies: 4
    • Forum: Windows Help and Support