Jack Dorsey: Twitter CEO's account briefly hacked

Tweets sent from account included racial slurs, profanity and a reference to ‘a bomb at Twitter HQ’ and were quickly deleted.
At 12.44pm Pacific time, the account @jack began publishing a series of tweets from the hackers. The rapid stream of tweets included racial slurs, profanity, praise for Adolf Hitler and a reference to “a bomb at Twitter HQ”. The hackers appear to refer to themselves as the “Chuckling Squad”.

🌎@RubyOfSec

Fonte : https://www.theguardian.com/technology/2019/aug/30/twitter-ceo-jack-dorsey-account-hacked

https://br.cointelegraph.com/news/report-telegram-to-launch-ton-blockchain-public-testing-on-sept-1
Telegram lançará seu teste público da #TON Blockchain em 1º de setembro

Segurança Cibernética

Entenda o que é segurança cibernética / segurança digital.

https://youtu.be/Y-eHMa1ydqc

pass: 311138
java -jar burpsuite_pro_v2.1_BurpHelper.jar

meu projeto esta disponivel no kickante para apoiar


https://www.kickante.com.br/campanhas/invisible-project-mesh-network


alem de apoiar com crypto, tambem é possivel apoiar com reais, usd ou outra moeda fiat

🇧🇷 HOJE O CANAL DARKNET BRAZIL COMPLETA 3 ANOS!

🇺🇸 TODAY THE DARKNET BRAZIL CHANNEL COMPLETES 3 YEARS!

👥 GP: @darknet_brazil
👤: @XonionX

©️ ÐƗǤƗƬᗩᒪ ᖇᕮSISƬᕮᘉᑕᕮ 2016 ~ 2019

IBM lança materiais didáticos sobre computação quântica.

Programar um computador quântico é uma disciplina bastante diferente da programação em computadores tradicionais.
Os computadores quânticos são bastante diferentes, em nível arquitetural, dos computadores tradicionais, e a IBM, uma das maiores empresas de TI do mundo e que se investe na área, lança materiais didáticos sobre computação quântica.

A programação de computadores quânticos, é lógico, é igualmente diferente: os computadores quânticos usam qubits, não bits.

As propriedades dos qubits são fundamentalmente o que potencializa o potencial dos computadores quânticos, embora aprender a aproveitar os qubits efetivamente exija uma maneira diferente de pensar.

Não é totalmente diferente, no entanto, como o Q System da IBM pode ser programado usando Python, fornecendo uma linguagem familiar para os desenvolvedores começarem.

🌎@RubyOfSec

Fonte: https://sempreupdate.com.br/ibm-lanca-materiais-didaticos-sobre-computacao-quantica/

Lilu/Lilocked ransomware has now infected thousands of Linux servers

Lilu (also known as Lilocked) is a relatively new ransomware that is specifically targeting Linux servers. The ransomware has been infecting systems since mid-July and has so far attacked at least 6700 systems. Lilu targets specific file types (like HTML, PHP, and image files) and alters their file extension to ".lilocked." The ransomware also leaves a note instructing affected users to access an Onion site and pay either 0.03 BTC or US $325 to decrypt file affected files. 

🌎@RubyOfSec

Fonte : https://www.notebookcheck.net/Lilu-Lilocked-ransomware-has-now-infected-thousands-of-Linux-servers.434547.0.html

Machine Learning With Microcontrollers Hack Chat

We’ve gotten to the point where a $35 Raspberry Pi can be a reasonable alternative to a traditional desktop or laptop, and microcontrollers in the Arduino ecosystem are getting powerful enough to handle some remarkably demanding computational jobs. But there’s still one area where microcontrollers seem to be lagging a bit: machine learning. Sure, there are purpose-built edge-computing SBCs, but wouldn’t it be great to be able to run AI models on versatile and ubiquitous MCUs that you can pick up for a couple of bucks?...

🌎@RubyOfSec

Fonte : https://hackaday.com/2019/09/09/machine-learning-with-microcontrollers-hack-chat/

Security issues and vulnerabilities across popular IoT devices have almost doubled in last 5 years

The set of newly discovered vulnerabilities affects devices offered by vendors like Belkin, TP-Link, Asus, and Linksys.

A total of 125 vulnerabilities have identified across 13 wireless routers and NAS devices.

As the Internet-connected devices become smarter and efficient, the potential attack surface for cyberattackers increases. A group of researchers has uncovered that the number of vulnerabilities has increased by two times as compared to five years earlier.
What does the finding say?

In 2013, research firm Independent Security Evaluators (ISE) had published a study about the vulnerabilities across 13 SOHO wireless routers and NAS devices. The study ‘SOHOplessly Broken 1.0 had revealed that these devices offered by vendors like Belkin, TP-Link, Asus, and Linksys were affected by a total of 52 vulnerabilities.

However, in a follow-up study, the ISE has examined that the same number of devices are now affected by a total of 125 vulnerabilities...

