2015年2月24日 星期二

---Underground crime new hardware TDoS tool (1) "TNT" gang have been released by the security affairs chief information security officer, "Pierluigi Paganini" released !!- Anonymous chivalrous by friendly Legion released!-(2). hackers are still in the US State Department's e-mail system ?? (3) Fidel Salinas refused the FBI Spy -?!. (4) Fidel Salinas, "I will not go snitch! "- (5) US hacker Laoliaixi allegedly looking at his computer back! - by Apple Daily reported (6)." Martin "wins" Best Song "Pearl Nuisance delete go" Hong Kong democracy protest "acknowledgments -?! (7) [IS] sense of justice for the chaos Strong man decided against selling properties to Iraq alone ,, IS ~ (Good man ah ~) -. (8).,,Undercover reporter to expose pre-election money to help clear policy !! ounce involving former Foreign abuse of power !! (shame @!) - (9) walls have ears:? CY involving tax evasion....!! good in the first (.! good ~ kill him @) -. (10) the appointment of Johannes Chan Leung special suspected resistance (Fuck @) HKU students explain this sit-,, pro vice school selection (well ~) -!!. (11) [online] Liberal Party Supply Lee Spring Gathering Kirin beer drinking ^^ ~ (haha....funny ah!) - (12).Walls have ears: Kirin "bend the door" Fun avoid .. ,, guest squire: Do not know Liu Ye only anchor !! (silly the!? fool bad woman, haha ​​..)-(13).Ao Hui Zhou,,Cen UN human rights summit statement ~ (very good ~) -(14).The author stays in Hong Kong - Guangzhou friends batch of mainland tourists, "audacity" !! -. (ture...!! so good ^^) -. (15). French aircraft carrier into the Persian Gulf to deploy boom IS ~ (swastika well done ^^) -. by friendly chivalrous Legion posted anonymously (16). demolition Cryptowall (Cryptolocker and extortion. ) !! -(17). How to install the network scanner Nikto to check loopholes -?! (woow, good ~) would like to thank the Anonymous chivalrous Legion friendly great selfless sharing and security affairs chief information security officer, "Pierluigi Paganini," Apple Daily and sharing, this tribe grateful ah ~ ---由安全事務首席信息安全官"皮耶路易吉帕格尼尼"發佈的(1).“TNT”團伙已發布的地下犯罪新的硬件TDoS工具!!-由友好匿名俠義軍團發佈的(2).黑客仍然在美國國務院的電子郵件系統 ??!(3).菲德爾·薩利納斯拒絕是FBI間諜?!-(4).菲德爾·薩利納斯“我不會去打小報告!”-(5).據稱美軍黑客勞裡愛希望他回來的電腦 !- 由蘋果日報 報導的(6).《馬丁》奪「最佳歌曲」明珠台冇刪走「香港民主抗爭」致謝辭 ?!-(7).【IS作亂】仗義大隻佬毅然賣樓 ,,隻身赴伊對抗IS ~ (Good man ah ~)-(8). 記者大選前放蛇 ,,揭收錢助疏通政策 ?!!英兩前外相涉以權謀私!!( shame @!)-(9).隔牆有耳:CY涉逃稅....!!好戲在後頭 !(good ~)-(10).梁特疑阻聘任陳文敏(Fuck @!)港大生今靜坐,,促解釋副校遴選! (well~)-(11).【李八方online】自由黨新春團拜暢飲麒麟啤^^~( haha....funny ah !)-(12).隔牆有耳:麒麟「拗門」,,嘉賓紛迴避..!鄉紳:只有葉劉唔知碇 ?!!(silly the fool bad woman,haha..)-(13).周永康,,岑敖暉聯合國人權峰會發言~( very good~)-(14).廣州網友撰文撐港~ 批陸客「大言不慚」!!- ( ture...!! so good^^)-(15).法航母駛入波斯灣部署轟IS~(卍 well done^^)-.由友好匿名俠義軍團發佈的(16).拆除Cryptowall(Cryptolocker和勒索)!!-(17).如何安裝Nikto的網絡掃描儀要檢查漏洞?!-(woow, good ~)*在此感謝友好匿名俠義軍團的偉大無私分享和安全事務首席信息安全官"皮耶路易吉帕格尼尼",及蘋果日報的分享,本部落感激不盡啊~ **All the world city/ country lauguage**-



*---Underground crime new hardware TDoS tool (1) "TNT" gang have been released by the security affairs chief information security officer, "Pierluigi Paganini" released !!- Anonymous chivalrous by friendly Legion released!-(2). hackers are still in the US State Department's e-mail system ?? (3) Fidel Salinas refused the FBI Spy -?!. (4) Fidel Salinas, "I will not go snitch! "- (5) US hacker Laoliaixi allegedly looking at his computer back! - by Apple Daily reported (6)." Martin "wins" Best Song "Pearl Nuisance delete go" Hong Kong democracy protest "acknowledgments -?! (7) [IS] sense of justice for the chaos Strong man decided against selling properties to Iraq alone ,, IS ~ (Good man ah ~) -. (8).,,Undercover reporter to
 
expose pre-election money to help clear policy !! ounce involving former Foreign abuse of power !! (shame @!) - (9) walls have ears:? CY involving tax evasion....!! good in the first (.! good ~ kill him @) -. (10) the appointment of Johannes Chan Leung special suspected resistance (Fuck @) HKU students explain this sit-,, pro vice school selection (well ~) -!!. (11) [online] Liberal Party Supply Lee Spring Gathering Kirin beer drinking ^^ ~ (haha....funny ah!) - (12).Walls have ears: Kirin "bend the door" Fun avoid .. ,, guest squire: Do not know Liu Ye only anchor !! (silly the!? fool bad woman, haha ​​..)-(13).Ao Hui Zhou,,Cen UN human rights summit statement ~ (very good ~) -(14).The author stays in Hong Kong - Guangzhou friends batch of mainland tourists, "audacity" !! -. (ture...!! so good ^^) -. (15). French aircraft carrier into the Persian Gulf to deploy boom IS ~ (swastika well done ^^) -. by friendly chivalrous Legion posted anonymously (16). demolition Cryptowall (Cryptolocker and extortion. ) !! -(17). How to install the network scanner Nikto to check loopholes -?! (woow, good ~) would like to thank the Anonymous chivalrous Legion friendly great selfless sharing and security affairs chief information security officer, "Pierluigi Paganini," Apple Daily and sharing, this tribe grateful ah ~
---由安全事務首席信息安全官"皮耶路易吉帕格尼尼"發佈的(1).“TNT”團伙已發布的地下犯罪新的硬件TDoS工具!!-由友好匿名俠義軍團發佈的(2).黑客仍然在美國國務院的電子郵件系統 ??!(3).菲德爾·薩利納斯拒絕是FBI間諜?!-(4).菲德爾·薩利納斯“我不會去打小報告!”-(5).據稱美軍黑客勞裡愛希望他回來的電腦 !- 由蘋果日報 報導的(6).《馬丁》奪「最佳歌曲」明珠台冇刪走「香港民主抗爭」致謝辭 ?!-(7).【IS作亂】仗義大隻佬毅然賣樓 ,,隻身赴伊對抗IS ~ (Good man ah ~)-(8).
記者大選前放蛇 ,,揭收錢助疏通政策 ?!!英兩前外相涉以權謀私!!( shame @!)-(9).隔牆有耳:CY涉逃稅....!!好戲在後頭 !(good ~)-(10).梁特疑阻聘任陳文敏(Fuck @!)港大生今靜坐,,促解釋副校遴選! (well~)-(11).【李八方online】自由hacker黨新春團拜暢飲麒麟啤^^~( haha....funny ah !)-(12).隔牆有耳:麒麟「拗門」,,嘉賓紛迴避..!鄉紳:只有葉劉唔知碇 ?!!(silly the fool bad woman,haha..)-(13).周永康,,岑敖暉聯合國人權峰會發言~( very good~)-(14).廣州網友撰文撐港~ 批陸客「大言不慚」!!- ( ture...!! so good^^)-(15).法航母駛入波斯灣部署轟IS~(卍 well done^^)-.由友好匿名俠義軍團發佈的(16).拆除Cryptowall(Cryptolocker和勒索)!!-(17).如何安裝Nikto的網絡掃描儀要檢查漏洞?!-(woow, good ~)*在此感謝友好匿名俠義軍團的偉大無私分享和安全事務首席信息安全官"皮耶路易吉帕格尼尼",及蘋果日報的分享,本部落感激不盡啊~
**All the world city/ country lauguage**-


 Underground crime new hardware TDoS tool (1) "TNT" gang have been released by the security affairs chief information security officer, "Pierluigi Paganini" released !!
http://securityaffairs.co/wordpress/33867/cyber-crime/tnt-gang-released-tdos-tool.html 

Share on Google+“TNT” gang has released a new hardware TDoS tool in the criminal underground

February 20, 2015 By Pierluigi Paganini

 

Telephone DDoS attacks are on the rise, the criminal group known as “TNT” gang has released a new hardware tool in the underground ecosystem.

