fishmech posted:

I wonder how many average people would actually give the correct answer to both of those if they were legit trying to buy into whatever scam the guy was selling. They can barely manage to type addresses correctly.

French Canadian posted:

Indeed, and I know cyber "whatever" has been around forever but I am unaware of when just "cyber" became a term. It's like saying "I like mountain" and forgetting to add "climbing", "biking" or "making GBS threads".

quote:

Even though cyber- had been attaching itself to other words for more than two decades already, the term cyberspace only appeared in 1982, apparently coined by William Gibson in his science fiction novella Burning Chrome. According to its Oxford English Dictionary (OED) entry, cyberspace is the space of virtual reality; the notional environment within which electronic communication (esp. via the Internet) occurs. Although other cyber- formations cropped up, including cyberworld, cyberland, Cyberia (punningly after Siberia), and cybersphere (which is actually attested to earlier than cyberspace), cyberspace remains by far the most popular cyber- term used to refer more broadly to the world of electronic communications (including the Internet), although its popularity peaked in the late 1990s

maskenfreiheit posted:

https://twitter.com/ur_ninja/status/891833262502420480

ok NOW don't bring your phone to Defcon

maskenfreiheit posted:

jk gently caress the police

fins posted:

brb, registering hashaveibeenpwnedbeenpwned.com

cinci zoo sniper posted:

https://www.bleepingcomputer.com/news/security/blueborne-vulnerabilities-impact-over-5-billion-bluetooth-enabled-devices/

Security researchers have discovered eight vulnerabilities codenamed collectively as BlueBorne in the Bluetooth implementations used by over 5.3 billion devices.

Researchers say the vulnerabilities are undetectable and unstoppable by traditional security solutions. No user interaction is needed for an attacker to use the BleuBorne flaws, nor does the attacker need to pair with a target device.

BlueBorne affects all Bluetooth enabled devices
They affect the Bluetooth implementations in Android, iOS, Microsoft, and Linux, impacting almost all Bluetooth device types, from smartphones to laptops, and from IoT devices to smart cars.

Three of these eight security flaws are rated critical and according to researchers at Armis the IoT security company that discovered BlueBorne they allow attackers to take over devices and execute malicious code, or to run Man-in-the-Middle attacks and intercept Bluetooth communications.

Furthermore, the vulnerabilities can be concocted into a self-spreading BlueTooth worm that could wreak havoc inside a company's network or even across the world.

Most serious Bluetooth vulnerabilities identified to date
"These vulnerabilities are the most serious Bluetooth vulnerabilities identified to date," an Armis spokesperson told Bleeping Computer via email.

"Previously identified flaws found in Bluetooth were primarily at the protocol level," he added. "These new vulnerabilities are at the implementation level, bypassing the various authentication mechanisms, and enabling a complete takeover of the target device."

Armis warns of attacks that combine physical presence with the BlueBorne flaws. For example, a delivery person dropping a package at a bank could carry weaponized code on a BlueTooth-enabled device. Once he enters the bank, his device infects others and grants attackers a foothold on a previously secured network.

Not all devices will receive patches
Armis reported the vulnerabilities to major hardware and software vendors, such as Apple, Google, Microsoft, and the Linux community. Some patches are being developed and will be released today and in the coming days and weeks.

Nonetheless, some devices will never receive a BlueBorne patch as the devices have reached End-Of-Life and are not being supported. Armis estimates this number at around 40% of all Bluetooth-enabled devices, which is over two billion devices.

BlueBorne vulnerabilities are tracked under the following identifiers: CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, and CVE-2017-0785 for Android devices; CVE-2017-1000251 and CVE-2017-1000250 for Linux; and CVE-2017-8628 on Windows. The iOS flaw does not have identifiers at the moment.

Who is affected
All Android phones, tablets, and wearables of all versions are affected by the four above mentioned vulnerabilities. Android devices using Bluetooth Low Energy only are not affected. Google patched the flaws in its September Android Security Bulletin.

Windows versions since Windows Vista are all affected. Microsoft said Windows phones are not impacted by BlueBorne. Microsoft is expected to release patches later today.

