Page 39 of 39 FirstFirst ... 29313233343536373839
Results 951 to 962 of 962
  1. #951
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    72,280
    The thing is HooHoo I could have said this:

    "Some of the interesting techniques GoldenHelper uses include randomization of name whilst in transit, randomization of file system location, timestomping, IP-based DGA (Domain Generation Algorithm), UAC bypass and privilege escalation."
    But you wouldn't understand any of it because you're not very bright.

  2. #952
    Thailand Expat
    OhOh's Avatar
    Join Date
    Jul 2010
    Last Online
    Today @ 07:17 PM
    Location
    Where troubles melt like lemon drops
    Posts
    21,177
    Quote Originally Posted by harrybarracuda View Post
    But you wouldn't understand any of it
    Every business has it's own metalanguage and I didn't get past this:

    Quote Originally Posted by harrybarracuda View Post
    Some of the interesting techniques GoldenHelper uses include ......... zzzzzzzzz
    1. Issued a spec,
    2. Review techies application,
    3. If 2 < 1. Go 1 else go 4
    4. Issue a internal comments doc.
    5. Wait zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
    6. If 2 < 1. Go 5 else go 1
    5. Sell the App.
    6. Spend bonus on frivolities

    Impressive eh, or am I missing a critical loop?

    Got to keep the recipe's a secret, lines 2. - 4. eh.

    *** The Security News Thread  ***-kfc-jpg
    A tray full of GOLD is not worth a moment in time.

  3. #953
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    72,280
    Quote Originally Posted by OhOh View Post
    Impressive eh, or am I missing a critical loop?
    Oh look, HooHoo's resorting to the waffle again.

    Let's just repeat the story so it sinks in:

    The chinkies planted malware and backdoors in a tax program that the chinkies had forced foreign companies to use.


    So Hoohoo resorts to talking about KFC as if somehow this is more important.


  4. #954
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    72,280
    I've met Alex half a dozen times over recent years. The last time I found him propping up the pool bar at the birthplace of the Pina Colada wearing an England footy shirt. With these two in charge the sloppy Solarwinds security team are about to experience a world of hurt, and I'm sure several will be headed for the exits.

    SolarWinds has hired the former head of the US Cybersecurity and Infrastructure Security Agency (CISA), Chris Krebs, in an effort to recover from last month’s cyber attack which left 18,000 customers exposed to what are believed to be Russian hackers.

    Krebs was the first director of CISA, which was founded in 2018 as a part of US Homeland Security. He also led the effort to maintain the cyber safety of the 2020 US presidential election and was famously fired by President Trump after he proclaimed the election to be the most secure ever in US history.

    SolarWinds has also taken on Facebook CSO Alex Stamos, who was previously hired by Zoom to help the video conferencing provider boost its security following incidents of ‘Zoom-bombing’, which led to numerous companies and institutions banning the use of the platform.

    Krebs and Stamos have recently formed a security consulting business, of which expertise SolarWinds is now expected to benefit from.
    SolarWinds hires former Trump cyber security chief | IT PRO

  5. #955
    Member

    Join Date
    Jan 2020
    Last Online
    Today @ 07:44 PM
    Posts
    124
    The Solarwinds security team needs a big shock right about now, and hopefully those two leaders can deliver it.

  6. #956
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    72,280
    Quote Originally Posted by TTraveler View Post
    The Solarwinds security team needs a big shock right about now, and hopefully those two leaders can deliver it.
    Stamos in particular is a big fan of red teaming!

  7. #957
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    72,280

  8. #958
    Member

    Join Date
    Jan 2020
    Last Online
    Today @ 07:44 PM
    Posts
    124
    Quote Originally Posted by harrybarracuda View Post
    Bejaysus what a mess.
    The good news: they found it.
    But one must wonder how many more strains are in the system that haven't been found.

  9. #959
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    72,280
    Quote Originally Posted by TTraveler View Post
    The good news: they found it.
    But one must wonder how many more strains are in the system that haven't been found.
    I got invited to an InfoBlox presentation yesterday. I sort of mentioned that spending six figures on a package that didn't detect shitloads of outbound DNS exfiltration wasn't really my thing.


  10. #960
    Member

    Join Date
    Jan 2020
    Last Online
    Today @ 07:44 PM
    Posts
    124
    Millions of Social Profiles Leaked by Chinese Data-Scrapers
    More than 400GB of public and private profile data for 214 million social-media users from around the world has been exposed to the internet – including details for celebrities and social-media influencers in the U.S. and elsewhere.

    The leak stems from a misconfigured ElasticSearch database owned by Chinese social-media management company SocialArks, which contained personally identifiable information (PII) from users of Facebook, Instagram, LinkedIn and other platforms, according to researchers at Safety Detectives.

    The server was found to be publicly exposed without password protection or encryption during routine IP-address checks on potentially unsecured databases, researchers said. It contained more than 318 million records in total.

    Millions of Social Profiles Leaked by Chinese Data-Scrapers | Threatpost
    Last edited by TTraveler; 14-01-2021 at 06:21 AM. Reason: formatting

  11. #961
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    72,280
    Built-in backdoors and vulnerabilities and straight away you think of one country...

    Multiple backdoors and vulnerabilities discovered in FiberHome routers

    At least 28 backdoor accounts found in FiberHome FTTH ONT routers.

    At least 28 backdoor accounts and several other vulnerabilities have been discovered in the firmware of a popular FTTH ONT router, widely deployed across South America and Southeast Asia.


    FTTH ONT stands for Fiber-to-the-Home Optical Network Terminal. These are special devices fitted at the end of optical fiber cables. Their role is to convert optical signals sent via fiber optics cables into classic Ethernet or wireless (WiFi) connections.


    FTTH ONT routers are usually installed in apartment buildings or inside the homes or businesses that opt for gigabit-type subscriptions.


    In a report published last week, security researcher Pierre Kim said he identified a large collection of security issues with FiberHome HG6245D and FiberHome RP2602, two FTTH ONT router models developed by Chinese company FiberHome Networks.


    The report describes both positive and negative issues with the two router models and their firmware.

    For example, the positive issues are that both devices do not expose their management panel via the IPv4 external interface, making attacks against its web panel impossible via the internet. Furthermore, the Telnet management feature, which is often abused by botnets, is also disabled by default.


    However, Kim says that FiberHome engineers have apparently failed to activate these same protections for the routers' IPv6 interface. Kim notes that the device firewall is only active on the IPv4 interface and not on IPv6, allowing threat actors direct access to all of the router's internal services, as long as they know the IPv6 address to access the device.
    Multiple backdoors and vulnerabilities discovered in FiberHome routers | ZDNet

  12. #962
    Member

    Join Date
    Jan 2020
    Last Online
    Today @ 07:44 PM
    Posts
    124
    Quote Originally Posted by harrybarracuda View Post
    Built-in backdoors and vulnerabilities and straight away you think of one country...
    Couldn't possibly be the country that hoards its researchers and the vulnerabilities they discover...

    They say you don't notice something good until it's gone. With China's decision to restrict its information security researchers from participating in global hacking competitions, we're about to see what that looks like on the global "zero day" stage.

    For over a decade Pwn2Own ... brought together security talent from across the globe in a friendly hacking competition that is a cornerstone of research and advancement on par with Black Hat and Def Con.

    China's hackers routinely win, sweeping the board -- notably, the Tencent and Keen teams. Pwn2Own is good-natured, and all in the name of researchers finding big bugs, nabbing great bounties and drawing attention to security holes and zero-days that need to be fixed.

    But (since 2018), China is no longer allowing its researchers to compete.
    https://www.engadget.com/2018-03-16-chinese-hackers-pwn2own-no-go.html

    *** The Security News Thread  ***-china-not-found-png

Page 39 of 39 FirstFirst ... 29313233343536373839

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •