Jump to content

KtLN

Active Members
  • Posts

    62
  • Joined

  • Last visited

Reputation

29 Excellent

About KtLN

  • Rank
    Newbie
    Newbie

Recent Profile Visitors

2871 profile views
  1. Actorul Adrian Nartea, din serialul „Vlad”, dar și cântăreți precum Jean de la Craiova și Gabriel Dorobanțu s-au trezit cu identitatea furată și fără bani în conturi. O grupare infracțională a reușit să ia numerele lor de telefon, conturile bancare, dar și cele de socializare, de pe care cereau anumite favoruri. În total, 50 de persoane s-au aflat în această situație, iar prejudiciul depășește 100.000 de lei. Suspecții au fost prinși de procurorii DIICOT, iar patru dintre ei au fost reținuți miercuri seară. Adi Nartea, actorul care interpretează personajul principal în serialul ”Vlad”, este unul dintre păgubiți. Povestește că într-o zi a rămas fără semnal la telefon. Neștiind ce se întâmplă, a luat mobilul soției și a sunat la compania de telefonie cu care are contract. Citește și Adi Nartea: ”Mi-au cerut să citesc practic acel ID number de pe cardul SIM. Ce aveam eu pe card, nu aveau ei în centrală. În sensul că seria number nu corespundea. Cineva a sunat în centrală și s-a dat drept persoana mea și a cerut validarea unui alt SIM blank, într-un alt telefon, în altă parte”. Liviu Arsene, specialist în amenințări informatice: ”În momentul în care reperează o altă cartelă cu altă cartela se pierde semnal, cartela veche pierde semnal. Fereastra de oportunitate e cât îi ia victimei să ajungă la un operator să schimbe cartela”. 45 de minute. Atât a durat în acest caz întreaga operațiune. Odată ce au făcut rost de numărul de telefon, infractorii și-au creat acces spre date confidențiale. Prin autentificarea în doi pași au reușit să schimbe parola la e-mail, primind un cod generat pe telefon. Liviu Arsene: ”Ai o copie de pe buletin, sigur ai facturi, contracte, date personale în diferite forme. Având acces la mail cu toate datele personale, CNP, serie, număr, au sunat la call center și spuneau că “mi-am pierdut parola de la e-banking”. După ce și-a atribuit identitatea persoanelor au solicitat băncilor resetarea parolelor conturilor de internet banking. 50 de persoane păgubite Așa au obținut accesul la conturi și au transferat bani, din conturile persoanelor vătămate, către ceilalți membrii ai grupului infracțional. Adi Nartea: “Am rămas fără acces la contul meu bancar, fără acces la e-mail și fără acces la conturile sociale, mai mult decât atât s-au inițiat tranzacții pe cardul meu în valoare de vreo 2.000 de euro. Nu cumpărau obiecte, cumpărau vouchere pe care le puteau folosi ulterior. Prin conturile sociale au efectuat niște postări de ajutorare pentru cazuri sociale și lumea s-a simțit datoarea să doneze și sunt oameni care chiar au donat. Impostorul practic a sunat prieteni din listă și le-a dat mesaj în privat să le dea bani. Stomatologului meu, unui prieten bun din Cluj, cerând bani să-i vireze lire pe Revolut, vreo 200 de lire, 300 de lire”. Escrocii ai păgubit 50 de persoane. Printre acestea s-au numărat și artiști precum Gabriel Dorobanțu și Jean de la Craiova, dar și tatăl Andreei Bălan. Prejudiciul total este de peste 100.000 de lei. Procurorii DIICOT au făcut în acest caz 12 percheziții pe raza județelor Brașov, Ilfov și în municipiul București. După audieri, miercuri seară, patru suspecți au fost reținuți și trei plasați sub control judiciar. 14 suspecți au fost prinși Anchetatorii au pus mâna pe nu mai puțin de 14 suspecți care le-au aflat numerele de telefon, e-mail-urile ori datele de acces la conturi. Și nu numai de pe rețele socializare, ci și de la bănci. Pe scurt, infractorii au aflat datele personale ale acestora - nume, data de naștere, cod numeric personal - și au cerut companiilor la care păgubiții au abonamente de telefonie mobilă să le schimbe cartelele SIM. Cu toate aceste informații și acces nelimitat la numărul de telefon al şi mail-ul victimei e foarte uşor să schimbi datele de acces la conturile bancare - spun experţii în securitate cibernetică. Prejudiciu de peste 100.000 de lei Ceea ce hoţii au şi făcut. A fost nevoie de o investigație îndelungată ca polițiștii să dea de cap acestei înșelăciuni informatice, care ne arată încă o dată cât de important este să păstram datele personale departe de public. Prejudiciul total este de peste 100.000 de lei. Iar procurorii DIICOT au făcut în acest caz 12 percheziții pe raza județelor Brașov, Ilfov și în municipiul București. sursa: https://stirileprotv.ro/stiri/actualitate/metoda-prin-care-au-fost-golite-conturile-vedetelor-din-romania-hotii-au-luat-peste-100-000-lei.html
  2. Sa moara ciprian de la sevilia daca am inteles ce ai scris
  3. Se poate face un reset din ce stiu eu.
  4. Daca am avea o putere paranormala o localizam..
  5. Recently, a shocking data breach incident surfaced online affecting millions of customers. It didn’t take long for the FBI to arrest the suspect. However, the subsequent investigations unveil more alarming facts regarding the breach. Now the victim firm now faces a lawsuit for failing to protect customers’ data. Nonetheless, it isn’t alone. Reportedly, GitHub also faces class-action lawsuit together with Capital One for ‘aiding’ the hacker. GitHub Faces Class-Action Lawsuit Following the aftermath of Capital One breach happened earlier this week, the firms involved in the incident, in one or the other way, are in trouble. Reportedly, a private law firm TYCKO & ZAVAREEI LLP has filed a class-action lawsuit against the firms on behalf of the 100 million individuals affected in the breach. The plaintiffs have not accused Capital One only. Rather GitHub also faces class-action lawsuit together with Capital One for aiding in the attack. This is due to the action of the suspect, Paige Thompson, who posted part of breached data on GitHub. At first, the complainants accuse GitHub of not alerting the victims. Nor did they remove the stolen data from their site. As stated in the lawsuit complaint, Moreover, they also accuse GitHub Inc. of not detecting the posting of hacked data, and not suspending the attacker’s account. Amazon Also Comes Into Limelight GitHub isn’t the only company backlashed because of Capital One breach. Recently, Republicans have launched an inquiry regarding the matter, where they also involve Amazon. As reported, the lawmakers on the House Oversight Committee have sent a letter to Jeff Bezos, CEO Amazon Inc., requesting a ‘staff-level briefing’. It is important to note that the suspect of this breach, Paige Thompson, is an ex-employee of Amazon. Sursa: https://latesthackingnews.com/2019/08/04/github-faces-class-action-lawsuit-in-capital-one-breach-amazon-faces-inquiry/
  6. Researchers have noticed a new malware targeting Windows systems. Termed SystemBC malware, it is becoming increasingly popular among the cybercriminals owing to its astounding maliciousness. What’s alarming for users is that it directly paves the way for more malware attacks. It means a SystemBC malware detection directly indicates the presence of a second infection as well. SystemBC Malware Attacks On A Rise According to researchers from Proofpoint, SystemBC malware attacks are seemingly gaining strength. Stating their findings in detail in a blog post, researchers reveal the infectious traits of the malware. The researchers caught this malware involved in several campaigns delivering other malware. They found the SystemBC served as proxy malware in these campaigns. In June 2019, the researchers noticed the presence of the malware in Fallout EK campaign and Fallout EK and PowerEnum campaign delivering Maze ransomware and Danabot banking Trojan respectively. Later, in July 2019, they found it present with Amadey Loader distributed via RIG EK campaign as well. Proofpoint also discovered an alleged advertisement regarding the malware, which made them believe its being sold on the “underground marketplace”. As stated in their blog, Source: Proofpoint They could also see screenshots of malware’s C&C panel, administrator panel, and the SystemBC builder with the advertisement. Written in C++, the malware, upon reaching the victim device, creates SOCKS5 proxies to let the attackers “hide the malicious traffic associated with the other malware”. The researchers have given a detailed technical analysis of the malware in their blog post. A Challenging Malware To Combat In the most recent instance, the researchers caught this malware infecting Windows systems. Owing to the unique property of hiding bad traffic and facilitating a second malware infection, the researchers deem it a challenging malware triggering new threats. Let us know your thoughts in the comments. Sursa: https://latesthackingnews.com/2019/08/03/systembc-malware-paves-the-way-for-other-malware-attacks/
  7. BeRoot is a post-exploitation tool to check for common misconfigurations which can allow an attacker to escalate their privileges. The main goal of BeRoot is to print only the information that has been found as a possible way for privilege escalation rather than a configuration assessment of the host by listing all services, all processes, all network connection, etc. This project works on Windows, Linux, and Mac OS. But in this demonstration, we will be working on Ubuntu Desktop. Downloading BeRoot It can be downloaded in the Kali Linux with the following command; git clone https://github.com/AlessandroZ/BeRoot.git Once the download completes, make sure you have python3 installed as it is a pre-requisite for running it. You need to navigate to its downloaded directory to run it; Running BeRoot We will first look for the help file; python3 beroot.py -h So it seems that this is a type of tool which directly runs with no necessary information in the help option. So I will run directly in the host’s shell. python3 beroot.py -h Now, it will try to analyze all the possible loopholes which could lead to the escalation of privileges using SUID bins, checking file permissions, sudo rules, NFS squashing, docker, and kernel exploits. As you observe now that it is showing the output of the configurations that could lead to the exploitation of privilege. So far I will check with one of the commands which the BeRoot had shown in the results if it is working or not; It worked successfully, it will also show another output command and exploits according to the operating system in the results. Sursa: https://latesthackingnews.com/2019/08/02/beroot-a-post-exploitation-privilege-escalation-tool/
  8. Cloakify Factory is a tool to transforms any file type into a list of harmless and even useless looking strings. This ability allows for you to hide a data file in plain sight and also transfer it over the network without triggering malware alerts. The functionality which Claokify utilizes is called text-based steganography that protects the data by making it look benign. The cloaked files defeat signature-based malware detection tools, DLP, etc. In this demonstration, we will be working on Kali Linux. Downloading Cloakify It can be downloaded in the Kali Linux with the following command; git clone https://github.com/TryCatchHCF/Cloakify.git Once the download completes, make sure you have python2.7 installed as it is a pre-requisite for running it. You need to navigate to its downloaded directory to run it; Running Cloakify Let’s run the tool by the following command; python cloakifyFactory.py So as it seems that Cloakify Factory has a menu-driven tool that leverages its script set. When you choose a file to Cloakify, it first converts it into theBase64-encode, then applies a ciphertext to generate a list that encodes the Base64 payload. And then the cloaked data can be transferred to your desired destination. Let’s start cloakifying it the file which contains by data which you can see below; Now I will encode this data. Now as the data is encoded, I will check for my output data file which was processed by Cloakify; As data is encoded, so now it as exfiltrated, choose Decloakify with the same cipher to decode the payload. Now check for the data, if it reverted to the original state or not. It worked successfully, as all the data get converted back to the actual state. Sursa: https://latesthackingnews.com/2019/07/30/cloakify-a-tool-to-mask-your-data-in-plain-sight/
  9. The innovativeness of hackers seems to have no end. Once again, they have worked out a means to evade security mechanisms to execute their phishing campaigns. This time, the attack exploits WeTransfer alerts to bypass email gateways. WeTransfer Alerts Phishing Campaign Researchers from Cofense have spotted another phishing campaign going on in the wild. This campaign exploits WeTransfer alerts to evade security measures. As explained in their blog post, the scammers abuse the WeTransfer file hosting service to bypass email gateways. The attack begins with emails reaching the victim’s mailbox made up as a WeTransfer notification for file sharing. The attackers seemingly use compromised email accounts for sending these phishing emails since these emails contain legit URLs to the WeTransfer service. Source: Cofense Clicking on these links redirects the victims to WeTransfer file-sharing webpages. These pages contain HTML or HTML files ready for download. Clicking on the files then redirect the user to the actual phishing sites. Source: Cofense Like any other phishing scam, this one too, upon reaching the last phase, requires the users to enter their Office 365 account credentials. Evasion Of Email Gateways Because of the presence of trusted WeTransfer links, these phishing emails usually succeed in evading most security checks. According to the researchers, Owing to this evasion strategy, despite being obvious, this phishing scam is likely to fool some users. Earlier, the same researchers also highlighted another phishing campaign that tends to bypass security checks. In that case, the researchers evaded all defense measures by using QR codes. Considering the growing number of such phishing attacks, each with a new strategy, it is imperative for users to “think twice” before clicking on any email they receive. Stay safe! Sursa: https://latesthackingnews.com/2019/07/29/phishing-campaign-exploits-wetransfer-alerts-to-bypass-email-gateways/
  10. Hm.. probabilitatea de a face ce zici tu este 0%. Facebook nu mai este o, oare care platforma sau investit bani grei in securitatea lui. Parerea mea !
  11. BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. The repository contains 2298 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. For more information, see theinstallation instructions. Also, news is published on our blog. Please note that BlackArch is a relatively new project. To report bugs and request new tools, please visit the issue tracker on Github, stop by IRC, or email us. The BlackArch Live ISO contains multiple window managers. Below you will find screenshots of a few of them. Sursa: https://blackarch.org/index.html
×
×
  • Create New...