Jump to content

KtLN

Active Members
  • Content Count

    54
  • Joined

  • Last visited

Community Reputation

24 Excellent

About KtLN

  • Rank
    Active Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Daca am avea o putere paranormala o localizam..
  2. Recently, a shocking data breach incident surfaced online affecting millions of customers. It didn’t take long for the FBI to arrest the suspect. However, the subsequent investigations unveil more alarming facts regarding the breach. Now the victim firm now faces a lawsuit for failing to protect customers’ data. Nonetheless, it isn’t alone. Reportedly, GitHub also faces class-action lawsuit together with Capital One for ‘aiding’ the hacker. GitHub Faces Class-Action Lawsuit Following the aftermath of Capital One breach happened earlier this week, the firms involved in the incident, in one or the other way, are in trouble. Reportedly, a private law firm TYCKO & ZAVAREEI LLP has filed a class-action lawsuit against the firms on behalf of the 100 million individuals affected in the breach. The plaintiffs have not accused Capital One only. Rather GitHub also faces class-action lawsuit together with Capital One for aiding in the attack. This is due to the action of the suspect, Paige Thompson, who posted part of breached data on GitHub. At first, the complainants accuse GitHub of not alerting the victims. Nor did they remove the stolen data from their site. As stated in the lawsuit complaint, Moreover, they also accuse GitHub Inc. of not detecting the posting of hacked data, and not suspending the attacker’s account. Amazon Also Comes Into Limelight GitHub isn’t the only company backlashed because of Capital One breach. Recently, Republicans have launched an inquiry regarding the matter, where they also involve Amazon. As reported, the lawmakers on the House Oversight Committee have sent a letter to Jeff Bezos, CEO Amazon Inc., requesting a ‘staff-level briefing’. It is important to note that the suspect of this breach, Paige Thompson, is an ex-employee of Amazon. Sursa: https://latesthackingnews.com/2019/08/04/github-faces-class-action-lawsuit-in-capital-one-breach-amazon-faces-inquiry/
  3. Researchers have noticed a new malware targeting Windows systems. Termed SystemBC malware, it is becoming increasingly popular among the cybercriminals owing to its astounding maliciousness. What’s alarming for users is that it directly paves the way for more malware attacks. It means a SystemBC malware detection directly indicates the presence of a second infection as well. SystemBC Malware Attacks On A Rise According to researchers from Proofpoint, SystemBC malware attacks are seemingly gaining strength. Stating their findings in detail in a blog post, researchers reveal the infectious traits of the malware. The researchers caught this malware involved in several campaigns delivering other malware. They found the SystemBC served as proxy malware in these campaigns. In June 2019, the researchers noticed the presence of the malware in Fallout EK campaign and Fallout EK and PowerEnum campaign delivering Maze ransomware and Danabot banking Trojan respectively. Later, in July 2019, they found it present with Amadey Loader distributed via RIG EK campaign as well. Proofpoint also discovered an alleged advertisement regarding the malware, which made them believe its being sold on the “underground marketplace”. As stated in their blog, Source: Proofpoint They could also see screenshots of malware’s C&C panel, administrator panel, and the SystemBC builder with the advertisement. Written in C++, the malware, upon reaching the victim device, creates SOCKS5 proxies to let the attackers “hide the malicious traffic associated with the other malware”. The researchers have given a detailed technical analysis of the malware in their blog post. A Challenging Malware To Combat In the most recent instance, the researchers caught this malware infecting Windows systems. Owing to the unique property of hiding bad traffic and facilitating a second malware infection, the researchers deem it a challenging malware triggering new threats. Let us know your thoughts in the comments. Sursa: https://latesthackingnews.com/2019/08/03/systembc-malware-paves-the-way-for-other-malware-attacks/
  4. BeRoot is a post-exploitation tool to check for common misconfigurations which can allow an attacker to escalate their privileges. The main goal of BeRoot is to print only the information that has been found as a possible way for privilege escalation rather than a configuration assessment of the host by listing all services, all processes, all network connection, etc. This project works on Windows, Linux, and Mac OS. But in this demonstration, we will be working on Ubuntu Desktop. Downloading BeRoot It can be downloaded in the Kali Linux with the following command; git clone https://github.com/AlessandroZ/BeRoot.git Once the download completes, make sure you have python3 installed as it is a pre-requisite for running it. You need to navigate to its downloaded directory to run it; Running BeRoot We will first look for the help file; python3 beroot.py -h So it seems that this is a type of tool which directly runs with no necessary information in the help option. So I will run directly in the host’s shell. python3 beroot.py -h Now, it will try to analyze all the possible loopholes which could lead to the escalation of privileges using SUID bins, checking file permissions, sudo rules, NFS squashing, docker, and kernel exploits. As you observe now that it is showing the output of the configurations that could lead to the exploitation of privilege. So far I will check with one of the commands which the BeRoot had shown in the results if it is working or not; It worked successfully, it will also show another output command and exploits according to the operating system in the results. Sursa: https://latesthackingnews.com/2019/08/02/beroot-a-post-exploitation-privilege-escalation-tool/
  5. Cloakify Factory is a tool to transforms any file type into a list of harmless and even useless looking strings. This ability allows for you to hide a data file in plain sight and also transfer it over the network without triggering malware alerts. The functionality which Claokify utilizes is called text-based steganography that protects the data by making it look benign. The cloaked files defeat signature-based malware detection tools, DLP, etc. In this demonstration, we will be working on Kali Linux. Downloading Cloakify It can be downloaded in the Kali Linux with the following command; git clone https://github.com/TryCatchHCF/Cloakify.git Once the download completes, make sure you have python2.7 installed as it is a pre-requisite for running it. You need to navigate to its downloaded directory to run it; Running Cloakify Let’s run the tool by the following command; python cloakifyFactory.py So as it seems that Cloakify Factory has a menu-driven tool that leverages its script set. When you choose a file to Cloakify, it first converts it into theBase64-encode, then applies a ciphertext to generate a list that encodes the Base64 payload. And then the cloaked data can be transferred to your desired destination. Let’s start cloakifying it the file which contains by data which you can see below; Now I will encode this data. Now as the data is encoded, I will check for my output data file which was processed by Cloakify; As data is encoded, so now it as exfiltrated, choose Decloakify with the same cipher to decode the payload. Now check for the data, if it reverted to the original state or not. It worked successfully, as all the data get converted back to the actual state. Sursa: https://latesthackingnews.com/2019/07/30/cloakify-a-tool-to-mask-your-data-in-plain-sight/
  6. The innovativeness of hackers seems to have no end. Once again, they have worked out a means to evade security mechanisms to execute their phishing campaigns. This time, the attack exploits WeTransfer alerts to bypass email gateways. WeTransfer Alerts Phishing Campaign Researchers from Cofense have spotted another phishing campaign going on in the wild. This campaign exploits WeTransfer alerts to evade security measures. As explained in their blog post, the scammers abuse the WeTransfer file hosting service to bypass email gateways. The attack begins with emails reaching the victim’s mailbox made up as a WeTransfer notification for file sharing. The attackers seemingly use compromised email accounts for sending these phishing emails since these emails contain legit URLs to the WeTransfer service. Source: Cofense Clicking on these links redirects the victims to WeTransfer file-sharing webpages. These pages contain HTML or HTML files ready for download. Clicking on the files then redirect the user to the actual phishing sites. Source: Cofense Like any other phishing scam, this one too, upon reaching the last phase, requires the users to enter their Office 365 account credentials. Evasion Of Email Gateways Because of the presence of trusted WeTransfer links, these phishing emails usually succeed in evading most security checks. According to the researchers, Owing to this evasion strategy, despite being obvious, this phishing scam is likely to fool some users. Earlier, the same researchers also highlighted another phishing campaign that tends to bypass security checks. In that case, the researchers evaded all defense measures by using QR codes. Considering the growing number of such phishing attacks, each with a new strategy, it is imperative for users to “think twice” before clicking on any email they receive. Stay safe! Sursa: https://latesthackingnews.com/2019/07/29/phishing-campaign-exploits-wetransfer-alerts-to-bypass-email-gateways/
  7. Hm.. probabilitatea de a face ce zici tu este 0%. Facebook nu mai este o, oare care platforma sau investit bani grei in securitatea lui. Parerea mea !
  8. BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. The repository contains 2298 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. For more information, see theinstallation instructions. Also, news is published on our blog. Please note that BlackArch is a relatively new project. To report bugs and request new tools, please visit the issue tracker on Github, stop by IRC, or email us. The BlackArch Live ISO contains multiple window managers. Below you will find screenshots of a few of them. Sursa: https://blackarch.org/index.html
  9. Bine rau ai gasit
  10. Hmh... greseala a fost in mare parte a lui. Stia ca este urmarit de atatia oameni trebuia sa fie mai precaut la datele sensibile... Asta este o lectie pe care multi trebuie sa o invatam parerea mea.
  11. A hacker broke into Bulgaria's largest tax database, and stole the financial details of every working adult in the country, before releasing them online. In their search for the perpetrator, police arrested 20-year-old Kristian Boykov last Tuesday, charging him with committing a computer crime against critical infrastructure on Wednesday, Reuters reported. Sofia City Prosecutor's Office allege Boykov hacked the National Revenue Agency (NRA) database in June, taking the social security, bank, and salary information of five million taxpaying Bulgarians. Bulgaria's National Revenue Agency building in Sofia. Reuters Police raided Boykov's home in Sofia on Wednesday and seized computer devices containing encrypted data, Reuters reported. Yavor Kolev, head of the police's cybersecurity unit, said the evidence "suggests that the suspect is connected to the crime." Read more: 7 things you can hire a hacker to do and how much it will (generally) cost Boykov's initial charge, which could have seen him face a maximum of eight years in jail, was downgraded by the prosecutor's office on Thursday due to a "lack of previous criminal record, his good character, and young age," the Sofia News Agency reported. He could now face three years in jail on one charge of committing a crime against an information system. Boykov's lawyer, Georgi Stefanov, told Reuters his client denies the charge. The hack is the country's biggest-ever data breach, and the government may fine the NRA €20 million ($22.4 million) over it. Bulgarian blogger and political analyst Asen Genov told CNN: "We should all be angry ... The information is now freely available to anyone." "Many, many people in Bulgaria already have this file, and I believe that it's not only in Bulgaria." Sursa: https://www.businessinsider.com/hacker-steals-personal-data-every-taxpayer-bulgaria-2019-7
  12. Reconnoitre is a tool that was created to automate routine actions within the OSCP lab environment. It is a simple script, which can automate information gathering and service enumeration. It searches for the live hosts, and performs a scan on the hosts that are found, enumerates its detected services and sends commands to it. The tool can discover virtual hosts running on the targeted system. The information is stored methodically by creating a directory like structure to store the findings, results, and methodologies used for each host, recommended commands to execute and the directory structures for storing loot and flags. Downloading and Installing Reconnoitre It can be downloaded in the Kali Linux with the following command; git clone https://github.com/codingo/Reconnoitre.git Once the download completes, make sure you have python3 installed as it is a pre-requisite for the installation. You need to navigate to its downloaded directory and install it using the command given below; python3 setup.py install Running Reconnoitre We will first look for the help file; reconnoitre -h You can see that it is a simplified tool with many awesome functions. In this example, we will use some basic options, like starting with the service enumeration and saving the result in a directory with them. Start the quick service enumeration scan with; reconnoitre -t <IP ADDRESS> --services --quick -o /root The result can be seen from the directory which was mentioned in the -o argument; The above performed a quick scan on the target and provided numerous useful results in an easily readable format, now scan for the target’s hostname; Sursa: https://latesthackingnews.com/2019/07/23/reconnoitre-a-multithreaded-enumeration-tool/
  13. KtLN

    s10 sau nu

    Iati un Samsung cred ca isi merita bani + au o autonomie a bateriei mult mai ridicata fata de Iphone.
  14. InfoG is a Shellscript used to gather information about a target. It allows the ethical hacker to gather information during the initial phases of a penetration test. The tool has many features. Some are as follows: Check Website info Check Phone info IP Tracker Check Valid E-mail Check if site is Up/Down Check internet speed Check Personal info Find IP behind Cloudflare Find Subdomains Port Scan (Multi-threaded) Check CMS Check DNS leaking Let’s Get Started! First, we need to install the tool by typing the following command: git clone https://github.com/thelinuxchoice/infog Then we change directory to infog by typing the following command: cd infog Now, we want to see the content of the directory, so we type the following command: ls Your screen should look like that: Then we run the tool by typing the following command: bash infog.sh The tool will start, and your screen should look like that: Then, we have a look at the options that are offered by the tool. You can choose any option of your choice. As a first test, we are going to check whether the website is up or down. So we type: 5 The tool will prompt us to enter the target website. You can type any website of your choice (where you are authorized to do so). In our case, we type: www.certifiedhacker.com The tool will run the test and will return the results. Your screen should look like that: The remote host is up. As shown in the above screen shot, the tool printed Site is Up ! Let’s try another test Now, we want to check the open ports of a given website. Again, we type: bash infog.sh then we select option 12 by typing: 12 After selecting the option, the tool will prompt us to enter the host. So we enter the following: www.certifiedhacker.com The tool will ask us if we want to scan a single port or a port range. We select port range, by typing the following: 2 Then, the tool will prompt us to enter the range of the ports that we would like to scan. In our case, we want to scan from port number 1 to 1000. So we type: 1-1000 Then the tool prompts us to enter the number of threads. The tool’s default is 10. So we keep it at 10 by typing the following: 10 If you successfully managed to follow the steps, your screen should look like that: Then our scan will start. And your screen should look like the following screenshots: In the above screenshots, the tool is scanning different ports, and it is flagging out the open ones as the scan progresses. At the end of the scan, the tool will give us a summary of the discovered open ports. In our case, the scanner printed the following: There are many other features and options to explore within this tool. Sursa: https://latesthackingnews.com/2019/05/13/infog-v1-0-an-open-source-information-gathering-tool/
  15. da ati facut treaba ala mi-a dat si mie pm sa ii fac sa ii dau codu si dupa imi plateste
×
×
  • Create New...