Jump to content

Nytro

Administrators
  • Posts

    18358
  • Joined

  • Last visited

  • Days Won

    554

Nytro last won the day on September 23

Nytro had the most liked content!

Reputation

5180 Excellent

About Nytro

  • Rank
    Administrator
    Proficient
  • Birthday 03/11/1991

Recent Profile Visitors

48961 profile views
  1. They are the winners from the last edition of DefCamp Capture the Flag (D-CTF) competition. Wondering how your name could get on the D-CTF 2022 leaderboard (win prizes totaling EUR 4,500 & get free tickets to DefCamp 2022)? Just follow these 3 easy steps: 1. Get your team together & register for the D-CTF 2022 Qualifications - not to put any pressure, but there is only one week left! 😱 WHEN? Starting September 30th, 09.00 UTC Until October 1st, 15.00 UTC WHERE? Online, on CyberEDU.ro Register: https://dctf22-quals.cyberedu.ro/ 2. Hack before getting hacked & make it in the top 10 shortlist that will be attending the finals during the DefCamp conference in Bucharest. P.S. Up to 5 teams from Romania will also be invited in the final. 3. Join us at DefCamp on November 10-11 in Bucharest & do your absolute best in the D-CTF 2022 finals! Register: https://dctf22-quals.cyberedu.ro/ See you soon! The DefCamp team
  2. E ceva crapat in JavaScript dar nu am idee ce. Pe template-ul default cred ca merge totul OK.
  3. GTA 6 source code and videos leaked after Rockstar Games hack By Lawrence Abrams September 18, 2022 Grand Theft Auto 6 gameplay videos and source code have been leaked after a hacker allegedly breached Rockstar Game's Slack server and Confluence wiki. The videos and source code were first leaked on GTAForums yesterday, where a threat actor named ‘teapotuberhacker’ shared a link to a RAR archive containing 90 stolen videos. The videos appear to be created by developers debugging various features in the game, such as camera angles, NPC tracking, and locations in Vice City. In addition, some of the videos contain voiced conversations between the protagonist and other NPCs. RAR archive containing the 90 leaked GTA 6 videos The hacker claims to have stolen "GTA 5 and 6 source code and assets, GTA 6 testing build," but is trying to extort Rockstar Games to prevent further data from being released. However, the threat actor says they are accepting offers over $10,000 for the GTA V source code and assets but are not selling the GTA 6 source code at this time. Selling GTA V source code on Telegram Source: BleepingComputer After forum members showed disbelief that the hack was real, the threat actor claimed he was behind the recent cyberattack on Uber and leaked screenshots of source code from both Grand Theft Auto V and Grand Theft Auto 6 as further proof. Rockstar games have not released a statement or responded to our email about the attack at this time. However, Bloomberg's Jason Schreier confirmed the leak was valid after speaking to sources at Rockstar. The leaked videos have since made it onto YouTube and Twitter, with Rockstar Games issuing DMCA infringement notices and takedown requests to get the videos offline. Leaked GTA 6 video taken down on YouTube Source: BleepingComputer "This video is no longer available due to a copyright claim by Take 2 Interactive," reads a copyright claim by Take 2 Interactive, the owner of Rockstar Games. These takedown demands lend further validity to the fact that the leaked GTA 6 videos are real. However, Rockstar Game's efforts come too late, as the threat actor and others had already started leaking the stolen GTA 6 videos and portions of the source code on Telegram. For example, the threat actor leaked a GTA 6 source code file today that is 9,500 lines long and appears to be related to executing scripts for various in-game actions. Claims to be behind Uber attack The hacker hasn’t shared details on how they gained access to the GTA 6 videos and source code other than claiming to have stolen them from Rockstar’s Slack and Confluence servers. The threat actor also claims to be the same hacker, named 'TeaPots,' behind the recent Uber cyberattack, but BleepingComputer could not confirm whether these claims are valid. However, during the cyberattack on Uber, the threat actor also gained access to the company's Slack server and other internal services after performing a social engineering attack on an employee. While there are not enough details about the Rockstar Games hack, the types of servers accessed and the very public announcements are similar to the Uber hacker’s tactics. Sursa: https://www.bleepingcomputer.com/news/security/gta-6-source-code-and-videos-leaked-after-rockstar-games-hack/
  4. Se refera la faptul ca se gaseste access token-ul? Pfff, ce porcarie, e necesar, by design. Si daca crypteaza cu DPAPI cum fac browserele e acelasi lucru, ca se pot decrypta rapid, nu exista solutie pentru asa ceva. Firma lu peste isi face reclama cu mizerii dinastea, ca LOLBIN-urile sau alte porcarii inutile. Parerea mea.
  5. Facui update si la IPBoard si la tema dar se pare ca problemele persista, nu am idee de ce si nici nu am timp sa investighez
  6. Salut, se pot sterge toate posturile de catre acel user, nu stiu daca "la gramada", dar cel putin pe rand ar trebui sa mearga.
  7. Noroc si bine ai revenit, desi nu mai suntem foarte activi suntem inca aici la datorie.
  8. 35,000 code repos not hacked—but clones flood GitHub to serve malware By Ax Sharma August 3, 2022 Thousands of GitHub repositories were forked (copied) with their clones altered to include malware, a software engineer discovered today. While cloning open source repositories is a common development practice and even encouraged among developers, this case involves threat actors creating copies of legitimate projects but tainting these with malicious code to target unsuspecting developers with their malicious clones. GitHub has purged most of the malicious repositories after receiving the engineer's report. 35,000 GitHub projects not hijacked Today, software developer Stephen Lacy left everyone baffled when he claimed having discovered a "widespread malware attack" on GitHub affecting some 35,000 software repositories. Contrary to what the original tweet seems to suggest, however, "35,000 projects" on GitHub have not been affected or compromised in any manner. Rather, the thousands of backdoored projects are copies (forks or clones) of legitimate projects purportedly made by threat actors to push malware. Official projects like crypto, golang, python, js, bash, docker, k8s, remain unaffected. But, that is not to say, the finding is unimportant, as explained in the following sections. Software engineer Stephen Lacy first publicized the finding (Twitter) While reviewing an open source project Lacy had "found off a google search," the engineer noticed the following URL in the code that he shared on Twitter: hxxp://ovz1.j19544519.pr46m.vps.myjino[.]ru BleepingComputer, like many, observed that when searching GitHub for this URL, there were 35,000+ search results showing files containing the malicious URL. Therefore, the figure represents the number of suspicious files rather than infected repositories: GitHub search results for malicious URL reveal over 35,000 files (BleepingComputer) We further discovered, out of the 35,788 code results, more than 13,000 search results were from a single repository called 'redhat-operator-ecosystem.' This repository, seen by BleepingComputer this morning, appears to have now been removed from GitHub, and shows a 404 (Not Found) error. The engineer has since issued corrections and clarifications [1, 2] to his original tweet. Malicious clones equip attackers with remote access Developer James Tucker pointed out that cloned repositories containing the malicious URL not only exfiltrated a user's environment variables but additionally contained a one-line backdoor. Cloned repositories altered with malware contain backdoor (BleepingComputer) Exfiltration of environment variables by itself can provide threat actors with vital secrets such as your API keys, tokens, Amazon AWS credentials, and crypto keys, where applicable. But, the single-line instruction (line 241 above) further allows remote attackers to execute arbitrary code on systems of all those who install and run these malicious clones. Unclear timeline As far as the timeline of this activity goes, we observed deviating results. The vast majority of forked repositories were altered with the malicious code sometime within the last month—with results ranging from six to thirteen days to twenty days ago. However, we did observe some repositories with malicious commits dated as far back as 2015. Malicious commit made 13 days ago in one of the clones (BleepingComputer) The most recent commits containing the malicious URL made to GitHub today are mostly from defenders, including threat intel analyst Florian Roth who has provided Sigma rules for detecting the malicious code in your environment. Ironically, some GitHub users began erroneously reporting Sigma's GitHub repo, maintained by Roth, as malicious on seeing the presence of malicious strings (for use by defenders) inside Sigma rules. GitHub has removed the malicious clones from its platform as of a few hours ago, BleepingComputer can observe. As a best practice, remember to consume software from the official project repos and watch out for potential typosquats or repository forks/clones that may appear identical to the original project but hide malware. This can become more difficult to spot as cloned repositories may continue to retain code commits with usernames and email addresses of the original authors, giving off a misleading impression that even newer commits were made by the original project authors. Open source code commits signed with GPG keys of authentic project authors are one way of verifying the authenticity of code. Sursa: https://www.bleepingcomputer.com/news/security/35-000-code-repos-not-hacked-but-clones-flood-github-to-serve-malware/
  9. Surely you’ve been expecting our email about the DefCamp conference, right? We are happy to officially announce that we’re back with DefCamp - the offline edition, this fall, as we've become accustomed to over the last 10 years. Registrations are NOW OPEN, which means you can book your early bird ticket right now! Ready, steady, gooooo pack your bags and cyber knowledge for #DefCamp12! https://def.camp/tickets/ WHEN: 10th-11th November, 2022 WHERE: Bucharest, Romania Call for papers: https://def.camp/call-for-papers/ Call for contsts: https://def.camp/call-for-contests/ Become a volunteer: https://def.camp/become-a-volunteer/ Website: https://def.camp/
  10. Un bot mi-a laudat articolul, tot o lauda este, me happy si nu sterg spamu ❤️
  11. Pff, cere IP si port si nu le pune in codul generat
×
×
  • Create New...