Techmology links and news of interest

moogs

Ediot
Joined
May 26, 2020
Messages
793
Reaction score
1,233

Were it new vulnerabilities or a microwave oven that burns CD-R, post it here for our leisure.

------Service to SMS register accounts (i.e. Facebook, Twitter, BTC works)
------The big list of malware-infested domains
------Draw on this website (with a Twitter account).

C-learning resources
------Inside the C standard library
------Common C problems

Additionally an informative article about the COVID & IT:
5 Ways Web Attacks Will Change Post-COVID
COVID-19 has accelerated changes in the way attackers hit web applications. Based on behaviors we observed during our research, we developed five predictions on how web application security will change as we come out of the COVID-19 period – and what security pros can do about it.
1. More sophisticated account takeover (ATO) attacks.
The COVID crisis has created new opportunities for attackers. It has also accelerated the innovation and development of new attack tools. Consumers changed their usage patterns and the attackers followed them. For example, use of online retail, food delivery and e-learning services has spiked. These big traffic shifts – often the doubling or tripling of legitimate users – present an opportunity for attackers to victimize inexperienced website operators defending against hard-to-spot distributed attacks.
During COVID, we saw an increase in “sophisticated” attacks using tactics such as headless browsers (without GUIs) and JavaScript-enabled bots. We also saw an increase in bots with detailed business logic capabilities that navigate multiple pages and can solve CAPTCHAs. The attackers also expanded their attacks to smaller sites than what we’ve traditionally seen for these type of attacks. Generally, this type of ATO attackers focus on larger targets like the top 50 Internet retailers. In contrast, attacks against smaller sites pre-COVID were mostly “spray” attacks using brute force ATO attempts with crude bots. This means either that professional cybercrime rings responsible for sophisticated attacks are now broadening their targets to include smaller sites, or that more sophisticated bot and ATO attack tools are easier to access on the dark web. As the tools grow more available, attackers of all stripes will continue to use them.
  • Result: There’s a new level of attack sophistication facing a wider array of websites.
  • Impact: Operators of all sites and web applications, regardless of size, need to learn how to defend against far more sophisticated attackers. Simple Web Application Firewall (WAF) rules and rate-limiting won’t work anymore. Operators must learn how to defend new attacks to protect their revenues and reduce time and resources wasted remediating and reacting to attacks.
2. Distributed (and harder to stop) botnets.
During COVID, we saw an increase in botnets that were more broadly distributed and had higher-quality IP addresses that used a large range of residential addresses. This implies that cybercriminal gangs have access to larger botnets than previously or that the tools to create (or rent) distributed botnets got easier to use and became more widely available. This broad shift will make it harder to spot attacks earlier and will reduce the efficacy of IP-address reputation as a way to spot bots.
  • Result: Detecting malicious bots will require more advanced machine learning that can better spot and predict bots that are lower volume and coming from higher reputation IP addresses
  • Impact: Every web application team will need to either understand machine learning or use a web application security service that deploys machine learning to stay ahead of the attackers. Business units and e-commerce revenue teams need to reconsider technology choices for their web defense.
3. Online hoarding and bot-buying for in-demand items.
During COVID, the shopping bot and hoarding behavior emerging online went mainstream. Some of the software for these hoarding applications was open- sourced. We expect people will leverage the same technology for additional use cases around the short-term scarcity of products online.
  • Result: Shoppers not using bots will struggle to buy in-demand items like pulse oximeters and isopropyl alcohol. Hoarding tools will appear quickly whenever there’s a supply interruption, driven by easy access to open source technologies. Businesses must deal with more disruptions caused by hoarding bots including site latency, skewed site analytics and unhappy customers.
  • Impact: Retailers must more broadly adopt bot mitigation measures to ensure fair access to their products, reduce infrastructure costs and maintain analytics integrity.
4. Bots will target government websites.
COVID has forced all organizations to accelerate digital transformations and move processes online. It’s also true for government agencies. More governments are asking citizens to put critical PII online. Full records of personal information are a lucrative target for attackers who can resell it or leverage it to defraud innocent users. Many of these new government web applications have not been thoroughly tested and might have security vulnerabilities. New operators of these web applications are inexperienced with bots, hoarding and other forms of web application attacks.
  • Result: Organized attackers will gravitate towards government web applications for high-value, high-impact attacks.
  • Impact: We see large spikes in attacks as the bad guys target newly digital government sites to harvest PII and financial institution data. Government operators of online properties must consistently test, validate and improve their security stances to protect users from the increased cadence and severity of attacks.
5. Magecart attacks on retailers (and consumers) continue to soar.
With everyone staying home more and avoiding malls and stores, online shopping has skyrocketed. Many businesses are now creating new online sites and online offerings in response to COVID. However, when organizations quickly make changes, their websites are more vulnerable to security risks and insertion of unauthorized code, such as Magecart. In addition, as the number of new sites and new offerings grows in response to COVID there are more new targets for attackers. We observed attackers cynically taking advantage of fundraising sites and targeting them to steal credit card information and other data. The Magecart groups have noticed all of this and they are upping their attack frequency and severity. Magecart attacks target front-end infrastructure with unauthorized code that skims sensitive information, such as email-password combos or financial data like credit card or bank account information. Some Magecart attacks redirect customers to lookalike domains where they receive a payment request and then their data gets skimmed. Other Magecart attacks merely snoop and skim data from payment forms that are legitimate on a website or mobile application.
Result: With the volume of online shopping traffic likely to grow as COVID lingers, Magecart attacks will become even more lucrative for cybergangs.
Impact: Web application owners will need to improve front-end security and closely monitor code changes, as well as website behavior for anomalies and signs of Magecart penetration.
Moving forward, organized cybercriminal gangs will expand their reach to grab even more of an expanded pie. For website operators, these trends are an impetus to up their web security game and tune their internal capabilities, web security technologies and services to handle this permanently enhanced threat status. On a more positive note, there are some clear proactive steps organizations can take to make web security a lot better after COVID.
 

