Silviu

Am descărcat un tutorial video (format din mai multe părți) prin programul celor de la LinkedIn, Week of Learning, care durează până pe 30 octombrie și oferă gratuit toate tutorialele până la data menționată, prin aplicația lor de android, deoarece numai prin ea se pot salva tutorialele pentru utilizare offline. Am găsit în telefon locația unde sunt salvate, numai că, nu reușesc să îmi dau seama care e giumbușlucul ce trebuie făcut pentru a putea să le pot reda printr-un oarecare player video, nu doar prin aplicația lor. Deci, dacă are cineva puțin timp să facă un reverse engineering pe aplicația lor și îmi (ne) poate da detalii în legătură cu chestia asta, ar fi de ajutor. Aș vrea să mai descarc niște seturi de tutoriale pe care o să le pun și aici. Nu uitați că pe 30 se termină "mierea" din borcan. Link fișiere: https://mega.nz/#!QclkyQYB!aCwGRU5HZXOkBDS8-IhKF6h1NO1MvX81sinDUpeOng4

A serious vulnerability that has been present for nine years in virtually all versions of the Linux operating system is under active exploit, according to researchers who are advising users to install a patch as soon as possible. While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it’s not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that’s a part of virtually every distribution of the open-source OS released for almost a decade. What’s more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild. “It’s probably the most serious Linux local privilege escalation ever,” Dan Rosenberg, a senior researcher at Azimuth Security, told Ars. “The nature of the vulnerability lends itself to extremely reliable exploitation. This vulnerability has been present for nine years, which is an extremely long period of time.” The underlying bug was patched this week by the maintainers of the official Linux kernel. Downstream distributors are in the process of releasing updates that incorporate the fix. Red Hat has classified the vulnerability as “important.” As their names describe, privilege-escalation or privilege-elevation vulnerabilities allow attackers with only limited access to a targeted computer to gain much greater control. The exploits can be used against Web hosting providers that provide shell access, so that one customer can attack other customers or even service administrators. Privilege-escalation exploits can also be combined with attacks that target other vulnerabilities. A SQL injection weakness in a website, for instance, often allows attackers to run malicious code only as an untrusted user. Combined with an escalation exploit, however, such attacks can often achieve highly coveted root status. The in-the-wild attacks exploiting this specific vulnerability were found by Linux developer Phil Oester, according to an informational site dedicated to the vulnerability. It says Oester found the exploit using an HTTP packet capture, but the site doesn’t elaborate. Update: In e-mails received about nine hours after this post went live, Oester wrote: Any user can become root in < 5 seconds in my testing, very reliably. Scary stuff. The vulnerability is easiest exploited with local access to a system such as shell accounts. Less trivially, any web server/application vulnerability which allows the attacker to upload a file to the impacted system and execute it also works. The particular exploit which was uploaded to my system was compiled with GCC 4.8.5 released 20150623, though this should not imply that the vulnerability was not available earlier than that date given its longevity. As to who is being targeted, anyone running Linux on a web facing server is vulnerable. For the past few years, I have been capturing all inbound traffic to my webservers for forensic analysis. This practice has proved invaluable on numerous occasions, and I would recommend it to all admins. In this case, I was able to extract the uploaded binary from those captures to analyze its behavior, and escalate to the appropriate Linux kernel maintainers. The vulnerability, a variety known as a race condition, was found in the way Linux memory handles a duplication technique called copy on write. Untrusted users can exploit it to gain highly privileged write-access rights to memory mappings that would normally be read-only. More technical details about the vulnerability and exploit are available here, here, and here. Using the acronym derived from copy on write, some researchers have dubbed the vulnerability Dirty COW. Disclosure of the nine-year-old vulnerability came the same week that Google researcher Kees Cook published research showing that the average lifetime of a Linux bug is five years. “The systems using a Linux kernel are right now running with security flaws,” Cook wrote. “Those flaws are just not known to the developers yet, but they’re likely known to attackers.” Sursa: http://arstechnica.com/security/2016/10/most-serious-linux-privilege-escalation-bug-ever-is-under-active-exploit/

Criminals this morning massively attacked Dyn, a company that provides core Internet services for Twitter, SoundCloud, Spotify, Reddit and a host of other sites, causing outages and slowness for many of Dyn’s customers. Twitter is experiencing problems, as seen through the social media platform Hootsuite. In a statement, Dyn said that this morning, October 21, Dyn received a global distributed denial of service (DDoS) attack on its DNS infrastructure on the east coast starting at around 7:10 a.m. ET (11:10 UTC). “DNS traffic resolved from east coast name server locations are experiencing a service interruption during this time. Updates will be posted as information becomes available,” the company wrote. DYN encouraged customers with concerns to check the company’s status page for updates and to reach out to its technical support team. A DDoS is when crooks use a large number of hacked or ill-configured systems to flood a target site with so much junk traffic that it can no longer serve legitimate visitors. DNS refers to Domain Name System services. DNS is an essential component of all Web sites, responsible for translating human-friendly Web site names like “example.com” into numeric, machine-readable Internet addresses. Anytime you send an e-mail or browse a Web site, your machine is sending a DNS look-up request to your Internet service provider to help route the traffic. ANALYSIS The attack on DYN comes just hours after DYN researcher Doug Madory presented a talk on DDoS attacks in Dallas, Texas at a meeting of the North American Network Operators Group (NANOG). Madory’s talk — available here on Youtube.com — delved deeper into research that he and I teamed up on to produce the data behind the story DDoS Mitigation Firm Has History of Hijacks. That story (as well as one published earlier this week, Spreading the DDoS Disease and Selling the Cure) examined the sometimes blurry lines between certain DDoS mitigation firms and the cybercriminals apparently involved in launching some of the largest DDoS attacks the Internet has ever seen. Indeed, the record 620 Gbps DDoS against KrebsOnSecurity.com came just hours after I published the story on which Madory and I collaborated. The record-sized attack that hit my site last month was quickly superseded by a DDoS against OVH, a French hosting firm that reported being targeted by a DDoS that was roughly twice the size of the assault on KrebsOnSecurity. As I noted in The Democratization of Censorship — the first story published after bringing my site back up under the protection of Google’s Project Shield — DDoS mitigation firms simply did not count on the size of these attacks increasing so quickly overnight, and are now scrambling to secure far greater capacity to handle much larger attacks concurrently. The size of these DDoS attacks has increased so much lately thanks largely to the broad availability of tools for compromising and leveraging the collective firepower of so-called Internet of Things devices — poorly secured Internet-based security cameras, digital video recorders (DVRs) and Internet routers. Last month, a hacker by the name of Anna_Senpaireleased the source code for Mirai, a crime machine that enslaves IoT devices for use in large DDoS attacks. The 620 Gbps attack that hit my site last month was launched by a botnet built on Mirai, for example. Interestingly, someone is now targeting infrastructure providers with extortion attacks and invoking the name Anna_senpai. According to a discussion thread started Wednesday on Web Hosting Talk, criminals are now invoking the Mirai author’s nickname in a bid to extort Bitcoins from targeted hosting providers. Let me be clear: I have no data to indicate that the attack on Dyn is related to extortion, to Mirai or to any of the companies or individuals Madory referenced in his talk this week in Dallas. But Dyn is known for publishing detailed writeups on outages at other major Internet service providers. Here’s hoping the company does not deviate from that practice and soon publishes a postmortem on its own attack. Update, 10:22 a.m. ET: Dyn’s status page reports that all services are back to normal as of 13:20 UTC (9:20 a.m. ET). Fixed the link to Doug Madory’s talk on Youtube, to remove the URL shortener (which isn’t working because of this attack). Update, 1:01 p.m. ET: Looks like the attacks on Dyn have resumed and this event is ongoing. This, from the Dyn status page: Sursa: https://krebsonsecurity.com/2016/10/ddos-on-dyn-impacts-twitter-spotify-reddit/

Toată lumea cu un nokia 1100 și un amărât de sim poate primi mesaje. Cu ce te-ar ajuta, mă rog, dacă ai face rost de un număr cu suprataxă?

Din ce văd, box-ul ăla e integrat în tema de WordPress.

Un reportaj care mi s-a părut interesant și prezintă destul de bine situația României din sfera IT-ului. http://reportaj.stirileprotv.ro/digitalizarea-hotiei/

Păi umila mea logică zice că telefonul e defect, nu bateria. Schimbă-l.

Aparent cineva a pus sursa si pe Git: https://github.com/jgamblin/Mirai-Source-Code

Link?

Yahoo just released a statement claiming that state-sponsored actors breached the company’s servers and stole data from half a billion users. The statement reads: The statement says that the breach did not include “unprotected passwords” or any banking information. Still, if you have a Yahoo account, it’s definitely a good time to change your password and update your security questions. If you’re using the same password or security questions that you used on Yahoo on other sites, it’s a good idea to change those too. “Online intrusions and thefts by state-sponsored actors have become increasingly common across the technology industry,” Yahoo said in the statement. “Yahoo and other companies have launched programs to detect and notify users when a company strongly suspects that a state-sponsored actor has targeted an account.” The size of this hack is simply staggering, and for the culprit to be a state sponsored actor just makes it feel that much more insane. This may end up being one of the biggest publicly known state sponsored attacks on consumer data. sursa

Păi dacă nu folosești codul tău cum să îți meargă? Ai acolo un ID care nu e completat, care trebuia să fie ID-ul site-ului tău cel mai probabil.

Nu vă mai chinuiți băIeți. Probabil că fără o sesiune activă, link-urile nu sunt valide.

Cu siguranță că te ia și pe tine. Doar nu le faci din batistuță de pe pragul casei în timp ce ei pleacă cu serverele tale.

Păi pe modul ăla îl setase, n-a ținut deloc. Știu oameni care au și soluții business de la ei și tot nu rezistă la atacuri. @Gecko, poate îți face și ție @aelius o demonstrație live pe serverul tău. LE: http://www.webhostingtalk.com/showthread.php?t=1065748 LE2: La un DNS Amplification Attack, nu ar ține nici mama lui de Cloudflare.

Nu ține la DDoS deloc, pachetele oricum la tine ajung. Ne-a aratat @aelius într-o seară pe site-ul lui @Sandu

Mâna întinsă care nu spune o poveste, nu primește pomană. Fii profesionist, ce dracu!

Un investitor in Romania a pierdut 40 de milioane de euro din cauza hackerilor. Metoda simpla prin care s-au furat banii Cel mai mare angajator din judetul Bistrita-Nasaud a fost victima hackerilor. Procurorii bistriteni au fost sesizati in legatura cu comiterea unor infractiuni economice care ar fi dus la fraudarea companiei romano-germane Leoni, producatoare de cabluri si echipamente auto, cu 37 milioane de euro. Purtatorul de cuvant al Parchetului de pe langa Tribunalul Bistrita-Nasaud, Angela Sangeorzan, a confirmat luni, pentru AGERPRES, ca in data de 16 august a fost depusa o plangere penala din partea companiei Leoni Wiring Systems Bistrita, printr-o societate de avocatura, in legatura cu o frauda de 37 milioane euro. In plangere nu sunt precizate persoane suspecte, dar infractiunile despre care se vorbeste sunt de constituire a unui grup infractional, inselaciune si fals in inscrisuri private. Cauza a fost declinata catre DIICOT Bistrita-Nasaud, spre competenta solutionare. Ziua in care a fost depusa plangerea la Parchetul bistritean coincide cu cea in care compania Leoni din Germania a publicat pe site-ul oficial un comunicat de presa, prin care a anuntat ca in data de 12 august conducerea s-a sesizat in legatura cu o frauda comisa in dauna societatii cu ajutorul unor documente si identitati false si prin folosirea mijloacelor de comunicare electronice. „Leoni a descoperit vineri, 12 august 2016, ca a fost victima unei fraude realizata cu ajutorul unor documente si identitati falsificate si prin intermediul canalelor de comunicare electronice. Ca urmare, fondurile companiei au fost transferate in conturi in afara tarii”, se arata in comunicat. „Pagubele totale sunt evaluate la o scurgere de lichiditati de 40 de milioane de euro. Activitatile infractionale nu au afectat infrastructura IT sau securitatea datelor”. „Efectul pe care aceasta frauda il va avea asupra veniturilor companiei prognozate pentru acest an nu poate fi inca evaluat”. Se pare ca hackerii si-au falsificat identitatea si s-au dat drept manager al firmei din Germania si i-au pretins directorului financiar din Bistrita sa transfere suma de 40 de milioane de euro intr-un cont ca urmare a unei plati. Cateva zile mai tarziu responsabilii si-au dat seama ca au fost victima unei inselatorii iar banii au disparut. Conform surselor ProTV, manageri din Germania au venit in tara pentru verificari. Plangerea depusa de departamentul juridic nu vizeaza o anumita persoana, insa este posibil ca cineva din interior care cunoste procedurile sa ii fi ajutat pe infractori. Leoni este cel mai mare angajator din judetul Bistrita-Nasaud, cu peste 5.000 de angajati, forta de munca fiind asigurata insa si din alte judete ale tarii. Stire video Sursa

