cookie

Sizning foydalanuvchi tajribangizni yaxshilash uchun cookie-lardan foydalanamiz. Barchasini qabul qilingΒ», bosing, cookie-lardan foydalanilishiga rozilik bildirishingiz talab qilinadi.

avatar

BlackBox (Security) Archiv

@blackbox_archiv

πŸ‘‰πŸΌ Latest viruses and malware threats πŸ‘‰πŸΌ Latest patches, tips and tricks πŸ‘‰πŸΌ Threats to security/privacy/democracy on the Internet πŸ‘‰πŸΌ Find us on Matrix: https://matrix.to/#/!wNywwUkYshTVAFCAzw:matrix.org

Ko'proq ko'rsatish
AQSH7 290Ingliz83 601Texnologiyalar & Aralashmalar14 952
Reklama postlari
4 536
Obunachilar
+1324 soatlar
+437 kunlar
+5730 kunlar

Ma'lumot yuklanmoqda...

Obunachilar o'sish tezligi

Ma'lumot yuklanmoqda...

BlackBox (Security) Archiv
Hammasini ko'rsatish...
Is using Signal Desktop considered secure?

Well, it seems like Signal Desktop has been the black sheep of the Signal family when it comes to security. The desktop version has been known to be less secure than its mobile counterpart. According to some tweets and reviews, there have been concerns about data exfiltration and session hijacking on the desktop version. It's like the desktop app decided to go rogue and forgot to put on its security armor. If you're using Signal Desktop, you might want to be extra cautious, as it seems to be the weakest link in the Signal chain. But hey, if you're looking for a secure messaging experience, you might want to stick to the mobile version of Signal. It's like the superhero version of the app, with its cape of end-to-end encryption flapping in the wind.

BlackBox (Security) Archiv
Google Chrome gives all *.google.com sites full access to system / tab CPU usage, GPU usage, and memory usage. It also gives access to detailed processor information, and provides a logging backchannel. This API is not exposed to other sites - only to *.google.com. https://x.com/lcasdev/status/1810696257137959018 #google #chrome #extension #privacy πŸ“‘@cRyPtHoN_INFOSEC_IT πŸ“‘@cRyPtHoN_INFOSEC_FR πŸ“‘@cRyPtHoN_INFOSEC_EN πŸ“‘@cRyPtHoN_INFOSEC_DE πŸ“‘@BlackBox_Archiv
Hammasini ko'rsatish...
Luca Casonato πŸ³οΈβ€πŸŒˆ (@lcasdev) on X

So, Google Chrome gives all *.google.com sites full access to system / tab CPU usage, GPU usage, and memory usage. It also gives access to detailed processor information, and provides a logging backchannel. This API is not exposed to other sites - only to *.google.com.

😱 4πŸ‘ 2πŸ‘Ž 2
BlackBox (Security) Archiv
Mozilla is an advertising company now Mozilla has acquired Anonym, a [blah blah blah] raise the bar for the advertising industry [blah blah blah] while delivering effective advertising solutions. Anonym was founded with two core beliefs: [blah blah blah] and second, that digital advertising is critical for the sustainability of free content, services and experiences. As we integrate Anonym into the Mozilla family, we are excited about the possibilities this partnership brings. While Anonym will continue to serve its customer base, together, we are poised to lead the industry toward a future where privacy and effective advertising go hand in hand, supporting a free and open internet. Anonym was founded in 2022 by former Facebook executives Brad Smallwood and Graham Mudd. The company was backed by Griffin Gaming Partners, Norwest Venture Partners, Heracles Capital as well as a number of strategic individual investors. https://www.jwz.org/blog/2024/06/mozilla-is-an-advertising-company-now/ #ff #firefox #mozilla #browser #anonym #advertising πŸ“‘@cRyPtHoN_INFOSEC_IT πŸ“‘@cRyPtHoN_INFOSEC_FR πŸ“‘@cRyPtHoN_INFOSEC_EN πŸ“‘@cRyPtHoN_INFOSEC_DE πŸ“‘@BlackBox_Archiv
Hammasini ko'rsatish...
Mozilla is an advertising company now

This seems completely normal and cool and not troublesome in any way. Mozilla has acquired Anonym, a [blah blah blah] raise the bar for the advertising industry [blah blah blah] while delivering effective advertising solutions. [...] Anonym was founded with two core beliefs: [blah blah blah] and second, that digital advertising is critical for the sustainability of free content, services and ...

😱 15πŸ‘ 6❀ 2
BlackBox (Security) Archiv
Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code β€” inside the Copilot+ Recall disaster https://doublepulsar.com/recall-stealing-everything-youve-ever-typed-or-viewed-on-your-own-windows-pc-is-now-possible-da3e12e9465e #windows #copilot #recall πŸ“‘@cRyPtHoN_INFOSEC_IT πŸ“‘@cRyPtHoN_INFOSEC_FR πŸ“‘@cRyPtHoN_INFOSEC_EN πŸ“‘@cRyPtHoN_INFOSEC_DE πŸ“‘@BlackBox_Archiv
Hammasini ko'rsatish...
Recall: Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible.

Photographic memory comes to Windows, and is the biggest security setback in a decade.

πŸ‘ 7πŸ”₯ 1
BlackBox (Security) Archiv
Very big cyber incident playing out at Snowflake, who describe themselves as β€œAI Data Cloud”. They have a free trial where anybody can sign up and upload data… and they have. Threat actors have been scraping customer data using a tool called rapeflake, for about a month. https://cyberplace.social/@GossiTheDog/112536407633131499 #snowflake #cybersecurity #rapeflake #hacked πŸ“‘@cRyPtHoN_INFOSEC_IT πŸ“‘@cRyPtHoN_INFOSEC_FR πŸ“‘@cRyPtHoN_INFOSEC_EN πŸ“‘@cRyPtHoN_INFOSEC_DE πŸ“‘@BlackBox_Archiv
Hammasini ko'rsatish...
Kevin Beaumont (@[email protected])

Very big cyber incident playing out at Snowflake, who describe themselves as β€œAI Data Cloud”. They have a free trial where anybody can sign up and upload data… and they have. Threat actors have been scraping customer data using a tool called rapeflake, for about a month.

