Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


livebox last won the day on January 5

livebox had the most liked content!

Community Reputation

22 Excellent

About livebox

  • Rank

Profile Information

  • Location
    Vaslui California
  • Interests

Recent Profile Visitors

434 profile views
  1. Check Point specialists published a report on serious vulnerabilities in the popular TikTok application. With their help, attackers could not only steal user data, but also manipulate their status in the profile and video. In particular, vulnerabilities allowed you to access other people's accounts and manipulate their content, delete and upload videos, make hidden videos visible to everyone, and disclose personal information stored in your account (for example, email address). In a study of application security, experts found that the TikTok website allows you to send SMS messages to any phone number on your behalf. An attacker can spoof a message by changing the download_url parameter in an intercepted HTTP request, insert any link, including a malicious one, and send it to the user on behalf of the TikTok team. An attacker can re-engineer a fake link and send TikTok requests along with the victim's cookies. Other vulnerabilities discovered by researchers can be exploited here. Even without cross-site request forgery, an attacker can execute JavaScript code and perform actions on behalf of the user. Using a combination of POST and GET requests, an attacker can change the privacy settings of hidden videos, create new videos and publish them to the victim's account. Running JavaScript code also allows you to obtain victim’s personal information through existing API calls, but for this, the attacker will first have to bypass the SOP (domain restriction rule) and CORS (resource sharing between different sources) security mechanisms. The application developer fixed the vulnerabilities before the publication of the researchers report. Source: https://www.securitylab.ru/news/503899.php
  2. Vulnerabilities in software that allow compromising the system without user intervention (for example, without clicking on a malicious link by the victim) are of great interest to security researchers. Experts from Google Project Zero, who have devoted the study of this issue over the past few months, are no exception. On Thursday, January 9, Google Project Zero security researcher Samuel Gross of Google Project Zero demonstrated how you can remotely hack your iPhone, access passwords, messages, email and activate the camera with a microphone with just one Apple ID in a few minutes. The researcher described his attack method in three separate articles on the Google Project Zero blog. The first provides technical details about the vulnerability, the second describes how to hack ASLR, and the third explains how to remotely execute code on an attacked device bypassing the sandbox. During the attack, Gross exploited the only vulnerability in iOS 12.4 (CVE-2019-8641), fixed by Apple in August last year with the release of iOS 12.4.1. With its help, he circumvented ASLR technology, designed to complicate the operation of certain types of vulnerabilities. ASLR provides for changing the location in the process address space of important data structures (executable file images, loaded libraries, heaps and stacks). However, the attack demonstrated by Gross casts doubt on the effectiveness of ASLR. “The study was mainly motivated by the following question: is it possible to use remote vulnerability for memory corruption to achieve remote code execution on iPhone without using other vulnerabilities and without any user interaction? A series of publications on this blog proves that yes, it is indeed possible, ”Gross said. Source: https://www.securitylab.ru/news/503917.php
  3. On New Year's Eve, REvil ransomware operators (also known as Sodinokibi) attacked the computer systems of the exchange provider Travelex, as a result of which the British banks Lloyds, Barclays, HSBC and Royal Bank of Scotland were unable to process the transactions. Initially, cybercriminals demanded a ransom of $ 3 million in exchange for encrypted customer data, but now the amount has doubled and amounts to $ 6 million. According to Travelex representatives, the security system blocked the data as a “precaution” immediately after the virus was detected, and the client’s data didn’t were compromised. “At present, we are blocking the virus and are working to restore our systems to resume normal operation as soon as possible. The Travelex network continues to provide manual currency exchange services, ”Travelex said. As the BBC reported, citing criminals, the attackers downloaded 5 GB of data about the exchange’s customers and plan to sell them in six days if the exchange does not pay the ransom. Travelex has partnered with the UK's National Crime Agency (NCA) and the London metropolitan police to conduct a criminal investigation into the incident. Source: https://www.securitylab.ru/news/503937.php
  4. Recomand http://1vpns.ru/ . AES256-SHA protocol, 4096bit RSA / AES256-GCM, 384bit ECC.
