https://www.facebook.com/257280338026205/

Online World.net, Jalangi (2026)

20/04/2018

Suspected 'Big Bitcoin Heist' Mastermind Fled to Sweden On Icelandic PM's Plane

Remember the "Big bitcoin heist" we reported last month when a group of thieves stole around 600 powerful bitcoin mining devices from Icelandic data centers?
Icelandic Police had arrested 11 suspects as part of the investigation, one of which has escaped from prison and fled to Sweden on a passenger plane reportedly also carrying the Icelandic prime minister Katrin Jakobsdottir.
Sindri Thor Stefansson, who is suspected of masterminding the whole theft of almost $2 million worth of cryptocurrency-mining equipment, traveled under a passport of someone else but identified through surveillance footage.

Stefansson had recently been transferred to a low-security Sogn prison, located in rural southern Iceland (just 59 miles away from Iceland's international airport in Keflavik), from where he escaped through a window early Tuesday and boarded the flight to Sweden.
Prime minister Jakobsdottir was on her way to Sweden to take part in India-Nordic Summit and meet Indian Prime Minister Narendra Modi on Tuesday in Stockholm.
iceland-Big-bitcoin-heist-sindri-thor-stefansson
It appears Stefansson has managed to hide himself in Sweden, as Swedish police say no arrest has been made in the country after being briefed by Icelandic police on the situation.
Icelandic police have issued an international arrest warrant for Stefansson.
The stolen cryptocurrency-mining devices are still missing, and Icelandic police are monitoring high-energy consumption area across the nation in an attempt to locate the missing equipment.

According to the authorities, Guards at the prison did not report Stefansson missing until after the flight to Sweden had taken off.
"He had an accomplice. We are sure of that," Police Chief Gunnar Schram told online news outlet Visir.(http://www.visir.is/g/2018180418964/sindri-thor-fludi-til-svithjodar) The theft, which the law enforcement said is one of the biggest series of robberies Iceland has ever experienced, took place between late December and early January, while the arrests of 11 people were made in February.
Besides 600 bitcoin mining devices, the theft also included burglary of 600 graphics cards, 100 processors, 100 power supplies, 100 motherboards and 100 sets of computer memory.
Shortly after the arrest, the Reykjanes District Court expressed restraint and released nine people on bail, leaving only two people under arrest, which included the alleged incident's mastermind Stefansson.

20/04/2018

Critical Unpatched RCE Flaw Disclosed in LG Network Storage Devices

https://youtu.be/7RgCq5d13qk

If you have installed a network-attached storage device manufactured by LG Electronics, you should take it down immediately, read this article carefully and then take appropriate action to protect your sensitive data.
A security researcher has revealed complete technical details of an unpatched critical remote command ex*****on vulnerability in various LG NAS device models that could let attackers compromise vulnerable devices and steal data stored on them.
LG's Network Attached Storage (NAS) device is a dedicated file storage unit connected to a network that allows users to store and share data with multiple computers. Authorized users can also access their data remotely over the Internet.

The vulnerability has been discovered(
https://www.vpnmentor.com/blog/critical-vulnerability-found-majority-lg-nas-devices/) by the researcher at privacy advocate firm VPN Mentor, the same company that last month revealed severe flaws in three popular VPNs—HotSpot Shield, PureVPN, and Zenmate.
The LG NAS flaw is a pre-authenticated remote command injection vulnerability, which resides due to improper validation of the "password" parameter of the user login page for remote management, allowing remote attackers to pass arbitrary system commands through the password field.
nas-device-hacking
As demonstrated by the researchers in the following video, attackers can exploit this vulnerability to first write a simple persistent shell on the vulnerable storage devices connected to the internet.
Using that shell, attackers can then execute more commands easily, one of which could also allow them to download the complete database of NAS devices, including users’ emails, usernames and MD5 hashed passwords.

Since passwords protected with MD5 cryptographic hash function can easily be cracked, attackers can gain authorized access and steal users sensitive data stored on the vulnerable devices.
In case, attackers don't want to crack the stolen password, they can simply run another command, as shown, to add a new user to the device, and log-in with that credentials to get the job done.

To add a new user to the database, all an attacker needs to do is generate a valid MD5. "We can use the included MD5 tool to create a hash with the username test and the password 1234," the researchers say.
Since LG has not yet released a fix for the issue, users of LG NAS devices are advised to ensure that their devices are not accessible via the public Internet and should be protected behind a firewall configured to allow only a trusted set of IPs to connect to the web interface.
Users are also recommended to periodically look out for any suspicious activity by checking all registered usernames and passwords on their devices.

20/04/2018

Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately

It's time to update your Drupal websites, once again.
For the second time within a month, Drupal has been found vulnerable to another critical vulnerability that could allow remote attackers to pull off advanced attacks including cookie theft, keylogging, phishing and identity theft.
Discovered by the Drupal security team, the open source content management framework is vulnerable to cross-site scripting (XSS) vulnerability that resides in a third-party plugin CKEditor which comes pre-integrated in Drupal core to help site administrators and users create interactive content.

CKEditor is a popular JavaScript-based WYSIWYG rich text editor which is being used by many websites, as well as comes pre-installed with some popular web projects.
According to a security advisory released (https://ckeditor.com/blog/CKEditor-4.9.2-with-a-security-patch-released/) by CKEditor, the XSS vulnerability stems from the improper validation of "img" tag in Enhanced Image plugin for CKEditor 4.5.11 and later versions.
drupal-CKEditor-enhanced-image-plugin
This could allow an attacker to execute arbitrary HTML and JavaScript code in the victim's browser and gain access to sensitive information.
Enhanced Image plugin was introduced in CKEditor 4.3 and supports an advanced way of inserting images into the content using an editor.
"The vulnerability stemmed from the fact that it was possible to execute XSS inside CKEditor when using the image2 plugin (which Drupal 8 core also uses)," the Drupal security team (https://www.drupal.org/sa-core-2018-003) said.
CKEditor has patched the vulnerability with the release of CKEditor version 4.9.2, which has also been patched in the CMS by the Drupal security team with the release of Drupal version 8.5.2 and Drupal 8.4.7.

Since CKEditor plugin in Drupal 7.x is configured to load from the CDN servers, it is not affected by the flaw.
However, if you have installed the CKEditor plugin manually, you are advised to download and upgrade your plugin to the latest version from its official website.
Drupal recently patched another critical vulnerability, dubbed Drupalgeddon2, a remote code ex*****on bug that allows an unauthenticated, remote attacker to execute malicious code on default or common Drupal installations under the privileges of the user, affecting all versions of Drupal from 6 to 8.
However, due to people's laziness of patching their systems and websites timely, the Drupalgeddon2 vulnerability has been found exploiting in the wild by hackers to deliver cryptocurrency miners, backdoors, and other malware.
Therefore, users are highly recommended always to take security advisories seriously and keep their systems and software up-to-date in order to avoid become victims of any cyber attack.

20/04/2018

'iTunes Wi-Fi Sync' Feature Could Let Attackers Hijack Your iPhone, iPad Remotely

Be careful while plugging your iPhone into a friend's laptop for a quick charge or sharing selected files.
Researchers at Symantec have issued (https://www.symantec.com/blogs/feature-stories/ios-trustjacking-dangerous-new-ios-vulnerability) a security warning for iPhone and iPad users about a new attack, which they named "TrustJacking," that could allow someone you trust to remotely take persistent control of, and extract data from your Apple device.
Apple provides an iTunes Wi-Fi sync feature in iOS that allows users to sync their iPhones to a computer wirelessly. To enable this feature, users have to grant one-time permission to a trusted computer (with iTunes) over a USB cable.

Once enabled, the feature allows the computer owner to secretly spy on your iPhone over the Wi-Fi network without requiring any authentication, even when your phone is no longer physically connected to that computer.
"Reading the text, the user is led to believe that this is only relevant while the device is physically connected to the computer, so assumes that disconnecting it will prevent any access to his private data," Symantec said.
Since there is no noticeable indication on the victim's device, Symantec believes the feature could exploit the "relation of trust the victim has between his iOS device and a computer."
iphone-itunes-wifi-sync-hacking
Researchers suggest following scenarios where TrustJacking attack can be successfully performed, especially when you trust a wrong computer:
Connecting your phone to a free charger at an airport, and mistakenly approving the pop-up permission message to trust the connected station.
A remote attacker, not in the same Wi-Fi network can also access iPhone data if the device owner's own "trusted" PC or Mac has been compromised by malware.
Moreover, iTunes Wi-Fi sync feature could also be used to remotely install malware apps on your iPhone, as well as to download a backup and steal all your photos, SMS / iMessage chats history, and application data.

"An attacker can also use this access to the device to install malicious apps, and even replace existing apps with a modified wrapped version that looks exactly like the original app, but is able to spy on the user while using the app and even leverage private APIs to spy on other activities all the time," Symantec said.
The TrustJacking attack could also allow trusted computers to watch your device's screen in real-time by repeatedly taking remote screenshots, observing and recording your every action.
iphone-itunes-wifi-sync-hacking
Apple has now introduced another security layer in iOS 11, asking users to enter their iPhone's passcode while pairing their iPhone with a computer, after getting notified by the Symantec researchers.
However, Symantec says the loophole remains open, as the patch does not address the primary concern, i.e., the absence of noticeable indication or mandatory re-authentication between the user's device and the trusted computer after a given interval of time.
"While we appreciate the mitigation that Apple has taken, we’d like to highlight that it does not address Trustjacking in a holistic manner," Symantec's Roy Iarchy said. "Once the user has chosen to trust the compromised computer, the rest of the exploit continues to work as described above."
The best and simple way to protect yourself is to ensure that no unwanted computers are being trusted by your iOS device. For this, you can remove the trusted computers list by going to Settings → General → Reset → Reset Location & Privacy.
Also, most important, always deny the access when asked to trust the computer while charging your iOS device. Your device would still charge using the computer, without exposing your data.

20/04/2018

Facebook Plans to Build Its Own Chips For Hardware Devices

A new job opening post on Facebook suggests that the social network is forming a team to build its own hardware chips, joining other tech titans like Google, Apple, and Amazon in becoming more self-reliant.
According to the post, (
https://www.facebook.com/careers/jobs/a0I1200000KujvKEAR?) Facebook is looking for an expert in ASIC and FPGA—two custom silicon designs to help it evaluate, develop and drive next-generation technologies within Facebook—particularly in artificial intelligence and machine learning.
The social media company is seeking to hire an expert who can "an end-to-end SoC/ASIC, firmware and driver development organization, including all aspects of front-end and back-end standard cell ASIC development," reads the job listing(https://www.linkedin.com/jobs/view/manager-asic-development-at-facebook-622123188/) on Facebook's corporate website.

SoC (system-on-a-chip) is a processor typically used in mobile devices with all the components required to power a device, while ASIC (application-specific integrated circuit) is a customized piece of silicon designed for a narrow purpose that companies can gear toward something specific, like mining cryptocurrency.
FPGA (field programmable gate array) is an adaptable chip designed to be a more flexible and modular design that can be tuned to speed up specific jobs by running a particular piece of software.
First reported(https://www.bloomberg.com/news/articles/2018-04-18/facebook-is-forming-a-team-to-design-its-own-chips) by Bloomberg, building its own processors would help the social media giant reduce dependency on companies such as Qualcomm and Intel, who hold the lion's share of the processor market.
Reportedly Apple, who already makes its own A-series custom chips for iPhones, iPads and other iThings, has planned to use its custom-designed ARM chips in Mac computers starting as early as 2020, replacing the Intel processors running on its desktop and laptop hardware.

Google has also developed (https://www.theinformation.com/articles/google-ramps-up-mobile-chipmaking-with-talent-from-apple) its own artificial intelligence chip, and Amazon is reportedly(https://www.theinformation.com/articles/amazon-is-becoming-an-ai-chip-maker-speeding-alexa-responses) designing its custom hardware to improve Alexa-equipped devices.
The plan to invest in building its own processors could help Facebook to power its artificial intelligence software, servers in its data centers, as well as its future hardware devices, like Oculus virtual reality headsets and smart speakers (similar to Amazon Echo and Google Home).
Using its custom chips would also allow the social media company to gain more control over its own hardware roadmap better and eventual feature set to offer better performance to its users.
Facebook has not commented on the news yet, so at this time, it is hard to say where the company will deploy its in-house chips.