The IntelCrawler cyber threat intelligence company has discovered a new advanced tool, dubbed 'TNT Instant Up', for Telephone Denial of Service attack s (TDoS). TDoS is a common practice in the criminal underground , it consists in flooding of unwanted, malicious inbound calls on a targeted system.
The calls are usually into a contact center or other part of an enterprise, which depends heavily on voice service. Examples are financial contact centers, Intensive Care Units (ICUs) and emergency rooms in hospitals, and public services such as 911. The intent of the attacker is disruption or financial gain through extortion.
The bad actors use these tools for online-banking frauds or targeted cyber attacks against banking customer services, the intent is to prevent their systems from receiving legitimate calls.
Last summer, the FBI reported that hackers run several TDoS attacks against companies operating in the Healthcare and Public Health Sector. At least one instance has been reported where the 9-1-1 Public Safety Access Point (PSAP) was disabled.
In 2013, the law enforcement issued a warning to emergency services call centers to be wary of telephony denial-of-service (TDoS) attacks. Unfortunately, bad actors interested in the TDoS tools are different, such kind of tools could be used as part of attacks and scams, organized by criminal groups, hacktivists and state-sponsored hackers .
The news TDoS tool is designed by a criminal crew from Eastern Europe called “TNT”, the tool was presented several days ago (February 18th 2015) in underground communities.
TDoS
The “TNT Instant Up” tool is a dedicated hardware that could be used by crooks to run TDoS attack, it consists of up to 12 connected Wireless USB 3G/4G modems. The TDoS tool runs a special software that allows attackers to hammer victims with continuous calls from inserted unlocked SIM-cards (GSM flood).
“The tool, called “TNT Instant Up”, is designed as a special hardware platform, consisting of several connected Wireless USB 3G/4G modems (up to 12 devices). Special software allows the tool to perform continuous calls from inserted unlocked SIM-cards (GSM flood) and leverages various SIP providers (SIP flood), loyal to such kind of harmful activity. ” states the blog post published by IntelCrawler.
TNT Instant Up tool supports Caller ID spoofing and includes a special “Service 500 Error” bypass, using multiple call forwarding. In a video POC that is circulationg among the underground communities, the TNT group shows TDoS attack against several demo victims, the TNT Instant Up allows them to conduct a high volume of calls from spoofed or anonymous numbers.circulationg among the underground communities, the TNT group shows TDoS attack against several demo victims, the TNT Instant Up allows them to conduct a high volume of calls from spoofed or anonymous numbers.

Видео непрерывных телефонных звонков на мобильные телефоны

TNT FLOOD
 2015年2月17日
Данное видео предназначено для ознакомления.

 The pricing range for the TNT Instant Up tool is between $560 USD and $1200 USD, it depends on the options and software provided by the hackers.
I have contacted experts at IntelCrawler to have more info on TDoS tools and their evolution:
Q: How this tool can be used for online-banking fraud?

A: This new tool compromises the text messaging systems to our smart phones”, states Andrew Komarov, President and Chief Intelligence Officer of IntelCrawler. “Banking texts of alerts or authorizations may not get through, allowing cyber criminals more time and opportunity to commit fraud.

Q: What is new in this tool?

A: The tool developed by “TNT” allows to perform TDoS against multiple targets simultaneously, supporting up to 50 victims and more from 12 connected devices.
Combination of GSM and SIP flood from multiple sources may significantly increase the level of attack. Traditionally, the bad actors used Skype-based flooders, but it absolutely depends on the number of Skype accounts with credits.
As expected, the group also offers a professional TDoS services for hire implementing the sales model known as attack-as-a-service .
 Share on Google+

 ====================================
  Anonymous chivalrous by friendly Legion released!-(2). hackers are still in the US State Department's e-mail system ??
 http://www.hngn.com/articles/71501/20150221/hackers-still-in-the-u-s-state-department-s-email-system.htm
 標題及全球新聞


Hackers Still in the US State Department's Email System

By Julie S julie.s@hngn.com | Feb 21, 2015
 hacker
 Three months after detecting some unauthorized activity within the US State Department's email systems, government officials are still unable to clear the network. (Photo : Reuters).

  Three months after detecting some unauthorized activity within the US State Department's email systems, government officials are still unable to clear the network.
The computer network was shut down in late October to ensure security. Prior to the State Department attack, the hackers initially targeted the White House computer network. Since then, other agencies fell victim, including the US Postal Service and the National Weather Service. The US Military confirmed that its systems were secured.
Temporarily, some US officials were asked to stop using their official emails and use Gmail instead. There are assumptions that it could either be Russia or China that are initiating the privacy breaches, so the FBI started the investigation.
But three months later, three people familiar with the investigation told the Wall Street Journal that the government hasn't cleared the email systems of the State Department and that the hackers still have access to the network. The National Security Agency (NSA) is scanning the systems and blocking the hackers, but those steps are not enough because the hackers are still able to find a new entrance by altering the codes.
The sources added that the investigators are still unsure of the data taken.
"We deal successfully with thousands of attacks every day," State Department spokeswoman Marie Harf said in a written statement. "We take any possible cyber intrusion very serious as we did with the one we discussed several months ago and we deal with them in conjunction with other relevant government agencies."
Russia remains suspect because of the similarity of the malware to other tools linked to Moscow and that it might be related to the Ukraine crisis. The NSA is still tracing the origin of the attack, according to two sources of Bloomberg.
The Russian embassy and the FBI refused to comment on the investigation.


 =============================================
 (3) Fidel Salinas refused the FBI Spy -?!

  Anonymous
We Are Legion
We do not forgive
We do not forget
Expect US!
Anonymous Video Network
Fidel Salinas refused to be an FBI Spy

WATCH THE VIDEO


Also in this section The Anonymous Solidarity Network

Fidel Salinas says he was charged after refusing to help FBI.

Fidel Salinas currently serving a six-month prison sentence for computer crimes now says that authorities asked him to help the United States gather information on Mexican drug cartels, then charged him with dozens of counts after he refused.
Fidel Salinas of Texas started his half-year prison sentence last Friday, three months after he accepted a plea deal that saw him owning up to a single count of accessing without authorization the computer system of Hidalgo County in 2012. The activity was part of an operation that authorities say involved the hacktivist collective Anonymous.
Fidel' troubles with the law began when his house was raided in early 2012 as part of the investigation of his alleged hacking. He was arrested and all of his computer equipment seized, then released on bail. In May, 2013, as he tells it, he was called by the FBI and told to come to the local field office to retrieve his confiscated computers. When he arrived at the office he claims he was instead put in a room and questioned.
During those six hours, Fidel says FBI agents showed him evidence that he had logged into Anonymous IRC chatrooms. He says they brought up OpCartel, an aborted Anonymous plan in 2011 to hack Mexico's Zeta drug cartel. And finally, he claims they asked him to help them gather information on both the cartels and local officials who had accepted money from them.
“We think you can help us,” Salinas says he was told. “You can help us stop some of this corruption and stop the cartels.” “I'm not going to snitch,” Fidel says he replied. They insisted that they weren't asking him to inform on his friends or Anonymous associates.
Fidel says he refused. Four months later, he was hit with a single computer fraud and abuse charge. Six months after that, prosecutors filed a superseding indictment, adding 13 more counts. The next month they added another 30, adding up to a total of 44 charges.

“Hackers are the new communists.”

Cyber attorney Tor Ekeland later took up the case pro bono and helped Salinas iron out the plea deal entered last year, trading in the 44-count indictment in exchange for a single misdemeanor charge.
“The more I looked at this, the more it seemed like an archetypal example of the Department of Justice's prosecutorial abuse when it comes to computer crime.” “Fundamentally this represents the FBI trying to recruit by indictment.” “The message was clear: If he had agreed to help them, they would have dropped the charges in a second.”
Tor Ekeland says the overreaching charges fit into a pattern of the FBI and Justice Department threatening hackers with ruinous charges to turn them into informants, and in at least one other prominent case, cooperative hackers.
While working as an FBI informant, Anonymous hacker Hector “Sabu” Monsegur led hacking operations against more than 2,000 internet domains, according to the leaked sentencing statement of Jeremy Hammond, another Anonymous hacker. Those targets included government websites in Iran, Pakistan, Nigeria, Turkey and Brazil.
Securing a defendant's cooperation by threatening him or her with a mountain of charges is nothing new, says Electronic Frontier Foundation attorney Hanni Fakhoury. But that's usually accomplished by first charging the defendant and then allowing him or her to reduce punishment by working as an informant or offering information. “I've represented many defendants who were propositioned by the government to come into a room and cooperate,” says Fakhoury.

 =====================================
 (4) Fidel Salinas, "I will not go snitch! "

Fidel Salinas “I'm not going to snitch!”

from Plus All Audiences


FreeAnons.TV - Fidel Salinas refused to be an FBI Spy.
Fidel' troubles with the law began when his house was raided in early 2012 as part of the investigation of his alleged hacking. He was arrested and all of his computer equipment seized, then released on bail. In May, 2013, as he tells it, he was called by the FBI and told to come to the local field office to retrieve his confiscated computers. When he arrived at the office he claims he was instead put in a room and questioned.
During those six hours, Fidel says FBI agents showed him evidence that he had logged into Anonymous IRC chatrooms. He says they brought up OpCartel, an aborted Anonymous plan in 2011 to hack Mexico's Zeta drug cartel. And finally, he claims they asked him to help them gather information on both the cartels and local officials who had accepted money from them.
“We think you can help us,” Fidel says he was told. “You can help us stop some of this corruption and stop the cartels.” “I'm not going to snitch,” Salinas says he replied. They insisted that they weren't asking him to inform on his friends or Anonymous associates.


 ====================================
  (5) US hacker Laoliaixi allegedly looking at his computer back!


Alleged US Army hacker Lauri Love wants his computers back

 How the "Great SIM Heist" could have been avoided
Tumblr blocks torrent-related posts from search results, along with adult content
Alleged US Army hacker Lauri Love wants his computers back

Join thousands of others, and sign up for Naked Security's newsletter
by Lee Munson on February 23, 2015 | Leave a comment

Filed Under: Featured , Law & order

Image of US Army uniform courtesy of Shutterstock A British man arrested on suspicion of hacking into the computer systems of the United States Army and other federal agencies is petitioning for the return of his encrypted computers and storage devices.

Lauri Love was arrested in October 2013 following a joint investigation by the US Army's criminal investigation command and the FBI in Newark.

Now Love wants computer equipment seized at the time of his arrest returned.

According to the BBC , the UK's National Crime Agency (NCA) doesn't want to give up the equipment because it has been unable to decrypt some of Love's files. It allegedly wants Love's cooperation in helping to decrypt them before returning his property.

Speaking to the BBC, Love said:

    Should police, having obtained a reason to acquire information but lacking any overt evidence of criminality sufficient to bring prosecution, be allowed to withhold private data?

    There is a very dire risk that this power will be used to disrupt protected journalistic and political activity.

Love later contacted Ars Technica to say he had submitted his petition to the court earlier this month and would be representing himself at a hearing on the 12 March. He added:

    I cannot speak to the contents except that they are mine.

    This is the only salient detail as far as I'm concerned. I am not on trial, nor is my data, and I am under no obligation to speak for it. But my property is being withheld from me, and that must be justified.

    The current justification is due to the inability of the NCA to understand certain data. It remains for them to establish why this is my problem and for the court to decide if this gives them authority to convert chattel.

The agency has declined to reveal whether it has been unable to decrypt Love's files.

Love, who stands accused of working with three other unnamed people, faces charges of breaching the security of the US military, NASA, the Environmental Protection Agency, US Federal Reserve and FBI computers.

Other charges including computer hacking and identity theft leave him facing a sentence of up to 12 years in prison if convicted but the fact that the NCA released him from bail back in July would seem to suggest that any case for the prosecution may rely upon gaining access to the encrypted files currently in the agency's possession.

The US may yet seek to extradite Love after a 2013 US Department of Energy audit suggested he may have gathered personal information on as many as 104,000 people.


 ===============================
 by Apple Daily reported (6)." Martin "wins" Best Song "Pearl Nuisance delete go" Hong Kong democracy protest "acknowledgments -?!
20150223 | 《馬丁路德金》奪奧斯卡最佳歌曲 致謝辭:連繫為民主抗爭的香港人

"Martin" wins "Best Song"
Pearl Nuisance delete go, "Hong Kong's democratic struggle" acknowledgments

 
February 23, 2015

"Martin" wins "Best Song"
Pearl Nuisance delete go, "Hong Kong's democratic struggle" acknowledgments

332,832
Last updated: 0223 23:19 / Created: 0223 12:12










Oscar, had also linked up with the Hong Kong umbrella movement. Just awarded Best Film songs, from "Martin Luther King - Dream Road" song "Glory" won. When John Legend and Common on stage singing, the movie "Star Trek" (Star Trek) actor Keith Parker (Chris Pine) and "Martin Luther King - dream road" leading man in the audience could not have been moved to tears. Common and after that when more acknowledgments: "I used to go to the bridge it barbarian Selma to sing it the song, then the song on behalf of freedom, beyond ethnicity, sexual orientation and gender, in particular the Department on behalf of the spirit of freedom associated with this bridge. the dream of a better life, that children in southern Chicago French vocal freedom, fight for democracy in Hong Kong. "

A lot of people are generous estimate replay tonight Pearl Oscar will go Cut segment Common Link "reactionary" generous remarks it, but tonight the replay, the last paragraph are out Zo does not speak, because of public pressure Do not know the Department of wireless, fixed line Pearl more editorial independence?


As for the best original music, nominations include:
Alexandre Desplat "Budapest Hotel"
Alexandre Desplat "decode game"
Hans Zimmer "interstellar Apocalypse"
Gary Yershon "Mr. Turner"
Johann Johannsson "Hawking: Equation of Love"

Finally won by the "Budapest Hotel" Alexandre Desplat. Born in Paris generous musician Alexandre Desplat was nominated for an Oscar six times in the past with "Lust, Caution", "Queen" and "The emperor without Huaer" also received many awards, has repeatedly won the Oscar nomination, this time finally with " Budapest Hotel, "won the Oscar for best original music.
Common acknowledgments when more that: "I used to go to the bridge it barbarian Selma to sing it the song, then the song on behalf of freedom, beyond ethnicity, sexual orientation and gender, in particular the Department on behalf of freedom."
Pearl eventually it will broadcast Zo Common speech segment. (TV picture)


 ===================================================
 http://hk.apple.nextmedia.com/realtime/international/20150222/53461078

[IS] sense of justice for the chaos Strong man decided against selling properties to Iraq alone IS

 
 (The Internet).
 British 38-year-old man Knox (Tim Locks) in order to confront the brutal and unscrupulous "Islamic State" (IS), decided to sell the house, and moved to Iraq to join the local Christian militia Dwekh Nawsha, want to use their power to help the locals.

"I have a good life, have a job, have a beautiful house, it is time to help others." 6 feet 2 inches tall, weighing 238 pounds of Locust, last August IS seen in Sinjar mountain (Mount from TV news Sinjar) bloodbath Yazidi ethnic minorities (Yazidis), they sprouted to help local small idea of ​​fighting terrorism.

Once when the nightclub security and engaged in the construction industry, Locks, while the house for sale, while the locals in the online contact, and finally met this month with new friends via Dubai arrived in Iraq, they carry up to 286 pounds at their own expense equipment to local near the body. He regrets the decision made: "I'm here to help people in need, and I know a group of only a few weeks, but it feels like a family of people together."

Locks are now assisting the locals with the skills to rebuild houses, he admitted that his family worried about his safety, but I hope to go to the front lines to defend the homeland as soon as possible to assist the local people and we hope to provide more support in Western countries.

