Skip to Content

Cybersecurity and Infosec News Headlines Update on February 27, 2022

Ukrainian Computers Infected with Wiper Malware

Hundreds of computers in Ukraine have been infected with Windows wiper malware. The malware appears to be signed with a legitimate developer certificate. The appearance of the wiper malware follows close on the heels of a series of distributed denial-of-service attacks and SMS spam attacks against Ukrainian devices. In some cases, the wiper malware was accompanied by ransomware, which may have been used as a decoy or red herring.

Note

  • Currently, these attacks appear to be targeting systems in the Ukraine. But don’t feel too safe if you are not connected to the Ukraine. As NotPetya and other events have shown, malware like this easily spills over.
  • It is not a huge surprise that both kinetic and cyber-attacks are being leveraged against the Ukraine. The wiper has been dubbed “HermeticWiper” because the certificate which signs it was issued to “Hermetica Digital Ltd.” Note that it has also been found in Lithuania and Latvia, seemingly targeting financial institutions and government contractors. The ransomware feint is reminiscent of the WhisperGate wiper previously targeting the Ukraine. Even so, user awareness, content filtering, and other ransomware defenses are still relevant to reducing the likelihood of a successful compromise.

Read more in

Nonprofit Cyber Coalition Established

The Nonprofit Cyber Coalition will bring together more than 20 organizations “to collaboratively align [their] individual strengths into a collective force for good, taking positive action for the entire cyber ecosystem.” Founding members include the Center for Internet Security (CIS), the Anti-Phishing Working Group, the Cloud Security Alliance, and Consumer Reports.

Note

  • SANS gave one the founders of one of the organizations, #ShareTheMicInCyber, a SANS Difference Makers award in 2021 and has long been a supporter of the Center for Internet Security. There is a lot of good and meaningful progress in cybersecurity being driven by non-profits, this coalition can act as a force multiplier for future efforts.
  • This is an incredible gathering of expertise and resources. This is a collection of free services you can leverage, and augments resources provided by others such as the CISA. The initial focus is on raising awareness of the services offered and how you can leverage them. If you’re curious about the composition of the coalition, the last three pages of the press release below describe each of the members and what they bring to the table.

Read more in

Irish Healthcare Ransomware Attack Recovery Costs Could Reach €100m

The costs of response to and recovery from last May’s ransomware attack against Ireland’s Health Service Executive (HSE) is currently €43 million (USD 48 million) and could end up being as high as €100 million (USD 112 million), according to a letter from the HSE’s interim CIO. That figure does not include the costs of implementing security measures recommended by a PWC report on the incident.

Note

  • It should be very clear by now that the cost of a ransomware attack is not limited to the ransom payment itself (if you decide to pay in the first place). The response and recovery from a ransomware attack includes many other variables that will increase the cost exponentially. I hope that by now all the NewsBites readers have bought in to investing in testing, measuring, and improving their security controls (people, process, and technology) before the inevitable breach. We call this culture “operating under assumed breach.”
  • Read that number and remember it doesn’t include security improvements or other costs to patients, including any loss of life which resulted from the downtime. Now make sure your recovery plans include obtaining funding for security improvements, as well as lack of, or reduction to, customer business during the recovery.
  • Folks, remember HSE never paid a ransom; they obtained the decryption key for free. The biggest costs to ransomware is not the ransom, but costs to no longer be able to function, costs to reputation, costs to recover, legal fees, etc. Anytime someone is paying a ransom, you can exponentially increase that number to determine the real costs. And those costs are just financial. What about costs to people’s health, jobs, family life, and emotional state?

Read more in

Cyclops Blink

The US Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (NCSC) have released alerts warning of new network device malware that is being used by the Russian Sandworm hacking group. Known as Cyclops Blink, the malware is a Linux ELF executable.

Note

  • People keep asking, “What can I do?” While there is little you can do to help people in Ukraine right now, you should be able to find the time today to double check your router/firewall (not just Watchguard). Make sure it is up to date, uses strong authentication and that its admin interface is not exposed to the public. Compromised routers are a valuable commodity even for state actors not just to launch DoS attacks, but also to use as proxies for targeted attacks.
  • Yes, this the same Sandworm group that released the NotPetya malware. Cyclops Blink leverages a firmware update weakness which allows it to persist across firmware updates on WatchGuard devices. WatchGuard has published updates to Fireware that address the vulnerability. It is expected that other manufacturer devices will also be targeted. The best mitigation is to disable remote management of your router/firewall and keep the firmware updated.

