#hacking
Wired: 9 Years After the Mt. Gox Hack, Feds Indict Alleged Culprits https://www.wired.com/story/mt-gox-indictment-security-roundup/ #Tech #wired #TechNews #IT #Technology via @morganeogerbc #Security/CyberattacksandHacks #Security/SecurityNews #securityroundup #SecurityRoundup #encryption #Security #security #hacking #bitcoin #Crime
Sometimes watching Cops helps, just when you think you were having a bad day...Subscribe to Paul's Security Weekly for more infosec knowledge and entertainment: https://securitypodcaster.com/podcasts/ #infosec #cybersecurity #hacking #podcasts
#OnThisDay in #hacking #history, 2009, UK #hacker Gary McKinnon pursues his, ultimately successful, last ditch attempt to avoid extradition to the US for hacking US military systems.
https://www.independent.co.uk/tech/pentagon-hacker-in-last-bid-to-avoid-extradition-1701101.html
#Crypto #Cryptocurrencies #Hacking #MtGox #USA #Russia: "Bilyuchenko and Verner are charged in the Southern District of New York with conspiring to launder approximately 647,000 bitcoins from the 2011 hack of Mt. Gox (the “SDNY Case”). Bilyuchenko is separately charged in the Northern District of California with conspiring with Alexander Vinnik to operate the illicit cryptocurrency exchange BTC-e from 2011 to 2017 (the “NDCA Case”). The SDNY Case has been assigned to U.S. District Judge P. Kevin Castel. The NDCA Case has been assigned to U.S. District Judge Chhabria."
Único #Curso #Virtual #Fundamentos de #Hacking #Web del año 2023. Domingos 18 y 25 de Junio. De 9:00 am a 12:00 pm (UTC -05:00). Más información en: https://www.reydes.com/d/?q=Curso_Fundamentos_de_Hacking_Web
El Webinar Gratuito: "OSINT para Pentesting" está disponible en video. #cybersecurity #hacking #readteam #bugbounty #forensics #osint 💡 https://www.reydes.com/d/?q=videos_2019#wgoppt 🔔 https://www.youtube.com/watch?v=KjpDkfxTJtk
🇺🇲 🇷🇺 The United States has charged two #Russian nationals in the hack of collapsed #cryptocurrency exchange Mt. Gox, one of the world's earliest, biggest and most widely publicized alleged #bitcoin heists.
Popping webshells and slashers #hackingandhorrormovies #hacking #hacker #Metasploit #metasploitable2 #webshell #php #z0ds3c #horror #80shorror #halloween4
does anyone happen to know what the first or earliest satellite hack was? The earliest date I have right now is 1998 when hackers took control of the U.S.-German ROSAT X-Ray satellite #othernetworks #Satellite #hacking
#AI #hacking "Nvidia’s AI software tricked into leaking data" https://arstechnica.com/gadgets/2023/06/nvidias-ai-software-tricked-into-leaking-data/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social
Every summer, Hack Club does something special.
This year, we're traveling to the beautiful outdoors of Vermont. For four days and three nights, we’ll turn a humble campground into a creative space for hackers of all kinds.
Introducing 🏕️ Outernet...
https://outernet.hackclub.com/?shipped
Russian Nationals Charged With Hacking Mt. Gox Exchange and Illicitly Operating BTC-e Exchange.
Modern Solution: Anklage gegen Aufdecker von Sicherheitslücke gescheitert
Ein Programmierer deckte 2021 eine grobe Sicherheitslücke in der Software des deutschen E-Commerce-Unternehmens auf und wurde dafür angezeigt.
In today's Morning File: links to yesterday's articles; Tim Bousquet looks at how the emergency alert system is still broken, 3 years after the Portapique shooting; and expectations of keeping our data safe
#Halifax #NovaScotia #hacking https://www.halifaxexaminer.ca/morning-file/3-years-after-portapique-the-emergency-alert-system-is-still-broken/
Make Use Of: The 9 Most Common Tricks Used to Hack Passwords https://www.makeuseof.com/tag/5-common-tactics-hack-passwords/ #Tech #MakeUseOf #TechNews #IT via @morganeogerbc #OnlineSecurity #PasswordTips #SecurityTips #Security #Hacking
Russian-linked hackers taunt HWL Ebsworth over data breach, claim to have published documents to dark web https://www.abc.net.au/news/2023-06-09/russian-linked-hackers-taunt-hwl-ebsworth-over-data-breach/102461608 via @ABCaustralia #auslaw #auspol #infosec #hacking #confidentiality
Feds, you'll need a warrant for that cellphone border search
https://www.theregister.com/2023/05/31/us_border_phone_search/ #privacy #cybersecurity #security #technology #dataprotection #infosec #hacking #datasecurity
Der Digitalpolitische Wochenrückblick. Mehr Infos/Quellen UND weitere Themen: https://piratenpartei.ch/digitalpolitische-woche/
Mit Beiträgen von/mit:
@adfichter @Snowden @roofjoke @jonkeegan @republica
Um 20:00 diskutieren wir diese Themen am www.cyberstammtisch.ch
#CyberSecurity #Snowden #DigitaleUnversehrtheit
#xandr #republica #Übewachungskapitalismus #cloud #hacking
🌫️ Unveil the secrets of #Kubernetes security with "#Hacking Kubernetes: From Zero to Hero" by Magno Logan! Learn to identify and exploit #vulnerabilities, perform #PenTesting on #container systems, and secure #cloud environments. No matter your experience level, this training will help you master the art of hacking Kubernetes. Get your ticket now!
🎟️ https://ringzer0.training/trainings/hacking-kubernetes.html
Gehaltsdaten bei #BBC und #BritishAirways gehackt - pctipp.ch https://www.pctipp.ch/news/hacking/gehaltsdaten-bbc-british-airways-gehackt-2864974.html #Clop #Hacking
Auch Bundesverwaltung von Hackerangriff auf die Firma #Xplain betroffen - pctipp.ch https://www.pctipp.ch/news/sicherheit/bundesverwaltung-hackerangriff-firma-xplain-betroffen-2864961.html #Hacking
Uncle Sam wants DEF CON hackers to pwn this Moonlighter satellite in space
10 comment bubble on white
'World's first and only' orbiting infosec playpen due to blast off Sunday
https://www.theregister.com/2023/06/03/moonlighter_satellite_hacking/?td=rt-3a
Cyclops #ransomware gang, a stealthy menace targeting Windows, macOS, and #Linux, is now offering threat actors an information-stealing #malware that captures sensitive data and uploads it to a remote server.
https://thehackernews.com/2023/06/cyclops-ransomware-gang-offers-go-based.html
🧑💻 The Hacking Group that Shook the Internet for Fun
➥ an0n ali
#LulzSec #Hacking #Cybersecurity
https://m.youtube.com/watch?v=L_cuINLRonE&feature=youtu.be
FULL PROGRAMME OUT NOW!
#ARTIVISM: The Art of Subverting Power conference analyzes art & activism's political impact, exploring social networking, hacking, whistleblowing & AI fostering interdisciplinary exchange among experts.
June 23-25 #Berlin & online. Learn more and get your ticket now: https://dnlb.org/30
*nodds in agreement*
"#TechIlliterates" ruin everything, espechally once every asshole could just buy in and disregard absolute basics.
This - among the absurdist overcomplexity and enshittification of things is why we see more and more frequently more and more extreme #CyberChaos in the form of #Malware, #Govware, #Hacking and other attacks...
#Ransomware wasn't a thing in the Pre-#Windows era, not because #Ransom didn't exist, but because it took actual skills!
And it's official! We have liftoff!!! 🚀
@hack_a_sat will never be the same! Looking forward to @defcon when #Moonlighter will be in orbit & ready for #hacking in #space! 🌙☄️🪐
Get ready finalists, because practice is over!!!! 😎
I remember a time where I was developing software, managing desktops and servers, the network, "the firewall", the phone switch and building access security. Fun times! #infosec #cybersecurity #hacking
A host of malicious Google Chrome extensions with 75 million installs have been removed
'Late last week, Google confirmed removing 34 malicious extensions from its Chrome Web Store. The extensions were capable of injecting ads into pages and exfiltrating sensitive data from compromised endpoints. In total, the extensions were downloaded more than 75 million times.'
#technology #tech #Google #Chrome #security #privacy #hacking #malware #phishing
The Software-Defined Car
Developers are starting to talk about the software-defined car.
For decades, features have accumulated... https://www.schneier.com/blog/archives/2023/06/the-software-defined-car.html
Angriff auf Schweizer IT-Dienstleister betrifft diverse Firmen und legt Gemeinde lahm
Die Folgen waren für mehrere private Firmen und staatliche Institutionen gravierend, wie Recherchen zeigen.
Playfully doing something difficult, whether useful or not, that is hacking.
— Richard M. Stallman
I've just published the latest blog post in my "Hacking the OSCP" series, this time focusing on web applications. You can check it out here:
🪥 Hacking my “smart” toothbrush
➥ Cyrill Künzi
Malicious Chrome extensions with 75M installs removed from Web Store by #BleepingComputer https://www.bleepingcomputer.com/news/security/malicious-chrome-extensions-with-75m-installs-removed-from-web-store/
"WarGames": Vor 40 Jahren erscheint der erste Hacker-Film
Am 3. Juni 1983 startet "WarGames" in den amerikanischen Kinos. Der Film gibt zum ersten Mal Einblicke in die Hackerkultur – und ist immer noch aktuell.
Growing hacking threat to #satellite systems compels global push to secure outer space 👇🛰️ :2001:
https://cyberscoop.com/space-secure-by-design/
#telecom #cybersecurity #outerspace #security #communications #hacking
NEW: heard about #Triangulation #spyware? Something about #Kaspersky?
Or the #FSB waxing paranoid about #Apple?
What does it all mean?
Well, my @citizenlab colleague Bill Marczak has an deliciously spicy take on the unfolding saga.
Plus some tips for defenders.
I published a #blog on #Russia's OG #hacker print publication Khaker (XAKEP) Magazine #1, from way back when, in 1999. The magazine discusses credit card fraud, Y2K, Quake 3, viruses and finding romance online, you can read all about it below:
#hacking #history #histodons
https://realhackhistory.org/2023/06/02/lessons-from-1999-a-look-at-issue-one-of-khaker-xakep-magazine-for-russian-computer-hooligans/
Gesundheit Nord bestätigt Cyber-Angriff und Datenabfluss | Security https://www.heise.de/news/Gesundheit-Nord-bestaetigt-Cyber-Angriff-und-Datenabfluss-9076718.html #Hacking #CyberCrime #DataBreach #DataLeak #DSGVO #GDPR #Datenschutz #privacy #CyberWar
Eclypsium found a backdoor in Gigabyte firmware that allows any threat actor to persistently infect vulnerable systems, read the full article here: https://eclypsium.com/blog/supply-chain-risk-from-gigabyte-app-center-backdoor/ #infosec #cybersecurity #hacking #supplychain
The lucrative #hacking industry
"Microsoft’s inability to manage software defects meant that, for close to two decades, society had to bear the cost of dealing the fundamentally broken security of most versions of Windows.
Their incompetence created a $4 billion USD market for antivirus software at the “peak” of Windows’s insecurity in 2004 and nobody knows how many billions of actual costs to society from software virus infections and hacks."
➥ @baldur
https://www.baldurbjarnason.com/2023/tech-broke-the-webs-social-contract/
Is Cybersecurity an Unsolvable Problem?
➥ @slashdot
"Cybersecurity is not a primarily technological problem that requires a primarily engineering solution," Shapiro writes. "It is a human problem that requires an understanding of human behavior." That's his mantra throughout the book: "Hacking is about humans." And it portends, for Shapiro, "the death of 'solutionism."
#Cybersecurity #Hacking #Infosec
https://it.slashdot.org/story/23/05/28/1820216/is-cybersecurity-an-unsolvable-problem
Hacking forum hacked, user database leaked online.
Oh dear, what a shame, never mind.
https://grahamcluley.com/hacking-forum-hacked-user-database-leaked-online/
Hacker bloßgestellt: Datenbank von RaidForums geleakt
Keine Ehre unter Gangstern: Im Hacker-Forum Exposed wurden E-Mail-Adressen und Co. von Mitgliedern des RaidForums veröffentlicht.
Hacking my “smart” toothbrush https://kuenzi.dev/toothbrush/ #code #programming #hacking #it #dev
Kali Linux 2023.2 Released with #PipeWire Support for #Xfce Edition, Overhauled i3 Desktop, New #Hacking Tools, and More https://9to5linux.com/kali-linux-2023-2-brings-pipewire-support-to-xfce-edition-overhauls-i3-desktop
Hacker 101 - Null Shares
Found yourself on a corporate network? Wanna see what you can hack into?
Going to post some simple and easy hacks that get me a lot of wins. I'll hashtag it #Hacker101 .
Null Shares
Null shares are network folders that don't require a password.
Shared folders used to be a way to copy and paste files for corporate teams. Nowadays, folks use Sharepoint, Dropbox, MS Teams, etc.
That just means theres a bunch of old network folders and shares that everyone has forgotten about and you can hack into!
Methodology
Scan for TCP port 445 (SMB) on your network
Enumerate shares looking for ones that let you log into with the username "guest" and no password
Log in and steal files (look for config files, password text files, or custom executables with hardcoded passwords inside of them)
Pop reverse shells if the null share has READ / WRITE access
How To / Usage Examples
Lots of tools scan for null shares. I use nmap.
