hate these ads?, log in or register to hide them
Page 27 of 37 FirstFirst ... 1724252627282930 ... LastLast
Results 521 to 540 of 737

Thread: Antivirus is shit, everything is compromised, etc etc (Cybersecurity thread)

  1. #521
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    19,148
    IPSec all the things... We are like 5 years past when i thought we were going to be on IPv6 internet.
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  2. #522

    Join Date
    May 30, 2011
    Location
    asleep
    Posts
    6,446
    IPV4 needs to die.
    Please don't teach me what to do with my pc.

  3. #523
    Limos's Avatar
    Join Date
    April 9, 2011
    Posts
    110
    Quote Originally Posted by Itiken View Post
    IPV4 needs to die.
    But it never will...

  4. #524
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,418
    Stupid registry key no longer to be a thing for previous Windows versions too.
    What a waste of time all that was, obvious from day 1.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  5. #525
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,515
    Talking of IPv4/v6,

    Internet’s Noise

    TL;DR: In 24 hours, 1018 unique IPv4 addresses scanned 1167 different ports. Peaks are Telnet, SQL, and SSH. Few organizations, such as Shodan, are scanning in a structured way. Ping is only used by universities but not by port scanners at all. No single IPv6 scan.

  6. #526

    Join Date
    May 30, 2011
    Location
    asleep
    Posts
    6,446
    That's impressive.
    I'm not particularly surprised, and ranted a bit at some dumb 'cyber auditor' the other day as to why we don't' monitor our external firewall logs due to them being too full of this junk, but even so, that's impressive.
    Please don't teach me what to do with my pc.

  7. #527
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,515
    Hackers stole a casino's high-roller database through a thermometer in the lobby fish tank

    Eagan gave one memorable anecdote about a case Darktrace worked on where an unnamed casino was hacked via a thermometer in a lobby aquarium.

    “The attackers used that to get a foothold in the network. They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud,” she said.
    (otherwise, it's just puff for a 'cybersecurity company' and a quick search can't verify it)

  8. #528
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    19,148
    Quote Originally Posted by Sparq View Post
    Hackers stole a casino's high-roller database through a thermometer in the lobby fish tank

    Eagan gave one memorable anecdote about a case Darktrace worked on where an unnamed casino was hacked via a thermometer in a lobby aquarium.

    “The attackers used that to get a foothold in the network. They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud,” she said.
    (otherwise, it's just puff for a 'cybersecurity company' and a quick search can't verify it)
    IoT was always going to introduce massive security issues as the thing are usually very low on compute power and security is usually a lot further down the list than functionality. Its like those IP security cameras that nicely register themselves in dyndns and try to open ports using UPnP because its easier for the end users (who 9 times out of 10 dont even know or care its capable of doing this or reset the default passwords).

    A good IoT setup secure the devices away from the rest of the network assuming they are vulnerable.
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  9. #529

    Join Date
    May 31, 2011
    Posts
    4,217
    I remember a lengthy and very insightful aftermath article at Ars Technica from a couple of years ago, that explained how the malware made it to the POS terminals at that (and there my memory fails me) Walmart(?) hack.

    The (to me fascinating) tl;dr
    The access point to the internal network was a remote controlled A/C system in a remote storage location.

  10. #530
    Straight Hustlin's Avatar
    Join Date
    April 14, 2011
    Posts
    10,403
    Quote Originally Posted by Hel OWeen View Post
    I remember a lengthy and very insightful aftermath article at Ars Technica from a couple of years ago, that explained how the malware made it to the POS terminals at that (and there my memory fails me) Walmart(?) hack.

    The (to me fascinating) tl;dr
    The access point to the internal network was a remote controlled A/C system in a remote storage location.
    Think it was Target maybe?

  11. #531
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,515





    ~ in other news,



    Russia is now blocking the Telegram app. Because Telegram uses both AWS & GCE networks to work around blocks, more and more IP nets are being blocked in Russia as a result.

    Yesterday it was 38,000 unique IPs. Today, it's 1,800,000 unique IPs.

    Data

    Reporting

    ~ as you will see on that bleeping computer link, blocking almost two million IP addresses from two major service providers has ... had some repercussions.
    Last edited by Sparq; April 17 2018 at 05:07:00 AM.

  12. #532
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    19,148
    I guess there is no need to retaliate for this then http://www.news.com.au/technology/on...8e9161c7b31a40 (Sorry for the Australian centric report) as they are doing a better job at fucking themselves over than we probably ever could..
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  13. #533
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,418
    Meanwhile, Windows 10 might have a problem with zeroing large memory pages...
    https://sourceforge.net/p/sevenzip/d...read/e730c709/
    1) 7-Zip allocates large pages with VirtualAlloc(MEM_LARGE_PAGES) - OK.
    2) 7-Zip asks to free large pages with VirtualFree().
    3) Windows puts large pages to some queue for asynchronous filling with zeros. But Windows allows another VirtualAlloc() calls to get these pages.
    4) 7-Zip, some another program or Windows calls VirtualAlloc(),
    (it can be 4 KB pages or 2 MB pages). And Windows sometimes can return same pages, that are still in queue for ZEROing. So we can get situation where two different virtual addresses links to one physical space.
    5) 7-Zip (or Windows) try to use new allocated virtual pages.
    6) Windows asynchronously fills old 2 MB physical pages with zeros.
    7) 7-Zip (or Windows) don't expect that data in allocated pages can be asynchronously changed by another process, so 7-Zip (or Windows) can crash.
    I'd assume that prior to the async zeroing, you'd be able to read another process's data that it wanted forgetting, and afterwards your own might be FUBAR. So a security issues as well as a crash cause.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  14. #534
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,515
    Russia Telegram melt-down now up to sixteen million IP bans.

  15. #535
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,515
    Quote Originally Posted by Sparq View Post
    Russia Telegram melt-down now up to sixteen million IP bans.
    Media regulator Roskomnadzor, responsible for instituting the IP blocks earlier issued a statement denying its actions are responsible for numerous service outages across platforms like Viber, e-commerce & shops, games such as Guild Wars & World of Warships and spoiler alert: they are.

    There are more IP bans than Telegram users in Russia. According to reports, Telegram still works fine...

  16. #536

    Join Date
    May 31, 2011
    Posts
    4,217
    Quote Originally Posted by Straight Hustlin View Post
    Quote Originally Posted by Hel OWeen View Post
    I remember a lengthy and very insightful aftermath article at Ars Technica from a couple of years ago, that explained how the malware made it to the POS terminals at that (and there my memory fails me) Walmart(?) hack.

    The (to me fascinating) tl;dr
    The access point to the internal network was a remote controlled A/C system in a remote storage location.
    Think it was Target maybe?
    Right, Target it was.

    And as this article points out, the above mentioned A/C network was not the point of entry, but just an ordinary phising of a contactor So I stand corrected.

  17. #537
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    9,585
    Another day, another Intel vuln: https://www.bleepingcomputer.com/new...uefi-firmware/

    Intel has addressed a vulnerability in the configuration of several CPU series that allow an attacker to alter the behavior of the chip's SPI Flash memory —a mandatory component used during the boot-up process.

    According to Lenovo, who recently deployed the Intel fixes, "the configuration of the system firmware device (SPI flash) could allow an attacker to block BIOS/UEFI updates, or to selectively erase or corrupt portions of the firmware."

    Lenovo engineers say "this would most likely result in a visible malfunction, but could in rare circumstances result in arbitrary code execution."

    Intel deployed fixes for this vulnerability (CVE-2017-5703) on April 3. The chipset maker says the following CPU series utilize unsafe opcodes that allow local attackers to take advantage of this security bug:

    8th generation Intel® Core™ Processors
    7th generation Intel® Core™ Processors
    6th generation Intel® Core™ Processors
    5th generation Intel® Core™ Processors
    Intel® Pentium® and Celeron® Processor N3520, N2920, and N28XX
    Intel® Atom™ Processor x7-Z8XXX, x5-8XXX Processor Family
    Intel® Pentium™ Processor J3710 and N37XX
    Intel® Celeron™ Processor J3XXX
    Intel® Atom™ x5-E8000 Processor
    Intel® Pentium® Processor J4205 and N4200
    Intel® Celeron® Processor J3455, J3355, N3350, and N3450
    Intel® Atom™ Processor x7-E39XX Processor
    Intel® Xeon® Scalable Processors
    Intel® Xeon® Processor E3 v6 Family
    Intel® Xeon® Processor E3 v5 Family
    Intel® Xeon® Processor E7 v4 Family
    Intel® Xeon® Processor E7 v3 Family
    Intel® Xeon® Processor E7 v2 Family
    Intel® Xeon® Phi™ Processor x200
    Intel® Xeon® Processor D Family
    Intel® Atom™ Processor C Series

    The bug has received a severity score of 7.9 out of 10 on the CVSSv3 scale. Intel said it discovered the issue internally.

    "Issue is root-caused, and the mitigation is known and available," the company said in a security advisory. "To Intel’s knowledge, the issue has not been seen externally."

    Intel has released updates that PC and motherboard vendors are expected to deploy as firmware patches or BIOS/UEFI updates.
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  18. #538
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,515
    Spoofing Cell Networks with a USB to VGA Adapter

    The signals transmitted from the FL2000 chip are obviously quite weak, but the next step will logically be the hardware modifications necessary to boost transmission to more useful levels.

    To say this is a big deal is something of an understatement.

    For a few bucks, you’ll be able to get a device to spoof cellular networks and GPS signals. This was possible before, of course, but took SDR hardware that was generally outside the budget of the casual experimenter.

  19. #539
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,515
    Okay, so I know technically this hasn't become an actual clown shoe filled dumpster fire yet, but oh boy does it have some out-fucking-standing potential for entertainment.

    Ladies & gentlemen, the Internet of Shit is proud to declare:

    Smart license plates hitting California roads

    - seriously. Read & watch that.



    ~ the devil on my shoulder cannot wait for this to take off. I can think of half a dozen exploits just off the top of my head.

    • Well, e-Ink displays are going to get a lot cheaper, especially if they're second-hand...
    • That whole "get a stolen car to display STOLEN on the plates" thing isn't going to last.
    • Alternatively, great trick to play on your ex, eh?
    • Really don't like someone? Hack their plate to alternately flash "REGISTERED" and "PEDOPHILE", bonus points if it only displays during school hours.
    • Porn. Enough said.
    • Going to commit some crimes? Get a generic daily driver that looks like all the other cars you see frequently, exercise a little judicious photography when the opportunity arises (or just jot them down, pencil & pad - old school) et voilà you've now got enough valid plates to cycle across that match your vehicle ID, that your getaway driver is probably going to get away every time.


    The mind simply boggles.

    ~ a while back I theory-crafted with friends how e-Ink displays hacked into license plate frames could be exploited by sophisticated criminals, never actually expecting in my naivety that someone would go ahead and potentially bankroll a whole ecosystem.
    Last edited by Sparq; April 25 2018 at 05:09:49 PM.

  20. #540

    Join Date
    April 14, 2011
    Posts
    6,742
    A reprogrammable plate? Why on earth do plates even need to change? Haven't these people got ANPR like the rest of the world?
    Last edited by elmicker; April 25 2018 at 05:25:45 PM.

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •