Yes there are real scams but they normally involving engaging the victim with a fake profile or some whore.
But the email scams are different.
Printable View
Yes there are real scams but they normally involving engaging the victim with a fake profile or some whore.
But the email scams are different.
Norsk Hydro hit bad by a ransomware attack.
https://www.reuters.com/article/us-n...-idUSKCN1R00NJQuote:
The Norwegian National Security Authority (NNSA), the state agency in charge of cybersecurity, said the attack used a virus known as LockerGoga, a relatively new strain of so-called ransomware which encrypts computer files and demands payment to unlock them.
every time i see a win 10 update I get anxiety attacks.Quote:
Originally Posted by harrybarracuda
Just did my Win 10 update, now the battery status icon is gone from my tray. I have to keep on going to my settings to check on the status of my laptop battery. Went to YouTube for fixes, seems like the "config Sys" command from MS DOS days is rearing its ugly head, don't want to start messing with settings I don't understand, Looks like I will have to take my laptop in the shop for someone who knows what they are doing to fix. Any recommends on a shop in Khon Kaen?
Next laptop will be a Mack. Tired of windows.
I install classic shell on win 10
Classic Shell: Downloads
get your desktop back to a no frills GUI
did a litle search and found "classic start" also , would such programs restore my battery status icon? that's all I want.Quote:
Originally Posted by baldrick
try it and find out
I use it because it sets the windows GUI back to the old style without all the bullsh1t pretty stuff
I would expect you to get the normal taskbar
you can always turn it off
Did you try clicking the little "up" chevron and seeing if it's there? And if it is, drag it back into the taskbar.Quote:
Originally Posted by Buckaroo Banzai
But if you're really too thick to know that's how Windows works after all this time, and it's giving you "anxiety attacks" then yes, go and get a Mac. They're designed for people who don't really understand computers and want their little hands held all the time.
Microsoft Issues the Update to Announce the End of Windows 7 Updates
By: Wayne Rash | March 25, 2019
It’s not exactly the Windows Update to end all updates, but it’s close. Windows 7 machines that downloaded the most recent round of official updates got one that doesn’t do much beyond telling you to stop using Windows 7. The way it’s supposed to work is that computers running Windows 7 will start getting pop-up notices beginning April 18 letting them know that all support for Windows 7 will end on Jan. 14, 2020.
The pop-up notice will provide a link to additional information on Microsoft’s website letting you know your upgrade options, including buying new computers, which is what the company really wants you to do. While the notices aren’t supposed to appear until April, some users are reporting seeing them already. When the notice does appear, you can check a box in the lower left corner telling the alert not to appear again.
This is Microsoft’s gentle (but not subtle) means of telling you that it’s high time to stop fooling around and update Windows. But by now, you know this. Problem is, you’re one of hundreds of millions of places where Windows 7 is still running, and while there are some instances in which you can stick with it, in nearly every case you can’t. It’s reaching its end of life, and continuing to use it after next January will mean using a system that’s more and more vulnerable to security risks.
Why So Many Still Haven’t Upgraded to Windows 10
So why haven’t you upgraded your Windows 7 machines? There are a number of reasons, a couple of which are legitimate.
- You just haven’t gotten around to it. Procrastination will eventually create headaches as new software won’t work. Worse, you’ll be vulnerable to an ever wider range of attacks and exploits, and you may not be able to do anything about it. You need to move forward.
- You’re concerned that your applications won’t work. Windows 10 has a compatibility mode that will tell your applications that you’re running Windows 7 (or XP or whatever), and it works quite well. But for the most part, commercial applications will work fine. Some custom applications may have trouble, but it’s unlikely. If it is a problem, consider upgrading to Windows 8.1 to see if that works. Meanwhile, update your custom apps.
- You don’t want to spend the money to update. You could have upgraded to Windows 10 when it was free. However, you may still be able to perform a clean install of Windows 10 and use your existing Windows 7 installation key. Microsoft enabled this over a year ago, and it may still work.
- Your computer won’t run Windows 10. There are a few computers, including my ancient HP xw8200 workstation, that cannot run Windows 10. All you can do in this case is continue with Windows 7 and hope for the best, or you can run a different operating system such as Linux. Or you can replace your old computer with a new one. I did both with a new HP workstation, and I’m getting a copy of Linux that understands my SCSI controllers on the old one.
- You have an enterprise license. You can arrange for continued support for some business installations of Windows 7. This is a feature of some enterprise contracts with Microsoft, and you may be able to add this support if you don’t already have it.
- You have embedded Windows 7 and can’t upgrade. Embedded Windows in ATMs, gas pumps, POS devices, medical devices and other embedded applications aren’t subject to the end-of-life limits for other Windows 7 installations. Microsoft has an FAQ about this.
Considering the rate at which internet of things (IoT) devices running Windows are spreading, that last point might end up being the largest installed base of Windows 7 still extant. And, like everything else in the IoT world, this means that security issues will follow embedded Windows until the device makers start following the new federal guidelines and make their devices so they can be updated.
From a business perspective, running on an old, unsupported operating system is pretty hard to defend. Windows 7 came out 10 years ago, and you’ve known for at least five years that the operating system’s days were numbered. You’ve known the exact end of support date for over a year now. And you’ve known for longer than that about Microsoft’s plan to stop supporting Windows 7.
Even if you run a very small business, the investment required to keep your technology current is fairly minimal. It’s probably going to cost less to buy a new computer than it will cost you for business lunches over the course of a month, and unlike lunch, newer technology will improve your efficiency and also reduce your risks. You should be budgeting for hardware replacements over the course of three or four years for each machine, anyway.
The best way to think about the patch that will start nagging you to update Windows in April is with thanks. You’ve been reminded in enough time that even if you have a lengthy procurement process, you still have time to either update Windows or to update your computer with a new one. Neither path is particularly arduous, especially compared with the pain of recovering from a breach that happened when you didn’t take action.
https://www.eweek.com/enterprise-app...dows-7-updates
If anyone is running these models of D-Link router, go in and check your DNS hasn't been tampered with, and make sure you update to the latest firmware.
Also these:Quote:
The first DNS hijacking exploit attempts targeted multiple models of D-Link DSL modems, including:
https://teakdoor.com/attachment.php?a...id=30247&stc=1
No Huawei routers listed?
Oh no, the chinky spies have their own page.Quote:
Originally Posted by OhOh
https://www.cvedetails.com/vulnerabi...79/Huawei.html
And these companies as well:
https://www.cvedetails.com/vulnerability-list/vendor_id-750/Nokia.html
https://www.cvedetails.com/vulnerabi...2/Samsung.html
https://www.cvedetails.com/google-search-results.php?q=ZTE+%3A+Security+Vulnerabilities+&sa =Search
https://www.cvedetails.com/vulnerability-list/vendor_id-238/Intel.html
https://www.cvedetails.com/vulnerability-list/vendor_id-16/Cisco.html
https://www.cvedetails.com/vulnerability-list/vendor_id-10/cvssscoremin-7/cvssscoremax-7.99/HP.html
Seems to be many common problems.
Yes, but in the case of the rest you know they aren't put there deliberately (unless they are other chinky spying shit).
^ So the errors etc. must be by poor project specs, bad programming, insufficient checking or inadequate development control then?
If so, that is exactly what Huawei is accused of by the UK auditors.
Or can you suggest other reasons that these problems are occurring?
Are you stupid or something?Quote:
Originally Posted by OhOh
Everyone knows the chinkies leave backdoors in everything.
They are dirty little spies.
Do I have to post the designs they've stolen AGAIN for it to sink in?
Or are you just going to carry on with your snivelling chinky brown nosing?
Easter Attack Affects Half a Billion Apple iOS Users via Chrome Bug
About a half a billion Apple iOS users (and counting) have been hit by session-hijacking cybercriminals bent on serving up malware. They’re exploiting an unpatched flaw in the Chrome for iOS browser, to bypass sandboxing and hijack user sessions, targeting iPhone and iPad users.
The attacks are the work of the eGobbler gang, researchers said, which has a track record of mounting large-scale malvertising attacks ahead of major holiday weekends. Easter is coming up, and the crooks are banking on consumers spending a lot more time than usual browsing the web on their phones.
Session hijacking occurs when a user is browsing a web page and is suddenly redirected to another site or landing page, or when a pop-up appears that one can’t exit out of. The pages look like ads from well-known brands; but in reality, if a user clicks on one of them, a payload is deployed.
In this case, “the campaign…is currently still active under ‘.site’ TLD landing pages,” said Eliya Stein at Confiant, in an analysis this week. “With half a billion user sessions impacted, this is among the top three massive malvertising campaigns that we have seen in the last 18 months.”
The offensive is mainly targeting U.S. users, though some European activity has been observed.
Meanwhile, at least one other research firm said that the attack is effective against Apple Safari users as well – opening up a much larger threat surface, given that most iOS users make use of Apple’s default browser for mobile web surfing.
https://threatpost.com/easter-attack-apple-ios/143901/
Doh!!
[QUOTE]
China-based app maker ignored repeated warnings by researchers that its password database – stored in plain text – was accessible to anyone online.
More than 2 million passwords for Wi-Fi hotspots were leaked online by the Android app developer behind the mobile application called WiFi Finder. The passwords were part of an insecure database found by researchers at GDI Foundation.
The Android app itself did not just help users find Wi-Fi hotspots, but also supplied username and passwords that were crowdsourced by the apps users. According to researchers, the total database included 2 million username and password pairs, with tens-of-thousands of hotspots located in the United States, according to TechCrunch, which first reported the leaky server.
GDI Foundation said the developer is based in China and the app has been downloaded “thousands” of times by users. Data included public and private hotspots, but also “countless” numbers of home Wi-Fi hotspots.
https://threatpost.com/leaky_app_data/144029/
[/QUOTE]
err - so what
free wifi as long as your device is secure and you don't like MIM attacks - onwards
And what do you think is the probability that people who would use an app like this understand either security or the consequences?Quote:
Originally Posted by baldrick
In fairness, you'd have to be that dumb - almost Buttplugian one would say - that someone has probably compromised your router and home network already.
"Researchers" finding a China story, 'arry lives for such things.
Awwwww wassup snowflake.Quote:
Originally Posted by OhOh
All available no doubt at your, "not for profit, but agency funded", site, "China Tittle-Tattle - All the unproven garbage one can find.com"
Actually, just news sites.Quote:
Originally Posted by OhOh
I expect you don't get these reports on IAMACHINKYBROWNNOSER.COM
Always a handy reminder....
https://teakdoor.com/attachment.php?a...id=31104&stc=1
50,000 companies exposed to hacks of 'business critical' SAP systems: researchers
"LONDON (Reuters) - Up to 50,000 companies running SAP software are at greater risk of being hacked after security researchers found new ways to exploit vulnerabilities of systems that haven’t been properly protected and published the tools to do so online.
German software giant SAP said it issued guidance on how to correctly configure the security settings in 2009 and 2013. But data compiled by security firm Onapsis shows that 90 percent of affected SAP systems have not been properly protected.
“Basically, a company can be brought to a halt in a matter of seconds,” said Onapsis Chief Executive Mariano Nunez, whose company specializes in securing business applications such as those made by SAP and rival Oracle.
“With these exploits, a hacker could steal anything that sits on a company’s SAP systems and also modify any information there – so he can perform financial fraud, withdraw money, or just plainly sabotage and disrupt the systems.”
SAP said: “SAP always strongly recommends to install security fixes as they are released.”
SAP software is used by more than 90 percent of the world’s top 2,000 to manage everything from employee payrolls to product distribution and industrial processes. "
Continues;
https://www.reuters.com/article/us-sap-security/50000-companies-exposed-to-hacks-of-business-critical-sap-systems-researchers-idUSKCN1S80VJ?il=0
Dodgy EU software to be banned?
It's nothing new. It's a default configuration that SAP say you should change for your environment.
I don't see how they can say it affects 90% of the world's SAP sites unless they've had internal access to all of them.
Someone is promoting their services to pointy-haired bosses I suspect.
https://teakdoor.com/attachment.php?a...id=31120&stc=1
That Dell crapware.... get rid.
Quote:
Remote Code Execution on most Dell computers
What computer do you use? Who made it? Have you ever thought about what came with your computer? When we think of Remote Code Execution (RCE) vulnerabilities in mass, we might think of vulnerabilities in the operating system, but another attack vector to consider is “What third-party software came with my PC?”. In this article, I’ll be looking at a Remote Code Execution vulnerability I found in Dell SupportAssist, software meant to “proactively check the health of your system’s hardware and software” and which is “preinstalled on most of all new Dell devices”.
https://d4stiny.github.io/Remote-Code-Execution-on-most-Dell-computers/
Acer , lenovo and now dell have made this stupid mistake
how many people actually call these companies and ask for remote assistance via this sort of connection ?
firefox extension fcukup
fixes here if you want to get them working again before they get their sh1t into a pile and fix the problem
http://www.reddit.com/r/firefox/comments/bkhtv8/heres_whats_going_on_with_your_addons_being/
Schoolboy error.Quote:
Originally Posted by baldrick
:rofl:
er - no PiHole
what sort of Amateur sh1tshow do you think people should run
You can add one of those, and if you want to be really paranoid run your shit through any number of cloud analytics platforms as well.
Fuck it, if you have the budget do what you like.
:)
are you able to pass a camel through the eye of a PiHole ? :)
if youare using firefox you should be able to update to 66.0.0.4 which will fix you addons/extensions issue
http://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/
I've got 66.0.4 showing in mine.Quote:
Originally Posted by baldrick
that is because I am a 00 and you are not :)
That's not your blood alcohol level then.Quote:
Originally Posted by baldrick
:bananaman:
WhatsApp is encouraging users to update to the latest version of the app after discovering a vulnerability that allowed spyware to be injected into a user’s phone through the app’s phone call function.
The spyware was developed by the Israeli cyber intelligence company NSO Group, according to the Financial Times, which first reported the vulnerability.
Attackers could transmit the malicious code to a target’s device by calling the user and infecting the call whether or not the recipient answered the call. Logs of the incoming calls were often erased, according to the report.
WhatsApp said that the vulnerability was discovered this month, and that the company quickly addressed the problem within its own infrastructure. An update to the app was published Monday, and the company is encouraging users to upgrade out of an abundance of caution.
The company has also alerted US law enforcement to the exploit, and published a “CVE notice”, an advisory to other cybersecurity experts alerting them to “common vulnerabilities and exposures”.
The vulnerability was used in an attempted attack on the phone of a UK-based attorney on 12 May, the FT reported. The lawyer, who was not identified by name, is involved in a lawsuit against NSO brought by a group of Mexican journalists, government critics and a Saudi Arabian dissident.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” WhatsApp said in a statement. “We have briefed a number of human rights organizations to share the information we can and to work with them to notify civil society.”
NSO Group did not immediately respond to the Guardian’s request for a comment. The company told the FT that it was investigating the WhatsApp attacks.
“Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,” NSO Group told the FT. “NSO would not, or could not, use its technology in its own right to target any person or organization, including this individual.”
NSO limits sales of its spyware, Pegasus, to state intelligence agencies. The spyware’s capabilities are near absolute. Once installed on a phone, the software can extract all of the data that’s already on the device (text messages, contacts, GPS location, email, browser history, etc) in addition to creating new data by using the phone’s microphone and camera to record the user’s surroundings and ambient sounds, according to a 2016 report by the New York Times.
WhatsApp has about 1.5bn users around the world. The messaging app uses end-to-end encryption, making it popular and secure for activists and dissidents. The Pegasus spyware does not affect or involve the app’s encryption.
https://www.theguardian.com/technolo...-vulnerability