Leaderboard

Security researchers have discovered a massive malware campaign that has already infected more than 250 million computers across the world, including Windows and Mac OS. Dubbed Fireball, the malware is an adware package that takes complete control of victim's web browsers and turns them into zombies, potentially allowing attackers to spy on victim's web traffic and potentially steal their data. Check Point researchers, who discovered this massive malware campaign, linked the operation to Rafotech, a Chinese company which claims to offer digital marketing and game apps to 300 million customers. While the company is currently using Fireball for generating revenue by injecting advertisements onto the browsers, the malware can be quickly turned into a massive destroyer to cause a significant cyber security incident worldwide. Fireball comes bundled with other free software programs that you download off of the Internet. Once installed, the malware installs browser plugins to manipulate the victim's web browser configurations to replace their default search engines and home pages with fake search engines (trotux.com). The fake search engine simply redirects the victim's queries to either Yahoo.com or Google.com and includes tracking pixels that collect the victim's information. Far from legitimate purpose, Fireball has the ability to spy on victim's web traffic, execute any malicious code on the infected computers, install plug-ins, and even perform efficient malware dropping, which creates a massive security hole in targeted systems and networks. At the current, Fireball adware is hijacking users' web traffic to boost its advertisements and gain revenue, but at the same time, the adware has the capability to distribute additional malware. "Based on our estimated infection rate, in such a scenario, one out of five corporations worldwide will be susceptible to a major breach," researchers added. According to researchers, over 250 million computers are infected worldwide, 20 percent of them are corporate networks: 25.3 million infections in India (10.1%) 24.1 million in Brazil (9.6%) 16.1 million in Mexico (6.4%) 13.1 million in Indonesia (5.2%) 5.5 million In US (2.2%) Warning Signs that Your Computer is Fireball-Infected If the answer to any of the following questions is "NO," that means your computer is infected with Fireball or a similar adware. Open your web browser and check: Did you set your homepage? Are you able to modify your browser's homepage? Are you familiar with your default search engine and can modify that as well? Do you remember installing all of your browser extensions? To remove the adware, just uninstall the respective application from your computer (or use an adware cleaner software) and then restore/reset your browser configurations to default settings. The primary way to prevent such infections is to be very careful when you agree to install. You should always pay attention when installing software, as software installers usually include optional installs. Opt for custom installation and then de-select anythingia th that is unnecessary or unfamiliar. Via thehackernews.com

Encrypted information has been accessed during a data breach at the password management service, OneLogin. It affects "all customers served by our US data centre" and perpetrators had "the ability to decrypt encrypted data", according to The Register. Those affected have been advised to visit a registration-only support page, outlining the steps they need to take. Security experts said the breach was "embarrassing" and showed every company was open to attack. OneLogin is a single sign-on service, allowing users to access multiple apps and sites with just one password. In 2013, the company had 700 business customers and passed 12 million licensed users. Apps and sites integrated into the service include Amazon Web Services, Microsoft Office 365, Slack, Cisco Webex, Google Analytics and LinkedIn. "We have since blocked this unauthorized access, reported the matter to law enforcement, and are working with an independent security firm to determine how the unauthorized access happened," chief information security officer Alvaro Hoyos said on the company's blog. "We are actively working to determine how best to prevent such an incident from occurring in the future." Users who log in to the site have been given a list of steps designed to minimise the risk to their data. These include: forcing a password reset for all users generating new security credentials and certificates for apps and sites recycling secrets stored in OneLogin's secure notes Some customers have criticised OneLogin for requiring users to log in to see the list. The company has not yet responded to a BBC request for comment. In its email to customers, OneLogin told them that "because this is still an active investigation involving law enforcement, there are certain details we can't comment on at this time. "We understand how frustrating this might be and thank you for your patience while we continue the investigation." 'Strong passwords' "Companies need to understand the risks of using cloud-based systems," Professor Bill Buchanan of Edinburgh Napier University told the BBC. "Increasingly they need to encrypt sensitive information before they put it within cloud systems, and watch that their encryption keys are not distributed to malicious agents. "It is almost impossible to decrypt data that uses strong encryption, unless the encryption key has been generated from a simple password," he said. IT security consultant Ben Schlabs told the BBC it was likely the compromised data included passwords protected using "hashing" - converting the data into fixed-length strings of characters or numbers. "The security of data would then depend on the strength of the passwords, and of the password hashes," he said. "I would happily store my properly encrypted password safe in any cloud service, because you don't know my password for that safe and I trust encryption." The strongest encryption system "hasn't been broken yet, and there's no sign that it should be," he said. Sursa: http://www.bbc.com/news/technology-40118699

Salut, Prima data aveai trei partitii, toate erau primare. Spatiul liber nu e partitie. A doua oara ai doua partitii primare si una logica. Pentru a-ti creea partitia logica, a fost nevoie de crearea unei partitii extended. Mai simplu: tot 3 partitii ai, nu ar trebui sa te afecteze . Foloseste un File Manager sa le vezi. Ce folosesti tu in screenshot e Disk Manager. Ultima ta intrebare nu o inteleg. Nu inteleg de ce le-ai formata insa dupa fiecare reboot. Cam asta e in mare.

Security researchers at Qualys Security have discovered a Linux flaw that could be exploited to gain root privileges and overwrite any file on the filesystem on SELinux-enabled systems. The high severity flaw, tracked as CVE-2017-1000367, resides in the Sudo’s get_process_ttyname() for Linux and is related to the way Sudo parses tty information from the process status file in the proc filesystem. The Linux flaw could be exploited by a local user with privileges to execute commands via Sudo and could allow attackers to escalate their privileges to root. The Sudo’s get_process_ttyname() function opens “/proc/[pid]/stat” (man proc) and reads the device number of the tty from field 7 (tty_nr). These fields are space-separated, the field 2 (comm, the filename of the command) can contain spaces. Sudoer users on SELinux-enabled systems could escalate their privileges to overwrite any file on the filesystem with their command’s output, including root-owned files. To exploit the issue, a Sudo user would have to choose a device number that doesn’t exist under “/dev”. If the terminal isn’t present under the /dev/pts directory when the Sudo performs a breadth-first search of /dev, the user could allocate a pseudo-terminal between the two searchers and create a “symbolic link to the newly-created device in a world-writable directory under /dev, such as /dev/shm,” The Linus flaw affects all Sudo versions from 1.8.6p7 through 1.8.20, the Sudo 1.8.20p1 fixes it, the issue was rated with a CVSS3 Base Score of 7.8. Via securityaffairs.co

MailSecRep adds an Outlook button to analyze email for spoofing, hostile links, and malware attachments. Download: MailSecRep.zip (430.1 KB) Source: https://packetstormsecurity.com/files/142742/MailSecRep-Email-Analysis-Tool-For-Outlook.html

Electrical Circuits: Fundamentals and Ohm's Law Beginner engineering course, learn circuits, current, power, voltage, resistors and Ohm's Law. Volts, Amps and Ohms. Link

Tocmai, era exemplu de flegma intre ochi. Btw, crezi ca ii intreaba cineva pe respectivii bloggarasi de succes daca platesc toate impozitele/taxele pe venitul respectiv?

Sa va zic o treaba. Banii aia sunt si banii vostri si ai mei, noi astia contribuabilii :))))))))))))))

Eeeii .. la noi esti adevaratu' daca ai calcat pragul securisti...aa pardon Serviciul Roman de Inapti Informatii. De ar fi ales macar niste bloggeri de calitate.

Posted November 13, 2010

Guys, links are dead, can anybody reupload it?

TC1hbVByaW5zLi4uICEhIC0+dGVzdDp0ZXN0MTIzOjIwMi4xMDIuOTAuMTM1DQpMLWFtUHJpbnMuLi4gISEgLT5yb290OnJvb3QxMjM6MjAyLjEwMy4yMzguMjM0DQo=