British "Daily Mail"

 That is like "Apple Daily" FB!
 =========================================
 http://hk.apple.nextmedia.com/international/art/20150224/19052656

Former reporter undercover to expose the general election money to help clear abuse of power involving former Foreign Policy ounce



 British election approached, politicians happen again dredge money scandal, the protagonist is the former Labour Foreign Secretary Shizhong Hong (Jack Straw) and former Conservative Foreign Secretary Rifkind (Malcolm Rifkind). The two are still under political heavyweight Members troops, on behalf of the Hong Kong company to posing undercover reporter, boasting took the fight to clear reform policies, but also on behalf of the officials, "the cable material," and see ambassadors, to obtain more than $ 50 a day Pound (HK sixty thousand) reward. Politics for two greedy fox face shocked to do now, but they insisted that no wrong.
British "Daily Telegraph" and Channel 4 television, there are dozens of elections in May will see the name of the outgoing members, concerned about whether they will pave the way for abuse of power, expand the undercover investigative reporting. Reporter posing as a fictitious company called PMR Communications Hong Kong company representatives in recent months, e-mail contact with twelve members, said there are Chinese businessmen backing, money that would like to conduct business in Europe, inviting them as a consultant.
Reported that among the twelve half did not respond, a man claiming connections is "not for sale", but others are interested in further consultations, impressively, including two former foreign minister, 施仲宏 last month more in his office congressional see undercover reporter. Shizhong Hong boasted four years ago for ED & F Man company as a consultant, met with Ukrainian Prime Minister Mykola Azarov (right), successfully lobbied to change the other one pair of local factories adverse legal.

Shizhong Hong Zeng said the Ukrainian Prime Minister to change the law

In the candid shots, the 施仲宏 talk about how their own magical wand, four years ago to ask him when the consultant ED & F Man Commodities see Prime Minister of Ukraine, "carrot and stick" to make the other one pair change in local factories unfavorable legal, but also for The company lobbied the EU authorities and officials in charge of the successful change sugar control rules. He said: "The best way to deal with this sort of thing is a low profile."
But Shizhong Hong quest help, spend a lot of money. Although ED & F Man gave him six pounds (seven hundred and twenty thousand Hong Kong dollars) annual salary, he said there are a number of companies compete to please him, "If you want me to lecture or do something else to be five thousand pounds a day, I receive this price . "
Rifkind facing undercover reporters, but also to show off their own people vein: "I want to see what the Ambassador in London ...... Such people can see useful contacts." He said as PMR want to invest in Poland, the Polish ambassador on behalf of his visible and clear, and that PMR If you want to know the British government's policy orientation, "I can write to the minister asked," that it will not disclose more whom to ask.
Speaking reward, close sixty-seven thousand pounds a year (eight hundred thousand Hong Kong dollars) MPs salary Rifkind, claiming that he was "self-employed", "want their own money," said the acceptable year 60000-8 pounds ( HK nine hundred and sixty thousand) consultant fees, but also known as a bank asked him to do things half-day bid in 5000-8000 pounds (HK ninety-six thousand) between.
Standards Committee before the main British public 席格雷厄姆 (Alistair Graham) said he responded to the two senior members of such people waving, shocked, Rifkind particularly concerned "so happy to sell their network," and refers to the official inquiry is not Rifkind disclosure of who did it, and pour Shizhong Hong Members office commercial contracts Members Code violation.
■ In candid clip, Shizhong Hong show to his work or speeches, collect five thousand pound reward every day. ■ Rifkind undercover reporters to show that he wants to make money in the Member outside duties.

Rifkind said the non-assistance to a Member

After the scandal exposed the day before yesterday, both insisted that no wrong, voluntarily surrendered to the Commissioner for Standards Congress, decide whether to let the other violations. He is a former foreign minister Rifkind argued that identity rather than as a Member for assistance, and that he wrote to the minister requested, will only be public information. Shizhong Hong stressed that he was leaving the next show was when Mr consultant, and refers to the office to see off members are too busy because of the day. Labour refers to coverage of Shizhong Hong allegations "troubling" that he has voluntarily suspended caucus membership. Rifkind Conservative caucus yesterday suspended duties, which means now is the two independent members attended the House of Commons. Labour MPs have resigned from Congress to require Rifkind Intelligence and Security Committee chairman post.
British "Daily Telegraph" / Channel Four Television


 ===================================
 http://hk.apple.nextmedia.com/news/art/20150224/19053031

Walls have ears:
CY good in the first involving tax evasion

 
 This year the Department of Ram, Mok (left) with Mr Kenneth Leung fathoms day sheep frame greeting the media..
 
 Legislative Councillor Mr Kenneth Leung accounting profession, the IT sector Mok two functional constituencies generous "doubles" Spring Gathering fathoms day with media. During the meeting, Mr Kenneth Leung revealed the Octagon, the original Mr. Leung last year on suspicion of tax evasion related to the scandal generous, in fact, the Department of "unresolved." Mr Kenneth Leung had been familiar with international tax generous chase, three weeks ago sent a letter to the British IRS accused Chung Leung Chun-ying, the Australian company UGL fifty million charge did not pay taxes, the day before the canal received "New Year's gift", the British tax Bureau reply, it will provide details on the matter to Mr Kenneth Leung reply, it seems really good show lines behind.
Mr Kenneth Leung with Mok has been seen to turn hand drive support political reform, but the canal is quite a tough day two fathoms, then change if the central eight hundred thirty-one Well decision, even meeting with the central, not even change the drainage Die opposition political reform stance . Mr Kenneth Leung made it clear that the withdrawal of eight hundred thirty-one Well, political reform 99.99% do not even have the results, then Han Mok would like to see Nuisance meaning.

 That is like "Apple Daily" FB!
 ======================================
 http://hk.apple.nextmedia.com/news/art/20150224/19052931

Johannes Chan Leung appointed special suspected resistance HKU student sit-in to promote this interpretation deputy school selection

 
 HKU Vice-Chancellor to discuss the candidates, the students called on students to sit still.
 WASHINGTON large school board in Hong Kong today to discuss candidates for the two vice president positions, although the agenda does not include Johannes Chan recommended as eligible for the "academic personnel and resources," the post of vice president, but because it was rumored Chief Executive Leung Chun-ying and cronies thwart Chen appointment, Hong Kong university students will be called on students to sit quietly on the sidelines today, requested the President to explain whether the School Board hung by government intervention.
Reporter: Zhang Tingting
School Board met to discuss five points today, Vice President position does not include the two candidates, including Johannes Chan. Hong Kong Students Association Pingjing En yesterday in a radio program that will call off the sit-in students to request the appointment of Vice-Chancellor Dr explain the process, whether by government intervention, and asked the beam on academic freedom and institutional autonomy elaborate stand.
Hong Kong Students Association Pingjing En Port Authority Chairman Dr Colonel Johannes Chan

ICAC investigation filed a report that left Chen

In a meeting on the eve of the Council, had Johannes Chan as crazy discredit "Wen Wei Po" Tuen Mun District Council yesterday quoted Chen Yun Biography DAB told the newspaper access means, "the ICAC report Johannes Chan after he had opened investigations, and had invited him to pay the information and taking statements, but has received no notice of the ICAC investigation progress. " Chen believes that the ICAC should speed up the progress of the investigation, according to the guidelines also think Johannes Chan failed to explain the sources of contributions, he harbored doubts Daiyao Ting, not suitable for Hong Kong as Vice President.
There are media reports that in October last year, more than 戴耀廷 contributions to HKU School of millions of dollars but did not disclose the identity of donors or sources, inconsistent HKU donation guidelines; Chen Yun Biography reported in January this year to the ICAC pay data including a copy of the promissory notes of three large contributions to Hong Kong, while Johannes Chan reported to the ICAC. The news earlier claimed that Vice President Johannes Chan's appointment, because the School Board are examining 戴耀廷 contributions events not discussed today at the meeting adjourned.
Yesterday, the newspaper failed to contact with Chen Yun Biography ICAC reply "Apple" means not comment at query time. Former Chief Inspector of the ICAC investigation barrister tin I've seen, "Wen Wei Po" after the report accused the ICAC doubt whether filing, he explained, if failing to disclose the source of donations, in violation of the guidelines of Hong Kong, HKU refuse collection, see How involved were less corruption or improper conduct for public officials question the need ICAC filing involving suspected corruption. Instead, he reminded Chen Yun Biography, may contravene Article 30, "the Independent Commission Against Corruption Ordinance," because the high-profile former ICAC Complaints disclosure is acceptable, but it may be illegal to disclose the ICAC investigation.

 That is like "Apple Daily" FB!
 =====================================
 http://hk.apple.nextmedia.com/realtime/news/20150224/53467884

[Lee] Liberal Party Plus online Spring Gathering drink Kirin beer

 
 Chen Xueling photo (Apple Daily).
 Liberal Party Chinese New Year gathering today to engage the media, during which the topic from the New Democracy Party Chairman Regina Ip Well open two days were dancing unicorn "Zhuangfei" Ngam Ngam generous return travel JAMES mouth smiled, then privately asked a squire GOD, Department of Link microphone system really a coincidence, not even cover a point to know Wai! The more people speak more to the rise of class, let them go, Youth Link members see everyone happy, immediately pumped buy Kirin beer, reporters at the scene with drink cup donated back to celebrate.


 ===================================
 http://hk.apple.nextmedia.com/news/art/20150224/19053023

Walls have ears: Kirin "bend the door" guest squire Fun avoid: Do not know Liu Ye only anchor



 
 This year New Year's generous heat, then certainly include New Democracy Party Chairman Regina Ip early Chegongmiao divination when attending events, it was the unicorn Zhuangfei things matter, peanut index prolonged sun exposure lamp. Unicorn dances in the end generous "Hero" What the Water? Sha Tin Rural Committee Executive Committee Luo Fu Big Secret fathoms day, if it bit unicorn master surnamed Xie, you agree village representatives, but the Department of boss-level troops, Bei Sui Wo Court has renovated engineering company, since the flying submarine collision incident Zo water, to make a fortune playing cards Wenqu are Wenwu Dao.
Luo Fu words Yeah, the same day the team you agree generous unicorn career 搵食 team, What happened ten years ago Sha Tin Rural Committee 想搵 team of people at the Che Kung Temple in early Bei incense and praying unicorn dance, Drainage know there is a village under the lime kiln Xie brothers have to learn on the unicorn dance, EQ other villagers buried drainage Die earn the team, every lunar year out.
During the meeting, Luo mouth smiled Drainage live telephone replay of Next Media Animation movies to other village reorganization case, if there were only doing tight into the temple generous unicorn "bend the door" ceremony, unicorn head right to be left Ju Ju big action; ceremony After Zo, guests can catch the unicorn tail line, every year the Department of Link, generous guests attended with King Lau Wong-fat Territories are known anchor, will be the first line of step Well, more companies will be Bei Well unicorn both sides, drainage system, then this accident have guests "Do not know Ikari," but will review the drainage Die generous.

Liu Ye, then Elizabeth Quat 'opening marks the Friends'

Except when Zo squire suspected resistance anchor Liu Ye, DAB Elizabeth Quat early Triples media gathering, review Ye Fei Liu was "unicorn", then hit Wai event, event series lesson we should know "bit rate" Well you do not know how customs mess prices, otherwise the consequences "if you have eyes in the Air." It seems spicy 㷫 speak Fan Ye Liu Bei facebook drainage fathoms day, then, from the newspapers that there are "opening marks Friends", then ditch "do not know how companies position", the first will be rammed unicorn, drainage rebuttal was crowded, simply can not "pick-bit rate", without naming it, then bit "opening marks the Friends," "may not have a clear understanding of the field environment," seem to mind the suggestion that good drainage wedged position. Yeah Ye Liu Zhong words, even if only hit Drainage Nuisance unicorn believe may also hit other squire elders, automatic devotion words: "If I can replace the squire elders who endured a hit, but also perhaps a good thing."
Lee Supply

pf_lee@appledaily.com

 That is like "Apple Daily" FB!
 ===================================
 http://hk.apple.nextmedia.com/realtime/news/20150224/53467395

Zhou Yongkang, the UN human rights summit statement Ao Hui Cen

 
 Zhou Yongkang (right) Cen Ao Fai speak at the UN Human Rights Summit in Geneva. (The Internet).
 
Federation Secretary General and Deputy Secretary General of Cen Ao Zhou Hui yesterday to attend the United Nations in Geneva Summit for Human Rights and Democracy, and spoke at the meeting. Zhou Yongkang refers to thousands of students and the public through the umbrella revolution wants to change the political system that under the influence of the central government, Hong Kong's future will learn to awaken a new generation of hand.

Zhou Yongkang said that the fate of our direct influence China and the world, "the fate of autonomy" is the slogan raised by the students last September at the time of the strike, if the Hong Kong people and people across the globe want to have a better future, "the fate of autonomy" is the only way out. He stressed that even if the umbrella revolution has ended, but "the fate of the independent" spirit will not fade.

Deputy Secretary of the Federation on Ao Hui Cen finger in his speech, umbrellas revolution following the 1989 pro-largest student movement against the CCP. He also said that the current democracy in Hong Kong by the "one country" under the given, is impeding the fight for democracy Hong Kong one of the biggest obstacles. However, Cen Ao Hui believes that compared to Cuba, Tibet, North Korea and Iran, the situation in Hong Kong is not hopeless, and cited an umbrella movement saying, "Do not despair, even if disappointed," concludes, emphasizing "hope" is the strongest weapon against the dictatorship .

They speak the movie:
http://youtu.be/DZzS92fZwe4




 That is like "Apple Daily" FB!
 =======================================
 http://hk.apple.nextmedia.com/realtime/news/20150224/53465911

Guangzhou friends author stays batch of mainland tourists to Hong Kong, "audacity"


 Guangzhou friends batch of mainland tourists to Hong Kong stays author remarks, "audacity".
 "One hammer tuning" hosted Li Huiling that when everyone thought that the problem "in Hong Kong and contradictory" Hong Kong people face only, the original in the Mainland, Guangzhou people speak Cantonese also face.

Guangzhou in the BBC Chinese net users Jiang Zhisheng wrote, expressing his daily must face the problem of open defecation other people, but people are generally stand Guangzhou.

"Misconduct mainland tourists in Hong Kong. Urinating or defecating, take the subway to eat during ...... do not check the behavior of these, more than once occurred in Hong Kong, more than once reported by the media. And this kind of behavior is not seized, often in Guangzhou happen, I also "have" witnessed the face of these acts, the difference lies in Guangzhou and Hong Kong: Hong Kong people to come forward to stop, but a significant part of the Guangzhou people will stand by unknown is afraid to stop, or have "had nothing to do armchair" mentality (in this I have to "repent" about: In this writing of more than 10 hours ago, I witnessed a woman to help their son in the streets of Guangzhou somewhere underpass openly urinating in the street and did not stop), however, seems to have a little stand "truth" - these people do not check to act, and no sense of shame in the face of others blamed for their actions, and not only did not reflect, but justifiably argue, completely unaware of how their behavior is plagued others. And this point, Guangzhou and Hong Kong, but surprisingly consistent. Maybe, encountered two people, the same kind of people. "

In addition, Jiang also pointed out that "some schools, the unknown is misinterpreted" Putonghua "policy, still determined to go against Cantonese, made some patently unreasonable request, for non-Mandarin languages, including Cantonese, including, for example, students are required as long as the both within the school must speak Mandarin, and even students also talk back to their home in Mandarin! "he complained," This is not a promotion, it is mandatory to use Cantonese called "hard clip come out and walk! '"

Jiang Zhisheng two examples cited above, is designed to tell you, Guangzhou and Hong Kong suffered the same or similar impact, therefore, faced with dry port conflicts, he compassion and felt deep contradictions dry port today, the Hong Kong SAR Government and the Chinese government both have to bear the greatest responsibility.

Even think to speak, "Hong Kong has long been done without us" mainlanders are overreaching, say "you people, do not have high-quality milk in Hong Kong, your child just finished!" If one party does not respect foreign cultures different from their own, there was no contradiction almost every day.

Read the full text: http: //bbc.in/17MxtWm


 =======================================================
 http://hk.apple.nextmedia.com/international/art/20150224/19052598

France deployed aircraft carrier into the Persian Gulf boom IS

 
 "Charles de Gaulle" to participate in military action against IS in the Persian Gulf.
 France yesterday (23) deployed aircraft carrier "Charles de Gaulle" (Charles de Gaulle) battle group in the Persian Gulf region are on duty with the US aircraft carrier "Carl Vinson" (USS Carl Vinson) cooperation to combat evil in Iraq The "Islamic State" (IS) jihadists.
"Charles de Gaulle" yesterday morning into the north of Bahrain in the Persian Gulf waters, "blast" fighters took off from the deck to Iraq. France is currently in the United Arab Emirates and Jordan deployed a total of fifteen fighters and tankers, reconnaissance and attack responsible action, "Charles de Gaulle" deployed on a total of twenty aircraft, and attack by aircraft, saving more than half of the existing base from UAE time.

Europe and the United States called for the passage of the mall Shabab

In addition, the pro Agai De Somali "Youth Party" (Al-Shabab) issuing videos, calling on Muslim attacks on shopping centers in Western countries, including the United States to attack named Minnesota "American Mall" Canada "West Edmonton Mall" and the United Kingdom and France, two of London's Oxford Street shopping malls.
In response refers to the United States, there is no reliable evidence to show that the country's shopping malls will be attacked, but still remind the relevant place and the public to remain vigilant.
AFP / AP


 =========================================
  by friendly chivalrous Legion posted anonymously (16). demolition Cryptowall (Cryptolocker and extortion. )
 Cyber Attacks/Vulnerabilities/Exploits/Advisories/IT Security Research/News-Bradley

In today's blog we show a new approach to stopping ransomware such as Cryptowall, and how it is possible to use analytics to detect the shift in user behavior caused by malware such as Cryptowall and even destructive variants. After recognizing the attack, we stop infected data from replicating to the cloud.

more here..........http://www.405labs.com/blog/2015/2/17/putting-an-end-to-cryptowall-cryptolocker-and-the-like
Posted by

 ========================================

Tearing Down Cryptowall (Cryptolocker & Ransomware)

In today's blog we show a new approach to stopping ransomware such as Cryptowall, and how it is possible to use analytics to detect the shift in user behavior caused by malware such as Cryptowall and even destructive variants. After recognizing the attack, we stop infected data from replicating to the cloud.


 A screencast demo of a new approach to stop Cryptowall infections from infecting cloud services and limit potential damages to your organization (Click the image above to play).

Background

One of the most dangerous (and flat out annoying) trends in malware affecting both small and large businesses over the past years has been ransomware such as Cryptowall- currently the most widespread and dangerous variant, and its predecessor, Cryptolocker which was taken down along with the Zeus GameOver botnet in June 2014.
Why have Cryptowall and other variants been so successful? It takes advantage of the fact that inside organizations perimeters, people need to share and collaborate on files. Organizations that are utilizing cloud services such as Google for WorkBox and Dropbox aren't exempt from this either- personal folders and network drives attached to affected endpoints can be encrypted by Cryptowall or other ransomware.


a DIFFERENT approach

In the screen cast above, we demonstrated a different (and very effective) approach to stopping ransomware such as Cryptowall from infecting data in the cloud that we utilize in our own next generation DLP analytics.
  • Detect multiple file edits happening on a user's account in real-time by interfacing with cloud services such as Google for Work, Box, o365 and Dropbox
    • We are detecting documents encrypted by Cryptowall being synced with the cloud 
  • Examine the entropy and file headers of recently edited files
    • A generalized way of detecting whether they have been encrypted, and not specific to a particular malware variant
  • Determine which application is encrypting the clients files
    • In the case below, Google Drive syncing to the cloud
  • Immediately revoke credentials to the Google Drive application, notify the user and security team
    • Disaster averted =)
Why is this so cool?
  1. We're looking at changes to data rather than malware- it will be very hard for future versions of Cryptowall or anything else encrypting files for ransom to be successful
  2. This approach extends to other attacks such as data destruction
  3. In our testing we can detect and block Cryptowall before 15 or more user files have been encrypted and synced (typically less than 1% of overall files)
  4. No endpoint agent required!

Background

Cryptowall and other variants are designed to infect all versions of Windows, and are distributed through typical (but proven effective) channels such as SPAM and email attachments, browser exploit kits and fake updates for applications such as Adobe Reader, Java or Flash. More recently, we have seen downloader software such as Upatre downloading Cryptowall over SSL after initial infection through legitimate cloud hosting providers such as Dropbox; making it increasingly difficult for IPS and web security gateways to stop delivery.
For this blog, we'll examine a Cryptowall 3.0 sample from Feb 2015 and the effects that it has on files and shared drives-- and how we can detect and stop it from being able to infect files in the cloud.

The infection

After being executed, Cryptowall silently reaches out to a command and control server and downloads an RSA 2048-bit public key which it then uses to begin encrypting all of the files on local and shared drives that it has access to.


 Cryptowall 3.0 infected box reaching out to its command and control servers to download the 2048-bit RSA key.

  The latest version of Cryptowall (3.0) contains new features, such as multiple exploits included in the dropper, and an Anti-virtual machine check which interestingly enough did not detect VMWare Fusion running Windows 10 preview.


 http://bot24.blogspot.kr/

  ===================

In today's blog we show a new approach to stopping ransomware such as Cryptowall, and how it is possible to use analytics to detect the shift in user behavior caused by malware such as Cryptowall and even destructive variants. After recognizing the attack, we stop infected data from replicating to the cloud.


In this article, I’ll explain how we added speed to Universal SSL with session resumptions across multiple hosts, and explain the design decisions we made in this process. Currently, we use two standardized session resumption mechanisms that require two different data sharing designs: Session IDs RFC 5246, and Session Tickets RFC 5077.


If you're a intrusion analyst on a small team (or maybe you ARE the team), you may be the only resource that has to look at a myriad of possibly malicious files that trigger your IDS or SIEM. You may not have either the time or the forensics skills to properly inspect each PDF or Flash file or Office doc that set off an alert.


SSL Blacklist (SSLBL) is a project maintained by abuse.ch. The goal is to provide a list of "bad" SSL certificates identified by abuse.ch to be associated with malware or botnet activities. SSLBL relies on SHA1 fingerprints of malicious SSL certificates and offers various blacklists that can found in the SSL Blacklist section.


Leaked document describes security measures used by NSA.


Delete Known Government-Linked Certificate Authorities in OS X.


I’ve been sitting on this information for some time, waiting to get more research done before I publish a post. But since word has come out about how Lenovo preloads what amounts to very bad spyware on their PCs, I thought I should also just go right ahead to spill the beans on the Mac.

Yes, that’s right. Superfish is bad. The problem with the Mac is only slightly related in that it also involves SSL certificates. It’s also bad, in a different way.


Security researchers have often made the mistake of assuming that when a specific tool was observed

being used in espionage attacks, it was representative of activity of a single actor. More frequently,

however, many are now identifying that distinct groups of attackers are sharing their toolsets, just as in the cybercrime world.

One such toolset, the ScanBox framework, is now shared between a number of groups who conduct

espionage attacks.


Tim Peters developed the Timsort hybrid sorting algorithm in 2002. It is a clever combination of ideas from merge sort and insertion sort, and designed to perform well on real world data. TimSort was first developed for Python, but later ported to Java (where it appears as java.util.Collections.sort and java.util.Arrays.sort) by Joshua Bloch (the designer of Java Collections who also pointed out that most binary search algorithms were broken).


coco.cpp is a simple pintool for code coverage analysis. It comes with the Pin Framework.


Security experts have observed an increasing number of targeted attacks against the code underlying financial companies’ in-house trading algorithms.


Recently, we found a simple malicious downloader that downloads a fake PDF file.  Unlike a normal malicious loader that integrates the PE Loader code into its binary, this loader has stripped this part and has turned to fetching it online.


Revelations over the past couple of years highlight the importance of understanding malicious and

surreptitious weakening of cryptographic systems. We provide an overview of this domain, using a number of historical examples to drive development of a weaknesses taxonomy. This allows comparing different approaches to sabotage.


The saying (also known as Linus’ law) doesn’t say that the bugs are found fast and neither does it say who finds them. My version of the law would be much more cynical, something like: “eventually, bugs are found“, emphasizing the ‘eventually’ part.

(Jim Zemlin apparently said the other day that it can work the Linus way, if we just fund the eyeballs to watch.


LOKI (Limited Obstructive Keyboard Impersonator) is a RDP File Transfer Tool Using Keypresses

here............https://github.com/nccgroup/loki

FENRIR a PoC to tunnel the Meterpreter reverse HTTP shell over RDP Virtual Channels

here...........https://github.com/nccgroup/Fenrir

Sleipnir a tiny payload for transfer via LOKI - Provides high speed Virtual Channel two way file transfer capabilities

here.........https://github.com/nccgroup/Sleipnir


Today we are adding a new feature — actually a new form of encryption — that improves mobile performance: ChaCha20-Poly1305 cipher suites. Until today, Google services were the only major sites on the Internet that supported this new algorithm. Now all sites on CloudFlare support it, too.


The objective of this essay is to give a brief overview what the Linux Kernel is, the vulnerabilities and CVEs that have affected it and how it has been shaped by these.


In Part 1, we figured out how to locally exploit CVE-2014-8142 and CVE-2015-0231. In Part 2, we'll discuss remotely exploiting this vulnerability, and what we can steal from the application using the methods we discover. However, we will be focusing solely on CVE-2015-0231.


Break out the Tylenol, you will need it

Sokar seems to block pings but if you scan individual ip’s it seems to work Scan the ports of sokar

more here.......http://piyr9.github.io/sokar/

and Sokar competition info here.....http://blog.vulnhub.com/2015/01/competition-sokar.html


Webgate technology is focused on digital image processing, embedded system

design and networking to produce embedded O/S and web server cameras

providing real time images. We are also making superior network stand-alone

DVRs by applying our accumulated network and video solution knowledge.

WEBGATE Embedded Standard Protocol (WESP) SDK supports same tools in both

network DVR and network camera.

 much more.........if  you  push........~^^

 Please login to Google + 
 Share on Google+
or others way...

  =============================================
 (17). How to install the network scanner Nikto to check loopholes -?!
 http://www.unixmen.com/install-nikto-web-scanner-check-vulnerabilities/

Share on Google+ How To Install Nikto Web Scanner To Check Vulnerabilities

by  

What is Nikto web scanner and it’s use ?

Nikto Web-scanner is a open source web-server scanner which can be used to scan the web-servers for malicious programs and files. Nikto can be used to scan the outdated versions of programs too. Nikto will provide us a quick and easy scan to find out the dangerous files and programs in server, At the end of scan result with a log file. Using nikto we can scan http, https, httpd traffics too.
To run the Nikto we don’t need any hard resource using software’s, If our server installed with Perl it’s fine to run the nikto. It’s available for every Operating systems such as Linux, Unix like RedHat, Centos, Debian, Ubuntu, Solaris, BackTrack, MacOSX. Supports SSL, http proxy, Scan multiple ports on a server, Check for outdated server components etc.. We can get the output of result in following formats TXT, CSV, HTML, XML.

Newly released version of Nikto Web scanner:

Nikto released it’s version 2.1.5 in 2012 but it’s under updates for each and every new vulnerabilities till date.

vulnerabilities Database:

We can find each and every vulnerabilities database in following URL.

My Environment Setup:

  • Hostname                   :      prodsrv.unixmen.com
  • IP address                  :      192.168.0.166
  • Operating system        :      Ubuntu 14.04 LTS
Run the following commands to check the hostname, IP address, and OS version.
hostname
ifconfig | grep inet
lsb_release -a
Nikto host info

Step by Step Installation

First we need to download and install nikto web scanner from Official website.
Let we download the package which in .bz2 or gz format using wget in our production server.
https://cirt.net/nikto/nikto-2.1.5.tar.bz2
https://cirt.net/nikto/nikto-2.1.5.tar.gz

Step 1: Download the package

wget https://cirt.net/nikto/nikto-2.1.5.tar.gz
nikto download
Step 2: Extract the package using below command
tar -zxvf nikto-2.1.5.tar.gz
Extract Nikto

Step 3: Navigate to the home directory

Then move the extracted nikto package to /usr/local/bin/:
cd ~
sudo cp -apvf nikto-2.1.5/* /usr/local/bin/
ls -l /usr/local/bin/
nikto copy
* Nikto config file need to be in /etc/, But now it’s currently under /usr/local/bin/ While having a look into conf we can find that nikto will skip the scan for ports 21 & 111, And from were it want to download it’s update and much more.
sudo vim /usr/local/bin/nikto-2.1.5/nikto.conf

Step 4: Creating Symlink & Permission.

Now we need to create a symlink for our conf file to /etc/ because nikto look for conf file under /etc/. Then make our nikto script as executable using chmod.
sudo ln -s /usr/local/bin/nikto.conf /etc/nikto.conf
ls -l /etc/nikto.conf
sudo chmod 755 /usr/local/bin/nikto.pl
ls -l /usr/local/bin/nikto.pl
nikto symlink

Step 5: Update the nikto Database.

Before performing any scan we need to update the nikto database packages using.
/usr/local/bin/nikto.pl -update
nikto update
To list the available Plugins for nikto we can use the below command.
nikto.pl -list-plugins // To list the installed plugins //
nikto plugins

Step 6: Scan for vulnerabilities:

To Scan for a website using hostname we can use the option -h followed by niktop command.
nikto.pl -h www.unixmen.com // To scan a website //
nikto scan host
Scan for a hostname using multiple ports we can use -p option followed by nikto.pl
nikto.pl -h www.google.com -p 80,443
nikto scan port
While scanning for vulnerabilities we can see the process, If we need to see the live process we need to use option Display.
nikto.pl -D v -h www.google.com
Where,
  • -D = Display
  • v = Verbose
  • -h = hostname
niktop verbose scan
Scan Only using specific check using tuning option:
While Tuning options used we can specify which test need to made, Using x option we can exclude the tests which we don’t need.
Below Options are available for specific scan’s.
0 – File Upload
1 – Interesting File // we will get in logs
2 – Misconfiguration / Default File
3 – Information Disclosure
4 – Injection (XSS/Script/HTML)
5 – Remote File Retrieval – Inside Web Root
6 – Denial of Service // Scan for DDOS
7 – Remote File Retrieval – Server Wide
8 – Command Execution // Remote Shell
9 – SQL Injection // Scan for mysql vulnerabilities
a – Authentication Bypass
b – Software Identification
c – Remote Source Inclusion
x – Reverse Tuning Options
Now here let me scan for SQL vulnerabilities for a website. A single test will finish in short time if we not specified for a single scan it will take the full scan and take hours to complete.
nikto.pl -Tuning 9 -h www.isanalytics.com
nikto sql inj scan
Scan for multiple test using:
nikto.pl -Tuning 69 -h www.isanalytics.com
Scan and save the result to a file using below command to find the vulnerabilities.
nikto.pl -Display V -o nikto_scan_result.html -Format html -h 192.168.0.166
nikto result command
After scan completes we will get the result in html format in current directory as show below.
nikto result file
We will get a decent format of output as show below in html format to find the vulnerabilities.
Nikto result file in html format
That’s it, Here we have seen how to protect our website from several vulnerabilities. To know the up to date vulnerabilities we need to keep the nikto package update before scanning.

Resources:

Conclusion:

To those who searching for web scanner nikto will be one of powerful tool to end your web scanner search. Hope this will will bring you a good idea to scan vulnerbalites for you site even your site are well harden in several settings.


 ================================================


  " Would like to thank the Anonymous chivalrous Legion friendly great selfless sharing and security affairs chief information security officer, "Pierluigi Paganini," Apple Daily and sharing, this tribe grateful ah ~" 

 http://melody-free-shaing.blogspot.com/2015/02/underground-crime-new-hardware-tdos.html

 ====================================================

 *---Underground crime new hardware TDoS tool (1) "TNT" gang have been released by the security affairs chief information security officer, "Pierluigi Paganini" released !!- Anonymous chivalrous by friendly Legion released!-(2). hackers are still in the US State Department's e-mail system ?? (3) Fidel Salinas refused the FBI Spy -?!. (4) Fidel Salinas, "I will not go snitch! "- (5) US hacker Laoliaixi allegedly looking at his computer back! - by Apple Daily reported (6)." Martin "wins" Best Song "Pearl Nuisance delete go" Hong Kong democracy protest "acknowledgments -?! (7) [IS] sense of justice for the chaos Strong man decided against selling properties to Iraq alone ,, IS ~ (Good man ah ~) -. (8).,,Undercover reporter to expose pre-election money to help clear policy !! ounce involving former Foreign abuse of power !! (shame @!) - (9) walls have ears:? CY involving tax evasion....!! good in the first (.! good ~ kill him @) -. (10) the appointment of Johannes Chan Leung special suspected resistance (Fuck @) HKU students explain this sit-,, pro vice school selection (well ~) -!!. (11) [online] Liberal Party Supply Lee Spring Gathering Kirin beer drinking ^^ ~ (haha....funny ah!) - (12).Walls have ears: Kirin "bend the door" Fun avoid .. ,, guest squire: Do not know Liu Ye only anchor !! (silly the!? fool bad woman, haha ​​..)-(13).Ao Hui Zhou,,Cen UN human rights summit statement ~ (very good ~) -(14).The author stays in Hong Kong - Guangzhou friends batch of mainland tourists, "audacity" !! -. (ture...!! so good ^^) -. (15). French aircraft carrier into the Persian Gulf to deploy boom IS ~ (swastika well done ^^) -. by friendly chivalrous Legion posted anonymously (16). demolition Cryptowall (Cryptolocker and extortion. ) !! -(17). How to install the network scanner Nikto to check loopholes -?! (woow, good ~) would like to thank the Anonymous chivalrous Legion friendly great selfless sharing and security affairs chief information security officer, "Pierluigi Paganini," Apple Daily and sharing, this tribe grateful ah ~
---由安全事務首席信息安全官"皮耶路易吉帕格尼尼"發佈的(1).“TNT”團伙已發布的地下犯罪新的硬件TDoS工具!!-由友好匿名俠義軍團發佈的(2).黑客仍然在美國國務院的電子郵件系統 ??!(3).菲德爾·薩利納斯拒絕是FBI間諜?!-(4).菲德爾·薩利納斯“我不會去打小報告!”-(5).據稱美軍黑客勞裡愛希望他回來的電腦 !- 由蘋果日報 報導的(6).《馬丁》奪「最佳歌曲」明珠台冇刪走「香港民主抗爭」致謝辭 ?!-(7).【IS作亂】仗義大隻佬毅然賣樓 ,,隻身赴伊對抗IS ~ (Good man ah ~)-(8)..記者大選前放蛇 ,,揭收錢助疏通政策 ?!!英兩前外相涉以權謀私!!( shame @!)-(9).隔牆有耳:CY涉逃稅....!!好戲在後頭 !(good ~)-(10).梁特疑阻聘任陳文敏(Fuck @!)港大生今靜坐,,促解釋副校遴選! (well~)-(11).【李八方online】自由黨新春團拜暢飲麒麟啤^^~( haha....funny ah !)-(12).隔牆有耳:麒麟「拗門」,,嘉賓紛迴避..!鄉紳:只有葉劉唔知碇 ?!!(silly the fool bad woman,haha..)-(13).周永康,,岑敖暉聯合國人權峰會發言~( very good~)-(14).廣州網友撰文撐港~ 批陸客「大言不慚」!!- ( ture...!! so good^^)-(15).法航母駛入波斯灣部署轟IS~(卍 well done^^)-.由友好匿名俠義軍團發佈的(16).拆除Cryptowall(Cryptolocker和勒索)!!-(17).如何安裝Nikto的網絡掃描儀要檢查漏洞?!-(woow, good ~)*在此感謝友好匿名俠義軍團的偉大無私分享和安全事務首席信息安全官"皮耶路易吉帕格尼尼",及蘋果日報的分享,本部落感激不盡啊~
**All the world city/ country lauguage**-
http://melody-free-shaing.blogspot.com/2015/02/underground-crime-new-hardware-tdos.html
---지하 범죄 새로운 하드웨어 TDoS 도구 (1) "TNT"갱단이 보안 업무 최고 정보 보안 책임자에 의해 발표 된 "피에를 루이지 파가니니는"출시! - 친화적 인 군단으로 기사도 익명 발표했다.!. (2) 해커는 미국 국무부의 전자 메일 시스템에 여전히 ?? - (3) 피델 살리나스는 FBI 스파이 거부?!. (4) 피델 살리나스, "나는 밀고 갈 것입니다!"- (5) 미국 해커 Laoliaixi 혐의로 다시 자신의 컴퓨터에서 찾고! -. 애플 일보 (6) "마틴" "최고의 노래"진주 성가신가는 "홍콩의 민주화 시위"확인을 삭제 승리보고 -! - (7) 강한 남자 혼자 이라크에 속성을 판매하지 않기로 결정 혼돈에 대한 정의의 의미는 ,, ~ (아 ~ 좋은 사람) IS [입니다]. (8).,,지붕 기자는 명확한 정책을 돕기 위해 사전 선거 돈을 노출! 전원의 전 외무 남용을 포함 온스! (수치 @!) - (9) 벽은 귀가 :? CY는 탈세를 포함 .... !! 처음에 좋은 (.! ~ 좋은) -. (10) 요하네스 찬 양조위 특별한 의심 저항의 약속 (젠장 @) HKU 학생들이 윗몸을 설명 ,, 프로 부사장 학교 선택 (잘 ~) - !!. (11) [온라인] 자유당 공급 리 봄 수집 기린 맥주 마시는 ^^ ~ (하하 .... 재미 아!) - (12) 벽이 귀가 : 기린이 재미 마십시오 "문을 구부리".. ,, 게스트 스콰 : 만 앵커 유엽을 몰라! (바보!?, 나쁜 여자가 바보 하하..) - (13) 아오 후이 저우,,중심점 UN 인권 정상 회담의 문 ~ (~ 아주 좋은) -. (14) 저자는 홍콩에 남아 - 광주 친구 배치를, "대담"본토 관광객 !! -. (진짜야...^^ !! 너무 좋아) -. 붐을 배포 할 수있는 페르시아 만에 (15) 프랑스어 항공 모함 (^^ 만자 잘) ~입니다 -.친절한 기사도 군단 익명으로 (16) 철거 Cryptowall (Cryptolocker과 갈취를.)에 게시! -(17).어떻게 허점을 확인하기 위해 네트워크 스캐너 Nikto에 설치합니다 -! (와우, ~ 좋은) 익명 기사도 군단 친화적 인 좋은 사심 공유 및 보안 담당 최고 정보 보안 책임자에게 감사 "피에를 루이지 파가니니,"애플 데일리과 공유, 감사이 부족하고 싶습니다 아 ~
---Subtera krimo nova aparataro TDoS ilo (1) "TNT" bando estis liberigitaj de la sekureco aferoj estro informo sekureco oficiro, "Pierluigi Paganini" liberigitaj !! - Anonymous kavalireca por amikoj Legio liberigita.!. (2) la hackers estas ankoraŭ en la usona Ŝtatdepartemento la retleteron sistemo ?? (3) Fidel Salinas rifuzis la FBI Spy -?!. (4) Fidel Salinas, "mi ne iros snitch!" - (5) Usono hacker Laoliaixi supozeble rigardas sian komputilon reen! - Por Apple Daily raportas (6). "Marteno" gajnas "Best Song" Pearl Lio forviŝi iru "Hongkongo demokratio protesto" rekonoj - ?! (7) [ESTAS] senso de justeco por la kaoso fortulon decidis kontraŭ vendante proprietoj al Irako sole ,, IS ~ (Bona homo ah ~) -. (8).,,Undercover raportisto elmontri antaŭ-elekto monon por helpi klara politiko !! onza engaĝante eksa Eksterlandaj misuzo de povo !! (Honto @!) - (9) muroj havas orelojn :? CY engaĝante imposto evasión....!! bona en la unua (.! bonajn ~) -. (10) la nomumo de Johannes Chan Leung speciala suspektis rezisto (Fuck @) HKU studentoj ekspliki ĉi sit- ,,Avantaĝo malvirto lernejo selektado (nu ~) - !!. (11) [Interreto] Liberala Partio Supply Legas Printempa Renkontiĝo Kirin bieron trinkis ^^~ (haha....amuza ah!)- (12) Muroj havas orelojn: Kirin "fleksi la pordo" Fun evitas..,,gasto escudero : Ne scias Liu Ye nur ankron !! (Stulta la !? trompi malbona virino, haha ​​..) - (13) Ao Hui Zhou ,, Cen UN homaj rajtoj pinto komunikaĵo ~ (tre bonajn ~) -. (14) La aŭtoro restas en Hong Kong - Guangzhou amikoj bakaĵon de ĉeftero turistoj, "atrevimiento" !! -. (Ture ... !! tiel bona ^^) -. (15) franca aviadilŝipo en la Persa Golfo por disfaldi eksplodo ESTAS ~ (swastika bone farita ^^) -. por amikoj kavalireca Legio poŝtita anonime (16) demolición Cryptowall (Cryptolocker kaj eldevigo.) !!-(17). Kiel instali la reto skanilo Nikto kontroli embrazuroj ?!-(Woow, bonaj ~) *Dankas la Anonimajn kavalireca Legio amika granda neprofitema sharing kaj sekureco aferoj estro informo sekureco oficiro, "Pierluigi Paganini," Apple Daily kaj dividanta, tiu tribo dankema ah ~
**All the world city/ country lauguage**-*
 http://melody-free-shaing.blogspot.com/2015/02/underground-crime-new-hardware-tdos.html
 ===Melody.Blog===FOLLOW   FOLLOW===>/

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

張貼者:
標籤: ,

沒有留言:

張貼留言

window.___gcfg = {
lang: 'zh-CN',
parsetags: 'onload'
};

訂閱: 張貼留言 (Atom)