• Welcome to BellGab.com Archive.
 

X-Ploits

Started by (Sandman) Logan-5, June 01, 2017, 01:58:21 PM

With the amount of exploits, zero-day(s), vulnerabilities, and data breaches constantly happening, a thread to keep up on them, and their remedies / mitigation, probably isn't a bad idea.
It will also keep the Function Random thread a little cleaner. ;)
Dump them here...


Linux users w/SELinux enabled: Update your systems...   NOW !
(Everyone else, update them now !  ;)
http://thehackernews.com/2017/05/linux-sudo-root-hack.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29

https://threatpost.com/patches-available-for-linux-sudo-vulnerability/125985/

Debian and derived systems (Mint, Ubuntu...) from the debian link in the above url.
https://security-tracker.debian.org/tracker/CVE-2017-1000367


Quick fix for Debian derived systems:

Copy and paste into the terminal (Ctrl + Alt + T    to bring it up.)
sudo apt-get update && sudo apt-get upgrade

In Synaptic, click 'Mark All Upgrades', then 'Apply'

Chrome users - Take Note:
http://thehackernews.com/2017/05/browser-camera-microphone.html
Web-RTC & JavaScript are at it again. (You might want to disable E-Tags also.)

From the article: "  Edward Snowden leaks also revealed Optic Nerve â€" the NSA's project to capture webcam images every 5 minutes from random Yahoo users. In just six months, 1.8 Million users' images were captured and stored on the government servers in 2008.  "
You can bet they were added to their facial recognition AI database too. >:(


“All customers served by our US data center are affected; customer data was compromised, including the ability to decrypt encrypted data.”
“Dealing with [the] aftermath. This is a massive leak.”
https://www.tripwire.com/state-of-security/latest-security-news/customer-data-reportedly-stolen-onelogin-security-incident/

"  A hacker claims to have stolen the upcoming season of Netflix's hit series Orange Is the New Black, and is demanding that the video streaming service pay an unspecified ransom to prevent all the new episodes from being prematurely released online. "
http://www.nzherald.co.nz/entertainment/news/article.cfm?c_id=1501119&objectid=11847778

"  As outlined by security firm Check Point, 41 apps developed by Korea-based Kiniwini and published under the moniker ENISTUDIO Corp., "infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it.
... It's "possibly the largest malware campaign found on Google Play," according to Check Point.
... the total spread of the malware may have reached between 8.5 and 36.5 million users. "

http://www.pcmag.com/news/353943/judy-malware-potentially-hits-up-to-36-5m-android-devices


Juan

Microsoft says it has updated its Malicious software Removal Tool to fight the latest ransomeware. It probably runs automatically but to be sure simply type MRT in the run box (or whatever it's called now.)





Still using facebook ?

"   Ceukelaire reported the flaw via Facebook’s Data Abuse Bounty Program on April 22, and over a month later the social media informed him that it could take three to six months to investigate the issue.

Over two months after initially reporting the issue to Facebook, Ceukelaire noticed that NameTests has fixed the issue, and told him it had found no evidence of abuse of the exposed data by any third party.   "

https://thehackernews.com/2018/06/facebook-users-data-leak.html

albrecht

Quote from: (Sandman) Logan-5 on June 30, 2018, 04:52:24 PM
Android users, RowHammer is back.

https://thehackernews.com/2018/06/android-rowhammer-rampage-hack.html
I like that they want me to open up a .pdf to read about more details.  ;)

Quote from: albrecht on June 30, 2018, 06:37:36 PM
I like that they want me to open up a .pdf to read about more details.  ;)
There's one PDF link in the article, and it's listed in big bold blue letters as "PDF".
It's simple, pull the DL, shut down your internet connection - if you're running Doze OS, scan the file. If it's clean, read it in read only mode.
That's pretty basic, and should be standard operating procedure for anyone that DL's PDF's.
Seriously.  CYA
;)
(Never open a PDF online. (If your system isn't hardened, you're fucked.)
That's no shit.
Sometimes I forget that my S.O.P. doesn't apply to 96% of the people out there.  :(
Things I do out of force of habit, most people never even heard of. 
It's up to the reader to cover their own ass. I just try to post useful information, (although I'll never knowingly post malicious links or sub-links.) 

Nope, never ever ever open a recently DL'ed file while you are still on-line.
You're right about your skepticism though.
Just take proper precautions - CYA.    ;)

 How To Hack A Voting Machine      LOL

https://www.darkreading.com/iot/the-abcs-of-hacking-a-voting-machine/d/d-id/1332386

(Read the comment at the end of the page -  it's pretty good.  )   ;)

DEFCon (BlackHat) PDF's... 
https://media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20presentations/

There's some cool stuff on this site.   ;)

Quote from: (Sandman) Logan-5 on October 12, 2018, 05:02:20 AM
How To Hack A Voting Machine      LOL

https://www.darkreading.com/iot/the-abcs-of-hacking-a-voting-machine/d/d-id/1332386

(Read the comment at the end of the page -  it's pretty good.  )   ;)

It's a great comment........


And...
This is why I don't sign up for for anything online that I can avoid signing up for.

https://haveibeenpwned.com/
(Scroll down 3/4 of the way down the page to see the major breeches.

https://haveibeenpwned.com/PwnedWebsites
An alphabetical listing of all the sites they have tracked, with dates and information that was exposed - and verified exposed. (If it's unverified, it's listed as such.)  ;)
Gamers, take note.

Metron2267

Quote from: (Sandman) Logan-5 on October 12, 2018, 05:02:20 AM
How To Hack A Voting Machine      LOL

https://www.darkreading.com/iot/the-abcs-of-hacking-a-voting-machine/d/d-id/1332386

(Read the comment at the end of the page -  it's pretty good.  )   ;)

The old fashioned way:

https://en.wikipedia.org/wiki/Irving_Slosberg

Immediately after the 2000 election in which Slosberg was elected to the Florida State House by 88 votes and at the peak of the vote recount during the Bush-Gore United States presidential election in Florida, 2000, Palm Beach Sheriff's Deputies confiscated a Votamatic voting machine from Slosberg.[8] When initially approached by the Supervisor of Elections Office and asked about the voting machine, Slosberg denied having it. On November 11, 2000, police confronted Slosberg about the voting machine which Slosberg then retrieved from his car and delivered to the police.[9] No reason was ever provided for Slosberg having possession of the voting machine, and despite additional allegations of misconduct Democrat Supervisor of Elections Theresa Lepore neither investigated nor pressed charges against Slosberg.

>:( >:( >:(


QuoteThe White Company is the first threat actor Cylance has encountered that targets and effectively evades no less than eight different antivirus products â€" Sophos, ESET, Kaspersky, BitDefender, Avira, Avast!, AVG, and Quick Heal â€" before turning them against their owners by deliberately surrendering to them on specific dates in order to distract, delay, and divert the targets’ resources.
The antivirus evasions are just one of a number of measures employed by The White Company to escape attribution. Other methods we uncovered include:...

https://threatvector.cylance.com/en_us/home/the-white-company-inside-the-operation-shaheen-espionage-campaign.html


Quote from: Walks_At_Night on December 21, 2018, 07:08:53 AM
Very interesting Sandman.  Not Israel, Iran, the Reds or the English-speaking countries.  Hmmm........
;)




Powered by SMFPacks Menu Editor Mod