SandboxEscaper Releases Several Windows Vulnerabilities

Over the past couple of days, the security researcher who goes by the pseudonym SandboxEscaper has released several Microsoft Windows vulnerabilities to the public with no prior notice given to Microsoft. The researcher has developed a reputation amongst the InfoSec community for releasing vulnerabilities to the public, in particular, Windows vulnerabilities, without informing the software producer or giving prior notice as is seen as a good practice amongst researchers. The first of the flaws published on May 22, can be classified as a local privilege escalation (LPE) zero-day. LPE can be seen as exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. It is important to note that when exploited such flaws cannot be used to break into a system. Rather hackers can use them a...

Tontorcaltedron.info POP-UP Ads

Rogue websites like tontorcaltedron[.]info are designed to redirect their visitors to untrustworthy, questionable websites. Here are examples of other pages of this type: rabsirolcalat[.]info, gatonsenropha[.]info and knowwoow[.]com. As a rule, people do not visit tontorcaltedron[.]info intentionally, it gets opened by potentially unwanted applications (PUAs) that they have installed on their browsers. Most people download and install these apps unwillingly/unintentionally. In addition to unwanted redirects, PUAs deliver intrusive ads and record data related to user's web browsing habits. Once installed, potentially unwanted apps force hijacked browsers to open a new tab or window and redirect users to one or another rogue website, in this case the tontorcaltedron[.]info. After that, this page redirects users to other (about two or three) untrustworthy websites that might contain malicious content. Or it...