MDGFULL

Problema este de la "benzi". In cele din urma asta ramane a fi singura problema. Multumesc tuturor pentru rapsunsuri!

Nu. Nu imi cere nimic. Se aprinde normal si imi scrie la status retea doar Retea blocata. Atat!

Sarbatori fericite si un an nou plin de impliniri,in primul rand! Am si eu un LG F6,are 3G/4G etc.,imi merge Orange/Telekom/Vodafone dar Digi nu. Imi arata retea blocata. Aveti idee cum pot face sa accepte si Digi? Telefonul nu este blocat. Este setat pe 3G (pot sa folosesc si2G exclusiv). V-as fi recunoscator daca m-ati ajuta! Toate bune!

Numai e oferta. Dar e alta oferta: $0.75 domeniul .xyz. Aici

Joining the new Internet revolution is as easy as .XYZ The internet name revolution is here! Now, web-addresses can end in almost anything and leading the way is .XYZ. Fast approaching 1 million registrations .XYZ has its sights firmly set on becoming the new .COM In celebration of the first anniversary of .XYZ, AlpNames is offering .XYZ domains at a discount price of $0.75 (RRP $9.50), BUT ONLY FOR THE FIRST 2000 REGISTRATIONS, so register yours NOW! Use the coupon code ‘CELEBRATE’ for your .XYZ domain! Aici

Ne iei la misto??? Raman uimit cum va faceti cate unii reclama... Auzi la el,cere invitatie si e free signup Asta e epica jur!

Oferta valabila la domeniile .science. Daca sunteti interesati de un domeniu free: Link

Apparently harmless document files that contain a malicious macro are commonly used by cybercriminals to distribute malware. However, malicious actors continue to improve their methods in an effort to evade detection. Security researcher Bart Blaze has come across a bogus invoice spam email apparently containing a Microsoft Word document (.doc). When the document is opened, if macros are not enabled, the user is instructed to enable macros in order to view the content. Once macros are enabled, the victim is presented with an image, while in the background a piece of malware is downloaded onto the computer. It’s worth noting that macros are disabled by default in Microsoft Office. Attaching malicious macros to documents is not uncommon, but the sample analyzed by Blaze is a bit different. The document is actually an MHTML, or a Multi-Purpose Internet Mail Extension (MIME) HTML file. MHTML (.mht) is a web page archive format used to combine HTML code and other resources (e.g. images, Java applets and Flash animations) in a single document. The malicious MHTML file contains an MSO object, which in turn contains an OLE object. When the file is launched, a VBS file is downloaded from Pastebin and executed. The VBS file is designed to download and execute a Trojan downloader, which in turn downloads a piece of malware. VirusTotal links provided by Blaze suggest that the final payload is a banking Trojan. The expert told SecurityWeek that the threat is very likely the notorious Dyre. The researcher has noted that attackers can build such malicious documents by creating an MHT file, appending the MSO object at the end, and renaming the resulting file with a .doc extension. The developer of olevba, a tool designed for the analysis of malicious macros hidden inside Microsoft Office documents, has pointed out that there is an even easier method. Cybercriminals can open a Word document with macros, save it as an MHTML from Word, and rename the file extension from .mht to .doc. Belgium-based researcher Didier Stevens, the developer of the OLE file analysis tool oledump, noted in a blog post that MSO files containing OLE files were previously seen in March, when cybercriminals were using XML Office documents to distribute the Dridex financial malware. “It seems obvious that malware authors are keeping up-to-date with the latest news and as such adapting their campaigns as well. Better be safe than sorry and don't trust anything sent via email,” Blaze advised in his blog post. “If you're in an organisation, you might want to consider blocking the execution of all macros (or only the ones that are digitally signed) by using GPO.” Sursa

Mail primit azi: Use "InterNeurons" coupon for a FREE .SCIENCE domain name now! Link L.E: Am postat ca poate mai sunt doritori care nu au prins oferta din martie...

Urata treaba... Sincer... Acum cum a zis si @Shukaru3510,bine ca nu au zis da-i colegu` ca te asteptam la colt ...

Eu am un Beltronics Vector 995. Sunt multumit de el. Pana acum nu am avut surprize cu el,mi-a prins cam tot,si in localitate si in afara,mobile dar si in miscare,de la o distanta destul de safe pentru mine,adica a avea timp sa "corectez" viteza. Nu am testat si alte detectoare. In alta ordine de idei,statia e sfanta. Nu conteaza ca mergi cu TIR-ul sau cu masina mica...

Adevarat a inviat!

Sa stii ca mi-ai dat tema de gandire. E cam ciudata treaba aici. Am citit acest exemplu. Aici era vorba de ceva oarecum asemanator. Sincer nu ma gandeam cat de usor poti pierde un domeniu. E bine de stiut acest lucru,multi dintre noi (presupun) au inregistrat un domeniu care sa "aduca" ,oarecum,la un brand.

Palo Alto Networks today shared details of a security vulnerability in the Android operating system that could allow an attacker to hijack the installation of a what appears to be a legitimate Android application and modify or replace it with malware. The network security firm said an estimated 49.5 percent of current Android users are impacted by the flaw, which if exploited, could potentially give attackers full access to a compromised device, including usernames, passwords, and sensitive data. Fortunately, the risk for most typical Android users is low, as the vulnerability only affects applications downloaded from third-party app stores, not the official Google Play store, which downloads files into a protected space and cannot be overwritten by an attacker. Discovered by Palo Alto Networks researcher Zhi Xu, the vulnerability exploits a flaw in Android’s “PackageInstaller” system service, allowing attackers to silently gain unlimited permissions in compromised devices, the company said. Android Hijacking VulnerabilityPalo Alto Networks summarized the flaw as follows: • During installation, Android applications list the permissions requested to perform their function, such as a messaging app requesting access to SMS messages, but not GPS location. • This vulnerability allows attackers to trick users by displaying a false, more limited set of permissions, while potentially gaining full access to the services and data on the user’s device, including personal information and passwords. • While users believe they are installing a flashlight app, or a mobile game, with a well-defined and limited set of permissions, they are actually running potentially dangerous malware. “On affected platforms, we discovered that the PackageInstaller has a ‘Time of Check’ to ‘Time of Use’ vulnerability,” the company explained in a blog post. “In layman’s terms, that simply means that the APK file can be modified or replaced during installation without the user’s knowledge. The Installer Hijacking vulnerability affects APK files downloaded to unprotected local storage only because the protected space of Play Store app cannot be accessed by other installed apps.” Palo Alto Networks said it has worked with Google and Android device manufacturers including Samsung and Amazon to help protect users and patch the vulnerability in affected versions of Android, however, some older-version Android devices may remain vulnerable. Palo Alto Networks recommends the following for enterprises concerned about the risk of malware through Android devices: • On vulnerable devices, only install software applications from Google Play; these files are downloaded into a protected space, which cannot be overwritten by the attacker. • Deploy mobile devices with Android 4.3_r0.9 and later, but keep in mind that some Android 4.3 devices are found to be vulnerable. • Do not provide apps with permission to access logcat. Logcat is a system log, which can be used to simplify and automate the exploit. Android 4.1 and later versions of Android by default forbid apps from accessing logcat of system and other installed apps. But an installed app could still manage to get access to other apps’ logcat on rooted mobile devices using Android 4.1 or later. • Do not allow enterprise users to use rooted devices with enterprise networks. According to Google, the Android Open Source Project includes patches for the vulnerability for Android 4.3 and later, which can be found here. According to Google’s Android Security Team, no attempts to exploit the vulnerability on user devices has been detected. Palo Alto Networks also released a vulnerability scanner app in the Google Play store which it has open sourced on Github. Ryan Olson, Unit 42 Intelligence Director at Palo Alto Networks, told SecurityWeek that no CVE has been assigned for the flaw, as Google did not request one. Additional technical details and information are available in the blog post from Palo Alto Networks. Sursa

The Supreme Court of India today struck down Section 66A of the Information Technology Act -- a controversial law that allowed law enforcement officials to arrest people for posting "offensive" comments on social networks and other internet sites. After hearing a clutch of petitions by defenders of free speech, the Supreme Court described the 2009 amendment to India's Information Technology Act known as section 66A as vague and ambiguous and beyond ambit of the constitutional right to freedom of speech. "Section 66A is unconstitutional and we have no hesitation in striking it down," said Justice R F Nariman, reading out the judgement. "The public's right to know is directly affected by section 66A." SECTION 66A OF THE IT ACT The Information Technology Act 2000 was amended in the year 2008 and this amended act contains the 66A section. Under this section, "Any person who sends, by means of a computer resource or a communication device, — 1. any information that is grossly offensive or has menacing character; or 2. any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will, persistently by making use of such computer resource or a communication device, 3. any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages, shall be punishable with imprisonment for a term which may extend to three years and with fine." SECTION 66A MISUNDERSTOOD But, the legality of section 66A has been in Question from years. The Supreme Court earlier had said that terms like 'illegal', 'grossly offensive' and 'menacing character' were vague expressions and were likely to be dangerously twisted and misused. Section 66A act stops people to share and express their different or controversial opinion freely that may not necessarily be dangerous or a subject of 'grossly offensive' and 'menacing character'. Like for example, Theory of Evolution may be a ‘false information’ for those religious people who believes that God created the whole world, but it may be useful information for those who study Science. CASES IN WHICH SECTION 66A IS MISUSED BY POLITICIANS In 2012, two young women – Shaheen Dhanda and Rinu Shrinivasan – were arrested in Palghar in Thane district, Mumbai under the Section 66A act for posting comments against the shutdown in Mumbai following Shiv Sena leader Bal Thackeray's death. The charges on two young ladies were later quashed by a Mumbai court, but this first case filled under Section 66A followed a number of arrests across the country for uploading political cartoons or posting comments on social network, which sparked outrage and fierce debate about online censorship in India. Some other controversial arrests under Section 66A of the IT act are as follows: • Recently, a class XII student was arrested for posting about Uttar Pradesh Minister Azam Khan on his Facebook timeline. • Businessman Ravi Srinivasan was booked by police for allegedly tweeting that the son of then union minister P Chidambaram, Karti Chidambaram, was 'corrupt'. • Last year, Devu Chodankar was arrested in Goa for writing on Goa+, a popular Facebook forum with over 47,000 members, that if elected to power, Modi would unleash a 'holocaust'. • Ambikesh Mahapatra, a Jadavpur University professor, was arrested in Kolkata for forwarding a cartoon about Mamata Banerjee. The government argued that the section 66A of the IT act was needed to protect the government data from hackers, to which the court was not at all impressed as this situation was already dealt with viruses and hacking for which Section 65 of the IT Act was relevant.

Unauthorized certificates for several Google domains were issued earlier this month by an Egypt-based company that obtained an intermediate certificate from the China Internet Network Information Center (CNNIC), the search giant reported on Monday. CNNIC, an organization under the Cyberspace Administration of China, operates certificates included in all major root stores. This means that certificates issued by the certificate authority (CA) are trusted by every popular web browser. The misused intermediate certificate has been revoked by CNNIC, and Google and Mozilla have taken steps to protect their users. Google security engineer Adam Langley has pointed out that Chrome and recent versions of Firefox would have rejected the fraudulent Google certificates because of public-key pinning. However, it is likely that misused certificates exist for other domains as well, Langley said. According to Google, the unauthorized certificates were discovered on March 20. CNNIC told the company that the intermediate certificate used to issue the fake Google certificates was given to Egypt-based MCS Holdings, which should have used it only to issue certificates for domains that they had registered. However, instead of storing the private key on a hardware security module, MCS installed it on a firewall device that acted as a man-in-the-middle (MitM) proxy. “These devices intercept secure connections by masquerading as the intended destination and are sometimes used by companies to intercept their employees’ secure traffic for monitoring or legal reasons,” Langley explained in a blog post. “The employees’ computers normally have to be configured to trust a proxy for it to be able to do this. However, in this case, the presumed proxy was given the full authority of a public CA, which is a serious breach of the CA system.” While in this case it appears that the traffic interception was limited to MCS’s internal network, such an intermediate certificate can be highly valuable for a malicious actor. “An attacker armed with a fraudulent SSL certificate and an ability to control their victim’s network could impersonate websites in a way that would be undetectable to most users. Such certificates could deceive users into trusting websites appearing to originate from the domain owners, but actually containing malicious content or software,” Mozilla’s security team said in a blog post. Both Google and Mozilla said they are considering taking further action. “When similar incidents have happened in the past, responses have included requiring additional audits to confirm that the CA updated their procedures, and using name constraints to constrain the CA’s hierarchy to certain domains,” Mozilla said. MCS Holdings could not be reached for comment. This isn’t the first time an organization issues unauthorized certificates for Google domains. Back in 2013, the French cybersecurity agency ANSSI issued such certificates and used them for MitM attacks on a private network. The agency blamed the incident on human error. Major browser vendors have been working over the past period on addressing certificate-related issues. Google’s Certificate Transparency project aims at fixing structural flaws in the SSL/TLS certificate system through a framework for monitoring and auditing certificates in nearly real-time. With the release of Firefox 37, Mozilla will introduce OneCRL, a new certificate revocation feature powered by a centralized list of blocked components. With the introduction of OneCRL, Firefox users will no longer have to update or restart the web browser in order to be protected. Sursa

