pull down to refresh
0 sats \ 0 replies \ @MalwareLab 25 Sep \ on: Encrypted traffic interception on Hetzner and Linode targeting Jabber security
interesting analysis, thanks for sharing
Nice puzzle, with simple rewriting the fraction we can get all denominators equals to 1 and then we will get the telescope... So, the sum is equals to \sqrt{121} - \sqrt{0} = 11 :-)
I was writing the post about Winamp, when I noticed that it is already here :-)
So, I would like to add that while Winamp legacy player source code is published, it is without true open source license...
The license is not the GPL or MIT/BSD, but the custom one with restricted forking, which violates GitHub Terms and conditions.
Another interesting issue, the repository contained "confidential" code of another company. While the 3rd party code was removed ( commit 1 and commit 2), it is still visible in the history.
This malware contains several thing worth to mention:
- persistence via udev rules
- this technique is not documented in MITRE ATT&CK
- remote access to the victim device
- the malware calls home and creates reverse shell for the attacker
- hides itself
- like "rootkit", it filters out strings with its name from the outputs of the system commands (e.g. ls, find)
- code injection to another processes
- related to scraping credit cards data
From Bitcoin to security. I like this option. Definitely, there are lot of people who started with Bitcoin, then learnt something about the Bitcoin itself, the technology and then security. To protect their coins, and their privacy, too
I know, this is what the script does. It is safe now, but what about tomorrow, or next week, month, year? It can be changed, the domain registration could expire (after one year) and then it could be registered by someone with the malicious intents.
This is why I prefer to examine the random script downloaded from the Internet before executing it in the production :-)
Yes, for home network it is good. It is pity that there is not some really available and cheap home router/AP which people can buy and use in their home networks - something you can buy in all local shops and stores with electro.
On the other hand, we also need VPN then for protecting the mobile devices of people when they are not in their home networks.
Yes, if someone use only web apps, then switching from Windows to Linux is really simple. I sometimes use also Zorin OS, with little tinkering it could look almost exactly as Windows 10 - including the icons and the wallpaper.
Moreover, after several months of using Linux, we can ask those people (especially elder people) if they notice something. Usually not, or someone tell that the system is faster, it can start in few seconds, etc. Only if I asked them, they realized that the annoying windows updates on shutdown have gone...
Very nice. My professor at the University once told us, that regarding Security, the Computer Science failed in one thing: while we have lot of proofs that bricks are safe and secure, we still cannot guarantee that the house built using those bricks will be safe and secure too.
Basically, we do not have simple techniques how to connect the bricks together, how to use glue in the way that we do not affect their security.
There are lot of formal proofs using Turing machines and finite-state automata, but we lack of proofs for the computers and software we use on daily basis.
"don't just think you're safe just because you have the right tools." - exactly.
This reminds me the quote from Bruce Schneier:
"If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology."
And yes, my first recommendation for the people is to educate themselves and others. Cyber awareness. However, I sometimes got the question about the "top" (tech) thing what the non-tech people could do for better protection. In addition to the education. Something which helps with preventing the common attacks. Some quick-win or low hanging fruit.
Obviously, we cannot expect that 1, 3, 10, or hundreds technical countermeasures will stop all attacks. However, with several simple things, we can help people to prevent or at least recognize lot of common attacks.
In the past, I used adblock or adblock plus, but nowadays they are too often detected by so many websites, as you wrote. Ublockorigin seems to be better alternative. (Moreover, it blocks all advertisements, unlike the adblock, where is possible for advertisers to bypass your filters with "non-intrusive" ads).
Ad brave browser is good option with privacy by default
Agree. In the past, I installed Linux for several people... I used Ubuntu or Ubuntu-based distros such as ZorinOS. For many people it was only the minimal change in their workflows - especially if they use mostly web browser. Otherwise if needed, with little tinkering, the ZorinOS could look very similar to Windows.
"Fear is the path to the dark side. Fear leads to anger. Anger leads to hate. Hate leads to suffering." - Master Yoda
Good to know about this privacy issue.
However, if we need fix this issue only on one, maybe two computers, I would prefer to do it manually with the steps described in the linked website:
about:config dom.private-attribution.submission.enabled set to false
In the environment with lot of computers, I would prefer to download the script to one computer, check if it is not malicious and then run the desired command on the other computers - especially if the script is similar one-liner as this one :-)
This is nice idea. I like this progress. However, I just tried the new Fountain and I observed couple of things:
- before this update, I have connected my Fountain profile with Nostr. Now, this connection has gone and I need to connect Nostr again.
- now the Nostr connection requires my private key - is there any way how we could avoid sharing our private keys and use our current Nostr client for the connection? Something such as browser extension on desktops...
I mean, with growing ecosystem of Nostr, there will be more and more apps asking for our private keys. And when this become a habit, then there will come the malicious or insecure apps and our private keys could leak => the Nostr identity theft