Probabil ar merge totuși așa: https://en.wikipedia.org/wiki/Spoofing_attack#GPS_spoofing

Probabil funcționează cu internet via GSM. Ai putea să bruiezi semnalul, dar s-ar putea să trezești suspiciuni, cum zicea și cineva mai sus.

Yet another blow to Bitcoin: One of the world's most popular exchanges of the cryptocurrency has suffered a major hack, leading to a loss of around $72 Million worth of Bitcoins. Hong Kong-based Bitcoin exchange 'Bitfinex' has posted a note on their website announcing the shutdown of its operation after discovering a security breach that allowed an attacker to steal some user funds. While the company did not mention a total amount lost in the breach, one of their employees — Bitfinex community director Zane Tackett — confirmed on Reddit that the total amount stolen was119,756 bitcoins — worth up to $72 Million in cash. The cause of the security breach and the hacker behind the incident is still unclear, but the attackers appear to have mysteriously bypassed Bitfinex’s mandated limits on withdrawals. Bitcoin Price Drops 20% After the Hack Bitfinex is the third-largest Bitcoin exchange in the world. After the news of the Bitfinex hack had broken on August 2, the price of Bitcoin dropped almost 20%, from $602.78 to $541 per Bitcoin, within the day after the announcement. The sudden dropout could be the result of the latest hack that likely made Bitcoin investors sell off their Bitcoin holdings, leading to a rapid decrease in Bitcoin price. Bitfinex's security firm Bitgo — a Palo Alto-based Bitcoin security company that allows bitcoin exchanges to provide separate, multi-signature wallets for each user's funds — tweeted earlier today, saying it has not found any "evidence of a breach on any BitGo servers" during its investigation. Although it’s unclear whether Bitfinex can sustain a loss of that magnitude, the company will address any customer losses following the result of their ongoing investigation. The bottom line: The best way to secure yourself is to go OFFLINE. The safest place to store your Bitcoins or any other cryptocurrency is on your own (if possible, offline) wallet; instead on any website or cryptocurrency exchange. Sursa: http://thehackernews.com/2016/08/bitcoin-exchange-price.html PS: Nu am timp să modific articolul, d-aia i-am dat paste direct așa.

Așteaptă mult și bine să îl livreze. Nici măcar nu am auzit de anonimii ăștia.

Te-ai uitat la prea multe filme, tinere.

Aia e și mai slabă decât UPIT. @MARIUSCS Sunt la fel de slabe amândouă. Am auzit destule si despre Brașov. Acum depinde dacă vrei să faci o treabă sau nu. Oricum totul depinde de tine, dar din punct de vedere al suportului oferit de entitatea asta numită facultate cam așa stau lucrurile.

Foarte fain. Bravo! Cum putem să vedem/testăm și noi aplicațiile tale?

Am făcut eu primul an acolo. Nu faci mare lucru. Majoritatea profesorilor sunt foarte slab pregătiți în comparație cu cei de la Unibuc cel puțin. În afară de ceva baze de date, logică și ceva cu grafuri nu prea faci mare lucru. Te sfătuiesc să o urmezi DOAR dacă ești o persoană autodidactă, ești pasionat și înveți singur. Altfel o să ieși cam o mare plantă de acolo. Nu mai zic că la POO a fost o situație penibilă, în care proful era angajat și nici nu prea trecea pe la cursuri, iar la examen ne-a dat Java, C# și C++ în condițiile în care noi făcusem doar vreo 3-4 ore de laborator (că la restul nu a venit) și acolo am făcut (doar el făcea) puțin Java. Nici la Unibuc nu e mare lucru, dar cu siguranță sunt oameni mult mai pregătiți și dacă ai ceva întrebări măcar ai cu cine discuta. Baftă!