Leaderboard

In just one night a Russian crime gang stole 3.8 million slopes (860,000 euros) from 32 ATMs belonging to the Raiffeisen Romania bank. Cybercriminals stole 3.8 million slopes (860,000 euros) from 32 ATMs belonging to the Raiffeisen Romania bank using an infected RTF document. The criminal organization led by Dmitriy Kvasov operated in Romania, the gang stole the money in just one night in 2016. “One night Raiffeisen Bank lost control of all ATMs in Romania • Although it seems impossible, the control of ATMs across the country was taken over by a group of Russian hackers • It is one of the biggest thefts of cash money in the history of Romania, and the authorities did not blow a word” reported the website bzi.ro. The Organized Crime and Counterterrorism Office (DIICOT) who investigated the culprits managed to arrest the leader of the criminal organization. The Russian hackers launched a spear-phishing attack against Raiffeisen Romania between August 9, 2016, and September 4, 2016, they sent email messaging using a weaponized RTF document. The bait document that appeared as sent on behalf of the European Central Bank contained the code to trigger a vulnerability in the target systems. In this way the attackers took control over the whole network of the bank, then they were able to control the ATMs. “The extremely well-coordinated criminal organization, wearing sunglasses and hooded anoraks waiting for the command, waited for bags and bags in their hands before the Raiffeisen Iasi, Bucharest, Suceava, Timeshare, Constanta, Plitvice, Saxon and Crevedia automats.” states the Maszol.ru. “At the hands of their leaders, at least a few buttons, 32 cars released them all the money. If more men had been involved with the criminal organization, they could have virtually eliminated all the automatons of the bank.” According to the report, the attackers were able to instruct the 32 ATMs to dispense the cash, the investigators highlighted that the attackers only targeted systems in Romania, but once compromised the network of the bank they were also able to control any ATM worldwide belonging to the financial institution. The bank confirmed that hackers did not access the customers’ account after the security breach. Sursa: http://securityaffairs.co/wordpress/70046/cyber-crime/raiffeisen-cyber-heist.html Pe acelasi subiect: https://www.bzi.ro/exclusivitatea-anului-cutremur-fara-precedent-in-sistemul-bancar-romanesc-secret-imens-ascuns-la-diicot-iasi-toate-bancomatele-unei-celebre-banci-au-fost-compromise-643428 https://www.bzi.ro/exploziv-raport-intern-strict-secret-intrat-in-posesia-bzi-fara-precedent-toate-datele-clientilor-raiffeisen-in-pericol-cei-mai-tari-hackeri-au-controlat-calculatoarele-bancii-643514

NetRipper - Added support for WinSCP 5.1.3 https://github.com/NytroRST/NetRipper

Lipsiti de imaginatie, infractorii astia. Trebuiau sa se inscrie intr-un partid, atunci ar fi facut rost de oameni, si sa goleasca toate ATM-urile din tara. Castigau alegerile sigur asa, si apoi se gratiau! :)))))))

Culmea ironiei? @MrGrj care abordeaza doar baietei are la indemana pdf de vorbit cu femei Good cover!

din vremurile apuse ale 2013 (2013-09-29-135522_670x827_scrot.png)

"Alexandrustiemulte" - dar nu stie sa vorbeste cu o fata.. ai trait in varf de munte iar acum ai dat de civilizatie? cum plm sa nu fii in stare sa vb cu cineva, sa ai nevoie de ghid pentru asta. generatie de retardati =)

# TOR Browser 0day : JavaScript Exploit ! ## Works on Firefox versions 41 - 50 ### The critical vulnerability is believed to affect multiple Windows versions of the open source Firefox web browser as far back as Firefox version 41, and up to Firefox version 50. When exploit opened by a Firefox or Tor Browser with Javascript enabled on a Windows computer, it leverage a memory corruption vulnerability in the background to make direct calls to kernel32.dll, which allows malicious code to be executed on computers running Windows. <i>Makes redirect to '/member.php' after code execution</i> - - - This is an Javascript exploit actively used against TorBrowser NOW. It consists of one HTML and one CSS file, both pasted below and also de-obscured. The exact functionality is unknown but it's getting access to "VirtualAlloc" in "kernel32.dll" and goes from there. Please fix ASAP. I had to break the "thecode" line in two in order to post, remove ' + ' in the middle to restore it. - SIGAINT Download: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/44267.zip # 0day.today [2018-03-09] # Sursa: https://0day.today/exploit/29975

dotdotslash An tool to help you search for Directory Traversal Vulnerabilities Benchmarks Platforms that I tested to validate tool efficiency: DVWA (low/medium/high) bWAPP (low/medium/high) Screenshots Instalation You can download the last version cloning this repository git clone https://github.com/jcesarstef/dotdotslash/ This tool was made to work with Python3 Usage python3 dotdotslash.py --help usage: dotdotslash.py [-h] --url URL --string STRING [--cookie COOKIE] optional arguments: -h, --help show this help message and exit --url URL Url to attack. --string STRING String in --url to attack. Ex: document.pdf --cookie COOKIE Document cookie. Example: python3 dotdotslash.py \ --url "http://192.168.58.101/bWAPP/directory_traversal_1.php?page=a.txt" \ --string "a.txt" \ --cookie "PHPSESSID=089b49151627773d699c277c769d67cb; security_level=3" Links My twitter: https://twitter.com/jcesarstef My Linkedin: https://www.linkedin.com/in/jcesarstef My Blog(Brazilian Portuguese only for now): http://www.inseguro.com.br Sursa: https://github.com/jcesarstef/dotdotslash

Ii dai flood.

where is fucking link ?