20/04/2018

Over 20 Million Users Installed Malicious Ad Blockers From Chrome Store

If you have installed any of the below-mentioned Ad blocker extension in your Chrome browser, you could have been hacked.
A security researcher has spotted five malicious ad blockers extension in the Google Chrome Store that had already been installed by at least 20 million users.
Unfortunately, malicious browser extensions are nothing new. They often have access to everything you do online and could allow its creators to steal any information victims enter into any website they visit, including passwords, web browsing history and credit card details.

Discovered by Andrey Meshkov, co-founder of Adguard, these five malicious extensions are copycat versions of some legitimate, well-known Ad Blockers.
Creators of these extensions also used popular keywords in their names and descriptions to rank top in the search results, increasing the possibility of getting more users to download them.
"All the extensions I've highlighted are simple rip-offs with a few lines of code and some analytics code added by the authors," Meshkov says.(https://blog.adguard.com/en/over-20-000-000-of-chrome-users-are-victims-of-fake-ad-blockers/) After Meshkov reported his findings to Google on Tuesday, the tech giant immediately removed all of the following mentioned malicious ad blockers extension from its Chrome Store:
AdRemover for Google Chrome™ (10 million+ users)
uBlock Plus (8 million+ users)
[Fake] Adblock Pro (2 million+ users)
HD for YouTube™ (400,000+ users)
Webutation (30,000+ users)
Meshkov downloaded the ‘AdRemover’ extension for Chrome, and after analyzing it, he discovered that malicious code hidden inside the modified version of jQuery, a well-known JavaScript library, sends information about some websites a user visits back to a remote server.
Also Read: Someone Hijacks A Popular Chrome Extension to Push Malware
The malicious extension then receives commands from the remote server, which are executed in the extension 'background page' and can change your browser's behavior in any way.

To avoid detection, these commands send by the remote server are hidden inside a harmless-looking image.
"These commands are scripts which are then executed in the privileged context (extension's background page) and can change your browser behavior in any way," Meshkov says.
"Basically, this is a botnet composed of browsers infected with the fake Adblock extensions," Meshkov says. "The browser will do whatever the command center server owner orders it to do."
The researcher also analyzed other extensions on the Chrome Store and found four more extensions using similar tactics.
Also Read: Malicious Chrome Extension Hijacks CryptoCurrencies and Wallets
Since browser extension takes permission to access to all the web pages you visit, it can do practically anything.
So, you are advised to install as few extensions as possible and only from companies you trust.

19/04/2018

Hackers Exploiting Drupal Vulnerability to Inject Cryptocurrency Miners

The Drupal vulnerability (CVE-2018-7600), dubbed Drupalgeddon2 that could allow attackers to completely take over vulnerable websites has now been exploited in the wild to deliver malware backdoors and cryptocurrency miners.
Drupalgeddon2, a highly critical remote code ex*****on vulnerability discovered two weeks ago in Drupal content management system software, was recently patched by the company without releasing its technical details.
However, just a day after security researchers at Check Point and Dofinity published complete details, a Drupalgeddon2 proof-of-concept (PoC) exploit code was made widely available, and large-scale Internet scanning and exploitation attempts followed.

At the time, no incident of targets being hacked was reported, but over the weekend, several security firms noticed that attackers have now started exploiting the vulnerability to install cryptocurrency miner and other malware on vulnerable websites.
The SANS Internet Storm Center spotted (https://isc.sans.edu/forums/diary/A+Review+of+Recent+Drupal+Attacks+CVE20187600/23563/) some attacks to deliver a cryptocurrency miner, a PHP backdoor, and an IRC bot written in Perl.
drupal-website-hacking
The simple PHP backdoor allows attackers to upload additional files (backdoors) to the targeted server.
A thread on SANS ISC Infosec forums also suggests (https://isc.sans.edu/forums/diary/Drupal+CVE20187600+PoC+is+Public/23549/) that Drupalgeddon2 is being used to install the XMRig Monero miner on vulnerable websites. Besides the actual XMRig miner, the malicious script also downloads additional files, including a script to kill competing miners on the targeted system.
Researchers from security firm Volexity have also observed (https://www.volexity.com/blog/2018/04/16/drupalgeddon-2-profiting-from-mass-exploitation/) a wide variety of actions and payloads attempted via the public exploit for Drupalgeddon2 to deliver malicious scripts that install backdoors and cryptocurrency miners on the vulnerable sites.

The researchers believed that one of the Monero miner campaigns, delivering XMRig, is associated with a criminal group that exploited the vulnerability (CVE-2017-10271) in Oracle WebLogic servers to deliver cryptocurrency miner malware shortly after its PoC exploit code was made public in late 2017.
drupal-hacking
Volexity identified some of the group's wallets that had stored a total of 544.74 XMR (Monero coin), which is equivalent to almost $105,567.
As we reported in our previous article, Imperva stats showed (https://www.imperva.com/blog/2018/04/drupalgeddon-2-0-are-hackers-slacking-off/) that 90% of the Drupalgeddon2 attacks are simply IP scanning in an attempt to find vulnerable systems, 3% are backdoor infection attempts, and 2% are attempting to run crypto miners on the targets.
For those unaware, Drupalgeddon2 allows an unauthenticated, remote attacker to execute malicious code on default or common Drupal installations under the privileges of the user, affecting all versions of Drupal from 6 to 8.
Therefore, site admins were highly recommended to patch the issue by updating their CMS to Drupal 7.58 or Drupal 8.5.1 as soon as possible.
In its advisory, Drupal warned (https://www.drupal.org/psa-2018-002) that "sites not patched by Wednesday, 2018-04-11 may be compromised" and "simply updating Drupal will not remove backdoors or fix compromised sites."
Moreover,
"If you find that your site is already patched, but you didn’t do it, that can be a symptom that the site was compromised. Some attacks in the past have applied the patch as a way to guarantee that only that attacker is in control of the site."
Here's a guide Drupal team suggest to follow if your website has been hacked.(https://www.drupal.org/node/2365547)

19/04/2018

CCleaner Attack Timeline—Here's How Hackers Infected 2.3 Million PCs

Last year, the popular system cleanup software CCleaner suffered a massive supply-chain malware attack of all times, wherein hackers compromised the company's servers for more than a month and replaced the original version of the software with the malicious one.
The malware attack infected over 2.3 million users who downloaded or updated their CCleaner app between August and September last year from the official website with the backdoored version of the software.
Now, it turns out that the hackers managed to infiltrate the company's network almost five months before they first replaced the official CCleaner build with the backdoored version, revealed Avast executive VP and CTO Ondrej Vlcek at the RSA security conference in San Francisco on Tuesday.
6-Months Timeline of CCleaner Supply Chain Attack
Vlcek shared (https://blog.avast.com/update-ccleaner-attackers-entered-via-teamviewer) a brief timeline of the last year's incident that came out to be the worst nightmare for the company, detailing how and when unknown hackers breached Piriform, the company that created CCleaner and was acquired by Avast in July 2017.
March 11, 2017 (5 AM local time)—Attackers first accessed an unattended workstation of one of the CCleaner developers, which was connected to Piriform network, using remote support software TeamViewer.
hacking-news
The company believes attackers reused the developer's credentials obtained from previous data breaches to access the TeamViewer account and managed to install malware using VBScript on the third attempt.
March 12, 2017 (4 AM local time)—Using the first machine, attackers penetrated into the second unattended computer connected to the same network and opened a backdoor through Windows RDP (Remote Desktop Service) protocol.
hacking computer
Using RDP access, the attackers dropped a binary and a malicious payload—a second stage malware (older version) that was later delivered to 40 CCleaner users—on the target computer's registry.
March 14, 2017—Attackers infected the first computer with the older version of the second stage malware as well.
April 4, 2017—Attackers compiled a customised version of ShadowPad, an infamous backdoor that allows attackers to download further malicious modules or steal data, and this payload the company believes was the third stage of the CCleaner attack.
April 12, 2017—A few days later, attackers installed the 3rd stage payload on four computers in the Piriform network (as a mscoree.dll library) and a build server (as a .NET runtime library).
Between mid-April and July—During this period, the attackers prepared the malicious version of CCleaner, and tried to infiltrate other computers in the internal network by installing a keylogger on already compromised systems to steal credentials, and logging in with administrative privileges through RDP.
July 18, 2017—Security company Avast acquired Piriform, the UK-based software development company behind CCleaner with more than 2 billion downloads.
August 2, 2017—Attackers replaced the original version of CCleaner software from its official website with their backdoored version of CCleaner, which was distributed to millions of users.
September 13, 2017—Researchers at Cisco Talos detected the malicious version of the software, which was being distributed through the company's official website for more than a month, and notified Avast immediately.
The malicious version of CCleaner had a multi-stage malware payload designed to steal data from infected computers and send it back to an attacker-controlled command-and-control server.
Although Avast, with the help of the FBI, was able to shut down the attackers' command-and-control server within three days of being notified of the incident, the malicious CCleaner software had already been downloaded by 2.27 million users.
Moreover, it was found that the attackers were then able to install a second-stage payload on 40 selected computers operated by major international technology companies, including Google, Microsoft, Cisco, Intel, Samsung, Sony, HTC, Linksys, D-Link, Akamai and VMware.
However, the company has no proofs if the third stage payload with ShadowPad was distributed to any of these targets.
"Our investigation revealed that ShadowPad had been previously used in South Korea, and in Russia, where attackers intruded a computer, observing a money transfer." Avast said.
"The oldest malicious executable used in the Russian attack was built in 2014, which means the group behind it might have been spying for years."
Based on their analysis of the ShadowPad executable from the Piriform network, Avast believes that the malicious attackers behind the malware have been active for a long time, spying on institutions and organizations so thoroughly.

18/04/2018

Intel Processors Now Allows Antivirus to Use Built-in GPUs for Malware Scanning

https://youtu.be/0jDyfNhKwlM

Global chip-maker Intel on Tuesday announced (https://newsroom.intel.com/editorials/securing-digital-world-intel-announces-silicon-level-security-technologies-industry-adoption-rsa-2018/) two new technologies—Threat Detection Technology (TDT) and Security Essentials—that not only offer hardware-based built-in security features across Intel processors but also improve threat detection without compromising system performance.
Intel's Threat Detection Technology (TDT) offers a new set of features that leverage hardware-level telemetry to help security products detect new classes of threats and exploits.
It includes two main capabilities—Accelerated Memory Scanning and Advanced Platform Telemetry.
Accelerated Memory Scanning allows antivirus programs to use Intel's integrated GPU to scan and detect memory-based malware attacks while reducing the impact on performance and power consumption.
"Current scanning technologies can detect system memory-based cyber-attacks, but at the cost of CPU performance," says Rick Echevarria, Intel security division Vice President.
"With Accelerated Memory Scanning, the scanning is handled by Intel's integrated graphics processor, enabling more scanning, while reducing the impact on performance and power consumption."
According to Intel, early tests using the new GPU-accelerated scanning technique suggest that CPU utilization for malware threat scans "dropped from 20 percent to as little as 2 percent"—that's obviously a massive increase in efficiency.

The other TDT feature is Intel Advanced Platform Telemetry that incorporates cloud-based machine learning and endpoint data collection to better identify potential security threats, "while reducing false positives and minimizing performance impact."
Intel's new Thread Detection Technology solution will be available for computers with 6th, 7th, and 8th generation Intel processors, though it's up to third-party antivirus vendors to actually utilize the feature.
Microsoft and Cisco are the first ones to make use of Intel's Threat Detection Technology (TDT), with the Intel TDT coming to Windows Defender Advanced Protection Threat (ATP) this month.
intel-security-essentials-solution
The second security solution launched by the chip maker is Intel Security Essentials—a built-in toolkit which includes a bunch of different hardware-based security features available across Intel Core, Xeon, and Atom processors.
Intel Security Essentials has following properties that offer a chain of trust to protect against a wide range of attacks:
Hardware Root of Trust—Cryptographic keys protected by hardware
Small Trusted Computing Base—Protecting keys, IDs, and data using hardware trusted platform module (TPM)
Defence in Depth—Hardware and software protection
Compartmentalization—Hardware-enforced barriers between software components
Direct Anonymous Authentication—Cryptographic schemes to offer anonymous authentication of a device for privacy (especially for IoT devices)
HW Security escalation—Enabling hardware acceleration of cryptographic calculation, antivirus scanning, and key generation
The announcement comes after serious security vulnerabilities—Meltdown and Spectre—badly hit Intel CPUs and chips from other companies earlier this year, and the security patches rolled out by the companies increased load for the CPU, affecting device performance.

Online World.net

20/04/2018

20/04/2018

20/04/2018

20/04/2018

20/04/2018

20/04/2018

19/04/2018

19/04/2018

18/04/2018

Address

Telephone

Website

Alerts

Shortcuts

Share

Category