Jump to content

All Activity

This stream auto-updates

  1. Today
  2. Ce am observat, in cazul meu, este ca nu recruiterii ma atrag spre o anumita companie, ci pur si simplu am momente cand imi zic "as vrea sa lucrez acolo". Practic, in cazul celor cu mai multi ani de experienta, cred ca e in mare parte vorba de sansa: persoana contactata sa fie dispusa sa faca o schimbare, dar si sa aiba deja un oarecare interes fata de compania pe care o reprezinti.
  3. Yesterday
  4. Researchers find that lax ICS security is putting critical services at risk of exploitation. The "abysmal" state of security for industrial control systems (ICSs) is putting critical services at serious risk, new research finds. You only need to look at the chaos caused by a ransomware attack launched against Colonial Pipeline this year -- leading to panic buying and fuel shortages across part of the US -- to see what real-world disruption cyber incidents can trigger, and their consequences can go far beyond the damage one company has to repair. It was only last month that the Port of Houston fended off a cyberattack and there is no reason to believe cyberattacks on operational technology (OT) won't continue -- or, perhaps, become more common. On Friday, CloudSEK published a new report exploring ICSs and their security posture in light of recent cyberattacks against industrial, utility, and manufacturing targets. The research focuses on ICSs available through the internet. Some of the most common issues allowing initial access cited in the report include weak or default credentials, outdated or unpatched software vulnerable to bug exploitation, credential leaks caused by third parties, shadow IT, and the leak of source code. After conducting web scans for vulnerable ICSs, the team says that "hundreds" of vulnerable endpoints were found. CloudSEK highlighted four cases that the company says represents the current issues surrounding industrial and critical service cybersecurity today: An Indian water supply management company: Software accessible with default manufacturer credentials allowed the team to access the water supply management platform. Attackers could have tampered with water supply calibration, stop water treatments, and manipulate the chemical composition of water supplies. CloudSEK The Indian government: Sets of mail server credentials belonging to the Indian government were found on GitHub. A gas transport company: This critical service provider's web server, responsible for managing and monitoring gas transport trucks, was vulnerable to an SQL injection attack and administrator credentials were available in plaintext. Central view: The team also found hardcoded credentials belonging to the Indian government on a web server supporting monitors for CCTV footage across different services and states in the country. The US Cybersecurity and Infrastructure Security Agency (CISA) was informed of CloudSEK's findings, as well as associated international agencies. Via zdnet.com
  5. Last week
  6. @ardu2222 Din ce stiu din business it Ro, doar BitDefender, UiPath si acu mai nou FintechOS, mergem si noi... doamne ajuta.
  7. https://pasteboard.co/MTYkd9IZ1lxD.jpg 🌡😂
  8. Cine m-o fi pus sa beau 1l+ de votka la poker... de nu mai vedeam bine cartiile
  9. Si eu mai intru cam o data pe luna, stau 3-5 min si aia e... since 2006
  10. Aia e sosoaca, are alta treaba acum.
  11. Tested in virtual and working. Don't test without virtual machine.
  12. De acum 10 ani de la DefCamp Bran
  13. ia un creion de tensiune sau un multimetru si determina, faza de nul restul le legi cum a zis colegul.
  14. Viata e nedreapta, Trebuia acum toti sa lucrati impreuna la silicon valley de romanika si sa produceti Feisbuci 2.0 made in RO iar pe urma sa va extindeti global, lumea e doritoare, profit iese dar sistemul te fute rau
  15. Lume se pare ca este, activitate nu atat de multa. Nici eu nu am mai fost atat de activ, viata asta reala e plina de lucruri care trebuie facute...
  16. Nytro


    Eu am dezvoltat un bruteforcer cuantic care ruleaza pe blockchain si foloseste artificial intelligence ca sa obtina acces la servere de pe glob. E privat. Din fericire nu trebuie compilat, e scris in PHP.
  17. M2G


    Dupa un research de 10 ani in care am incercat sa compilez acel scanner, acu aflu ca se trece la un nou tip de bruteforcessh. Viata e nedreapta, eram asa de aproape. 💔
  18. @Wav3 merci de sfat si invitatie. In caz ca nu mai stii tu m-ai adus pe comunitate cu sfatul: "Capu jos nu zici nimic!" ...
  19. Mai stiti ceva de BUNNN? Off: Ba mp4, bine ca iti aduci aminte de softu' lui dar de ale mele nu. Ai uitat cand imi faceai logourile si erai beta testerul de serviciu aka cobaiul.
  1. Load more activity
  • Create New...