Some of the IP phones designed by Cisco for small businesses are plagued by a vulnerability that allows a remote attacker to eavesdrop on conversations and make phone calls from affected devices, the company revealed last week. The unauthenticated remote dial vulnerability (CVE-2015-0670) affects version 7.5.5 and possibly later versions of Cisco Small Business SPA300 and SPA500 series IP phones.Cisco IP phones According to an advisory published by Cisco, the flaw is caused by improper authentication settings in the affected software’s default configuration. A remote, unauthenticated attacker can exploit the weakness by sending a maliciously crafted XML request to the targeted IP phone. Malicious actors could obtain sensitive information by listening in on audio streams from the device. They can also leverage the bug to make phone calls remotely from a vulnerable phone. “A successful exploit could be used to conduct further attacks,” Cisco said. “To exploit this vulnerability, an attacker may need access to trusted, internal networks behind a firewall to send crafted XML requests to the targeted device. This access requirement may reduce the likelihood of a successful exploit,” the company noted in its advisory. Cisco has confirmed the security hole, but updates that address this issue are not yet available. The company believes it’s unlikely for this medium severity vulnerability to be exploited. Until security updates become available, administrators are advised to enable XML execution authentication from the device’s settings menu, and limit network access to trusted users. The security hole was discovered by Chris Watts of Tech Analysis. In July 2014, the researcher reported two other flaws impacting Cisco SPA300 and SPA500 series IP phones: a cross-site scripting (XSS) vulnerability (CVE-2014-3313), and a vulnerability that can be exploited by a local attacker to execute arbitrary commands (CVE-2014-3312). At around the same time, Watts also identified a remote code execution flaw in Cisco modems. Earlier this month, Cisco announced the availability of security updates that fix vulnerabilities in Cisco Intrusion Prevention System (IPS), TelePresence Video Communication Server (VCS), Expressway, and TelePresence Conductor. Sursa

The number of reported phishing sites in China doubled last year, with US IP addresses blamed for “booming” numbers of attacks on systems inside the Great Firewall, according to new state-backed research. The report was released on Friday by the Internet Society of China and the National Computer Network Emergency Response Technical Team/Coordination Center of China, and picked up by state-run media. It claimed the volume of phishing sites increased 2.1 times from 2013 to 2014, to stand at 93,136 by the end of the year. It was also claimed that the authorities found 36,969 websites in the country had been interfered with and 40,186 webpages had backdoors inserted. Xinhua also reported that 4761 US IP addresses effectively controlled 5580 Chinese sites via backdoors, allowing remote access to computers in the Middle Kingdom. Beijing periodically releases stats like these to support its long-held narrative that it is a victim, not a perpetrator of cyber-attacks. Given the tight control the government and party have over all aspects of life in China, there’s no guarantee that the figures released last week are accurate. China is regularly placed in or near number one spot as a top source of global attack traffic in Akamai’s State of the Internet report, for example. The most recent one revealed China way out in the lead and increasing its share to 49% in Q3 2014 – up from 43% the previous quarter. The US was in second place, accounting for 17% of global attack traffic, up from 13% the previous quarter. Even this is no indication that Chinese hackers are the most prolific in the world – as compromised machines can be remotely controlled by attackers located anywhere. In a similar way, the fact that a large number of US IP addresses were accused of controlling thousands of Chinese websites does not indicate that the hackers behind such attacks were American, according to Charles Sweeney, CEO of web filtering firm Bloxx. “The IP addresses are no indicator of attack source and so whilst the Chinese may well have their suspicions, they could be jumping the gun accusing the US,” he told Infosecurity by email. “What the report does show is that China has plenty of its own security problems. Much like any other country it needs to be sure that it is robustly protecting is virtual parameters.” Sursa

Cisco on Friday shared details on what the company says is new breed of Point-of-Sale (PoS) malware that is more sophisticated and much better designed than previously seen PoS threats. Dubbed “PoSeidon” by Cisco, the malware has some resemblance to ZeuS and uses better methods to find card data than BlackPoS, the malware family reportedly used in the 2013 attack against Target and against Home Depot in 2014. According to Cisco, the malware scrapes memory to search out number sequences that specifically match up with formats used by Visa, MasterCard, AMEX and Discover, and goes as far as using the Luhn algorithm to verify that credit or debit card numbers are valid. “PoSeidon was professionally written to be quick and evasive with new capabilities not seen in other PoS malware,” members of Cisco’s Security Solutions team wrote in a blog post. “PoSeidon can communicate directly with C&C servers, self-update to execute new code and has self-protection mechanisms guarding against reverse engineering.” Some components of PoSeidon are illustrated in the following diagram created by Cisco: PoSeidon PoS Malware Features “At a high level, it starts with a Loader binary that upon being executed will first try to maintain persistence on the target machine in order to survive a possible system reboot,” Cisco’s team explained. “The Loader then contacts a command and control server, retrieving a URL which contains another binary to download and execute. The downloaded binary, FindStr, installs a keylogger and scans the memory of the PoS device for number sequences that could be credit card numbers. Upon verifying that the numbers are in fact credit card numbers, keystrokes and credit card numbers are encoded and sent to an exfiltration server.” The Keylogger component was potentially used to steal passwords and could have been the initial infection vector, Cisco said. Upon being run, the Loader checks to see if it’s being executed with one of these two file names: WinHost.exe or WinHost32.exe. If it is not, the malware will make sure that no Windows service is running with the name WinHost. Loader will copy itself to %SystemRoot%\System32\WinHost.exe, overwriting any file in that location that would happen to have the same name. Next, Loader will start a service named WinHost. According to Cisco, this method allows the threat to remain running in memory even if the current user logs off. If the Loader is not able to install itself as a service, it will try to find other instances of itself running in memory and terminate them. Once installed, the Loader attempts to communicate with one of the hardcoded C&C server and Associated IP Addresses: Domains Name Associated IP Addresses linturefa.com xablopefgr.com tabidzuwek.com lacdileftre.ru tabidzuwek.com xablopefgr.com lacdileftre.ru weksrubaz.ru linturefa.ru mifastubiv.ru xablopefgr.ru tabidzuwek.ru 151.236.11.167 185.13.32.132 185.13.32.48 REDACTED at request of Federal Law Enforcement 31.184.192.196 91.220.131.116 91.220.131.87 Once captured, PoSeidon exfiltrates the payment card numbers and keylogger data to servers, after being XORed and base64 encoded. Most of the command and control servers are currently hosted on .ru domains, Cisco said. Some of the known domains used for data exfiltration servers include: • quartlet.com • horticartf.com • kilaxuntf.ru • dreplicag.ru • fimzusoln.ru • wetguqan.ru Other domains and IPs that could indicate a compromise include: • linturefa.com • xablopefgr.com • tabidzuwek.com • linturefa.ru • xablopefgr.ru • tabidzuwek.ru • weksrubaz.ru • mifastubiv.ru • lacdileftre.ru • quartlet.com • horticartf.com • kilaxuntf.ru • dreplicag.ru • fimzusoln.ru • wetguqan.ru IP Addresses: • 151.236.11.167 • 185.13.32.132 • 185.13.32.48 • 31.184.192.196 • 91.220.131.116 • 91.220.131.87 “PoSeidon is another in the growing number of Point-of-Sale malware targeting PoS systems that demonstrate the sophisticated techniques and approaches of malware authors,” Cisco’s Security Solutions team noted. “Attackers will continue to target PoS systems and employ various obfuscation techniques in an attempt to avoid detection. As long as PoS attacks continue to provide returns, attackers will continue to invest in innovation and development of new malware families. Network administrators will need to remain vigilant and adhere to industry best practices to ensure coverage and protection against advancing malware threats.” In its annual Global Threat Intel Report, security firm CrowdStrike noted that criminals have been increasingly turning to ready-to-use PoS malware kits in the cyber-underground. According to Adam Meyers, vice president of intelligence at CrowdStrike, the price of these kits varied depending on their complexity, with some going for tens of dollars and others costing in the hundreds or thousands. In its report, CrowdStrike explained that the explosion of PoS malware may be mitigated by the adoption of EMV standards (Europay, MasterCard and Visa) as well as the growth of payment options such as Google Wallet and Apple Pay. Other point of sale malware used in recent attacks include vSkimmer, Dexter, Backoff, LusyPOS and Dump Memory Grabber, among others. In December 2014, researchers at Trend Micro came across a sample of a new PoS malware called “Poslogr” which appeared to be under development. Source

Mercy @Kronzy.

NU MA FAC RESPONSABIL DE EVENTUALELE PROBLEME APARUTE DACA INCERCI SA-L ROOTEZI. NU AM TESTAT. RISTI SAU NU E ALEGEREA TA. Vezi aici,aici si aici

Ai incercat pe XDA-Developers?

Aici ma bag si eu sa comentez si imi dau cu parerea: Da,ar fi absolut geniala ideea. Sunt membrii pe aici care posteaza diverse,fie in aria programare,fie tutoriale,fie orice,care ar avea subscriberi multi. Acum,exact cum s-a discutat si despre aplicatia pentru mobil,cei care stiu cum sta treaba sunt mai in masura sa discute despre implementare.

You made my day! Thank you!

Multumesc mult pentru share!