Read more in

American Hospital Association Cybersecurity Advisory

The American Hospital Association (AHA) has published a cybersecurity advisory, noting that it “is closely monitoring the potential for increased cyber risks to the U.S. health system stemming from the ongoing military operations in the Russia/Ukraine region.” The AHA list three main concerns for hospitals and health systems: they could be directly targeted by Russian-sponsored cyber actors; they could experience collateral damage from malware; and their services could be disrupted by a cyberattack. The advisory also provides resources and recommendations for protecting networks.

Note

  • Expect threat actors to target health and government systems for members of the NATO alliance in response to the sanctions issued. Heightened awareness is called for, panic is not. Make sure that you are taking steps to ensure your cyber posture is strengthened. Leverage active monitoring, immutable backups, strong authentication and DDOS protections. Update and verify contact information for responders and key management staff. Finish up those BC/DR plans you’ve been updating to include new services or functions implemented in the last two years.

Read more in

Cisco Field Notice: Upgrade Firepower Software

Cisco has published a field notice urging users of their Firepower firewalls to upgrade their software; if they do not, security updates may fail after March 5, 2022. The issue is due to an upcoming Secure Sockets Layer (SSL) certificate change.

Note

  • The threat intelligence feeds consumed by the Firepower platform depend on the SSL certificate. The certificate authority is being decommissioned March 6th, so postponing can make Monday March 7th a really bad day. The Firepower Management Center is what needs the update, not the Firepower Threat Defense device. Note that the fix may require updates to a newer supported software version, so you want to leverage between now and March 5th for regression testing.

Read more in

Cisco FXOS and NX-OS Software Security Advisory Bundled Publication

Cisco has released fixes for four vulnerabilities in its FXOS and NX-OS network operating systems. Three of the security issues are rated high severity; the fourth is rated medium. Cisco was alerted to one of the vulnerabilities – a fabric services over IP denial-of-service issue – by the National Security Agency (NSA). The fixes are part of Cisco’s semi-annual FXOS and NX-OS Software Security Advisory Bundled Publication.

Note

  • If you’re running Cisco Nexus or UCS series switches/appliances or virtual edge services, check the advisories for applicability. The fixes include addressing CVE-2022-20650, which can be remotely exploited and allow command injection. The flaw identified by the NSA is CVE-2022-20624, resulting from insufficient validation of network packets, allowing specially crafted packets to exploit it. While some of the flaws are mitigated by not enabling vulnerable features, such as CFSoIP, it’s best to apply the update to protect future possibilities of you enabling those functions.

Read more in

NCCoE Releases Final Telehealth and Remote Patient Monitoring Ecosystem Guidance

The National Cybersecurity Center of Excellence (NCCoE) has released the final version of its guidance on remote patient monitoring and telehealth security. In the publication, NCCoE notes that it “built a laboratory environment to demonstrate how healthcare delivery organizations can implement cybersecurity and privacy controls to enhance telehealth RPM resiliency;” the document includes how-to guides. NCCoE is part of the National Institute of Standards and Technology (NIST).

Note

  • Volume C: How-to Guides make this publication much more useful than the typical NIST Special Publication. Working with private industry, a reference architecture was used to build out real world systems using real world products to develop and implement a candidate security solution. Other volumes provide the usual high level security guidance, and the how-to volume is not a “just build this” solution but definitely brings everything closer to reality.
  • With the pandemic, HIPAA restrictions relating to telehealth were loosened. It’s time to make sure that systems implemented to provide remote services to patients are properly secured, with validation. These guides are intended to help with that process. Check services you may have exposed to ease access are only allowing the access intended, monitored, patched/updated and themselves are not pivot points into your other IT systems. Make sure that you have an appropriate agreement with the services, such as a BAA, for protecting that information.

Read more in

UK Police Seize £16 Million in Stolen Cryptocurrency

In July 2021, the Greater Manchester (UK) Police seized more than £16 (USD 22.2 million) in stolen cryptocurrency from USB sticks and an online safe. As of February 18, 2022, more than £4 million (USD 5.4 million) of the cryptocurrency has been returned to victims of the theft.

Note

  • While becoming more mainstream, crypto is still less regulated with fewer consumer protections than traditional currency. Keep track of your crypto, including the details, reporting losses if stolen. Funds can only be returned if sufficient details are available; in this case the wallet address, savings and trading services it was invested in as well as the law enforcement agency the loss was reported to must match.

Read more in

IRS Will Switch to Login.Gov After Current Tax Season

The US Internal Revenue Service (IRS) plans to roll out the Login.Gov authentication tool after the April 2022 tax filing deadline. The agency will stick with ID.me for the remainder of the current tax season. The IRS has already walked back plans to require taxpayers who want to access their IRS accounts online to use facial recognition technology following pushback from legislators and digital right advocates.

Note

  • For whatever reason, the IRS initially tried the “let’s throw the frog into a pot of boiling water” approach to moving away from reusable passwords – and the frog leapt out. Login.gov supports 2FA and strong identity proofing at enrollment – the identity frog is in the pot and the temperature can gradually be increased.
  • Throwing a frog into a boiling pot, as John says, is too rapid of a change and never effective, particularly with a large user group. In short, look before you leap. Login.gov is engineered for providing accounts for the public to authenticate to US Government systems which include both strong authentication and identity verification. This move should help smooth any rough edges in the current Login.gov account activation process.
  • It is, and probably ought to be, difficult to enroll in login.gov or ID.me. I have so far been unsuccessful. The IRS has committed to both facial recognition and an interview as options for people like me.

Read more in

CISA Free Cybersecurity Services and Tools

The US Cybersecurity and Infrastructure Security Agency (CISA) has published a catalog of free public and private sector cybersecurity services. The Free Cybersecurity Services and Tools webpage “includes cybersecurity services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community.” CISA plans to include additional tools and services in the future.

Note

  • Sadly, some organizations, in particular in the government, have a hard time using free/open-source tools for political reasons, not due to the quality of the tool. I hope that CISA’s list will put a spotlight on some of these tools and make it easier to overcome “Layer 8” issues in implementing them. Currently, the list is a bit dominated by a few vendors and I hope over time more tools will be added. Great start and high-quality resources.
  • This is an amazing list of tools but remember you need people and processes to take advantage of them in the most efficient way possible.
  • This is a great resource for businesses, particularly small businesses, to refer to when looking for tools. However, while this helps deal with the challenge of the technology part of cybersecurity, I do hope there will be additional resources made available around the other areas such as processes and people.
  • The site includes foundational security measures you should be incorporating, links to tools you can deploy locally, as well as information on free services CISA can provide to help your cyber hygiene. Leverage these services and tools to both augment current capabilities and verify your assessed posture, possibly discovering issues previously overlooked.
  • In light of recent Russian activity, security professionals and leaders are asking, “What should I be doing?” In most cases, nothing different than what you are already doing now from a security perspective. This CISA publication and release of tools emphasizes the same key lessons: focus on the fundamentals. Neither the attack methods nor the defense methods have changed; it is the sense of urgency that has changed.

Read more in

CISA Insights: Foreign Influence Operations

The US Cybersecurity and Infrastructure Security Agency (CISA) has published a CISA Insights document, Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure. The document “is intended to ensure that critical infrastructure owners and operators are aware of the risks of influence operations leveraging social media and online platforms.” CISA recommends that critical infrastructure organizations assess the information environment; identify vulnerabilities; fortify communication channels; engage in proactive communication; and develop an incident response plan.

Note

  • This short three pager doesn’t contain any news for large critical infrastructure providers. However, it may be useful for state/local players across water and power and smaller private firms in manufacturing, transportation, etc. to get across to management the need to monitor and minimize the risk of misinformation campaigns across social media.
  • This is an easy read, and lists both company and employee actions needed to shore up your defenses for misinformation, disinformation and malinformation (MDM) campaigns. Note the different definition of MDM here.

Read more in

House Committee Holds Hearing on Data Privacy Risks and Reforms

On February 16, 2022, the US House Committee on Administration held a hearing last week titled Big Data: Privacy Risks and Needed Reforms in the Public and Private Sectors. Legislators attending the hearing spoke in support of a national data privacy law, but there is disagreement about what that law would look like.

Note

  • For companies that need to deal with multiple state privacy laws and regulations, plan on continuing to do so for the foreseeable future. I think we just passed the 20th anniversary of the first draft US national privacy legislation – while we may see some limited controls on what are now being called social media “platforms,” the obstacles to any meaningful US national privacy legislation have not changed.
  • While there is increasing consensus that a national privacy law is needed, there is still disagreement on where enforcement should lie, which federal agency should oversee the law, what the privacy standards should be, and whether this is a framework to support state laws or intended to replace them. While this is still movement in the right direction, the federal efforts may be overtaken by states unwilling to wait enacting their own legislation, which may make it very interesting for service providers to meet a complex landscape of requirements.

Read more in

NIST is Seeking Comments on Updating Cybersecurity Resources

The National Institute of Standards and Technology (NIST) is seeking public input to help evaluate and improve its Framework for Improving Critical Infrastructure Cybersecurity and other cybersecurity resources. The Cybersecurity Framework has not been updated since April 2018. NIST will accept comments through April 25, 2022.

Note

  • With all the activity over the last two years, particularly with ransomware and supply-chain issues, it’s a good time to incorporate that experience to the NIST CSF. Don’t wait to submit comments; you only have until April 25th. Comments need to be submitted to the Federal e-Rulemaking portal (www.regulations.gov) or via email to the NIST RFI ([email protected]) with attachments in text, RTF, Word, PDF, HTML format.

Read more in

Dept. of Health and Human Services EHR Guidance

The US Department of Health and Human Services (HHS) Cybersecurity Coordination center has released guidance for protecting electronic health records (EHRs). The document enumerates the most serious threats to EHR systems – phishing; malware/ransomware; encryption blind spots; cloud threats; and insider threats – and “recommend[s] that healthcare leaders shift their focus by moving beyond a prevention strategy and creating a proactive preparedness plan.”

Note

  • Having had electronic and paper health records lost during a natural disaster, I am missing any mention of backups in the document. The presentation appears a bit disconnected and repeats common knowledge without deriving a lot of new insight from it. I do not believe that this presentation will convince any healthcare leaders to do anything that they are not already doing.
  • If you have an EHR system, make sure you understand what data is included, where the system is, and how it is protected. This primer is intended to organize and simplify protection strategies from VPN and encryption in transit to email security. Use the recommendations to reduce your risks and drive the conversation with the EHR system provider, whether internal or externally hosted to make sure your data is protected and all parties are prepared in the event of an incident.
  • The biggest takeaway is that everyone should shift their focus from prevention to detection. As we say in SEC504, prevention is a goal, detection is a requirement.

Read more in

WordPress UpdraftPlus Plug-in Forced Update

Developers of the UpdraftPlus WordPress plugin have forced an update to protect websites from a critical vulnerability. The flaw allows anyone with an account on a vulnerable site to download the site’s private database. UpdraftPlus reportedly has more than 3 million installations.

Note

  • Not to sound like a broken record: WordPress is THE largest threat to the Internet’s stability and national security. If there ever should be a mass power outage due to compromised industrial PLCs, I am pretty sure the root cause will be a spear phishing site hosted on a compromised WordPress site. A mass DNS outage or BGP melt down? The cause was likely malware downloaded from a compromised WordPress site.
  • It is rare for WordPress to force a plugin update (regardless of the plugin’s auto-update setting). This decision relates to the ease of exploit for this flaw by any authenticated user. Even so, make sure your copy is updated to at least 1.22.3 (free version) or 2.22.3 (paid version).

Read more in

Logistics Company Hit with Cyberattack

Expeditors International, a logistics and freight company based in Seattle, has shut down most of its operations due to a cyberattack. The company says it has “limited ability to conduct operations.”

Note

  • Keep an eye on Expeditors’ Downtime Notification site for status updates (link below) as they are updating it daily. They are currently planning to restore systems from backups, which can be a time intensive activity. No announcements have yet been made regarding manual or other alternate processes. Consider this incident, recovery plan, communication to date, comparing with your DR/COOP plans, then look at it from your customers’ perspective to verify your assumptions and expectations.
  • Another NewsBites and another ransomware attack. The numbers are not going down and we must continue to collaborate to detect and respond to these threats before boom (boom being exfiltration and/or encryption).