πŸ‘ 1πŸ”₯ 1
BlackBox (Security) Archiv
no-defender A slightly more fun way to disable windows defender. There's a WSC (Windows Security Center) service in Windows which is used by antiviruses to let Windows know that there's some other antivirus in the hood and it should disable Windows Defender. This WSC API is undocumented and furthermore requires people to sign an NDA with Microsoft to get its documentation, so I decided to take an interesting approach for such a thing and used an already existing antivirus called Avast. This AV engine includes a so-called wsc_proxy.exe service, which essentially sets up the WSC API for Avast. With a little bit of reverse engineering, I turned this service into a service that could add my own stuff there. https://github.com/es3n1n/no-defender #reverseengineering #windows #defender #microsoft πŸ“‘@cRyPtHoN_INFOSEC_IT πŸ“‘@cRyPtHoN_INFOSEC_FR πŸ“‘@cRyPtHoN_INFOSEC_EN πŸ“‘@cRyPtHoN_INFOSEC_DE πŸ“‘@BlackBox_Archiv
Hammasini ko'rsatish...
GitHub - es3n1n/no-defender: A slightly more fun way to disable windows defender. (through the WSC api)

A slightly more fun way to disable windows defender. (through the WSC api) - es3n1n/no-defender

πŸ”₯ 7πŸ‘ 4
BlackBox (Security) Archiv
CensysGPT Beta CensysGPT beta simplifies building queries and empowers users to conduct efficient and effective reconnaissance operations. The tool enables users to quickly and easily gain insights into hosts on the internet, streamlining the process and allowing for more proactive threat hunting and exposure management. https://gpt.censys.io/ #cybersecurity #infosec #AI #censys #gpt πŸ“‘@cRyPtHoN_INFOSEC_IT πŸ“‘@cRyPtHoN_INFOSEC_FR πŸ“‘@cRyPtHoN_INFOSEC_EN πŸ“‘@cRyPtHoN_INFOSEC_DE πŸ“‘@BlackBox_Archiv
Hammasini ko'rsatish...

Generate Censys Search Queries

πŸ‘ 2
BlackBox (Security) Archiv
Foxit PDF β€œFlawed Design” Exploitation Check Point Research has identified an unusual pattern of behavior involving PDF exploitation, mainly targeting users of Foxit Reader. This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands. Check Point Research has observed variants of this exploit being actively utilized in the wild. Its low detection rate is attributed to the prevalent use of Adobe Reader in most sandboxes or antivirus solutions, as Adobe Reader is not susceptible to this specific exploit. Additionally, Check Point Research has observed various exploit builders, ranging from those coded in .NET to those written in Python, being used to deploy this exploit. https://research.checkpoint.com/2024/foxit-pdf-flawed-design-exploitation/ #exploit #foxit #pdf πŸ“‘@cRyPtHoN_INFOSEC_IT πŸ“‘@cRyPtHoN_INFOSEC_FR πŸ“‘@cRyPtHoN_INFOSEC_EN πŸ“‘@cRyPtHoN_INFOSEC_DE πŸ“‘@BlackBox_Archiv
Hammasini ko'rsatish...
Foxit PDF β€œFlawed Design” Exploitation - Check Point Research

Check Point Research has identified an unusual pattern of behavior involving PDF exploitation, mainly targeting users of Foxit Reader. This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands. Check Point Research has observed variants of this exploit being actively utilized in the wild.

πŸ‘ 1
BlackBox (Security) Archiv
Tornado Cash Developer Found Guilty of Laundering $1.2 Billion of Crypto Alexey Pertsev, cofounder of the crypto-anonymizing tool, has been sentenced to more than five years behind bars. https://www.wired.com/story/tornado-cash-developer-found-guilty-of-laundering-crypto/ #crypto #tornadocash #pertsev πŸ“‘@cRyPtHoN_INFOSEC_IT πŸ“‘@cRyPtHoN_INFOSEC_FR πŸ“‘@cRyPtHoN_INFOSEC_EN πŸ“‘@cRyPtHoN_INFOSEC_DE πŸ“‘@BlackBox_Archiv
Hammasini ko'rsatish...
Tornado Cash Developer Found Guilty of Laundering $1.2 Billion of Crypto

Alexey Pertsev, cofounder of the crypto-anonymizing tool, has been sentenced to more than five years behind bars.

πŸ‘Ž 4πŸ‘ 2
BlackBox (Security) Archiv
Firefox now collects data about search queries https://blog.mozilla.org/en/products/firefox/firefox-search-update/ #firefox #privacy πŸ“‘@cRyPtHoN_INFOSEC_IT πŸ“‘@cRyPtHoN_INFOSEC_FR πŸ“‘@cRyPtHoN_INFOSEC_EN πŸ“‘@cRyPtHoN_INFOSEC_DE πŸ“‘@BlackBox_Archiv
Hammasini ko'rsatish...
What’s new in Firefox’s approach to search dataΒ 

Innovation and privacy go hand in hand here at Mozilla. To continue developing features and products that resonate with our users, we’re adopting a new a

πŸ‘Ž 9😱 4πŸ‘ 1
Boshqa reja tanlang

Joriy rejangiz faqat 5 ta kanal uchun analitika imkoniyatini beradi. Ko'proq olish uchun, iltimos, boshqa reja tanlang.