pass: 311138
java -jar burpsuite_pro_v2.1_BurpHelper.jar

meu projeto esta disponivel no kickante para apoiar


https://www.kickante.com.br/campanhas/invisible-project-mesh-network


alem de apoiar com crypto, tambem é possivel apoiar com reais, usd ou outra moeda fiat

🇧🇷 HOJE O CANAL DARKNET BRAZIL COMPLETA 3 ANOS!

🇺🇸 TODAY THE DARKNET BRAZIL CHANNEL COMPLETES 3 YEARS!

👥 GP: @darknet_brazil
👤: @XonionX

©️ ÐƗǤƗƬᗩᒪ ᖇᕮSISƬᕮᘉᑕᕮ 2016 ~ 2019

IBM lança materiais didáticos sobre computação quântica.

Programar um computador quântico é uma disciplina bastante diferente da programação em computadores tradicionais.
Os computadores quânticos são bastante diferentes, em nível arquitetural, dos computadores tradicionais, e a IBM, uma das maiores empresas de TI do mundo e que se investe na área, lança materiais didáticos sobre computação quântica.

A programação de computadores quânticos, é lógico, é igualmente diferente: os computadores quânticos usam qubits, não bits.

As propriedades dos qubits são fundamentalmente o que potencializa o potencial dos computadores quânticos, embora aprender a aproveitar os qubits efetivamente exija uma maneira diferente de pensar.

Não é totalmente diferente, no entanto, como o Q System da IBM pode ser programado usando Python, fornecendo uma linguagem familiar para os desenvolvedores começarem.

🌎@RubyOfSec

Fonte: https://sempreupdate.com.br/ibm-lanca-materiais-didaticos-sobre-computacao-quantica/

Lilu/Lilocked ransomware has now infected thousands of Linux servers

Lilu (also known as Lilocked) is a relatively new ransomware that is specifically targeting Linux servers. The ransomware has been infecting systems since mid-July and has so far attacked at least 6700 systems. Lilu targets specific file types (like HTML, PHP, and image files) and alters their file extension to ".lilocked." The ransomware also leaves a note instructing affected users to access an Onion site and pay either 0.03 BTC or US $325 to decrypt file affected files. 

🌎@RubyOfSec

Fonte : https://www.notebookcheck.net/Lilu-Lilocked-ransomware-has-now-infected-thousands-of-Linux-servers.434547.0.html

Machine Learning With Microcontrollers Hack Chat

We’ve gotten to the point where a $35 Raspberry Pi can be a reasonable alternative to a traditional desktop or laptop, and microcontrollers in the Arduino ecosystem are getting powerful enough to handle some remarkably demanding computational jobs. But there’s still one area where microcontrollers seem to be lagging a bit: machine learning. Sure, there are purpose-built edge-computing SBCs, but wouldn’t it be great to be able to run AI models on versatile and ubiquitous MCUs that you can pick up for a couple of bucks?...

🌎@RubyOfSec

Fonte : https://hackaday.com/2019/09/09/machine-learning-with-microcontrollers-hack-chat/

Security issues and vulnerabilities across popular IoT devices have almost doubled in last 5 years

The set of newly discovered vulnerabilities affects devices offered by vendors like Belkin, TP-Link, Asus, and Linksys.

A total of 125 vulnerabilities have identified across 13 wireless routers and NAS devices.

As the Internet-connected devices become smarter and efficient, the potential attack surface for cyberattackers increases. A group of researchers has uncovered that the number of vulnerabilities has increased by two times as compared to five years earlier.
What does the finding say?

In 2013, research firm Independent Security Evaluators (ISE) had published a study about the vulnerabilities across 13 SOHO wireless routers and NAS devices. The study ‘SOHOplessly Broken 1.0 had revealed that these devices offered by vendors like Belkin, TP-Link, Asus, and Linksys were affected by a total of 52 vulnerabilities.

However, in a follow-up study, the ISE has examined that the same number of devices are now affected by a total of 125 vulnerabilities...

🌎@RubyOfSec

Fonte : https://cyware.com/news/security-issues-and-vulnerabilities-across-popular-iot-devices-have-almost-doubled-in-last-5-years-5eee3483

U.S. Department of Treasury imposes sanctions targeting three North-Korean hacking groups

The three threat actor groups are Lazarus, Bluenoroff, and Andariel.

OFAC believes that these groups are controlled by Pyongyang’s primary intelligence bureau, Reconnaissance General Bureau (RGB).

The Office of Foreign Assets Control (OFAC) has identified three North-Korean hacking groups that are responsible for widespread attacks on critical infrastructures. The three threat actor groups are Lazarus, Bluenoroff, and Andariel. OFAC believes that these groups are controlled by Pyongyang’s primary intelligence bureau, Reconnaissance General Bureau (RGB). Hence, it has effectively demanded that global banks should block any transactions related to the groups.

What are the targets?

These groups are known for conducting large scale attacks against the government, military, financial, manufacturing, publishing, media, entertainment, and international shipping companies.

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence...

🌎@RubyOfSec

Fonte : https://cyware.com/news/us-department-of-treasury-imposes-sanctions-targeting-three-north-korean-hacking-groups-3ea681dd

iOS 13 passcode bypass bug allows access to victim’s phone book

A passcode bypass flaw has been discovered in iOS 13, which is scheduled to go live next week.

This vulnerability allows the attacker access to the victim’s phone book, including contact names and email addresses.

Jose Rodriguez, a security researcher has reported a vulnerability that allows hackers to harvest contact details from the victim’s phonebook on locked devices. This vulnerability exists in the beta version of iOS 13.

What is a passcode bypass?

A passcode bypass is a vulnerability that allows access to the content on a device without proper authorization...

🌎@RubyOfSec

Fonte : https://cyware.com/news/ios-13-passcode-bypass-bug-allows-access-to-victims-phone-book-202728ab

Nemty ransomware gets code update

Nemty ransomware’s code has been updated to make it capable of killing processes and services.

The update has also added more extended the collection of blacklisted countries.

The threat actors behind Nemty ransomware have made modifications to the existing code but have chosen to retain the version number.

The big picture

Nemty is a relatively new malware and seems to be under active development. Vitali Kremez, a security researcher, noticed that certain updates have been made to the Nemty ransomware’s code.

Although the same version number, 1.4, has been retained the code modifications indicate potentially more powerful attacks by the Nemty ransomware.

The latest version includes code modifications to kill processes and services to encrypt files that are currently in use.

The list of blacklisted countries now includes Azerbaijan, Armenia, Kyrgyzstan, and Moldova....

🌎@RubyOfSec

Fonte : https://cyware.com/news/nemty-ransomware-gets-code-update-016ccf84

New malware dubbed InnfiRat goes after cryptocurrency wallets and personal data

A new malware called InnfiRAT, that targets cryptocurrency wallet information and browser cookie data has been discovered.

This malware also has the capability of taking screenshots of the page accessed on the infected computer.

Details of the discovery

Cybersecurity firm Zscaler has published a report on the discovery of a new malware dubbed InnfiRAT written in .NET.

This malware scans the infected systems for cryptocurrency wallets such as Bitcoin and Litecoin, and browser cookie information such as username, password, and session data.

InnfiRAT comes with the capabilities of taking screenshots of pages accessed on the compromised devices and terminating certain antivirus programs.

The collected data is sent to the command and control server, following which additional malware may be installed depending on server instructions.

How does the attack happen?

Prior to executing the RAT’s main payload, it first checks if the file is executing with the name ‘NvidiaDriver.exe’ from the %AppData% directory.

Then it possibly checks for network connection by sending a request to ‘iplogger[.]com/1HEt47’.

InnfiRAT kills any process running with the name ‘NvidiaDriver.exe’ and makes a copy of itself in the AppData directory.

It writes a Base 64 encoded PE file to initiate the execution of its main payload.

When the execution begins, it checks for the presence of a virtualized sandbox that researchers can use to analyze the attack. In the case that there is no such sandbox, it contacts its command and control server.

It may deploy additional payloads to harvest sensitive browser cookie information, take screenshots of sensitive pages, and abort antivirus programs.

Bitcoin and Litecoin wallets are scanned for, and an attempt is made to steal the funds.

Staying safe

“Because RATs are usually downloaded as a result of a user opening an email attachment or downloading an application that has been infected, the first line of defense is often the users who must, as always, refrain from downloading programs or opening attachments that aren't from a trusted source,” say Zscaler researchers.

They have also published the Indicators of Compromise (IOCs) that you can monitor to safeguard your systems.


🌎@RubyOfSec

Bom pessoal nesse video ensino a criar um Rubber Duck usando um Conhecido Digispark e fazendo ele para a versão do teclado em portugues se gosta deixa um like e se inscreve ja nos ajuda compartilhando

https://youtu.be/iFeneo5WOFc

Operadora TIM é investigada por suposto vazamento de dados de clientes.

