Igor Delovski Board Forum Index Igor Delovski Board
My Own Personal Slashdot!
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Security
Goto page 1, 2  Next
 
Post new topic   Reply to topic    Igor Delovski Board Forum Index -> Dev Links
Dev Links  
Author Message
Harry Callahan
Guest





PostPosted: Sat Aug 26, 2006 4:39 pm    Post subject: Security Reply with quote

Race conditions in security dialogs, by Jesse Ruderman

"Another form of the attack involves convincing the user to double-click a
certain spot on the screen. This spot happens to be the location where the
'Yes' button will appear. The first click triggers the dialog; the second click
lands on the 'Yes' button. I made a demo of this attack for Firefox and
Mozilla."
Back to top
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Sat Aug 26, 2006 4:58 pm    Post subject: Reply with quote

Raymond Chen: We know it's insecure, but we want to do it anyway

"Suppose you find yourself some workaround and are willing to
concede that your technique is living on borrowed time. It's still a bad
idea. One of the aspects of security that doesn't get much attention is
repudiation. Responding to the user's actions from a secure screen saver
to do anything other than unlock the workstation gives the user plausible
deniability."
Back to top
View user's profile Send private message
Guest






PostPosted: Sat Sep 16, 2006 10:33 pm    Post subject: Reply with quote

How a Malformed Installer Package Can Crack Mac OS X

"There exists a pretty significant interface problem with the Apple
Installer program such that any package requesting admin access via the
AdminAuthorization key, when run in an admin user account, is given full
root-level access without providing the user with a password prompt
during the install."
Back to top
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Mon Sep 18, 2006 9:12 pm    Post subject: Reply with quote

MSDN: Maintaining a Security Checklist

"As a developer, it is recommended that you maintain a list of security
issues that you can update as you gain experience in writing secure
applications. The following table is meant to provide a starting point for
your own list."
Back to top
View user's profile Send private message
Andrej
Guest





PostPosted: Wed Sep 20, 2006 6:53 pm    Post subject: Security identifier Reply with quote

Security identifier

"I thought I'd make it write down some security identity data of the
computer. (called SID) I'd want to get the SID data, write it as a binary file.
And then when you execute a program, that program reads that data and
only runs when the SID-s match."
Back to top
Andrej
Guest





PostPosted: Thu Sep 21, 2006 5:09 pm    Post subject: Reply with quote

If you don't trust your administrators, you've already lost

Rather, you take the things that you do want them to be able to do and
delegate that permission and only that permission to them (discretionary
access control).

For more information, check out this column on trustworthy
administrators
(based, I am told, on a TechEd presentation)
by Steve Riley (and his uncredited co-presenter Jesper Johansson).
Back to top
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Thu Sep 21, 2006 11:04 pm    Post subject: Reply with quote

mvps.org - Privileges

"Privileges are what you can never have enough of. Here is a sample
that will tell you which privileges you have for your current account, and
just for fun, it then tries to enable SeTcbPrivilege ("Act as part of the
operating system" in User Manager). For info on getting the privilege list for
any account, check out the samples for LsaEnumerateAccountRights() and
LsaEnumerateAccountsWithUserRight() on the LSA pages."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri Sep 22, 2006 1:53 pm    Post subject: Reply with quote

Digg: Windows XP Privilege Escalation Exploit

"Using simple command line tools on a machine running Windows XP we
will obtain system level privileges, and run the entire explorer process
(Desktop), and all processes that run from it have system privileges. The
system run level is higher than administrator, and has full control of the
operating system and it’s kernel."


Power User to Administrator escalation is far more interesting:
http://www.sysinternals.com/blog/2006/05/power-in-power-users.html
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Mon Oct 02, 2006 4:39 pm    Post subject: Reply with quote

JoS: Firewalls

"All this software is cheap as in no cost to download and use but
expensive as in takes a bit of expertise/experience to set it all up.

I sell a firewall to corporations that does all this and more. The more part is
for things like VPNs between offices and road warrior type configurations. I
typically sell a maintenance & support contract and give the hardware away
at wholesale."
Back to top
View user's profile Send private message Visit poster's website
Guest






PostPosted: Mon Oct 09, 2006 10:26 am    Post subject: Reply with quote

Nuclear plant powers up on real-time OS

"The real-time operating system is used where software failure can
lead to catastrophic consequences, even death - from high-speed trains
to air traffic control towers to highway toll systems. It's also used in more
than 100 different types of cars on the road.

For Atomic Energy of Canada Ltd., which operates nuclear power plants in
Canada, China and Slovenia, downtime just isn't an option. About 15 to
20 years ago, the Mississauga, Ont.-based company turned to QNX's real-
time operating system to keep its plants running. Since then, it's
upgraded to version 4.0 and is now rolling out 6.0 - and that's it."
Back to top
XNote
Kapetan


Joined: 16 Jun 2006
Posts: 532

PostPosted: Wed Oct 11, 2006 7:28 pm    Post subject: Reply with quote

Better Windows security keeps Apple safer: Gartner

"Research group Gartner has said that Mac OS X users are now safer
from a mass attack -- such as Blaster on Windows -- than they were two
years ago, partly because Microsoft has closed so many holes in its
ubiquitous platform."
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Sat Oct 14, 2006 6:19 pm    Post subject: Reply with quote

Slashdot: Targeted Trojan Attacks Causing Concern

Bill Andad writes to point out a surprise trend emerging from the Virus
Bulletin Conference 2006 in Montreal this week. From the article on Daniweb:
"It is the smallest of Trojan attacks that are causing the biggest headache
in the world of corporate security right now. By targeting individuals within
individual companies with individually constructed infected messages, the
new-age industrial spy is slipping under the security radar." News.com has
more in-depth coverage.
Back to top
View user's profile Send private message Visit poster's website
Maradonna
Guest





PostPosted: Sun Oct 15, 2006 5:30 pm    Post subject: Reply with quote

Digg: Microsoft Now Decides to Accept Outside Security for Vista

"Microsoft did an about-face yesterday, agreeing to make it easier for
customers of its forthcoming Vista OS to use outside security vendors,
such as those who make popular antivirus and anti-spyware programs.
Until now, Microsoft had planned to block those companies from installing
their products in the deepest levels of the new OS."
Back to top
XNote
Kapetan


Joined: 16 Jun 2006
Posts: 532

PostPosted: Wed Oct 18, 2006 12:47 am    Post subject: Reply with quote

Guide to Keeping Your Identity Safe

"Sad but you're absolutely right. Until there are strong government
regulations for how corporations must secure personal, private information,
this will just keep getting worse, and insurance premiums will continue to
rise and the losses/burden will continue to be pushed back on all consumers.
After all, you don't really expect the entities that are (ir)responsible for
this problem to actually pay the price."
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Thu Nov 02, 2006 1:00 am    Post subject: Reply with quote

Joel Spolsky: What's a SQL Injection Bug?

"Unfortunately it's a gigantic security hole called SQL injection.

The user, if malicious, can close the string that you opened, finish your
select statement, put in a semicolon (the SQL statement separator), and
then type any SQL code they want, and it will run."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Thu Nov 30, 2006 5:02 pm    Post subject: Reply with quote

Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security

"Botnets consisting of 100,000 and 200,000 nodes are not uncommon.
There's even a case where a real botnet was found with about 1.5 million
machines under one person's control.

You don't even have to participate - armies of coders are available to
code custom spyware for money, or perform denial of service attacks for
hire such as the one a CEO of a web-based satellite T.V. retailer ordered
against his competitors which caused outages as long as two weeks at a
time and $2 million in losses."
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Fri Dec 15, 2006 6:58 pm    Post subject: Reply with quote

Security specialist leaves PHP security team

"Stefan Esser, PHP security specialist and member of the official PHP Security
Response Team has, he says, had enough - in his blog he has announced
his immediate resignation from the PHP Security Response Team. He states
that he has various reasons for doing so, the most important of which is that
his attempt to make PHP safer "from the inside" is futile. According"
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Sat Dec 16, 2006 1:00 pm    Post subject: Reply with quote

How Skype & Co. get round firewalls

"Peer-to-peer software applications are a network administrator's
nightmare. In order to be able to exchange packets with their counterpart
as directly as possible they use subtle tricks to punch holes in firewalls,
which shouldn't actually be letting in packets from the outside world."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Tue Jan 02, 2007 4:17 pm    Post subject: Reply with quote

Digg: How to hack network passwords in 13 steps

"This instructional tutorial shows how easy it is to sniff people's passwords
in plain-text form on a wired network. Common applications for this would
be on a university, school or otherwise large network. This tutorial is for
educational purposes only and should only be used to demonstrate the security
weaknesses of common networking systems."
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Thu Jan 04, 2007 11:18 pm    Post subject: Reply with quote

How about a rootkit FAQ for the forums?

"So you want to know where to start? Well, first off, if you've come here
looking for a ready-made solution to hack your friend's box, you've come to
the wrong place! Rootkit.com is primarily a knowledge based site intended
to provide information about rootkit development and related programming
issues. On the other hand, if you're a newbie with a desire to learn how to
write your own rootkit and you need some idea of where to begin, please
read on."

"Get a book like:
a. Undocumented Windows 2000 Secrets by Sven Schreiber
b. Undocumented Windows NT by Prasad Dabak, Milind Borate, and Sandeep Phadke.
c. Windows NT/2000 Native API Reference by Gary Nebbett is a must have!

Additionally, there are quite a few books on the subject including:
a. The Windows 2000 Device Driver Book by Art Baker and Jerry Lozano
b. Windows NT Device Driver Development by Viscarola and Mason
c. Programming The Microsoft Windows Driver Model by Walter Oney.
d. Developing Windows NT Device Drivers: A Programmer's Handbook
by Dekker and Newcomer (The Bible of reference materials)"
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Thu Jan 04, 2007 11:37 pm    Post subject: Reply with quote

SecurityFocus : Windows rootkits come of age

Interview with Greg Hoglund and Jamie Butler:

"One of the tools that an administrator might use to find evidence of a
rootkit such as hidden files, Registry keys, and processes is Rootkit Revealer
from Sysinternals. However, this tool does not identify processes hidden
using data manipulation, which is what the FU rootkit uses. To detect the
FU rootkit types of attacks, an administrator can use Blacklight by F-Secure.
These are probably two of the more widely uses tools to detect rootkits in
Windows."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Mon Jan 08, 2007 12:01 am    Post subject: Reply with quote

Reddit: Acer installs ActiveX backdoor on all their computers

Tan Chew Keong: "Recently, I noticed that my Acer TravelMate 4150 notebook
contains the LunchApp.APlunch ActiveX control, which is marked as "safe for
scripting" and "safe for initializing from persistent data"."
Back to top
View user's profile Send private message
XNote
Kapetan


Joined: 16 Jun 2006
Posts: 532

PostPosted: Mon Jan 15, 2007 1:37 am    Post subject: Reply with quote

Digg: How the US National Security Agency access was built into Windows

"A careless mistake by Microsoft programmers had revealed that special
access codes prepared by the US NSA have been secretly built into Windows.
The NSA access system was built into every version of the Windows operating
system in use."
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Wed Feb 14, 2007 12:55 pm    Post subject: Reply with quote

Slashdot: "Very Severe Hole" In Vista UAC Design

"Hacker Joanna Rutkowska has flagged a "very severe hole" in the design
of Windows Vista's User Account Controls (UAC) feature. The issue is that
Vista automatically assumes that all setup programs (application installers)
should be run with administrator privileges — and gives the user no option
to let them run without elevated privileges. This means that a freeware
Tetris installer would be allowed to load kernel drivers. Microsoft's Mark
Russinovich acknowledges the risk factor but says it was a 'design choice'
to balance security with ease of use."
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Sun Feb 18, 2007 5:11 pm    Post subject: Reply with quote

MB’s Windows Security: The Program.exe Problem

"Suppose that you want to run the following command:

C:\Program Files\Internet Explorer\iexplore

But how does Windows know where the program path ends and the
program’s command line parameters begin? How does it know that the
user isn’t trying to run a program named “C:\Program.exe” with the
parameter “Files\Internet Explorer\iexplore?”

The problem is that it doesn’t know. It just starts at the beginning and
tries finding an executable until it finds a match."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Fri Mar 02, 2007 4:59 pm    Post subject: Reply with quote

Slashdot: MacBook Wi-Fi Hijack Details Finally Released

"Hacker David Maynor attempted to put the strange tale of the Macbook Wifi
hack to rest, and offered an apology for mistakes made. All this and a live
demo of the takeover exploit was made at a Black Hat DC event yesterday.
Maynor promised to release e-mail exchanges, crash/panic logs and exploit
code in an effort to clear his tarnished name. Said Maynor: 'I screwed up a
bit [at last year's Black Hat in Las Vegas]. I probably shouldn't have used
an Apple machine in the video demo and I definitely should not have
discussed it a journalist ahead of time ... I made mistakes, I screwed up.
You can blame me for a lot of things but don't say we didn't find this and
give all the information to Apple.'"
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Sat Mar 03, 2007 1:14 am    Post subject: Reply with quote

msdn: Sign Tool (SignTool.exe)

"The Sign Tool is a command-line tool that digitally signs files, verifies
signatures in files, or time stamps files."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Wed Mar 21, 2007 11:24 pm    Post subject: Reply with quote

Lack of Mac malware baffles experts

"Apple's Mac OS X remains almost completely free of any sort of malware
threat despite several years of availability, a significant market share, and
even an entire month dedicated to pointing out its flaws.

And security experts are not exactly sure why. In an article for the McAfee
Avert Labs blog, security researcher Marius van Oers pointed out that Mac
malware is 'pretty much non-existent at the moment'."
Back to top
View user's profile Send private message Visit poster's website
Samuel Brown



Joined: 12 Apr 2007
Posts: 1
Location: England

PostPosted: Thu Apr 12, 2007 7:03 pm    Post subject: Reply with quote

Digg: Why there aren't viruses for Macs — it's not because of low market share.

"Apple haters love to claim that there are no viruses for Macs because there
are so few compared to Windows machines. Virus creators are in the business
because of ego. And what would be a bigger ego boost than being the first to
create a widespread OS X virus?"
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Mon Jun 04, 2007 3:30 pm    Post subject: Reply with quote

JoS: Poll : Which Anti Virus are you using

"AVG Free, ... Norton, ... Panda, ... Kaspersky, ... Nod32, ..."
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Wed Jun 06, 2007 5:43 pm    Post subject: Reply with quote

How We Learned to Cheat at Online Poker: A Study in Software Security,
by Brad Arkin, Frank Hill, Scott Marks, Matt Schmid and Thomas John Walls

"If we know that the current value of RandSeed is 12345, then the next
integer produced will be 1655067934 and the value returned will be 20. The
same thing happens every time (which should not be surprising to anyone
since computers are completely deterministic).



Here's the kicker though; after finding a correct seed once, it is possible
to synchronize our exploit program with the server to within a few seconds.
This post facto synchronization allows our program to determine the seed
being used by the random number generator, and to identify the shuffle being
used during all future games in less than one second!"
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Mon Jul 02, 2007 8:10 pm    Post subject: Reply with quote

Tech-industry experts tell how they avoid ID theft and other
online threats


His story was the basis for the 2002 movie "Catch Me If You Can" starring
Leonardo DiCaprio.

"Everything I did 40 years ago, when I was a teenager, is thousands of times
easier to do today. Technology has made it so much easier to commit these
crimes," he said.
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Tue Jul 03, 2007 11:17 pm    Post subject: Reply with quote

Computer Security Articles by Bruce Schneier

Communications of the ACM Columns, CNET News.com Articles, eWeek
Articles, Computerworld Articles, Network World Op-Eds, Information Security
Magazine Columns, IEEE Security & Privacy Columns, Point-Counterpoints
with Marcus Ranum, ... and Why Terrorism Doesn't Work:

"This study analyzes the political plights of twenty-eight terrorist groups --
the complete list of foreign terrorist organizations (FTOs) as designated by
the U.S. Department of State since 2001. The data yield two unexpected
findings. First, the groups accomplished their forty-two policy objectives
only 7 percent of the time."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri Oct 05, 2007 10:08 pm    Post subject: Reply with quote

Slashdot: Cracked Linux Boxes Used to Wield Windows Botnets

"Dave Cullinane, eBay's chief information and security officer] noticed an
unusual trend when taking down phishing sites. 'The vast majority of the
threats we saw were rootkitted Linux boxes, which was rather startling. We
expected Microsoft boxes,' he said. Rootkit software covers the tracks of
the attackers and can be extremely difficult to detect.

According to Cullinane, none of the Linux operators whose machines had
been compromised were even aware they'd been infected. Because Linux
is highly reliable and a great platform for running server software, Linux
machines are desired by phishers, who set up fake websites, hoping to lure
victims into disclosing their passwords."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Wed Nov 07, 2007 10:18 pm    Post subject: Reply with quote

How Hackers Use Backdoors to Control Your Computer

"There is a common misconception about security today, and it isn’t pretty.
Most users would love to believe that their pricey consumer firewalls shield
them from anything obscene. The sad part is they couldn’t be more wrong.
We seek to prove this with three separate programs that can compromise
your computers security ..."

1. Back Orifice / Back Orifice 2000
2. NetBus / Netbus 2.0 Pro
3. SubSeven / Sub7
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Sat Mar 22, 2008 2:29 am    Post subject: Reply with quote

Slashdot: Inside The Twisted Mind of Bruce Schneier

"Bruce Schneier has an essay on the mind of security professionals like
himself, and why it's something that can't easily be taught. Many people
simply don't see security threats or the potential ways in which things can
be abused because they don't intend to abuse them. But security pros,
even those who don't abuse what they find, have a different way of looking
at things.

They always try to figure out all the angles or how someone could beat the
system. In one of his examples, Bruce talks about how, after buying one of
Uncle Milton's Ant Farms, he was enamored with the idea that they would
mail a tube of live ants to anyone you asked them to."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Sat Apr 26, 2008 4:35 pm    Post subject: Reply with quote

ars/digg - 5 Important Security Apps for Linux, Mac, and Windows

"We've got you covered with five freeware or shareware security tools for
Linux boxes, Macs, and Windows machines, all recommended by Ars staffers."
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Wed Jun 03, 2009 1:53 am    Post subject: Reply with quote

Google - Google Chrome, Sandboxing, and Mac OS X

"On Windows, getting a process sandboxed in a way that's useful to us is a
pretty complicated affair. ... Fortunately, on Mac OS X, the OS APIs for sand-
boxing a process are easy to use and straightforward."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Mon Aug 10, 2009 6:17 pm    Post subject: Reply with quote

Slashdot - The iPhone SMS Hack Explained

"Tom's Hardware just interviewed Charlie Miller, the man behind the iPhone
remote exploit hack and winner of Pwn2Own 2009. He explains the (now pa-
tched) bug in the iPhone which allowed him to remotely exploit the iPhone in
detail, explaining how the string concatenation code was flawed.

The most surprising thing was that the bug could be traced back to several
previous generation of the iPhone OS (he stopped testing at version 2.2). He
also talks about the failures of other devices, such as crashing HTC's Touch
by sending a SMS with '%n' in the text."
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Sun Aug 30, 2009 11:12 am    Post subject: Reply with quote

slashdot - The Story of a Simple and Dangerous OS X Kernel Bug

"At the beginning of this month the Mac OS X 10.5.8 closed a kernel vulne-
rability that lasted more than 4 years, covering all the 10.4 and (almost all)
10.5 Mac OS X releases. This article presents some twitter-size programs
that trigger the bug. The mechanics are so simple that can be easily expla-
ined to anybody possessing some minimal knowledge about how operating
systems works. Beside being a good educational example this is also a scary
proof that very mature code can still be vulnerable in rather unsophisticated
ways."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Thu Oct 08, 2009 11:30 pm    Post subject: Reply with quote

so - What is the best practice to store username and password on
the iPhone?


"Is there a best practice way to store username and password on the iPho-
ne? I am looking for something that is obviously secure but will also keep
the info between app updates."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri Apr 16, 2010 11:11 pm    Post subject: Reply with quote

news.cnet.com - Marc Maiffret--the quick rise of a teen hacker

"[Apple has] really only begun in the last six months or so taking security
seriously and understanding that it impacts their business in a serious way.

[Computer security is] one of the only industries in the world where you're
pretty much set up for constant failure and a race that never ends. You
never really have a victory because as soon as you do the bad guys have
moved on to something else."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Thu Jun 03, 2010 6:32 pm    Post subject: Reply with quote

Slashdot - Android Rootkit Is Just a Phone Call Away

"Hoping to understand what a new generation of mobile malware could
resemble, security researchers will demonstrate a malicious 'rootkit'
program they've written for Google's Android phone next month at the
Defcon hacking conference in Las Vegas. Once it's installed on the And-
roid phone, the rootkit can be activated via a phone call or SMS mes-
sage, giving attackers a stealthy and hard-to-detect tool for siphoning
data from the phone or misdirecting the user. 'You call the phone, the
phone doesn't ring, and when the phone realizes that it's being called by
an attacker's phone number, it sends him back a shell [program],' said
Christian Papathanasiou, a security consultant with Chicago's Trustwave,
the company that did the research."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri Sep 02, 2011 10:51 am    Post subject: Reply with quote

Wired - Secure Your Mac Against Fraudulent SSL Certificates

"Dutch SSL certificate authority (CA) Diginotar issued a fraudulent certificate
for *google.com in August 2011. This means that hackers can, and have
been, impersonating Gmail with a "man in the middle" attack. The certificate
is believed to have been issued by Iranian agents after they hack Diginotar.
The exploit may have been used to spy on Iranian citizens' e-mail."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Sat Sep 27, 2014 4:13 pm    Post subject: Reply with quote

http://queue.acm.org/detail.cfm?id=2673311

Security Collapse in the HTTPS Market

Assessing legal and technical solutions to secure HTTPS
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Tue Feb 23, 2016 10:49 pm    Post subject: Reply with quote

ars - Asus lawsuit puts entire industry on notice over shoddy router security

"According to the FTC, the vulnerabilities allowed attackers to gain
unauthorized access to 12,900 Asus routers in February 2014. At least
one user whose router was hacked reported being the victim of identity
fraud after hackers accessed personal data attached to the device, the
complaint alleged."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Wed Sep 14, 2016 3:13 pm    Post subject: Reply with quote

Symantec - Common loading points for viruses, worms, and Trojan horse programs on a Mac

In the dialog box that appears, type the location of the folders exactly as
they appear in the list, and click Go.

/System/Library/LaunchAgents
/System/Library/LaunchDaemons
/System/Library/StartupItems
/Library/LaunchAgents
/Library/LaunchDaemons
/Library/StartupItems
~/Library/LaunchAgents
~/Library/LaunchDaemons
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Wed Sep 14, 2016 3:14 pm    Post subject: Reply with quote

MW - How to remove Mac malware, viruses and ransomware for free

"Mac malware is rare, but it does exist. Our guide to removing malware is
vital reading for Mac OS X users - and now covers the KeRanger BitTorrent
infection. Discover how to stop malicious software infecting your Mac, and
how to remove it safely for free if you get caught out."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri Oct 07, 2016 4:21 pm    Post subject: Reply with quote

HN - Mac Malware Can Secretly Spy On Your Webcam and Mic - Here's How to Stay Safe

"Patrick Wardle, an ex-NSA staffer who heads up research at security intelli-
gence firm Synack, discovered a way for Mac malware to tap into your live
feeds from Mac's built-in webcam and microphone to locally record you even
without detection.

Wardle is the same researcher who has discovered a number of security
weaknesses in Apple products, including ways to bypass the Gatekeeper
protections in OS X.

Wardle also released a free tool called RansomWhere? earlier this year that
has generic detection capabilities for Mac OS X ransomware variants."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Sun Oct 23, 2016 10:00 pm    Post subject: Reply with quote

mjg59 - Fixing the IoT isn't going to be easy

"We can't easily fix the already broken devices, we can't easily stop more
broken devices from being shipped and we can't easily guarantee that we
can fix future devices that end up broken. The only solution I see working
at all is to require ISPs to cut people off, and that's going to involve a great
deal of pain. The harsh reality is that this is almost certainly just the tip of
the iceberg, and things are going to get much worse before they get any
better."
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Mon Oct 31, 2016 4:29 pm    Post subject: Reply with quote

x1622 - cipher check with check-ciphers.com

"SSLLABS is good to check ciphers, but for IP adresses and non 443 ports,
it does not work. check-ciphers.com orders the ciphers for each protocol
(ssl.x, tls.x) in server prefered sort order. (the red ones are weak)"
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Mon Oct 31, 2016 4:54 pm    Post subject: Reply with quote

Mark Russinovich's - Analyzing a Stuxnet Infection with the Sysinternals Tools

"I forwarded the file to the Microsoft antimalware and security research teams
and our internal review into what became the Stuxnet saga began to unfold,
quickly making the driver I had received become one of the most infamous
pieces of malware ever created."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Wed Nov 23, 2016 7:33 am    Post subject: Reply with quote

https://www.reddit.com/r/security/comments/5eedra/great_now_even_your_headphones_can_spy_on_you/

Great. Now Even Your Headphones Can Spy on You wired.com
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Fri Dec 02, 2016 12:34 am    Post subject: Reply with quote

https://www.reddit.com/r/apple/comments/5fud1i/a_practical_guide_to_securing_mac_os/

A practical guide to securing Mac OS (github.com)
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Tue Dec 06, 2016 5:15 pm    Post subject: Reply with quote

r - Why I Built my Own Hacking Network

"As of this writing, one Raspberry Pi is already running Mutillidae. I strongly
recommend the Mutillidae project. It's very easy to set up, filled with instruct-
ions and tutorial links and gives you the opportunity to learn in a private
setting with repeatable hacks that will help to solidify the fundamentals. I have
plans to add other vulnerable web applications such as OWASP Security
Shepherd as well as a well-known CMS or two, possibly even an open source
IoT OS."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Sun Dec 11, 2016 1:03 pm    Post subject: Reply with quote

Kaspersky - Generic OS X Malware Detection Method Explained

"In an academic paper published by Virus Bulletin on Monday, Vincent
Van Mieghem, a former student at the Delft University of Technology in
the Netherlands, describes how a recurring pattern he observed in OS X
system calls can be used to indicate the presence of malware. "
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Wed Dec 14, 2016 11:57 pm    Post subject: Reply with quote

themerkle.com - Tesco Bank May Have Facilitated Their Own Heist By Using Sequential Debit Card Numbers

"A few weeks ago, news broke about Tesco Bank falling victim to a
massive fraud attack. As it turns out, the institution brought this upon
themselves, as they issued debit cards with sequential numbers. This
is perhaps one of the worst examples of financial malpractice to hit the
banking sector in quite some time."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Thu Dec 29, 2016 7:11 pm    Post subject: Reply with quote

github.com - Awesome Malware Analysis

"A curated list of awesome malware analysis tools and resources"

"Malware Collection, Anonymizers, Honeypots, Malware Corpora, Open
Source Threat Intelligence, Detection and Classification, Online Scanners
and Sandboxes, Domain Analysis, Browser Malware, Documents and Shell-
code, File Carving, Deobfuscation, Debugging and Reverse Engineering,
Memory Forensics, Windows Artifacts, Storage and Workflow, Miscellaneous
Resources..."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Tue Jan 03, 2017 11:47 pm    Post subject: Reply with quote

r - Careers in security, ethical hacking and advice on where to get started

"I've (almost) always been a web developer. I started writing software in
'95 whilst at university and from day one, it was software for the web. There
were a few years before that where I made pocket money working in various
part time PC support roles but for the most part, it's always been about
building software. I spent a decade and a half doing that before I really
began to think seriously about specialising in security."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri Feb 03, 2017 4:08 pm    Post subject: Reply with quote

appcanary.com - Everything you need to know about HTTP security headers

"This article explains what secure headers are and how to implement these
headers in Rails, Django, Express.js, Go, Nginx, and Apache."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri Feb 03, 2017 10:32 pm    Post subject: Reply with quote

r - Malvertising Increased by 132% in 2016

"According to New Report it's a direct attack on the lifeblood of the internet as we know it."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Tue Feb 21, 2017 4:51 pm    Post subject: Reply with quote

Hack - Secure Operating System released for IoT and Embedded Systems

"Russian cyber security and antivirus vendor Kaspersky Lab has made
available the much awaited KasperskyOS, a secure-by-design operating
system based on Microkernel architecture which is specially designed for
network devices, industrial control systems and the Internet of Things."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Fri Feb 24, 2017 9:20 pm    Post subject: Reply with quote

r - Cloudflare have been leaking customer HTTPS sessions for months.
Uber, 1Password, FitBit, OKCupid, etc.


"The examples we're finding are so bad, I cancelled some weekend plans
to go into the office on Sunday to help build some tools to cleanup. I've
informed cloudflare what I'm working on. I'm finding private messages
from major dating sites, full messages from a well-known chat service,
online password manager data, frames from adult video sites, hotel bo-
okings. We're talking full https requests, client IP addresses, full respon-
ses, cookies, passwords, keys, data, everything."
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Sun Mar 26, 2017 10:18 pm    Post subject: Reply with quote

https://www.youtube.com/watch?v=BLGFriOKz6U&feature=youtu.be

Published on Aug 16, 2016
by Ivan Krstic

With over a billion active devices and in-depth security protections spanning every layer from silicon to software, Apple works to advance the state of the art in mobile security with every release of iOS. We will discuss three iOS security mechanisms in unprecedented technical detail, offering the first public discussion of one of them new to iOS 10.

HomeKit, Auto Unlock and iCloud Keychain are three Apple technologies that handle exceptionally sensitive user data ? controlling devices (including locks) in the user's home, the ability to unlock a user's Mac from an Apple Watch, and the user's passwords and credit card information, respectively. We will discuss the cryptographic design and implementation of our novel secure synchronization fabric which moves confidential data between devices without exposing it to Apple, while affording the user the ability to recover data in case of device loss.

Data Protection is the cryptographic system protecting user data on all iOS devices. We will discuss the Secure Enclave Processor present in iPhone 5S and later devices and explain how it enabled a new approach to Data Protection key derivation and brute force rate limiting within a small TCB, making no intermediate or derived keys available to the normal Application Processor.

Traditional browser-based vulnerabilities are becoming harder to exploit due to increasingly sophisticated mitigation techniques. We will discuss a unique JIT hardening mechanism in iOS 10 that makes the iOS Safari JIT a more difficult target.
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Sun Mar 26, 2017 10:24 pm    Post subject: Reply with quote

https://www.apple.com/business/docs/iOS_Security_Guide.pdf

https://www.reddit.com/r/apple/comments/61j1qz/ios_10_security_white_paper/
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Tue Apr 18, 2017 8:59 am    Post subject: Reply with quote

r - Hacker documents show NSA tools for breaching global money
transfer system


"Documents and computer files released by hackers provide a blueprint
for how the U.S. National Security Agency likely used weaknesses in
commercially available software to gain access to the global system for
transferring money between banks, a review of the data showed."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Wed Apr 26, 2017 4:55 am    Post subject: Reply with quote

https://www.reddit.com/r/apple/comments/67hsy2/for_the_love_of_jobs_will_you_people_stop/

for the love of Jobs will you people stop installing MacKeeper. it's total crap.
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Mon May 08, 2017 9:36 am    Post subject: Reply with quote

LR - macOS Sierra and (legacy) smart card login

"It is easy to configure a user account to use a smartcard to login with macOS
Sierra. Some steps are not easy to guess so I wrote this documentation for me
to remember."
Back to top
View user's profile Send private message
XNote
Kapetan


Joined: 16 Jun 2006
Posts: 532

PostPosted: Tue May 23, 2017 8:53 am    Post subject: Reply with quote

https://www.reddit.com/r/IAmA/comments/6cmmdf/iama_the_accidental_hero_who_helped_stop_the/
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Tue May 23, 2017 2:09 pm    Post subject: Reply with quote

git - Secure iOS application development

"This guide is a collection of the most common vulnerabilities found in iOS
applications. The focus is on vulnerabilities in the applications' code and only
marginally covers general iOS system security, Darwin security, C/ObjC/C++
memory safety, or high-level application security."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Sat May 27, 2017 7:12 pm    Post subject: Reply with quote

so - How to create a self-signed certificate with openssl?

"You can also add -nodes if you don't want to protect your private key with
a passphrase, otherwise it will prompt you for "at least a 4 character" pass-
word. The days parameter (365) you can replace with any number to affect
expiration date. It will then prompt you for things like "Country Name" but
you can just hit enter and accept defaults."

Code:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

openssl pkcs12 -export -inkey key.pem -in cert.pem -out TestCert.p12


"For anyone else using this in automation, here's all of the common
parameters for the subject:"

Code:

-subj "/C=US/ST=Oregon/L=Portland/O=Company Name/OU=Org/CN=www.example.com"
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri Jun 23, 2017 11:54 am    Post subject: Reply with quote

blog.acolyer.org - IoT goes nuclear: creating a ZigBee chain reaction

"What we demonstrate in this paper is that even IoT devices made by big
companies with deep knowledge of security, which are protected by industry-
standard cryptographic techniques, can be misused by hackers can rapidly
cause city-wide disruptions which are very difficult to stop and investigate."
Back to top
View user's profile Send private message Visit poster's website
XNote
Kapetan


Joined: 16 Jun 2006
Posts: 532

PostPosted: Tue Jul 04, 2017 8:18 pm    Post subject: Reply with quote

https://www.reddit.com/r/apple/comments/6kpm4t/macos_terminal_alternative_to_antivirus/
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Sun Jul 09, 2017 1:14 pm    Post subject: Reply with quote

https://itsecuritycentral.teramind.co/2017/07/07/technology-developments-in-data-security-say-goodbye-to-the-firewall/

Technology Developments in Data Security, Say Goodbye to the Firewall
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Mon Sep 11, 2017 5:01 pm    Post subject: Reply with quote

fortune.com - How Equifax Turned Its Massive Hack Into an Even Worse 'Dumpster Fire'

"On Thursday, consumer credit rating agency Equifax announced what may
become the most economically damaging hack in U.S. history, exposing the
personal data of nearly half of all Americans."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Mon Oct 16, 2017 6:53 pm    Post subject: Reply with quote

ars - Millions of high-security crypto keys crippled by newly discovered flaw

"The researchers examined keys used in electronic identity cards issued by
four countries and quickly found two - Estonia and Slovakia - were issuing
documents with fingerprinted keys, both of which were 2048 bits in length,
making them practically factorizable."
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Sat Oct 21, 2017 1:16 am    Post subject: Reply with quote

How I Socially Engineer Myself Into High Security Facilities
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri Nov 17, 2017 5:27 pm    Post subject: Reply with quote

r - All my Ethereum stolen right out of my wallet

"In that case, the user tried to check his Bitcoin Gold balance on the site
https://mybtgwallet.com/. The site now looks innocent, but it looked very
different yesterday. It was asking users for their 12-word recovery seed...

It's an open source site, but you can see that the code is brand new, all the
files have been uploaded to GitHub 20 hours ago.

We suspect this site has been hacked."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Wed Nov 29, 2017 12:13 am    Post subject: Reply with quote

https://www.reddit.com/r/security/comments/7g73j9/login_as_root_with_empty_password_after_a_few/

Login as 'root' with empty password after a few tries on MacOS High Sierra twitter.com
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Thu Nov 30, 2017 9:32 pm    Post subject: Reply with quote

r - Evidence some bitcoin address generation code is using discoverable private keys

"Nobody should be using Blockchain.info to store any amount of value.
The entire ecosystem needs to shift away from relying on Blockchain.info
for anything at all, including the block explorer itself. There are plenty of
alternatives available."
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Fri Dec 01, 2017 11:16 pm    Post subject: Reply with quote

iOS 11 Horror Story: The Rise And Fall Of IOS Security

"The release of iOS 11, which we praised in the past for the new S.O.S. mode
and the requirement to enter a passcode in order to establish trust with a new
computer, also made a number of other changes under the hood that we have
recently discovered. Each and every one of these changes was aimed at making
the user's life easier (as in 'more convenience'), and each came with a small
trade off in security. Combined together, these seemingly small changes made
devastating synergy, effectively stripping each and every protection layer off
the previously secure system."
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Tue Dec 12, 2017 10:33 am    Post subject: Reply with quote

wired - How Email Open Tracking Quietly Took Over the Web

"I wrote Cook a lengthy email detailing the reasons he should join me for an
interview. When I didn't hear back, I drafted a brief follow-up, enabled Streak,
hit send. Hours later, I got the notification: My email had been read. Yet one
glaring detail looked off. According to Streak, the email had been read on a
Windows Desktop computer."
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Sun Dec 24, 2017 7:54 pm    Post subject: Reply with quote

Y - Get ready for a 2018 cryptocurrency crime wave

"After all, cryptocurrency cyber heists are now extremely lucrative, with the
opportunity to make tens of millions of dollars from a single attack. This will
likely entice more hacking groups to expand their operations beyond traditi-
onal revenue streams -- 'banking Trojans,' 'ransomware,' 'carding,' etc. -- to
take on cryptocurrency investors as well. Cybercriminals go where the money
is and right now the money is definitely in bitcoin."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Sun Jan 14, 2018 11:42 am    Post subject: Reply with quote

https://www.theverge.com/2018/1/11/16878670/meltdown-spectre-disclosure-embargo-google-microsoft-linux

KEEPING SPECTRE SECRET
How an industry-breaking bug stayed secret for seven months ? and then leaked out
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Thu Feb 01, 2018 12:26 pm    Post subject: Reply with quote

sploitspren.com - Windows Privilege Escalation Guide

"This guide is influenced by g0tm1lk's Basic Linux Privilege Escalation, which
at some point you should have already seen and used. I wanted to try to mir-
ror his guide, except for Windows. So this guide will mostly focus on the enu-
meration aspect."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Tue May 08, 2018 12:11 pm    Post subject: Reply with quote

ssllabs.com - SSL/TLS Capabilities of Your Browser

"Protocol Support, Logjam Vulnerability, FREAK Vulnerability, ..."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri May 18, 2018 10:18 am    Post subject: Reply with quote

Hardcoded Password Found in Cisco Enterprise Software, Again

"The company discovered these flaws following as part of its massive series
of internal audits it started back in December 2015.

At the time, security researchers found a backdoor account in Juniper software
that could decrypt VPN traffic, and Cisco decided to hunt and root out any
similar backdoors before attackers found them first."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri May 18, 2018 9:26 pm    Post subject: Reply with quote

r - Has your MacBook battery life become much worse in the last week or two? New Zero-Day Mac CPU virus

"The bad news is that it's currently uncertain what it's using the CPU for
(though let's be reasonable, it's probably cryptocurrency mining or something).
The good news is that is probably all it's doing and not stealing/encrypting any
of your files."


/Library/LaunchDaemons/com.pplauncher.plist
/Library/Application Support/pplauncher/pplauncher
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Fri Oct 12, 2018 5:29 pm    Post subject: Reply with quote

tls.ulfheim.net - The Illustrated TLS Connection

"In this demonstration a client has connection to a server, negotiated a TLS
1.2 session, sent "ping", received "pong", and then terminated the session.
Click below to begin exploring."
Back to top
View user's profile Send private message Visit poster's website
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Mon Apr 01, 2019 11:43 pm    Post subject: Reply with quote

g - Reverse Engineering iOS Applications

"All the vulnerabilities that I'll show you here are real, they've been found in
production applications by security researchers, including myself, as part of
bug bounty programs or just regular research. One of the reasons why you
don't often see writeups with these types of vulnerabilities is because most
of the companies prohibit the publication of such content.

We've helped these companies by reporting them these issues and we've
been rewarded with bounties for that, but no one other than the researchers
and the company's engineering team will learn from those experiences. This
is part of the reason I decided to create this course, by creating a fake iOS
application that contains all the vulnerabilities I've encountered in my own
research or in the very few publications from other researchers.
Even though
there are already some projects[^1] aimed to teach you common issues on
iOS applications, I felt like we needed one that showed the kind of vulnerabi-
lities we've seen on applications downloaded from the App Store."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Tue May 21, 2019 8:10 am    Post subject: Reply with quote

https://old.reddit.com/r/theinternetofshit/
Back to top
View user's profile Send private message
delovski



Joined: 14 Jun 2006
Posts: 3524
Location: Zagreb

PostPosted: Tue Oct 27, 2020 9:28 am    Post subject: Reply with quote

ars - Study shows which messengers leak your data, drain your battery, and more

"Among the worst offenders, according to research published on Monday, were
messengers from Facebook, Instagram, LinkedIn, and Line. More about that
shortly. First a brief discussion of previews."
Back to top
View user's profile Send private message Visit poster's website
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Thu Dec 17, 2020 10:30 am    Post subject: Reply with quote

r - I Was the Homeland Security Adviser to Trump. We're Being Hacked.

"It was reported several years ago that Russia has access to the U.S. power grid.

The GOP just attempted a coup, openly, after denying assistance to and
ensuring a shaky existence for much of the U.S. populace for a year during
a pandemic. If you thought that was callous, just wait until those major GOP
donors who would profit from evictions and property sales reap a windfall.

Things may get really weird."
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Wed Jun 30, 2021 9:20 pm    Post subject: Reply with quote

Get Alerted If Your Computer Gets Infected

https://jacobsalmela.com/2014/10/02/roll-defense-mac-backdoor-iworm/

"So, really, you will probably just need to monitor the LaunchDaemons and /private/var/root folders. You will notice in the screenshot that I have other folders listed, this is because I have used this trick to block other types of malware."

plus

OS X: Roll-your-own Malware Detection

https://jacobsalmela.com/2014/05/19/roll-your-own-malware-detection/
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Thu Jul 01, 2021 7:47 pm    Post subject: Reply with quote

Objective-See - The Art of Mac Malware

"Mac Malware Resources:

    All about Mac antivirus"
    The Safe Mac Malware Catalog
    OS X Incident Response: Scripting and Analysis
    OS Internals

I'm writing a (free) book: The Art of Mac Malware ...have a read, it's free"


Plus: https://github.com/objective-see
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Thu Jul 08, 2021 8:31 pm    Post subject: Reply with quote

windows10forums.com - Windows Defender false threat on Windows 10

"Windows Defender - It claims in its "Threat Blocked" report that the file has
'Trojan:Script/Wacatac.B!ml'. Most amazingly when I run a custom scan on this
file it says "0 threats found", but it will still remove the file periodically when I
try to use it even if this removal does not happen each time I use it.

Windows Security > Virus & threat protection > Manage settings > Add
or remove exclusions
"
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Tue Jul 20, 2021 9:47 pm    Post subject: Reply with quote

git - Mobile Verification Toolkit

"Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and
automate the process of gathering forensic traces helpful to identify a potential
compromise of Android and iOS devices."
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Tue Jul 20, 2021 9:51 pm    Post subject: Reply with quote

Objective-See - The Art of Mac Malware

"Mac Malware Resources:

    All about Mac antivirus"
    The Safe Mac Malware Catalog
    OS X Incident Response: Scripting and Analysis
    OS Internals

I'm writing a (free) book: The Art of Mac Malware ...have a read, it's free"


Plus: https://github.com/objective-see
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Wed Feb 22, 2023 11:20 pm    Post subject: Reply with quote

git - Sloth

"Sloth is a native Mac app that shows all open files, directories, sockets, pipes,
and devices in use by all running processes on your system. This makes it easy
to inspect which apps are using which files, etc."
Back to top
View user's profile Send private message
Ike
Kapetan


Joined: 17 Jun 2006
Posts: 3136
Location: Europe

PostPosted: Fri Mar 31, 2023 5:05 pm    Post subject: Reply with quote

git - kr : a simple file encryption/decryption tool.

"kr is a simple file encryption/decryption program based on Monocypher.
Under the hood, it uses the incremental AEAD interface of Monocypher to
encrypt/decrypt files using XChaCha20-Poly1305.

kr offers two modes of operation:

Keyfile-based: a private key is stored on the user's machine and is used to
encrypt and decrypt files.

Passphrase-based: an encryption/decryption key is generated, on the fly,
using Argon2i (with a random salt).

When using keyfiles, kr can help you generate either random or
deterministic keyfiles (based on a passphrase and a uid). See Keyfiles
Management below."
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Igor Delovski Board Forum Index -> Dev Links All times are GMT + 1 Hour
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Delovski.hr
Powered by php-B.B. © 2001, 2005 php-B.B. Group