Page 39 of 44 FirstFirst ... 293132333435363738394041424344 LastLast
Results 951 to 975 of 1099

Hybrid View

  1. #1
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    Quote Originally Posted by harrybarracuda View Post
    Bejaysus what a mess.
    The good news: they found it.
    But one must wonder how many more strains are in the system that haven't been found.

  2. #2
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    Quote Originally Posted by TTraveler View Post
    The good news: they found it.
    But one must wonder how many more strains are in the system that haven't been found.
    I got invited to an InfoBlox presentation yesterday. I sort of mentioned that spending six figures on a package that didn't detect shitloads of outbound DNS exfiltration wasn't really my thing.


  3. #3
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    Millions of Social Profiles Leaked by Chinese Data-Scrapers
    More than 400GB of public and private profile data for 214 million social-media users from around the world has been exposed to the internet – including details for celebrities and social-media influencers in the U.S. and elsewhere.

    The leak stems from a misconfigured ElasticSearch database owned by Chinese social-media management company SocialArks, which contained personally identifiable information (PII) from users of Facebook, Instagram, LinkedIn and other platforms, according to researchers at Safety Detectives.

    The server was found to be publicly exposed without password protection or encryption during routine IP-address checks on potentially unsecured databases, researchers said. It contained more than 318 million records in total.

    Millions of Social Profiles Leaked by Chinese Data-Scrapers | Threatpost
    Last edited by TTraveler; 14-01-2021 at 06:21 AM. Reason: formatting

  4. #4
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    Built-in backdoors and vulnerabilities and straight away you think of one country...

    Multiple backdoors and vulnerabilities discovered in FiberHome routers

    At least 28 backdoor accounts found in FiberHome FTTH ONT routers.

    At least 28 backdoor accounts and several other vulnerabilities have been discovered in the firmware of a popular FTTH ONT router, widely deployed across South America and Southeast Asia.


    FTTH ONT stands for Fiber-to-the-Home Optical Network Terminal. These are special devices fitted at the end of optical fiber cables. Their role is to convert optical signals sent via fiber optics cables into classic Ethernet or wireless (WiFi) connections.


    FTTH ONT routers are usually installed in apartment buildings or inside the homes or businesses that opt for gigabit-type subscriptions.


    In a report published last week, security researcher Pierre Kim said he identified a large collection of security issues with FiberHome HG6245D and FiberHome RP2602, two FTTH ONT router models developed by Chinese company FiberHome Networks.


    The report describes both positive and negative issues with the two router models and their firmware.

    For example, the positive issues are that both devices do not expose their management panel via the IPv4 external interface, making attacks against its web panel impossible via the internet. Furthermore, the Telnet management feature, which is often abused by botnets, is also disabled by default.


    However, Kim says that FiberHome engineers have apparently failed to activate these same protections for the routers' IPv6 interface. Kim notes that the device firewall is only active on the IPv4 interface and not on IPv6, allowing threat actors direct access to all of the router's internal services, as long as they know the IPv6 address to access the device.
    Multiple backdoors and vulnerabilities discovered in FiberHome routers | ZDNet

  5. #5
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    Quote Originally Posted by harrybarracuda View Post
    Built-in backdoors and vulnerabilities and straight away you think of one country...
    Couldn't possibly be the country that hoards its researchers and the vulnerabilities they discover...

    They say you don't notice something good until it's gone. With China's decision to restrict its information security researchers from participating in global hacking competitions, we're about to see what that looks like on the global "zero day" stage.

    For over a decade Pwn2Own ... brought together security talent from across the globe in a friendly hacking competition that is a cornerstone of research and advancement on par with Black Hat and Def Con.

    China's hackers routinely win, sweeping the board -- notably, the Tencent and Keen teams. Pwn2Own is good-natured, and all in the name of researchers finding big bugs, nabbing great bounties and drawing attention to security holes and zero-days that need to be fixed.

    But (since 2018), China is no longer allowing its researchers to compete.
    https://www.engadget.com/2018-03-16-chinese-hackers-pwn2own-no-go.html

    *** The Security News Thread  ***-china-not-found-png

  6. #6
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    I bet you can't guess whose dodgy, backdoor-infested shit this is aimed at.

    On January 20th President Biden signed an Executive Order that in part suspended the implementation of President Trump's May 1, 2020 order halting the use of components produced by hostile foreign states in the Bulk Power System:

    Sec 7 (c) Executive Order 13920 of May 1, 2020 (Securing the United States Bulk-Power System), is hereby suspended for 90 days. The Secretary of Energy and the Director of OMB shall jointly consider whether to recommend that a replacement order be issued.

  7. #7
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    A strangely targeted attack...

    A mysterious hacking group has compromised the server infrastructure of a popular Android emulator and has delivered malware to a handful of victims across Asia in a highly-targeted supply chain attack.
    The attack was discovered by Slovak security firm ESET on January 25, last week, and targeted BigNox, a company that makes NoxPlayer, a software client for emulating Android apps on Windows or macOS desktops.
    ESET says that based on evidence its researchers gathered, a threat actor compromised one of the company's official API (api.bignox.com) and file-hosting servers (res06.bignox.com).
    Using this access, hackers tampered with the download URL of NoxPlayer updates in the API server in order to deliver malware to NoxPlayer users.
    "Three different malware families were spotted being distributed from tailored malicious updates toselected victims, with no sign of leveraging any financial gain, but rather surveillance-related capabilities," ESET said in a report shared today with ZDNet.
    Despite evidence implying that attackers had access to BigNox servers since at least September 2020, ESET said the threat actor didn't target all of the company's users but instead focused on specific machines, suggesting this was a highly-targeted attack looking to infect only a certain class of users.
    Until today, and based on its own telemetry, ESET said it spotted malware-laced NoxPlayer updates being delivered to only five victims, located in Taiwan, Hong Kong, and Sri Lanka.
    Hacker group inserted malware in NoxPlayer Android emulator | ZDNet

  8. #8

  9. #9
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    Finally some good news.
    U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charged in a Florida court.

    Chainalysis has traced more than $46 million worth of funds in NetWalker ransoms since it first came on the scene in August 2019
    *** The Security News Thread  ***-netwalker-hacker-300x214-png

    Sebastien Vachon-Desjardins was living his best life between Miami and Ottawa, Canada, after pulling in at least $27.6 million from ransomware operation NetWalker. Appears his expertise was targeting healthcare organizations. He gets extra scumbag points for doing so during a pandemic.
    Arrest, Seizures Tied to Netwalker Ransomware — Krebs on Security

  10. #10
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    I look forward to a massive jail sentence for this PoS.

  11. #11
    Thailand Expat OhOh's Avatar
    Join Date
    Jul 2010
    Last Online
    24-07-2024 @ 09:54 PM
    Location
    Where troubles melt like lemon drops
    Posts
    25,350
    Quote Originally Posted by TTraveler View Post
    hopefully those two leaders can deliver it.
    ameristani leaders "delivering".


  12. #12
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    Quote Originally Posted by OhOh View Post
    ameristani leaders "delivering".

    HooHoo is quite happy to see chinky government spies destroying livehoods.

    He is quite spiteful.

  13. #13
    Thailand Expat
    Join Date
    Oct 2019
    Last Online
    @
    Posts
    11,746
    Lol now they are telling us it was China that did the Solarwinds hack.


    Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources | Financial Post


    First Russia did the Afganstan bounties. Then China did the Afganistan bounties

    Intel on China bounties called ‘less' credible than Russia payments - POLITICO

  14. #14
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    "An online community promoting female escorts and reviews of their services has suffered a data breach after a hacker downloaded the site's database."

    "EscortReviews.com is an adult online vBulletin forum community that allows US and Mexico-based escorts to promote their services, share profile pictures, contact information, and biographies to prospective clients. Clients can then post reviews about their experiences with the particular escort."

    Backspin will be happy no one is blaming China. Yet.


    http://Female escort review site dat...70,000 members

  15. #15
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    Quote Originally Posted by TTraveler View Post
    "An online community promoting female escorts and reviews of their services has suffered a data breach after a hacker downloaded the site's database."

    "EscortReviews.com is an adult online vBulletin forum community that allows US and Mexico-based escorts to promote their services, share profile pictures, contact information, and biographies to prospective clients. Clients can then post reviews about their experiences with the particular escort."

    Backspin will be happy no one is blaming China. Yet.


    http://Female escort review site dat...70,000 members
    Hmmm

    "She wanted Bt500. I tried to borrow the money off some stranger outside a shop, but he only lent me Bt100 and he made me buy him a beer with it. I think he was mocking me. 0/5 do not recommend - S. Mark, Thailand)"

  16. #16
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    Shit's getting real.

