Matt

A US judge has sentenced the LulzSec hacker Neuron to over one year of home detention for involvement in a cyber attack on Sony Pictures. United States district judge John A Kronstadt sentenced 21-year-old Arizona resident Raynaldo Rivera, known online as Neuron, to serve 13 months of home detention, perform 1,000 hours of community service and pay $605,663 in restitution for his involvement in a 2011 data-stealing cyber raid on Sony Pictures. The attack saw the LulzSec hackers illegally access data stored on Sony Pictures' website with a SQL injection, stealing and posting online information including the names, addresses, phone numbers, and email addresses for tens of thousands of Sony customers. Rivera originally pleaded guilty to conspiring to cause damage to a protected computer after participating in the attack on Sony Pictures in October 2012. He is the second US LulzSec member to be sentenced for involvement in the raid. Prior to Rivera, Cody Kretsinger, who operated under the alias Recursion, was sentenced in April to one year and one day in federal prison and to pay the same $605,663 restitution fee. At the time of publishing Sony had not responded to V3's request for comment on Rivera's sentencing. The Sony Pictures attack was part of a wider two-month rampage by the loose-knit LulzSec hacking group. The campaign saw them target numerous companies and government groups, including the UK's Serious Organised Crime Agency (SOCA). Outside of the US several British youths have also been arrested and sentenced for participating in LulzSec cyber attacks. Most recently UK LulzSec member Ryan Ackroyd, 26, pleaded guilty to carrying out an unauthorised act to impair the operation of a computer, contrary to the Criminal Law Act 1977. Before this, Ryan Cleary and Jake Davis pleaded guilty to involvement in attacks on several high-profile agency and company websites in July 2012. Sursa V3.co.uk

The Serious Fraud Office (SFO) has revealed that it lost a cache of documents and electronic media used in its investigation of defence contractor BAE Systems. Two internal SFO investigations have been sparked as a result. The incident, which took place between May and October 2012, included up to 32,000 document pages and 81 audio tapes and a selection of digital information. The SFO confirmed to V3 that the lost digital data included floppy disks, CDs, mini disks and backup tapes, which were sent to the wrong recipient. It said that 98 percent of the lost data had since been recovered, but this would still leave over 600 document pages unaccounted for. "The SFO has a duty to return material to those who supplied it, upon request, after the close of an investigation," an SFO statement read. "In this instance the party requesting the return was sent additional material, which had in fact been obtained from other sources." The SFO said that it had informed the 59 suppliers of the mishandled data about the situation. As a result of the incident, the SFO asked the former director of security at the Palace of Westminster, Peter Mason, to conduct a review of the incident. Mason's recommendations were: 1. Continuing ownership of the data in a concluded case by designated operational staff 2. Redrafting of the responsibilities of the SFO's senior information risk owner 3. Raising the profile of data handling as a key risk in the SFO's business In addition, a further independent investigation has been instigated to "review all of the organisation's business processes". The documents lost pertained to a bribery investigation following major arms deals between BAE and Saudi Arabia, including the sale of Typhoon fighter jets. The investigation was discontinued in 2006 following intervention from the prime minister at the time, Tony Blair. In a statement seen by the BBC, BAE Systems concluded that the matter for the firm was "now closed". Sursa V3.co.uk

Un om cu cap si inteligent nu reactioneaza in halul asta.Eu n-am vazut in occident sa se faca tam-tam daca a picat o retea de telefonie sau apa sa se creeze posturi pe facebook si sa-i injure pe angajati. De aia suntem pusi ca o tara de lumea a 3 a sau ca o tara africana pentru ca ne comportam ca o gloata de snobi.

Da eroare link-ul la poza. 404

Trebuia sa se faca o adevarata stire din asta.

Romanii sunt prea prosti.. daca cumva se intampla ceva cu o retea fie ea de telefonie , apa , curent ei sar ca idiotii cu replici de tigani borati gen " VA PLATIM DEGEABA " sau "NE LUATI BANII" . Ei, pentru cei care au pornirile astea n-am decat un singur mesaj "SA VA DUCETI IN PULA MEA IN TIGANIE".

https://www.dropbox.com/s/7jb4zoguk1x93p4/72521420-Aurul-Spartanilor-Clive-Cussler.pdf https://www.dropbox.com/s/284v6umtgqy4wno/156127018-Clive-Cussler-Urmarirea.pdf https://www.dropbox.com/s/s6l4cu1u3mrslnp/155651913-Comoara-Marelui-Han-Cussler-Clive-Cussler-Dirk.pdf https://www.dropbox.com/s/qxv1kr1ytpzvszi/6646595-dw-Winnicot-Natura-Umana-Ed.pdf?m Pentru format ebook iti iei frumos un converter pdf to ebook si ai rezolvat problema. Tehnica Si Arta Ceasornicarilor Giuvaergiilor Tintutorilor Gravorilor Si Opticienilor Ioan Ratiu Ratz https://www.dropbox.com/s/l5ox4ji5o9vdpkc/125753940-repararea-ceasornicelor-pinkin-pdf.pdf?m https://www.dropbox.com/s/2dio7mf7iddpwwp/33619655-Manualul-ceasornicarului.pdf Astea am gasit din ce ai cerut tu sus, sper sa te ajute.

