#aka the default pdf editor
Explore tagged Tumblr posts
Visit Tumblr Blog
Explore Tumblr blogs with no restrictions, modern design and the best experience.
Last Seen Tumblr Blogs
dankastiyo
Dankastiyo
2K posts
executivedec07-blog
Untitled
1 post
thewolfgangstuff
The Wolfgang Stuff
105 posts
thegoddessoflikeability
Aw, now I miss my fidget spinner.
41 posts
pikachushat
Untitled
329 posts
Fun Fact
Tumblr posted its first advertisements in May 2012 and subsequently earned $13M in revenue.
kame-dori · 1 year ago
Text
Tumblr media Tumblr media Tumblr media
Disciples
#ning yingying#ming fan#luo binghe#svsss#the scum villain’s self-saving system#ren zha fanpai zijiu xitong#my art#drawn on my fav art program on my ipad#aka the default pdf editor#or notes app i guess
194 notes · View notes
greysenterprises · 3 years ago
Text
Tags stores qownnotes
Tumblr media
#Tags stores qownnotes mac os x
#Tags stores qownnotes mac os
#Tags stores qownnotes pdf
#Tags stores qownnotes install
#Tags stores qownnotes install
How to Install Xournal++ 1.1.0 in Ubuntu: And tons more other improvements and changes.Add snapping for vertical space, moving/resizing selections, recognized shapes.Add a touchpad pinch gesture for zooming.Remove the old input system and touch workaround.Add seeking functionality during audio playback.New “Layerstack Preview” tab to show all layers up to the current layer.
#Tags stores qownnotes pdf
New “progressive mode” option to PDF export dialog.
#Tags stores qownnotes mac os
Ubuntu 16.04 and Mac OS High Sierra are no longer supported. config folder instead of user home.Ī new plugin was introduced for those have non-default DPI settings, to fix incorrect text elements display issue for old documents. The config files will now be stored in user. The Xournal++ 1.1.0 is a new major release follows the XDG Base Directory Specification. It also features PDF annotation, Lua scripting, and LateX support. Xournal++ (aka Xournalpp) is a note taking app that support pen input from devices such as Wacom, Huion, XP Pen tablets. Manage your ownCloud todo lists (ownCloud tasks or Tasks Plus / Calendar Plus) or use an other CalDAV server to sync your tasks toĮncryption of notes (AES-256 is built in or you can use custom encryption methods like Keybase.io (encryption-keybase.qml) or PGP (encryption-pgp.Free open-source handwriting notetaking app Xournal++ 1.1.0 was released with many new features and improvements. Notes are getting their name from the first line of the note text (just like in the ownCloud notes web-application) and the note text files are automatically renamed, if the the first line changesĬompatible with the notes web-application of ownCloud and mobile ownCloud notes applicationsĬompatible with ownCloud's selective sync feature by supporting an unlimited amount of note folders with the ability to choose the respective folder on your server Markdown highlighting of notes and a markdown preview mode View your notes in a vertical markdown view by moving the panels Trashed notes can be restored from your ownCloud / Nextcloud serverĭifferences between current note and externally changed note are showed in a dialog Older versions of your notes can be restored from your ownCloud / Nextcloud server Visit the QOwnNotes Chrome Web Store or the QOwnNotes Firefox Addon pageĮxternal changes of note files are watched (notes or note list are reloaded) QOwnNotes Web Companion browser extension to a add notes from the selected text and other features Scripting support and an online script repository where you can install scripts inside the application Sub-string searching of notes is possible and search results are highlighted in the notesĪpplication can be operated with customizable keyboard shortcuts You can use your existing text or markdown files, no need for an import most of the times The notes folder can be freely chosen (multiple note folders can be used) Get notified about external modifications of your current note I like the concept of having notes accessible in plain text files, like it is done in the Nextcloud notes app, to gain a maximum of freedom, but I was not able to find a decent desktop note taking tool or a text editor, that handles them well in conjunction with ownCloud or Nextcloud. Of course other software, like Dropbox, Syncthing, Seafile or BitTorrent Sync can be used too. The notes are stored as plain text files and you can sync them with your ownCloud or Nextcloud sync client. You are able to write down your thoughts with QOwnNotes and edit or search for them later from your mobile device (like with CloudNotes) or the ownCloud / Nextcloud web-services.Įdit your notes in the web with ownCloud Notes Use ownCloud Notes to edit your notes in the web. Sync them over devices (desktop & mobile) with your ownCloud or Nextcloud sync client. You own your own notes! All notes are stored as plain-text files on your desktop computer.
#Tags stores qownnotes mac os x
QOwnNotes is the open source (GPL) plain-text file markdown note taking application for GNU/Linux, Mac OS X and Windows by Patrizio Bekerle (pbek on GitHub and IRC), that (optionally) works together with the notes application of ownCloud or Nextcloud. QOwnNotes for Windows 10 - Full description
Tumblr media
#Tags stores qownnotes
0 notes
claudeleonca · 6 years ago
Text
WordPress Block Editor: The Ultimate Gutenberg Guide (2019)
Tumblr media
Here’s the deal:
If you’re new to the WordPress block editor, or if you’re looking for an easy-to-read resource you can reference as needed, you’ve come to the right place.
In this post, we’re going to walk you through the ins and outs of the block editor (aka “Gutenberg”) — what it is, how it differs from the classic editor, and how to use it.
Let’s jump in.
WordPress Block Editor (Gutenberg) Overview
What is the Gutenberg Editor?
When WordPress 5.0 was released in December 2018, the world was introduced to the Gutenberg editor — now known as the WordPress block editor.
Gone was the classic, TinyMCE WordPress editor. In its place was a modern, drag-and-drop block editor offering an entirely new content creation experience.
Drag and drop in action
In short, Gutenberg is a total revamp of the WordPress editor.
Using “blocks”, users of all experience levels can build custom posts and pages — without having to use third-party tools and plugins, and without having to know how to code.
What is a Content Block in WordPress?
Blocks are the vessels for your content.
With blocks, you can insert, rearrange, and style content in WordPress. What types of content? Here’s a small sampling (we’ll go over all of them later):
Tables
Images
Videos
Paragraphs
Quotes
Shortcodes
Social media (YouTube, Facebook, etc.) embeds
Widgets
Basically, anything you can reasonably imagine adding to a blog post or article can be added using blocks.
And you can add them faster and easier.
How is the WordPress Block Editor Different than the Classic Editor?
Here’s a quick side-by-side comparison.
First, the classic TinyMCE content editor:
Tumblr media
Next, the new “Gutenberg” block editor:
Tumblr media
The classic editor is reminiscent of Microsoft Word. There’s a place to write your text, and there’s a formatting toolbar to style your content (bold, italics, etc.).
The new editor uses a block system for content creation. Besides looking more polished and modern, the WordPress block editor allows you to:
Add tables (again, without knowing code or having to install plugins);
Arrange, rearrange, and mingle text and media by simply dragging and dropping elements from here to there;
Create content columns with ease;
Change the background colors and font sizes in each block;
Reuse blocks you use over and over (to save yourself time).
And that’s just the tip of the iceberg.
In other words, the two editors are different.
Very different.
How do I Use the Block Editor in WordPress?
With the background information out of the way, it’s time to walk you through the new block editor.
We’ll start with how to navigate it:
Block Navigation
Tumblr media
Add a new block
Undo and Redo buttons
Content structure (word count, headings, paragraphs, blocks)
Block navigation (a drop-down displaying all the block types used in the post)
Sidebar Navigation
Tumblr media
Preview and Publish the post
This is the classic WordPress sidebar: categories, tags, permalink, and publishing options
Block settings: when you click on a block in the editor, you get its unique set of options in the sidebar
Hide sidebar
More editor settings
How to Add a Block
In your WordPress dashboard, create a new post as you would normally. (Or, open an existing post so you can edit it.)
Click on the plus (+) sign in the top-left corner of the editor.
Select the category and the type of block you want to insert:
Tumblr media
Each block can be edited, deleted, saved as reusable, and moved up or down with drag-and-drop options.
Once you’re done with a block, you can insert more blocks. You can also duplicate a block or edit it in HTML:
Tumblr media
Types of WordPress Blocks (and How to Use Them)
Here are each of the types of blocks (broken down by category) offered by Gutenberg:
Common Blocks
This category of blocks contains the basic (“common”) elements people typically use in their blog posts. Most bloggers and writers will use these blocks more than others.
Paragraph Block
The Paragraph Block is simply a box for writing your text.
It comes with the standard formatting options — text alignment, font size, background and text color, drop cap, and more.
Tumblr media
Image Block
With an Image Block, you can easily insert an image by uploading it from your computer, picking it from WordPress media library, or copying its URL.
The standard WordPress options for images are included: you can add a caption, adjust the image size, add alt text, and more.
Tumblr media
List Block
With a List Block, you can create a list of items ordered by bullets (unordered list) or numbers (numbered list).
You can also add sub-items for each main item in the list, insert anchor links, and format the text.
Tumblr media
Quote Block
The Quote Block lets you add your favorite quotes in a beautiful, elegant style.
Write the text and its author, then format it just as you would in a Paragraph Block. You can use the default font size or a larger size.
Tumblr media
Heading Block
With a Heading Block, you can start a new section inside your post.
You can choose from six heading sizes. The first three are available inside the block, while the smaller ones can be found in the sidebar to the right of the editor.
Tumblr media
Editor’s Note: Even though it’s available in the sidebar, don’t use the H1 heading. It’s (typically) reserved for the headline of your post. Instead, start with H2.
If you’d like to learn more about them, here’s a post we wrote about common subhead blunders.
File Block
With File Blocks, you can add all sorts of files for your visitors to download: images, archives, docs, PDFs… you name it.
From the sidebar, you can choose to display a download button, open the file in a new tab, and link to either a media file or an attachment.
Tumblr media
Gallery Block
A Gallery Block is for when you want to add more than one image. It has the same features as the Image Block, but you can upload multiple images within the same block.
The gallery displays a nice grid layout. In the right sidebar, you can choose the number of columns in the gallery and each image’s destination page.
Captions are also allowed.
Tumblr media
Audio Block
Planning to feature music or a podcast interview on your site? You can use the Audio Block to upload and play audio files.
The block will display a minimalist audio player. You can choose to play it automatically and/or in a loop.
Tumblr media
Video Block
Using the Video Block, you are able to upload videos.
You have the option to autoplay and/or mute them. An awesome feature is you can upload a poster image for the thumbnail (in case you don’t want to display the featured capture it fetches by default).
Tumblr media
Cover Block
Using a Cover Block, you can create an image or video with text overlay. You can use it as a featured image for a post or as a header.
You can also adjust the background color and opacity.
Tumblr media
Formatting Blocks
This category groups blocks that focus on formatting content, such as pull quotes, tables, and verses.
Let’s go over each of them:
Code Block
Use the Code Block if you want to show your readers examples of code snippets.
The code won’t be executed; instead, it will display in a distinct style so it stands out to your readers.
Tumblr media
Classic Block
With a Classic Block, you can add a block resembling the classic editor and its classic formatting options. It’s a miniature TinyMCE editor inside a block.
Tumblr media
Table Block
A Table Block lets you easily insert a table in WordPress without plugins or having to know HTML code.
Write the number of rows and columns you need, pick the layout (default or stripes), and you’re set. Afterward, you can add rows and columns at the beginning or end of the table with one click.
Tumblr media
Verse Block
With Verse Blocks, you can add song lyrics or poetry verses.
When you press enter, you won’t be directed to a new block like in the Paragraph Block; instead, it will jump to a new row. You can write as many verses as you wish while remaining in the same block.
Tumblr media
Custom HTML Block
With Custom HTML Blocks, you’re able to write HTML code and quickly preview the changes.
You enter your code in HTML mode:
Tumblr media
And you preview it in Preview mode:
Tumblr media
Pull Quote Block
When you want to emphasize an excerpt of your article, you can turn it into its own block with a Pull Quote Block.
What distinguishes a Pull Quote Block from a Quote Block is its formatting. A Pull Quote Block has colored borders.
Tumblr media
Preformatted Block
Similar to the preformatted text option in the classic TinyMCE editor, a Preformatted Block lets you display the text on the front-end exactly as you type it.
The preformatted text uses a monospaced font, which means all characters have the same width.
Tumblr media
Here’s a preview of the preformatted text:
Tumblr media
Layout Elements
Blocks in this category help you beautify and arrange your post in a way that’s pleasing to the eye.
This includes blocks for adding colorful buttons, smart columns, media elements, and more.
Button Block
A Button Block lets you add a button to your post. You can customize its style (round, square, etc.), color, and the action to take place once it’s clicked.
Tumblr media
Columns Block
If you need to present your text in columns (“newspaper” style) rather than in full width, the Columns Block lets you do it quickly and easily.
Tumblr media
Media & Text Block
In the classic editor, placing images and text side by side required some developer skills. With the Media & Text Block, you can do it in just a few clicks.
Tumblr media
Lines and Separators Block
A Lines and Separators Block, as its name implies, allows you to add spacers between one piece of content and another.
This includes page breaks, line separators, and more.
Tumblr media
Embeds
The Embeds category lets you add content from social media sites, platforms, or any site from which you want to share posts or files.
You can choose to add blocks for Twitter, YouTube, Spotify, Flickr, and more.
Tumblr media
If you choose “Facebook” from the above list of blocks and paste a Facebook URL…
Tumblr media
…you’ll be able to embed the Facebook post directly inside your post:
Tumblr media
In the classic editor, this was significantly more difficult to do.
Widgets
With the Widgets category, your existing WordPress widgets (which were usually restricted to your blog’s sidebar or footer) can be easily added inside the body of your posts as blocks.
Tumblr media
Want to display a search bar or the latest comments on your blog right inside your post? You can by using the applicable widget block.
Need More Blocks? Try These Gutenberg Plugins for WordPress
As you can see from the list above, Gutenberg comes with a large selection of blocks right out of the box.
But if you need more, there are several WordPress plugins to give you even more functionality.
Otter Blocks Plugin
Otter Blocks is a free WordPress plugin providing 12 additional blocks, including Font Awesome Icons and Testimonials.
Once you’ve installed and activated the plugin, these new blocks will appear under the “Otter” category:
Tumblr media
Atomic Blocks Plugin
Atomic Blocks is another freebie offering (as of this writing) 14 new blocks focused on product owners. These blocks will appear inside the ��Atomic Blocks” once you’ve installed the plugin.
Tumblr media
Stackable
Stackable provides 22 free blocks, some of which are already available in Gutenberg. However, they come with a different design.
If you work a lot with images, this plugin gives a few interesting layout solutions to blend text and visuals in an interesting way.
Tumblr media Tumblr media
Common WordPress Block Editor Questions
Before we wrap up, let’s look at a few common questions related to Gutenberg. This is a living section and will be updated as time goes on, so if you have a question be sure to leave it in the comments section below.
How do I Rearrange Blocks?
Once you’ve created a block, you can drag and drop them as you please.
Hover over the block you want to reposition, then click and hold the dots icon to move it. Or, you can click the arrows above and below the dots to move the block up or down one position at a time:
Tumblr media
How do I Create Reusable Block Templates?
If you want to use a block more than once, click on the ellipsis (3 dots) and choose the “Add to Reusable Blocks” option:
Tumblr media
The block will be saved as a reusable block.
Once you saved at least one reusable block, the “Reusable” category will appear among the other block categories:
Tumblr media
How do I Disable the New Editor in WordPress? (Or, How do I Revert to the Classic Editor in WordPress?)
If you install the Classic Editor plugin, the previous (“classic”) editor will be restored.
The WordPress core team has committed to supporting Classic Editor plugin until “at least 2022” or “as long as is necessary.”
So, if you’ve upgraded to WordPress 5.0 or later, and you find you’re not yet ready to make the switch to the new block editor, this official plugin from WordPress will allow you to use the classic TinyMCE text editor you know and love.
Can I Give Access to Gutenberg to Only a Few Users on my Site?
Absolutely.
If you have a bunch of different users and user roles on a single WordPress site, you can allow/restrict access to the block editor only to certain profiles/roles.
Is it Called Gutenberg, the Gutenberg Block Editor, the Block Editor, or Something Else?
“Gutenberg” was the project’s name when it was in development. As such, many still call it the “Gutenberg editor” or, simply, “Gutenberg.”
After the release of WordPress 5.0, it became known as the “WordPress Block Editor” or, simply, “block editor.”
But whatever you choose to call it, it’s all the same.
Is Gutenberg a Page Builder?
Not in its current state.
However, the block editor is merely the first of three planned stages.
Stage three, full site customization, would turn Gutenberg into a full-fledged page builder.
How do I Know if a WordPress Theme or Plugin is Compatible with the Block Editor?
Once Gutenberg was officially merged into the core of WordPress in release 5.0, theme and plugin authors/developers needed to update their products to ensure they were compatible.
Most themes and plugins, especially popular ones, are now compatible with Gutenberg. However, you should always make sure themes and plugins are compatible before you install and activate them on your website.
With plugins on WordPress.org, look for the “Tested with” label:
Tumblr media
For themes, check if Gutenberg compatibility is mentioned on WordPress.org or its homepage:
Tumblr media
What Happens to my Old Posts After I Switch to Gutenberg?
Don’t worry — your old content won’t disappear.
When you update your site to WordPress 5.0 or later, each of your old posts will be converted into a “classic” block, which is similar to the classic TinyMCE content editor.
You can choose to keep your old posts “classic,” or you can convert them into blocks.
How to Convert Old Posts into Blocks?
Click the ellipsis (3 dots) and choose the “Convert to Blocks” option:
Tumblr media
This will convert your post into a series of blocks, which you can edit, delete, and rearrange as you would normally.
Gutenberg isn’t so Scary
Though it differs greatly from the classic TinyMCE editor, you shouldn’t fear the new WordPress block editor.
It’s fairly intuitive, it’s powerful, and it eliminates much of the clutter keeping you from what truly matters: creating great content.
You now have a simple, easy-to-follow guide to help you navigate the new Gutenberg editor.
We hope you found it helpful.
If there’s anything you would like to see us add, or any questions you have about the new WordPress block editor, let us know in a comment below.
Author Bio: Adelina Tuca is a writer and WordPress blogger at ThemeIsle and CodeinWP. When she does not create content, she manages their partnerships with other publications and makes sure JustFreeThemes is performing well. She loves tennis, books, hiking, and metal concerts.
The post WordPress Block Editor: The Ultimate Gutenberg Guide (2019) appeared first on Smart Blogger.
from SEO and SM Tips https://smartblogger.com/wordpress-block-editor/
0 notes
terabitweb · 6 years ago
Text
Original Post from Talos Security Author:
By Edmund Brumaghin and Holger Unterbrink.
Executive summary
Orcus RAT and RevengeRAT are two of the most popular remote access trojans (RATs) in use across the threat landscape. Since its emergence in 2016, various adversaries used RevengeRAT to attack organizations and individuals around the world. The source code associated with RevengeRAT was previously released to the public, allowing attackers to leverage it for their own malicious purposes. There are typically numerous, unrelated attackers attempting to leverage this RAT to compromise corporate networks for the purposes of establishing an initial point of network access, the performance of lateral movement, as well as to exfiltrate sensitive information that can be monetized. Orcus RAT was in the news earlier this year due to Canadian law enforcement activity related to the individual believed to have authored the malware.
Cisco Talos recently discovered a threat actor that has been leveraging RevengeRAT and Orcus RAT in various malware distribution campaigns targeting organizations including government entities, financial services organizations, information technology service providers and consultancies. We discovered several unique tactics, techniques, and procedures (TTPs) associated with these campaigns including the use of persistence techniques most commonly associated with “fileless” malware, obfuscation techniques designed to mask C2 infrastructure, as well as evasion designed to circumvent analysis by automated analysis platforms such as malware sandboxes.
The characteristics associated with these campaigns evolved over time, showing the attacker is constantly changing their tactics in an attempt to maximize their ability to infect corporate systems and work toward the achievement of their longer-term objectives.
Malicious email campaigns
There have been several variations of the infection process associated with these malware distribution campaigns over time. In general, the emails in every case claim to be associated with complaints against the organization being targeted. They purport to be from various authorities such as the Better Business Bureau (BBB). Below is an example of one of these emails:
Phishing email
In addition to Better Business Bureau, Talos has also observed emails purporting to be associated with other entities such as Australian Competition & Consumer Commission (ACCC), Ministry of Business Innovation & Employment (MBIE) and other regional agencies.
Earlier malware campaigns contained a hyperlink that directed potential victims to the malicious content responsible for initiating the malware infection. The attacker made use of the SendGrid email delivery service to redirect victims to an attacker-controlled malware distribution server.
The link in one example email was pointed to the following SendGrid URL:
https://u12047697[.]ct[.]sendgrid[.]net/wf/click?upn=X2vR6-2FdIf8y2XI902U8Tc8qh9KOPBogeTLss4h7AKXe0xRjCQw1VcMTssPPPTU28KY7PwUPERvVvIa8n4VQD-2Fw-3D-3D_tIiqtngjMfK6xwiZyGxyMuaZ5weLruJKBoFJsVrKYBziY2h51ElcQ2ocLru0oJCxt-2FOlkcr6RH8ktqTc-2B-2BQjmMscOQaeiy2zw8OOUb6nD0f1srQnQG-2B-2BIXtpubqjWMnnIHxJg3TvgFRq0itu75WQHjsdUv1O1g-2FrQzQAyJkGQN6vC9fH5R4R4FyLG9ahUnvbnHt-2FEmdUJQuft0jfw2c5uPBA2M5Yspgi-2Fodr8cEU2b8-3D
This URL is responsible for redirecting the client to a URL hosted on an attacker-controlled server that hosts a ZIP archive containing the malicious PE32 used to infect the system. Below, you can see the HTTP GET request that is responsible for retrieving this and continuing the infection process.
ZIP File download
A PE32 executable is inside of the ZIP archive. It needs to be executed by the victim to infect the system with Orcus RAT. The PE32 filename features the use of double extensions (478768766.pdf.exe) which, by default on the Windows operating system, will only display the first extension (.PDF.) The PE32 icon has been set to make the file appear as if it is associated with Adobe Acrobat.
Double extensions trick
This loader (478768766.pdf.exe) is protected by the SmartAssembly .NET protector (see below), but can easily be deobfuscated via d4dot. It is responsible for extracting and decrypting the Orcus RAT. It extracts the Orcus executable from its Resource “人豆认关尔八七” as shown in the screenshots below.
Orcus loader resources
The Class5.smethod_1 method, shown in the screenshot below, decodes the content from the resource section and restores the original Orcus RAT PE file.
Resource section payload decoding
The smethod_3 shown below finally starts another instance of the loader (478768766.pdf.exe) and injects the Orcus PE file into this loader process. Then it resumes the process, which executes the Orcus RAT PE file in memory in the 478768766.pdf.exe process context. This means the original Orcus RAT PE file is never written to disk in clear text. This makes it more difficult for anti virus systems to detect it.
Process injection method
The loader achieves persistence by creating a shortcut that points to its executable and storing the shortcut in the following Startup directory:
C:UsersAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
The dropper also copies itself over to %APPDATA%Roamingtrfgtfrfgrf.exe and creates and starts the rfgrf.exe.bat file, which you can see below. The bat file executes the copy of the loader every 60 seconds.
rfgrf.exe.bat
In later campaigns, the adversary modified the infection process and emails no longer leveraged the SendGrid URLs. Later emails featured the same themes and verbiage but were modified to contain ZIP archive attachments.
Phishing email
The attached ZIP archives contain malicious batch files responsible for retrieving the malicious PE32 file and executing it, thus infecting the system. Early versions of the batch file retrieved additional malicious content from the same server previously used to host the ZIP archives.
Malicious .bat downloader
One interesting thing to note about the batch files was the use of an obfuscation technique that is not commonly seen. In early campaigns, the attacker prepended the bytes “FF FE 26 63 6C 73 0D 0A” into the file, causing various file parsers to interpret the file contents as UTF-16 LE, resulting in the parsers failing to properly display the contents of the batch file.
Unicode obfuscation standard editor
The hex view of the same file shows these prepended bytes which are responsible for this parsing issue.
Unicode obfuscation hex view
This is a well-known technique as can be observed in the forum thread here.
Later versions of the .bat downloader featured the use of obfuscation in an attempt to make analysis more difficult. They are using a simple obfuscation method and are just replacing all characters by variables that are resolved at runtime.
Obfuscated RevengeRat .bat downloader
The decoded version of the .bat file looks like this. Like in the non-obfuscated versions of the .bat file, the adversaries are downloading the .js file to a local directory (C:windowsr2.js) and executing it.
Decoded obfuscated .bat file
This r2.js file is another obfuscated script. It is filled with a bunch of rubbish and one long line of code.
Downloaded r2.js file
This scripts writes the ‘TVqQ…’ string into the registry.
r2.js payload
Stored encoded malware in registry key
It loads this string at the end of the infection process, decodes it and executes it.
r2.js payload decoding routine
Decompiling this payload in dnSpy shows an old friend: RevengeRAT.
RevengeRAT decompiled binary
Command and control (C2) obfuscation
As is the case with many popular RATs, the C2 infrastructure was observed leveraging Dynamic Domain Name System (DDNS) in an attempt to obfuscate the attacker’s infrastructure. In the case of these malware campaigns, the attacker took an additional step. They pointed the DDNS over to the Portmap service to provide an additional layer of infrastructure obfuscation.
Portmap is a service designed to facilitate external connectivity to systems that are behind firewalls or otherwise not directly exposed to the internet.
Port forwarding service
These systems initiate an OpenVPN connection to the Portmap service, which is responsible for handling requests to those systems via port mapping. We have recently observed an increase in the volume of malicious attackers abusing this service to facilitate the C2 process across various malware families.
HTTPS certificate
As demonstrated above, the DNS configuration for the DDNS hostname used by the malware for C2 has actually been pointed to the Portmap service. Let’s Encrypt issued the SSL certificate associated with this host.
Payload analysis
The adversaries used at least two different RATs in the campaigns which we have closely analyzed: Orcus RAT and RevengeRAT. For both RATs, the source code was leaked in the underground and several adversaries have used it to build their own versions. You can see the comparison of the leaked version of RevengeRAT and the one we analyzed below.
Compairson leaked malware and modified one
The adversaries changed the source code slightly. They moved the original code into separate functions and changed the execution order a bit plus added other minor changes like additional variables, but overall the code is still very similar to the leaked code. On the other hand, it is modified so that the resulting binary looks different for AVs.
It is interesting to see that both (Client) IDs are pointing to the same name: CORREOS. In the Nuclear_Explosion file, aka RevengeRAT, it is only base64 encode “Q09SUkVPUw==“.
RevengeRAT Atomic class config
Orcus decoded XML config
Conclusion
These malware distribution campaigns are ongoing and will likely continue to be observed targeting various organizations around the world. RevengeRAT and Orcus RAT are two of the most popular RATs in use across the threat landscape and will likely continue to be heavily favored for use during the initial stages of attacks.
Organizations should leverage comprehensive defense-in-depth security controls to ensure that they are not adversely impacted by attacks featuring these malware families. At any given point in time, there are several unrelated attackers distributing these RATs in different ways. Given that the source code of both of these malware families is readily available, we will likely continue to see new variants of each of these RATs for the foreseeable future.
Coverage
Additional ways our customers can detect and block this threat are listed below.
Advanced Malware Protection (AMP) is ideally suited to prevent the execution of the malware used by these threat actors.
Cisco Cloud Web Security (CWS) or Web Security Appliance (WSA) web scanning prevents access to malicious websites and detects malware used in these attacks.
Email Security can block malicious emails sent by threat actors as part of their campaign.
Network Security appliances such as Next-Generation Firewall (NGFW), Next-Generation Intrusion Prevention System (NGIPS), and Meraki MX can detect malicious activity associated with this threat.
AMP Threat Grid helps identify malicious binaries and build protection into all Cisco Security products.
Umbrella, our secure internet gateway (SIG), blocks users from connecting to malicious domains, IPs, and URLs, whether users are on or off the corporate network.
Open Source Snort Subscriber Rule Set customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org.
Indicators of Compromise (IOCs)
The following indicators of compromise (IOCs) have been observed to be associated with malware campaigns.
ZIP Hashes (SHA256):
c66c96c8c7f44d0fd0873ea5dbaaa00ae3c13953847f0ca308d1f56fd28f230c d6c5a75292ac3a6ea089b59c11b3bf2ad418998bee5ee3df808b1ec8955dcf2a
BAT Hashes (SHA256):
20702a8c4c5d74952fe0dc050025b9189bf055fcf6508987c975a96b7e5ad7f5 946372419d28a9687f1d4371f22424c9df945e8a529149ef5e740189359f4c8d
PE32 Hashes (SHA256):
ff3e6d59845b65ad1c26730abd03a38079305363b25224209fe7f7362366c65e 5e4db38933c0e3922f403821a07161623cd3521964e6424e272631c4492b8ade
JS Hashes (SHA256):
4c7d2efc19cde9dc7a1fcf2ac4b30a0e3cdc99d9879c6f5af70ae1b3a846b64b
Domains:
The following domains have been observed to be associated with malware campaigns:
skymast231-001-site1[.]htempurl[.]com qstorm[.]chickenkiller[.]com
IP Addresses:
The following IP addresses have been observed to be associated with malware campaigns:
193[.]161[.]193[.]99 205[.]144[.]171[.]185
#gallery-0-5 { margin: auto; } #gallery-0-5 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-0-5 img { border: 2px solid #cfcfcf; } #gallery-0-5 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */
Go to Source Author: RAT Ratatouille – Backdooring PCs with leaked RATs Original Post from Talos Security Author: By Edmund Brumaghin and Holger Unterbrink. Executive summary Orcus RAT…
#Talos Security
0 notes
meiji-steampunk · 8 years ago
Text
What does a steampunk novella, set in an Islamic “Steam Age,” say about our era of Islamophobic populism?
Well, how about this, “The myth of the dangerous ‘other’ is a ghost from a future our steampunk “histories” have sought to avoid.” It clouds the reader’s assumptions so that, for a dissonant moment, fictional reality must contend with ugly stereotypes.
The story makes a statement by its existence. It’s a counter-narrative by default. And, it’s political because it’s about culture, and culture is politics.
The characters, are not just “Muslims,” but Hanafi Sunnis and Ithna Ashariyyah Shi’as whose beliefs reflect a different time; women wear not just the generic “hijab,” but culture-specific “chador” and “dupatta.” And since settings range from Northeast Africa to South Asia, characters are not just “brown,” but ochre, sepia, and more. They have heroic moments and anti-hero difficulties. They are normal imperfect people of the 17th century.
It all makes for interesting steampunk, interesting, but not exotic.
A steamship captain’s wife gives advice to one of her husband’s crewmen. In Victorian London, it’s a nothing scene. Decorum and deference to class might be issues, maybe. But in the Gujarat Sultanate (16th century Northwest India), “decorum” would mean far more than manners. Unless the wife has a male relative present, the situation may well be haram, forbidden. There’s potential for unease, self-justifications, and the overwhelming desire that the encounter stay secret. Does she talk from behind a screen in observance of purdah? What if the advice is best given in whispers? The situation is compounded if she, like others in a steamer social class, is one boiler explosion away from economic ruin, a real fear when you consider 16th century metallurgy. Misinterpreting what she says, or getting distracted by it, could be disastrous. As I said before, it all makes for interesting steampunk. And in ways unique to Islam.
The project began by accident last year.
The Islam and Science Fiction website held The Islamicate Short Story Contest. Winners were published in an e-book. You can download it (PDF) here.
I don’t normally enter contests. But The Islamicate I saw as a challenge, which was to write a story in which Islam was integral. In blog post 05, I’d speculated about Muslim technocultures in South Asia. The story contest was my chance to explore them in-depth. As you can guess, I’m not Muslim. I soon realized the short story wanted to be a novella, possibly a series. I abandoned the contest and kept writing. The novella is now 3K words short of a projected 30K. I would have finished last summer had my day job not sent me bouncing between my home and South Korea. Research has been fun. I’ve learned terms like “mast,” which refers to an out-of-control elephant, as in “the elephant went mast” (found in the Akbarnama, a chronicle of the reign of the 3rd Mughal emperor). And I discovered the gatherings called mushairas. They still exist. But in the 17th century, they resembled what we’d recognize as poetry slams. Celebrity poets, patronized by rival families, would battle by way of verse. Unfortunately, the poets’ most ardent followers tended to battle each other, literally. More than a few mushairas began with riots.
A shout-out to Diana M. Pho (aka Ay-leen the Peacemaker) and her Beyond Victoriana site. My journey began there, where I learned about the Islam and Science Fiction contest.
A very big thanks to Muhammad Aurangzeb Ahmad, editor of the Islam and Science Fiction site. Topics brought up in his interviews have found their way into the story.
So, what’s next? I’ll finish the novella and shop it around. The next book is sketched out. I’ve also decided to break the four sections of “Nakanishi” into four novellas.
#Muslim#steampunk#Mughal#ScienceFiction#India#PoC
0 notes
claudeleonca · 6 years ago
Text
WordPress Block Editor: The Ultimate Gutenberg Guide (2019)
Tumblr media
Here’s the deal:
If you’re new to the WordPress block editor, or if you’re looking for an easy-to-read resource you can reference as needed, you’ve come to the right place.
In this post, we’re going to walk you through the ins and outs of the block editor (aka “Gutenberg”) — what it is, how it differs from the classic editor, and how to use it.
Let’s jump in.
WordPress Block Editor (Gutenberg) Overview
What is the Gutenberg Editor?
When WordPress 5.0 was released in December 2018, the world was introduced to the Gutenberg editor — now known as the WordPress block editor.
Gone was the classic, TinyMCE WordPress editor. In its place was a modern, drag-and-drop block editor offering an entirely new content creation experience.
Drag and drop in action
In short, Gutenberg is a total revamp of the WordPress editor.
Using “blocks”, users of all experience levels can build custom posts and pages — without having to use third-party tools and plugins, and without having to know how to code.
What is a Content Block in WordPress?
Blocks are the vessels for your content.
With blocks, you can insert, rearrange, and style content in WordPress. What types of content? Here’s a small sampling (we’ll go over all of them later):
Tables
Images
Videos
Paragraphs
Quotes
Shortcodes
Social media (YouTube, Facebook, etc.) embeds
Widgets
Basically, anything you can reasonably imagine adding to a blog post or article can be added using blocks.
And you can add them faster and easier.
How is the WordPress Block Editor Different than the Classic Editor?
Here’s a quick side-by-side comparison.
First, the classic TinyMCE content editor:
Tumblr media
Next, the new “Gutenberg” block editor:
Tumblr media
The classic editor is reminiscent of Microsoft Word. There’s a place to write your text, and there’s a formatting toolbar to style your content (bold, italics, etc.).
The new editor uses a block system for content creation. Besides looking more polished and modern, the WordPress block editor allows you to:
Add tables (again, without knowing code or having to install plugins);
Arrange, rearrange, and mingle text and media by simply dragging and dropping elements from here to there;
Create content columns with ease;
Change the background colors and font sizes in each block;
Reuse blocks you use over and over (to save yourself time).
