Esp32 DNS Hijacking
https://www.youtube.com/watch?v=d228X5A_bG4
🧬 @Phantasm_Lab
how to implement simple DNS Hijacking server on the Esp32 chip. For this purpose I've written C library, packaged as a ESP-IDF component. This technique can be used to open Captive Portal on the Esp32.https://www.youtube.com/watch?v=d228X5A_bG4
🧬 @Phantasm_Lab
YouTube
Esp32 DNS Hijacking
In this video I've shown how to implement simple DNS Hijacking server on the Esp32 chip. For this purpose I've written C library, packaged as a ESP-IDF component. This technique can be used to open Captive Portal on the Esp32.
"Domain Name Server (DNS) hijacking…
"Domain Name Server (DNS) hijacking…
Caso Jumpshot: entenda a polêmica da controversa subsidiária da Avast
https://thehack.com.br/caso-jumpshot-entenda-a-polemica-da-controversa-subsidiaria-da-avast/
🏴☠️ @Phantasm_Lab
Uma bomba caiu no colo dos internautas que utilizam o antivírus tcheco Avast na última semana. Uma investigação conjunta da VICE e da PCMag revelou com exclusividade que a companhia europeia estaria comercializando dados altamente sensíveis de alguns de seus usuários através da Jumpshot, sua subsidiária especializada em marketing digital e inteligência de mercado. Entre os clientes de tal empresa secundária, encontram-se marcas como Google, Yelp, Microsoft, McKinsey, Pepsi e Condé Nast.https://thehack.com.br/caso-jumpshot-entenda-a-polemica-da-controversa-subsidiaria-da-avast/
🏴☠️ @Phantasm_Lab
The Hack
Caso Jumpshot: entenda a polêmica da controversa subsidiária da Avast
Empresa “obscura” vendia dados detalhados sobre hábitos de navegação web de usuários do antivírus tcheco.
Rede de lojas dos EUA deixa vazar 30 milhões de cartões de crédito de clientes
🏴☠️ @Phantasm_Lab
Criminosos cibernéticos já estão comercializando dados roubados da Wawa, rede de lojas de conveniência norte-americana, através de fóruns e marketplaces online. A companhia revelou, em dezembro do ano passado, ter sofrido um vazamento de dados após ter seu sistema de pagamento comprometido em 850 estabelecimentos ao redor dos Estados Unidos; porém, na época, nem a própria cadeia de lojas conseguiu estipular a real gravidade do incidente.
https://thehack.com.br/rede-de-lojas-dos-eua-deixa-vazar-30-milhoes-de-cartoes-de-credito-de-clientes/🏴☠️ @Phantasm_Lab
The Hack
Rede de lojas dos EUA deixa vazar 30 milhões de cartões de crédito de clientes
Criminosos já estão comercializando dados roubados da Wawa, que sofreu um incidente em dezembro de 2019.
Awesome GitHub Repos
1. Book of Secret Knowledge = https://lnkd.in/fWKCdi4
2. Awesome Hacking = https://lnkd.in/f7VPTEX
3. Awesome Bug Bounty = https://lnkd.in/fPrQiVD
4. Awesome Penetration Testing = https://lnkd.in/fAUZgu5
5. Awesome Web Hacking = https://lnkd.in/f5n2hSd
6. Awesome Hacking Resources = https://lnkd.in/fcJ6wFH
7. Awesome Pentest = https://lnkd.in/fNNSFeN
8. Awesome Red Teaming = https://lnkd.in/fGpievF
9. Awesome Web Security = https://lnkd.in/ffG73u2
10. Penetration Test Guide based on OWASP = https://lnkd.in/ffyBwzG
11. Pentest Compilation = https://lnkd.in/f5JwJTD
12. Infosec Reference = https://lnkd.in/fY6wNmX
🧪 @Phantasm_Lab
📬 @tani0m
1. Book of Secret Knowledge = https://lnkd.in/fWKCdi4
2. Awesome Hacking = https://lnkd.in/f7VPTEX
3. Awesome Bug Bounty = https://lnkd.in/fPrQiVD
4. Awesome Penetration Testing = https://lnkd.in/fAUZgu5
5. Awesome Web Hacking = https://lnkd.in/f5n2hSd
6. Awesome Hacking Resources = https://lnkd.in/fcJ6wFH
7. Awesome Pentest = https://lnkd.in/fNNSFeN
8. Awesome Red Teaming = https://lnkd.in/fGpievF
9. Awesome Web Security = https://lnkd.in/ffG73u2
10. Penetration Test Guide based on OWASP = https://lnkd.in/ffyBwzG
11. Pentest Compilation = https://lnkd.in/f5JwJTD
12. Infosec Reference = https://lnkd.in/fY6wNmX
🧪 @Phantasm_Lab
📬 @tani0m
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn
Forwarded from DARKNET BR
🌐 #Cyberattack | #FBI | #Leaks
Wu Zhiyong, Wang Qian, Xu Ke e Liu Lei são supostamente responsáveis pela invasão dos sistemas de computador Equifax e dos dados pessoais roubados dos segredos comerciais americanos e Equifax. Eles são acusados pelo FBI de fraude informática, espionagem econômica e fraude eletrônica.
Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei are allegedly responsible for the invasion of Equifax computer systems and personal data stolen from American and Equifax trade secrets. They are accused by the FBI of computer fraud, economic espionage and electronic fraud.
China-backed hackers charged in massive Equifax data breach
https://www.youtube.com/watch?v=MpTpUO9qSU0
🏴☠️ @Phantasm_Lab
The Justice Department has charged four Chinese military officials in the massive 2017 Equifax data breach. Nearly 150 million people were affected as the hackers stole names, addresses, credit card and Social Security numbers. CBS News chief Justice and Homeland Security correspondent Jeff Pegues joins CBSN with the latest.https://www.youtube.com/watch?v=MpTpUO9qSU0
🏴☠️ @Phantasm_Lab
YouTube
China-backed hackers charged in massive Equifax data breach
The Justice Department has charged four Chinese military officials in the massive 2017 Equifax data breach. Nearly 150 million people were affected as the ha...
Forwarded from DARKNET BR
📚 #Ebook | #OSINT | #Researchers
OSINT Open Source Intelligence Glossary: Guide to Keywords, Phrases for Improved Internet Research Results
OSINT Open Source Intelligence Glossary: Guide to Keywords, Phrases for Improved Internet Research Results
Forwarded from DARKNET BR
OSINT Glossary, Vol I is a serialized publication, designed for those conducting internet or document research to obtain better and more relevant search results.
Forwarded from DARKNET BR
OSINT_Open_Source_Intelligence_Glossary.epub
185.4 KB
O Brasil não está preparado para o Open Source?!
🧬 @Phantasm_Lab
LinkAPI Founder startou um debate no linkedin que atraiu muitos comentários acídos..até o criador do PyJobs apareceu por la.. qual a sua opinião em relação ao tópico ?
https://www.linkedin.com/posts/thiagolimabr_o-brasil-não-está-preparado-para-o-open-source-activity-6635285389877747713-8a2k🧬 @Phantasm_Lab
Linkedin
Thiago Lima on LinkedIn: O Brasil não está preparado para o Open Source!
Quando fundei o LinkApi | 96 comments
Quando fundei o LinkApi | 96 comments
O Brasil não está preparado para o Open Source!
Quando fundei o LinkApi, meu sonho era que nossa plataforma fosse Open Source, entretanto, comecei a estudar... 96 comments on LinkedIn
Quando fundei o LinkApi, meu sonho era que nossa plataforma fosse Open Source, entretanto, comecei a estudar... 96 comments on LinkedIn
Forwarded from The Hacker News
Iranian hackers are exploiting unpatched 1-day enterprise VPN vulnerabilities to compromise network of organizations worldwide and implant backdoors for cyber espionage.
➡️ Pulse Secure Connect: CVE-2019-11510
➡️ Palo Alto Networks: CVE-2019-1579
➡️ Fortinet FortiOS: CVE-2018-13379
➡️ Citrix: CVE-2019-19781
Read: https://thehackernews.com/2020/02/iranian-hackers-vpn-vulnerabilities.html
➡️ Pulse Secure Connect: CVE-2019-11510
➡️ Palo Alto Networks: CVE-2019-1579
➡️ Fortinet FortiOS: CVE-2018-13379
➡️ Citrix: CVE-2019-19781
Read: https://thehackernews.com/2020/02/iranian-hackers-vpn-vulnerabilities.html
DevSecOps Podcast Series
https://podtail.com/pt-BR/podcast/owasp-24-7/
🧬 @Phantasm_Lab
The DevSecOps Days is a recorded series of discussions with thought leaders and practitioners who are working on integrating automated security into every phase of the software development pipeline.https://podtail.com/pt-BR/podcast/owasp-24-7/
🧬 @Phantasm_Lab
Podtail
DevSecOps Podcast Series – Podcast
The DevSecOps Days is a recorded series of discussions with thought leaders and practitioners who are working on integrating automated security into every phase of the software development pipeline. – Ouça o DevSecOps Podcast Series instantaneamente no seu…
hackthebox-writeups
https://github.com/Hackplayers/hackthebox-writeups
Writeups for HacktheBox machines (boot2root) and challenges written in Spanish or English.https://github.com/Hackplayers/hackthebox-writeups
GitHub
GitHub - Hackplayers/hackthebox-writeups: Writeups for HacktheBox 'boot2root' machines
Writeups for HacktheBox 'boot2root' machines. Contribute to Hackplayers/hackthebox-writeups development by creating an account on GitHub.
Gabriel Engel - Como um projeto JS open source se transformou em uma empresa de 60 milhões
https://www.youtube.com/watch?v=hXG5R15Uc-E
🧬 @Phantasm_Lab
Conheça a história de como um time de brazucas utilizou o poder do open source para transformar um side-project em uma Startup de US$17 milhões, recebendo investimento de um dos maiores Venture Capitalists americanos e mantendo um crescimento exponencial. Uma jornada que mostra o poder de uma visão ousada e da coragem de quebrar paradigmas para mudar o mundo dos chats.https://www.youtube.com/watch?v=hXG5R15Uc-E
🧬 @Phantasm_Lab
YouTube
Gabriel Engel - Como um projeto JS open source se transformou em uma empresa de 60 milhões
Conheça a história de como um time de brazucas utilizou o poder do open source para transformar um side-project em uma Startup de US$17 milhões, recebendo investimento de um dos maiores Venture Capitalists americanos e mantendo um crescimento exponencial.…
Google Bans 600 Android Apps from Play Store for Serving Disruptive Ads
https://thehackernews.com/2020/02/android-adware-apps-banned.html
🧬 @Phantasm_Lab
Google has banned nearly 600 Android apps from the Play Store for bombarding users with disruptive ads and violating its advertising guidelines.https://thehackernews.com/2020/02/android-adware-apps-banned.html
🧬 @Phantasm_Lab
US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility
https://thehackernews.com/2020/02/critical-infrastructure-ransomware-attack.html
🧬 @Phantasm_Lab
The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences.https://thehackernews.com/2020/02/critical-infrastructure-ransomware-attack.html
🧬 @Phantasm_Lab
Forwarded from The Hacker News
⭐Google recommends Android developers to encrypt app data on the users' devices, especially when they use external storage that's prone to hijacking, man-in-the-disk, & other side-channel attacks.
Also, considering that there are not many reference frameworks available for the same, Google also offered an open-source crypto library—called JetSec—that lets developers easily read and write encrypted files by following best security practices.
Read details ➤ https://thehackernews.com/2020/02/android-app-data-encryption.html
Also, considering that there are not many reference frameworks available for the same, Google also offered an open-source crypto library—called JetSec—that lets developers easily read and write encrypted files by following best security practices.
Read details ➤ https://thehackernews.com/2020/02/android-app-data-encryption.html