The Mozilla Foundation has unveiled a new Identity Bridge that links its Persona single sign-on technology with Gmail, allowing all Gmail users to log in to Persona-enabled sites without entering a username or password. Persona works by having users register their email addresses with a server called a Persona Identity Provider (IdP), which will then authenticate their identities for other websites using a system based on public-key cryptography, rather than traditional usernames and passwords. Because most internet users haven't registered with a Persona IdP, however – and many don't even know such things exist – Mozilla has developed Identity Bridging as a stopgap measure until Persona is more widely supported. A Persona Identity Bridge authenticates users using either the OpenID or OAuth protocols – most major email providers offer one or the other – and then translates the results into the Persona protocol for use with Persona-enabled websites. Mozilla introduced its Identity Bridging system with Persona Beta 2 in April, which included an Identity Bridge for Yahoo! Mail. With the addition of the Identity Bridge for Gmail, Mozilla says some 700 million email users now have built-in support for Persona – they don't have to sign up for any new services or create any new accounts. They don't need to send any additional information to Google or Yahoo!, either. As Mozilla's Dan Callahan wrote in a blog post on Thursday, "Persona remains committed to privacy: Gmail users can sign into sites with Persona, but Google can't track which sites they sign into." Mozilla has previously said that it is working to bring Persona support to more large email providers, and that its eventual goal is to provide support for "over half of the worldwide internet population." Between the Gmail and Yahoo! Identity Bridges, Callahan says roughly 60 to 80 per cent of North American web users are already covered. Note, however, that in El Reg's tests, the Gmail Identity Bridge only worked with addresses from the actual Gmail domain. Addresses from private domains that offer Gmail via Google Apps confused it. If you have a Gmail address, Mozilla suggests you try out Persona by signing in to any Persona-enabled website, such as Mozilla's Webmaker. Website owners who are interested in adding Persona to their own sites can find more information here. ® Sursa TheRegister.co.uk

This summer I was introduced to ReviewBoard, an excellent open-source web application which integrates with source control systems to facilitate code review. Being the curious researcher that I am, I setup my own installation and set out evaluating it for common security issues. In my examination of ReviewBoard, I started by creating a guest account using a cross-site scripting (XSS) locator string as the user’s name. An XSS locator is a short piece of HTML which when rendered will trigger some JavaScript action such as an alert box. I then proceeded to assign a review request to this user and as I was typing in the name, an alert box popped up letting me know that I had found vulnerability. Upon further investigation, I found that the user’s name was being unsafely rendered in the auto-complete box. I promptly reported the issue to ReviewBoard and was pleasantly surprised by their response. Not only did they express gratitude for bringing it to their attention but barely 24 hours later versions 1.6.17 and 1.7.10 were released. This issue was assigned CVE-2013-2209 and is detected by IP360. A few weeks later I found myself with a few minutes to kill and decided to poke a little more at my ReviewBoard site. As it turns out, the auto-complete widget was not the only place in the UI which would unsafely render the user’s name. As I browsed through my site, I found that the user’s name is also rendered when viewing the list of submitters. This issue is now tracked as CVE-2013-4795. Encouraged by this finding, I decided to look at how file uploads are handled. – ReviewBoard allows users to upload and associate files with a review request. The first thing I tried was to upload a file using an XSS locator as a filename similar to a WebSphere vulnerability which I helped IBM address in April 2013. ReviewBoard handled this test case properly but in the process of testing, I uncovered a separate far more serious issue. On my Apache server, I could attach PHP source code to a review request which would subsequently be executed by the server if a request was made to download the attachment. The implications of this are grave since it enables users to execute code in the context of the web server. Alternatively this issue, now tracked as CVE-2013-4796, has the implication that a malicious user can upload HTML/JavaScript content to the ReviewBoard site for the purpose of launching client-side attacks in the context of the ReviewBoard domain. ReviewBoard has now released versions 1.6.18 and 1.7.12 to address CVE-2013-4795 but it is important to note that the more critical issue, CVE-2013-4796 is not resolved by upgrading a ReviewBoard site to the latest version. Although sites created with the latest versions are configured to mitigate the risk, the upgrade process does not harden the configuration for existing sites. In this case it is advised that users follow the newly released ReviewBoard configuration guide available here: Securing File Attachments : Beanbag, Inc. Sursa TripWire.COm

Internet security firm Arbor Networks reports that a new botnet, Fort Disco, is made up of over 25,000 Windows PCs and is targeting blog sites and content management systems (CMS)es. Once these are infected, they can then be used to spread the botnet's malware and to attack other systems. Matthew Bing, an Arbor Security Engineering & Response Team (ASERT) research analyst, wrote, "Arbor ASERT has been tracking a campaign we are calling Fort Disco which began in late May 2013 and is continuing. We’ve identified six related command-and-control (C&C) sites that control a botnet of over 25,000 infected Windows machines. To date, over 6,000 Joomla, WordPress, and Datalife Engine installations have been the victims of password guessing." Arbor Networks has determined that there are at least four variants of the Windows malware used by the Fort Disco botnet. These, in turn, appear to spring from what the security expert Brian Krebs calls a high-end, "malware-as-a-service" Styx Exploit kit. With this kit a wide-variety of attacks can be made on Windows PCs. Fort Disco-infected Windows systems then use brute-force password guessing to break into blogs and CMSes that use PHP. The botnet has installed a variant of the all too common “FilesMan” PHP back-door on almost 800 PHP-powered sites. All the infected systems, in turn, are controlled from the half-dozen Russian and Ukrainian C&C sites. So far Fort Disco has been used for little more than spreading itself to Windows PCs and vulnerable blogs and CMS Web sites. This won't last. Bing said, "Blogs and CMSes tend to be hosted in data centers with immense network bandwidth. Compromising multiple sites gives the attacker access to their combined bandwidth, much more powerful than a similarly sized botnet of home computers with limited network access by comparison. While we have no evidence the Fort Disco campaign is related to Brobot or denial-of-service (DoS) activity, we’ve experienced the threat that a large blog botnet can deliver." Brobot has been used to attack U.S. Banks with distributed denial of service (DDoS) attacks. In an e-mail, Bing expanded on this theme, "This is similar to the type of botnet being used on the ongoing attacks against financial services firms. Rather than tens of thousands of PCs making up a botnet, each throwing off a relatively small amount of bandwidth, Fort Disco accesses WordPress and Joomla servers, so they need far fewer machines to have much greater impact." That said, Bing continued, "Arbor does not have evidence that the Fort Disco attacks are related to the QCF/Brobot incidents or phishing campaigns that have been used against banks. The best evidence we have for the motivation of Fort Disco is to install drive-by exploit kits on compromised sites. But as the Brobot incidents demonstrated, WordPress/Joomla sites tend to be located in data centers with access to large network bandwidth. A botnet of these compromised sites can deliver a powerful denial of service attack. While we haven't seen the Fort Disco campaign show any interest in denial of service, the risk is certainly present." Sursa ZDNET.COM

Microsoft is prepping eight security bulletins for next week's Patch Tuesday release. Three of the bulletins are rated 'Critical', while the others are classified as 'important.' The critical updates address vulnerabilities in Microsoft Windows, Internet Explorer and Exchange. All of the critical updates address remote code execution issues, while the remaining five cover a mix of privilege escalation, denial of service and information disclosure issues. "I would consider Bulletin number three to be of the greatest concern, as it affects all supported versions of Microsoft's Exchange Server and is rated as critical with remote code execution," said Ross Barrett, senior manager of security engineering at Rapid7. "If this is truly a remotely exploitable issue that does not require user interaction, then it's a potentially wormable issue and definitely should be put at the top of the patching priority list." The second most significant bulletin is bulletin one due to its severity, multiple security experts said. "To me, Bulletin 1 is most critical, as last time I saw an IE Remote Code execution of this caliber, I saw live malware exploiting it not too long after," said Ken Pickering, director of engineering, CORE Security. "People are getting good at turning these IE vulnerabilities into web-based attacks.” Bulletin two impacts legacy code, primarily Windows XP, noted Paul Henry, security and forensics analyst at Lumension. Support for XP ends in April 2014, so organizations should be sure to get their upgrade plans in place if they have not done so already, he added. "With eight bulletins today, Microsoft’s year-to-date total is 65 patches," he said. "For anyone keeping track, that’s seven more than what we had covered off on last year at this time. At the start of the year, we anticipated higher numbers in 2013 given Microsoft’s commitment to cleaning up the low-hanging fruit out there. Last year at this time there were 35 important patches issued; we now see 40. Our criticals in 2013 number 25, with 35 in total for 2012. Good news there." Patch Tuesday is scheduled for Aug. 13. Sursa Securityweek.com

Researchers from RSA have uncovered a new banking Trojan designed to steal information from machines running the Linux operating system. Dubbed “Hand of Thief”, the Trojan is reportedly being sold in closed cybercrime communities for $2,000 with free updates. “The current functionality includes form grabbers and backdoor capabilities, however, it’s expected that the Trojan will have a new suite of web injections and graduate to become full-blown banking malware in the very near future, ” Limor Kessem cyber Intelligence expert at RSA, explained in a blog post. Assuming development continues and the new Trojan becomes fully functional, RSA expects the price to increase to $3,000, along with a $550 for major version releases, prices that coincide with other similar malware that targets Windows. According to RSA, the developer behind Hand of Thief claims it has been tested on 15 different Linux desktop distributions, including Ubuntu Fedora and Debian. The malware also reportedly supports 8 different desktop Linux environments, including Gnome and Kde. RSA researchers got their hands on the malware builder along with the server side source code, which allowed them to see some of the features that include: • Form grabber for both HTTP and HTTPS sessions; supported browsers include Firefox, Google Chrome, as well as several other Linux-only browsers, such as Chromium, Aurora and Ice Weasel. • Block list preventing access to specified hosts (a similar deployment used by the Citadel Trojan to isolate bots from security updates and anti-virus providers) • Backdoor, backconnect and SOCKS5 proxy • Anti-research tool box, which includes anti VM, anti-sandbox and anti-debugger In terms of backend features, the developer has already put together a basic administration panel for the Trojan, which enables the botmaster to control the infected machines reporting to it. According to Kessem, the control panel shows a list of infected machines (bots), and provides a querying interface, along with other basic bot management options. In addition to having cookie-stealing functionality, information captured by Hand of Thief’s command and control infrastructure includes stolen credentials which are stored in a MySQL database, along with other details including timestamp, user agent, website visited and POST data. “Although Hand of Thief comes to the underground at a time when commercial Trojans are high in demand, writing malware for the Linux OS is uncommon, and for good reason,” Kessem wrote. “In comparison to Windows, Linux’s user base is smaller, considerably reducing the number of potential victims and thereby the potential fraud gains. Secondly, since Linux is open source, vulnerabilities are patched relatively quickly by the community of users. Backing this up is the fact that there aren’t significant exploit packs targeting the platform. In fact, in a conversation with the malware’s sales agent, he himself suggested using email and social engineering as the infection vector.” Hand of Thief is not alone in being an emerging banking malware threat. Late last month, another new professional-grade banking Trojan was uncovered that RSA researchers said could soon rival Zeus, SpyEye and Citadel in how effectively it spreads. Dubbed KINS, the banking Trojan has several features in common with Zeus and SpyEye, as well as having a similar DLL-plugin-based architecture. Sursa SecurityWeek.Com

SAN FRANCISCO - Nintendo said Wednesday that it has filed a lawsuit against a US website with a business model built on hacking into the company's videogame hardware. Nintendo is suing HackYourConsole.com in federal court in the operation's home state of Florida. "The site blatantly promotes and sells unauthorized Nintendo games along with devices and services that circumvent the security in the Nintendo DS system and the Wii console," the Japanese videogame giant said in a release. "The operator of HackYourConsole.com has developed a global business focused on selling unauthorized copies of Nintendo games and game-copying devices used to circumvent the technological protection measures contained in the Nintendo DS family of hand-held systems." Nintendo of America described the lawsuit as part of a fight against videogame piracy. "Piracy on the Nintendo DS system has a huge impact on games sales," said Jools Watsham, co-founder of Texas-based game studio Renegade Kid. "It can affect everyone involved, including the many honest players out there." HackYourConsole.com told AFP that they had no comment regarding the lawsuit. Sursa Securityweek.com

Bitdefender, producatorul celei mai performante solutii antivirus din lume, lanseaza in exclusivitate pentru Romania o noua generatie de produse pentru utilizatorii de Mac. Noul Bitdefender Antivirus for Mac va fi disponibil exclusiv in Romania timp de o saptamna de la lansare si aduce in premiera un motor de scanare complet nou, mult mai rapid decat generatia precedenta, dezvoltat special pentru cerintele sistemului de operare OS X. Integrand tehnolgia TrafficLight – o aplicatie ce filtreaza traficul de web si blocheaza accesul la paginile cu malware – noul produs ofera utilizatorilor protectie completa pentru browsere-le principale (Safari, Chrome, Firefox) mai ales in ceea ce priveste atacurile de tip phishing. Ele raman o amenintare serioasa impotriva computerelor Apple. “Am vazut in ultimii ani cresterea atacurilor informatice care vizeaza sistemul de operare OS X si constatam totodata ca au si o raspandire foarte violenta. Spre exemplu, raportat la baza totala de utilizatori ai sistemului de operare, Flashback a reusit sa infecteze un procent mult mai mare de computere, decat a reusit cel mai agresiv virus de Windows. Mai multe surse din industrie au dat numarul total de infectii cu Flashback ca fiind de peste 600.000 de useri, practic o populatie de dimensiunile unui oras european major. Este clar ca problema nu mai poate fi tratata superficial”, declara Catalin Cosoi, Chief Security Strategist, Bitdefender. Impactul noului Antivirus for Mac asupra masinii este diminuat semnificativ datorita tehnologiei de scanare. Ea actioneaza selectiv, verificand doar fisierele noi sau cele care au suferit modificari. Astfel, Antivirus for Mac intervine doar atunci cand este cazul, amprenta sa asupra vitezei de lucru a calculatorului fiind extrem de redusa. In timpul scanarii sunt verificate atat amenintarile informatice caracteristice Mac-urilor, cat si cele pentru Windows. “Atata timp cat Macurile sunt conectate la o retea ele pot transmite catre ceilalti utilizatori anumite componente de malware scris special pentru Windows. Practic, fara sa fie direct infectate, sistemele OS X devin gazde care pot afecta reteaua per ansamblu. Este si acesta unul dintre motivele pentru care recomandam tuturor utilizatorilor de Mac sa foloseasca o solutie antivirus”, mai adauga Cosoi. Un alt element imbunatatit fata de versiunea anterioara este dat de sistemul de alerte. La aceasta noua versiune, ele sunt integrate in sistemul de notificari al sistemului de operare OS X, astfel ca sunt mult mai putin intruzive si mult mai familiare pentru utilizatorii de Mac. Noul Bitdefender Antivirus for Mac va fi disponibil online pe Antivirus pentru Mac OS - Bitdefender Antivirus for Mac 2012 si poate fi testat gratuit timp de 30 zile. Despre Bitdefender® Bitdefender este producatorul uneia dintre cele mai performante si eficiente game de solutii de securitate informatica atestate pe plan international. Inca din anul 2001, compania este unul dintre liderii industriei de securitate. In fiecare zi, tehnologia Bitdefender protejeaza datele digitale ale aprox. 500 milioane de utilizatori individuali si companii din intreaga lume. Recent, Bitdefender a primit doua distinctii foarte importante in industria de securitate: “Editor’s Choice” acordat de PC Mag pentru Bitdefender Antivirus Plus 2013, respectiv “GoldAward” de la TopTenREVIEWS, care a plasat produsul romanesc pe locul intai in urma testelor efectuate pe 25 de produse de securitate. De asemenea, tehnologiile antivirus Bitdefender s-au clasat pe primul loc in urma testelor specializate realizate de organisme independente de profil, printre care AV Test si AV-Comparatives. Mai multe informatii despre gama de solutii antivirus Bitdefender sunt disponibile pe site-ul companiei. In plus, Bitdefender pune la dispozitia utilizatorilor sai blogul HOTforSecurity, un hub cu informatii despre lumea securitatii IT, discutii aprinse despre amenintarile informatice de pe retelele sociale si sfaturi de protectie impotriva aplicatiilor periculoase de pe dispozitivele mobile. Sursa : Antivirus Software - Bitdefender Romania

