hate these ads?, log in or register to hide them
Page 58 of 58 FirstFirst ... 84855565758
Results 1,141 to 1,148 of 1148

Thread: Antivirus is shit, everything is compromised, etc etc (Cybersecurity thread)

  1. #1141
    Mashie Saldana's Avatar
    Join Date
    April 10, 2011
    Location
    Peterborough, UK
    Posts
    1,165
    Quote Originally Posted by Nordstern View Post
    AMD potentially has new vulnerabilities.

    https://www.tomshardware.com/news/ne...n-architecture
    That is already fixed on the current generation AMD CPU's. But hey, at least Intel are trying hard to find something to use as negative marketing towards AMD :

    https://twitter.com/Cmoney_319/statu...78894253473797



    And just for the fun of it, another Intel hole that can't even be patched as the broken code is read only:

    https://arstechnica.com/information-...ats-unfixable/

    That flaw isn't that terrible from a hacking point of view but very handy for those that need to bypass DRM restrictions now and then.
    How to tell the difference between Machine Learning and AI:
    If it is written in Python it is most likely Machine Learning.
    If it is written in PowerPoint it is most likely AI.

  2. #1142

    Join Date
    May 30, 2011
    Location
    asleep
    Posts
    6,919
    lol "it's a conspiracy" fuck off and read the twitter thread you posted.
    Please don't teach me what to do with my pc.

  3. #1143
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,697
    Another day, another Intel security flaw.

    https://www.zdnet.com/article/intel-...w-lvi-attacks/
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  4. #1144
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,697
    And, another day, another 'Antivirus is shit' example

    https://github.com/taviso/avscript
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  5. #1145

    Join Date
    May 31, 2011
    Posts
    5,128
    Good article about alternative authenticator apps. I was looking for an alternative to Google Authenticator for quite some time now, especially one that is easier to backup/restore. This one mentions a couple that allow multiple devices. Bonus points for also detailing the risks involved with this.

    https://arstechnica.com/information-...-dont-have-to/

  6. #1146

    Join Date
    May 31, 2011
    Posts
    5,128
    Why oh why don't these people put their obvious creativity and efforts into something good.

    The PowerShell script reaches out to either imgur.com or imgbox.com and downloads an image that has malicious code hidden inside the pixels through a technique called steganography. The data is encoded by the Base64 algorithm, encrypted with an RSA key, and then Base64-encoded again. In a clever move, the script contains an intentional error in its code. The resulting error message that’s returned—which is different for each language pack installed on the OS—is the decryption key.
    https://arstechnica.com/information-...ustrial-firms/

  7. #1147
    Mashie Saldana's Avatar
    Join Date
    April 10, 2011
    Location
    Peterborough, UK
    Posts
    1,165
    Quote Originally Posted by Hel OWeen View Post
    Why oh why don't these people put their obvious creativity and efforts into something good.

    The PowerShell script reaches out to either imgur.com or imgbox.com and downloads an image that has malicious code hidden inside the pixels through a technique called steganography. The data is encoded by the Base64 algorithm, encrypted with an RSA key, and then Base64-encoded again. In a clever move, the script contains an intentional error in its code. The resulting error message that’s returned—which is different for each language pack installed on the OS—is the decryption key.
    https://arstechnica.com/information-...ustrial-firms/
    Good is probably not as well paid.

    Very clever approach but not good enough as it got detected.
    How to tell the difference between Machine Learning and AI:
    If it is written in Python it is most likely Machine Learning.
    If it is written in PowerPoint it is most likely AI.

  8. #1148

    Join Date
    May 31, 2011
    Posts
    5,128
    Quote Originally Posted by Mashie Saldana View Post
    Quote Originally Posted by Hel OWeen View Post
    Why oh why don't these people put their obvious creativity and efforts into something good.

    The PowerShell script reaches out to either imgur.com or imgbox.com and downloads an image that has malicious code hidden inside the pixels through a technique called steganography. The data is encoded by the Base64 algorithm, encrypted with an RSA key, and then Base64-encoded again. In a clever move, the script contains an intentional error in its code. The resulting error message that’s returned—which is different for each language pack installed on the OS—is the decryption key.
    https://arstechnica.com/information-...ustrial-firms/
    Good is probably not as well paid.

    Very clever approach but not good enough as it got detected.
    It isn't mentioned anywhere how it got detected, but I suspect it being some kind of by-catch caught by some regular automation, e.g. uploads to VirusTotal, own honeypots.

    It's an Office document with macros after all, so I'd suspect those being paid closer attention to.

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •