Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

Community Reputation

28 Excellent

About KtLN

  • Rank
    Active Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. KtLN


    Good ❤️
  2. KtLN

    am nev d un progr

    Sa moara ciprian de la sevilia daca am inteles ce ai scris
  3. Se poate face un reset din ce stiu eu.
  4. Daca am avea o putere paranormala o localizam..
  5. Recently, a shocking data breach incident surfaced online affecting millions of customers. It didn’t take long for the FBI to arrest the suspect. However, the subsequent investigations unveil more alarming facts regarding the breach. Now the victim firm now faces a lawsuit for failing to protect customers’ data. Nonetheless, it isn’t alone. Reportedly, GitHub also faces class-action lawsuit together with Capital One for ‘aiding’ the hacker. GitHub Faces Class-Action Lawsuit Following the aftermath of Capital One breach happened earlier this week, the firms involved in the incident, in one or the other way, are in trouble. Reportedly, a private law firm TYCKO & ZAVAREEI LLP has filed a class-action lawsuit against the firms on behalf of the 100 million individuals affected in the breach. The plaintiffs have not accused Capital One only. Rather GitHub also faces class-action lawsuit together with Capital One for aiding in the attack. This is due to the action of the suspect, Paige Thompson, who posted part of breached data on GitHub. At first, the complainants accuse GitHub of not alerting the victims. Nor did they remove the stolen data from their site. As stated in the lawsuit complaint, Moreover, they also accuse GitHub Inc. of not detecting the posting of hacked data, and not suspending the attacker’s account. Amazon Also Comes Into Limelight GitHub isn’t the only company backlashed because of Capital One breach. Recently, Republicans have launched an inquiry regarding the matter, where they also involve Amazon. As reported, the lawmakers on the House Oversight Committee have sent a letter to Jeff Bezos, CEO Amazon Inc., requesting a ‘staff-level briefing’. It is important to note that the suspect of this breach, Paige Thompson, is an ex-employee of Amazon. Sursa: https://latesthackingnews.com/2019/08/04/github-faces-class-action-lawsuit-in-capital-one-breach-amazon-faces-inquiry/
  6. Researchers have noticed a new malware targeting Windows systems. Termed SystemBC malware, it is becoming increasingly popular among the cybercriminals owing to its astounding maliciousness. What’s alarming for users is that it directly paves the way for more malware attacks. It means a SystemBC malware detection directly indicates the presence of a second infection as well. SystemBC Malware Attacks On A Rise According to researchers from Proofpoint, SystemBC malware attacks are seemingly gaining strength. Stating their findings in detail in a blog post, researchers reveal the infectious traits of the malware. The researchers caught this malware involved in several campaigns delivering other malware. They found the SystemBC served as proxy malware in these campaigns. In June 2019, the researchers noticed the presence of the malware in Fallout EK campaign and Fallout EK and PowerEnum campaign delivering Maze ransomware and Danabot banking Trojan respectively. Later, in July 2019, they found it present with Amadey Loader distributed via RIG EK campaign as well. Proofpoint also discovered an alleged advertisement regarding the malware, which made them believe its being sold on the “underground marketplace”. As stated in their blog, Source: Proofpoint They could also see screenshots of malware’s C&C panel, administrator panel, and the SystemBC builder with the advertisement. Written in C++, the malware, upon reaching the victim device, creates SOCKS5 proxies to let the attackers “hide the malicious traffic associated with the other malware”. The researchers have given a detailed technical analysis of the malware in their blog post. A Challenging Malware To Combat In the most recent instance, the researchers caught this malware infecting Windows systems. Owing to the unique property of hiding bad traffic and facilitating a second malware infection, the researchers deem it a challenging malware triggering new threats. Let us know your thoughts in the comments. Sursa: https://latesthackingnews.com/2019/08/03/systembc-malware-paves-the-way-for-other-malware-attacks/
  7. BeRoot is a post-exploitation tool to check for common misconfigurations which can allow an attacker to escalate their privileges. The main goal of BeRoot is to print only the information that has been found as a possible way for privilege escalation rather than a configuration assessment of the host by listing all services, all processes, all network connection, etc. This project works on Windows, Linux, and Mac OS. But in this demonstration, we will be working on Ubuntu Desktop. Downloading BeRoot It can be downloaded in the Kali Linux with the following command; git clone https://github.com/AlessandroZ/BeRoot.git Once the download completes, make sure you have python3 installed as it is a pre-requisite for running it. You need to navigate to its downloaded directory to run it; Running BeRoot We will first look for the help file; python3 beroot.py -h So it seems that this is a type of tool which directly runs with no necessary information in the help option. So I will run directly in the host’s shell. python3 beroot.py -h Now, it will try to analyze all the possible loopholes which could lead to the escalation of privileges using SUID bins, checking file permissions, sudo rules, NFS squashing, docker, and kernel exploits. As you observe now that it is showing the output of the configurations that could lead to the exploitation of privilege. So far I will check with one of the commands which the BeRoot had shown in the results if it is working or not; It worked successfully, it will also show another output command and exploits according to the operating system in the results. Sursa: https://latesthackingnews.com/2019/08/02/beroot-a-post-exploitation-privilege-escalation-tool/
  8. Cloakify Factory is a tool to transforms any file type into a list of harmless and even useless looking strings. This ability allows for you to hide a data file in plain sight and also transfer it over the network without triggering malware alerts. The functionality which Claokify utilizes is called text-based steganography that protects the data by making it look benign. The cloaked files defeat signature-based malware detection tools, DLP, etc. In this demonstration, we will be working on Kali Linux. Downloading Cloakify It can be downloaded in the Kali Linux with the following command; git clone https://github.com/TryCatchHCF/Cloakify.git Once the download completes, make sure you have python2.7 installed as it is a pre-requisite for running it. You need to navigate to its downloaded directory to run it; Running Cloakify Let’s run the tool by the following command; python cloakifyFactory.py So as it seems that Cloakify Factory has a menu-driven tool that leverages its script set. When you choose a file to Cloakify, it first converts it into theBase64-encode, then applies a ciphertext to generate a list that encodes the Base64 payload. And then the cloaked data can be transferred to your desired destination. Let’s start cloakifying it the file which contains by data which you can see below; Now I will encode this data. Now as the data is encoded, I will check for my output data file which was processed by Cloakify; As data is encoded, so now it as exfiltrated, choose Decloakify with the same cipher to decode the payload. Now check for the data, if it reverted to the original state or not. It worked successfully, as all the data get converted back to the actual state. Sursa: https://latesthackingnews.com/2019/07/30/cloakify-a-tool-to-mask-your-data-in-plain-sight/
  9. The innovativeness of hackers seems to have no end. Once again, they have worked out a means to evade security mechanisms to execute their phishing campaigns. This time, the attack exploits WeTransfer alerts to bypass email gateways. WeTransfer Alerts Phishing Campaign Researchers from Cofense have spotted another phishing campaign going on in the wild. This campaign exploits WeTransfer alerts to evade security measures. As explained in their blog post, the scammers abuse the WeTransfer file hosting service to bypass email gateways. The attack begins with emails reaching the victim’s mailbox made up as a WeTransfer notification for file sharing. The attackers seemingly use compromised email accounts for sending these phishing emails since these emails contain legit URLs to the WeTransfer service. Source: Cofense Clicking on these links redirects the victims to WeTransfer file-sharing webpages. These pages contain HTML or HTML files ready for download. Clicking on the files then redirect the user to the actual phishing sites. Source: Cofense Like any other phishing scam, this one too, upon reaching the last phase, requires the users to enter their Office 365 account credentials. Evasion Of Email Gateways Because of the presence of trusted WeTransfer links, these phishing emails usually succeed in evading most security checks. According to the researchers, Owing to this evasion strategy, despite being obvious, this phishing scam is likely to fool some users. Earlier, the same researchers also highlighted another phishing campaign that tends to bypass security checks. In that case, the researchers evaded all defense measures by using QR codes. Considering the growing number of such phishing attacks, each with a new strategy, it is imperative for users to “think twice” before clicking on any email they receive. Stay safe! Sursa: https://latesthackingnews.com/2019/07/29/phishing-campaign-exploits-wetransfer-alerts-to-bypass-email-gateways/
  10. Hm.. probabilitatea de a face ce zici tu este 0%. Facebook nu mai este o, oare care platforma sau investit bani grei in securitatea lui. Parerea mea !
  11. BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. The repository contains 2298 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. For more information, see theinstallation instructions. Also, news is published on our blog. Please note that BlackArch is a relatively new project. To report bugs and request new tools, please visit the issue tracker on Github, stop by IRC, or email us. The BlackArch Live ISO contains multiple window managers. Below you will find screenshots of a few of them. Sursa: https://blackarch.org/index.html
  12. Hmh... greseala a fost in mare parte a lui. Stia ca este urmarit de atatia oameni trebuia sa fie mai precaut la datele sensibile... Asta este o lectie pe care multi trebuie sa o invatam parerea mea.
  • Create New...