lurk

Dramacrat
Joined
May 14, 2020
Messages
6,056
Reaction score
11,944
The fuck is that thing on the processor? Lol
 

SK2.0

+size butt model
Joined
May 15, 2020
Messages
1,549
Reaction score
2,629
Well I guess it counts as water cooling, but U is probably rather low.

Needs fresh radish every 10 min
 

moogs

Ediot
Joined
May 26, 2020
Messages
793
Reaction score
1,233
Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps.
Security experts from ThreatFabric have discovered a new Android banking trojan dubbed BlackRock that steals credentials and credit card data from a list of 337 apps.
The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan.
The source code of the Xerxes malware was leaked online around May 2019.
Unlike other banking trojans, BlackRock targets several non-financial Android apps, most of them are social, communication, and dating platforms.

“one of the interesting differentiators of BlackRock is its target list; it contains an important number of social, networking, communication and dating applications. So far, many of those applications haven’t been observed in target lists for other existing banking Trojans.” reads the post published by ThreatFabric. “It therefore seems that the actors behind BlackRock are trying to abuse the grow in online socializing that increased rapidly in the last months due to the pandemic situation.”

The BlackRock malware poses itself as fake Google updates: camouflages itself as Google Update.

Upon launching the malware on the mobile device, it will start by hiding its icon from the app drawer, then it asks the victim for the Accessibility Service privileges.

“Once the user grants the requested Accessibility Service privilege, BlackRock starts by granting itself additional permissions,” continues the analysis. “Those additional permissions are required for the bot to fully function without having to interact any further with the victim. When done, the bot is functional and ready to receive commands from the C2 server and perform the overlay attacks.”

The malicious code supports multiple commands, it could launch overlay attacks, log keystrokes, send spam the victims’ contact lists with SMS messages, and prevent victims from using antivirus software.
Experts noticed that the Xerxes Trojan itself implements more features because the authors of the BlackRock malware have removed those ones that are not useful to steal personal information.

Unlike other Android malware that BlackRock uses the Android work profiles, which is used by businesses to define a device policy controller (DPC) in order to control and apply policies on their mobile fleet. The feature allows controlling multiple aspects of a device without having complete administration rights on them.

The malware targets 226 applications to steal account credentials, including Gmail, Google Play services, Uber, Amazon, Netflix and Outlook.
The list of targeted apps includes cryptocurrency wallet applications (i.e. Coinbase, BitPay, and Coinbase), and banks (i.e. Santander, Barclays, Lloyds, ING, and Wells Fargo).

“The second half of 2020 will come with its surprises, after Alien, Eventbot and BlackRock we can expect that financially motivated threat actors will build new banking Trojans and continue improving the existing ones,” ThreatFabric concludes.
“With the changes that we expect to be made to mobile banking Trojans, the line between banking malware and spyware becomes thinner, banking malware will pose a threat for more organizations and their infrastructure, an organic change that we observed on windows banking malware years ago.”
 

moogs

Ediot
Joined
May 26, 2020
Messages
793
Reaction score
1,233
my gut says china's behind this...
Might also just be an independent group as they always seem to find new ways.

