Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Hardhead

Pages: [1] 2 3 ... 19
Here's a little more information if anyone is still running these OS's.

Vulnerable in-support systems include Windows 7, Windows Server 2008 R2, and Windows Server 2008. Downloads for in-support versions of Windows can be found in the Microsoft Security Update Guide. Customers who use an in-support version of Windows and have automatic updates enabled are automatically protected.

Links to downloads for Windows 7, Windows 2008 R2, and Windows 2008
Links to downloads for Windows 2003 and Windows XP

If you use uBlock Origin in advance mode you can stop this from happening.  :)

Exactly why I don’t keep anything on the cloud or moon.  :P
I trust my external hard drive more than any cloud or moon. As of now I need to get another external drive because the other one that I have died a good while back. Always better safe than sorry about backups

VoodooShield / Re: VoodooShield v4 STABLE Thread
« on: May 11, 2019, 09:25:23 am »
what does clearing the command lines do? is it just the list of triggered commands? Thanks!

what does clearing the command lines do? is it just the list of triggered commands? Thanks!

Not a geek here, but I believe you are correct. It's a list of allowed/blocked command lines. Clearing it is analogous to clearing whitellist I guess.

Yes, Mr.GumP and oldschool its a list of command that have been ran on your OS. So if you see something odd that you know nothing about how it ran then the list is there to remind you what commands have been ran. Regedit,etc...

Here's a new updated post about Turla at Bleeping.
That's a nasty one there.

By Sergiu Gatlan

    May 7, 2019 08:00 AM

A Turla backdoor targeted at Microsoft Exchange mail servers and controllable remotely via email attachments using steganography was discovered by researchers while used in attacks against multiple targets from around the world

ESET also published another analysis of a backdoor used by the Turla hacking group to target the Outlook and The Bat! email clients, a malware strain which uses the legitimate Messaging Application Programming Interface (MAPI) to be able to interact with Outlook and get access to the targets' inboxes while maintaining stealthiness.

My pleasure Antus67 ;) 
Well the unhackable part will have to be seen in the future.
Hopefully things are looking promising. That would really be super cool. Just imagine what it will sell for. Big big mula..

05:10 PM
Robert Lemos

Armed with stolen credentials from another breach or from a misconfigured file, attackers delete developers' repositories on GitHub, Bitbucket, and GitLab, leaving behind ransom notes.

Atlassian's Bitbucket, GitHub, and GitLab notified hundreds of developers over the weekend that their accounts on those repository services were breached and their code deleted by attackers using credentials harvested from another site or misconfigured files.

The accounts of more than an estimated 1,000 developers were impacted by the attack on the three services. In each case, the attackers deleted the victim's code repository and left behind a ransom note demanding a tenth of a bitcoin — about $570 — to restore the data.

Atlassian, which declined to say how many of the users of its Bitbucket service were affected, notified developers whose accounts were impacted and blamed password reuse for the attackers' ability to compromise the service.

"During this attack, a third party accessed your repository by using the correct username and password for one of the users with permission to access your repository," the company stated in a notification to affected users. "We believe that these credentials may have been leaked through another service, as other git hosting services are experiencing a similar attack."

The attack highlights the dangers of mishandling passwords. Reportedly, 392 GitHub users were impacted by the attack, although only 320 users' repositories are currently showing signs of the ransom note. Bitbucket appears to have blocked search results for affected users, while GitLab does not have facilities for searching through repositories.

Reusing the same password on different services is a problematic habit of online users that can undermine security. In addition, developers often unwittingly leave passwords in files that are published to public repositories. None of the services hosting affected developers' repositories found signs of a compromise. Instead, attackers logged onto them from an unrecognized Internet address using valid credentials and then deleted the victim's code.

"GitHub has been thoroughly investigating these reports, together with the security teams of other affected companies, and has found no evidence or its authentication systems have been compromised," the company said. "At this time, it appears that account credentials of some of our users have been compromised as a result of unknown third-party exposures. We are working with the affected users to secure and restore their accounts."

GitLab started investigating the issue on Sunday, after one developer reported that its code had been deleted. The organization concluded that the breach may have occurred when developers mistakenly published passwords stored in another repository.

"We have identified affected user accounts, and all of those users have been notified," a GitLab spokesperson said. "As a result of our investigation, we have strong evidence that the compromised accounts have account passwords being stored in plaintext on a deployment of a related repository."

Atlassian also urged users to not leave passwords in files that may be replicated into public repositories.

