hate these ads?, log in or register to hide them
Page 20 of 31 FirstFirst ... 101718192021222330 ... LastLast
Results 381 to 400 of 615

Thread: Antivirus is shit, everything is compromised, etc etc (Cybersecurity thread)

  1. #381
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,439
    Quote Originally Posted by Daneel Trevize View Post
    Quote Originally Posted by Sparq View Post
    also
    Why not link to the article instead of a tweet that a number of us have blocked from performing callbacks (i.e. eventually actually displaying) when embedded.

    Kinda ironic given that the article is about malicious 3rd party JS on a trusted website.
    because irony is fun and I'm lazy

  2. #382
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,439
    ALSO

    I forgot to mention this when it was published but it might be of interest to some,

    Last edited by Sparq; February 2 2018 at 06:06:46 AM.

  3. #383
    Donor Rami's Avatar
    Join Date
    April 10, 2011
    Location
    London/Snuffbox
    Posts
    1,361
    Meh autosploit isn't that useful because it's so low hanging fruit. Basically if you compromise someone with that, you're likely stepping into a stinking swamp of previously exploited crap and god knows what you'll catch.
    Could be cute to generate short-lived botnets though.

  4. #384
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,439
    SOURCE CODE for Apple's iBoot, one of the core components of iOS, has been posted on GitHub, potentially opening up Cupertino's traditionally locked-down mobile software to opportunistic hackers.

    Responsible for launching a trusted boot of iOS, iBoot is the first program that gets kicked into action every time an iPhone is turned on. It ensures that the mobile OS's kernel is approved by Apple and legitimate for use on an iPhone or iPad.
    Sadly, news broke about 12 hours ago and it's long gone from the original repository since Apple threw a DMCA at it, which all but confirmed authenticity. However, The Register says it's still floating around on Twitter and obviously it's in the wild now. Supposedly, it was being exchanged quietly for the last 4 months ...

  5. #385

    Join Date
    April 13, 2011
    Posts
    6,430
    Eh, I'd be cautious handling that shit. Properly stolen software is not a grey area.

  6. #386
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,439
    Quote Originally Posted by elmicker View Post
    Eh, I'd be cautious handling that shit. Properly stolen software is not a grey area.
    I've been desensitized by years of "you wouldn't download a" memes, but I've also evolved a protective laziness that prevents me from acting on at least half the illegal shit I contemplate.

    ALSO

    New MAGNETO & ODINI Techniques Steal Data From Faraday Cage-Protected Equipment

    Both techniques function on the same premise —of using malware installed on air-gapped devices inside the Faraday cage to regulate the workloads on CPU cores in order to control the magnetic fields emanating from the computer.

    Binary data from the computer is encoded in the magnetic field frequencies, which are strong enough to penetrate Faraday cages.
    Check out he list of hacks they've come up with at the bottom of the article.


    ...

    Shitcoins

    Infosec bods say they have uncovered what's thought to be the first case of a major industrial control system network infected with cryptocurrency-mining malware.

    SCADA security outfit Radiflow claimed today it found the software nasty lurking in computer systems at a water treatment facility. Several operational servers used to monitor and regulate critical water supplies were found to have been infected with code that secretly harvested Monero cyber-dosh and sent the coins over the internet to its masterminds, we're told.
    Last edited by Sparq; February 9 2018 at 08:41:40 AM.

  7. #387

    Join Date
    April 13, 2011
    Posts
    6,430
    This isn't new. In fact it's probably one of the oldest attacks on the books. That's why the Tempest standards are mostly about distance, rather than shielding.

    Or in other words, call me when they can effectively run that attack when the machines aren't back to back, touching the walls and plugged into unshielded power lines.

  8. #388
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,439
    Researcher Uses macOS App Screenshot Feature to Steal Passwords, Tokens, Keys

    Malicious app developers can secretly abuse a macOS API function to take screenshots of the user's screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image.

    The function is CGWindowListCreateImage, often utilized by Mac apps that take screenshots or live stream a user's desktop.

  9. #389
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    18,635
    I always have a little chuckle inside when people talk about air gaped systems because it reminds me of a chat I had with an architect once about the customers requirements for their new system.. Air gap, but able to administer remotely on the lan like normal.

    Literally no words.
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  10. #390
    Shaikar's Avatar
    Join Date
    April 9, 2011
    Location
    Kador
    Posts
    2,265
    Quote Originally Posted by Lana Torrin View Post
    I always have a little chuckle inside when people talk about air gaped systems because it reminds me of a chat I had with an architect once about the customers requirements for their new system.. Air gap, but able to administer remotely on the lan like normal.

    Literally no words.
    Wifi!

  11. #391
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    18,635
    Quote Originally Posted by Shaikar View Post
    Quote Originally Posted by Lana Torrin View Post
    I always have a little chuckle inside when people talk about air gaped systems because it reminds me of a chat I had with an architect once about the customers requirements for their new system.. Air gap, but able to administer remotely on the lan like normal.

    Literally no words.
    Wifi!
    They wanted the system air gaped but connected to sccm.. I like how no one seems to understand how much of a security risk centralized management actually is. Compromise one server (that usually can't be well protected because of the nature of what it does) and you have the keys to everything.

    Anyway, they ended up with a connected system and 2 firewalls that had so many holes Swiss cheese got jelly.. It was exactly as secure as their domain admin password that only every admin that worked there in the past 20 years knew and may have been the street address of their first office.
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  12. #392
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,439
    When it absolutely, positively needs to be leaked overnight: 120k FedEx customer files spill from AWS S3 silo

    This time it's a misconfigured AWS cloud silo belonging to FedEx, which openly exposed an archive of more than 119,000 scanned documents – including passports and drivers licenses – plus customer records including postal addresses.

    The leaky data store, which was discovered online by Apple security shop Kromtech, was built by international e-commerce delivery service Bongo International, which FedEx bought in 2014 and closed down three years later. The data is old, but not too old, and would still be very useful indeed for identity thieves.
    secure :clap: your :clap: AWS :clap: S3 :clap: silos :clap: people :clap:

  13. #393

    Join Date
    April 13, 2011
    Posts
    6,430
    Quote Originally Posted by Lana Torrin View Post
    I like how no one seems to understand how much of a security risk centralized management actually is..
    The threat from a machine not being centrally managed almost invariably outweighs the threat from it being networked up to a single point of authority.

  14. #394
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,439
    A Hacker Has Wiped a Spyware Company’s Servers—Again

    Last year, a vigilante hacker broke into the servers of a company that sells spyware to everyday consumers and wiped their servers, deleting photos captured from monitored devices. A year later, the hacker has done it again.

  15. #395
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,439
    Last edited by Sparq; February 20 2018 at 05:23:24 AM.

  16. #396
    SAI Peregrinus's Avatar
    Join Date
    December 13, 2011
    Posts
    1,701
    Quote Originally Posted by Sparq View Post
    And then admitted to it. Publicly. It's a crime that can carry jail time in both the US (where many users are) and the UK (where the company is).

  17. #397

    Join Date
    May 30, 2011
    Location
    asleep
    Posts
    6,202
    Quote Originally Posted by Lana Torrin View Post
    Anyway, they ended up with a connected system and 2 firewalls that had so many holes Swiss cheese got jelly..
    hah... I was arguing with a "cybersecurity audit consultant" about why we switch off windows firewall the other day.
    He didn't seem to get the concept of TCP/UDP ports.
    weird.
    Please don't teach me what to do with my pc.

  18. #398
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    18,635
    Any/any rules should be banned...
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  19. #399

    Join Date
    May 30, 2011
    Location
    asleep
    Posts
    6,202
    As should system & remote API calls to open local firewalls....
    Please don't teach me what to do with my pc.

  20. #400
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,439
    So, certs.


Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •