Jump to content

sado

Active Members
  • Content Count

    596
  • Joined

  • Last visited

  • Days Won

    1

sado last won the day on November 21 2010

sado had the most liked content!

Community Reputation

43 Excellent

About sado

  • Rank
    Registered user
  • Birthday 06/22/1996

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Urmaream un videoclip pe youtube, respectiv https://www.youtube.com/watch?v=T4IM-NWZ4zE , la sfarsitul videoclipului, in loc sa se opreasca, pe un fundal negru, a incepus sa sune vocea lui Putin, era ceva despre un referendum, nu am inteles mare chestie, doar cateva cuvinte care semanau. A tinut undeva la 3-4 minute, dupa care am reincarcat pagina, am pus video-ul la sfarsit dar fara aceleasi rezultat.media atack? propaganda? wtf?
  2. Privacy of Internet users is dead somewhere as the Intelligence agencies can watch our every move, hear our every conversation and read our every email and find out anything related to our personal and private life. Last year, Edward Snowden revealed about the mass surveillance carried out by NSA and other countries intelligence agencies on every citizen of their country. The US Government has allotted a large share of its 'Black Budget' for secret surveillance programs and to make this happen, NSA has used a number of unethical ways and labelled as legal solutions, harvesting hundreds of millions of Metadata from emails, web activity, chats, social networks, and everything else around the world. The revelations encouraged Internet users think about their privacy and digital rights, and the time came when different organisations started several campaigns to block mass surveillance and fight back against the U.S. National Security Agency (NSA). RESET YOUR INTERNET PRIVACY RIGHTS A wider coalition of more than hundreds of Internet companies and civil liberties, environmental and political organizations is arriving together with a global call to “Reset the Net” that aimed to beat government and corporate surveillance on the web making mass Internet surveillance more difficult for the NSA and other spy agencies and governments. The campaign is similar to 'The Black-Out Day', the largest online protest in the history of the Internet, successfully carried out by Google, Wikipedia, Wordpress and many other companies to protest two federal bills, the Senate’s Protect IP Act and the House’s Stop Online Piracy Act (SOPA). Thousands of websites went dark over the internet to stop mass surveillance conducted by the government. But later the US government molded its Foreign Intelligence Surveillance Act in such a way that, now it legally allowed them to monitor Billions of calls in a day and tracking a million of the devices, and this is what we cannot allow them to make happen. The new campaign is organized by Fight for the Future, which is planning a day to "Reset the Net" by deploying new privacy tools and enhanced security measures on June 5, exactly a year after the first Edward Snowden revelation regarding the NSA’s PRISM program, based on documents the former NSA contractor provided to the media. The coalition includes Web sites such as Reddit, Boing Boing, Imgur, DuckDuckGo, the Free Software Foundation, CREDO Mobile, along with a number of organizations like the Freedom of the Press Foundation, Demand Progress, the Open Technology Institute, the Libertarian Party. "The NSA is exploiting weak links in Internet security to spy on the entire world, twisting the Internet we love into something it was never meant to be: a panopticon," they say. "We can't stop targeted attacks, but we *can* stop mass surveillance, by building proven security into the everyday Internet." HOW TO JOIN The groups are encouraging developers to add at least one NSA resistant feature to mobile apps and Internet users to use privacy and security tools such as a secure version of HTTP i.e. HTTPS, HTTP Strict Transport Security (HSTS), a Web security policy tool, and Perfect Forward Secrecy (PFS) which is a public key cryptography tool to better secure the communication of Internet users and fail government intelligence agencies’ man-in-the-middle attacks. “HTTPS, HSTS, and PFS are powerful tools that make mass spying much more difficult,” the groups state. “Until websites use them, we’re sunk: agencies like the NSA can spy on everything. Once they're ubiquitous, mass surveillance is much harder and more precarious—even if you’re the NSA.” The Government and NSA always defended their mass surveillance program as a part of the legal action, by saying that it is necessary and only carried out to target terrorists and related crimes just to protect the security of the nation. But we, sitting over here, are not fool to differentiate between the ‘security of the nation’ and ‘security of our privacy’. One has no right to risk other’s security to protect one’s own. So, will you all, who are reading this article right now, go back and sit relax? You should not. Go and protect your privacy and digital rights, and Join the campaign. We will not remain quiet now. Enough is Enough. Sursa:http://thehackernews.com
  3. e vorba despre o problema de contabilitate, care rezolvata in model matematic da error
  4. There is a good news for all Security researchers, Penetration testers and Hackers. The developers of one of the most advance open source operating system for penetration testing, 'KALI Linux' have announced yesterday the release of its latest version of Kali Linux 1.0.7 with some interesting features. Kali Linux is an open source Debian-based distribution for penetration testing and forensics that is maintained and funded by Offensive Security, a provider of world-class information security training and penetration testing services. In the beginning of this year, Offensive Security released Kali Linux 1.0.6 with Kernel version 3.12, and also added the Self Destruct feature that allows Kali users to encrypt the full hard disk to make the data inaccessible in an emergency case by entering a secret password at boot time. This latest Kali Linux 1.0.7 version added some more features to the last version, along with many new penetration testing and hacking tools. The new release includes the most stable and latest kernel i.e. Linux kernel 3.14 with bug fixes, performance improvement and hardware support. KALI LIVE USB PERSISTENCE ENCRYPTION The most attractive feature added to the latest Kali Linux release is ‘Live USB persistence encryption’, which allows you to create a bootable Kali Linux with persistent encrypted partition on USB drive, that gives you an option to securely save your changes on the USB drive even after the reboots. Kali Linux now offers two persistent options in the boot menu, as shown. One is an encrypted USB persistence partition and other one is unencrypted persistence partition. This was one of the most awaiting feature that now allows penetration testers and hackers to keep their data, customized scripts and favorite 3rd party hacking tools organized in the Live Kali Linux on bootable USB Sticks. UPGRADE KALI LINUX NOW! If you are already have Kali Installed onto your system, then there is no need to download and reinstall the latest updated version from scratch. Instead, you can use following commands to upgrade to Kali 1.0.7 easily: apt-get update apt-get dist-upgrade # If you've just updated your kernel, then: reboot The new release also includes ARM image scripts, and team has promised to provide some additional virtual machine images and custom ARM images in the near future. sursa: thehackersnews.com
  5. Dar asta nu inseamna ca tara in sine e devina, ci unele personaje care o conduc. Daca am schimba niste chestii, respectiv mentalitatea unor persoane, cu resursele(umane/naturale) oferite de aceasta tara am ajunge foarte sus. Ar fi foarte multe de punctat pe aceasta tema..
  6. sado

    Shared secret

    Unul cunoaste site-ul si altul parola .
  7. sado

    Placi dezvoltare

    Raspunsul pentru intrebarea de 1k point, este, 'to learn'. O voi folosi pentru a invata practicand. Pai, ceva care sa mearga pe calitate/performanta/stabilitate/suport/pret
  8. Ceva nouati in domeniu? Cei care sunt in domeniu, ar putea oferii niste informatii despre ce se foloseste acum? pe ce a(s)m putea arunca banii?
  9. sado

    Useful stuff

    1 2 http://www.geglobalresearch.com/blog/really-cool-models-of-ice-nucleation 3, ceva awesome gasesc si aici, http://www.arcaspace.com/
  10. Yahoo-owned Flickr, one of the biggest online photo management and sharing website in the world was recently impacted by critical web application vulnerabilities, which left website's database and server vulnerable hackers. Ibrahim Raafat, a security researcher from Egypt has found SQL injection vulnerabilities on Flickr Photo Books, new feature for printing custom photo books through Flickr that was launched 5 months ago. He claimed to have found two parameters (page_id , items) vulnerable to Blind SQL injectionand one (i.e. order_id) Direct SQL Injection that allowed him to query the Flickr database for its content by the injection of a SQL SELECT statements. A Successful SQL exploitation could allow an attacker to steal the Database and MYSQL administrator password. Furthermore, Flickr's SQL injection flaws also facilitate the attacker to exploit remote code execution on the server and using load_file(/etc/passwd) function he was successfully managed to read the content from the sensitive files on the Flickr server, as shown below: In addition to this, Ibrahim was able to write new files on the server that let him upload a custom 'code execution shell'. Video Demonstration: He reported the vulnerability to Yahoo which have been patched. Update: Yahoo awarded Ibrahim Raafatwith biggest bug bounty payout ever. He received $15,000 for reporting Flickr SQL injection and Remote code execution vulnerability. Source
  11. Imagine, You Open a Winrar archive of MP3 files, but what if it will install a malware into your system when you play anyone of them. WinRAR, a widely used file archiver and data compression utility helps hackers to distribute malicious code. Israeli security researcher Danor Cohen (An7i) discovered the WinRAR file extension spoofing vulnerability. WinRAR file extension spoofing vulnerability allows hackers to modify the filename and extension inside the traditional file archive, that helps them to hide binary malicious code inside an archive, pretending itself as '.jpg' , '.txt' or any other format. Using a Hex editor tool, he analysed a ZIP file and noticed that winrar tool also adds some custom properties to an archive, including two names - First name is the original filename (FAX.png) and second name is the filename (FAX.png) that will appear at the WINRAR GUI window. Danor manipulated the second filename and extension to prepare a special ZIP archive, that actually include a malware file "FAX.exe", but displaying itself as "FAX.png" to the user. Cyber intelligence company, IntelCrawler also published a report, which revealed that cybercriminals specialized in cyber espionage attacks are using this zero-day vulnerability in the wild to target several aerospace corporations, military subcontractors, embassies, as well as Fortune Global 500 companies. Using this technique, an attacker can drop any malware in very convincing manner to the victim's system. "Using this method the bad actors bypass some specific security measures including e-mail server’s antivirus systems" IntelCrawler said. Danor successfully exploited winrar version 4.20, and IntelCrawler confirmed that the vulnerability also works on all WinRar versions including v.5.1. HOW TO CREATE EXPLOITABLE ZIP FILE? A video demonstration has been prepared by Indian Security Researcher Ajin Abraham, shown below: "One of the chosen tactics includes malicious fake CV distribution and FOUO (For Official Use Only)-like documents, including fax scanned messages" Using social engineering techniques, attacker are targeting high profile victims with spear phishing mails, "Most of sent malicious attachments are hidden as graphical files, but password protected in order to avoid antivirus or IDS/IPS detection." IntelCrawler reported. In above example, the Malware archive file was password protected to avoid antivirus detection, used in an ongoing targeted cyber espionage campaign. Researchers found Zeus-like Trojan as an attachment, which has ability to establish remote administration channel with the infected victim, gather passwords and system information, then send the collected and stolen data to the Command & Control server hosted in Turkey (IP 185.9.159.211, Salay Telekomünikasyon). Users are advised to use an alternative archiving software and avoid opening archives with passwords even if it has legitimate files. Source
  12. 800 Million US based Credit and Debit cards compromised! Really it’s a big number and till now it has not been sized by the cyber security officials but a hacker group claims that they had stolen data on hundreds of millions of U.S. card accounts. Last week, the hacker group called itself Anonymous Ukraine (Op_Ukraine), said it has seized information pertained to 800 million U.S. credit and debit card accounts, including the cards’ data belong to U.S. President Obama and other political figures. The group says the intention behind this data theft is to harm the U.S. economy. The messages posted on March 24 shows clearly that they were by anti-American. The first message read, "After the USA showed its true face when she unilaterally decides which of the peoples to live independently and who under the yoke of the Federal Reserve, we decided to show the world who is behind the future collapse of the American banki ng system. We own all the financial information of the Fed. And even more than you think." The post was linked with four text files including the data sets of seven million card account that were from all the four card brands, Visa, MasterCard, Discover and American Express. On this, the four card companies didn’t comment until now, AmericanBanker.com reported. On March 26, Anonymous Ukraine tweeted that it had released account details for five million more credit cards, and the very next day, it posted the details of 20 million more card accounts. Investigators working for Battelle counted a total of 10.2 million card accounts details in these batches. "I would continue watching posts from the group, and checking their data dumps for validity," says Ernest Hampson, technical director for Battelle's cyber intelligence and counterintelligence group. "It's really important to keep an eye on your enemy, find out what they're interested in, what their motivation is, what their capabilities are. You have to have somebody out there watching the adversarial groups, watching inside these forums where they gather, and discuss and trade research back and forth, and discover where they're going next before they get there." The financial data breach has been investigated by two companies, the security provider Risk Based Security and the world’s largest nonprofit research and development organization, Battelle. The companies reported that the records produced as evidence of the breach by the group are incomplete, out of date or are fraudulent. The investigators were also unable to verify the 800 million accounts that the group claimed to have compromised, including those of the VIPs and political figures. Till now, the data threat doesn't appear to be as serious as the Target breach that occurred during the last Christmas holidays in which hackers were successfully able to obtain 40 million valid current credit cards’ details. But, yet the claims and any further releases of information by the hacker group is need to be revised and investigated, because these kind of claims serve as a reminder for the financial firms of the constant vigilance and collaboration. source
  13. https://rstforums.com/forum/79839-cum-sa-te-ascunzi-eficient.rst Atata imaginatie au unii, am intreb de ce nu o folosesc intr-un mod constructiv, auzi, robin-hood..
  14. haha, interesant ; si de ce ai tu dreptate si el nu?, cand discuti un subiect ce tine de o ''stiinta exacta'', trebuie sa aduci argumente reale si dovedite., ar fi multe de povestit despre acest subiect.. Sunt sigur ca majoritatea cunosc faptul ca traiectoria luni fata de pamant nu are o forma perfect rotunda. Ideea era ca acea traiectorie isi mareste distanta cu 4 cm/an.
  15. nu cumva universul este intr-o continua expansiune?
×
×
  • Create New...