|
COACHS SPORT BAR posted:lol holylol
|
# ? Jul 10, 2017 18:21 |
|
|
# ? May 15, 2024 04:18 |
|
i saw that the petya decryption key was released just the other day practically speaking, how are they obtaining the keys to these ransomwares? i mean, they must be using a crap algorithm in order for this to be possible, right?
|
# ? Jul 10, 2017 19:11 |
|
they did cybers, and countercybers
|
# ? Jul 10, 2017 19:12 |
WAR DOGS OF SOCHI posted:i saw that the petya decryption key was released just the other day sometimes, people reverse engineer the ransomware enough to figure exactly what's happening, and how. this time, similarly to teslacrypt, the author released the private key in public
|
|
# ? Jul 10, 2017 19:14 |
|
cinci zoo sniper posted:sometimes, people reverse engineer the ransomware enough to figure exactly what's happening, and how. this time, similarly to teslacrypt, the author released the private key in public i must be missing something because even if you reverse engineer something that implements something like rsa encryption, you aren't decoding that thing in a few months without the private key -- as you point out, the author would need to release that
|
# ? Jul 10, 2017 19:20 |
WAR DOGS OF SOCHI posted:i must be missing something because even if you reverse engineer something that implements something like rsa encryption, you aren't decoding that thing in a few months without the private key -- as you point out, the author would need to release that
|
|
# ? Jul 10, 2017 19:31 |
|
cinci zoo sniper posted:crypto based on a quadratic function all over 2fa
|
# ? Jul 10, 2017 19:40 |
|
WAR DOGS OF SOCHI posted:i saw that the petya decryption key was released just the other day A few things are in play here: The recent attack on Ukraine was performed using a modified version of Petya, known as NotPetya, ExPetya, Nyetya etc. Modifications included the delivery method (EternalBlue and Powershell/WMI) and a hastily-implemented payment mechanism which didn't work. These modifications were done without having acces to the original source code. I.e. likely not by the original authors of Petya. "Janus" the original author of Petya, contacted Hasherezade, a malware researcher, and gave her the master key for the previous versions of Petya. I.e. the OG ransomware version, not the one used in the attacks. This key cannot be used to decrypt NotPetya. Now, the Petya familiy of ransomware can work in two modes: If it has no administrator privileges it encrypts the files on the machine with the current user credentials using AES. If it _does_ have admin, it will write a new bootloader to the MBR that will encrypt the entire drive using Salsa20. Most recently it became known that certain errors were made in the implementation of said Salsa20 encryption, possibly allowing for the decryption of files. You can read about this recent development here: http://blog.ptsecurity.com/2017/07/recovering-data-from-disk-encrypted-by.html
|
# ? Jul 10, 2017 19:41 |
|
e: nvm
communism bitch fucked around with this message at 19:44 on Jul 10, 2017 |
# ? Jul 10, 2017 19:42 |
|
spankmeister posted:A few things are in play here: you are awesome. thanks for taking the time to post this and for the link!
|
# ? Jul 10, 2017 19:45 |
|
lmao https://thehackerblog.com/the-io-error-taking-control-of-all-io-domains-with-a-targeted-registration/
|
# ? Jul 10, 2017 19:52 |
|
Powerful Two-Hander posted:
i want to know exactly what the "compliance officer" is expected to do in that scenario (i'm sure it's probably just "tell the employee that they are not to give the border guard cash" and "testify under oath that there was in fact a 'compliance officer' available to take the call and 'provide assistance' consistent with the policy blah blah" but i'd love to see that office drone just stammer his way through "uhhhhh well, hmmm...")
|
# ? Jul 10, 2017 19:55 |
|
he's expected to bugger off and let the man handle his bakhsheeshquote:*As an unrelated aside, it’s important to remember to kill tcpdump after you’ve started it. Not doing that is a great way to obliterate your VPS disk space with DNS data, which was an unexpected additional impact of this . Please note that any DNS data recorded for debugging purposes has now been purged for the privacy of the users of the .io TLD/its domains.
|
# ? Jul 10, 2017 20:02 |
|
anthonypants posted:lmao https://thehackerblog.com/the-io-error-taking-control-of-all-io-domains-with-a-targeted-registration/ noice
|
# ? Jul 10, 2017 20:07 |
Mr SuperAwesome posted:noice nioce
|
|
# ? Jul 10, 2017 20:07 |
|
i'm the guy that gets chased by his compliance dept. every year to get all of the tests and quizzes done, and every year I do them at the last possible moment. If any of you work in that capacity I'm really sorry. I'm that guy.
|
# ? Jul 10, 2017 20:13 |
im the guy who still hasnt gotten fire safety and electrical safety training
|
|
# ? Jul 10, 2017 20:16 |
|
i used to fast-forward the vids to the end and then answer the obvious questions then they disabled fast-forward for the 18 video segments, so i opened 18 tabs and ran the vids concurrently then they disabled skipping segments before completing the previous one, so now i have to run them in real time in the background as i do real work(sa shitposting).
|
# ? Jul 10, 2017 20:53 |
|
cinci zoo sniper posted:n.io.ce
|
# ? Jul 10, 2017 21:03 |
|
cinci zoo sniper posted:im the guy who still hasnt gotten fire safety and electrical safety training same, but also general work safety training.
|
# ? Jul 10, 2017 21:10 |
Truga posted:same, but also general work safety training.
|
|
# ? Jul 10, 2017 21:12 |
|
WAR DOGS OF SOCHI posted:i used to fast-forward the vids to the end and then answer the obvious questions usually it's one or two JS variables you can set through the console now that they generally don't use plugins
|
# ? Jul 10, 2017 21:18 |
|
regarding an oracle exploit from the equation group leak https://twitter.com/nicowaisman/status/884507246096519168
|
# ? Jul 11, 2017 02:16 |
|
ratbert90 posted:Hey, these are actually really neat! Do you mind also handling libressl as well? Thanks! Yeah, I will look in to it this week
|
# ? Jul 11, 2017 03:22 |
|
BangersInMyKnickers posted:Yeah, I will look in to it this week Oh I've been meaning to ask you why you chose the ecc curve order that you did.
|
# ? Jul 11, 2017 06:16 |
|
spankmeister posted:Oh I've been meaning to ask you why you chose the ecc curve order that you did.
|
# ? Jul 11, 2017 09:04 |
|
for all mandatory trainings, the procedure is: find a browser where the training works, then just skip skip skip immediately to the end and start masterminding the quiz: "okay, a a a a a a a a is 35.7% correct, how about b b b b b b b b..."
|
# ? Jul 11, 2017 10:11 |
|
maskenfreiheit posted:instead of facebook try face to face book error: no results found for face showing results for feet instead
|
# ? Jul 11, 2017 10:46 |
|
https://twitter.com/hackingdave/status/883895580749160449
|
# ? Jul 11, 2017 11:35 |
|
He registered a company in that name to get the code signing cert lmfao
|
# ? Jul 11, 2017 13:20 |
|
To be honest, real companies don't have that much better names. TrustedSec, LLC. sounds just as stupidly real as tons of other real companies.
|
# ? Jul 11, 2017 13:43 |
|
spankmeister posted:He registered a company in that name to get the code signing cert lmfao In the past, the title field wasn't signed so you could put whatever in there and it would show it. This one guy made a demo of this to point out how poo poo it was and noticed in his web server logs two people from Oracle had tried it with titles such as "who gives a poo poo"
|
# ? Jul 11, 2017 13:56 |
|
reminds me of like 15 years ago and using IE and getting sketchy activex controls with long names saying they're totally cool and safe and begging to be installed
|
# ? Jul 11, 2017 15:29 |
|
spankmeister posted:Oh I've been meaning to ask you why you chose the ecc curve order that you did. Anything in particular? I lean to the NIST curves over Brainpool because I feel they are more heavily vetted (and I am a CIA plant). 25519 is young but under a lot of review, with a strength roughly equivalent to P256 so it goes in the middle.
|
# ? Jul 11, 2017 17:36 |
|
spankmeister posted:He registered a company in that name to get the code signing cert lmfao not unlike being 15 and using the AOL screen name BillingDept to phish people
|
# ? Jul 11, 2017 17:51 |
|
if we use asas is there a good alternative to anyconnect or should we be using anyconnect
|
# ? Jul 11, 2017 18:08 |
|
LibreSSL 2.5.4 configcode:
|
# ? Jul 11, 2017 18:11 |
|
anthonypants posted:if we use asas is there a good alternative to anyconnect or should we be using anyconnect i'm wondering this too, because i bought a couple grey market ASAs for personal use and i'm not sure how the vpn stuff will shake out i found this: http://www.infradead.org/openconnect/ might be useful?
|
# ? Jul 11, 2017 18:15 |
|
BangersInMyKnickers posted:Anything in particular? I lean to the NIST curves over Brainpool because I feel they are more heavily vetted (and I am a CIA plant). 25519 is young but under a lot of review, with a strength roughly equivalent to P256 so it goes in the middle. Thanks. Nothing in particular, just wanted to know your reasoning. Some of the curves are unsafe according to djb et al: https://safecurves.cr.yp.to/ But I don't know enough about ecc to really understand the implications of "unsafe" curves.
|
# ? Jul 11, 2017 18:16 |
|
|
# ? May 15, 2024 04:18 |
|
RISCy Business posted:i'm wondering this too, because i bought a couple grey market ASAs for personal use and i'm not sure how the vpn stuff will shake out e: nevermind, i found the windows installers
|
# ? Jul 11, 2017 18:20 |