Juriul International Project Management Association a selectat drept singure finaliste la aceeasi categorie 2 dintre proiectele dezvoltate de SIVECO Romania Tara noastra este dublu finalista in cadrul competitiei IPMA, la categoria „Project Excellence in Medium-Sized Projects”, pentru ambele proiecte inscrise de SIVECO Romania in concurs: „Introducerea tehnologiei multitouch in liceele din Romania” si „Dezvoltarea de continut educational multimedia interactiv pentru sistemul educational din Kazahstan”. Competitia recunoaste si recompenseaza recompenseaza excelenta in managementul de proiect la nivel global. Juriul a apreciat la superlativ anvergura extinsa si modul de gestionare ale celor doua proiecte dezvoltate pentru sistemul educational romanesc, respectiv cel kazah, acestea fiind de altfel si singurele proiecte selectate ca finaliste la categoria „Project Excellence in Medium-Sized Projects”. “Suntem foarte mandri ca ambele proiecte pe care le-am inscris in competitie au fost desemnate finaliste in ceea ce putem spune ca reprezinta campionatul mondial al proiectelor de toate tipurile, de pe intreg mapamondul. Chiar mai mult decat atat, in aceasta etapa, proiectele inscrise de noi nu mai au competitie, fiind singurele care au primit din partea juriului statutul de Finalist, din perspectiva managementului de proiect. Selectarea celor doua proiecte din domeniul educational dintre foarte multe proiecte candidate din intreaga lume reprezinta o performanta cu adevarat exceptionala”, a declarat Florin Ilia, Vicepresedinte SIVECO Romania. Recunoasterea primita din partea celei mai respectate autoritati in domeniul managementului de proiecte (din toate domeniile de activitate, nu numai din domeniul informatic) dovedeste nu numai valoarea si impactul semnificativ ale celor doua proiecte, dar mai ales gradul ridicat de calitate, la standarde internationale. SIVECO Romania intra pentru a 7-a oara in finala internationala a firmelor cu cele mai bune proiecte din lume – o performanta in sine. in 2012 a fost desemnata finalista pentru proiectul NCTS-New Computerized Transit System, dezvoltat si implementat la Autoritatea Vamala din Turcia. Doua proiecte de mare complexitate si anvergura, cu milioane de beneficiari, au intrat in finala competitiei din 2011 care recompenseaza excelenta in managementul de proiect: Sistemul Informatic Unic Integrat (SIUI) pentru Casa Nationala de Asigurari de Sanatate si proiectul New Computerized Transit System. in 2009, solutia dezvoltata de SIVECO Romania pentru sistemul IT care functioneaza la Agentia de Plati si Interventie pentru Agricultura a primit trofeul de Finalist. in 2010, doua componente ale proiectului Economia Bazata pe Cunoastere Portalul eComunitate (eComunitate) si Programul de instruire TIC in scoala si afaceri au primit statutul de finalist, iar in 2007 in Marea Gala IPMA a fost selectat Sistemul Educational Informatizat din Romania. Despre IPMA Infiintata in 1965 in Elvetia, IPMA este cea mai mare organizatie non-profit pentru managementul organizatiilor si reprezinta mai mult de 50 de asociatii nationale de management de proiect, avand membri in Europa de Nord, America de Sud, Asia, Africa si Orientul Mijlociu. IPMA promoveaza managementul proiectelor pentru intreprinderi si organizatii din intreaga lume, incurajand obtinerea de performante in dezvoltarea si implementarea proiectelor de anvergura. Mai multe informatii despre organizatie puteti obtine vizitand IPMA | International Project Management Association. Despre SIVECO Romania SIVECO Romania este liderul caselor romanesti de software si unul din integratorii software de succes din Europa Centrala si de Est. Compania dezvolta si exporta solutii IT si proiecte de consultanta cu valoare adaugata ridicata catre tari din Comunitatea Europeana, Orientul Mijlociu, Africa de Nord si spatiul Comunitatii Statelor Independente. Compania a fost infiintata in 1992 si are, la nivel international, peste 1.300 de angajati. Actionarii SIVECO Romania sunt Intel Capital, Polish Enterprise Fund V (fond de investitii administrat de Enterprise Investors), SIVECO Netherlands B.V si SIVECO Management Team. Adresandu-se organizatiilor private si publice, SIVECO Romania ofera solutii eficiente de eLearning, EAS (Enterprise Application Suite), Document Management, Business Intelligence, eHealth, eGovernment, eAgriculture si eCustoms, pentru piata nationala si internationala. SIVECO Romania s-a specializat in executia de proiecte informatice de mare complexitate si amploare. De-a lungul celor 21 ani de existenta, compania si-a construit o reputatie solida, fiind recompensata cu peste 170 de premii interne si internationale. Mai multe informatii despre companie si produsele sale puteti obtine vizitand SIVECO Project:ProgressTM | SIVECO Romania, www.facebook.com/siveco si SIVECO Romania | LinkedIn. N-are legatura directa cu IT-ul insa am tinut sa fie postata ca romanii sa se faca cunoscuti Sursa : Media Pozitiv - Home

Moneda virtuala Bitcoin reprezinta o valuta, iar utilizarea sa poate fi reglementata sub legea Statelor Unite ale Americii, a decis un judecator american. Bitcoin poate parea un vis libertin: o moneda virtuala care este acoperita cu voalul anonimatului, fara legaturi cu guvernele nationale si scutita de taxele tranzactiilor. Insa acum moneda a fost adusa in lumina reflectoarelor, dupa ce un judecator federal a decis, la inceputul saptamanii, ca Bitcoin este intr-adevar o valuta, putand astfel fi supusa reglementarilor guvernamentale, informeaza PC World. Judecatorul Amos Mazzant a dat verdictul in timpul unui caz impotriva fondului de investitii Bitcoin Savings and Trust, care a strans "cel putin 700.000 de Bitcoin in plasamente BTCST, care se cifreaza la peste 4,5 milioane de dolari, bazandu-se pe pretul mediu al Bitcoin, in anii 2011 si 2012, cand plasamentele au fost oferite si vandute". Bitcoin, moneda virtuala care a innebunit speculatorii - Ce poti cumpara (Video) Bitcoin a aparut in 2008, dupa ce o persoana, sub pseudonimul "Satoshi Nakamoto", a publicat un raport in care a descris cum ar putea functiona aceasta moneda. Dupa doar un an de zile, aceasta a inceput sa fie tranzactionata. Exista doua posibilitati prin care poti obtine "monede" Bitcoin: le poti cumpara cu banii conventionali sau poti "sapa" dupa ele, adica iti poti folosi calculatorul sa "vaneze" un numar format din 64 de cifre. Dupa ce rezolvi mai multe puzzle-uri, vei concura cu alti utilizatori pentru generarea numarului pe care reteaua Bitcoin il cauta. Daca al tau calculator il descopera, atunci vei primi 25 de monede Bitcoin. Procesul implica calcule matematice foarte complicate. De tinut minte este faptul ca sistemul Bitcoin este descentralizat, adica nu depinde de o banca centrala si este programat sa ofere un numar limitat de monede intr-un anumit timp. Mai concret, el este setat in acest moment sa emita 25 de Bitcoins la fiecare 10 minute. Astfel, in 2140, numarul total de monede va ajunge la 21 milioane. Cu alte cuvinte, sistemul se sustine singur, este codat, complet anonim si nu este supus inflatiei. In acest moment, o moneda Bitcoin valoreaza 68 de dolari, inregistrand un declin fata de inceputul saptamanii, din cauza analistilor care au vociferat in presa externa si au sustinut ca reprezinta doar o bula specualtiva. Pentru a vedea rata de conversie, poti accesa site-ul preev.com. De-a lungul existentei sale, moneda a evoluat extrem de mult, avand in vedere ca la lansare puteai cumpara cu un dolar 1.309,03 de Bitcoins. Sursa Ziare.COM

Malware-ul care tinteste dispozitivele cu sistem de operare Android a inregistrat o evolutie incredibil de puternica in prima parte a acestui an, iar tendinta de crestere a numarului de amenintari se pastreaza. Cu cat numarul de utilizatori ai unui sistem de operare este mai mare, cu atat creste si numarul de aplicatii malitioase. Este o realitate demonstrata deja de Windows si care exclude polemica pe marginea subiectului "OS-ul cutare este mai sigur", scrie HIT.ro. Android-ul a castigat un numar imens de utilizatori in ultimii doi ani, iar evolutia OS-ul pare a fi de neoprit. De aici, si interesul hackerilor pentru exploatarea vulnerabilitatilor din sistemul de operare Google. 718.000 de alerte de securitate in iunie Potrivit companiei de securitate Trend Micro, in prima parte a lui 2013 (martie), Android-ul a "strans" nu mai putin de 500.000 de probleme de securitate. Si, ca sa va dati seama care este viteza de crestere a numarului de malware pentru acest sistem de operare, in iunie se ajunsese deja la cifra de 718.000 de alerte de securitate. Numarul este incredibil de mare, iar cifra este cu adevarat alarmanta in contextul in care majoritatea vulnerabilitatilor si codurilor malitioase incearca sa fure parolele utilzatorilor, alte informatii personale, iar unele sa acceseze camera foto a terminalului cu Android. Potrivit specialistilor Trend Micro, 44% din malware-ul Android operareaza prin abonarea utilizatorilor la servicii diverse, fara cunostinta acestora, iar 24% se ocupa cu furtul de date. Sursa BUsiness24.Ro

Foarte frumos, de pus in rama. Sper ca o sa il urci pe tot cand termini.

Mobile Malware Rising Mobile malware has been skyrocketing, according to security vendors monitoring the threat landscape. Trend Micro's latest quarterly threat report, "Mobile Threats Go Full Throttle," outlines some of the most dangerous threats, such as SMS Trojans and spyware. The threats are riskiest for Android device owners in Eastern Europe, Asia and Latin America, according to the threat statistics provided by the security vendor. Many of the malicious applications spoof legitimate mobile apps and are downloaded from third-party application stores. Trend Micro also highlighted some of the latest threats, such as the Master Key Vulnerability, a security flaw in Android that could be used to weaponize a legitimate application by bypassing a verification check in the Google Play store. Here's a look at the top 10 Android malware threats, according to Trend Micro. 10. Basebridge The Basebridge malware family acts as spyware, stealing sensitive data from the device owner to a remote location. The malware, which constituted 2 percent of the total Android malware threats, landing it in the No. 10 spot on Trend Micro's top Android malware family list, has been detected in Asia and is embedded in copies of popular mobile apps that can be downloaded from a third-party application store. Basebridge was designed to sniff the victim's SMS messages and send out text messages to premium-rate numbers. It also has functionality that can block data consumption monitoring by cellular service providers. 9. JIFake Tying with Basebridge malware at 2 percent, the JIFake malware family masquerades as a mobile app for JIMM, an open-source instant messaging client for the ICQ network. The fake mobile app has an embedded SMS Trojan functionality to send text messages to premium-rate phone numbers, Trend Micro said. The fake mobile app has been detected in Eastern Europe and Russia. The malicious application can also monitor incoming SMS messages and collect device information and location data. 8. KungFu Landing in the No. 8 spot at 3 percent, the KungFu malware family is found embedded in applications and attempts to gain root access of the victim's device, according to Trend Micro. It was detected in 2011. Security researchers said the malware appears to have backdoor functionality that enables an attacker to install a malicious Android package, run programs or navigate to a specific website. It steals data about the device as well as all information stored in its memory. 7. FakeDolphin FakeDolphin, which according to Trend Micro tied with KungFu at 3 percent, is a family of Android malware that poses as a Dolphin browser, an alternative browser to Google Chrome on the Android platform. FakeDolphin contains an SMS Trojan that attempts to sign up users for premium services without their consent, Trend Micro said. Victims can be lured to download FakeDolphin through an attack website or if they browse a poorly managed third-party application repository. 6. VDLoader The VDLoader malware family, which also constituted 3 percent of the Android malware threats Trend Micro found, is embedded into mobile apps and was the first malware to contain an auto update feature. Detected mainly in Asia, this is one of a variety of different SMS Trojan families. VDLoader hides in the background of a mobile application. It contacts a remote server and then begins flooding the victim's phone with text messages, urging the user to load additional applications onto the device, Trend Micro said. It also collects data about the apps already installed on the device. 5. GinMaster Called GinMaster or GingerMaster, this Android family was first detected by researchers in 2011 at North Carolina University. Comprising 6 percent of total Android malware threats and landing it in the No. 5 spot on Trend Micro's list, the malware family is repackaged into legitimate apps, including those displaying racy images of women. The Trojan initially contained dangerous rootkit capabilities, installing its root shell into the system partition for later use, according to the initial research. Variants of the malware are designed to silently collect the device ID, phone number and other data on the victim, Trend Micro said. 4. Boxer Another SMS Trojan, designed to rack up charges by texting to premium rate numbers, the Boxer family of malware was once masquerading as a Flash alternative for Android devices, according to Trend Micro. The apps that spread the threat sometimes pose as freely available versions of legitimate mobile applications. In addition to Europe and Asia, the Boxer family, which also constituted 6 percent Android malware threats, showed up in Brazil and other countries in Latin America, the security firm said. 3. SNDApps Coming in at No. 3, the SNDApps malware family, which made up 12 percent of the total Android malware threats Trend Micro found, dates back to 2011 and was originally found in a group of apps in the official Google Play store. The apps contain spyware that upload personal information, such as email addresses, phone numbers and other details and to a remote server without the user's permission. The simple apps that spread the spyware included an air horn, which sounded when an icon was touched, and a whoopee cushion. Google took action to block the apps from its official repository, but they are still available on third-party app stores. 2. OpFake Constituting 14 percent of Android malware threats Trend Micro found, OpFake is a family of malware that masquerades as a downloader for the Opera browser, an alternative to Google's Chrome browser on Android devices. The malware authors behind the Trojan family monetize it by silently sending premium-rate text messages. The threat was detected last year and started targeting Android devices, but the OpFake cybercriminal gang turned their sites on Symbian phones and jail-broken iPhones. The attack continues to spread through a variety of methods, including a fake Android market and a phony pop-up message on some websites that tricks victims into believing their browser is out of date. 1. FakeInst FakeInst, comprising 22 percent of the total Android malware threats, is the most common malware family, according to Trend Micro and a variety of other security vendors. It sends premium-rate SMS messages and was found in dozens of apps on third-party Android markets. The threat spreads in apps that masquerade as popular games. The majority of the detections have been in Eastern Europe, Russia and Asia, Trend Micro said. So.. aviz amatorilor de aplicatii Android. Sursa CRN.COM

Any good piece of malware eventually has to phone home. What good is collecting your dirty little secrets if it can’t capitalize on them? This article will help demonstrate how a little bit of forensic analysis can help you visualize where your data is going. Web site access logs are often used for web analytics. These logs can be sliced and diced to determine where visitors are coming from, when they’re visiting, what they’re looking at, and what browsers they’re using. That’s all very useful. Malware doesn’t want to be so useful; it wants to be as stealthy and unobtrusive as possible. Malware is a pickpocket. After malware is done logging your keystrokes, gathering your credentials, or collecting whatever it wants to collect, it needs to do something with that data. Many times, it’s a quick TCP connection home. Your firewall won’t catch the connection, because the malware makes a legitimate HTTP request. Your DLP won’t catch it, because the malware is smart and uses SSL to encrypt the outgoing traffic. While you may not be able to catch it red-handed, you can still do something about it after the fact. You can extract IP addresses from your router logs (routers, proxies, wherever you capture this information) and analyze outbound connections and visualize–using maps!–where your data is going. Why maps? Because maps get the attention of your organization’s managers. Sweet! How? There’s the easy way and there’s the hard way. The easy way involves some manual processes that I’ll use to demonstrate the process; the hard way involves automating and customizing these processes to suit your needs. I’ll go over the easy way and leave the hard way up to you. The steps are straightforward: 1.Extract IP addresses from your logs. 2.Format the IP addresses. 3.Visualize the IP addresses. 3.Sit back and enjoy the admiration of your colleagues and managers. Step 1: Extract the IP addresses Your log file might look something like this: 192.168.0.108 157.56.100.121 443 (https)192.168.0.108 66.196.120.100 80 (www) 192.168.0.108 91.198.117.247 443 (https) 192.168.0.108 65.55.17.76 80 (www) 192.168.0.108 98.136.145.154 80 (www) 192.168.0.108 168.143.241.56 80 (www) 192.168.0.108 66.196.120.87 80 (www) 192.168.0.108 65.55.227.140 80 (www) 192.168.0.108 66.196.120.100 80 (www) 192.168.0.108 65.55.17.76 80 (www) 192.168.0.108 98.136.145.154 80 (www) 192.168.0.108 66.196.120.87 80 (www) 192.168.0.108 23.39.80.107 80 (www) 192.168.0.108 98.139.225.43 80 (www) 192.168.0.108 98.139.240.23 80 (www) 192.168.0.108 98.139.50.175 80 (www) 192.168.0.108 66.196.120.100 80 (www) 192.168.0.108 8.18.45.80 80 (www) 192.168.0.108 8.18.45.81 80 (www) 192.168.0.108 69.31.29.26 80 (www) 192.168.0.108 65.55.158.118 3544 192.168.0.108 65.55.158.119 3544 192.168.0.108 65.55.195.230 443 (https) 192.168.0.108 74.125.228.85 443 (https) 192.168.0.108 74.125.228.79 443 (https) 192.168.0.108 173.194.75.106 443 (https) 192.168.0.108 74.125.228.2 443 (https) 192.168.0.108 74.125.228.12 443 (https) 192.168.0.108 173.194.76.125 5222 In this case, the router displays the source IP address (where the request came from), the destination IP address (where the request is going), and the port (what the destination application is). Step 2: Format the IP addresses We’re going to format these addresses to better suit our needs. For the purposes of this demonstration, we’re just going to need the IP address and port of each request. Assuming we store the log file in “log.txt,” we can use awk to format the data as we need to: cat log.txt | awk ‘BEGIN {OFS=”\t”; print “IP”, “Port”} {print $2, $3} END {}’ which renders : IP Port157.56.100.121 443 66.196.120.100 80 91.198.117.247 443 65.55.17.76 80 98.136.145.154 80 168.143.241.56 80 66.196.120.87 80 65.55.227.140 80 66.196.120.100 80 65.55.17.76 80 98.136.145.154 80 66.196.120.87 80 23.39.80.107 80 98.139.225.43 80 98.139.240.23 80 98.139.50.175 80 66.196.120.100 80 8.18.45.80 80 8.18.45.81 80 69.31.29.26 80 65.55.158.118 3544 65.55.158.119 3544 65.55.195.230 443 74.125.228.85 443 74.125.228.79 443 173.194.75.106 443 74.125.228.2 443 74.125.228.12 443 173.194.76.125 5222 First, a quick note on awk. Any number of tools (perl, sed, etc.) can be used to parse the output, but awk serves the purpose as well as any. It accepts the output piped to it from the “cat” command and extracts only the second and third columns (IP and port, respectively) and displays them in two tab-delimited columns. Here is the syntax: Step 3: Visualize the IP addresses Here’s where things get fun. Now that we have the address and port information formatted correctly, we’ll use BatchGeo to visualize the data. This site will geocode the IP address locations and plot each one on a map. We simply copy the IP and port data and then paste it into BatchGeo’s interface. Using its options, we will also color-code each address by port, thereby giving us an at-a-glance representation of each service/application. Next, click the “Make Map” button to make the magic happen: Step 4: Sit back and enjoy the admiration of your colleagues and managers Looking at this map, a couple of things really jump out. First, Greenland looks really big (and not very green). Second, there are two IP address where I wouldn’t have expected: one in Turkey and one in Israel. Doing a search on TCPIPUTILS.com, I see that each of those addresses is associated with spyware. (It should be noted that TCPIPUTILS.com actually locates this address in New York City. This discrepancy underscores that suspect addresses should be further validated to ensure accuracy.) The color groups show that most outbound traffic is using HTTP. Outbound connections using unexpected ports should be further investigated. My map uses the following colors: = HTTPS = HTTP = Teredo IPv4/IPv6 transition protocol = XMPP instant messaging Other uses: Add a map marker attribute to display IP address that originated the request. Parse the output of netstat to visualize active connections and display the process name for each connection. Create color groups of outbound connections by time to see where after-hours traffic is going. Perform the same analysis on your web server access logs. Conclusion Remember, this is the “easy” way, in that I’m doing everything here manually to demonstrate the process and capabilities. There are ways to automate this, obviously. BatchGeo offers a friendly way to quickly visualize the data. For greater flexibility, you could use a service like freegeoip.net: FREE IP Geolocation Web Service to look up the geocodes of IP addresses and leverage the Google Maps API (http://maps.google.com/maps/api) to create your own map markers. References: https://code.google.com/p/apachegeomap/ Create a map | BatchGeo Browse the IP address space (IPv4) powered by TCPIPUTILS.com freegeoip.net: FREE IP Geolocation Web Service Sursa Resources.InfoSecInstitute.Com

A Tor exploit pertaining to be one used by the FBI in a recent child pornography bust has been released on the Metasploit penetration tester forum. The exploit was posted by Metasploit user sinn3r who claimed to have found it during a joint cyber forensics operation at the Defcon hacker conference mere hours after word of its use broke. "I noticed a Reddit post regarding some Mozilla Firefox zero-day possibly being used by the FBI in order to identify some users using Tor for crackdown on child pornography," sinn3r wrote. "The security community was amazing: within hours, we found more information such as brief analysis about the payload, simplified PoC, bug report on Mozilla, etc. The same day, I flew back to the Metasploit hideout (with Juan already there), and we started playing catch-up on the vulnerability." The Tor vulnerability was revealed earlier in the week when local Irish sources reported the FBI used it to track a child pornography distributor. Trend Micro security director Rik Ferguson told V3, the exploit relates to a flaw in the Firefox browser on which the Tor Browser Bundle is based. "This is the one that was supposedly used by US law enforcement in order to help identify users of child exploitation images online. It takes advantage of a vulnerability in the Tor Browser Bundle to unwittingly have the victim expose their true IP and MAC address," he explained. "Certain servers (hidden services) on the Tor network containing illegal material were infiltrated and JavaScript containing this exploit was added. Meaning that whenever someone browsed to one of these pages, their browser would automatically generate a HTTP GET request for a resource on the open internet (rather than the ‘darkweb' of hidden services). "This meant that law enforcement could get a reasonable indication of the location of individuals accessing child exploitation images, even on supposedly anonymous networks such as Tor." Tor is a free service designed to let people hide their internet activity. It does this by directing internet traffic through a volunteer network of more than 3,000 relays to conceal the user's location. The exploit is thought to be especially significant as prior to it, many users had taken Tor as being a bulletproof means to surf the web anonymously. Ferguson said even if the exploit is used by law enforcement to track some groups, its appearance should be of little concern to most people. "Regular Firefox users were not targeted by the original exploit and it was for an older version of the browser anyway (the one that the TOR browser pack was based on) so regular FF users were almost certainly never affected (or targeted by it). TOR Browser Bundle only released a patch for it recently, and in any case, users of that environment tend to update less often, so no doubt it served its purpose there, and that's no bad thing." The extent to which law enforcement monitors web users has been a growing concern in recent weeks, with the emergence of the notorious PRISM campaign. PRISM is a cyber campaign run by the NSA designed to collect vast reserves of web users personal information from big name companies like Facebook, Google and Twitter. Sursa TheRegister.co.uk

Este pur si simplu genial ce se gaseste in aceste pdf-uri.

50-100 $

Mai curand decat crezi tu.

Cred ca s-a rezolvat problema.