Empresa pode ter sido alvo de um ataque hacker que usou uma brecha na plataforma TIM Negocia para coletar dados dos clientes

A Secretaria Nacional do Consumidor (Senacon), do Ministério da Justiça e Segurança Pública (MJSP), instaurou processo administrativo para uma apurar aparente irregularidade cometida pela operadora de telefonia TIM. A acusação se refere a supostos vazamentos de dados e valores de dívidas dos consumidores por meio do serviço TIM Negocia.

Segundo o Departamento de Proteção e Defesa do Consumidor (DPDC), existem indícios de ofensa aos princípios da vulnerabilidade, transparência, confiança, educação, informação, harmonização de interesse e da boa-fé, além dos direitos de liberdade de escolha, informação adequada, proteção contra práticas abusivas e efetiva prevenção e reparação de danos. A possível situação pode ter sido em decorrência de brecha na plataforma TIM Negocia, que permite cibercriminosos de acompanhar dados pessoais.

O DPDC informou que teve conhecimento por meio da mídia, de suposto vazamento de dados sensíveis. De acordo com a notícia que embasou a instauração, “não se sabe por quanto tempo os hackers tiveram acesso ao sistema e nem dados de quantos clientes eles realmente conseguiram visualizar ao longo desse tempo”.

Em resposta, a operadora afirmou que a plataforma TIM Negocia permite que consumidores consultem e quitem eventuais pendências. Com conhecimento da possível brecha, a empresa retirou a plataforma e o site do ar por prevenção e como medida de proteção de dados dos clientes.

Após a instauração dos processos, a empresa vai ser intimada para se manifestar em sede de Defesa Administrativa e requerer a produção de provas. A TIM pode ser multada em aproximadamente R$ 10 milhões caso os indícios se confirmem.

Procurada pelo R7, a operadora enviou o seguinte posicionamento:

“A TIM foi vítima de um ataque criminoso de hackers e ainda não foi notificada da autuação da Senacon, quando apresentará defesa no procedimento administrativo. A empresa reitera seu compromisso com os mais altos padrões de segurança da informação e afirma que os dados dos seus clientes estão protegidos.”

🌎@RubyOfSec

Fonte: https://guaiba.com.br/2019/09/16/operadora-tim-e-investigada-por-suposto-vazamento-de-dados-de-clientes/

New SIM Card Flaw Lets Hackers Hijack Any Phone Just By Sending SMS

Cybersecurity researchers today revealed the existence of a new and previously undetected critical vulnerability in SIM cards that could allow remote attackers to compromise targeted mobile phones and spy on victims just by sending an SMS.

Dubbed "SimJacker," the vulnerability resides in a particular piece of software, called the S@T Browser (a dynamic SIM toolkit), embedded on most SIM cards that is widely being used by mobile operators in at least 30 countries and can be exploited regardless of which handsets victims are using.

What's worrisome? A specific private company that works with governments is actively exploiting the SimJacker vulnerability from at least the last two years to conduct targeted surveillance on mobile phone users across several countries.

S@T Browser, short for SIMalliance Toolbox Browser, is an application that comes installed on a variety of SIM cards, including eSIM, as part of SIM Tool Kit (STK) and has been designed to let mobile carriers provide some basic services, subnoscriptions, and value-added services over-the-air to their customers.

Since S@T Browser contains a series of STK instructions—such as send short message, setup call, launch browser, provide local data, run at command, and send data—that can be triggered just by sending an SMS to a device, the software offers an execution environment to run malicious commands on mobile phones as well...

Read More At... https://thehackernews.com/2019/09/simjacker-mobile-hacking.html

🌎@RubyOfSec

Confirmado Nova geração core da intel fara voce trocar sua placa-mae

Próxima geração dos processadores da Intel chegando e uma noticia nada animadora afetou os PC gamers
Chamada 10 geração dos cores denominada Comet-Lake abandonará a soquete LGA 1151 para adotar o LGA 1200, com isso virão novas placas-mae e uma nova série de chipsets denominada serie 400 com isso mata qualquer tipo de retro-compatibilidade.
A fabricante gigabyte ja tem pacas preparadas para essa nova serie com chipsets H410, B460, H470 e a top de linha Z490, ainda nao se tem noticias quais serao os processadores e suas especificações compatíveis.
Enfim essa noticia nao agradou em nada pc gamers que agora se quiserem atualizar seu PC terão que desembolsar para comprar novas placas e por consequência novo processador.

🌎@RubyOfSec

Fonte : https://www.gamevicio.com/noticias/2019/09/confirmado-nova-geracao-core-da-intel-fara-voce-trocar-sua-placa-mae/

Assista a "COPYWRITING: Aprenda na Prática" no YouTube
https://youtu.be/p2NcYShoSEY