Search the Community

IDENTORY is an universal anti-detection browser, allowing on-the-fly creation of unique identities for any site. What is in the box? Real fingerprints IDENTORY provides a huge database of the most accurate hardware configurations. Maximum protection Innovative and multi-level fingerprint substitution system with operating system leaks protection. Complete privacy We do not collect usage information and all profiles are stored locally on your computer. User-friendly interface Maximum intuitive and functional interface, designed with great attention to detail. Maximum performance The application is optimized to start quickly and work simultaneously with 100 or more profiles. Cross-platform IDENTORY works stably on Windows, macOS (Intel / Apple Silicon) and Linux. Actuality IDENTORY uses the latest version of the Chromium core and is constantly updating automatically. All necessary tools Convenient work with proxy lists (import / check) and cookies (import / export / automatic gathering). Mobile device fingerprints Advanced browser-based emulation of mobile devices (iPad & iPhone). API and automation Programmatically creating profiles and browser automation (Puppeteer / Playwright / Selenium / CDP). Pricing Pricing starts from $49/ month. Billing periods of 1 month, 3 months, 6 months and 1 year are available for each plan. You can find detailed information about plans on the official website. Special offer are available for rstforums.com users: 20% discount on the first subscription with RSTFORUMS promo code. Contacts Website: https://identory.com News channel: https://t.me/identory Support: https://t.me/identory_support

Salut, folosesc Windows 10 Home si am uitat parola de la contul de administrator si m-am logat pe guest dar pe guest nu ma lasa sa folosesc comanda net user si nici sa instalez sau descarc programe pe el. Precizez ca am si K9 instalat pe el si am uitat parola si de la ala si nu ma lasa sa sterg sau mut bckd.sys din system32 ca sa fac bypass. Este vreo metoda sa reusesc sa fac bypass la K9 sau sa ma loghez in Contul de administrator ? (fara a avea nevoie de un Cd de reinstalare sau chestii dinastea, doar din cmd sau eu stiu..)

The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third parties to security event data to identify similar, or identical, indicators of malicious behavior. The framework is written in Go with a JavaScript frontend. Installation Please find the installation procedure at http://gosint.readthedocs.io/en/latest/installation.html There are three ways to get up and running: Bash install script Docker Manual installation Updates Updating is simple and encouraged as bugs are reported and fixed or new features are added. To update your instance of GOSINT, pull the latest version of GOSINT from the repository and re-run the build command to compile the updated binary. godep go build -o gosint Configuration GOSINT needs some quick initial configuration to start making use of the framework features. All the settings you will need to specify can be found under the "Settings" tab. Please find the configuration procedure at http://gosint.readthedocs.io/en/latest/configuration.html Use Please find the instructions for use at http://gosint.readthedocs.io/en/latest/use.html Download: GOSINT-master.zip Source: https://github.com/ciscocsirt/GOSINT

https://dojo.ministryoftesting.com/lessons/30-days-of-security-testing

Cisco Certified Network Associate(CCNA) Gives the necessary training to successfully implement the configuration and operation of networks in Medium and Large Companies Cisco CCNA Certification: CCNA is the basic level of Cisco Certifications. The certification as a Cisco Certified Network Associate is a basic knowledge of networking. A CCNA can install small to medium networks, configure and operate. He has the knowledge to both IPv4 and IPv6, IGRP, IP RIP, EIGRP, OSPF, Serial interfaces, VLANs, Ethernet, VOIP, Wi-Fi standards, VPN and access control with Access List CCNA Online Training The Cisco Online Curriculum Although web-based and available online through the Cisco E-learning Portal NETS PACE. The training may still only be offered in a classroom because the curriculum includes an extensive practical part in dealing with the technologies. Cisco Job Training Program The practical exercises on equipment from Cisco Systems (Network laboratory Cisco simulation program), they still receive broad basic knowledge of network technology. You will learn different types of networking products to know and deal with the design, troubleshooting and other general content. The training is essentially practical geared to support a TCP / IP Ethernet routed and switched networks. Find the list of Cisco CCNA Training Program Classes & Student Reviews, Course Fees,Modules Details and Ask the Experience trainers Source: Techjobs.sulekha.com/ccna-training

ITPRO.TV - MTA - Security Fundamentals - 98-367: Security Fundamentals English | mp4 | H264 1280x720 | AAC 2 ch | 8 hr 14 min | 2.71 GB eLearning In this episode, Daniel and Mike introduce you to some of the core security principles and practices that anyone looking to get into IT should be familiar with. Here they specifically discuss the CIA triad; Confidentiality, Integrity, and Availability. Contents Core Security Principles Episode Length:29 minutes, 43 seconds Core Security Principles Part 2 Episode Length:32 minutes, 40 seconds Physical Security Episode Length:34 minutes, 52 seconds Internet Security Episode Length:32 minutes, 14 seconds Wireless Security Episode Length:28 minutes, 53 seconds Topic Title:Understand operating system security User Authentication Episode Length:38 minutes, 31 seconds Permissions Episode Length:34 minutes, 5 seconds Password and Audit Policies Episode Length:34 minutes, 30 seconds Encryption Episode Length:33 minutes, 36 seconds Encryption Part 2 Episode Length:37 minutes, 51 seconds Email Protection and Malware Episode Length:29 minutes, 36 seconds Topic Title:Understand network security Dedicated Firewalls and NAP Episode Length:33 minutes, 29 seconds Network Isolation Episode Length:35 minutes, 29 seconds Protocol Security Episode Length:27 minutes Topic Title:Understand security software Client and Server Protection Episode Length:31 minutes, 37 seconds Screenshots:

Salut, Dell angajeaza pe mai multe pozitii. O lista completa o gasiti aici: https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/search/3792178 Cateva job-uri selectate: - Principal Consultant, Penetration Testing - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/principal-consultant-penetration-testing-75285 - Information Security Risk Management Advisor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/information-security-risk-management-advisor-78526 - Java Software Development Sr. Analyst - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/java-software-development-sr-analyst-80439 - Java Software Development Advisor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/java-software-development-advisor-79300 - Senior Security Specialist - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/senior-security-specialist-77371 - Network Security - Firewall Auditor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/network-security-firewall-auditor-75062 - Junior Linux Admin - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/junior-linux-admin-81076 - Level 2 Technical Support Analyst - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/level-2-technical-support-analyst-81957 - Windows System Administrator - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/windows-system-administrator-82417 - Software Testing Engineer - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/software-testing-engineer-82376 - Software Testing Jr. Engineer - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/software-testing-jr-engineer-82386 - McAfee ESM Security Advisor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/mcafee-esm-security-advisor-81648 Note: 1. Link-urile sunt cu referral, aceasta e procedura interna de recomandare. Avantajul e ca totul se rezolva mult mai repede si va pot ajuta cu ce informatii aveti nevoie despre o anumita pozitie. 2. Nu cred ca se poate lucra remote, trebuie sa fiti in Bucuresti. Exista totusi posibilitatea de a se lucra (din cand in cand) de acasa, pentru anumite pozitii (program de noapte de exemplu) poate chiar mereu. Daca aveti o intrebare imi puteti trimite un PM. // Nytro

GhostMail is a new secure email, chat and storage platform, with features like self-destructing emails and two factor login. It's free with 1GB space. Free Sign Up [en] | GhostMail

DoNotSpy10 is the world’s first antispy tool for Windows 10 Its straight-forward user interface allows you to manage how Windows 10 respects their privacy Microsoft introduces many new “diagnostic” features with Windows 10 These services help Microsoft collect usage data and thus to provide a better service However, collecting and sharing your data with one of the world’s leading technology companies puts your privacy at risk OfficialWebsite pxc-coding.com Download vers. (.//DoNotSpy10-1.0.0.1)

Scan: Filename: 1.apk Type: File Filesize: 262850 bytes Date: 14/05/2015 - 22:40 GMT+2 MD5: bf7b83bb02c4cfb714f176d68458b9a8 SHA1: 2fae38f3901003e2e14179f15fd35c3906a654b1 Status: Infected Result: 10/35 MaJyx Scanner | Results AVG Free - OK Avast - OK AntiVir (Avira) - OK BitDefender - Android.Trojan.AndroRAT.E Clam Antivirus - OK COMODO Internet Security - OK Dr.Web - Android.Spy.178.origin eTrust-Vet - OK F-PROT Antivirus - OK F-Secure Internet Security - Android.Trojan.AndroRAT.E G Data - Android.Trojan.AndroRAT.E IKARUS Security - OK Kaspersky Antivirus - HEUR:Trojan-Spy.AndroidOS.Sandr.a McAfee - OK MS Security Essentials - OK ESET NOD32 - OK Norman - OK Norton Antivirus - OK Panda Security - OK A-Squared - Android.Trojan.AndroRAT.E ( Quick Heal Antivirus - Android.Sandr.A Solo Antivirus - OK Sophos - Andr/SandRat-B Trend Micro Internet Security - OK VBA32 Antivirus - OK Zoner AntiVirus - OK Ad-Aware - Android.Trojan.AndroRAT.E BullGuard - Gen:Variant.Kazy.609906 FortiClient - OK K7 Ultimate - OK NANO Antivirus - OK Panda CommandLine - OK SUPERAntiSpyware - OK Twister Antivirus - OK VIPRE - OK Functi: Change logs v4.0: ----------------- * APK Encryption (AES, DES, TripleDES, Blowfish). * Assign custom package name for DJ server. * Remove certain features from the server. * Remove permissions from the server. * Call conversation recording. * Live update of currently running app on main panel. * User idle time on main panel. * Adjust volume on remote device (Alarm, Music, Notification, Ringer, System, Voice). * Check latency between DJ control panel and DJ server. * Make DJ server persistent even upon factory reset (Requires Root access). * Crash Reporter implemented to track DJ server bugs. * View Draft SMS messages. * Disconnect Me Forever now disables the DJ server instantly. * File Voyager supports UTF-8 encoding to support various languages. * Fixed several bugs. Dw: https://yadi.sk/d/pyksqqyGhDkrd Pas: fuckeTheDroid

Kaspersky Total Security 2015 delivers ultimate security for computers & mobile devices. It protects your privacy, finances, identity, photos and children against Internet threats – so no aspect of your digital security is left to chance. One product – with one license – safeguards your ‘digital life’, across your PC, Mac and Android devices. Get it now! Free Kaspersky Total Security 2015 (100% discount) - SharewareOnSale

Competitia de la Cyber Security Challenge UK, cea cu Flag Day, continua si in 2015. Enjoy! » Overview

Hi, Do you guys know good web security companies in Romania or surroundings? If so, please provide me their websites. Thank you

The nation’s first ever criminal case involving a hijacked wireless Internet connection came to light this month, prompting online security experts to warn that home Wi-Fi routers may be open to attack if not properly protected. Users need to set a password and switch on encryption, or their network can be hacked within minutes by someone close enough to eavesdrop on the wireless signal, such as a user in an adjacent apartment, said Yuichi Nozawa, a consultant with the government-affiliated Information-technology Promotion Agency (IPA), a body that advises on digital security. Cracking the security itself is relatively simple for one common form of encryption and can be done using free software. The IPA delivered the warning last Friday, a day after the rearrest of a man suspected of tapping into a nearby Wi-Fi network in Matsuyama, Ehime Prefecture. Hirofumi Fujita, 30, is separately on trial for allegedly stealing ¥16 million by obtaining online banking IDs and passwords as well as sending computer viruses to gain unauthorized remote access to other people’s computers. Moreover, the agency warned that hackers can use hijacked wireless networks to hide their identities, leading “even ordinary people with no criminal intention” to become the main suspects in cybercrimes, Nozawa said Monday. He said police sometimes identify suspects by the Internet access point used. A further problem lies in the fact that it is not easy for ordinary users to detect if their network has been hacked, he said. Many users remain unaware of the risks. In 2014, the IPA reported that more than 50 percent of households either had not set password protection on their home wireless network or were unsure whether it was active. But even if a wireless network is password-protected, it needs to use a newer form of encryption, as older ones can be cracked fairly easily. Older routers may offer Wired Equivalent Privacy (WEP) encryption as the default setting, which Nozawa said can be hacked. The alleged Ehime hacker is suspected of using this technique, deploying software that came as a free gift with an IT security magazine. Instead, Nozawa recommends using Wi-Fi Protected Access II, better known as WPA2, a higher form of encryption and one usually offered by newer network devices. The IPA recommends contacting manufacturers’ support teams to find out how to configure the security settings, as the procedure varies from device to device. Source

CWHH level 1 Advanced is a hands on courses which teaches using different security tools on both web security testing and network security testing. The course teaches you how to use the webtools so that you can test the webportals as a tester. If you are programmer then you can use the same webtools and write secure codes. leak source: Certified White Hat Hacker Level 1(Advanced) - Thieves-Team download: GirlShare - Download certified-white-hat-hacker-level-1-advanced.rar udemy: https://www.udemy.com/certified-white-hat-hacker-level-1-advanced/

CYBERGATE ENCRIPTADO AHORA: [info] Fecha del reporte: Tue, 16 Jun 2015 19:32:48 +0000 Archivo: CyberFUD.exe Tamaño: 2052237 bytes MD5: d530a87aa19d75b6b15015028eacf004 Estado: Limpio Detecciones: 0 de 35 (0%) [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean SPYNET 2.6 ENCRIPTADO AHORA: [info] Fecha del reporte: Tue, 16 Jun 2015 19:34:02 +0000 Archivo: SpyNetFUD.exe Tamaño: 2046093 bytes MD5: 5b9c84424a48942821b0f63c5af9d2fc Estado: Limpio Detecciones: 0 de 35 (0%) [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean DARKCOMET ENCRIPTADO AHORA: [info] Fecha del reporte: Tue, 16 Jun 2015 19:34:55 +0000 Archivo: DarkCometFUD.exe Tamaño: 2422413 bytes MD5: 7dc0186a7c18402b60b322356da976f3 Estado: Limpio Detecciones: 0 de 35 (0%) [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean Dw: Download DH Crypter [MOD MAGGICIANCOR] [100% FUD].rar Password: Indetectables.net - MaggicianCOr

Snapchat has deployed two factor authentication as part of its push to increase security across the popular selfie slinging app. The sexting swap shop allows users to set up SMS log-in verification that makes en-masse account hijacking more difficult, and better protects Snapchat's Snapcash money transfer system. The additional security measures are welcome, but devoted targeted attackers can still break into accounts by exploiting telecommunications providers' weak security identity checks to port phone numbers. Users of Snapchat version 9.9 will be able to activate the Login Verification feature on Android and iOS platforms. The extra security features are the latest efforts in a push to increase the platform's security chops which includes the launch of a HackerOne bug bounty, a regular transparency report, and the hiring of former Google social network security boss Jad Boutros as infosec head. Boutros has already said he aimsto build a "culture of security" at the company. The push follows Snapchat's legal trouble with the Federal Trade Commission stemming from incorrect claims photos and videos would "disappear forever" when it had remained on devices. The company also ran into trouble when some 4.6 million names and email addresses were breached in December 2013 after it dismissed that attack vector as theoretical. Source

Avast Internet Security 2015 Serial Keys Till 2017 .

Filename: Gerador Crypt By ~ Zeed.exe Type: File Filesize: 3747840 bytes Date: 08/06/2015 - 22:46 GMT+2 MD5: db22e83efba333f778b2a585e591fcc9 SHA1: 2e5082f993e22c8081694e9b7d80a4763c1f9a86 Status: Infected Result: 1/35 AVG Free - OK Avast - OK AntiVir (Avira) - OK BitDefender - OK Clam Antivirus - OK COMODO Internet Security - OK Dr.Web - OK eTrust-Vet - OK F-PROT Antivirus - OK F-Secure Internet Security - OK G Data - OK IKARUS Security - OK Kaspersky Antivirus - OK McAfee - OK MS Security Essentials - OK ESET NOD32 - OK Norman - OK Norton Antivirus - OK Panda Security - OK A-Squared - OK Quick Heal Antivirus - OK Solo Antivirus - OK Sophos - OK Trend Micro Internet Security - OK VBA32 Antivirus - OK Zoner AntiVirus - OK Ad-Aware - OK BullGuard - OK FortiClient - OK K7 Ultimate - OK NANO Antivirus - OK Panda CommandLine - OK SUPERAntiSpyware - OK Twister Antivirus - OK VIPRE - Trojan.Win32.Generic.pak=21cobra Download https://www.sendspace.com/file/egto0z