🌎@RubyOfSec

Fonte : https://cyware.com/news/security-issues-and-vulnerabilities-across-popular-iot-devices-have-almost-doubled-in-last-5-years-5eee3483

U.S. Department of Treasury imposes sanctions targeting three North-Korean hacking groups

The three threat actor groups are Lazarus, Bluenoroff, and Andariel.

OFAC believes that these groups are controlled by Pyongyang’s primary intelligence bureau, Reconnaissance General Bureau (RGB).

The Office of Foreign Assets Control (OFAC) has identified three North-Korean hacking groups that are responsible for widespread attacks on critical infrastructures. The three threat actor groups are Lazarus, Bluenoroff, and Andariel. OFAC believes that these groups are controlled by Pyongyang’s primary intelligence bureau, Reconnaissance General Bureau (RGB). Hence, it has effectively demanded that global banks should block any transactions related to the groups.

What are the targets?

These groups are known for conducting large scale attacks against the government, military, financial, manufacturing, publishing, media, entertainment, and international shipping companies.

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence...

🌎@RubyOfSec

Fonte : https://cyware.com/news/us-department-of-treasury-imposes-sanctions-targeting-three-north-korean-hacking-groups-3ea681dd

iOS 13 passcode bypass bug allows access to victim’s phone book

A passcode bypass flaw has been discovered in iOS 13, which is scheduled to go live next week.

This vulnerability allows the attacker access to the victim’s phone book, including contact names and email addresses.

Jose Rodriguez, a security researcher has reported a vulnerability that allows hackers to harvest contact details from the victim’s phonebook on locked devices. This vulnerability exists in the beta version of iOS 13.

What is a passcode bypass?

A passcode bypass is a vulnerability that allows access to the content on a device without proper authorization...

🌎@RubyOfSec

Fonte : https://cyware.com/news/ios-13-passcode-bypass-bug-allows-access-to-victims-phone-book-202728ab

Nemty ransomware gets code update

Nemty ransomware’s code has been updated to make it capable of killing processes and services.

The update has also added more extended the collection of blacklisted countries.

The threat actors behind Nemty ransomware have made modifications to the existing code but have chosen to retain the version number.

The big picture

Nemty is a relatively new malware and seems to be under active development. Vitali Kremez, a security researcher, noticed that certain updates have been made to the Nemty ransomware’s code.

Although the same version number, 1.4, has been retained the code modifications indicate potentially more powerful attacks by the Nemty ransomware.

The latest version includes code modifications to kill processes and services to encrypt files that are currently in use.

The list of blacklisted countries now includes Azerbaijan, Armenia, Kyrgyzstan, and Moldova....

🌎@RubyOfSec

Fonte : https://cyware.com/news/nemty-ransomware-gets-code-update-016ccf84

New malware dubbed InnfiRat goes after cryptocurrency wallets and personal data

A new malware called InnfiRAT, that targets cryptocurrency wallet information and browser cookie data has been discovered.

This malware also has the capability of taking screenshots of the page accessed on the infected computer.

Details of the discovery

Cybersecurity firm Zscaler has published a report on the discovery of a new malware dubbed InnfiRAT written in .NET.

This malware scans the infected systems for cryptocurrency wallets such as Bitcoin and Litecoin, and browser cookie information such as username, password, and session data.

InnfiRAT comes with the capabilities of taking screenshots of pages accessed on the compromised devices and terminating certain antivirus programs.

The collected data is sent to the command and control server, following which additional malware may be installed depending on server instructions.

How does the attack happen?

Prior to executing the RAT’s main payload, it first checks if the file is executing with the name ‘NvidiaDriver.exe’ from the %AppData% directory.

Then it possibly checks for network connection by sending a request to ‘iplogger[.]com/1HEt47’.

InnfiRAT kills any process running with the name ‘NvidiaDriver.exe’ and makes a copy of itself in the AppData directory.

It writes a Base 64 encoded PE file to initiate the execution of its main payload.

When the execution begins, it checks for the presence of a virtualized sandbox that researchers can use to analyze the attack. In the case that there is no such sandbox, it contacts its command and control server.

It may deploy additional payloads to harvest sensitive browser cookie information, take screenshots of sensitive pages, and abort antivirus programs.

Bitcoin and Litecoin wallets are scanned for, and an attempt is made to steal the funds.

Staying safe

“Because RATs are usually downloaded as a result of a user opening an email attachment or downloading an application that has been infected, the first line of defense is often the users who must, as always, refrain from downloading programs or opening attachments that aren't from a trusted source,” say Zscaler researchers.

They have also published the Indicators of Compromise (IOCs) that you can monitor to safeguard your systems.


🌎@RubyOfSec

Bom pessoal nesse video ensino a criar um Rubber Duck usando um Conhecido Digispark e fazendo ele para a versão do teclado em portugues se gosta deixa um like e se inscreve ja nos ajuda compartilhando

https://youtu.be/iFeneo5WOFc