  5. NVIDIA corrected a serious bug in the program GeForce Experience, designed for the rapid update of video card drivers, optimization of settings and streaming of the game process. The vulnerability allows an attacker to expand their privileges on Windows or cause a computer malfunction. As follows from the vendor's bulletin, the problem occurs when the GameStream function is enabled, which provides broadcasting of the game to TV set-top boxes, tablets and PCs. In this case, an attacker with local access to a computer can damage one of the system files and cause a denial of service condition or obtain permissions that are outside the scope of his set of rights. Bug in GeForce Experience can be operated without user intervention The vulnerability is registered as CVE-2019-5702 and is rated by the vendor at 8.4 points on the CVSS scale. Such a high rating is due to the fact that the operation does not require interaction with the user of the system, as well as the availability of special knowledge or skills. Information security specialists note that the use of additional malware allows you to conduct an attack remotely. The disadvantage is present in all previous versions of GeForce Experience; the patch is included in release 3.20.2, which can be downloaded from the geforce.com downloads page or retrieved automatically when you open the client. NVIDIA representatives recommend that all users of the program upgrade to a safer build. The vendor thanked the Japanese researcher RyotaK , who discovered the vulnerability and reported it to the manufacturer. In November of this year, NVIDIA already patched bugs in the GeForce Experience. One of the drawbacks, like CVE-2019-5702, was related to the GameStream service. The error, which received 7.8 points on the CVSS scale, allowed escalation of privileges by running third-party code. The result of the attack could be a leak of confidential information, as well as a system failure. The problem arose because of the possibility of loading a third-party DLL that was not signed by a legitimate developer. Source: https://threatpost.ru/nvidia-geforce-experience-update-patches-dos-eop-vuln/35124/
  6. Stiu ca este slow , dar m-am gandit ca il poate ajuta .. mai ales ca este free ..
  7. https://github.com/thelinuxchoice/antiflood/blob/master/antiflood.sh
  8. Ryuk ransomware developers have released a new version of the program that bypasses the folders that are most often found on UNIX-like systems. According to the Bleeping Computer portal, the attack on New Orleans (Louisiana, USA), which took place earlier this month, used the Ryuk version with the name of the executable file v2.exe. Security researcher Vitaly Kremez studied it and discovered an interesting change - the ransomware stopped encrypting folders associated with UNIX-like systems. In particular, bin, boot, Boot, Dev, etc, lib, initrd, sbin, sys, vmlinuz, run, and var were included in the blacklist of folders Ryuk now bypasses. It would seem, why should ransomware for Windows blacklist folders of UNIX-like systems? There is no Linux / Unix version of Ryuk, however, there are cases when Linux folders were encrypted as a result of ransomware attacks. The fact is that in Windows 10 there is a WSL function (Windows subsystem for Linux) that allows you to install Linux distributions directly on Windows machines, and these settings just use the folders listed above. Due to the growing popularity of WSL as a result of attacks using Ryuk, Linux folders were also increasingly encrypted. When the ransomware encrypts these folders, the Linux installations stop working. The goal of ransomware operators is to encrypt user data, rather than disabling the operating system. Having blacklisted Linux folders, Ryuk operators saved themselves from the additional headache associated with restoring the system after a victim has paid the ransom. Source: https://www.securitylab.ru/news/503738.php
  9. Kaspersky Lab analysts reported a series of attacks on financial and telecommunications companies in Eastern Europe and Central Asia. Criminals used the vulnerability of corporate VPN services to steal credentials to access financial information. According to researchers, the attackers tried to withdraw from the accounts of several tens of millions of dollars. The vulnerability CVE-2019-11510 , which was exploited by cybercriminals, is contained in the Pulse Connect Secure and Pulse Policy Secure solutions. They are used in hybrid IT infrastructures to control access to corporate resources. Security issues in these products became known back in April. The developers talked about a series of errors that allowed criminals access to private data, allowed them to increase their privileges and execute third-party code in the attacked systems. In August, experts warned that criminals began to probe the Internet in search of vulnerable Pulse Connect Secure hosts. According to researchers, the circle of possible victims at that time included more than 2.5 thousand large corporations, companies from the housing and communal services sector, state organizations, hospitals and universities. At the same time, the total number of VPN servers at risk reached 14.5 thousand. By the end of December, the number of unpatched systems dropped to 3.9 thousand. Most of them remain in the USA (1.3 thousand), followed by Japan (409), Great Britain (228), South Korea (206) and France (186). Russia is at the end of the ranking - researchers counted only 12 vulnerable hosts here. According to Kaspersky, Russian-speaking cybercriminals may be behind recently discovered incidents. The researchers made this conclusion after studying the techniques and tactics with which the attacks were made. As specified by Kaspersky Lab’s leading antivirus expert, Sergey Golovanov, in the fall, company experts investigated several such incidents at once. “Given the availability of the exploit, such attacks can become more widespread,” the expert noted. “Therefore, we strongly recommend that companies install the latest version of the VPN solution used, do not forget about security solutions and follow the news about the current landscape of cyber threats.” Previously reported vulnerabilities in Cisco VPN equipment. The threat of executing third-party code was found in the Internet console, which is used to configure some models of VPN routers and a VPN firewall. Source: https://threatpost.ru/fraudsters-exploit-vpn-services-vulnerability/35138/
  10. Source: https://www.securitylab.ru/news/503753.php Exploiting the vulnerability allows an unauthorized attacker to remotely take control of a device. A number of vulnerabilities have been detected in Ruckus wireless routers . Their operation allows an unauthorized attacker to remotely take control of the device. Vulnerabilities were discovered by security researcher Gal Zror. According to Zror, the problems are contained in the web-based user interface software installed in the Unleashed line of routers. According to the researcher, three vulnerabilities can be exploited to gain superuser rights on the router, providing an attacker with unhindered access to the device and the network. Although these three problems differ in the complexity of their use, only one line of code is enough to exploit the simplest vulnerability. Having gained full control over the router, an attacker can scan all unencrypted Internet traffic on the network, as well as redirect traffic from users on the network to malicious pages designed to steal credentials. According to Zror, thousands of vulnerable Ruckus routers are available on the Internet. He made his findings public at the annual Chaos Communication Congress in Germany. Ruckus has released a software update that fixes these vulnerabilities and strongly recommends users update their vulnerable devices.
  11. Asta e tot anuntul , Topic updated 3 August 2019 I sell socks5 backconnect system consists of: client part - socks.exe - does not hide from the dispatcher. minimum load on av detekty. XP support and higher (win 10 + windows server) - socks.dll - a separate assembly in the form of a dll (for injecting into your bot) there is autorun. after rebooting the pc socks are returned. otstuk about 70% after the standards crypt the system works in multi-threaded mode, which gives a high increase in the speed of socks Runtime scan after crypt standards https://dyncheck.com/scan/id/8772793e688ddd5a903d5b279cc30449 only node 32 is burning 360 Total Security Essential Clean AVG Internet Security Clean AhnLab V3 Light Clean Avast Internet Security Clean Avira Internet Security Clean BitDefender Total Security BullGuard Internet Security Clean Comodo Internet Security Run Virtually DrWeb Total Security Clean Emsisoft Anti-Malware Clean Eset Smart Security Dynamic detect after 5 sec. F-Secure Internet Security Clean Fortinet Smart Security Clean Malwarebytes Anti-Malware Clean McAfee Internet Security Clean Panda Global Protection Clean Sophos Anti-Virus Clean Trend Micro Internet Security Clean Webroot SecureAnywhere Clean Windows Defender Clean server part supports installation both on win servers and on Linux (server requirements 400mb free RAM for 1 000 socks) - server.exe to run on win servers - server.out to run on Linux - php admin For software, a dedicated (non-shared) 1 gbit channel is recommended. if they just hang and are not used - the Internet is not consumed. for stable operation each socks consumes from 1 megabit fastflux bot is not supported. need normal server / vps. features - loader with update function every N hours by reference (for long survivability it is necessary to update the crypts every day) crypt not doing. You can find on the forum. approximate price of $ 1000 per month free setup apload crypt on your server You can also use a certificate instead of a crypt. vitality increases - firewall (access to socks only from trusted ip) - authorization on socks by login and password - GeoIP - display of computer name / user - adding comments for the bot The bot also works at integrity level low . only in autorun in such cases will not be added admin rights to run are not required. GeoIP can be configured via maxmind online service (weekly database updates. latest data) just insert id and key from maxmind The system is developed in assembler. high speed minimum size file weight socks.exe 12kb socks.dll 10kb server.exe 14kb server.out 10kb (for Linux) supports regular domains and ip + .bit domains (implementation via dns request) if you ship more than 1k socks, then domains / ip fall into black. It is recommended to change ip every 3 days. if you have a booze host, you can use ip instead of domain (cost about $ 10 for one ip) if you have a white host, it is recommended to use domains to move if you have problems. After the purchase I issue a link to the builder (10 attempts). at the end of + 50 $ 1 attempt screen builder http://i66.tinypic.com/5wcuax.jpg admin screen http://i63.tinypic.com/j7w4zd.jpg http://i68.tinypic.com/szv9za.jpg free setup if you have something wrong. the cost of a set of $ 1000 in bitcoin (discounts are possible)
  12. Nu exista captcha atata timp cat inregistrarea se face prin aplicatie si nu de pe web.
  13. Ai vrut sa pari interesant ? ca nu te inteleg . Uite ca eu am si facultate si tot nu stiu c++ . Te-ai udat cand ai auzit de 10k/saptamana ? Daca tot esti asa tare, de ce nu faci tu ce am cerut ? Sau nu ai terminat 12 clase ?
  14. Da, parerea mea . uite aici link-ul de la vechiul autoposting pe care l am avut . nu am sursa.. trebuie decompilat . https://ufile.io/vhkjinmu programul nu mai functioneaza . nici macar nu-l mai deschide . ideea e ca eu nu il vreau ca pe acesta . eu vreau sa aibe functie de auto-register si post . la cel vechi trebuia sa bag eu conturile si dupa posta . EDIT: Am primit foarte multe intrebari legate de aplicatie . Deci mai pe scurt . aplicatie trebuie sa fie de windows . dar datorita faptului ca pe offerup.com poti sa postezi doar printr o aplicatie ios/android . trebuie sa ai cunostinte de android/ios .
  15. Since 2007, hackers have provided virtual services to criminals. July 16, 2019 | 17:15 0 123 The SBU operatives with partners from the United States stopped the activities of a powerful hacker group. This was reported by the. Head of the Security Service of Ukraine Ivan Bakanov. Since 2007, hackers have provided virtual services to criminals, creating conditions for them to freely carry out illegal activities. The attackers used Dark Net - a part of the Internet that was hidden from ordinary users, where it is possible to anonymously purchase weapons, drugs and the like. Law enforcement officers could not identify the participants, because hosting did not respond to requests. Intelligence officers have established that the organizer of the group is a citizen of Ukraine, who received his first hacker experience in Moscow in the mid-2000s. Already in 2007, he began to provide his services to hackers around the world through Ukrainian networks, carefully concealing the actual location of his equipment from law enforcement officers and special services of any country. The equipment was periodically found by Ukrainian, Russian, and American law enforcement officers, confiscated it, temporarily ceased operations, but the hacker group continued to operate. The group has about ten main participants and dozens of accomplices in several countries, as well as thousands of customers. They are concerned that hundreds of terabytes of data are in the hands of the special services, which can be evidence in hundreds of criminal cases around the world. According to our estimates, we can talk about 40% of the Russian-language segment of Dark Net, ”said the acting minister. head of the SBU. In the United States alone, an average of fifty years in prison was brought against the organizer. He is accused of fraud, unauthorized interference, theft of personal data and a number of other crimes under US criminal law. In Ukraine, the organizer and another member of the group declared suspicion of committing criminal offenses under Part 2 of Art. 361 and Part 3 of Art. 301 of the Criminal Code. They are under house arrest. During the authorized investigative actions on the territory of a private house near Odessa, we found a real data center with a backup autonomous power source, security, powerful Internet access channels, which was carefully hidden. A preliminary study of network equipment and an assessment of the ranges of IP addresses used by the grouping indicates at least three autonomous systems reserved for enterprises of the Russian Federation. Given the counter-intelligence regime that exists in the Russian Federation, as well as the technological features of the organization and construction of SORM-3, possession and control of this numbering resource by the group could not take place without control and cover of Russian special services. This information allows the SBU to get a clearer picture of the cyber attacks on Ukrainian critical infrastructure facilities, and the role of the Russian special services in cyber attacks on other countries. Partea cu liftul.. chiar interesanta . Source : https://368.media/2019/07/16/sbu-razoblachila-krupnuyu-hakerskuyu-set-v-odesse/
  • Create New...