How to Enable Ransomware Protection in Windows 10

Windows Defender includes a security feature called "Ransomware Protection" that allows you to enable various protections against ransomware infections. This feature is disabled by default in Windows 10, but with ransomware running rampant, it is important to enable this feature in order to get the most protection you can for your computer.

If you are a regular reader of BleepingComputer, then you have heard about ransomware. For those not familiar with the term, ransomware is a computer malware infection that encrypts the data on your computer and then demands a ransom in bitcoins to decrypt them.

Ransomware Protection feature

Windows 10's includes a Ransomware Protection feature that is comprised of two components; Controlled Folder Access and Ransomware Data Recovery.


Controlled Folder Access will allow you to specify certain folders that you wish to monitor for and block changes to the files contained in them. This will block all programs, but the ones you allow, from making any modifications to the files within monitored folders, which will protect them from being encrypted by ransomware.

The other component is Ransomware Data Recovery, which will automatically sync your common data folders with your Microsoft OneDrive account in order to backup your files. Ransomware victims with this feature enabled can then use OneDrive to recover their files if they ever become encrypted by ransomware.

In Windows 10 version 1903, Windows Defender's Ransomware Protection is disabled by default. With this guide we will teach you how to enable it so that it can protect your computer against ransomware attacks.

Unfortunately, if you have a third-party antivirus software installed and Windows Defender's real-time protection is disabled, the Ransomware Protection features screen and the Controlled Folder Access feature won't be accessible.

How to enable Ransomware Protection in Windows 10

To enable the full Ransomware Protection capabilities of Windows 10, you should configure both Controlled Folder Access and login to Microsoft OneDrive in order to backup your files.

To do this, just follow these steps:

  1. Click on the Start menu.
  2. Type Windows Security and select the search result when it appears. You can also access Windows Security by going to the Settings app and navigating to Update & Security -Windows Security.

Security app


After opening Windows Security, click on Virus & Threat Protection option.


Security app


Scroll down and locate Ransomware Protection and click on the Manage ransomware protection option.



Scroll down and locate Ransomware Protection and click on the Manage ransomware protection option.




On the next page, you will find a brief description of Controlled folder access and a toggle to enable it.


Enable ransomware


To enable Ransomware Protection. turn on Controlled Folder Access and login to OneDrive so that both features are enabled as seen below.


Ransomware protection enabled


You can now configure Controlled Folder Access and choose any folder you want to monitor and block from malicious programs.

Read Original Article...

South African court rules bulk interception of communications unlawful

Earlier on 16 September 2019, the South Gauteng High Court ruled that some key parts of South Africa's Regulation of Interception of Communications and Provision of Communication Related Information Act 70 of 2002 (RICA) are illegal. The judgement is the result of a court battle that has been going on for several years between amaBhungane's Sam Sole who discovered that his  communications were intercepted by South Africa's State Security Agency without his knowledge.

Over the years, as a result of the court battle, it was also revealed that South African authorities were indiscriminately conducting mass surveillance on the country's citizens by tapping undersea fibre cables, among many other forms of communications they were spying and collecting data on.

"From the analysis set out above, the conclusion that in several respects RICA is
deficient in meeting the threshold required by section 36 of the Constitution to justify the subtraction of the rights in section 14, 16(1) and 34 and 35(5) of the Constitution. Less restrictive means than those in force are feasible and ought to be enacted. The practice of bulk interception of international communications is unlawful for want of a law authorising it to take place," reads part of the judgement by Judge Roland Sutherland at the South Gauteng High Court.

RICA judgement orders. 

You still have to 'RICA' your SIM card

However, it is important to note that the judgement only covers sections of RICA that have to do with bulk and indiscriminate interception of communications and not the sections that relate to the registration of SIM cards as stated in other sections of RICA.

The registration of SIM cards and other sections of RICA not ruled on by Judge Sutherland remain lawful.

To further understand what this historic judgement means for South Africans in general I caught up quickly with Professor Jane Duncan of the University of Johannesburg. Professor Duncan is an activist who regularly champions media freedom matters and is the former director of the Freedom of Expression Institute in Johannesburg.

Big win for privacy in South Africa

iAfrikan: What did the judge specifically rule on as far as RICA is concerned?

Professor Jane Duncan: He ruled that it was unconstitutional for people not to be informed that their communication had been intercepted after the fact, and required these people to be informed within 90 days of the expiration of a warrant, unless there are compelling grounds not to.

He also ruled that there need to be special procedures for surveillance of journalists and lawyers, the procedures for the processing of personal data that has been intercepted are inadequate, and the mass surveillance activities of the State Security Agency are unlawful.

He also found that the appointment of the Rica judge lacked independence.

Does this also mean South Africans don't have to register their SIM cards anymore?

SIM card registration specifically was not ruled on, so it will remain a requirement of Rica for the time being.

Is the ruling or is it expected that the state will appeal it?

I’m almost certain that it will be appealed by the state, right the way up to the Constitutional Court. It’s their good right to do so. I doubt if they’ll reach a different outcome though.

What are the next steps, if any, to reverse the implementation of RICA?

The Department of Justice has to lead the revision of Rica and Parliament needs to pass an amended law. The judge suspended his findings of unlawfulness and unconstitutionality for a period of 2 years to allow this process to take place, but has set down some interim procedures.

Does the ruling exclude the intelligence agencies from spying as they wish?

No, absolutely not, the interception of peoples communications if there are reasonable grounds to suspect criminality, will continue.

It’s a massively significant judgement as it increases accountability in terms of state spying using communication networks, and puts South Africa at the forefront of reform efforts on these issues.

Read Original Article...

Cell Number 37, ‘Britain’s Guantanamo Bay’ – a single occupancy cell, furnished sparsely with a plastic chair, metal bed and steel toilet. For over 150 days this has been Julian Assange’s residence, whether he likes it or not. And a judge has ruled today, he is to remain there even after his jail sentence is over. 

Julian Assange at the New Media Days Conference in 2009. Photo: Peter Erichsen

Swiftly after his asylum status was stripped by the Ecuadorian government, the British authorities sentenced Assange to fifty weeks in prison, for violating his bail. The maximum sentence being fifty-two weeks and the typical sentence being none and a fine.

With his arrest, Assange was moved to HMP Belmarsh, a maximum-security prison in South London. Belmarsh during the early millennium was known as ‘Britain’s Guantanamo Bay’ for its foreign detainees, held without trial.

When you visit the prison, you are immediately struck by its fortress-like exterior. With its water-stained concrete perimeter walls, enumerable CCTV cameras and floodlights.

In two exclusive interviews with the European Centre for Press and Media Freedom (ECPMF), Julian Assange’s most notable visitors paint a harrowing picture of his current condition.

Nils MelzerProf. Nils Melzer. Photo: With permission from Prof. Melzer

Professor Nils Melzer is the United Nation’s Special Rapporteur on TortureEvery day, he receives around fifteen requests, to investigate individual cases of alleged torture.

 “But I can only deal with maybe one or two", Melzer tells the European Centre for Press and Media Freedom (ECPMF). But when in March, Assange’s lawyers reached out to his office for a second time, providing credible evidence for the claim of ill-treatment, Melzer thought “I owe it to my professional standards to at least look into this.”

A visibly fatigued and emaciated Assange greeted Melzer and his team during their visit on 9. May. It had been 28 days since Assange’s arrest. He was wearing a plain blue jumper and grey joggers. 

 Melzer and his team’s visit lasted for four hours. For three of those four hours Melzer and two medical experts, Professor Duarte Nuno Vieira from Portugal and Dr. Pau Perez-Sales from Spain conducted a medical assessment of Assange.

It followed the ‘Istanbul Protocol’. The protocol’s full name is the ‘Manual on Effective Investigation and Documentation of Torture and Other Cruel, Inhuman or Degrading Treatment or Punishment.’

Melzer tells the ECPMF that at first, “after what this man [Assange] had gone through, I didn't know what to expect.”

 “From a medical perspective, both doctors concluded that his state of health was critical, and that it might deteriorate rapidly if he is not stabilized. And that's exactly what happened.”

Two weeks after their visit, and 49 days into Assange’s detention, Assange was relocated to the hospital wing of Belmarsh. And a court hearing, on his extradition to the U.S., had to be postponed. It was deemed Assange was not medically fit to participate in the proceedings, even via video link. 

What Assange is going through in prison is “psychological torture”, Melzer says emphatically. He came to this conclusion after his visit and published an official UN statement repeating this.

John Pilger John Pilger. Photo: With permission from Pilger.

 Melzer is not alone in his condemnations. Another visitor of Assange, John Pilger- a renowned investigative journalist and award-winning documentary film-maker- has similar things to say to the ECPMF, about his visits to Assange.

“Locked in a small cell in the hospital wing some 21 hours a day”, Assange was mostly “delighted to see his friends” when they visit, Pilger tells the ECPMF. 

But “I was shocked”, Pilger says. “I found him struggling in more ways than one.” At Belmarsh, Assange has lost nearly 15 kilos of weight and “is precariously underweight.”

Pilger adds, Assange “is not only eating little, he is heavily medicated and denied basic rights. He is denied access to the gym -- his only exercise is in a small bitumen yard with high walls surrounding it. He is denied access to the library.”

Despite being denied access to the library. Assange has been given one book to read, Nelson Mandela's Long Walk to Freedom. But in Pilger’s visits, Assange comments on “the bleak irony of reading a book about someone who spends 27 years in prison.”

 Continuing to list what Assange is denied, Pilger adds: “He is not allowed to fraternise with other prisoners.”

 “He is denied the tools with which to prepare his defence - certain documents and a computer. He is not able to call his American lawyer.”

 Pilger is quick to point out the reason for Assange’s imprisonment: “Remember, he has committed the merest offence - skipping bail. He skipped bail so that he would not face extradition to the United States where a kangaroo court and a lifetime in prison awaits him.”

“His courage is extraordinary.”


This sentiment is shared by Professor Melzer.

Melzer tells the ECPMF, “the mainstream media informs us about Assange’s cat, his skateboard and his feces. But they do not give the same importance to hundreds of thousands of civilians murdered in Iraq, Libya and in Syria, to wars that have been intentionally orchestrated, and other crimes that have been exposed by WikiLeaks.

In my view, this complacency with governmental misconduct is the real scandal in this case. That’s the proverbial ‘elephant in the room’.”

Melzer says: “And no one sees this elephant, because the spotlight always on the personality and character of Assange, and that spotlight is so bright, you can’t see the elephant hiding right behind it.”

But he adds, “When the state institutions and their division of power are failing, it is the role and responsibility of the media, as the fourth estate, to inform and empower the people, to watch closely and expose the abuse of power”.


For the ECPMF, the centre warns that if Assange is extradited and charged under the Espionage Act, it would be a grave threat to press freedom. Henrik Kaufholz, Chair of the Executive Board of the ECPMF has said it would be a “disaster”. 

And Kaufholz warns, “it may have implications for investigative journalism and press freedom everywhere. Regardless of whether one considers Assange a journalist or not, it bears the risk that it can be applied to journalists as a consequence.”

The British Government responds

A Government spokesperson has responded to the ECPMF, disagreeing with the allegations of Melzer and Pilger. “We strongly disagree with any suggestion that Mr Assange has experienced improper treatment in the UK. The allegation Mr Assange was subjected to torture is unfounded and wholly false.

 “The UK is committed to upholding the rule of law, and ensuring that no one is ever above it. And that “[o]ur response will be published in due course.”


At the end of his visit, Melzer asked Assange whether he had anything further to say.

“‘Yes’, he said, ‘please save my life.’”

Read Original Article...

Don't be fooled by Gmail's promise for confidential emails.

Gmail's new confidential mode for emails is neither secure nor private. At its best, it is a fun feature to help your recipient achieve inbox zero. At its worst, it is a privacy-intrusive feature that does not achieve true confidentiality. In fact, for sending a confidential and secure email, end-to-end encryption is a minimum requirement, and Gmail has long abandoned this approach.

Gmail's confidential mode is not confidential

Gmail as one of the major email services worldwide has realized that privacy concerns are rising constantly - and this is happening at a global scale. To meet this new demand for private and secure emails, Gmail has introduced a new feature: Confidential mode.

However, this feature is neither confidential nor private as Google still has unlimited access to its users' emails, even when they use confidential mode.

What is Gmail's confidential mode?

Gmail's confidential mode is a feature that lets you send emails with a self-destruct timer or with password protection. Or in Google's words:

"Recipients of messages in confidential mode don't have the option to forward, copy, print, or download messages, including attachments. Users can set a message expiration date, revoke message access at any time, and require an SMS verification code to access messages."

Why is Gmail's confidential mode privacy-intrusive?

Though pretending to offer privacy, Gmail's confidential mode comes with three major problems:

  1. The emails are not end-to-end encrypted.
  2. Google retains full access to the email even when you set a self-destruct timer.
  3. If you password-protect an email, Google can link your recipient's phone number with their email address.
All these facts combined make Gmail's confidential mode more a privacy-intrusive feature than a privacy-protecting feature.

The confidentiality expected by the users is not achieved because the emails sent via confidential mode are not inaccessible by third parties. The EFF states that this increases the risk for the users as they may send private information via confidential mode, which they wouldn't have sent with a normal email, falsely believing that the data is secured with encryption.

Why does confidentiality require encryption?

Information classified as confidential relates by definition to something very personal or top secret. It must be kept from any and every third party by all means.

This form of secrecy can only be achieved with end-to-end encryption. Encryption guarantees that only the people holding the key to decrypt the information can gain access to it.

This is why end-to-end encryption is an absolute necessity when communicating confidentially.

When sending an email with Tutanota, you have the option to send a 'confidential' email - which refers to an end-to-end encrypted email, or a 'not confidential' email - which refers to a standard email.

Encrypted email

With this definition in mind, Gmail's confidential emails are just standard emails with some extra features like unprintable, unforwardable, uncopyable, and so on. However, this will not stop anyone from taking a screenshot from the unprintable email, just to print off the screenshot.

Besides, the point in confidential communication is not to keep information hidden or protected from the person you are communicating with, the point is to keep everyone else out of this conversation.

What is the benefit of Gmail's confidential mode?

All in all, there's not much benefit to Gmail's confidential mode. If you want truly confidential emails, you need to use a secure email option like Tutanota or encrypt your emails manually since Gmail has long abandoned its project to offer easy end-to-end encryption. Instead, they now offer a rather dubious version of confidentiality.

The only benefit that remains with Gmail's confidential mode is that the receiving mail service does not see the email sent via this mode. If you send an email from Gmail with confidential mode to a friend, who is using Yahoo Mail for example, Yahoo will not see this email. Yet, Google still has full access to the email so the benefits are extremely little.


If you're using Gmail's confidential mode, be aware of its limitations. Don't be fooled by Gmail's promise for confidentiality.

Confidential emails are simply impossible without applying end-to-end encryption.

Read Original Article...

Garmin SA hacked, exposing users’ credit card details

GPS and fitness accessory maker Garmin SA has been hacked, leaving customers’ credit card information at the mercy of cyber criminals.

In a letter to its customers yesterday, Garmin SA MD Jennifer van Niekerk said: “We recently discovered theft of customer data from orders placed through (operated by Garmin South Africa) that compromised your personal data related to an order that you placed through our Web site.”

The site was still not accessible at the time of publishing, saying: “The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.”

According to Garmin, the compromised data was limited to Gamin’s South Africa site, and contained payment information, “including the number, expiration date and CCV code for your payment card along with your first and last name, physical address, phone number and e-mail address.

“We recommend that you review and monitor your payment card records to make sure there were no unauthorised purchases. If you suspect any fraud, please contact your bank or payment card provider for further direction.

“As a valued customer, we apologise for this incident and assure you that Garmin takes our obligation to safeguard personal data very seriously.”

See also

Data breach hits 30m South Africans

Garmin snaps up SA start-up

However, Garmin did not disclose further details of the hack.

Misconfigured Web application

Jon Tullett, senior research manager for cloud and IT services at IDC, comments that one of the most common causes of a breach like this is a misconfigured Web application, such as a database or backup data.

“Locking that down, encrypting the data and, of course, not storing data where you shouldn’t in the first place is a fundamental step in preventing a breach – there is no reason for a merchant to store all that credit card data.”

He notes Garmin and its customers both need to take positive action. “Garmin needs to ensure all customers are directly notified that data has leaked, with guidance for the next steps. And those customers need to ensure they are keeping a close watch on their bank accounts for any sign of unexpected activity, and to be alert for phishing attacks using their personal data to impersonate an agency such as their bank, Garmin, a government department or the like.

“These sorts of leaks are so common, it makes a mockery of ‘we take data privacy seriously’ disclaimers. Getting POPIA [Protection of Personal Information Act] into full effect at this late stage is unlikely to make much difference. Unfortunately, a deeper rethink of personal credentials is needed to render stolen information valueless to hackers.”

For Troy Hunt, an Australian-based cyber security researcher, data breaches such as this are very often caused by either flaws in the design of the software or poor security practices such as a database being publicly accessible without a password or an administrator reusing weak passwords.

“In Garmin’s case, it looks like there may have been malicious software running on their Web site which managed to obtain credit card details as they were entered by customers,” Hunt says.

“Typically, after a data breach people would change their password on the affected site and anywhere else it had been reused.

“However, Garmin hasn’t said passwords were impacted in this incident; so it looks like the extent of the damage is credit cards and other personal information. Inevitably, this will mean replacing impacted cards and for individual customers, possibly considering identity protection services.”

Magecart attacks

Deepak Patel, a security evangelist for PerimeterX, is of the view that this latest episode is an indicator that Magecart attacks are far from over.

Magecart is a form of data skimming, which attacks using the client-side browser as the front-door for consumer interactions. “Skimming” is a method used by attackers to capture sensitive information from online payment forms, such as e-mail addresses, passwords and credit card numbers. For Magecart specifically, hackers implant malicious code into Web sites in order to steal credit card information as people enter credentials on the checkout page.

“The modern Web application stack relies on third-party scripts obtained from a variety of providers, not all of whom have strong security practices,” says Patel. “Web site owners lack visibility into the third-party scripts running on the users’ browsers within the context of their site. Many Web site owners are also unaware of all the first-party scripts running on their site.”

In this particular case, he notes, it is quite possible Magecart attackers leveraged Magento to skim credit card information from Garmin’s South Africa site.

Patel notes this attack also highlights the steps Magecart attackers take to avoid detection. “We have seen instances in the past where skimmers targeted specific geographies outside of the main site’s headquarters to remain undetected.

“This lack of visibility impacts both Web site owners and users. It’s impossible for Web site users to discern if a Web site is compromised by a Magecart attack. Users see the secure padlock next to the URL on their browser address bar and feel comfortable about using the site.

“In addition to staying up to date with the latest versions of critical platform components, Web site owners need to take another step: get visibility and control of all the scripts running on their Web site, whether first- or third-party or another part of the supply chain.”

Read Original Article...
Apple Repairs and Service
Member of the Internet Defense League

BitcoinCash Accepted