Nytro

Hackers Tell the Story of the Twitter Attack From the Inside Several people involved in the events that took down Twitter this week spoke with The Times, giving the first account of what happened as a pursuit of Bitcoin spun out of control. Twitter’s headquarters in San Francisco. Interviews indicate that an attack on well-known accounts was the work of a group of young people, not a nation or a sophisticated network.Credit...Jim Wilson/The New York Times By Nathaniel Popper and Kate Conger Published July 17, 2020Updated July 18, 2020, 12:08 a.m. ET OAKLAND, Calif. — A Twitter hacking scheme that targeted political, corporate and cultural elites this week began with a teasing message between two hackers late Tuesday on the online messaging platform Discord. “yoo bro,” wrote a user named “Kirk,” according to a screenshot of the conversation shared with The New York Times. “i work at twitter / don’t show this to anyone / seriously.” He then demonstrated that he could take control of valuable Twitter accounts — the sort of thing that would require insider access to the company’s computer network. The hacker who received the message, using the screen name “lol,” decided over the next 24 hours that Kirk did not actually work for Twitter because he was too willing to damage the company. But Kirk did have access to Twitter’s most sensitive tools, which allowed him to take control of almost any Twitter account, including those of former President Barack Obama, Joseph R. Biden Jr., Elon Musk and many other celebrities. Despite global attention on the intrusion, which has shaken confidence in Twitter and the security provided by other technology companies, the basic details of who were responsible, and how they did it, have been a mystery. Officials are still in the early stages of their investigation. But four people who participated in the scheme spoke with The Times and shared numerous logs and screen shots of the conversations they had on Tuesday and Wednesday, demonstrating their involvement both before and after the hack became public. The interviews indicate that the attack was not the work of a single country like Russia or a sophisticated group of hackers. Instead, it was done by a group of young people — one of whom says he lives at home with his mother — who got to know one another because of their obsession with owning early or unusual screen names, particularly one letter or number, like @y or @6. The Times verified that the four people were connected to the hack by matching their social media and cryptocurrency accounts to accounts that were involved with the events on Wednesday. They also presented corroborating evidence of their involvement, like the logs from their conversations on Discord, a messaging platform popular with gamers and hackers, and Twitter. Playing a central role in the attack was Kirk, who was taking money in and out of the same Bitcoin address as the day went on, according to an analysis of the Bitcoin transactions by The Times, with assistance from the research firm Chainalysis. But the identity of Kirk, his motivation and whether he shared his access to Twitter with anyone else remain a mystery even to the people who worked with him. It is still unclear how much Kirk used his access to the accounts of people like Mr. Biden and Mr. Musk to gain more privileged information, like their private conversations on Twitter. The hacker “lol” and another one he worked with, who went by the screen name “ever so anxious,” told The Times that they wanted to talk about their work with Kirk in order to prove that they had only facilitated the purchases and takeovers of lesser-known Twitter addresses early in the day. They said they had not continued to work with Kirk once he began more high-profile attacks around 3:30 p.m. Eastern time on Wednesday. “I just wanted to tell you my story because i think you might be able to clear some thing up about me and ever so anxious,” “lol” said in a chat on Discord, where he shared all the logs of his conversation with Kirk and proved his ownership of the cryptocurrency accounts he used to transact with Kirk. “lol” did not confirm his real-world identity, but said he lived on the West Coast and was in his 20s. “ever so anxious” said he was 19 and lived in the south of England with his mother. Investigators looking into the attacks said several of the details given by the hackers lined up with what they have learned so far, including Kirk’s involvement both in the big hacks later in the day and the lower-profile attacks early on Wednesday. The Times was initially put in touch with the hackers by a security researcher in California, Haseeb Awan, who was communicating with them because, he said, a number of them had previously targeted him and a Bitcoin-related company he once owned. They also unsuccessfully targeted his current company, Efani, a secure phone provider. The user known as Kirk did not have much of a reputation in hacker circles before Wednesday. His profile on Discord had been created only on July 7. But “lol” and “ever so anxious” were well known on the website OGusers.com, where hackers have met for years to buy and sell valuable social media screen names, security experts said. For online gamers, Twitter users and hackers, so-called O.G. user names — usually a short word or even a number — are hotly desired. These eye-catching handles are often snapped up by early adopters of a new online platform, the “original gangsters” of a fresh app. Users who arrive on the platform later often crave the credibility of an O.G. user name, and will pay thousands of dollars to hackers who steal them from their original owners. Image A conversation between “ever so anxious” and Kirk regarding Twitter accounts for sale. A cryptocurrency account address has been redacted from the screenshot. Kirk connected with “lol” late Tuesday and then “ever so anxious” on Discord early on Wednesday, and asked if they wanted to be his middlemen, selling Twitter accounts to the online underworld where they were known. They would take a cut from each transaction. In one of the first transactions, “lol” brokered a deal for someone who was willing to pay $1,500, in Bitcoin, for the Twitter user name @y. The money went to the same Bitcoin wallet that Kirk used later in the day when he got payments from hacking the Twitter accounts of celebrities, the public ledger of Bitcoin transactions shows. The group posted an ad on OGusers.com, offering Twitter handles in exchange for Bitcoin. “ever so anxious” took the screen name @anxious, which he had long coveted. (His personalized details still sit atop the suspended account.) “i just kinda found it cool having a username that other people would want,” “ever so anxious” said in a chat with The Times. As the morning went on, customers poured in and the prices that Kirk demanded went up. He also demonstrated how much access he had to Twitter’s systems. He was able to quickly change the most fundamental security settings on any user name and sent out pictures of Twitter’s internal dashboards as proof that he had taken control of the requested accounts. The group handed over @dark, @w, @l, @50 and @vague, among many others. Image A screenshot, sent out by Kirk after he gave a customer access to an account, showing Twitter’s back end for the @R9 account. One of their customers was another well-known figure among hackers dealing in user names — a young man known as “PlugWalkJoe.” On Thursday, PlugWalkJoe was the subject of an article by the security journalist Brian Krebs, who identified the hacker as a key player in the Twitter intrusion. Discord logs show that while PlugWalkJoe acquired the Twitter account @6 through “ever so anxious,” and briefly personalized it, he was not otherwise involved in the conversation. PlugWalkJoe, who said his real name is Joseph O’Connor, added in an interview with The Times that he had been getting a massage near his current home in Spain as the events occurred. “I don’t care,” said Mr. O’Connor, who said he was 21 and British. “They can come arrest me. I would laugh at them. I haven’t done anything.” Mr. O'Connor said other hackers had informed him that Kirk got access to the Twitter credentials when he found a way into Twitter’s internal Slack messaging channel and saw them posted there, along with a service that gave him access to the company’s servers. People investigating the case said that was consistent with what they had learned so far. A Twitter spokesman declined to comment, citing the active investigation. All of the transactions involving “lol” and “ever so anxious” took place before the world knew what was going on. But shortly before 3:30 p.m., tweets from the biggest cryptocurrency companies, like Coinbase, started asking for Bitcoin donations to the site cryptoforhealth.com. “we just hit cb,” an abbreviation for Coinbase, Kirk wrote to “lol” on Discord a minute after taking over the company’s Twitter account. The public ledger of Bitcoin transactions shows that the Bitcoin wallet that paid to set up cryptoforhealth.com was the wallet that Kirk had been using all morning, according to three investigators, who said they could not speak on the record because of the open investigation. In several messages on Wednesday morning, “ever so anxious” talked about his need to get some sleep, given that it was later in the day in England. Shortly before the big hacks began, he sent a phone message to his girlfriend saying, “nap time nap time,” and he disappeared from the Discord logs. Kirk quickly escalated his efforts, posting a message from accounts belonging to celebrities like Kanye West and tech titans like Jeff Bezos: Send Bitcoin to a specific account and your money would be sent back, doubled. Shortly after 6 p.m., Twitter seemed to catch up with the attacker, and the messages stopped. But the company had to turn off access for broad swaths of users, and days later, the company was still piecing together what had happened. Twitter said in a blog post that the attackers had targeted 130 accounts, gaining access and tweeting from 45 of that set. They were able to download data from eight of the accounts, the company added. “We’re acutely aware of our responsibilities to the people who use our service and to society more generally,” the blog post read. “We’re embarrassed, we’re disappointed, and more than anything, we’re sorry.” When “ever so anxious” woke up just after 2:30 a.m. in Britain, he looked online, saw what had happened and sent a disappointed message to his fellow middleman, “lol.” “i’m not sad more just annoyed. i mean he only made 20 btc,” he said, referring to Kirk’s Bitcoin profits from the scam, which translated to about $180,000. Kirk, whoever he was, had stopped responding to his middlemen and had disappeared. Correction: July 17, 2020 An earlier version of this article misstated the age of a hacker whose screen name was "ever so anxious." The hacker is 19, not 21. Nathaniel Popper covers finance and technology. He is the author of “Digital Gold: Bitcoin and the Inside Story of the Misfits and Millionaires Trying to Reinvent Money.” He previously worked at The Los Angeles Times and The Forward. @nathanielpopper • Facebook Kate Conger is a technology reporter in San Francisco, covering privacy, policy and labor. Previously, she wrote about cybersecurity for Gizmodo and TechCrunch. @kateconger Sursa: https://www.nytimes.com/2020/07/17/technology/twitter-hackers-interview.html

@yoyois In teorie se poate ca un driver care se instaleaza automat cand introduci un device intr-un port (e.g. USB) sa infecteze OS-ul, in practica, cel putin pe Windows x64, e necesar ca driver-ul sa fie semnat de catre Microsoft WHQL (daca e modificat, semnatura nu mai e valida). Nu conteaza ca driver-ul e vulnerabil, conteaza ca OS-ul sa fie. Cand driver-ul e vulnerabil un proces user-mode poate face privilege escalation in ring 0 (rin 1 si 2 nu sunt folosite de catre OS-urile moderne). Asadar nu se poate instala un driver modificat (Windows x64). Pe Linux nu stiu daca exista ceva de genul, dar cred ca Linux sta mai bine la capitolul drivere by-default in kernel. @tjt Foarte probabil acel OS sau driverele sale au un bug in functionalitate de parsare a sistemului de fisiere. In anumite conditii acest lucru poate fi exploatabil, dar cred ca e destul de dificil, mai ales cu protectiile disponibile in sistemele de operare moderne. Dar cu siguranta se poate intampla ce ai mentionat. De fapt, am patit ceva asemanator la o firma unde am lucrat, OS Embedded (Linux) cu JFFS2 ca filesystem. La anumite fisiere mai mari, cand nu mai era prea mult spatiu disponibil crapa. Cred ca bug-ul respectiv se putea reproduce printr-un device extern.

VPN firm that claims zero logs policy leaks 20 million user logs JULY 16TH, 2020 SUDAIS ASIF by Sudais Asif on July 16th, 2020 The VPN company in the discussion is a Hong Kong-based UFO VPN owned by Dreamfii HK Limited. Perhaps, the most ironic moments in the cybersecurity world occur when those who promise to protect your online privacy cannot guard their own turf. We’ve seen this happen from time to time with security firms getting hacked themselves. Another similar case has emerged recently when the database of a Hong Kong-based VPN provider called UFO VPN was exposed with more than 20 million users logs. Discovered by researchers from Comparitech on July 1st, 2020; the exposure occurred due to the database hosted on an Elasticsearch cluster being left without any password. See: PureVPN claimed it does not keep logs, yet it provided user logs to the FBI Worth 894 GB, the data allegedly included plaintext passwords, IP addresses, timestamps of user connections, session tokens, information of the device, and OS being used along with geographical information in the form of tags. The implications of this are pretty dangerous in that not only user accounts are at risk of being taken over by malicious actors but users can also be tracked online. Furthermore, using the session tokens, any encrypted data that someone gains access to could also be decrypted rendering the entire concept of encryption useless in this scenario. This, as Comparitech has rightly pointed out, goes against the service provider’s privacy policy and the promises of a zero log policy it has communicated to its users: UFO VPN does not collect, monitor, or log any traffic or use of its Virtual Private Network service, under any circumstances, on any platform. See: Israeli firm buys Private Internet Access (PIA) VPN raising privacy concerns The incident was reported to UFO VPN and the database was secured yesterday on 15 July. The company, on the other hand, claims that due to the certain employee being changed because of the Coronavirus, the issue could not be identified earlier stating the following: In this server, all the collected information is anonymous and only be used for analyzing the user’s network performance & problems to improve service quality. So far, no information has been leaked. This though of course if what the company seems to be saying to mitigate the damage to its reputation with the facts clearly suggesting otherwise. For the future, hence, it remains to see if the firm improves its security practices and how many users jump ship. Users of the provider are suggested to immediately change their account passwords as they may be at risk. Did you enjoy reading this article? Do like our page on Facebook and follow us on Twitter. Sursa; https://www.hackread.com/vpn-firm-zero-logs-policy-leaks-20-million-user-logs/

Salut, intrebarea suna ciudat dar are sens. Tastatura sau alte device-uri vin cu propriul microcontroller care ruleaza cod. In principiu nu se poate face nimic, dar teoretic, daca ar fi un dispozitiv indeajuns de avansat si ar avea o procedura de update de firmare s-ar putea ajunge la asa ceva. Daca ar avea, de asemenea, ar trebui sa verifice integritatea firmware-ului la care se face update/upgrade pe baza unei semnaturi digitale. Se cunoaste faptul ca in sistemele de operare moderne (datorita arhitecturii procesoarelor) exista o separare de privilegii la nivel de "ring" unde ring0 = Kernel mode, sistemul de operare care are acces la toate resursele iar ring3 = usermode care e mult mai limitat. Dar se poate vede si altfel aceasta problema daca intram mai in adancime in problema: Cu alte cuvinte, exista de exemplu chiar si in procesor in firmware care permite executia codului assembler (in machine code) pe care il cunoastem. Se poate face update la el asa cum s-a intamplat cand au aparut vulnerabilitati in procesoare gen Specter sau Meltdown cand pentru fix a fost necesar update de microcode (firmware de procesor). Exact acelasi lucru se poate intampla si cu alte device-uri. De exemplu placi video. Sau BIOS. Sau mai stiu eu ce. Si ca sa rezum problema, daca un device e indeajuns de avansat incat sa aiba (doar ca exemplu) functionalitati gen firmware update, in teorie (si in practica daca e vulnerabil la asa ceva si nu verifica aceste firmware updates) se poate infecta si cand ajunge pe un alt device sa fie in continuare infectat. De asemenea, un antivirus de exemplu nu are ce sa faca. PS: Asta nu inseamna ca acel device infectat va putea lua controlul asupra calculatorului la care e conectat ulterior. Sistemul de operare prin functionalitati gen Plug & Play si standarde gen PCI Express, USB sau altele, permit doar un numar de actiuni si nu sa faca ceea ce doresc. Acel device infectat va fi limitat la device-ul in sine, nu s-ar putea existinde la alte device-uri sau la sistemul de operare (decat desigur, daca exista probleme de securitate in OS). Sper ca ajuta.

Am fost sunat de catre cineva de la compania de telecomunicatii si am patit acest lucru, dar asta se intampla de fiecare data, indiferent ca e vorba de un serviciu, o banca si mai stiu eu ce. Mi se par doua lucruri idioate: 1. Ma pune sa fiu de acord ca apelul sa fie inregistrat cand eu sunt cel apelat 2. Imi cere o data personala (sigur, nu CNP, lucruri mai marunte gen data nasterii) dar nu mi se pare normal sa le dau unei persoane la intamplare care ma suna Eu de obicei ii intreb si pe ei daca sunt de acord ca apelul sa fie inregistrat (desi nu fac asta) si sa imi confirme ca sunt de la serviciul respectiv si ca au anumite date despre mine. Uneori a mers. Problema e urmatoarea: majoritatea inchid (si se mai si supara pe mine ) si e posibil sa nu aflu lucruri utile. Am patit asta la banca, dar am avut noroc ca am primit si SMS. Voi ce parere aveti despre asta? Sunt prea paranoic? Voi ce faceti? Cum e din punct de vedere legal? Pe de-o parte inteleg ca imi protejeaza datele personale, pe de alta parte nu prea.

Nu prea avem cum sa te ajutam noi, fiecare platforma web imensa, ca Facebook, are proceduri proprii pentru astfel de situatii. Daca nu merge ceva (e.g. nu primesti SMS) va trebui probabil sa iei legatura cu cineva de la Support sa te ajute.

Probabil cineva de la Support, angajati care by design au acces la productie. Poate lumea o sa ia mai in serios acum acel "insider threat" pe care toti il considera o porcarie...

Hackers Convinced Twitter Employee to Help Them Hijack Accounts After a wave of account takeovers, screenshots of an internal Twitter user administration tool are being shared in the hacking underground. By Joseph Cox July 16, 2020, 2:14a IMAGE: CHRIS RATCLIFFE/BLOOMBERG VIA GETTY IMAGES A Twitter insider was responsible for a wave of high profile account takeovers on Wednesday, according to leaked screenshots obtained by Motherboard and two sources who took over accounts. On Wednesday, a spike of high profile accounts including those of Joe Biden, Elon Musk, Bill Gates, Barack Obama, Uber, and Apple tweeted cryptocurrency scams in an apparent hack. "We used a rep that literally done all the work for us," one of the sources told Motherboard. The second source added they paid the Twitter insider. Motherboard granted the sources anonymity to speak candidly about a security incident. A Twitter spokesperson told Motherboard that the company is still investigating whether the employee hijacked the accounts themselves or gave hackers access to the tool. The accounts were taken over using an internal tool at Twitter, according to the sources, as well as screenshots of the tool obtained by Motherboard. One of the screenshots shows the panel and the account of Binance; Binance is one of the accounts that hackers took over today. According to screenshots seen by Motherboard, at least some of the accounts appear to have been compromised by changing the email address associated with them using the tool. In all, four sources close to or inside the underground hacking community provided Motherboard with screenshots of the user tool. Two sources said the Twitter panel was also used to change ownership of some so-called OG accounts—accounts that have a handle consisting of only one or two characters—as well as facilitating the tweeting of the cryptocurrency scams from the high profile accounts. Twitter has been deleting some screenshots of the panel and has suspended users who have tweeted them, claiming that the tweets violate its rules. Do you know anything else about these account hijackings, or insider data abuse at other companies? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com. The panel is a stark example of the issue of insider data access at tech companies. Whereas in other cases hackers have bribed workers to leverage tools over individual users, in this case the access has led to takeovers of some of the biggest accounts on the social media platform and tweeted bitcoin related scams in an effort to generate income. The screenshots show details about the target user's account, such as whether it has been suspended, is permanently suspended, or has protected status. One of the screenshots is a Twitter user posting images of the panel themselves. At the time of writing that account has been suspended. ONE OF THE SCREENSHOTS OF THE PANEL. ADDITIONAL REDACTIONS BY MOTHERBOARD. Data breach monitoring and prevention service Under The Breach obtained a similar screenshot and tweeted it as the worker hijacked several accounts. The person in control of the Under The Breach account told Motherboard Twitter then removed the tweet with the screenshot and suspended them for 12 hours. A message replacing the tweet now says it violated the Twitter rules. A SCREENSHOT SHOWING THE PANEL'S ACCESS TO BINANCE, ONE OF THE HACKED ACCOUNTS. IMAGE: MOTHERBOARD. A Twitter spokesperson told Motherboard in an email that, "As per our rules, we're taking action on any private, personal information shared in Tweets." After the publication of this piece, Twitter said in a tweet that "We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools." Other hijacked accounts include Mike Bloomberg, and cryptocurrency platforms Coinbase and Gemini. The accounts falsely announced they had partnered up with an organization called CryptoForHealth which claims it was going to provide people with bitcoin as long as they sent some to an address first. Shortly after the spike of takeovers, Twitter itself tweeted that users may be unable to reset their passwords or tweet while the company addresses the issue. Within an hour of the breach, Republican Sen. Josh Hawley wrote a letter to Twitter CEO Jack Dorsey asking for more information about the hack, including how the hack occurred, how many users were compromised, and whether the hack affected President Trump's account. Hawley said "please reach out immediately to the Department of Justice and the Federal Bureau of Investigation and take any necessary measures to secure the site before this breach expands." In 2017, a Twitter worker briefly deleted President Donald Trump's account before it was quickly reinstated. Two former Twitter employees previously abused their access to spy on users for the Saudi regime, according to the Justice Department. All tech companies face the issue of malicious insiders. Motherboard has previously revealed how Facebook employees used their privilege access to user data to stalk women; how Snapchat workers had a tool called Snaplion that provides information on users; and how MySpace employees abused a tool called "Overlord" to spy on users during the site's hayday. Update: This piece has been updated to include a response from Twitter and more information from a SIM swapping source. Sursa: https://www.vice.com/en_us/article/jgxd3d/twitter-insider-access-panel-account-hacks-biden-uber-bezos

Several High-Profile Accounts Hacked in the Biggest Twitter Hack of All Time July 15, 2020Ravie Lakshmanan Social media platform Twitter, earlier today on Wednesday, was on fire after it suffered one of the biggest cyberattacks in its history. A number of high-profile Twitter accounts, including those of US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon Musk, Uber, and Apple, were breached simultaneously in what's a far-reaching hacking campaign carried out to promote a cryptocurrency scam. The broadly targeted hack posted similar worded messages urging millions of followers to send money to a specific bitcoin wallet address in return for larger payback. "Everyone is asking me to give back, and now is the time," a tweet from Mr Gates' account said. "You send $1,000, I send you back $2,000." Twitter termed the security incident as a "coordinated social engineering attack" against its employees who access its internal tools. As of writing, the scammers behind the operation have amassed nearly $120,000 in bitcoins, suggesting that unsuspecting users have indeed fallen for the fraudulent scheme. "We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools," the company said in a series of tweets. "Internally, we've taken significant steps to limit access to internal systems and tools while our investigation is ongoing." It's not immediately clear who was behind the attack, or the attackers could have had access to direct messages sent to or from the affected accounts. The attack appears to have been initially directed against cryptocurrency-focused accounts, such as Bitcoin, Ripple, CoinDesk, Gemini, Coinbase and Binance, all of which were hacked with the same message: "We have partnered with CryptoForHealth and are giving back 5000 BTC to the community," followed by a link to a phishing website that has since been taken down. Following the tweets, the accounts for Apple, Uber, Mike Bloomberg, and Tesla and SpaceX CEO Elon Musk all posted tweets soliciting bitcoins using the exact same Bitcoin address as the one included on the CryptoForHealth website. Although the tweets from the compromised accounts have been deleted, Twitter took the extraordinary step of temporarily stopping many verified accounts marked with blue ticks from tweeting altogether. Account hijacks on Twitter have happened before, but this is the first time it's happened at such an unprecedented scale on the social network, leading to speculations that hackers grabbed control of a Twitter employee's administrative access to "take over a prominent account and tweet on their behalf" without knowing their passwords or two-factor authentication codes. Security researchers also found that the attackers had not only taken over the victims' accounts, but also changed the email address associated with the account to make it harder for the real user to regain access. Last year, Twitter chief executive Jack Dorsey's account was hacked in a SIM swapping attack, allowing an unauthorized third-party to post tweets via text messages from the phone number. Following the incident, Twitter discontinued the feature to send tweets via SMS earlier this year in most countries. Given the widespread scope of the campaign, the damage could have been far more catastrophic. But the motive of the adversaries seems to all but indicate this was a quick money-making scam. "The accounts appear to have been compromised in order to perpetuate cryptocurrency fraud," the FBI's San Francisco field office said in a statement. "We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident." Found this article interesting? Follow THN on Facebook, Twitter  and LinkedIn to read more exclusive content we post. Sursa: https://thehackernews.com/2020/07/verified-twitter-hacked.html

Dar, dar... 9gag e sursa mea de informatii

Singurla solutie pentru energie electrica nelimitata (care si functioneaza ca am testat si folosesc asta de ani de zile) e asta:

Te inseala, divertezi, problem solved. Nu vad cu ce ajuta sa citesti mesajele. Ca sa vezi cu cine? Ce mai conteaza? Ar fi mai simplu sa ii dai de baut si iti zice el. Poate il si stresezi putin.

Nu se transfera nimic automat. Ce poate sa faca e sa scaneze de porturi si sa gaseasca vreun serviciu vulnerabil, asa sa se "multiplice". Ceea ce e putin probabil. Acel RAT a ajuns la tine pentru ca probabil ai descarcat cine stie ce mizerie infectata. De unde stii ca ai RAT daca nu e detectabil? Instaleaza un antivirus adevarat, Kaspersky sau Bitdefender si scaneaza. Daca gasesc ceva, il sterg. Daca nu, nu il ai. Nu vine NSA sa lucreze ani de zile la bypassuri de AV pentru un RAT care sa ajunga la oameni random.

E vorba de simt civic. Daca vezi o fata ca ia bataie pe strada, ii iei apararea. Nu e chiar exemplu ideal dar principiul e acelasi. La fel si aici: oamenii sunt dobitoci, dar nu ar trebui lasati sa moara. La urma urmei e nevoie si de astfel de persoane pentru societate. Suntem egal in drepturi. Atat. Cursul vietii noastre depinde de capacitatea noastra de adaptare la conditiile si mediul in care traim. Unde inteligenta are un rol important.

Capt. Darwin vine sa va explice: doar cei puternici supravietuiesc. Inteligenta este necesara pentru supravietuire iar cei care urmaresc si accepta sfaturi de la astfel de persoane isi merita soarta.

A tricky URL spoofing bug that I reported two years ago to Mozilla and it is still working: https://spoof.lbherrera.me (reproducible only on Firefox). Sursa: https://twitter.com/lbherrera_/status/1280617786088329220

Eu consider ca votul electronic poate fi facut in siguranta. Sigur, centralizat. Cum e si acum, doar ca mai sigur si mai eficient. Baza: chestia aia care se prescurteaza "crypto" (si nu, nu e vorba de "crypto monede" ci de criptografie). Ce de acum nu e tocmai ideal. Cel putin acum X ani taica-meo vedea saci de voturi aruncati prin padure. Putem face totul mai bine. Si asta e doar una dintre probleme. PS: Exista si un mare dezavantaj: nu vom putea scrie "Muie PSD" pe buletinul de vot

Securitatea sistemelor de vot electronic Votul electronic este o propunere încă din anii 1960, gândită inițial pentru a diminua posibilitatea fraudării unui proces electoral, iar apoi, datorită creșterii accesului la Internet, și pentru a crește numărul cetățenilor cu drept de vot care participă la alegeri, respectiv pentru a permite cetățenilor din Diaspora unei țări, sau cetățenilor ce nu se pot deplasa la secții, să își exprime votul. Totuși, implementarea unui sistem de exprimare a votului pe internet pare să fie o provocare peste măsura capacității tehnologiei actuale. Scopul inițial, numărarea manuală a voturilor, un proces minuțios și vulnerabil, rămâne un candidat ideal pentru procesul de digitalizare. Alexandra Ștefănescu Technology Officer Articol complet: https://civiclabs.ro/ro/byproducts/securitatea-sistemelor-de-vot-electronic

404 Not found

Live: Guess who's back! After a rather long pause, Security Espresso's Meetups are back, in an online format! We're sure that you miss the gatherings and the beers, but rest assured it's all going to happen anyway! Our first virtual meetup will happen online and will be streamed to YouTube. Make sure to join our Telegram group if you didn't already so you can ask any questions you might have for the speakers: https://t.me/secespresso Without further ado, here are the speakers for Security Espresso Meet-up 0x23: 19:00 → 19:45 ☠️ Principles of heap-based exploits on Windows 7 & 10 x32 📣 Stefan Nicula - Senior Threat Researcher @ Avira Protection Labs, Twitter: @stefan_nicula A successful userland heap memory corruption exploit on Windows requires a good grasp on the mechanisms behind the Heap Manager. The talk aims to tackle Windows Heap Manager internals such as Backend vs Frontend Allocators, VirtualAlloc, heap memory layout, Windows 10 vs Windows 7 Heap Manager differences and Windows Heap Integrity protection. We will also explore heap exploit principles for Use-after-free and Double Free exploits like primitives, allocators, precise heap spraying, stack pivot and ROP chaining. In a future part 2 of the presentation, we will dive into more advanced techniques related to memory information leak, type confusion, abusing vtable pointers and Windows ATP protection bypasses. 19:45 → 20:00 ⏸ Break 20:00 → 20:45 🕶 Opsec guide for the security enthusiast 📣 Dan Demeter - Security Researcher @ GReAT, Twitter: @_xdanx 📣 Marco Preuss - Director @ GReAT, Europe, Twitter: @marco_preuss As more and more metadata is passively collected at a large scale, one might question the boundaries set by governments in regards to privacy and personal life. We believe privacy is a fundamental human right and, by using the right tools, it can still be achieved. During this beginner’s opsec guide we will present techniques and tools to protect your digital communications, as well as your equipment. Some covered topics: - Corporate communication crisis management - Encryption and secure communication - Physical device security - Network activity monitoring - Travelling to foreign countries 20:45 → ∞ 🍻 Virtual beer on Discord! Attendance policy: BYOD (bring your own drink). 🔗 Join us: https://discord.gg/7kCdJp8

Extensii ciudate de browser, click-uri pw cine stie ce site-uri, cu sau voia ta, iframe-uri de pe cine stie ce site-uri (desi nu cred ca ajung la visited) sai drag and drop la cine stie ce sau chiar Allow notifications... Nu stiu, pot fi multe cauze. Clear cache, history si tot ce e acolo, sters extensii si cam atat. Sau cine stie ce Adware de Mac, daca e Mac sau Linux nu inseamna ca nu poate lua Covid. Adica "virusi", doar ca necesita ceva interactiuni ca cele de mai sus sau gen instalare aplicatii ciudate.

Am trecut noi peste Sality, Confiqer... Trecem si peste Covid.

Nu conteaza, facem conferinta online apoi mergem la bere la gramada - maxim 4 la masa sau cat o mai fi. Si acolo ne batem joc de Gogoasa