All Linux devices running BlueZ are affected by an information leak, while all Linux devices from version 3.3-rc1 (released in October 2011) are affected by a remote code execution flaw that can be exploited via Bluetooth. Samsung's Tizen OS, based on Linux, is also affected.

All iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower are affected, but the issue was patched in iOS 10.

exploded mummy posted:

http://gwn.fightnetwork.com/


lets start a wrestling ott streaming service that has a broken paywall, nonfunctional region sensing, and sends passwords in plain text

cinci zoo sniper posted:

and get charged for tampering with evidence, great idea

cinci zoo sniper posted:

cinci zoo sniper posted:

https://www.bloomberg.com/news/articles/2017-09-18/equifax-is-said-to-suffer-a-hack-earlier-than-the-date-disclosed

quote:

o amend the civil liability requirements under the Fair Credit Reporting Act to include requirements relating to class actions, and for other purposes.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.

This Act may be cited as the FCRA Liability Harmonization Act.

SEC. 2. MAINTAINING CONSISTENCY IN CIVIL LIABILITY UNDER THE FAIR CREDIT REPORTING ACT FOR CLASS ACTIONS.

(a) Willful Noncompliance.Section 616 of the Fair Credit Reporting Act (15 U.S.C. 1681n) is amended

(1) in subsection (a)

(A) by striking paragraph (2);

(B) by redesignating paragraph (3) as paragraph (2); and

(C) in paragraph (1)(B), by inserting and after the semicolon;

(2) by redesignating subsection (d) as subsection (e); and

(3) by inserting after subsection (c) the following new subsection:


(d) Class Action Lawsuits.With respect to a class action (as such term is defined in section 1711 of title 28, United States Code), or series of class actions arising out of the same failure to comply of a person, brought by consumers against a person who willfully fails to comply with any requirement imposed under this title, such person is liable to such consumers in such an amount as a court may determine, except that

(1) the court may not apply a minimum amount of damages for each member of the class; and

(2) the total recovery (excluding reasonable attorneys fees as determined by the court) of the class shall not exceed the lesser of

(A) $500,000; or

(B) 1 percent of the net worth of such person..

(b) Negligent Noncompliance.Section 617 of the Fair Credit Reporting Act (15 U.S.C. 1681o7) is amended by adding at the end the following new subsection:


(c) Class Action Lawsuits.With respect to a class action (as such term is defined in section 1711 of title 28, United States Code), or series of class actions arising out of the same failure to comply of a person, brought by consumers against a person who negligently fails to comply with any requirement imposed under this title, such person is liable to such consumers in an amount equal to the sum of any actual damages sustained by the consumers as a result of the failure, except that the total recovery (excluding reasonable attorneys fees as determined by the court) of the class shall not exceed the lesser of

(1) $500,000; or

(2) 1 percent of the net worth of such person..

Wiggly Wayne DDS posted:

in news absolutely no one saw coming it turns out there was a secondary payload delivered via the ccleaner backdoor: https://blog.avast.com/progress-on-ccleaner-investigation


now if you want to know which companies were targeted ask talos: http://blog.talosintelligence.com/2017/09/ccleaner-c2-concern.html

CommieGIR posted:

CIOs are a FYGM of IT decisions.

Cocoa Crispies posted:

let's be completely clear

"APT" used to mean china or russia

Number19 posted:

these all have to be deloitte honeypots

right?

right???????

Qwijib0 posted:

doesn't look like love, sex, secret, or god to me.

Carbon dioxide posted:

Has anyone heard of this app and is it good/does it have a future?

https://tox.chat

infernal machines posted:

razor and blade? they're flakes!

anthonypants posted:

what are you going to do about it

Powaqoatse posted:

solution: drink at home, alone

spankmeister posted:

Speaking of MMO's: Here's a podcast in two parts about hacking online games. It's pretty good. They interview "Manfred" a guy who's apparently a big deal in the mmo hacking scene. You may remember the ultima online house deletion debacle, well this guy did it and he explains how. He also explains how he made a living for years by cloning items and gold in MMO's and selling them on eBay.


https://darknetdiaries.com/episode/7
https://darknetdiaries.com/episode/8