Read more in

IRS: Facial Recognition No Longer Required for Online Account Access

The US Internal Revenue Service (IRS) is no longer requiring facial recognition for online account registration. The agency faced pushback when it announced that all users would have to use it by summer 2022. Taxpayers can still use the facial recognition authentication option; they can also choose to have a live, virtual interview.

Note

  • If you wish to use the ID.me process, the PII provided for identity verification will now be deleted as part of that process. If you had previously used this process, the biometric data will be deleted over the next few weeks. The challenge the IRS and GSA are trying to solve is to implement strong identity verification at scale. The virtual interview option is intended for this tax year only, with an improved options beyond 2022.

Read more in

US Department of Justice’s New Cybercrime Initiatives Focus on International Cooperation

Speaking at the Munich Cyber Security Conference, Deputy US Attorney General Lisa Monaco announced several new Department of Justice (DoJ) cybercrime initiatives, including an FBI unit that will focus of crime related to cryptocurrency. The Virtual Asset Exploitation Unit will work closely with the DoJ’s National Cryptocurrency Enforcement Team (NCET). In addition, the DoJ is launching an International Virtual Currency Initiative as well as establishing the post of Cyber Operations International Liaison, who will be embedded in Europe “to work with U.S. prosecutors and European partners.” Monaco also noted that “prosecutors handling significant cyber investigations will now be required to consult with the department’s international and cybercrime specialists to identify international actions that might be able to help stop a threat. International cooperation will not be an afterthought.”

Note

  • As the Attorney General noted “.. it’s the rare cyber investigation that doesn’t have an international dimension.” It is good to see the US is back being involved in international cybersecurity efforts. Also, good to see they will take advantage of the ability to disrupt cybercrime in-process vs. only monitor and prosecute after damage has occurred. On the downside, the AG mentioned numerous task forces, like the Ransomware and Digital Extortion task force. Rather than chase the threat o’ the year, it would be much more effective to have one big “Force” and use something like the Mitre ATT&CK Framework to prioritize “Tasks.”
  • Inter-agency cooperation is key to thwarting modern threat actors. Tracking cryptocurrency requires added data and correlation of data collected from multiple sources and actions. Not only do transactions need to be tracked, but also wallets mapped to their owner.

Read more in

More Red Cross Breach Details

The International Committee of the Rede Cross (ICRC) has released additional information about the November 2021 breach that compromised sensitive information of more than 500,000 people. The ICRC said that attackers used offensive hacking tools often used by advanced persistent threat groups, and that some attack code was created specifically to be used on the ICRC servers. The attackers exploited an unpatched critical flaw in Zoho ManageEngine ADSelfService authentication module. A fix for the flaw was released in September 2021.

Note

  • The time of accepting the risk of delayed or skipping patches ended with the Equifax breach. Make sure you’re not only regularly scanning for flaws, but also reviewing those results and taking action. Don’t neglect to include thorough web application scans.

Read more in

Proofpoint: Threat Actor Has Been Targeting Transportation and Defense Sectors

Researchers at Proofpoint have found that an advanced persistent threat (APT) group known as TA2541 has been targeting organizations in the aviation, aerospace, transportation, manufacturing, and defense sectors. The group has been active since at least 2017. TA2541 uses remote access trojans (RATs) to infect systems at targeted companies.

Note

  • The group adapts to current threats and technologies, switching from Google Drive, to OneDrive to Discord links to deliver malicious VBS files. Leverage your phishing awareness as well as URL rewrite or blocking capabilities to slow this attack vector.

Read more in

CISA, FBI, NSA: Russia Stole US Defense Data

In a joint advisory, the FBI, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) said that Russian cyber actors have been targeting US cleared defense contractors (CDCs). Since January 2020 and continuing through this month, the cyber “actors have maintained persistent access to multiple CDC networks, in some cases for at least six months.” On systems that were accessed, the intruders exfiltrated email and data. They were able to “acquire sensitive, unclassified information, as well as CDC-proprietary and export-controlled technology.”

Note

  • If you’re cleared, you are used to protections and behavior when traveling abroad, including getting a current threat briefing before doing so. Now make sure that you’re plugged into threat intelligence relating to your in-country systems. Make sure you’re assessing your network and systems regularly. Make sure your vulNerability assessment includes both internally and externally accessible systems. CISA and other agencies have expertise, tools and guides you can use to augment your capabilities.

Read more in

Ukraine’s Ministry of Defense, Banks, Hit with DDoS Attacks

Ukraine’s Ministry of Defense, its Armed Forces, and two state-run banks are being targeted by distributed denial-of-service (DDoS) attacks. Security experts have weighed in on the situation. Sandra Joyce, Mandiant’s executive vice president of global intelligence writes that while there are concerns that related cyber incidents might spread beyond Ukraine, organizations “should prepare but not panic.” Adam Meyers, CrowdStrike’s senior vice president of intelligence said, “while there is no evidence of any targeting of western entities at this time, there is certainly potential for collateral impact as a result of disruptive or destructive attacks targeting Ukraine – this could impact companies that have a presence in Ukraine, those that do business with Ukrainian companies, or have a supply chain component in Ukraine such as code development/offshoring.”

Note

  • It does usually not take much to launch a DoS attack, and they are often used by less sophisticated attackers. In this case, reports indicate that the attacks took advantage of specific application vulnerabilities. These are often hard to avoid in web applications where some features may take up more resources (like for example complex search features). To defend an application, anti-DoS solutions should consider application layer inspection and if you are aware of specific features that could be abused for DoS: Setup a plan to possibly disable these features or require additional authentication (maybe even a CAPTCHA) in case of high load.
  • While you may not have considered this in the past, cyber attacks are a component of a conflict between countries. Irrespective of nation state supported or not, make sure you have plans for communication with employees, offices or business partners who may be isolated by such actions. Also make sure you’re using available DDOS protections offered by your ISP and or cloud service providers.

Read more in

Advisory Offers BlackByte IoCs and Mitigations

A joint advisory from the FBI and the US Secret Service warns that BlackByte ransomware has been used against organizations in at least three US critical infrastructure sectors. The advisory includes a list of indicators of compromise as well as recommended mitigations.

Note

  • The BlackByte malware bag of tricks includes exploiting unpatched vulnerabilities, particularly on Exchange, and printing ransom notes on all your printers hourly. Ingest the provided IOCs and scan for signs of activity. Also review the mitigations; beyond patching, MFA, and segmentation, consider marking external email and either disabling or adding a hyperlink rewrite security capability.

Read more in

Man Pleads Guilty to Conspiracy to Sell Hacking Tools

Carlos Guerrero has pleaded guilty to conspiring to sell and use hacking tools. Guerrero admitted to brokering data interception and surveillance tools deals to governments and to private individuals. The products included IMSI catchers, signal jammers, and Wi-Fi interception tools.

Note

  • The trick is that these tools can be used for assessments or for hacking, (good or evil if you prefer); the case hinges on knowingly selling these tools to those wishing to use them for malfeasance. Care must be taken to not criminalize their use by cyber researchers to ensure security is as intended.

Read more in

Apache Fixes High-Severity Flaw in Cassandra Database

Apache has fixed a high-severity vulnerability in its Cassandra distributed NoSQL database. While the issue affects only instances with non-standard configurations, the flaw is easy to exploit. Users are urged to update to versions 3.0.26, 3.11.12, 4.0.2, or later.

Note

  • Apply the update irrespective of your configuration being standard If you don’t need it, ensure the [enable_user_defined_functions_threads] option is set to false. If you need those functions, update right away.

Read more in

WordPress UpdraftPlus Flaw Patched

The UpdraftPlus WordPress plug-in has been updated to address a missing permissions-level check vulnerability. The flaw could allow logged-in users to download backups made with the UpdraftPlus plug-in. UpdraftPlus has more than 3 million installations; users are urged to update to the newest versions of UpdraftPlus.

Note

  • This flaw requires an active account to exploit. This is a good time to review your accounts and remove unneeded ones as well as verifying the only have the permissions absolutely required. Additionally make sure you really need this plugin, uninstall if you are using a different backup method, make sure auto update is enabled if you’re keeping it. Wordfence scheduled rule updates for theIr paid and free WAF on Feb 17 and March 19 respectively.

Read more in

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.