 Zeljka Zorz, Managing EditorMay 6, 2019

Flaw in pre-installed software opens Dell computers to remote hijack

Dell computer owners should update the Dell SupportAssist software as soon as possible to close a high-risk remote code execution vulnerability.

Dell pre-installed software vulnerability
What is Dell SupportAssist?

SupportAssist is software that comes pre-installed on most Dell laptops and computers running Windows.

It has administrator-level access to the operating system and uses it to identify issues, run diagnostics, driver-update scans, and install drivers.
About the vulnerability (CVE-2019-3719)

CVE-2019-3719 is not deemed to be critical as it can’t be exploited by attackers who are not on the same local network as the victim.

Still, instances where that can happen are far from rare. For example, it’s enough for the attacker to be connected to the same public wireless network or enterprise network the potential victim is.

To successfully pull off the attack, the attacker must trick the target into visiting a website booby-trapped with the exploit – no other user interaction is required.

 Help Net SecurityMay 7, 2019

A new computer processor architecture that could usher in a future where computers proactively defend against threats, rendering the current electronic security model of bugs and patches obsolete, has been developed at the University of Michigan.

Called MORPHEUS, the chip blocks potential attacks by encrypting and randomly reshuffling key bits of its own code and data 20 times per second–infinitely faster than a human hacker can work and thousands of times faster than even the fastest electronic hacking techniques.

“Today’s approach of eliminating security bugs one by one is a losing game,” said Todd Austin, U-M professor of computer science and engineering and a developer of the system. “People are constantly writing code, and as long as there is new code, there will be new bugs and security vulnerabilities.

“With MORPHEUS, even if a hacker finds a bug, the information needed to exploit it vanishes 50 milliseconds later. It’s perhaps the closest thing to a future-proof secure system.”

 By Mayank Parmar

    May 6, 2019 01:32 PM
At Build 2019 developer conference, Microsoft announced a bunch of new features for its new Chromium-based Microsoft Edge browser. The company also shared how the brand-new Microsoft Edge will simplify development and improve the productivity of consumers, developers, and enterprises.

Below we have outlined some of the new features coming to Microsoft Edge.

Microsoft announced a new feature called 'Collections' for Edge that would allow users to group content such as photos and text into a central hub that can be accessed from the right pane. After adding items to your collection, you can export the content to apps like Word and Excel.

 By Lawrence Abrams

    May 6, 2019 05:23 PM
Microsoft will begin to ship an in-house custom built Linux kernel starting with the Windows 10 Insider builds this summer. This kernel is to become the backbone for the new Windows Subsystem for Linux 2.0 or WSL2.

Unlike WSL1, which used a Linux-compatible kernel, WSL2 will use a genuine open-source kernel compiled from the stable 4.19 version release of Linux at

While Microsoft will be providing the Linux kernel, they will not provide any Linux binaries to go with it. Instead, users will still need to download their favorite Linux distribution from the Microsoft Store or by creating a custom distribution package.

 By Sergiu Gatlan

    May 6, 2019 07:04 PM 

Amazon to Disable S3 Path-Style Access Used to Bypass Censorship

Amazon announced in a post on the Amazon Simple Storage Service (S3) forum that the company will deprecate path-style API requests (used by many to circumvent censorship) starting with September 30, only keeping support for the virtual-hosted style request format.

While the path-style URI requests (aka V1) include the bucket name in the URIs and are of the "//[bucketname]/key" form, the virtual-hosted style URI requests (aka V2) feature the bucket name within the domain name and have a "//[bucketname]" structure.

"In our effort to continuously improve customer experience, the path-style naming convention is being retired in favor of virtual-hosted style request format," says Amazon.

Amazon recommends customers to start using V2 S3 API requests before V1 will be disabled on September 30:

Susan Bradley in AskWoody forwarded a solution from the Mozilla discourse blog.

It worked/works perfectly in my Windows 10/64 Home 1809 with Firefox Quantum 66.0.3 (64-bit).
Yes, I see what you are saying E but the fix is not working for everyone. I’m sure they will post in the blog when everything has been resolved asap. Also note at the bottom of her post says which I would assume that a new version of Firefox will be rolled out asap.
We are working on a general fix that doesn’t need to rely on this and will keep you updated.

For those having problems Firefox is working on what I believe to be a new version coming out in the next few days if the hot fix is not working. I’m going to wait as I stated above. Note I have not tried the hot fix.

Pages: [1] 2 3 ... 19