    Hackers breach, attempt to poison Florida city's water supply

    Hackers breach, attempt to poison Florida city's water supply | TheHill

  17. #17
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    A quite good write-up on Microsoft Defender, the free antivirus client built into Windows.

    It's worth noting that it's a decent a/v tool in its own right, but there is a downloadable Configuration Tool that exposes all the hidden settings, and the article makes some sensible suggestions as to which ones to enable.

    Link here:

    Decoding Microsoft Defender’s hidden settings | Computerworld

  18. #18
    Thailand Expat jabir's Avatar
    Join Date
    Jul 2016
    Last Online
    @
    Posts
    12,009
    Quote Originally Posted by harrybarracuda View Post
    A quite good write-up on Microsoft Defender, the free antivirus client built into Windows.

    It's worth noting that it's a decent a/v tool in its own right, but there is a downloadable Configuration Tool that exposes all the hidden settings, and the article makes some sensible suggestions as to which ones to enable.

    Link here:

    Decoding Microsoft Defender’s hidden settings | Computerworld
    Had a look, fortunately my system seems to be working ok so I won't be fiddling with stuff that I don't understand, esp without Butterfly to save the day. Took a couple of decades to sink in, but my pioneer 'what happens if I click this' days often ended in a full reinstall, lost data and other shit.

  19. #19
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    Quote Originally Posted by jabir View Post
    I won't be fiddling with stuff that I don't understand, esp without Butterfly to save the day.
    Well that's fucking hilarious.


  20. #20
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    Remember the recent North Korea sponsored attack on security researchers? This article has a screenshot of one of the actual Phishing messages.

    https://safernet.it/state-sponsored-hackers-cybersecurity/

    *** The Security News Thread  ***-nk-phishing-png *** The Security News Thread  ***-screen-shot-2021-02-01-9-a *** The Security News Thread  ***-screen-shot-2021-02-01-9-a

  21. #21
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    They have been busy little bees.

    CISA, the Federal Bureau of Investigation, and the Department of the Treasury have released a Joint Cybersecurity Advisory and seven Malware Analysis Reports (MARs) on the North Korean government’s dissemination of malware that facilitates the theft of cryptocurrency—referred to by the U.S. Government as “AppleJeus.”
    The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.
    CISA encourages users and administrators to review the following resources for more information.

    https://us-cert.cisa.gov/ncas/curren...vity-applejeus

  22. #22
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    The big guy can't feed his own people but has plenty of cash to train and/or hire some of the world's best hackers. Piece of work.

  23. #23
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    I don't normally post tweets but Microsoft don't normally use the word "rampant".

    We’re tracking a rampant phishing attack that uses DGA domains, free email services, and even compromised email accounts to send massive numbers of phishing emails. These emails are linked by open redirector URLs that begin with a distinct pattern: hxxps://t[.]domain[.]tld/r/?
    https://twitter.com/MsftSecIntel/sta...62191304019968

  24. #24
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    A user on a popular hacker forum is selling three databases that purportedly contain user credentials and device data stolen from three different Android VPN services – SuperVPN, GeckoVPN, and ChatVPN – with 21 million user records being sold in total.

    https://cybernews.com/security/one-of-the-biggest-android-vpns-hacked-data-of-21-million-users-from-3-android-vpns-put-for-sale-online/?web_view=true

  25. #25
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    102,952
    So stay away from Xerox multifunction printers then....

    A legal demand has allegedly prevented a security conference speaker from holding a talk on Xerox printers.

    On February 18, a copy of a notice published by Infiltrate security conference organizers was posted to Twitter. The statement revealed that a planned talk by Raphaël Rigo, a security researcher from Airbus Security Lab, was canceled.

    The presentation was due to happen on February 18 at 11:00 EST. However, with what appeared to be less than an hour to go, Infiltrate said the event was canceled and “apologized for the inconvenience”.

    “I regret to inform you that we received notification this morning that ‘pending legal action’ we cannot present Raphaël’s Xerox research,” the notice from Infiltrate reads.

    “Sadly, we must cancel the event today. We must cease and desist publication, presentation, and discussions related to the content of Raphaël’s talk.”
    https://portswigger.net/daily-swig/xerox-legal-threat-reportedly-silences-researcher-at-infiltrate-security-conference


Page 39 of 44 FirstFirst ... 293132333435363738394041424344 LastLast

Thread Information

Users Browsing this Thread

There are currently 2 users browsing this thread. (0 members and 2 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •