Jump to content

gutui

Active Members
  • Content Count

    104
  • Joined

  • Last visited

  • Days Won

    2

gutui last won the day on October 22

gutui had the most liked content!

Community Reputation

36 Excellent

About gutui

  • Rank
    Active Member

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

1586 profile views
  1. Today we are going to more thoroughly address the Bloomberg Businessweek article alleging that China targeted 30 companies by inserting chips in the manufacturing process of Supermicro servers. Despite denials from named companies and the technology press casting some reasonable doubt on the story, Bloomberg doubled down and posted a follow-up article claiming a different hack took place. In this piece, we are going to present a critical view of Bloomberg’s claims, as supported by anonymous sources, in order to allow our readers to decide for themselves the credibility of Bloomberg’s reporting in this case. Technical Lightness or Inaccuracy This is a long article. In the first section, we are going to discuss why there are some fairly astounding plausibility and feasibility gaps in Bloomberg’s description of how the hacks worked. The weakness in this section of the Bloomberg article makes it extremely difficult to navigate and it is light on details. We are going to evaluate some of the parts in isolation, and also discuss some of the logical outcomes. In our first investigative piece, Bloomberg Reports China Infiltrated the Supermicro Supply Chain We Investigate, we went into some detail about why a motherboard and hardware for a motherboard is a very difficult way to hack a BMC. If you have not read our Explaining the Baseboard Management Controller or BMC in Servers that should be a precursor to reading the next section. STH has a relatively technically minded audience, so we are going to assume our audience has at least the knowledge imparted in that article. Read more. si ... Insecure Firmware Updates in Server Management Systems
  2. China's repeated hacking of the Internet Border Gateway Protocol (BGP): "China's Maxim ­ Leave No Access Point Unexploited: The Hidden Story of China Telecom's BGP Hijacking." Merge lecturata impreuna cu citeva articole mai vechi, Repeated attacks hijack huge chunks of Internet traffic, researchers warn , The New Threat: Targeted Internet Traffic Misdirection , The Emergence Of A Theme , Surveillance without Borders: The “Traffic Shaping” Loophole and Why It Matters si arhiva Snowden, tehnica folosita in Yemen.
  3. DeepLocker, a novel class of highly targeted and evasive attacks powered by artificial intelligence (AI). DeepLocker was developed as a proof of concept by IBM Research in order to understand how several AI and malware techniques already being seen in the wild could be combined to create a highly evasive new breed of malware, which conceals its malicious intent until it reached a specific victim. It achieves this by using a Deep Neural Network (DNN) AI-model to hide its attack payload in benign carrier applications, while the payload will only be unlocked if—and only if —the intended target is reached. DeepLocker leverages several attributes for target identification, including visual, audio, geolocation, and system-level features. In contrast to existing evasive and targeted malware, this method would make it extremely challenging to reverse engineer the benign carrier software and recover the mission-critical secrets, including the attack payload and the specifics of the target. blackhat presentation slides DeepLocker: How AI Can Power a Stealthy New Breed of Malware https://www.youtube.com/watch?v=UeMe_-5W8UY state sponsored cibercrime ?
  4. gutui

    US weapons systems can be 'easily hacked'

    Weapon Systems Cybersecurity:DOD Just Beginning to Grapple with Scale of VulnerabilitiesGAO-19-128: Published: Oct 9, 2018. Publicly Released: Oct 9, 2018. United States Government Accountability Office Highlights of GAO, a report to the Committee on Armed Services, U .S. Senate poate merita o privire si National Cyber Strategy, the United States of America, SEPTEMBER 2018 si DEPARTMENT OF DEFENSE, CYBER STRATEGY, 2018
  5. @dancezar Foarte buna intrebarea. posibil pe criterii de virsta si sex... legat de povestea asta eu nu am certitudini, am nelamuriri :) Si mai cred ca ar fi trebuit sa postez de la bun inceput urmatoarea asertiune: Este posibil sa ma insel, la fel de bine este posibil sa nu ma insel iar in acest caz, situatia devine "inconfortabila" pentru macar unul dintre cele 2 magazine virtuale, daca apare o sesizare insotita de probe, adresata catre Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal. Am postat mizindca in cazul ambelor siteuri, vor fi personaje care sa verifice daca au avut sau nu "scurgeriri" in bazele de date ale clientilor. Nu am nimic de dovedit, nimanui, nimic de reprosat.
  6. - nu cred ca as fi/fost infectat; -pe http://weleakinfo.com/ , Found 1 result in LinkedIn.com. -pe https://haveibeenpwned.com/ , Pwned on 1 breached site and found no pastes -parola mailului este total diferita de cea folosita pe cele 2 conturi de client la emag si pcgarage :D , reiterez nu parola contului de email a fost leaked, parola de client a magazinelor virtuale a fost.... iar parolele sint total diferite. sincer, crezi ca trag o concluzie pripita?
  7. Am primit pe contul de gmail, un mesaj : " Hello! I'm a member of an international hacker group. As you could probably have guessed, your account xxxx@gmail.com was hacked, because I sent message you from your account. Now I have access to all your accounts! For example, your password for xxxx@gmail.com: yyyyyy Within a period from July 31, 2018 to October 3, 2018, you were infected by the virus we've created, through an adult website you've visited. So far, we have access to your messages, social media accounts, and messengers. Moreover, we've gotten full damps of these data. We are aware of your little and big secrets...yeah, you do have them. We saw and recorded your doings on porn websites. Your tastes are so weird, you know.. But the key thing is that sometimes we recorded you with your webcam, syncing the recordings with what you watched! I think you are not interested show this video to your friends, relatives, and your intimate one... Transfer $800 to our Bitcoin wallet: 1PwENLsmQ2Z6b4EJfXDeeXKBj9v878uHRf If you don't know about Bitcoin please input in Google "buy BTC". It's really easy. I guarantee that after that, we'll erase all your "data" A timer will start once you read this message. You have 48 hours to pay the above-mentioned amount. Your data will be erased once the money are transferred. If they are not, all your messages and videos recorded will be automatically sent to all your contacts found on your devices at the moment of infection. You should always think about your security. We hope this case will teach you to keep secrets. Take care of yourself." Parola ce apare in mesaj nu este parola contului de gmail. Mi se pare interesant ca singurele locuri unde am folosit parola indicata in mesaj, sint profilele de client de pe pcgarage.ro si emag.ro , unde am utilizat-o impreuna cu adresa de gmail . In perioada iulie-octombrie nu m-am logat pe siteurile amintite. Parola nu a fost salvata pe deviceurile pe care le folosesc. ... cred ca ori pcgarage, ori emag au o problema ... p.s. Received: from [154.124.19.85] ([154.124.19.85]) by mx.google.com with ESMTP id d40-v6si12396077pla.217.2018.10.06.06.45.29 ... Senegal Dakar
  8. Mare coincidenta https://www.ecb.europa.eu/pub/pdf/other/ecb.tiber_eu_framework.en.pdf, chiar in perioada TIBER-EU test... da, chiar asa, o fi pe bune?
  9. gutui

    Scroll mouse

    https://www.pcgarage.ro/mouse-gaming/roccat/kit-lua-plus-kanga-mini/
  10. Researchers have discovered new variants of Spectre and Meltdown. The software mitigations for Spectre and Meltdown seem to block these variants, although the eventual CPU fixes will have to be expanded to account for these new attacks. via Bruce Schneier gasesc interesant si articolul The Future of Computing Depends on Making It Reversible, It’s time to embrace reversible computing, which could offer dramatic improvements in energy efficiency de Michael P. Frank , cit si un dialog postat de cititori: "I don't understand why they don't just make a separate processor for security sensitive concerns — one that's slower and auditable but still powerful enough to do nice things — and give that it's own physical bank of RAM, and allow it to simply communicate with the "crazy fast but side-channel-exfiltrateable" CPU(s). You know they did all of that right? Intel ships a Pentium-class CPU, with no speculative execution, inside every CPU. AMD has something too, I've heard rumors it's ARM. Too bad they did it exactly in the wrong way. They made an unauditable, unusable, trusted component (ME/PSP) that can compromise the main CPU. We can't remove their code, we can't put our own code there... but if we could, it would be exactly what you asked for. They're even advertising it as "for security"."
  11. gutui

    Cryptojacking Tesla

    e in trend, https://www.bloomberg.com/news/articles/2018-02-20/the-car-of-the-future-will-sell-your-data
  12. gutui

    Condamnare

    sa nu te simti atacat, te rog, in perceptia mea, un idiot teribilist. a comis ceva amendabil legal, probabil a produs si un prejudiciu, prejudiciu reparat, motiv pentru care s-a captusit cu citeva luni de bulau... e inspaimintat, vrea sa para tare... va fi infrint nu de colegii de celula, cadrele o vor face. procedural, au sanse maxime. sistemul o va face. va iesi "afara", o parte din fiinta intrata in sistemul de "reeducare", partea rea, partea permanent in garda, partea cu sindrom post traumatic, irecuperabila social. va fi cosmarul celor ce n-au fost "inauntru". daca e dobitoc, va recidiva, va sfirsi alcoolic, marginal... daca are un EQ balansat cu IQ-ul , cind va iesi, va fi cosmarul tau, al meu, al multora de aici, daca are si o componenta histrionica, inclin sa cred ca o are de vreme ce scriem pe acest topic. studiu de caz, SOV.
  13. gutui

    Decrypt password MD5 !

    e copil inca, un cintec de leagan ar trebui sa i se cinte, apoi ... trezit .... ...(later edit, ca sa nu se supere dariusgui97 ) in fine, ce ma amuza e ca incearca sa sparga o parola a cuiva despre care as putea paria ca scrie de pe o tastatura specifica tarilor francofone
  14. gutui

    Help for me ? Password decyrpt ?

    solutia ...
  15. The reason I smartened up my house was to find out whether it would betray me. confirma topice vechi de peste 4 ani,
×