And that’s just the tip of the iceberg.
In other words, the two editors are different.
Very different.
How do I Use the Block Editor in WordPress?
With the background information out of the way, it’s time to walk you through the new block editor.
We’ll start with how to navigate it:
Block Navigation
Tumblr media
Add a new block
Undo and Redo buttons
Content structure (word count, headings, paragraphs, blocks)
Block navigation (a drop-down displaying all the block types used in the post)
Sidebar Navigation
Tumblr media
Preview and Publish the post
This is the classic WordPress sidebar: categories, tags, permalink, and publishing options
Block settings: when you click on a block in the editor, you get its unique set of options in the sidebar
Hide sidebar
More editor settings
How to Add a Block
In your WordPress dashboard, create a new post as you would normally. (Or, open an existing post so you can edit it.)
Click on the plus (+) sign in the top-left corner of the editor.
Select the category and the type of block you want to insert:
Tumblr media
Each block can be edited, deleted, saved as reusable, and moved up or down with drag-and-drop options.
Once you’re done with a block, you can insert more blocks. You can also duplicate a block or edit it in HTML:
Tumblr media
Types of WordPress Blocks (and How to Use Them)
Here are each of the types of blocks (broken down by category) offered by Gutenberg:
Common Blocks
This category of blocks contains the basic (“common”) elements people typically use in their blog posts. Most bloggers and writers will use these blocks more than others.
Paragraph Block
The Paragraph Block is simply a box for writing your text.
It comes with the standard formatting options — text alignment, font size, background and text color, drop cap, and more.
Tumblr media
Image Block
With an Image Block, you can easily insert an image by uploading it from your computer, picking it from WordPress media library, or copying its URL.
The standard WordPress options for images are included: you can add a caption, adjust the image size, add alt text, and more.
Tumblr media
List Block
With a List Block, you can create a list of items ordered by bullets (unordered list) or numbers (numbered list).
You can also add sub-items for each main item in the list, insert anchor links, and format the text.
Tumblr media
Quote Block
The Quote Block lets you add your favorite quotes in a beautiful, elegant style.
Write the text and its author, then format it just as you would in a Paragraph Block. You can use the default font size or a larger size.
Tumblr media
Heading Block
With a Heading Block, you can start a new section inside your post.
You can choose from six heading sizes. The first three are available inside the block, while the smaller ones can be found in the sidebar to the right of the editor.
Tumblr media
Editor’s Note: Even though it’s available in the sidebar, don’t use the H1 heading. It’s (typically) reserved for the headline of your post. Instead, start with H2.
If you’d like to learn more about them, here’s a post we wrote about common subhead blunders.
File Block
With File Blocks, you can add all sorts of files for your visitors to download: images, archives, docs, PDFs… you name it.
From the sidebar, you can choose to display a download button, open the file in a new tab, and link to either a media file or an attachment.
Tumblr media
Gallery Block
A Gallery Block is for when you want to add more than one image. It has the same features as the Image Block, but you can upload multiple images within the same block.
The gallery displays a nice grid layout. In the right sidebar, you can choose the number of columns in the gallery and each image’s destination page.
Captions are also allowed.
Tumblr media
Audio Block
Planning to feature music or a podcast interview on your site? You can use the Audio Block to upload and play audio files.
The block will display a minimalist audio player. You can choose to play it automatically and/or in a loop.
Tumblr media
Video Block
Using the Video Block, you are able to upload videos.
You have the option to autoplay and/or mute them. An awesome feature is you can upload a poster image for the thumbnail (in case you don’t want to display the featured capture it fetches by default).
Tumblr media
Cover Block
Using a Cover Block, you can create an image or video with text overlay. You can use it as a featured image for a post or as a header.
You can also adjust the background color and opacity.
Tumblr media
Formatting Blocks
This category groups blocks that focus on formatting content, such as pull quotes, tables, and verses.
Let’s go over each of them:
Code Block
Use the Code Block if you want to show your readers examples of code snippets.
The code won’t be executed; instead, it will display in a distinct style so it stands out to your readers.
Tumblr media
Classic Block
With a Classic Block, you can add a block resembling the classic editor and its classic formatting options. It’s a miniature TinyMCE editor inside a block.
Tumblr media
Table Block
A Table Block lets you easily insert a table in WordPress without plugins or having to know HTML code.
Write the number of rows and columns you need, pick the layout (default or stripes), and you’re set. Afterward, you can add rows and columns at the beginning or end of the table with one click.
Tumblr media
Verse Block
With Verse Blocks, you can add song lyrics or poetry verses.
When you press enter, you won’t be directed to a new block like in the Paragraph Block; instead, it will jump to a new row. You can write as many verses as you wish while remaining in the same block.
Tumblr media
Custom HTML Block
With Custom HTML Blocks, you’re able to write HTML code and quickly preview the changes.
You enter your code in HTML mode:
Tumblr media
And you preview it in Preview mode:
Tumblr media
Pull Quote Block
When you want to emphasize an excerpt of your article, you can turn it into its own block with a Pull Quote Block.
What distinguishes a Pull Quote Block from a Quote Block is its formatting. A Pull Quote Block has colored borders.
Tumblr media
Preformatted Block
Similar to the preformatted text option in the classic TinyMCE editor, a Preformatted Block lets you display the text on the front-end exactly as you type it.
The preformatted text uses a monospaced font, which means all characters have the same width.
Tumblr media
Here’s a preview of the preformatted text:
Tumblr media
Layout Elements
Blocks in this category help you beautify and arrange your post in a way that’s pleasing to the eye.
This includes blocks for adding colorful buttons, smart columns, media elements, and more.
Button Block
A Button Block lets you add a button to your post. You can customize its style (round, square, etc.), color, and the action to take place once it’s clicked.
Tumblr media
Columns Block
If you need to present your text in columns (“newspaper” style) rather than in full width, the Columns Block lets you do it quickly and easily.
