Leaderboard

You might not know it, but inside your Intel system, you have an operating system running in addition to your main OS, MINIX. And it’s raising eyebrows and concerns. Take a look at your desktop computer. What operating system is it currently running? Now take a look in your data center — at all of your servers. What operating system are they running? Linux? Microsoft Windows? Mac OS X? You could be running any of those three — or one of countless others. But here’s the crazy part: That’s not the only operating system you’re running. If you have a modern Intel CPU (released in the last few years) with Intel’s Management Engine built in, you’ve got another complete operating system running that you might not have had any clue was in there: MINIX. That’s right. MINIX. The Unix-like OS originally developed by Andrew Tanenbaum as an educational tool — to demonstrate operating system programming — is built into every new Intel CPU. MINIX is running on “Ring -3” (that’s “negative 3”) on its own CPU. A CPU that you, the user/owner of the machine, have no access to. The lowest “Ring” you have any real access to is “Ring 0,” which is where the kernel of your OS (the one that you actually chose to use, such as Linux) resides. Most user applications take place in “Ring 3” (without the negative). The first thing that jumps out at me here: This means MINIX (specifically a version of MINIX 3) is in all likelihood the most popular OS shipping today on modern Intel-based computers (desktops, laptops and servers). That, right there, is absolutely crazy. The second thing to make my head explode: You have zero access to “Ring -3” / MINIX. But MINIX has total and complete access to the entirety of your computer. All of it. It knows all and sees all, which presents a huge security risk — especially if MINIX, on that super-secret Ring -3 CPU, is running many services and isn’t updated regularly with security patches. Google wants to remove MINIX from its internal servers According to Google, which is actively working to remove Intel’s Management Engine (MINIX) from their internal servers (for obvious security reasons), the following features exist within Ring -3: Full networking stack File systems Many drivers (including USB, networking, etc.) A web server That’s right. A web server. Your CPU has a secret web server that you are not allowed to access, and, apparently, Intel does not want you to know about. Why on this green Earth is there a web server in a hidden part of my CPU? WHY? The only reason I can think of is if the makers of the CPU wanted a way to serve up content via the internet without you knowing about it. Combine that with the fact that Ring -3 has 100 percent access to everything on the computer, and that should make you just a teensy bit nervous. The security risks here are off the charts — for home users and enterprises. The privacy implications are tremendous and overwhelming. Note to Intel: If Google doesn’t trust your CPUs on their own servers, maybe you should consider removing this “feature.” Otherwise, at some point they’ll (likely) move away from your CPUs entirely. Note to AMD: Now might be a good time to remove similar functionality from your CPU lines to try to win market share from Intel. Better to do so now before Intel removes the “Management Engine.” Strike while the iron’s hot and all that. Note to Andrew Tanenbaum: Your operating system, MINIX, is now one of the most used on modern computers! That’s kinda cool, right? Note to everyone else: We’re all MINIX users now. Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind. Sursa: https://www.networkworld.com/article/3236064/servers/minix-the-most-popular-os-in-the-world-thanks-to-intel.html

Guess what's more expensive than counterfeit United States passports, stolen credit cards and even guns on the dark web? It's digital code signing certificates. A recent study conducted by the Cyber Security Research Institute (CSRI) this week revealed that stolen digital code-signing certificates are readily available for anyone to purchase on the dark web for up to $1,200. As you may know, digital certificates issued by a trusted certificate authority (CA) are used to cryptographically sign computer applications and software, and are trusted by your computer for execution of those programs without any warning messages. However, malware author and hackers who are always in search of advanced techniques to bypass security solutions have been abusing trusted digital certificates during recent years. Hackers use compromised code signing certificates associated with trusted software vendors in order to sign their malicious code, reducing the possibility of their malware being detected on targeted enterprise networks and consumer devices. The infamous Stuxnet worm that targeted Iranian nuclear processing facilities in 2003 also used legitimate digital certificates. Also, the recent CCleaner-tainted downloads infection was made possible due to digitally-signed software update. Stealthy Digitally-Signed Malware Is Increasingly Prevalent However, separate research conducted by a team of security researchers have found that digitally signed malware has become much more common than previously thought. The trio researchers—Doowon Kim, BumJun Kwon and Tudor Dumitras from the University of Maryland, College Park—said they found a total of 325 signed malware samples, of which 189 (58.2%) carried valid digital signatures while 136 carry malformed digital signatures. Those 189 malware samples signed correctly were generated using 111 compromised unique certificates issued by recognized CAs and used to sign legitimate software. At the time of writing, 27 of these compromised certificates had been revoked, although malware signed by one of the remaining 84 certificates that were not revoked would still be trusted as long as carry a trusted timestamp. The researchers have released a list of the abusive certificates at signedmalware.org. Revoking Stolen Certificate Doesn't Stop Malware Immediately Even when a signature is not valid, the researchers found that at least 34 anti-virus products failed to check the certificate's validity, eventually allowing malicious code to run on the targeted system. The researchers also conducted an experiment to determine if malformed signatures can affect the anti-virus detections. To demonstrate this, they downloaded 5 random unsigned ransomware samples that almost all anti-virus programs detected as malicious. The trio then took two expired certificates that previously had been used to sign both legitimate software and in-the-wild malware and used them to sign each of the five ransomware samples. Top Antivirus Fail to Detect Malware Signed With Stolen Certificates When analysing the resulting ten new samples, the researchers found that many anti-virus products failed to detect the malware as malicious. The top three anti-virus products—nProtect, Tencent, and Paloalto—detected unsigned ransomware samples as malware, but considered eight of out ten crafted samples as benign. Even popular anti-virus engines from Kaspersky Labs, Microsoft, TrendMicro, Symantec, and Commodo, failed to detect some of the known malicious samples. Other affected anti-virus packages included CrowdStrike, Fortinet, Avira, Malwarebytes, SentinelOne, Sophos, TrendMicro and Qihoo, among others. The researchers said they reported this issue to the affected antivirus companies, and one of them had confirmed that their product fails to check the signatures correctly and they had planned to fix the issue. The researchers presented their findings at the Computer and Communications Security (CCS) conference in Dallas on Wednesday. For more detailed information on the research, you can head on to their research paper [PDF] titled "Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI." Via thehackernews.com

Depinde ce poze vrei sa faci. Conteaza mai mult obiectivul decat body-ul. Si depinde de buget.

Postezi sa te afli in treaba? @soferiauto scrie clar sub titlul sectiunii: "Minim 50 de posturi pentru acces!"

It lipseste un alineat/indent: #!/usr/bin/python import socket def scan(host, port): s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) try: s.connect((host, port)) print ("open :" + str(port)) s.close() except: pass for port in range(10000): scan("127.0.0.1", port) Cum aveai tu codul functia 'scan' doar definea un socket, 'try/pass' facea parte din programul principal, nu din functie. Ca proof-of-concept (PoC) este in regula, dar in practica asta ar scana foarte incet pentru ca astepti fiecare port in parte sa raspunda sau ca perioada de timeout sa expire. Pentru un scanner agresiv poti sa reduci perioada de timeout si sa introduci mai multe thread-uri. Ai aici niste cod scris la furie care face o scanare agresiva la toate 65K porturi TCP. Nu stiu daca mai merge sau daca am facut modificari care l-au stricat, dar este suficient cat sa iti faci o idee. Este un cod destul de jegos si sunt sigur ca unii o sa-si puna mainile in cap, dar ar trebui sa-ti dea o idee despre chestia cu thread-urile/timeout-ul pe sockets, etc. Daca cineva are sugestii la cum ar putea sa fie imbunatatit sunt numai urechi. #!/usr/bin/python import sys from multiprocessing import Pool from multiprocessing import freeze_support from modules import rs_inf ########## # MAIN # ########## # this is only temporary # the purpose is to allow the development version to be used in production if len(sys.argv) == 1: scope_file = 'scope.txt' else: scope_file = sys.argv[1] # read scope file and create targets array scope = open(scope_file, 'r') targets = [] for i in scope.readlines(): # host = i.split(':')[0] # port = int(i.split(':')[1].rstrip()) targets.append(i.rstrip()) print targets pool = Pool(processes=200) results = pool.map(rs_inf.tcp_scan, rs_inf.tcp_scope_generator(targets)) pool.close() pool.join() open_ports = [] for i in results: if i: if i[1] not in open_ports: open_ports.append(i[1]) print "\nConevnient Nmap ports flag:" for i in open_ports: sys.stdout.write(str(i) + ',') Si aici modulul rs_inf: import socket from random import shuffle from modules import rs_ssl def tcp_scope_generator(targets_array, start_range=1, end_range=65536): tcp_scope = [] for i in targets_array: for j in range(start_range, end_range): tcp_scope.append((i, j)) shuffle(tcp_scope) return tcp_scope def tcp_scan((host, port)): s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.settimeout(1) if s.connect_ex((host, port)) == 0: print host + " - " + str(port) s.close() # # if the port is open check if SSL is supported # if rs_ssl.ssl_verify((host, port)): # # if SSL is supported enumerate # rs_ssl.ssl_enumerate((host, port)) # else: # print host + ":" + str(port) + " --- SSL not supported" return (host, port) s.close()

Macar a rascolit amintiri baiatul De cand era categoria Show-Off activa //edit sterge-ti contul de youtube rapid daca vrei sa petreci sarbatorile in liniste ai niste fapte foarte foarte grave cu care te lauzi degeaba faci parnaie/scoala de corectie de o sa-ti fie frica sa mai scrii o linie de cod . Pentru varsta ta esti la un nivel ok si stii destule.

Phishruffus - Intelligent threat hunter and phishing servers Phishruffus is a tool designed for the identification of DNS servers and Internet threats used for the illegal practice of phishing. https://lab.insightsecurity.com.br/phishruffus-intelligent-threat-hunter-and-phishing-servers/ Usage: ./phishruffus.py --listdns dns_servers.txt --timeout 5 Example: https://asciinema.org/a/144460 Download: Phishruffus-master.zip or: git clone https://github.com/jh00nbr/Phishruffus.git Mirror: phishruffus.py requirements.txt dnspython==1.15.0 requests==2.18.4 Sources: https://github.com/jh00nbr/Phishruffus https://lab.insightsecurity.com.br/phishruffus-intelligent-threat-hunter-and-phishing-servers/

hai la mine sa vezi cum actioneaza asupra unui automat de cafea sau a unui joc de slot sau a unui laptop/pc bobine schimbate, condensatori schimbati. alimentare 42V 15A portabila, bobine unidirectionale opreste un logan din mers si opreste si acceptorul sau donatorul dupa livrarea marfii nu va mai jucati... contact- producer_media@yahoo.com

SRI-UL MAAAAAAAA fugi repede ca vine garda si te baga la parnaie. sa strangi tare din buci, btw

Trebuie sa mearga!

Felicitari!