Two Nmap scripts (NSE) that I like to use are "smb-enum-shares" and "smb-ls".
smb-enum-shares will tell you the share name and how much access you have.
smb-ls will actually list out all of the files available. This means you validate the vulnerability by exploiting it AND you get a nice directory listing of everything you can see. Good to search through and look for interesting files without maintaining an active connection to a single host.
Usage Example:
nmap --script smb-enum-shares,smb-ls -p 445
Pop a shell on shares with WRITE access with psexec (metasploit has a good module for this) with the username "guest" and no password.
Want to connect to the share and download the file? You can use a windows host and just mount the share in Windows Explorer.
I use Linux with smbclient.
Usage Example:
smbclient //<IP Address/Share -U guest%
and then GET any file you want.
Also... ignore IPC$ shares. I won't get into it here...
Alright.... y'all have fun.
They just made it up.
The #VPN industry is a scourge.
Not content with tricking people into paying for security talismans by misrepresenting what VPNs do..., they are SEO-optimizing fake #cybersecurity advice to drive signups.
The perverse thing is that the high risk people like dissidents & journalists that need to get safer from Predator not only won't be.helped, but real advice is getting drowned out.
Glad to see @maldr0id call it out. #hacking #spyware #Predator #malware #security
"It's just me Tony, it realy is, I swear!" - I feel like variations of this was many characters last words on this show...#infosec #cybersecurity #hacking
"I bought my sense of belonging, with contempt, and paid for it with contempt and exclusionary behaviour."
Messing around with Alpaca 13B on Dalai LLaMA and when I ask anything deeper than "please describe the taste of a papaya," the output strongly resembles the BS you'd get from a high school student who hadn't done the reading. (Hint: Heinlein didn't write "The Marching Morons." Kornbluth did.)
So, I'm watching the Lawful Masses video about the Destiny 2 cheat developer lawsuit (Bungie v Elite Boss Tech), and they called for civil RICO on the cheat developers, but also CFAA on them, for *DOWNLOADING DESTINY 2* to create their cheat program.
So, the court case, was ended in default judgment due to the defendants not appearing, after being served. But I really hope this does not get argued in court, it would be really bad if you can be hit with CFAA for lawfully downloading a program, which you then find ways to change the data in it, that's.... that's bad yo.
The only good argument in the claim Bungie made, was contract violation, due to repeatedly violating the EULA/TOS/ect, by circumventing bans by creating new accounts.
#hacking #infosec #destiny2 #reverseengineering #lawsuit #RICO #CFAA
Gescheiterte Erpresser posten Daten Basler Schüler
1,2 Terabyte an Daten von und über Schülern kursieren im Darknet. Sie stammen vom Basler Bildungsserver eduBS.
#Bildung #Darknet #Datenschutz #Datensicherheit #Hacking #Security #Ransomware #news
🕸️🌈 @princetonupress is having a massive spring sale, which means my 2020 book HACKING DIVERSITY is half off!! That's a whopping $13.98 for the paperback. And much else to choose from as well.
https://press.princeton.edu/books/paperback/9780691192888/hacking-diversity
This post breaks the boost button. It's impossible to boost. #hacking #bugReport
"The Mandiant team was facing a textbook example of a software-supply-chain attack—the nefarious alteration of trusted software at its source. In a single stroke, attackers can infect thousands, potentially millions, of machines." —@kimzetter for @WIRED
https://www.wired.com/story/the-untold-story-of-solarwinds-the-boldest-supply-chain-hack-ever/
#Longreads #EditorsPicks #Security #Hacking #CyberSecurity #SolarWinds
AtlasOS promises to improve frame rates, but it disables a host of important Windows security features in the process.
https://www.vice.com/en/article/m7bv4b/windows-for-gamers-rolls-dice-with-your-security-atlasos
#hackers #CYBER #Hacking #hacker #windows #security #cybersecurity
Hacking-Akademie: Lerne professionelles Ethical Hacking und Penetration Testing
Die Hacking-Akademie von Sicherheitsexperte Eric Amberg bietet ein umfassendes Lernangebot zu Web Hacking, Penetration Testing und mehr. Jetzt Angebot sichern!
Uber-Hack: Ehemaliger Sicherheitschef entgeht Gefängnisstrafe
Weil er einen Hack von Nutzerdaten verheimlicht hat, wurde Ubers Ex-Sicherheitschef verurteilt. Der Richter fragt, warum Travis Kalanick nicht angeklagt war.
