Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 12/05/17 in all areas

  1. Are cineva cont pe Yobit si poate depune XPD( PetroDollar) ? Se vinde la pret dublu fata de Cryptopia.. In cateva ore se poate obtine profit URIAS daca merge schema. Cumperi la jumate de pret pe Cryptopia XPD-> transferi XPD pe Yobit -> Cumperi BTC -> transferi pe Cryptopatia BTC -> repeti.
    2 points
  2. http://www.mediafax.ro/externe/spirala-mortii-venezuela-va-lansa-criptomoneda-petro-pentru-a-ocoli-blocada-financiara-americana-16841287
    1 point
  3. If you receive an email that looks like it's from one of your friends, just beware! It's possible that the email has been sent by someone else in an attempt to compromise your system. A security researcher has discovered a collection of vulnerabilities in more than 30 popular email client applications that could allow anyone to send spoofed emails bypassing anti-spoofing mechanisms. Discovered by security researcher Sabri Haddouche, the set of vulnerabilities, dubbed MailSploit, affects Apple Mail (macOS, iOS, and watchOS), Mozilla Thunderbird, several Microsoft email clients, Yahoo Mail, ProtonMail, and others. Although most of these affected email client applications have implemented anti-spoofing mechanisms, such as DKIM and DMARC, MailSploit takes advantage of the way email clients and web interfaces parse "From" header. Email spoofing is an old-school technique, but it works well, allowing someone to modify email headers and send an email with the forged sender address to trick recipients into believing they are receiving that email from a specific person. In a dedicated website went up today, Haddouche explained how the lack of input sanitization implemented by vulnerable email clients could lead to email spoofing attack—without actually exploiting any flaw in DMARC. To demonstrate this attack, Haddouche created a payload by encoding non-ASCII characters inside the email headers, successfully sending a spoofed email from an official address belonging to President of the United States. "Using a combination of control characters such as new lines or null-byte, it can result in hiding or removing the domain part of the original email," Haddouche says in his blog post. "We've seen a lot of malware spreading via emails, relying on social engineering techniques to convince users to open unsafe attachments, or click on phishing links. The rise of ransomware distributed over email clearly demonstrates the effectivity of those mechanisms." Besides spoofing, the researcher found some of the email clients, including Hushmail, Open Mailbox, Spark, and Airmail, are also vulnerable to cross-site scripting (XSS) vulnerabilities, which stems from the email spoofing issue. Haddouche reported this spoofing bug to 33 different client applications, 8 of which have already patched this issue in their products before the public disclosure and 12 are on their way to fix it. Here you can find the list of all email and web clients (both patched and unpatched) that are vulnerable to MailSploit attack. However, Mozilla and Opera consider this bug to be a server-side issue and will not be releasing any patch. Mailbird closed the ticket without responding to the issue, while remaining 12 vendors did not yet comment on the researcher's report. Via thehackernews.com
    1 point
  4. #Hotie pe fata 100 usd? Rlly? Dar "scheletul" la 10 dolari https://www.aliexpress.com/item/Free-Shipping-New-Motor-Smart-Robot-Car-Chassis-Kit-Speed-Encoder-Battery-Box-2WD-For-Arduino/32281519133.html?spm=2114.search0104.3.181.B2JC5f&ws_ab_test=searchweb0_0,searchweb201602_2_10152_10065_10151_10344_10068_10345_5000017_10342_10325_10343_10546_10340_10341_10548_5060017_5130017_10541_10084_10083_10304_10307_10539_10312_5080017_10059_10313_10314_10184_10534_100031_10604_10603_10103_10605_10594_10596_10142_10107,searchweb201603_1,ppcSwitch_5&algo_expid=9955e49a-3117-47b1-a622-3cb75900f681-23&algo_pvid=9955e49a-3117-47b1-a622-3cb75900f681&rmStoreLevelAB=1 ce are? + driver l298N ~15 lei pe OLX Cateva baterii 18650(ca sa nu stai cu pumnul de baterii AA(A) ) , si gata treaba.
    1 point
  5. On 29 November 2017, the Federal Bureau of Investigation (FBI), in close cooperation with the Luneburg Central Criminal Investigation Inspectorate in Germany, Europol’s European Cybercrime Centre (EC3), the Joint Cybercrime Action Task Force (J-CAT), Eurojust and private-sector partners, dismantled one of the longest running malware families in existence called Andromeda (also known as Gamarue). This widely distributed malware created a network of infected computers called the Andromeda botnet[1] . According to Microsoft, Andromeda’s main goal was to distribute other malware families. Andromeda was associated with 80 malware families and, in the last six months, it was detected on or blocked an average of over 1 million machines every month. Andromeda was also used in the infamous Avalanche network, which was dismantled in a huge international cyber operation in 2016. Steven Wilson, the Head of Europol’s European Cybercrime Centre: “This is another example of international law enforcement working together with industry partners to tackle the most significant cyber criminals and the dedicated infrastructure they use to distribute malware on a global scale. The clear message is that public-private partnerships can impact these criminals and make the internet safer for all of us.” One year ago, on 30 November 2016, after more than four years of investigation, the Public Prosecutor’s Office Verden and the Luneburg Police in Germany, the United States Attorney’s Office for the Western District of Pennsylvania, the Department of Justice, the FBI, Europol, Eurojust and global partners, had dismantled the international criminal infrastructure Avalanche. This was used as a delivery platform to launch and manage mass global malware attacks such as Andromeda, and money mule recruitment campaigns. Insights gained during the Avalanche case by the investigating German law enforcement entities were shared, via Europol, with the FBI and supported this year’s investigations to dismantle the Andromeda malware last week. Jointly, the international partners took action against servers and domains, which were used to spread the Andromeda malware. Overall, 1500 domains of the malicious software were subject to sinkholing[2] . According to Microsoft, during 48 hours of sinkholing, approximately 2 million unique Andromeda victim IP addresses from 223 countries were captured. The involved law enforcement authorities also executed the search and arrest of a suspect in Belarus. Simultaneously, the German sinkhole measures of the Avalanche case have been extended by another year. An extension of this measure was necessary, as globally 55 per cent of the computer systems originally infected in Avalanche are still infected today. The measures to combat the malicious Andromeda software as well as the extension of the Avalanche measures involved the following EU Member States: Austria, Belgium, Finland, France, Italy, the Netherlands, Poland, Spain, the United Kingdom, and the following non-EU Member States: Australia, Belarus, Canada, Montenegro, Singapore and Taiwan. The operation was supported by the following private and institutional partners: Shadowserver Foundation, Microsoft, Registrar of Last Resort, Internet Corporation for Assigned Names and Numbers (ICANN) and associated domain registries, Fraunhofer Institute for Communication, Information Processing and Ergonomics (FKIE), and the German Federal Office for Information Security (BSI). The operation was coordinated from the command post hosted at Europol’s HQ. [1] Botnets are networks of computers infected with malware, which are under the control of a cybercriminal. Botnets allow criminals to harvest sensitive information from infected computers, such as online banking credentials and credit card information. A criminal can also use a botnet to perform cyberattacks on other computer systems, such as denial-of-service attacks. [2] Sinkholing is an action whereby traffic between infected computers and a criminal infrastructure is redirected to servers controlled by law enforcement authorities and/or an IT security company. This may be done by assuming control of the domains used by the criminals or IP addresses. When employed at a 100% scale, infected computers can no longer reach the criminal command-and-control computer systems and criminals can therefore no longer control the infected computers. The sinkholing infrastructure captures victims’ IP addresses, which can subsequently be used for notification and follow-up through dissemination to National CERTs and network owners. Crime areas Source: Cybercrime Forgery of Administrative Documents and Trafficking therein
    1 point
  6. Folosesc eu ProtonMail Plus pentru custom domain. Este rapid, simplu, are de toate, aplicatia pe telefon e super, si recent au introdus si plugin pentru Thunderbird. Sunt ok.
    1 point
  7. UPnP? Daca routerul are asta activat. Mai da niste detalii. Pentru ce ai nevoie? Edit: @Dragos Ba se poate, de exemplu BitTorrent. Tu cand rulezi un server din reteaua wi-fi ai problema "traversarii" NAT-ului care iti ascunde serverul sub ip-ul local. Exista o solutie universala pentru rezolvarea NAT traversal si ala e protocolul UPnP. (Universal Plug and Play). Nu toate NAT au UPnP activat, dar daca il au poti face portforward announce prin acest protocol. Da un google si gasesti programe care te lasa sa te joci cu protocolul. Eu cu un search am gasit : http://www.raidenhttpd.com/en/manual/en-upnp.html (NU AM TESTAT CE E!) Daca nu are upnp activat si nu merge nu ai alte sanse (din cate stiu eu). Doar sa folosesti un intermediar.
    1 point
  8. 1 point
  9. Ai aici cateva resurse: OSI Model - https://en.wikipedia.org/wiki/OSI_model Port - https://en.wikipedia.org/wiki/Port_(computer_networking) Top 10 vulnerabilitati web (OWASP) - https://www.owasp.org/images/7/72/OWASP_Top_10-2017_(en).pdf.pdf Let's build a web server - https://ruslanspivak.com/lsbaws-part1/ Ultimul link, desi discuta cum sa construiesti un web server de la 0, ar trebui sa fie folositor in a intelege cum functioneaza unul. Spor!
    1 point
  10. La eMAG sunt ceva reduceri cu voucher "eMAG16ani". Reducerile (la multe produse) sunt mici, dar pe bune. Orice produs, reducere 5%. Ma uitasem la Huawei Mate 10 Pro, reducerea e reala de 170 RON. La anumite categorii sunt reduceri de 10%-20%-30%. Poate va ajuta.
    1 point
  11. @Ossian nu exista un exploit pentru port 80, exista exploituri pentru un serviciul care este disponibil pe portul 80 - este o diferenta. In topicul anterior ti s-a recomandat si ti s-au dat link-uri spre materiale care iti explica ce este un port - citeste-le. Iti este greu sa intelegi de ce intrebarea ta este aberanta pentru ca nu ai in bagajul de cunostinte un numar de concepte de baza. Afla ce este si cum este folosit un port, afla ce este si cum functioneaza un server web (e.g. IIS, Apache, Nginx), afla ce este HTTP(S), afla care sunt vulnerabilitatile cele mai comune in sfera aplicatiilor web (OWASP top 10). Ai aici o lista de subiecte din care se da examenul CPSA (entry-level) la CREST - https://www.crest-approved.org/wp-content/uploads/crest-crt-cpsa-technical-syllabus-2.0.pdf. Vezi ce subiecte te intereseaza si incearca sa le intelegi. Inca o chestie, daca sistemul pe care tu il impungi cu exploituri nu iti apartine, sau nu ai primit autorizatie de la proprietar sau o persoana cu autoritatea necesara, atunci esti in afara legii. @dancezar "Ca sa reduci suprafata de atac trebuie sa verifici ce versiune de software este folosita" ai o idee gresita despre ce inseamna suprafata de atac. Spor!
    1 point
  12. Inca odata, apreciez raspunsul tau, dar mai mult mi-ar placea sa ma lipsesc de el daca raspunsurile tale au tenta aroganta fata de cei incepatori. Oricum, cu toate ca raspunsul tau a fost cum a fost, tot am aflat ceva nou. Am scanat tinta cu nmap si am descoperit ca port-ul 80 este deschis, am incercat multe exploit-uri, si tocmai de aceea a aparut si prima mea intrebare cum sperand ca imi va reduce exploiturile pe care le pot incerca la un numar mai mic. Un raspuns decent si informativ ar fi frumos din partea oricui, daca tot ai chef de arogante nu te mai obosi sa raspunzi, indiferent cat de stupida ar parea intrebarea incepatorului. Multumesc, Ossian.
    1 point
  13. oho... nu exista ceva sa pot scripta sau sa programez, am incercat... nu exista nici un patern... Pur si simplu caut pe net ce ICO-uri apar, ce software creaza, sau ce idei au... investesc in ele si astept. Iar la ICO-uri, nu e asa simplu.. trebuie sa te uiti dupa multe chestii pe care nu le pot spune aici. Dar ideea e ca functioneaza, pierzi castigi.... mai mult castigi la sfarsit de zi/saptamana/luna. Trebuie doar sa nu te panichezi si sa HODL moneda respectiva pana ajunge la un anumit prag... Uite: https://we.tl/s-idH2dUOpfV vezi astea ca sa-ti faci o idee despre trend...
    1 point
  14. BRAVO! Ia vezi, cumpara: https://bittrex.com/Market/Index?MarketName=BTC-KORE asta este ICO-ul lor: http://kore.life/ https://twitter.com/newkorecoin?lang=ro "it releases masternodes and wallet update this week" Este pretul 4.66 acum, fac pariu ca o sa faca 2X sapt viitoare Ia vezi si asta:
    1 point
  15. say hello by showing your boobs
    1 point
×
×
  • Create New...