|
Migishu posted:Security Fuckup Megathread - v13.0.1 - looks like them secfuck boys are at it again
|
# ¿ Jan 5, 2017 19:48 |
|
|
# ¿ May 5, 2024 17:56 |
|
Crazy Achmed posted:Someone stole a couple of those insane razer triple-monitor laptops from ces. Does this count tangentially as a secfuck? Didn't they have another prototype walk away a year or two ago? I think it was one of the razerblade laptops or something like that.
|
# ¿ Jan 10, 2017 05:00 |
|
That 29,000 mongo database ransom attack? Well, apparently paying ransom isn't getting the key to decrypt.quote:Merrigan and Gevers are maintaining a public Google Drive document (read-only) that is tracking the various victims and ransom demands. Merrigan said it appears that at least 29,000 MongoDB databases that were previously published online are now erased. Worse, hardly anyone who’s paid the ransom demands has yet received their files back. Here's Krebs article: https://krebsonsecurity.com/2017/01/extortionists-wipe-thousands-of-databases-victims-who-pay-up-get-stiffed/ Here's Google Drive list of victims: https://docs.google.com/spreadsheets/d/1QonE9oeMOQHVh8heFIyeqrjfKEViL0poLnY8mAakKhM/edit#gid=2122582863 Proteus Jones fucked around with this message at 13:04 on Jan 11, 2017 |
# ¿ Jan 11, 2017 12:59 |
|
Boiled Water posted:alternatively: Here ends ransomware as a way to extract value from idiots with computers, here also starts using ransomware to hamper your competitors. Think industrious espionage but instead of stealing your competitors secrets you lock them away behind a wall of crypto and cyber. Maybe this will also occasion a rise in good backup discipline so companies can rapidly recover from... Sorry. I tried but couldn't keep a straight face.
|
# ¿ Jan 11, 2017 13:14 |
|
Wiggly Wayne DDS posted:in other juniper news: https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10753&actp=search Hahahaha
|
# ¿ Jan 11, 2017 21:27 |
|
spankmeister posted:I only ever see those in lovely airports So, like O'Hare or LAX?
|
# ¿ Jan 15, 2017 00:52 |
|
Cool post, and keep us updated. This seems bizarrely inept. I'm just wondering what the significance of being a freemason and targeting freemasons was. Is freemasonry different in Italy compared to the US? In my area they seem to be guys who hang out once a week and help sponsor kids/families to the Shriner's hospital. Honestly, they seem like Elks with less pancake breakfasts.
|
# ¿ Jan 16, 2017 23:51 |
|
The biggest threat to "cyber" is NOT the Russians (or the NSA). http://arstechnica.com/information-technology/2017/01/whos-winning-the-cyber-war-the-squirrels-of-course/ quote:So far, however, the damage done by cyber attacks, both real (Stuxnet's destruction of Iranian uranium enrichment centrifuges and a few brief power outages alleged to have been caused by Russian hackers using BlackEnergy malware) and imagined or exaggerated (the Iranian "attack" on a broken flood control dam in Rye, New York), cannot begin to measure up to an even more significant cyber-threat—squirrels.
|
# ¿ Jan 17, 2017 00:34 |
|
OSI bean dip posted:when i worked at an isp, three years in a row and approximately in the same spot affecting the same fiber line, we'd have a backhoe dig up our link between our data centre in edmonton to a town in northern alberta. it happened like clockwork around the beginning of october I remember in the mid 90s when a backhoe in St Louis took out almost all of MCI's (remember them?) physical fiber that connected the East of the Mississippi ATM network to the West of the Mississippi ATM network. We ended up moving to Frame Relay with a different provider shortly after that.
|
# ¿ Jan 17, 2017 01:00 |
|
Powaqoatse posted:awesome post! It's being used in the sense of "They weren't taking it seriously" Or just replace "serious" with "competent"
|
# ¿ Jan 17, 2017 03:15 |
|
hackbunny posted:fun fact: they kept the information stolen from other freemasons in a folder (or category, I should reread the report) called "BROS". spankmeister gave a good summary of freemasons in italy and their historical significance I see they went to the Ross Ulbricht School of Covering Your Tracks.
