Leaderboard

WikiLeaks just published a new batch of documents related to another CIA hacking tool dubbed HighRise included in the Vault 7 released in partnership with media partners. The tool is an Android application used by the US intelligence agents to intercept and redirecting SMS messages to a CIA-controlled server. Below the list of features implemented by the Android malware: Proxy “incoming” SMS messages received by HighRise host to an internet LP Send “outgoing” SMS messages via the HighRise host Provide a communications channel between the HighRise field operator & the LP TLS/SSL secured internet communications According to a user manual leaked by Wikileaks, the malicious code only works on Android versions from 4.0 through 4.3 (Android Ice Cream Sandwich and Jelly Bean) that currently account for 8,8 percent of overall Android devices on the market. Anyway, the document is dated back to December 2013, it is likely that the CIA has updated the tool in the meantime to target newer versions of the Android OS. The HighRise tool is packaged inside an app named TideCheck (tidecheck-2.0.apk, MD5: 05ed39b0f1e578986b1169537f0a66fe). The tool must be installed by CIA agents manually on the target system and need to be manually executed at least one time. When running the tool for the first time, CIA cyber spies must enter the special code “inshallah” (“God willing” in Arabic) to access its settings. Once the code has been entered and the software is successfully activated, HighRise will run in the background listening for events. The hacking tool will automatically start every time the phone is powered on. Below the list of release published by Wikileaks since March: HighRise – 13 July, 2017 BothanSpy and Gyrfalcon – 06 July, 2017 OutlawCountry – 30 June, 2017 ELSA malware – 28 June, 2017 Cherry Blossom – 15 June, 2017 Pandemic – 1 June, 2017 Athena – 19 May, 2017 AfterMidnight – 12 May, 2017 Archimedes – 5 May, 2017 Scribbles – 28 April, 2017 Weeping Angel – 21 April, 2017 Hive – 14 April, 2017 Grasshopper – 7 April, 2017 Marble Framework – 31 March, 2017 Dark Matter – 23 March, 2017 Source

Pentru producatori de muzica:: Content: 01. Vengeance Dance Explotion Vol.102. Vengeance Dirty Electro Vol.103. Vengeance Dirty Electro Vol.204. Vengeance Effects Vol.105. Vengeance Effects Vol.206. Vengeance Effects Vol.307. Vengeance Electro Essentials Vol.108. Vengeance Electro Essentials Vol.209. Vengeance Electroshock Vol.110. Vengeance Electroshock Vol.211. Vengeance Essential Clubsounds Vol.112. Vengeance Essential Clubsounds Vol.213. Vengeance Essential Clubsounds Vol.314. Vengeance Essential Clubsounds Vol.415. Vengeance Essential Dubstep Vol.116. Vengeance Essential House Vol.117. Vengeance Essential House Vol.218. Vengeance Essential House Vol.319. Vengeance Freakz On Beatz Vol.120. Vengeance Future House Vol.121. Vengeance Future House Vol.222. Vengeance Future House Vol.323. Vengeance Future House Vol.424. Vengeance Minimal House Vol.125. Vengeance Minimal House Vol.226. Vengeance Rhythm Guitars Vol.127. Vengeance Studio Vocals Vol.128. Vengeance Total Dance Sounds Vol.129. Vengeance Total Dance Sounds Vol.230. Vengeance Total Dance Sounds Vol.331. Vengeance Trance Sensation Vol.132. Vengeance Trance Sensation Vol.233. Vengeance Trance Sensation Vol.334. Vengeance Ultimate Bass EXS Halion.iso35. Vengeance Ultimate Fills Vol.136. Vengeance Ultimate Fills Vol.237. Vengeance Vocal Essentials Vol.138. Vengeance Vocal Essentials Vol.2

Gandi admits logins stolen, 750 web addresses pointed to malware More than 750 domain names were hijacked through the internet's own systems, registrar Gandi has admitted. Late last week, an unknown individual managed to get hold of the company's login to one of its technical providers, which then connects to no fewer than 27 other top-level domains, including .asia, .au, .ch, .jp and .se. Using that login, the attacker managed to change the domain details on the official nameservers for 751 domains on a range of top-level domains, and redirect them all to a specific website serving up malware. The changes went unnoticed for four hours until one the registry operators reported the suspicious changes to Gandi. Within an hour, Gandi's technical team identified the problem, changed all the logins and started reverting the changes made – a process that took three-and-a-half hours, according to the company's incident report, published this week. Taking into account the delay in updating the DNS, the domain names had been hijacked for anywhere between eight and 11 hours, Gandi admits. Ironically, one website impacted by the attack was Swiss information security company SCRT, which has written a blog post about the hijack of its website. It notes that all of its emails were also redirected during the attack, but fortunately whoever carried out the attack did not set up email servers to grab them. The company said that "despite the fact that this incident was entirely out of our control," it has since added extra security around its website and DNS, including: Preloading strict-transport-security into browsers to protect all visitors. Active monitoring of DNS resolution. Start talking to its registry (.ch) about how to detect a similar attack in future and act faster. Add DNSSEC for an extra layer of security. Gandi meanwhile has reset all its logins and has launched a security audit of its entire infrastructure in an effort to figure out how its logins were stolen. "We sincerely apologize that this incident occurred," said its report. "Please be assured that our priority remains on the security of your data and that we will continue to protect your security and privacy in the face of ever-evolving threats." The incident comes in the same week that a botched back-end handover of the .io top-level domain enabled a security researcher to register four of the seven domain names acting as the nameservers for registry and potentially redirect tens of thousands of domains to a malicious website. ® Full list of affected TLDs: .ASIA, .AT, .AU, .CAT, .CH, .CM, .CZ, .ES, .GR, .HK, .IM, .IT, .JP, .LA, .LI, .LT, .LV, .MG, .MS, .MU, .NL, .NU, .NZ, .PE, .PH, .PL, .RO, .RU, .SE, .SH, .SI, .SX, .UA, .XN–P1AI (.рф). Source

https://groups.google.com/forum/#!msg/rsua-ts2014/bsDNBH0MrcU/KQT26f0dzSYJ Translate message to English Some links are dead, sorry for that.