It is a new tool for analysis of Windows executable files, in order to quickly identify if this is or is not a malware. Most analyzes are based on the extraction of strings "ANSI" and "UNICODE" in disk, but also works with "Memory Dumps". Obviously, the latter option might compromise the security of your computer when you run the samples, so it's recommended make this in laboratory systems. Download https://docs.google.com/uc?id=0B74kMAGqImI9R1o4Q2Z1X054cjA

So many hacks, so few days in the week to write alarming stories about every one. Every weekend, WIRED Security rounds up the security vulnerabilities and privacy updates that didn’t quite rise to our level for in-depth reporting this week, but deserve your attention nonetheless. First the big stories: The FBI has a secret fleet of planes spying on you, and they are not alone. United Airlines grounded all its planes on Monday because false flight plans were being uploaded to the flight decks. The US Senate finally passed some NSA surveillance reform in the form of the USA Freedom Act–the first of its kind since Edward Snowden revealed the extent of the Big Brother nightmare that is domestic counter-terrorism in the 21st century. Facebook decided that revealing your location in Messenger isn’t a bug; it’s a feature! A feature you can now, thankfully, opt out of. And our own Andy Greenberg demonstrated that the front lines of the gun control debate are moving closer to home, as it’s now incredibly easily to build your own untraceable guns. But there was a lot of other news this week, summarized below. To read the full story linked in each post, click on the headlines. And be safe out there! —Emily Dreyfuss Chinese Hackers Access Four Million Federal Workers’ Payroll Data Another month, another massive breach of a federal agency revealed. Hackers based in China accessed the records of four million federal workers when they hacked the Office of Payroll Management (OPM) in an attack first discovered in April. Despite the agency’s focus on payroll, it’s not clear if any data was stolen that could lead to financial fraud; no direct deposit information was accessed, according to the Washington Post. Instead, the attackers may have been seeking data useful for identifying government staffers with security clearances, potentially to target them in future “spear phishing” attacks. The Department of Homeland Security has taken credit for identifying the attack with its EINSTEIN intrusion detection system. But critics are questioning why that years-in-development system couldn’t have caught the attack earlier. The Chinese government, per usual, has denied any involvement. The OPM intrusion marks the second major federal breach revealed this year, following news that Russian hackers accessed unclassified White House networks as well as those of the State Department. — Andy Greenberg California Senate Passes Bill Requiring Warrants To Search Electronic Devices Another small victory for opponents of the all-pervasive morass of electronic surveillance, at least in one state: the California senate unanimously passed the California Electronic Communications Privacy Act, a bill requiring law enforcement to obtain a search warrant or wiretap order prior to searching smartphones, laptops, or electronic devices, or accessing information stored on remote servers. The bill will be heard by the State Assembly this summer. — Yael Grauer Skype Bug Broke App on Android, iOS and Windows It only took Skype 24 hours to fix the bug, but for a moment, messaging “http://:” (without the quotes) in chat not only made Skype crash in Windows, Android, and iOS, but would immediately crash it again after restarting when Skype downloaded chat history for the server, meaning that clearing the chat history didn’t resolve the issue. This bug trailed on the heels of the iOS glitch discovered last week that caused iPhones to crash when sent a string of characters, though users are far more likely to type in http://: by accident than they are to text the complicated string of Arabic and English characters required to crash iOS devices. Before the fix was in, Skype users could get around the bug by installing an older version of Skype, or having the sender delete the offending message. — Yael Grauer Most Macs Vulnerable to Permanent Backdooring Macs shipped prior to mid-2014 are vulnerable to an exploit that would allow an attacker to permanently control the machine, even if you reinstall OS X or reformat the drive. The vulnerability, discovered by security researcher Pedro Vilaca, allows attackers to install malicious firmware that essentially overwrites the firmware that boots up the machine right after older Macs awake from sleep. The code is installed via one of the many security vulnerabilities found in web browsers such as Safari. One way to avoid this hack is to change your computer’s default setting to deactivate sleep mode. You can also download software to detect whether an attack has taken place, though the software won’t prevent it from happening. — Yael Grauer Twitter Just Killed Politwoops The greatest Twitter account you’ve never heard of is now dead. Politwoops, an online archive of public statements made–and deleted–by U.S. politicians on Twitter, was an online transparency project started in 2012 by the Sunlight Foundation. It was created to provide a record of ways that elected officials sometimes quietly reverse their messaging. Originally, Sunlight had permission to use Twitter’s API for the project, which used a human curation workflow to analyze the tweets. But the social networking service has now reneged, citing the expectation of privacy for all accounts. Sunlight Foundation points out that elected officials shouldn’t share the same expectations of privacy as private citizens do, and that transparency leads to accountability. Now it has one fewer tool to use on that mission. — Yael Grauer Now You, Too, Can Track FBI Spy Planes As you’ve probably heard by now, the FBI is flying spy planes over American cities, and they’re registered to at least 13 fictitious companies. The specific capabilities of these planes is unclear, but they may have high-tech cameras and perhaps even cell-site simulators to scoop up massive amounts of data. Luckily, tracking the planes themselves has proven to be a bit easier than determining their capabilities. L.A.-based technologist John Wiseman used public records request for flight routes and programmed a radio receiver to intercept airplane transmissions, allowing him to identify planes flying in L.A. in real time. You can do the same, by tapping into a database of 115 spy planes that engineer Brian Abelson created by looking up registration numbers associated with planes owned by FBI front companies, as revealed by the AP. Flight information and history is available on that link, and users can analyze the data set by registering for a free account at Enigma, the data search and discovery platform where Wiseman works. — Yael Grauer Source

Document Title: =============== iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1494 Release Date: ============= 2015-05-13 Vulnerability Laboratory ID (VL-ID): ==================================== 1494 Common Vulnerability Scoring System: ==================================== 3.4 Product & Service Introduction: =============================== Couldn`t you remember your lesson time? If you are a high-school student or a university one, you will be able easily to consult your weekly guide, using this App on your iPhone. You could choose your sujects following your plan and give them a colour for marking them at the end of the week. (Copy of the Homepage: https://play.google.com/store/apps/details?id=com.idalmedia.android.timetable&hl=it & https://itunes.apple.com/en/app/orariolezioni/id542313616) Abstract Advisory Information: ============================== The Vulnerability Laboratory Research Team discovered a persistent input validation vulnerability in the official iClassSchedule v1.6 iOS & Android mobile web-application. Vulnerability Disclosure Timeline: ================================== 2015-05-13: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Tel.Net srl Product: iClassSchedule - iOS & Android Mobile Web Application 1.6 iOS and 4.6 Android Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ An application-side validation vulnerability has been discovered in the official iClassSchedule v1.6 iOS & Android mobile web-application. The vulnerability allows an attacker to inject own script code as payload to the application-side of the vulnerable service function or module. The vulnerability is located in the `Aula (name input)` values of the vulnerable `iClass Calender` module. Local attackers are able to manipulate the `Aula name` input to compromise the `Calender Index` module. The execution point of the script code occurs on the application-side in the listing module by the manipulated name context field. The Apple iOS and Google Android mobile application versions are affected by the vulnerability. The security risk of the application-side web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.4. Exploitation of the application-side web vulnerability requires a privileged web-application user account and low or medium user interaction. Successful exploitation of the vulnerabilities result in persistent phishing mails, session hijacking, persistent external redirect to malicious sources and application-side manipulation of affected or connected module context. Vulnerable Module(s): [+] Aula Vulnerable Parameter(s): [+] name Affected Module(s): [+] iClass Calender Events Context (App Index) Proof of Concept (PoC): ======================= The persistent input validation web vulnerability can be exploited by local attackers with physical device access and with low user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. 1. Install the mobile application to your iOS or Android device 2. Open the application and add a new entry to the iclass calender index 3. Inject to the Aula name value your own script code (payload) for testings 4. Save the entry and move back to the iclass calender index of the app 5. The code executes because of the wrong encoding in the calender itself. Note: Export and Exchange of malicious context is possible! 6. Successful reproduce of the security vulnerability! Solution - Fix & Patch: ======================= The vulnerability can be patched by a secure parse and encode of the vulnerable name value in the iclass calender module. Restrict the name input and disallow usage of special chars to prevent persistent cross site scripting attacks. Security Risk: ============== The security risk of the persistent input validation web vulnerability in the name value is estimated as medium. (CVSS 3.4) Credits & Authors: ================== Vulnerability Laboratory [Research Team] - Katharin S. L. (CH) (research@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - vulnerability-lab.com/contact.php - evolution-sec.com/contact Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php Programs: vulnerability-lab.com/submit.php - vulnerability-lab.com/list-of-bug-bounty-programs.php - vulnerability-lab.com/register/ Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - [Evolution Security GmbH]™ -- VULNERABILITY LABORATORY - RESEARCH TEAM SERVICE: www.vulnerability-lab.com CONTACT: research@vulnerability-lab.com PGP KEY: http://www.vulnerability-lab.com/keys/admin@vulnerability-lab.com%280x198E9928%29.txt Source

Millions of routers and other embedded devices are affected by a serious vulnerability that could allow hackers to compromise them. The vulnerability is located in a service called NetUSB, which lets devices connected over USB to a computer be shared with other machines on a local network or the Internet via IP (Internet Protocol). The shared devices can be printers, webcams, thumb drives, external hard disks and more. NetUSB is implemented in Linux-based embedded systems, such as routers, as a kernel driver. The driver is developed by Taiwan-based KCodes Technology. Once enabled, it opens a server that listens on TCP port 20005 for connecting clients. Security researchers from a company called Sec Consult found that if a connecting computer has a name longer than 64 characters, a stack buffer overflow is triggered in the NetUSB service. If exploited, this kind of vulnerability can result in remote code execution or denial of service. Since the NetUSB service code runs in kernel mode, attackers who exploit the flaw could gain the ability to execute malicious code on the affected devices with the highest possible privilege, the Sec Consult researchers said in a blog post Tuesday. Many vendors integrate NetUSB into their products, but have different names for it. For example, Netgear calls the feature ReadySHARE, while others simply call it print sharing or USB share port. Sec Consult has confirmed the vulnerability in the TP-Link TL-WDR4300 V1, TP-Link WR1043ND v2 and Netgear WNDR4500 routers. However, after scanning firmware images from different manufacturers for the presence of the NetUSB.ko driver, they believe that 92 other products from D-Link, Netgear, TP-Link, Trendnet and ZyXEL Communications are likely vulnerable. The researchers also found references to 26 vendors in the NetUSB.inf client driver for Windows, so they believe many other vendors might also have vulnerable products. They’ve alerted the CERT Coordination Center (CERT/CC), the German CERT-Bund and Austrian CERT, who are working to notify the vendors. On some devices it’s possible for users to disable the feature from the Web-based administration interface or to block access to the port using the firewall feature. However, on some devices, like those made by Netgear, this is not possible, the researchers said. Many devices likely expose the NetUSB service to the local area network only, but there might be implementations that expose it to the Internet as well. Even when restricted to the local network only, the vulnerability still poses a high risk, because attackers can potentially exploit it if they compromise any computer from the local network or if they gain access to the network in some other way—for example, due to weak or no wireless password. As far as the Sec Consult researchers know, only TP-Link has released fixes so far. It has a release schedule for around 40 products. TP-Link, Netgear, D-Link and ZyXEL did not immediately respond to a request for comment. This vulnerability is just the latest in a long stream of basic security flaws found in consumer routers in recent years. “It is safe to say that vulnerability reports like these will continue to appear until a paradigm shift is enacted at the manufacturer level,” said Jacob Holcomb, a security analyst at Baltimore-based Independent Security Evaluators, via email. Holcomb has found many vulnerabilities in routers and other embedded devices over the past several years. Security Evaluators organized a router hacking contest at the DefCon security conference last year. The way in which vendors have implemented NetUSB in their products is egregious, Holcomb said. “For instance, hardcoded AES keys, the processing of unvalidated and untrusted data, and kernel integration are all red flags that should have been identified during the early stages of SDLC [software development lifecycle].” Source

Starbucks has rebuffed claims that its mobile app has been hacked, in the wake of reports that scores of its US customers have suffered from credit card fraud. The coffee chain’s US customers have been reporting the theft of hundreds of dollars from their credit cards, in a series of scams seemingly linked to auto top-ups on the Starbucks mobile app. Victims commonly receive emails saying the passwords and login details for Starbucks’ mobile app had been reset before receiving notice of fraudulent transactions. However, Starbucks denies its app has been hacked. In a statement, the coffee chain suggested the isolated reports of fraudulent activity on customers’ online accounts are down to password re-use or other lax security practices by its clients. Starbucks takes the obligation to protect customers’ information seriously. News reports that the Starbucks mobile app has been hacked are false. Like all major retailers, the company has safeguards in place to constantly monitor for fraudulent activity and works closely with financial institutions. To protect the integrity of these security measures, Starbucks will not disclose specific details but can assure customers their security is incredibly important and all concerns related to customer security are taken seriously. Occasionally, Starbucks receives reports from customers of unauthorized activity on their online account. This is primarily caused when criminals obtain reused names and passwords from other sites and attempt to apply that information to Starbucks. To protect their security, customers are encouraged to use different user names and passwords for different sites, especially those that keep financial information. Reports that hackers were targeting Starbucks mobile users – stealing from linked credit cards without knowing account numbers – first surfaced this week. Bob Sullivan, journalist and consumer advocate, was the the first to report on the scam. Sullivan recommends that all Starbucks consumers immediately disable auto-reload on the Starbucks mobile payments and gift cards. Criminals who obtain username and password credentials for Starbucks.com first drain a consumer’s stored value before siphoning off funds from their linked credit card. Starbucks reportedly allows consumers to move balances from one gift card to another. Hackers can also cash out by using a hijacked account to buy gift cards. These can then be sent to an arbitrary email address which can be trivially registered – without secondary confirmation – from within hijacked Starbucks accounts. In its statement, Starbucks said “customers are not responsible for charges or transfers they did not make. If a customer’s Starbucks Card is registered, their account balance is protected”, so those who have been left out of pocket will hopefully get their money back. The apparent scam appears to be limited to the US. El Reg understands that Starbucks customers in Europe and elsewhere outside North America have not been affected. Roy Tobin, a threat researcher at security software firm Webroot, recommended that consumers and businesses alike should re-examine their security practices. "Credentials leaked in previous cyber-attacks are likely to have been used to allow hackers to siphon off money from Starbucks' customers," Tobin said. "The key security take-away from this incident is the fact that as a company, your customers’ security information often doesn’t exist in a bubble. Passwords are frequently saved to browsers or documents, and are repeatedly re-used by customers across separate online accounts. Consumers should take steps to regularly change their passwords and avoid using the same password across multiple online services," he said. For businesses, the use of two-factor authentication technology can help mitigate against this class of threat, according to Tobin. "Companies must anticipate this vulnerability by implementing more rigorous security processes, making it harder for hackers to access their customers’ accounts," he added. "Best practice for mitigating this is the implementation of a two-factor authentication process that requires the user to verify their identity when logging in from a new device or location whenever financial details are accessed or used," he concluded. Source

Vulnerabilities in the Google App Engine cloud platform make it possible for attackers to break out of a first-level security sandbox and execute malicious code in restricted areas of Google servers, a security researcher said Friday. Adam Gowdiak, CEO of Poland-based Security Explorations, said there are seven separate vulnerabilities in the Google service, most of which he privately reported to Google three weeks ago. So far, he said, the flaws have gone unfixed, and he has yet to receive confirmation from Google officials. To exploit the flaws, attackers could use the freely available cloud platform to run a malicious Java application. That malicious Java app would then break out of the first sandboxing layer and execute code in the highly restricted native environment. Malicious hackers could use the restricted environment as a beachhead to attack lower-level assets and to retrieve sensitive information from Google servers and from the Java runtime environment. Technical details about the bugs, noted as issues 35 through 41, are available here, here, here, and here. In an e-mail to Ars, Gowdiak wrote: Gowdiak took to the Full Disclosure e-mail list to disclose the bugs and to call Google out for not responding to his private advisory, which he said included proof-of-concept exploit code. "It's been 3 weeks and we haven't heard any official confirmation / denial from Google with respect to Issues 37-41," Gowdiak wrote. "It should not take more than 1-2 business days for a major software vendor to run the received POC, read our report and / or consult the source code. This especially concerns the vendor that claims its 'Security Team has hundreds of security engineers from all over the world' and that expects other vendors to react promptly to the reports of its own security people." Google has received criticism in the past when its Project Zero has disclosed vulnerabilities in Windows and Mac OS X before Microsoft and Apple had patched them. Asked for comment on Gowdiak's Full Disclosure post, a Google spokesman issued the following statement: "A researcher recently reported a known issue affecting a preliminary layer of security in Google App Engine. We’re working with him to mitigate it; users don’t need to take any action." Source