|
# ¿ Jan 17, 2017 06:59 |
|
fishmech posted:it's literally not an ethernet port, it just has the same shape. it's some sort of serial port that you connect up to a device that actually interfaces with the smart meter and through that the utility's network. It can also be used to identify what's drawing the most power and when. So setting aside the utility company being able to control devices during peak load, it helps you as a consumer determine better times to run power hungry devices to save money.
|
# ¿ Jan 17, 2017 17:58 |
|
fishmech posted:they're not internet devices at all, let alone internet of things devices. But it has an ethernet port!
|
# ¿ Jan 18, 2017 02:39 |
|
From out of nowhere comes Aging and Poorly Maintained Back End Systems for the win!
|
# ¿ Jan 23, 2017 03:00 |
|
hackbunny posted:Global Systems Comm. CA. is it even legit? That you're even asking makes it legit enough for most targets, because... quote:anyway, this is installed as a trusted ca in the system certificate store This will slip right on by since I'm guessing a large number of companies don't audit their trusted roots on a regular basis.
|
# ¿ Jan 24, 2017 15:04 |
|
Subjunctive posted:Not true in California at least. Most infosec breach legislation as it impacts customers is on the state level IIRC. I imagine (hope) states are going initiate investigations in the wake of the federal investigation
|
# ¿ Jan 25, 2017 15:55 |
|
Holy poo poo that's bad. Thinking about sending this to a coworker who has a meeting with one of their engineers next week and ask him to add this to the agenda.
|
# ¿ Jan 30, 2017 02:12 |
|
cheese-cube posted:this. but what happened to your av hackbunny? I was wondering the same thing. Who hates you enough to anime it up like that? Unless it was you, then uh...
|
# ¿ Jan 31, 2017 05:04 |
|
CommunistPancake posted:...why would it have to be a Photoshop or AI file? why does the file type mean that nobody can connect to the computer and put up their own image / animation / video file? He explains later on that there's a hash for each image (or something like that). So the new file won't display because there's no way that someone that has managed to compromise the computer to load the images can replace the hashes.
|
# ¿ Jan 31, 2017 10:31 |
|
Jimmy Carter posted:isn't teamviewer the app that all those scammers calling from "Microsoft security" tell you to use? Yep. They keep cycling through 7 day demo accounts.
|
# ¿ Feb 4, 2017 04:42 |
|
OSI bean dip posted:nothing but receipts: quote:For the love of God, please close this port, skid
|
# ¿ Feb 4, 2017 20:37 |
|
minivanmegafun posted:when it's connected to a point of sale system, as most receipt printers are? I have never seen a receipt printer come up as a PCI audit point. Are you confusing them with portable POS devices with integrated receipt printers maybe?
|
# ¿ Feb 5, 2017 05:35 |
|
Storysmith posted:if a receipt printer has a way to talk to it over the public internet do you really believe the pos terminal itself does not Still missing the point of there is no such thing as a "PCI compliant configuration" for a printer. It's just not a thing.
|
# ¿ Feb 5, 2017 05:44 |
|
anthonypants posted:it's very likely, because these are just dumb printers with like port 9100 or whatever open. opening up that port to the world is probably the easiest way for the pos system to be able to talk to it, because whoever installed it was also a pos I haven't dealt with printers directly in almost 20 years, but I see "port 9100" and I felt a chill run down my spine. Those loving HP JetDirect cards.
|
# ¿ Feb 5, 2017 05:50 |
|
power botton posted:with all the leaked Snowden docs it was proved the NSA even has a term for this: AnEx (Anal Exfiltration) Brb, adding AnEx testing to the contract with our pentest (lol) team.
|
# ¿ Feb 7, 2017 18:36 |
|
infernal machines posted:is it still sop for "internet security" suits to mitm ssl traffic with self-signed certs? Yep, gotta make sure no one is doing anything fun during work hours.
|
# ¿ Feb 8, 2017 01:16 |
|
ate all the Oreos posted:but ddos'ing 8chan is a public good Yep.
|
# ¿ Feb 10, 2017 01:39 |
|
A Pinball Wizard posted:https://arstechnica.com/security/2017/02/newly-discovered-flaw-undermines-https-connections-for-almost-1000-sites/ Is that the "TicketBleed" thing? Edit: Yep.
|
# ¿ Feb 10, 2017 03:32 |
|
hackbunny posted:the only qualified statement we can make about it is that we aren't qualified to make statements about it, though Jesus, shut the gently caress up. You're gonna get the thread closed. Go to D&D and masturbate about laws and civil resistance there.
|
# ¿ Feb 13, 2017 07:15 |
|
Welp. quote:AnC, on the other hand, exploits a fundamental mechanism that is in place for efficient code execution that is present in all modern processors. Hence, it is not straightforward to “fix” AnC. Furthermore, AnC runs from JavaScript and does not need to make assumptions on core placement, significantly increasing its impact over Jump over ASLR.
|
# ¿ Feb 15, 2017 16:21 |
|
anthonypants posted:Cloudflare's statement: https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/ lol https://bugs.chromium.org/p/project-zero/issues/detail?id=1139 quote:Cloudflare pointed out their bug bounty program, but I noticed it has a top-tier reward of a t-shirt. crazysim posted:somebody has posted a cloudbleed logo in that report. there's someone who is really deserving of a tshirt right now. Proteus Jones fucked around with this message at 00:50 on Feb 24, 2017 |
# ¿ Feb 24, 2017 00:46 |
|
SHA-1 collision has already wrecked WebKit's SVN. By using the PoC PDFs. https://arstechnica.com/security/2017/02/watershed-sha1-collision-just-broke-the-webkit-repository-others-may-follow/ quote:According to the above-linked bug report, the WebKit repository became corrupted late Thursday night when someone wanted to test how the system would handle the PDFs. Almost immediately, the system experienced failures. The errors persisted into Friday and eventually prompted one user to ask, "Is it fixable, or are we just totally hosed? Are we going to need to delete all the SVN history since this commit from the server in order to avoid the hash collision?" Responses indicated that the repository remained at least partially corrupted even after the PDFs were deleted. This message on a WebKit e-mail list showed mirroring systems remained unable to be updated.
|
# ¿ Feb 25, 2017 07:58 |
|
Shut up Professor Green! https://twitter.com/matthew_d_green/status/836594951702052864
|
# ¿ Feb 28, 2017 19:13 |
|
Jabor posted:"you have to say if you're a cop", but instead we figure it out based on us spying on you I'm absolutely convinced the police themselves are the root of this bit of truthiness.
|
# ¿ Mar 4, 2017 05:13 |
|
quote:[–]akesh45 [-1] 4 points 19 hours ago
|
# ¿ Mar 5, 2017 01:29 |
|
I just managed to bully a client cert out of the help desk for my VPN app. They were going to call me on my "on-file" contact number with the passphrase to unlock the key for import. No worries guys, I managed to get it in one guess: CompanyName123 Gonna have some interesting conversations on Monday.
|
# ¿ Mar 5, 2017 02:30 |
|
cheese-cube posted:Ask Slashdot: Should You Use Password Managers? I legit didn't even realize /. was still at thing. Still the same amount of that I remember.
|
# ¿ Mar 9, 2017 13:18 |
|
anthonypants posted:is 1password v6 on windows still garbage? nvm. discussion has moved on. Need to read through thread before replying. Proteus Jones fucked around with this message at 06:20 on Mar 10, 2017 |
# ¿ Mar 10, 2017 06:15 |
|
anthonypants posted:i got that the other day too, so i opened it in ie instead. turns out you can't request same-day printing so i just went in to the store That may be just your location. I had to print my Plat of Survey with changes marked on legal sized for a county permit application. I got same day no problem, but you do need to give them four hour lead time.
|
# ¿ Mar 26, 2017 05:31 |
|
|
# ¿ May 5, 2024 17:56 |
|
anthonypants posted:gently caress whoever at microsoft thinks "paste as plain text" needs to be hidden in as many right-click submenus as possible It's not just MS. I ended up using a clipboard manager on my Mac just so I can default all cut and paste of text to be plain-text. In the rare case I need to preserve formatting, I can override my default setting on it. Although now that I think about it, it mostly is an issue when copying text from an MS Office document.
|
# ¿ Apr 4, 2017 00:44 |