Here's some article of a case of a faux copyright claim;
Copyright Trolling Evolved: Okularity Accused Of DMCAing Social Media Accounts, Then Demanding MILLIONS To Reinstate
A decade ago, one of the most ridiculous copyright trolling outfits was CEG TEK (which stood for "Copyright Enforcement Group... um... TEK"). It would shake down people like any other copyright troll, but it also had a "CTO", named Jon Nicolini, who CEG TEK would trot out as a questionable forensic expert in various trolling cases.

It appears that Nicolini has since set out on his own, creating a more modern form of a copyright trolling operation called "Okularity." We've talked recently about how some folks have, instead of using the courts, simply been using social media takedowns via bogus copyright claims as a form of extortion, and that's become quite popular. However, so far, it seems that this has mostly been done by stupid kids looking to make a quick buck.

Nicolini and Okularity appear to have professionalized the extortion racket.
And they may have picked on the wrong person. In a recently filed lawsuit by Enttech Media Group, the parent company of the famous (and excellent) Paper Magazine, lawyer Richard Tauler lays out in great detail the kind of scam shakedown that Nicolini runs via Okularity:


Defendants are engaged in a scheme to deprive Plaintiff and similar digital media companies of their assets by unlawfully manipulating the take-down notice provisions of the Digital Millennium Copyright Act (“DMCA”). Specifically, Defendants have created software for the express purpose of disabling valuable commercial accounts on social media platforms (in this case Instagram) so that they can then demand extortionate sums (in this case over a million dollars) from the account holders to have the accounts restored.

The scheme operates in the shadows of the Copyright Act and the DMCA. The DMCA provides a rapid procedure (referred to herein as a “DMCA Notice”) so that copyright owners can protect the widespread proliferation of their content digitally. A DMCA Notice requires a statement under penalty of perjury that the submitting party has a good faith belief that the content identified in the notice is infringing on a copyright and that the submitting party is either the copyright owner or an authorized agent of the copyright owner.

Most social media platforms, including Instagram, have policies whereby accounts are disabled once a certain amount of DMCA Notices have been submitted on a particular account. Once an account reaches this threshold, Instagram will not reinstate the account until the underlying copyright “dispute” is resolved. Because of the work associated with the identification and investigation of copyright claims, as well the DMCA’s penalties for misstatements, it is generally unlikely that owners of legitimate copyrights would abuse this system.

However, given the massive financial incentives provided to mercenary litigants by the Copyright Act, would-be claimants have leveraged advances in technology to create economies of scale in pursuing claims. Specifically, Okularity has developed software that crawls the internet for images that infringe on allegedly protected works. Through its proprietary software, Okularity automatically generates and submits DMCA Notices to any social media platform, including Instagram, containing an image in Okularity’s database. Okularity does this without any of the investigation, warning, or legal analysis required by the DMCA, let alone any demand letter to the alleged infringer.

Rather, Okularity lies in wait while DMCA Notices accumulate to the point where Instagram disables the account. Only then does Okularity begin to negotiate “settlement” for the alleged copyright claims. Okularity operates this way because Okularity knows that Instragam is the lifeblood of any digital media company, particularly one like Plaintiff Paper, which primarily is engaged in the business of reporting and commentary of popular culture news and, as such, targets a young demographic that uses Instagram as its primary source of media consumption. Okularity knows that if a business like Paper has its Instagram account disabled, it has a metaphorical gun to the head of the target company, since it also knows that Instagram will not reinstate the account without a resolution of the “dispute.” With this type of leverage, Okularity (and in turn the Clearinghouse Defendants) can demand sums that they would never be able to demand with a straight face otherwise, putting owners of even large businesses like Plaintiff in a life-or-death situation.
Pretty fucking sketchy, no? As the lawsuit notes, however, this appears to violate the terms of the DMCA regarding what you need to do in filing a notice -- making this an interesting test to see whether or not the courts might finally give Section 512(f) of the DMCA (the part that says you can't file bogus notices) some more teeth. As we've noted, courts have been reluctant to care much about 512(f), which has set up a very unbalanced system, in which tons of people and companies regularly abuse DMCA notices. Usually for censorship.
Here it appears to be for extortion.
The specifics of the Paper Mag / Okularity situation detail how this seems to be an entire business built around extortion, with a bunch of unauthorized practice of law built in as well.


Okularity, which is not a law firm, purportedly “represents” the “Clearinghouse Defendants” with respect to their Copyright “claims.” Okularity’s “CEO” Jon Nicolini, created the software Okularity deploys to file DMCA Notices, and negotiates “settlements” with victims of the scheme once they contact Okularity. Nicolini, who is not an attorney, implies that he is an attorney to victims by interpreting the application of the Copyright Act to images, engaging in damages analysis regarding “claims” of his “clients,” and by negotiating resolution of legal claims on their behalf.


Defendant Backgrid actively solicits members of the public, including persons with whom it has no relationship and about whom it has no knowledge, to upload to it photos which Backgrid will then ostensibly “license” (for payment) others to display and otherwise exploit. Backgrid then uses software to automatically generate copyright management information (“CMI”) so that it can track whenever an image is used. Since Backgrid conducts no due diligence of images uploaded to its website for exploitation, and the corollary opportunity for abuse, Backgrid itself has been sued by actual copyright holders for copyright infringement.


Defendant Splash is similarly a clearinghouse for photographs with a checkered past. In 2018, Splash was sued by soccer star David Beckham for its “predatory and distasteful” tactics, which included demanding payment from Mr. Beckham for posting a picture of himself (taken by a paparazzo) on his very own social media account. Beckham v. Splash, Case 2:18-cv-01001-JTM-JCW (E.D. La.). Counsel for David Beckham viewed the $40,000 demand as an attempt to “extort.”



Okularity’s new business model pre-empts such lawsuits by using DMCA Notices instead of demand letters. However, since the DMCA Notices are automatically generated and submitted without any attorney supervision, Okularity does not engage in any analysis prior to generating and filing DMCA take-down notices as it should.


Rather, Nicolini operates the scheme with the sole objective to disable social media accounts. Not only is no demand letter needed, the scheme makes it so that its victims come to Okularity, often in a state of desperation, once they realize their asset is being held hostage. This is precisely what occurred in the instant case.



It was only after Okularity filed forty-eight (48) DMCA take-down notices against Paper that Instagram disabled Paper’s account. The same day, July 8, Paper was provided with the contact information of Nicolini, who immediately began negotiating the “claims.”

Nicoloni suggested that Paper was facing $4.65 million in damages under the Copyright Act. Nicolini curiously added that it was not his “first rodeo.” A screenshot of the email is below:


Sixteen minutes later Nicolini responded, this time with apparent authority to communicate on behalf of his “clients” under Federal Rule of Evidence 408 to settle for $1.01 million:


However, Nicolini is not an attorney and is therefore unable to assert legal claims on behalf of his “clients,” and likewise cannot negotiate and enter into agreements on their behalf in the context of a copyright lawsuit.


Needless to say, this offer was unable to be accepted. In further effort to reach a resolution, the undersigned requested Mr. Nicolini provide the DMCA notices so that Plaintiff could assess the claims at issue. Nicoloni has refused to do in the absence of a “non-disclosure agreement.” When asked why a “non-disclosure agreement” would be needed, Nicolini had no answer


That's... pretty fucking sketchy in many different ways. The lawsuit argues that the defendants breached 512(f)... but then also throw in a RICO claim. And that always seems iffy. As we all know, the Popehat rule of "it's not RICO, dammit" tends to apply. And I'd still lean towards it not applying here, but I have to admit that this is closer to an actual civil RICO claim than you normally would see. You do have a group of individuals / companies, working together in a pattern to shake down businesses. I still don't expect that claim to last, but this sure does look like a traditional shakedown scheme, using DMCA takedowns for leverage over social media accounts.
 

Quence

Gay man
Joined
May 13, 2020
Messages
6,180
Reaction score
-41,532
Watch SpaceX return Crew Dragon astronauts to Earth


SpaceX’s historic first crewed mission is about to come to an end, and you can watch the conclusion as it happens. NASA TV is providing live coverage as astronauts Bob Behnken and Doug Hurley undock Crew Dragon and return to Earth.

Splashdown in the Atlantic isn’t expected until August 2nd at 2:42PM Eastern. Hurricane Isaias may push back the journey if it renders landing sites off-limits.
 

GloriousReader

#couchcrew
Joined
May 23, 2020
Messages
6,248
Reaction score
17,800
Watch SpaceX return Crew Dragon astronauts to Earth


SpaceX’s historic first crewed mission is about to come to an end, and you can watch the conclusion as it happens. NASA TV is providing live coverage as astronauts Bob Behnken and Doug Hurley undock Crew Dragon and return to Earth.

Splashdown in the Atlantic isn’t expected until August 2nd at 2:42PM Eastern. Hurricane Isaias may push back the journey if it renders landing sites off-limits.
cgi, space isnt real we live on a giant ball of ice
 

moogs

Ediot
Joined
May 26, 2020
Messages
793
Reaction score
1,233
It's no secret /biz/ started their own semi-official cryptocurrency (CLV for Clover) about a month ago and airdropped everyone who could pass their test. Those who knew that the letter I comes after N got their drop and the rest were baited to buy a 4chan pass and brandish a shoe on their heads for free gibs. Shit went south, "mooned" and now it's a shitshow once again, nonetheless comedy gold featuring an autistic leaf for an admin.

















 

moogs

Ediot
Joined
May 26, 2020
Messages
793
Reaction score
1,233
This might come handy for someone, here you can generate temporary .edu emails and register profiles in some place that grants coupons, discounts or free memberships.
https://10minutesemail.net/

It works for canva.com to get royalty free template art which then in turn can be used commercially, as well as skillshare for 2 month free premium.
 

lurk

Dramacrat
Joined
May 14, 2020
Messages
6,056
Reaction score
11,944
This might come handy for someone, here you can generate temporary .edu emails and register profiles in some place that grants coupons, discounts or free memberships.
https://10minutesemail.net/

It works for canva.com to get royalty free template art which then in turn can be used commercially, as well as skillshare for 2 month free premium.
i use that every now and then, didnt know they did edu.
 

Quence

Gay man
Joined
May 13, 2020
Messages
6,180
Reaction score
-41,532
'Privacy Company' Apple Plans To Monitor All US iPhones For Evidence Of Child Porn



As the old saying goes: If you aren't doing anything illegal, then you have nothing to fear from surveillance.

Smartphones already act like tracking devices broadcasting the whereabouts of their owners, but Apple is about to open the door to far more advanced forms of smartphone-based voluntary surveillance by launching a new program designed to detect and report iPhone users who are found to have child pornography - known by the academic-speak acronym CSAM - which stands for Child Sexual Abuse Materials. According to a handful of academics who were offered a sneak preview of the company's plans - then promptly spilled the beans on Twitter, and in interviews with the press.

The new system, called "neuralMatch", is expected to be unveiled by Apple later this week. The software is expected to be installed on American iPhones via a software update. According to the FT, the automated system can proactively alert a team of human reviewers if it believes CSAM is present on a user's iPhone. If the reviewers can verify the material, law enforcement will be contacted.

This is how "neuralMatch" will work, per the FT:

“Apple's neuralMatch algorithm will continuously scan photos that are stored on a US user’s iPhone and have also been uploaded to its iCloud back-up system. Users’ photos, converted into a string of numbers through a process known as “hashing”, will be compared with those on a database of known images of child sexual abuse.

The system has been trained on 200,000 sex abuse images collected by the US non-profit National Center for Missing and Exploited Children.”


One academic who was offered a preview of the software explained why this could create serious privacy risks. Apple has gotten a lot of positive press for its commitment to user privacy - remember when it refused to crack an iPhone belonging to one of the San Bernardino shooters? Well, this encryption technology has become a perennial headache for law enforcement. Last January, Apple quietly abandoned plans to allow users to fully encrypt their iCloud backups due to complains from law enforcement.

Now, Apple has found a middle ground: it will assume responsibility for policing iPhones - well, at least to a degree. To accomplish this, the company is rolling out a new machine-learning tool that will scan iPhones for images that match certain "perceptual hashes" known to represent child pornography. But as academics have complained, could potentially be misled.

What's more, the tool that's today being used to unearth child pornography could one day be abused by authoritarian governments (like the CCP). And once Apple has committed to using this type of surveillance, governments will demand it from everyone.

"It is an absolutely appalling idea, because it is going to lead to distributed bulk surveillance of...our phones and laptops,"
said Ross Anderson, professor of security engineering at the University of Cambridge. Another researcher said it's only a few steps removed from '1984'-style surveillance.

Alec Muffett, a security researcher and privacy campaigner who formerly worked at Facebook and Deliveroo, said Apple's move was "tectonic" and a "huge and regressive step for individual privacy". "Apple are walking back privacy to enable 1984."
 

Barrabas

Girlvinyl
Joined
Jul 18, 2021
Messages
788
Reaction score
3,053

Get ready to lose your dank maymays and feels threads, kids. (It doesn't actually sound so definitive as all that, but its a possibility. Interesting and worth looking at anyway)
 
Top Bottom