#AmazonWebServices #Cybersecurity #Datenklau #Datenschutz #Hacking #Uber #news
Is Linux hard disk encryption hacked?
"The topic of device encryption is not easily accessible to many, so we'd like to frame the discussion a bit with this post."
Via @systemli
https://www.systemli.org/en/2023/04/30/is-linux-hard-disk-encryption-hacked/
#Linux #encryption #hacking #police #data #Datasecurity #privacy
#AI #Banks #CyberSecurity #Hacking #Privacy: "The chairman of the Senate committee that provides oversight of the banking sector has sent letters to the CEOs of the country’s biggest banks asking what they plan to do about the looming threat of fake voices created with artificial intelligence being used to break into customers’ accounts.
The move comes after Motherboard used an AI-powered system to clone a reporter’s voice, and then used that to fool a bank’s voice authentication security system. That investigation showed that just a few minutes of a target’s voice audio was enough to generate a clone that was convincing enough to break into a bank account, potentially putting the public at risk of such attacks, and especially those with a public presence such as politicians, journalists, podcast hosts, streamers, and more."
https://www.vice.com/en/article/n7enqd/senator-asks-banks-stop-ai-cloned-voices
Penetrationstester: Angreifer im Dienste des Guten
Kriminelle nutzen für Attacken sowohl technische Schwachstellen als auch die Gutmütigkeit der Menschen. Die Gegenseite geht ebenso vor, erzählt ein Pentester.
Is Linux hard disk encryption hacked?
"Das Thema Geräteverschlüsselung ist für viele nicht leicht zugänglich, deswegen möchten wir die Diskussion mit diesem Post etwas einordnen."
Via @systemli
https://www.systemli.org/2023/04/30/ist-die-linux-festplattenshyverschl%C3%BCsselung-geknackt/
If you get a sales call about your information security stack, you really don't have to answer their questions about what you are using today.
I bet if I cold-called 100 companies I would have solid information about to attack 75% of them by just pretending to sell them a fake product and asking them what they are using currently and why.
heise+ | 2FA absichern: So schützen Sie sich vor Angriffen auf den zweiten Faktor
Benutzerkonten mit einem zusätzlichen Faktor zu schützen, ist eine gute Idee. Wir zeigen, wie Sie Ihre Accounts abdichten und das Angriffsrisiko minimieren.
#ZweifaktorAuthentisierung #IdentityManagement #Cybercrime #Cybersecurity #Hacking #Security #news
NEW ARTICLE from me on Tech Policy Press 'How Social Media Incentives Helped Drive the Discord Leaks' https://techpolicy.press/how-social-media-incentives-helped-drive-the-discord-leaks/ #SocialMedia #Discord #DiscordLeaks #Trump #ConspiracyTheories #Technology #Disinformation #Hacking #InfluenceOperations #Leaks #Intelligence #Games #security @potemkinvillage @politicalscience
Werds leider verpassen aber sehr zu empfehlen!
---
RT @vecirex
#SaveTheDate:
Die #ChaosSingularity (#CoSin) findet dieses Jahr wieder statt und zwar vom 16. (Fr) bis 18. (So) Juni 2023 in der Villa Ritter (Biel).
#CCC #CCCCH #Hacking #Privacy #Security
https://twitter.com/vecirex/status/1652666454355898368
#USA #Cybersecurity #DoJ #Hacking #SolarWinds: "WIRED can now confirm that the operation was actually discovered by the DOJ six months earlier, in late May 2020—but the scale and significance of the breach wasn’t immediately apparent. Suspicions were triggered when the department detected unusual traffic emanating from one of its servers that was running a trial version of the Orion software suite made by SolarWinds, according to sources familiar with the incident. The software, used by system administrators to manage and configure networks, was communicating externally with an unfamiliar system on the internet. The DOJ asked the security firm Mandiant to help determine whether the server had been hacked. It also engaged Microsoft, though it’s not clear why the software maker was also brought onto the investigation."
https://www.wired.com/story/solarwinds-hack-public-disclosure/
Cybersicherheit: ESA-Satellit im Orbit gehackt, Daten manipuliert
Die ESA hat schon vor einem Jahr einen Satelliten für kontrollierte Hackingversuche freigegeben. Nun hat Thales zusammengefasst, wie weit man vordringen konnte.
Are there any good sources that track recent breaches and compromised websites? A blog format is ideal but I'm interested in anything online. Reddit and Twitter used to be great sources but both have become pretty useless for this.
#NetSec #InfoSec #ComputerSecurity #Hacking #Security