Jump to content

Search the Community

Showing results for tags 'security'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

  1. IDENTORY is an universal anti-detection browser, allowing on-the-fly creation of unique identities for any site. What is in the box? Real fingerprints IDENTORY provides a huge database of the most accurate hardware configurations. Maximum protection Innovative and multi-level fingerprint substitution system with operating system leaks protection. Complete privacy We do not collect usage information and all profiles are stored locally on your computer. User-friendly interface Maximum intuitive and functional interface, designed with great attention to detail. Maximum performance The application is optimized to start quickly and work simultaneously with 100 or more profiles. Cross-platform IDENTORY works stably on Windows, macOS (Intel / Apple Silicon) and Linux. Actuality IDENTORY uses the latest version of the Chromium core and is constantly updating automatically. All necessary tools Convenient work with proxy lists (import / check) and cookies (import / export / automatic gathering). Mobile device fingerprints Advanced browser-based emulation of mobile devices (iPad & iPhone). API and automation Programmatically creating profiles and browser automation (Puppeteer / Playwright / Selenium / CDP). Pricing Pricing starts from $49/ month. Billing periods of 1 month, 3 months, 6 months and 1 year are available for each plan. You can find detailed information about plans on the official website. Special offer are available for rstforums.com users: 20% discount on the first subscription with RSTFORUMS promo code. Contacts Website: https://identory.com News channel: https://t.me/identory Support: https://t.me/identory_support
  2. Cisco Certified Network Associate(CCNA) Gives the necessary training to successfully implement the configuration and operation of networks in Medium and Large Companies Cisco CCNA Certification: CCNA is the basic level of Cisco Certifications. The certification as a Cisco Certified Network Associate is a basic knowledge of networking. A CCNA can install small to medium networks, configure and operate. He has the knowledge to both IPv4 and IPv6, IGRP, IP RIP, EIGRP, OSPF, Serial interfaces, VLANs, Ethernet, VOIP, Wi-Fi standards, VPN and access control with Access List CCNA Online Training The Cisco Online Curriculum Although web-based and available online through the Cisco E-learning Portal NETS PACE. The training may still only be offered in a classroom because the curriculum includes an extensive practical part in dealing with the technologies. Cisco Job Training Program The practical exercises on equipment from Cisco Systems (Network laboratory Cisco simulation program), they still receive broad basic knowledge of network technology. You will learn different types of networking products to know and deal with the design, troubleshooting and other general content. The training is essentially practical geared to support a TCP / IP Ethernet routed and switched networks. Find the list of Cisco CCNA Training Program Classes & Student Reviews, Course Fees,Modules Details and Ask the Experience trainers Source: Techjobs.sulekha.com/ccna-training
  3. Scan: Filename: 1.apk Type: File Filesize: 262850 bytes Date: 14/05/2015 - 22:40 GMT+2 MD5: bf7b83bb02c4cfb714f176d68458b9a8 SHA1: 2fae38f3901003e2e14179f15fd35c3906a654b1 Status: Infected Result: 10/35 MaJyx Scanner | Results AVG Free - OK Avast - OK AntiVir (Avira) - OK BitDefender - Android.Trojan.AndroRAT.E Clam Antivirus - OK COMODO Internet Security - OK Dr.Web - Android.Spy.178.origin eTrust-Vet - OK F-PROT Antivirus - OK F-Secure Internet Security - Android.Trojan.AndroRAT.E G Data - Android.Trojan.AndroRAT.E IKARUS Security - OK Kaspersky Antivirus - HEUR:Trojan-Spy.AndroidOS.Sandr.a McAfee - OK MS Security Essentials - OK ESET NOD32 - OK Norman - OK Norton Antivirus - OK Panda Security - OK A-Squared - Android.Trojan.AndroRAT.E ( Quick Heal Antivirus - Android.Sandr.A Solo Antivirus - OK Sophos - Andr/SandRat-B Trend Micro Internet Security - OK VBA32 Antivirus - OK Zoner AntiVirus - OK Ad-Aware - Android.Trojan.AndroRAT.E BullGuard - Gen:Variant.Kazy.609906 FortiClient - OK K7 Ultimate - OK NANO Antivirus - OK Panda CommandLine - OK SUPERAntiSpyware - OK Twister Antivirus - OK VIPRE - OK Functi: Change logs v4.0: ----------------- * APK Encryption (AES, DES, TripleDES, Blowfish). * Assign custom package name for DJ server. * Remove certain features from the server. * Remove permissions from the server. * Call conversation recording. * Live update of currently running app on main panel. * User idle time on main panel. * Adjust volume on remote device (Alarm, Music, Notification, Ringer, System, Voice). * Check latency between DJ control panel and DJ server. * Make DJ server persistent even upon factory reset (Requires Root access). * Crash Reporter implemented to track DJ server bugs. * View Draft SMS messages. * Disconnect Me Forever now disables the DJ server instantly. * File Voyager supports UTF-8 encoding to support various languages. * Fixed several bugs. Dw: https://yadi.sk/d/pyksqqyGhDkrd Pas: fuckeTheDroid
  4. Salut, folosesc Windows 10 Home si am uitat parola de la contul de administrator si m-am logat pe guest dar pe guest nu ma lasa sa folosesc comanda net user si nici sa instalez sau descarc programe pe el. Precizez ca am si K9 instalat pe el si am uitat parola si de la ala si nu ma lasa sa sterg sau mut bckd.sys din system32 ca sa fac bypass. Este vreo metoda sa reusesc sa fac bypass la K9 sau sa ma loghez in Contul de administrator ? (fara a avea nevoie de un Cd de reinstalare sau chestii dinastea, doar din cmd sau eu stiu..)
  5. The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third parties to security event data to identify similar, or identical, indicators of malicious behavior. The framework is written in Go with a JavaScript frontend. Installation Please find the installation procedure at http://gosint.readthedocs.io/en/latest/installation.html There are three ways to get up and running: Bash install script Docker Manual installation Updates Updating is simple and encouraged as bugs are reported and fixed or new features are added. To update your instance of GOSINT, pull the latest version of GOSINT from the repository and re-run the build command to compile the updated binary. godep go build -o gosint Configuration GOSINT needs some quick initial configuration to start making use of the framework features. All the settings you will need to specify can be found under the "Settings" tab. Please find the configuration procedure at http://gosint.readthedocs.io/en/latest/configuration.html Use Please find the instructions for use at http://gosint.readthedocs.io/en/latest/use.html Download: GOSINT-master.zip Source: https://github.com/ciscocsirt/GOSINT
  6. https://dojo.ministryoftesting.com/lessons/30-days-of-security-testing
  7. Salut, Dell angajeaza pe mai multe pozitii. O lista completa o gasiti aici: https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/search/3792178 Cateva job-uri selectate: - Principal Consultant, Penetration Testing - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/principal-consultant-penetration-testing-75285 - Information Security Risk Management Advisor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/information-security-risk-management-advisor-78526 - Java Software Development Sr. Analyst - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/java-software-development-sr-analyst-80439 - Java Software Development Advisor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/java-software-development-advisor-79300 - Senior Security Specialist - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/senior-security-specialist-77371 - Network Security - Firewall Auditor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/network-security-firewall-auditor-75062 - Junior Linux Admin - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/junior-linux-admin-81076 - Level 2 Technical Support Analyst - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/level-2-technical-support-analyst-81957 - Windows System Administrator - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/windows-system-administrator-82417 - Software Testing Engineer - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/software-testing-engineer-82376 - Software Testing Jr. Engineer - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/software-testing-jr-engineer-82386 - McAfee ESM Security Advisor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/mcafee-esm-security-advisor-81648 Note: 1. Link-urile sunt cu referral, aceasta e procedura interna de recomandare. Avantajul e ca totul se rezolva mult mai repede si va pot ajuta cu ce informatii aveti nevoie despre o anumita pozitie. 2. Nu cred ca se poate lucra remote, trebuie sa fiti in Bucuresti. Exista totusi posibilitatea de a se lucra (din cand in cand) de acasa, pentru anumite pozitii (program de noapte de exemplu) poate chiar mereu. Daca aveti o intrebare imi puteti trimite un PM. // Nytro
  8. ITPRO.TV - MTA - Security Fundamentals - 98-367: Security Fundamentals English | mp4 | H264 1280x720 | AAC 2 ch | 8 hr 14 min | 2.71 GB eLearning In this episode, Daniel and Mike introduce you to some of the core security principles and practices that anyone looking to get into IT should be familiar with. Here they specifically discuss the CIA triad; Confidentiality, Integrity, and Availability. Contents Core Security Principles Episode Length:29 minutes, 43 seconds Core Security Principles Part 2 Episode Length:32 minutes, 40 seconds Physical Security Episode Length:34 minutes, 52 seconds Internet Security Episode Length:32 minutes, 14 seconds Wireless Security Episode Length:28 minutes, 53 seconds Topic Title:Understand operating system security User Authentication Episode Length:38 minutes, 31 seconds Permissions Episode Length:34 minutes, 5 seconds Password and Audit Policies Episode Length:34 minutes, 30 seconds Encryption Episode Length:33 minutes, 36 seconds Encryption Part 2 Episode Length:37 minutes, 51 seconds Email Protection and Malware Episode Length:29 minutes, 36 seconds Topic Title:Understand network security Dedicated Firewalls and NAP Episode Length:33 minutes, 29 seconds Network Isolation Episode Length:35 minutes, 29 seconds Protocol Security Episode Length:27 minutes Topic Title:Understand security software Client and Server Protection Episode Length:31 minutes, 37 seconds Screenshots:
  9. GhostMail is a new secure email, chat and storage platform, with features like self-destructing emails and two factor login. It's free with 1GB space. Free Sign Up [en] | GhostMail
  10. The wireless industry continues to grow in leaps and bounds with more and more gadgets evolving to be wireless. Wireless access points, media centers, phones, and even security systems are commonplace in the average household. Unfortunately, the security that is implemented on this equipment is often lacking, opening the devices syto severe security vulnerabilities. In practice, many companies and organizations still use and deploy vulnerable wireless gear, often in their default configurations. This is most often due to poor security awareness or a lack of understanding of the risks and ramifications. Download: https://www.dropbox.com/s/bi60f383g4phbuu/Offensive%20Security%20Wireless%20Attacks%20-%20WiFu%20v3.0.7z?dl=0 pwd: rstforums.com
  11. DoNotSpy10 is the world’s first antispy tool for Windows 10 Its straight-forward user interface allows you to manage how Windows 10 respects their privacy Microsoft introduces many new “diagnostic” features with Windows 10 These services help Microsoft collect usage data and thus to provide a better service However, collecting and sharing your data with one of the world’s leading technology companies puts your privacy at risk OfficialWebsite pxc-coding.com Download vers. (.//DoNotSpy10-1.0.0.1)
  12. Bot http multitasking cu un atacuri DDoS func?ionale ?i altele. Descriere: ============================== List? de func?ii principale Betabot: ============================== * Nivel de sistem Userkit (Ring3 rootkit) Suporta 64 de \ 86 sisteme de bi?i. component intercepteaza rootkit apel x86 sistem func?ie nizkourovnennye (KiFastSystemCall ?i x86SwitchTo64BitMode) pentru a intercepta toate apelurile de sistem efectuate printr-un procedeu f?r? a l?sa urme vizibile de activit??i tale. Cârlige distan?? restaurat în mod automat bot. * ANTI-AV Module Folosind metoda ingineriei genetice sociale (scris în 12 limbi), care apare sub forma unei ferestre legal UAC, barca poate ridica drepturile lor la nivel de administrator. Dup? ob?inerea Betabot drepturi de administrator capabil s? incapacitatea mai mult de 30 de instrumente de antivirus! Rata de succes folosind aceast? metod? pentru aproximativ 70%! Aceast? func?ie este esen?ial? poate fi activat \ dezactivat prin intermediul panoului de control al re?elei bot! List? de instrumente anti-virus acceptate: AhnLab V3 Lite (numai XP) ArcaVir Avast! AVG Avira BitDefender (On config minim) BKAV BullGuard Emsisoft Anti-Malware ESET NOD32 / Smart Security F-PROT IS F-Secure GData IS Ikarus AV K7 AntiVirus Kaspersky AV / IS (doar versiunile mai vechi) Lavasoft Adaware AV Malwarebytes Anti-Malware McAfee Microsoft Security Essentials Norman AntiVirus Norton AntiVirus (numai Vista +) Outpost Firewall Pro Panda AV / IS Panda Cloud AV (versiunea gratuit?) PC Tools AntiVirus Cre?terea AV / IS Sophos Endpoint Antivirus Raport defensiva Trend Micro Vipre Webroot SecureAnywhere AV Windows Defender ZoneAlarm IS * MODUL anti-malware Acest modul v? permite s? scana?i Betabot de sistem (euristice) pentru prezen?a malware si distruge-le (Inclusiv necunoscut noi troieni \ \ virusi). Modul utile pentru cei care doresc s? "cure?e" sarcina lor de concuren?? în plus! * Modul de securitate bot Betabot Procesul \ fisierului bot \ Datele din registrul de Windows sunt sub protec?ia constant de la îndep?rtarea \ distrugere ?i include o varietate de metode (nu numai rootkit). La ?tergerea cheile de registry ?i fi?ier bot vor fi restaurate automat. Acest modul îmbun?t??e?te supravie?uire a desc?rc?ri dumneavoastr?! * Se injecteaz? în procesul de Betabot folose?te mai multe tehnologii samopisnyh injectare în procesul de a eluda o mul?ime de agen?i antivirali (în Runtime) Lista de runde: ArcaVir IS - bypass Avast - bypass Avast Internet Security - este injectat dar cauzeaza fereastr? Cutia cu nisip AVG Internet Security - bypass Avira - bypass Avira Internet Security - bypass BitDefender - bypass (în func?ie de set?rile) BullGuard - Încercarea de a ucide dup? o repornire Comodo - Fereastra Dr. Web - bypass ESET AV / ESET Smart Security - bypass F-Secure - bypass GData - Fereastra K7 AntiVirus - bypass Kaspersky Anti-Virus - bypass (în func?ie de set?rile) Kaspersky Internet Security - bypass (în func?ie de set?rile) McAfee Total Protection - bypass Norman IS - Fereastra Norton Internet Security - bypass Panda Internet Security 2013 - bypass PandaCloud - bypass PC Tools AntiVirus - bypass Rising IS - bypass Defensiva Total - bypass Trend Micro - bypass VIPRE - bypass ZoneAlarm - bypass * Modul Editor DNS Utilizeaza func?ie interceptare sunt esen?iale în victima responsabil pentru activitatea de DNS. Poate fi folosit pentru a înlocui produc?ia de loturile dumneavoastr? (de exemplu, prin phishing Facebook redirec?iona c?tre o pagin? p.r fals facebook.com 127.0.0.1) * C?utarea fi?ierelor Caut? fi?ierele din sistemul are set?ri flexibile ?i o varietate de filtre de cautare. Toate fi?ierele sunt ambalate într-o arhiv? ZIP ?i înc?rca?i la server. * Modulul form? Grabber Formele Rob din urm?toarele browsere: Mozilla Firefox (ultima versiune) Google Chrome (sprijin? SSL) Internet Explorer Toate jurnalele Formular hapsân convenabil sortate în panoul de control. * Modul Grabber FTP / POP3 / SSH Permite furt ?i parolele trimiterea în panoul de control. Totul are loc în timp real! (Putty, Filezilla, etc.) * Modul de protec?ie proactiv? (Aceast? func?ie este op?ional? ?i poate fi activat? \ dezactivat prin intermediul panoului de control) Oportunitati de protec?ie activ? mod bot în acest mod Betabot va bloca orice încercare de a instala software r?u inten?ionat în sistem, precum ?i pentru a detecta automat impotriva deja instalate ?i a le elimina din sistem amprenta! Uneori ai nevoie pentru a opri func?ia prin panoul de control (de exemplu, dac? dori?i s? desc?rca?i la RAT-ul progruz, inutil betabot-l distrug? în mod automat) ============================== Caracteristici suplimentare BETABOT: ============================== * <Size Build 150KB * <Editor Config * <Lock bootkit (nu instituie bootkits de familie Carberp / Rovnix / Gapz, etc.) * <Suport pentru 16 servere -------------------------- * <4 metode diferite de atacuri DDoS (UDP, HTTP inunda?ii, CONNECT-DECONECTA?I inunda?ii, SLOWLORIS FLOOD (KILL APACHE) - DDoS Slowloris de inunda?ii server de web Apache v? permite s? ucid? cu un num?r minim de boti - Conecta?i-Deconecta?i atacuri DDoS inunda?ii este o aparen?? de SYN se bazeaz? pe protocolul TCP. Spre deosebire de SYN unde nu suntem responsabili pentru pachet ACK de la server, CONNECT-DECONECTA?I inunda?ii dribleaz? complet TCP-strângere de mân? (compusul) ?i repet? atât de multe ori. Din cauza lipsei de resurse pentru a procesa num?rul mare de conexiuni la serverul incapacitate de munc?. Am decis s? nu pun? în aplicare inunda?ii SYN datorit? faptului c? potopul plin de acest tip nu sunt disponibile pe sisteme Windows (f?r? editare drivere Tcpip) Utilizarea drivere ter?i, astfel încât nu cel mai bun perspectiva. - HTTP atacuri DDoS împotriva inunda?iilor complet randomizat ?i optimizate - Atac Standard UDP de inunda?ii DDoS -------------------------- * <Autorun USB (LNK cu File) * <SOCKS 4 servere (preia ?osete proxy pe desc?rc?rile) * <Desc?rcare / Actualizare / executie - caracteristici standard înc?rc?tor (suporturi desc?rca fi?iere DLL în zombie memorie proces svchost.exe, precum ?i fi?iere JAR) Panou detaliate ?i frumos. Imagini panou: Acas?: http://i.imgur.com/hdXeq1P.png Editor DNS: http://i.imgur.com/K1tt7MC.png Forma hapsân filtre: http://i.imgur.com/Y7cShSd.png Realtime Grabber Chit / FTP / POP3: http://i.imgur.com/G03jQ8B.png Obiective: http://i.imgur.com/eDKBei0.png Configurarea Socks Proxy: http://i.imgur.com/ritA4WR.png Cerin?e pentru panoul de control În scopul de a g?zdui un panou de control de pe serverul dvs. nevoie de urmatoarele programe: • ionCube Loader 5.3+ • 5.3.x PHP • MySQL • PHPMyAdmin Dowload baza americana 64 aHR0cHMlM0EvL3d3dy5kcm9wYm94LmNvbS9zLzZ6YXQ1dGd6ODZlcmd3aS9CdWlsZGVyJTI1MjAxLjcucmFyJTNGZGwlM0Qw
  13. It is a new tool for analysis of Windows executable files, in order to quickly identify if this is or is not a malware. Most analyzes are based on the extraction of strings "ANSI" and "UNICODE" in disk, but also works with "Memory Dumps". Obviously, the latter option might compromise the security of your computer when you run the samples, so it's recommended make this in laboratory systems. Download https://docs.google.com/uc?id=0B74kMAGqImI9R1o4Q2Z1X054cjA
  14. Competitia de la Cyber Security Challenge UK, cea cu Flag Day, continua si in 2015. Enjoy! » Overview
  15. Kaspersky Total Security 2015 delivers ultimate security for computers & mobile devices. It protects your privacy, finances, identity, photos and children against Internet threats – so no aspect of your digital security is left to chance. One product – with one license – safeguards your ‘digital life’, across your PC, Mac and Android devices. Get it now! Free Kaspersky Total Security 2015 (100% discount) - SharewareOnSale
  16. Hi, Do you guys know good web security companies in Romania or surroundings? If so, please provide me their websites. Thank you
  17. Avast Internet Security 2015 Serial Keys Till 2017 .
  18. CYBERGATE ENCRIPTADO AHORA: [info] Fecha del reporte: Tue, 16 Jun 2015 19:32:48 +0000 Archivo: CyberFUD.exe Tamaño: 2052237 bytes MD5: d530a87aa19d75b6b15015028eacf004 Estado: Limpio Detecciones: 0 de 35 (0%) [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean SPYNET 2.6 ENCRIPTADO AHORA: [info] Fecha del reporte: Tue, 16 Jun 2015 19:34:02 +0000 Archivo: SpyNetFUD.exe Tamaño: 2046093 bytes MD5: 5b9c84424a48942821b0f63c5af9d2fc Estado: Limpio Detecciones: 0 de 35 (0%) [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean DARKCOMET ENCRIPTADO AHORA: [info] Fecha del reporte: Tue, 16 Jun 2015 19:34:55 +0000 Archivo: DarkCometFUD.exe Tamaño: 2422413 bytes MD5: 7dc0186a7c18402b60b322356da976f3 Estado: Limpio Detecciones: 0 de 35 (0%) [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean Dw: Download DH Crypter [MOD MAGGICIANCOR] [100% FUD].rar Password: Indetectables.net - MaggicianCOr
  19. The nation’s first ever criminal case involving a hijacked wireless Internet connection came to light this month, prompting online security experts to warn that home Wi-Fi routers may be open to attack if not properly protected. Users need to set a password and switch on encryption, or their network can be hacked within minutes by someone close enough to eavesdrop on the wireless signal, such as a user in an adjacent apartment, said Yuichi Nozawa, a consultant with the government-affiliated Information-technology Promotion Agency (IPA), a body that advises on digital security. Cracking the security itself is relatively simple for one common form of encryption and can be done using free software. The IPA delivered the warning last Friday, a day after the rearrest of a man suspected of tapping into a nearby Wi-Fi network in Matsuyama, Ehime Prefecture. Hirofumi Fujita, 30, is separately on trial for allegedly stealing ¥16 million by obtaining online banking IDs and passwords as well as sending computer viruses to gain unauthorized remote access to other people’s computers. Moreover, the agency warned that hackers can use hijacked wireless networks to hide their identities, leading “even ordinary people with no criminal intention” to become the main suspects in cybercrimes, Nozawa said Monday. He said police sometimes identify suspects by the Internet access point used. A further problem lies in the fact that it is not easy for ordinary users to detect if their network has been hacked, he said. Many users remain unaware of the risks. In 2014, the IPA reported that more than 50 percent of households either had not set password protection on their home wireless network or were unsure whether it was active. But even if a wireless network is password-protected, it needs to use a newer form of encryption, as older ones can be cracked fairly easily. Older routers may offer Wired Equivalent Privacy (WEP) encryption as the default setting, which Nozawa said can be hacked. The alleged Ehime hacker is suspected of using this technique, deploying software that came as a free gift with an IT security magazine. Instead, Nozawa recommends using Wi-Fi Protected Access II, better known as WPA2, a higher form of encryption and one usually offered by newer network devices. The IPA recommends contacting manufacturers’ support teams to find out how to configure the security settings, as the procedure varies from device to device. Source
  20. CWHH level 1 Advanced is a hands on courses which teaches using different security tools on both web security testing and network security testing. The course teaches you how to use the webtools so that you can test the webportals as a tester. If you are programmer then you can use the same webtools and write secure codes. leak source: Certified White Hat Hacker Level 1(Advanced) - Thieves-Team download: GirlShare - Download certified-white-hat-hacker-level-1-advanced.rar udemy: https://www.udemy.com/certified-white-hat-hacker-level-1-advanced/
  21. Snapchat has deployed two factor authentication as part of its push to increase security across the popular selfie slinging app. The sexting swap shop allows users to set up SMS log-in verification that makes en-masse account hijacking more difficult, and better protects Snapchat's Snapcash money transfer system. The additional security measures are welcome, but devoted targeted attackers can still break into accounts by exploiting telecommunications providers' weak security identity checks to port phone numbers. Users of Snapchat version 9.9 will be able to activate the Login Verification feature on Android and iOS platforms. The extra security features are the latest efforts in a push to increase the platform's security chops which includes the launch of a HackerOne bug bounty, a regular transparency report, and the hiring of former Google social network security boss Jad Boutros as infosec head. Boutros has already said he aimsto build a "culture of security" at the company. The push follows Snapchat's legal trouble with the Federal Trade Commission stemming from incorrect claims photos and videos would "disappear forever" when it had remained on devices. The company also ran into trouble when some 4.6 million names and email addresses were breached in December 2013 after it dismissed that attack vector as theoretical. Source
  22. Filename: Gerador Crypt By ~ Zeed.exe Type: File Filesize: 3747840 bytes Date: 08/06/2015 - 22:46 GMT+2 MD5: db22e83efba333f778b2a585e591fcc9 SHA1: 2e5082f993e22c8081694e9b7d80a4763c1f9a86 Status: Infected Result: 1/35 AVG Free - OK Avast - OK AntiVir (Avira) - OK BitDefender - OK Clam Antivirus - OK COMODO Internet Security - OK Dr.Web - OK eTrust-Vet - OK F-PROT Antivirus - OK F-Secure Internet Security - OK G Data - OK IKARUS Security - OK Kaspersky Antivirus - OK McAfee - OK MS Security Essentials - OK ESET NOD32 - OK Norman - OK Norton Antivirus - OK Panda Security - OK A-Squared - OK Quick Heal Antivirus - OK Solo Antivirus - OK Sophos - OK Trend Micro Internet Security - OK VBA32 Antivirus - OK Zoner AntiVirus - OK Ad-Aware - OK BullGuard - OK FortiClient - OK K7 Ultimate - OK NANO Antivirus - OK Panda CommandLine - OK SUPERAntiSpyware - OK Twister Antivirus - OK VIPRE - Trojan.Win32.Generic.pak=21cobra Download https://www.sendspace.com/file/egto0z
  23. File Name: aty.exe = DarkComet MD5: f766539495d37106b4e090ef0e6a5a86 Date/Time: 1-04-15,07:53:51 File Size: 280134 Bytes Reported by Most-Security.com Status: infected Detection: 2/35 AVG Free File Clean! Avast File Clean! AntiVir (Avira)TR\/Dropper.Gen BitDefender File Clean! Clam Antivirus File Clean! COMODO Internet Security File Clean! Dr.Web File Clean! eTrust-Vet File Clean! F-PROT Antivirus File Clean! F-Secure Internet Security File Clean! G Data File Clean! IKARUS Security File Clean! Kaspersky Antivirus File Clean! McAfee File Clean! MS Security Essentials File Clean! ESET NOD32 File Clean! Norman File Clean! Norton Antivirus File Clean! Panda Security File Clean! A-Squared File Clean! Quick Heal Antivirus File Clean! Solo Antivirus File Clean! SophosMal\/VBDrop-G Trend Micro Internet Security File Clean! VBA32 Antivirus File Clean! Zoner AntiVirus File Clean! Ad-Aware File Clean! BullGuard File Clean! FortiClient File Clean! K7 Ultimate File Clean! NANO Antivirus File Clean! Panda CommandLine File Clean! SUPERAntiSpyware File Clean! Twister Antivirus File Clean! VIPRE File Clean! Download: sters - virus Password rar: eazye
  24. So many hacks, so few days in the week to write alarming stories about every one. Every weekend, WIRED Security rounds up the security vulnerabilities and privacy updates that didn’t quite rise to our level for in-depth reporting this week, but deserve your attention nonetheless. First the big stories: The FBI has a secret fleet of planes spying on you, and they are not alone. United Airlines grounded all its planes on Monday because false flight plans were being uploaded to the flight decks. The US Senate finally passed some NSA surveillance reform in the form of the USA Freedom Act–the first of its kind since Edward Snowden revealed the extent of the Big Brother nightmare that is domestic counter-terrorism in the 21st century. Facebook decided that revealing your location in Messenger isn’t a bug; it’s a feature! A feature you can now, thankfully, opt out of. And our own Andy Greenberg demonstrated that the front lines of the gun control debate are moving closer to home, as it’s now incredibly easily to build your own untraceable guns. But there was a lot of other news this week, summarized below. To read the full story linked in each post, click on the headlines. And be safe out there! —Emily Dreyfuss Chinese Hackers Access Four Million Federal Workers’ Payroll Data Another month, another massive breach of a federal agency revealed. Hackers based in China accessed the records of four million federal workers when they hacked the Office of Payroll Management (OPM) in an attack first discovered in April. Despite the agency’s focus on payroll, it’s not clear if any data was stolen that could lead to financial fraud; no direct deposit information was accessed, according to the Washington Post. Instead, the attackers may have been seeking data useful for identifying government staffers with security clearances, potentially to target them in future “spear phishing” attacks. The Department of Homeland Security has taken credit for identifying the attack with its EINSTEIN intrusion detection system. But critics are questioning why that years-in-development system couldn’t have caught the attack earlier. The Chinese government, per usual, has denied any involvement. The OPM intrusion marks the second major federal breach revealed this year, following news that Russian hackers accessed unclassified White House networks as well as those of the State Department. — Andy Greenberg California Senate Passes Bill Requiring Warrants To Search Electronic Devices Another small victory for opponents of the all-pervasive morass of electronic surveillance, at least in one state: the California senate unanimously passed the California Electronic Communications Privacy Act, a bill requiring law enforcement to obtain a search warrant or wiretap order prior to searching smartphones, laptops, or electronic devices, or accessing information stored on remote servers. The bill will be heard by the State Assembly this summer. — Yael Grauer Skype Bug Broke App on Android, iOS and Windows It only took Skype 24 hours to fix the bug, but for a moment, messaging “http://:” (without the quotes) in chat not only made Skype crash in Windows, Android, and iOS, but would immediately crash it again after restarting when Skype downloaded chat history for the server, meaning that clearing the chat history didn’t resolve the issue. This bug trailed on the heels of the iOS glitch discovered last week that caused iPhones to crash when sent a string of characters, though users are far more likely to type in http://: by accident than they are to text the complicated string of Arabic and English characters required to crash iOS devices. Before the fix was in, Skype users could get around the bug by installing an older version of Skype, or having the sender delete the offending message. — Yael Grauer Most Macs Vulnerable to Permanent Backdooring Macs shipped prior to mid-2014 are vulnerable to an exploit that would allow an attacker to permanently control the machine, even if you reinstall OS X or reformat the drive. The vulnerability, discovered by security researcher Pedro Vilaca, allows attackers to install malicious firmware that essentially overwrites the firmware that boots up the machine right after older Macs awake from sleep. The code is installed via one of the many security vulnerabilities found in web browsers such as Safari. One way to avoid this hack is to change your computer’s default setting to deactivate sleep mode. You can also download software to detect whether an attack has taken place, though the software won’t prevent it from happening. — Yael Grauer Twitter Just Killed Politwoops The greatest Twitter account you’ve never heard of is now dead. Politwoops, an online archive of public statements made–and deleted–by U.S. politicians on Twitter, was an online transparency project started in 2012 by the Sunlight Foundation. It was created to provide a record of ways that elected officials sometimes quietly reverse their messaging. Originally, Sunlight had permission to use Twitter’s API for the project, which used a human curation workflow to analyze the tweets. But the social networking service has now reneged, citing the expectation of privacy for all accounts. Sunlight Foundation points out that elected officials shouldn’t share the same expectations of privacy as private citizens do, and that transparency leads to accountability. Now it has one fewer tool to use on that mission. — Yael Grauer Now You, Too, Can Track FBI Spy Planes As you’ve probably heard by now, the FBI is flying spy planes over American cities, and they’re registered to at least 13 fictitious companies. The specific capabilities of these planes is unclear, but they may have high-tech cameras and perhaps even cell-site simulators to scoop up massive amounts of data. Luckily, tracking the planes themselves has proven to be a bit easier than determining their capabilities. L.A.-based technologist John Wiseman used public records request for flight routes and programmed a radio receiver to intercept airplane transmissions, allowing him to identify planes flying in L.A. in real time. You can do the same, by tapping into a database of 115 spy planes that engineer Brian Abelson created by looking up registration numbers associated with planes owned by FBI front companies, as revealed by the AP. Flight information and history is available on that link, and users can analyze the data set by registering for a free account at Enigma, the data search and discovery platform where Wiseman works. — Yael Grauer Source
  25. Document Title: =============== iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1494 Release Date: ============= 2015-05-13 Vulnerability Laboratory ID (VL-ID): ==================================== 1494 Common Vulnerability Scoring System: ==================================== 3.4 Product & Service Introduction: =============================== Couldn`t you remember your lesson time? If you are a high-school student or a university one, you will be able easily to consult your weekly guide, using this App on your iPhone. You could choose your sujects following your plan and give them a colour for marking them at the end of the week. (Copy of the Homepage: https://play.google.com/store/apps/details?id=com.idalmedia.android.timetable&hl=it & https://itunes.apple.com/en/app/orariolezioni/id542313616) Abstract Advisory Information: ============================== The Vulnerability Laboratory Research Team discovered a persistent input validation vulnerability in the official iClassSchedule v1.6 iOS & Android mobile web-application. Vulnerability Disclosure Timeline: ================================== 2015-05-13: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Tel.Net srl Product: iClassSchedule - iOS & Android Mobile Web Application 1.6 iOS and 4.6 Android Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ An application-side validation vulnerability has been discovered in the official iClassSchedule v1.6 iOS & Android mobile web-application. The vulnerability allows an attacker to inject own script code as payload to the application-side of the vulnerable service function or module. The vulnerability is located in the `Aula (name input)` values of the vulnerable `iClass Calender` module. Local attackers are able to manipulate the `Aula name` input to compromise the `Calender Index` module. The execution point of the script code occurs on the application-side in the listing module by the manipulated name context field. The Apple iOS and Google Android mobile application versions are affected by the vulnerability. The security risk of the application-side web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.4. Exploitation of the application-side web vulnerability requires a privileged web-application user account and low or medium user interaction. Successful exploitation of the vulnerabilities result in persistent phishing mails, session hijacking, persistent external redirect to malicious sources and application-side manipulation of affected or connected module context. Vulnerable Module(s): [+] Aula Vulnerable Parameter(s): [+] name Affected Module(s): [+] iClass Calender Events Context (App Index) Proof of Concept (PoC): ======================= The persistent input validation web vulnerability can be exploited by local attackers with physical device access and with low user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. 1. Install the mobile application to your iOS or Android device 2. Open the application and add a new entry to the iclass calender index 3. Inject to the Aula name value your own script code (payload) for testings 4. Save the entry and move back to the iclass calender index of the app 5. The code executes because of the wrong encoding in the calender itself. Note: Export and Exchange of malicious context is possible! 6. Successful reproduce of the security vulnerability! Solution - Fix & Patch: ======================= The vulnerability can be patched by a secure parse and encode of the vulnerable name value in the iclass calender module. Restrict the name input and disallow usage of special chars to prevent persistent cross site scripting attacks. Security Risk: ============== The security risk of the persistent input validation web vulnerability in the name value is estimated as medium. (CVSS 3.4) Credits & Authors: ================== Vulnerability Laboratory [Research Team] - Katharin S. L. (CH) (research@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - vulnerability-lab.com/contact.php - evolution-sec.com/contact Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php Programs: vulnerability-lab.com/submit.php - vulnerability-lab.com/list-of-bug-bounty-programs.php - vulnerability-lab.com/register/ Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - [Evolution Security GmbH]™ -- VULNERABILITY LABORATORY - RESEARCH TEAM SERVICE: www.vulnerability-lab.com CONTACT: research@vulnerability-lab.com PGP KEY: http://www.vulnerability-lab.com/keys/admin@vulnerability-lab.com%280x198E9928%29.txt Source
×
×
  • Create New...