hacking   64048

« earlier    

A Hacker Has Wiped a Spyware Company’s Servers—Again
"I don't want to live in a world where younger generations grow up without privacy."
🤔  Security  Privacy  Hacking 
1 hour ago by 0xroy
-= BuckHacker - The Bucket Search Engine for Hackers =-
amazon open S3 bucket search engine, AKA time to go bucket trawling...
security  hacking  pentesting  recon  open  S3  bucket  search  engine  OSINT 
3 hours ago by asteroza
Baratunde on Twitter: "Ok. I made it through the indictment. Yes I was hoping to see Donald Trump Jr's stupid face in there proving he was knowingly wiring money to the Russians. Didn't get that. Instead found a more frightening reality: we got hacked big
"Ok. I made it through the indictment. Yes I was hoping to see Donald Trump Jr's stupid face in there proving he was knowingly wiring money to the Russians. Didn't get that. Instead found a more frightening reality: we got hacked bigtime. Based on known vulnerabilities.

We build a giant deception machine called marketing and advertising, and an adversary used it against us.

We build a giant influence machine called social media, and an adversary used it against us.

We left open, unreconciled divisions in our society, and an adversary used it against us.

We weakened our press such that all the phony conflict inspired by this information warfare campaign was reported in real-time with little to no vetting, and an adversary used it against us.

We allowed our democracy to become so corrupted by money and self-serving, power-hungry folks that we already didn't trust it, and an adversary used it against us.

If the election had turned out differently, would we even know half of what we do? We only got Robert Mueller because Trump is president but also bad at wielding his power.

And even though the Russians amplified divisions to be greater than they are, those divisions are real now. There is a basic level of trust we have to have in our environment to act appropriately, and that's severely broken.

On top of that, one-half of the political establishment (the republican half) is completely uninterested in acknowledging, investigating, or responding to this sophisticated act of information warfare. They've done NOTHING to prepare us for the next campaign.

The president still hasn't imposed the Russia sanctions that Congress passed overwhelmingly. And everybody's just acting like, "Meh. TRUMP WILL BE TRUMP! Undermining national security is just his THING ya know?"

And Facebook. Oh Facebook. So happy to monetize the destruction of our civil fabric. They made $7B in the 3rd quarter of 2016. Zuckerberg smugly said 99% of posts are "authentic." We cannot trust this company to do what's best for us. Not just FB btw.

This indictment isn't just about Trump. It's about us needing a better vision for how we do this whole "society" thing. What forms of power get held accountable. What voices we listen to. This is ultimately about reality and our collective agreement on what THAT is. /END"
baratundethurston  donaldtrump  2018  politics  russia  hacking  marketing  elections  facebook  civics  division  infowarfare  deception  advertising  socialmedia  republicans  democrats  power  corruption  news  media  medialiteracy  robertmueller  money 
5 hours ago by robertogreco
Hacker group makes $3m by installing Monero miners on Jenkins servers • Bleeping Computer
Catalin Cimpanu:
<p>Hackers are targeting Jenkins, a continuous integration/deployment web application built in Java that allows dev teams to run automated tests and execute various operations based on test results, including deploying new code to production servers. Because of this, Jenkins servers are extremely popular with both freelance web developers, but also with large enterprises.

On Friday, Israeli security firm Check Point announced it uncovered the footprint of a large hacking operation targeting Jenkins servers left connected to the Internet.

Attackers were leveraging CVE-2017-1000353, a vulnerability in the Jenkins Java deserialization implementation that allows attackers to run malicious code remotely without needing to authenticate first.

Check Point says hackers used this vulnerability to make Jenkins servers download and install a Monero miner (minerxmr.exe).

The miner was being downloaded from an IP address located in China and assigned to the Huaian government network. It is unclear if this is the attacker's server, or a compromised server used to host the miner on behalf of the hackers.

The attackers have been active for months. This has allowed them to mine and already cash out over 10,800 Monero, which is over $3.4m, at the time of writing.</p>

Hardly going out on a limb to suggest it's either Chinese or North Korean hackers.
Monero  hacking  bitcoin 
yesterday by charlesarthur

« earlier    

related tags

-  00000  2016  2018  3d  4*  ableton  advertising  airgap  america  android  api  apple  apt  article  aslr  assembly  attack  awesome  baratundethurston  belgië  bitcoin  book  books  bots  bucket  bus  bypass  call  can-bus  capital  car  cars  casio  cia  civics  clang  classideas  clippings  code  community  communitystandards  computer  computing  corruption  cotxes  course  crime  cryptocurrency  cryptominer  css  culture  cybersecurity  cyberwar  database  ddos  deception  democrats  developer  development  division  diy  diyelectronics  dnc  donald-trump  donaldtrump  doom  drm  election  elections  electronics  embedded_devices  engine  espionage  excel  exploit  exploits  facebook  flexispy  fluid  free  future  game-genie  game  gameboy  games  gaming  gdb  george-w-bush  growth  hack  hacker  hacker_news  hackers  hackerspaces  hacks  hardware  headhphone  history  hooks  horror  howto  huawei  iboot  increase  information  infosec  infowarfare  intelligence  intelligence_community  internet  ios  it  jack  javascript  kaspersky  keyboard  language  lateral  lcproject  leak  learning  legal  life  lin  linux  live  llvm  logic-analysers  mac  macchina  macos  malvertising  malware  marketing  media  medialiteracy  memoir  memory  midi  mining  mitre  modem  monero  money  movement  mrrobot  music  nes  networking  news  nieuwsbrief  nintendo  noise  noisebridge  northkorea  nsa  objective-c  objectivec  office  olympics  open  openculture  openstudioproject  osc  oscp  osint  osx  overthewire  pentest  pentesting  personal  platform  politic  politics  power  privacy  producthunt  programming-practice  programming  ptrace  python  qs  raspberry_pi  raspberrypi  read2of  recipes  recon  reddit  reference  republicans  ressources  retina-x  reverse-engineering  reverse  reverseengineering  robertmueller  rom  russia  s3  sanfrancisco  scripting  search  security  security__hardening  self  sentencing  skype  smarttv  socialmedia  software  sound  spreadsheet  spyapps  spyware  stalkerware  steganography  sunfounder  surveillance  sysadmin  system  tcds  tech  tesla  testing  tools  toys  training  trolling  trump  united_states  us-politics  usa  uspolitics  vdos  venture  video  voting  waf  wargame  webdev  weird  windows  wonkette  youtube  🤔 

Copy this bookmark: