Nytro

[h=1]Black Hat USA 2014 - Exploit: Exploiting Unpatched iOS Vulnerabilities for Fun and Profit[/h]

[h=1]Black Hat USA 2014 - Exploit: Digging for IE11 Sandbox Escapes[/h]

[h=1]Black Hat USA 2014 - Exploit: Data Only Pwning Microsoft Windows Kernel Exploitation of Kernel Pool[/h]

[h=1]Black Hat USA 2014 - Exploit: Bitcoin Transaction Malleability Theory in Practice[/h]

[h=1]Black Hat USA 2014 - Exploit: Abusing Performance Optimization Weaknesses to Bypass ASLR[/h]

[h=1]Black Hat USA 2014 - Enterprise: Point of Sale System Architecture and Security[/h]

[h=1]Black Hat USA 2014 - Enterprise: Learn How to Ctrl Every Room at a Luxury Hotel Remotely The Dangers[/h]

[h=1]Black Hat USA 2014 - Embedded: Pulling Back the Curtain on Airport Sec Can a Weapon Get Past TSA[/h]

[h=1]Black Hat USA 2014 - Auditing: Fingerprinting Web App Platforms by Variations in PNG Implementation[/h]

[h=1]Black Hat USA 2014 - Crypto: The BEAST Wins Again Why TLS Keeps Failing to Protect HTTP[/h]

[h=1]Black Hat USA 2014 - Crypto: 48 Dirty Little Secrets Cryptographers Don’t Want You To Know[/h]

[h=1]Black Hat USA 2014 - AppSec: The New Page of Injections Book Memcached Injections[/h]

[h=1]Black Hat USA 2014 - AppSec: SVG Exploiting Browsers without Image Parsing Bugs[/h]

[h=1]Black Hat USA 2014 - AppSec: Pivoting in Amazon Clouds[/h]

Ok, lucrurile stau cam asa: Arrow Electronics, cei care sunt "partenerii" lor, au sediu in Cluj. Tocmai am sunat acolo si din start mi s-a spus "Aoleu, fabrica de discounturi?" . Adica nu sunt primul care a sunat si mi-au confirmat ca nu stiu nimic de vreun parteneriat cu site-ul respectiv. Adica e teapa. In caz ca inca nu v-ati convins de acest lucru.

Da, misto. Pacat ca se duc zilele in care stateai cu F7/F8 pana nenoroceai tastele.

De cele mai multe ori, ceea ce pare "prea frumos ca sa fie adevarat", chiar asa e. Nu inteleg mania asta a "ofertelor". << iPhone 7 Supreme la 200 RON >> - Ganditi si voi inainte de a arunca niste bani. Nu degeaba "brand-ul costa". Brand-ul (Apple Store sau cum s-o numi) iti ofera anumite garantii pe care "Fabrica de vise umede" nu ti le ofera. E riscul vostru.

Nu ne asumam raspunderea pentru eventuale tepe. Faceti "afaceri" doar cu userii care au cel putin 50 de posturi, astfel aveti sanse mari sa nu mai fi dat o teapa. In plus, din posturile sale va puteti da seama daca e o persoana serioasa sau un cocalar care s-ar fute in cur cu degetul pentru 5 dolari.

Da, misto ideea cu modulul de kernel care urmareste "pachete magice" in PREROUTING.

Firefox 33 arrives with OpenH264 support, sending video to Chromecast and Roku from Android October 14, 2014 8:45 AM Emil Protalinski Mozilla today officially launched Firefox 33 for Windows, Mac, Linux, and Android. Major additions include OpenH264 support as well as the ability to send video content from webpages to a second screen. Firefox 33 for the desktop is available for download now on Firefox.com, and all existing users should be able to upgrade to it automatically. As always, the Android version is trickling out slowly on Google Play. Desktop The biggest addition for the desktop platforms is OpenH264 sandboxed support via Cisco’s H.264 open source H.264 implementation. Thanks to the networking company, Firefox can now decode and encode the video compression format (for WebRTC, but not the video tag yet) without Mozilla having to pay MPEG LA license fees. “Cisco is excited to see OpenH264 become available to Firefox users, who will then benefit from interoperability with the millions of video communications devices in production that support H.264,” Jonathan Rosenberg, Cisco’s Chief Technology Officer for Collaboration, said in a statement. Firefox likely won’t be the only major application to support OpenH264, but it’s the first. Search has gotten a boost as well: it’s faster via the location bar, and there are now suggestions on the Firefox Start and new tab pages. Mozilla may not have Google’s search chops, but Firefox regularly gets improvements in this department. Video and search aside, here’s the full Firefox 33 changelog: New: Windows: OMTC enabled by default. New: OpenH264 support (sandboxed). New: Improved search experience through the location bar. New: Slimmer and faster JavaScript strings. New: Search suggestions on the Firefox Start (about:home) and new tab (about:newtab) pages. New: New CSP (Content Security Policy) backend. New: Support for connecting to HTTP proxy over HTTPS. New: Improved reliability of the session restoration. New: Azerbaijani [az] locale added. Changed: Proprietary window.crypto properties/functions removed. Changed: JSD (JavaScript Debugger Service) removed in favor of the Debugger interface. HTML5: DOMMatrix interface implemented. HTML5: @counter-style rule from CSS3 Counter Styles specification implemented. Developer: Cubic-bezier curves editor. Developer: Display which elements have listeners attached. Developer: New sidebar which displays a list of shortcuts to every @media rule in the current stylesheet. Developer: Paint flashing for browser content repaints. Developer: Editable @keyframes rules in the Rules section of the Inspector. Developer: CSS transform highlighter in the style-inspector. Fixed: Fix incomplete downloads being marked as complete by detecting broken HTTP1.1 transfers (237623). If you’re a Web developer, you may want to get more details at the Firefox 33 for developers page. Android Mozilla has been working on various multi-screen capabilities for its Android app over the last few months, and today’s addition takes another big step. Sending video content from webpages to a second screen is now available via a new “send to device” option. If a video can be sent over, an indicator will appear (after any ads have played) on the playback controls bar. Tapping it will bring up a list of Chromecast and Roku devices on the same Wi-Fi network. A second “send to” indicator also shows up in the URL bar to remind users that content from this webpage is being sent to a device: You can play, pause, and close videos directly within Firefox for Android via the new Media Control Bar, which appears at the bottom of your phone’s screen when a video is being sent to a device. The bar will stay visible as long as the video is playing, even as you change tabs or visit new webpages. Here’s how to use the new feature: Make sure your Chromecast or Roku is set up on a nearby TV and is running on the same Wi-Fi network as your Android phone. If streaming to a Roku, add the Firefox channel to the channel list (instructions). Pick a video to play on a website and look for the “Send to” icon over the video controls or in the URL bar to send it to your streaming device. Either option will automatically activate Chromecast for streaming launch or the Firefox channel on Roku. There are some notable limitations. The video will only play if the device receiving it supports the same video format as what is being viewed on Firefox for Android. In some cases, a website will hide or customize the HTML5 video controls or override the video playback menu. To get around this, Mozilla recommends starting the video on the page and using the “Send to Device” button in the URL bar. Here’s the full Firefox 33 for Android changelog: New: Sending videos to Chromecast and Roku devices. New: Option added to clear data when quitting. New: Enhanced tab management. New: Slimmer and faster JavaScript strings. New: New CSP (Content Security Policy) backend. New: Form elements updated to a more modern look. New: Locales added: Aragonese [an], Frisian [fy-NL], Kazakh [kk] and Khmer [km]. HTML5: DOMMatrix interface implemented. HTML5: @counter-style rule from CSS3 Counter Styles specification implemented. HTML5: Support for the ECMAScript 6 Symbol data type added. Developer: Paint flashing for browser content repaints. The third point is worth expanding on. Firefox for Android users can now undo a closed tab, view recently closed tabs, and even close all tabs at once. New versions of Firefox are released approximately every six weeks. Firefox 34 will be out in late November. Sursa: Firefox 33 arrives with OpenH264 support, sending video to Chromecast and Roku from Android | VentureBeat | News Briefs | by Emil Protalinski

Am dori de asemenea si niste dovezi ca ai fost tepuit.

Cica ar avea 7 milioane. Deci probabil acces la baza lor de date.

Microsoft Windows Zero-Day Vulnerability "CVE-2014-4114" Used to Hack NATO Once again a Russian cyber espionage group has gained media attention by exploiting a Zero-day vulnerability in Microsoft’s Windows operating system to spy on the North Atlantic Treaty Organization (NATO), Ukrainian and Polish government agencies, and a variety of sensitive European industries over the last year. ZERO-DAY VULNERABILITY IN MICROSOFT WINDOWS Researchers at cyber intelligence firm iSight Partners have discovered a zero-day vulnerability that impacts desktop and server versions of Windows, from Vista and Server 2008 to current versions. They also uncovered a latest cyber-spying campaign - suspected to be based in Russia - that uses this Zero-day vulnerability (CVE-2014-4114) to target government leaders and institutions for nearly five years. The recently detected Russian hacking group is dubbed as "Sandworm Team" by iSIGHT Partners because it found references to the Frank Herbert's "Dune" science fiction series in the malicious software code used by the Russian hackers. THE NOTORIOUS ZERO-DAY The zero-day vulnerability is "An exposed dangerous method vulnerability exists in the OLE package manager in Microsoft Windows and Server" that "allows an attacker to remotely execute arbitrary code," according to the report. "The vulnerability exists because Windows allows the OLE packager (packager .dll) to download and execute INF files," iSight Partners writes. "In the case of the observed exploit, specifically when handling Microsoft PowerPoint files, the packagers allows a Package OLE object to reference arbitrary external files, such as INF files, from untrusted sources. This will cause the referenced files to be downloaded in the case of INF files, to be executed with specific commands." The Russian hacking group is probably working for the government and has been active since at least 2009 and, according to iSight Partners, the cyber espionage campaign is still ongoing. The intelligence firm began monitoring the hackers’ activity in late 2013 and discovered the zero-day vulnerability in late August. It "discovered a spear-phishing campaign targeting the Ukrainian government and at least one United States organization" during the NATO summit in Wales, where member states discussed Russia’s actions in Ukraine. "On September 3rd, our research and labs teams discovered that the spear-phishing attacks relied on the exploitation of a zero-day vulnerability impacting all supported versions of Microsoft Windows (XP is not impacted) and Windows Server 2008 and 2012," iSight writes. "A weaponized PowerPoint document was observed in these attacks. Though we have not observed details on what data was exfiltrated in this campaign, the use of this zero-day vulnerability virtually guarantees that all of those entities targeted fell victim to some degree." MICROSOFT TO RELEASE PATCH SOON The threat intelligence firm said it reported the critical zero-day vulnerability to the Microsoft Corp. and held off on disclosing the problem so that the software maker had time to fix the flaw. Microsoft plans to release a patch for the vulnerability on Tuesday patch in security bulletin MS14-060, as part of its monthly “Patch Tuesday” — an organized release of patches to vulnerabilities in the company’s software. A Microsoft spokesman said the company plans to roll out an automatic update to the affected versions. Sursa: Microsoft Windows Zero-Day Vulnerability "CVE-2014-4114" Used to Hack NATO

[h=1]Russian hackers target NATO, Ukraine and others: iSight[/h] By Jim Finkle BOSTON Tue Oct 14, 2014 12:05am EDT (Reuters) - Russian hackers exploited a bug in Microsoft Windows and other software to spy on computers used by NATO, the European Union, Ukraine and companies in the energy and telecommunications sectors, according to cyber intelligence firm iSight Partners. ISight said it did not know what data had been found by the hackers, though it suspected they were seeking information on the Ukraine crisis, as well as diplomatic, energy and telecom issues, based on the targets and the contents of phishing emails used to infect computers with tainted files. The five-year cyber espionage campaign is still going on, according to iSight, which dubbed the operation "Sandworm Team" because it found references to the "Dune" science fiction series in the software code used by the hackers. The operation used a variety of ways to attack the targets over the years, iSight said, adding that the hackers began only in August to exploit a vulnerability found in most versions of Windows. ISight said it told Microsoft Corp about the bug and held off on disclosing the problem so the software maker had time to fix it. A Microsoft spokesman said the company plans to roll out an automatic update to affected versions of Windows on Tuesday. There was no immediate comment from the Russian government, NATO, the EU or the Ukraine government. Researchers with Dallas-based iSight said they believed the hackers are Russian because of language clues in the software code and because of their choice of targets. "Your targets almost certainly have to do with your interests. We see strong ties to Russian origins here," said John Hulquist, head of iSight's cyber espionage practice. The firm plans to release a 16-page report on Sandworm Team to its clients on Tuesday. While technical indicators do not indicate whether the hackers have ties to the Russian government, Hulquist said he believed they were supported by a nation state because they were engaging in espionage, not cyber crime. For example, in December 2013, NATO was targeted with a malicious document on European diplomacy. Several regional governments in the Ukraine and an academic working on Russian issues in the United States were sent tainted emails that claimed to contain a list of pro-Russian extremist activities, according to iSight. The firm said its researchers uncovered evidence that some Ukrainian government computer systems were infected, but they were unable to remotely confirm specific victims among those systems that had been targeted. Still, researchers believe a large percentage of those targeted systems were infected because the malicious software used was very sophisticated, using a previously unknown attack method that enabled it to get past virtually all known security protections, said Drew Robinson, a senior technical analyst with iSight Partners. ISight said it had alerted some victims of Sandworm Team, but declined to elaborate. The iSight research is the latest in a series of private sector security reports that link Moscow to some of the most sophisticated cyber espionage uncovered to date. Russia's Kaspersky Lab in August released details on a campaign that attacked two spy agencies and hundreds of government and military targets across Europe and the Middle East. (Reporting by Jim Finkle; Additional reporting by Alastair Macdonald; Editing by Tiffany Wu) Sursa: Russian hackers target NATO, Ukraine and others: iSight | Reuters Altele: Russian 'Sandworm' Hack Has Been Spying on Foreign Governments for Years | WIRED

Dropbox Hack Second Teaser. As promised here is another batch of Hacked Dropbox accounts from close to 7 million total hacked accounts. We will keep releasing more to the public as donations come in, show your support. Send bitcoin donations to 1Fw7QqUgzbns7yWHH32UnmMxmMMwu6MC6h Enjoy! More to come. As previously, all Dropbox logins are in the same format, login:Password Bille97@hotmail.com:billebille Billelsaddi@hotmail.com:270189 Billenann@hotmail.com:heyhey Billetes_cachanilla@hotmail.com:billetes Billewanchuk@shaw.ca:carebear Billflana@yahoo.com:7612bf Billfulk@hotmail.com:6970bf Billglez@yahoo.com:chicos Billgrandy@hotmail.com:hall04 Billibelle@hotmail.com:ocareh Billiboy17@hotmail.com:jordan23 Billy_j_7@hotmail.com:b1i9l7l3y Billykaelin@hotmail.com:billy73 Bilo23@yahoo.es:bilo78 Bimes91@yahoo.com:jesusis Bimsmendoza@yahoo.com:tenement Bin1651@hotmail.com:16513219 Bingo983@hotmail.com:goldie Binjamin24@aol.com:walter1214 Bintangvenus@yahoo.com:140960 Biohazz@hotmail.com:tjgm151284 Biolina@hotmail.com:faby8481 Biowizard@gmail.com:123abc Birdman_1984@yahoo.com:045343 birdman8704@hotmail.com:simtekonnen Birgit.bruylandt@arteveldehs.be:rob260600 Birgit.frankenberg@verizon.net:$aries78 Birgit.hamrich@gmx.net:syrxhacht Birmad@msn.com:mushtaaq Birziete@hotmail.com:stica3 Bisfish@gmail.com:guitar76 Bissonchris@hotmail.com:ricards Bissyjanuplatho@yahoo.com:255043 Bitofr2001@yahoo.fr:jardiland Bixente55@hotmail.com:lizarazu bixkuitero@hotmail.com:paputxio bj_predator_0919@yahoo.com:Angeluz Bj_witkowski@hotmail.com:13056956 Bjawesterman@yahoo.co.uk:oombart bjornullstrom@hotmail.com:weecweec Bjpeters02@gmail.com:hatsbears Bkavin@earthlink.net:huxley17 Bkchow81@hotmail.com:2885031 Bkocagil@yahoo.ca:psygno Bkrs505@aol.com:daisy1 Blabeybaby@yahoo.com:23papa23 Black_stone03@hotmail.com:2878256 Blackboy_di@hotmail.com:farnshu Blackchain_1@hotmail.com:sl1pkn0t Blackjack0512@hotmail.com:1417170513 blackkid1983@yahoo.com:maggie Blacklemon88@hotmail.com:coolkid blackmasta@gmail.com:moomoo blackmessa@msn.com:dhtvirus Blackmin@hotmail.com:cortina Blackmisuper2@yahoo.com.hk:ascszh5m Blackmon41@aol.com:dizzy41 blacknigi@yahoo.com:mercury Blackninj@hotmail.com:john0000 Blackninja_tj@hotmail.com:75167516 Blackninjarat@hotmail.com:thailand blacknite_tk@hotmail.com:psalms23 Blacknova81@aol.com:virgo81 blacknsilver337@msn.com:a250racer Blackout2@shaw.ca:mantra Blackoutproduct@yahoo.com:dxsuckit blackpearlcandy@hotmail.com:christmas Blackpink_ganaa@yahoo.com:kj911111 Blackpit@ish.de:DB2000 Blackpool3@aol.com:spiegel Blackporsche82@yahoo.com:gsxr1100 blackpower007@hotmail.com:4142black Blackprinceatfvsu@yahoo.com:cascade Blackprincerich@hotmail.co.uk:wedding74 blackprincess_972@msn.com:080289 Blackproductionsent@yahoo.com:mr.black Blackragnarok@hotmail.com:062408 Blackraven15@yahoo.com:ironroof71 Blacks9885@yahoo.com:642590 Blacksandrine@hotmail.com:paperbooks Blackshuck_84@hotmail.com:loveisonlyafeeling Blacksmhong@hotmail.com:justain1 Blackspiderent@yahoo.com:biglifes Blackstar189@hotmail.com:afrika Blackstar58_8@hotmail.com:jazmin Blackstarfallen@hotmail.com:smoochies Blacksteele2002@yahoo.com:sandman Blackstone_241@hotmail.com:hotmail Blackstyle99@gmail.com:Ardfac1! Blacktone234@yahoo.com:uhyeah Blacktowergirl@hotmail.co.uk:munchies Blacktrognon94@msn.com:tapasima Blackwater_2k@yahoo.com:786786 Blackwel@etsu.edu:bearclaw Blacky1981@aol.com:hershey Blackzeal101@yahoo.com:ojay231 Bladdersplatter@gmail.com:shadow1982 Bladdy_007@hotmail.com:014252426 blade_ryka@hotmail.com:boat90 Bladefast@gmail.com:mama3ayno Via: DROPBOX.COM Hacked Second Teaser - Pastebin.com Altele: http://pastebin.com/NtgwpfVm Altele: http://pastebin.com/CsN3SrGA