Tumblr media
Media & Text Block
In the classic editor, placing images and text side by side required some developer skills. With the Media & Text Block, you can do it in just a few clicks.
Tumblr media
Lines and Separators Block
A Lines and Separators Block, as its name implies, allows you to add spacers between one piece of content and another.
This includes page breaks, line separators, and more.
Tumblr media
Embeds
The Embeds category lets you add content from social media sites, platforms, or any site from which you want to share posts or files.
You can choose to add blocks for Twitter, YouTube, Spotify, Flickr, and more.
Tumblr media
If you choose “Facebook” from the above list of blocks and paste a Facebook URL…
Tumblr media
…you’ll be able to embed the Facebook post directly inside your post:
Tumblr media
In the classic editor, this was significantly more difficult to do.
Widgets
With the Widgets category, your existing WordPress widgets (which were usually restricted to your blog’s sidebar or footer) can be easily added inside the body of your posts as blocks.
Tumblr media
Want to display a search bar or the latest comments on your blog right inside your post? You can by using the applicable widget block.
Need More Blocks? Try These Gutenberg Plugins for WordPress
As you can see from the list above, Gutenberg comes with a large selection of blocks right out of the box.
But if you need more, there are several WordPress plugins to give you even more functionality.
Otter Blocks Plugin
Otter Blocks is a free WordPress plugin providing 12 additional blocks, including Font Awesome Icons and Testimonials.
Once you’ve installed and activated the plugin, these new blocks will appear under the “Otter” category:
Tumblr media
Atomic Blocks Plugin
Atomic Blocks is another freebie offering (as of this writing) 14 new blocks focused on product owners. These blocks will appear inside the “Atomic Blocks” once you’ve installed the plugin.
Tumblr media
Stackable
Stackable provides 22 free blocks, some of which are already available in Gutenberg. However, they come with a different design.
If you work a lot with images, this plugin gives a few interesting layout solutions to blend text and visuals in an interesting way.
Tumblr media Tumblr media
Common WordPress Block Editor Questions
Before we wrap up, let’s look at a few common questions related to Gutenberg. This is a living section and will be updated as time goes on, so if you have a question be sure to leave it in the comments section below.
How do I Rearrange Blocks?
Once you’ve created a block, you can drag and drop them as you please.
Hover over the block you want to reposition, then click and hold the dots icon to move it. Or, you can click the arrows above and below the dots to move the block up or down one position at a time:
Tumblr media
How do I Create Reusable Block Templates?
If you want to use a block more than once, click on the ellipsis (3 dots) and choose the “Add to Reusable Blocks” option:
Tumblr media
The block will be saved as a reusable block.
Once you saved at least one reusable block, the “Reusable” category will appear among the other block categories:
Tumblr media
How do I Disable the New Editor in WordPress? (Or, How do I Revert to the Classic Editor in WordPress?)
If you install the Classic Editor plugin, the previous (“classic”) editor will be restored.
The WordPress core team has committed to supporting Classic Editor plugin until “at least 2022” or “as long as is necessary.”
So, if you’ve upgraded to WordPress 5.0 or later, and you find you’re not yet ready to make the switch to the new block editor, this official plugin from WordPress will allow you to use the classic TinyMCE text editor you know and love.
Can I Give Access to Gutenberg to Only a Few Users on my Site?
Absolutely.
If you have a bunch of different users and user roles on a single WordPress site, you can allow/restrict access to the block editor only to certain profiles/roles.
Is it Called Gutenberg, the Gutenberg Block Editor, the Block Editor, or Something Else?
“Gutenberg” was the project’s name when it was in development. As such, many still call it the “Gutenberg editor” or, simply, “Gutenberg.”
After the release of WordPress 5.0, it became known as the “WordPress Block Editor” or, simply, “block editor.”
But whatever you choose to call it, it’s all the same.
Is Gutenberg a Page Builder?
Not in its current state.
However, the block editor is merely the first of three planned stages.
Stage three, full site customization, would turn Gutenberg into a full-fledged page builder.
How do I Know if a WordPress Theme or Plugin is Compatible with the Block Editor?
Once Gutenberg was officially merged into the core of WordPress in release 5.0, theme and plugin authors/developers needed to update their products to ensure they were compatible.
Most themes and plugins, especially popular ones, are now compatible with Gutenberg. However, you should always make sure themes and plugins are compatible before you install and activate them on your website.
With plugins on WordPress.org, look for the “Tested with” label:
Tumblr media
For themes, check if Gutenberg compatibility is mentioned on WordPress.org or its homepage:
Tumblr media
What Happens to my Old Posts After I Switch to Gutenberg?
Don’t worry — your old content won’t disappear.
When you update your site to WordPress 5.0 or later, each of your old posts will be converted into a “classic” block, which is similar to the classic TinyMCE content editor.
You can choose to keep your old posts “classic,” or you can convert them into blocks.
How to Convert Old Posts into Blocks?
Click the ellipsis (3 dots) and choose the “Convert to Blocks” option:
Tumblr media
This will convert your post into a series of blocks, which you can edit, delete, and rearrange as you would normally.
Gutenberg isn’t so Scary
Though it differs greatly from the classic TinyMCE editor, you shouldn’t fear the new WordPress block editor.
It’s fairly intuitive, it’s powerful, and it eliminates much of the clutter keeping you from what truly matters: creating great content.
You now have a simple, easy-to-follow guide to help you navigate the new Gutenberg editor.
We hope you found it helpful.
If there’s anything you would like to see us add, or any questions you have about the new WordPress block editor, let us know in a comment below.
Author Bio: Adelina Tuca is a writer and WordPress blogger at ThemeIsle and CodeinWP. When she does not create content, she manages their partnerships with other publications and makes sure JustFreeThemes is performing well. She loves tennis, books, hiking, and metal concerts.
The post WordPress Block Editor: The Ultimate Gutenberg Guide (2019) appeared first on Smart Blogger.
from SEO and SM Tips https://smartblogger.com/wordpress-block-editor/
0 notes