Sophisticated campaigns against politicians and media aim to steal secrets or embarrass high-profile figures rather than to extort moneyRussian and Iranian state-linked hackers are increasingly targeting British politicians, journalists and researchers…
The Google Play services never works after a new install. I need a way to force an operating system on it. Can I do this through a micro SD card or through the PC? The phone works fine except for that stupid Google Play services won’t work. Reboot after reboot won’t work, I need to force an operating system on this worthless phone? Help me save this brick please. I don’t have the money to buy a new phone at the moment!
submitted by /u/propheticguy
[link] [comments]
I want to start playing king of the hill on tryhackme but I cant find any tutorial on this topic. Where i should to learn this skill? Or what rooms I should enroll on tryhackme? submitted by /u/Rezvord [link] [comments]
Zacks Investment Research (Zacks) disclosed a data breach, the security may have exposed the data of 820K customers. Zacks Investment Research (Zacks) disclosed a data breach, the security incident may have affected the personal information of its 820,000 customers. “On December 28, 2022, Zacks learned that an unknown third-party had gained unauthorized access to certain […]
The post Zacks Investment Research data breach impacted hundreds of thousands of customers appeared first on Security Affairs.
Before I start I just want to say that everything is ethical and my school is running a test on their network and asked me to help along with a few other people. What could I do if a school PC was connected to a school network via ethernet, would it be…
The recent news of the theft / loss of password vaults and how a hacker can do a brute force offline attack on a password vault got me thinking.
So hacker tries an incorrect password, does something mathematical fail or come back with the answer “no”?
And when they do attempt the correct password, what result comes back and says “bingo, you’re in!”?
submitted by /u/tallmansix
[link] [comments]
So we have tried making a wireguard vpn on azure which works completely fine but since azure is too expensive, I got a OVHcloud vps and did the exact same thing but it doesn’t work. I cannot connect to the OVH vpn idk why. My friend is the one who setup the server on the vps and I tried connecting to the ssh but then we found out most ports are blocked on my side and seems like 80/443 are from the few that worked. Tried wireguard over 80/443 didn’t work. Tried openvpn on tcp mode over 443 didn’t work. Tried shadowsocks server over 443 even that didn’t friggin work. Oh and all these works fine for my friend over at his home and even for me over mobile data. looking at the logs, the common behaviour seems to be that the server is receiving the handshake but my client side setup cannot receive the handshake back from it therefore connection does not establish or drops right after it establishes. We are basically out of ideas as nothing seems to be working but we know we gotta be doing something wrong as all these methods seems to be used in much more heavy duty bypassing so no way my college can just block all these and the fact that just wireguard alone easily bypasses on azure. Any help would be appreciated.
submitted by /u/XPookachu
[link] [comments]
So IDOMs is a category to describe web app bugs that have been around since at least 2008. In different programming languages it’s known as different names in Ruby it’s called Mass Assignment, in Java and .NET ASPX it’s called Data Binding or Reflection Binding. All these bugs have been categorized under the new IDOM name to prevent confusion. How they work is if a framework let’s you append new objects depending on the parameters you place in your request they get mapped into the application which is a dangerous practice and the only way to prevent an IDOM is to explicitly whitelist object names in the programming logic so if you don’t do this you are automatically vulnerable out of the gate. I’ve found IDOMs in so many big companies web apps especially java MVC based apps. At a recent blackhat conference in 2022 there was a presentation called “Data Binding 2 Shell” where a bunch of researchers have found severe IDOMs in popular java frameworks that led to RCE so the problem is still very much relevant to this day. Think of IDOM as writing to object data and think of IDOR as reading from object data there opposites of each other.
submitted by /u/TheCrazyAcademic
[link] [comments]
So i’ve read you can do allot with a packet sniffer, i am not looking to do anything illegal, but i do want to know how i ‘ analyze ‘ the files, see if there is anything wrong but also know what types of files show what,
Let’s say i want to know if my DNS is being poisioned, i want to know what i should check obviously, and what if i want to know if there’s uncrypted data packets being sent, i’m curious about that.
I am not sure if i’m allowed to discuss this, since if it’s used in a bad way it is illegal, but my intent is to learn.
Edit:
I’m seeing packets that say extra things like TCP Spurious Retransmission, TCP Dup ACK, and allot of weird names like the ACK and RST and Handshake / protected payload / Notify Application data, etc etc.
How do those things work?
submitted by /u/Beat_The_Box_
[link] [comments]
I am 24 years old with Bachalors’s degree in finance and law. Today, I gave interview in a BPO/Call Center.
Interviewer asked me about my hobbies so I went on unhinged rant of computers and cybersecurity.
They asked me about speaking fluently on a topic relating to best thing in computing world or cyber security world since I like computers very much.
I spent 5 mins talking about stingray device and a ran
I got rejected.
submitted by /u/piglet_2298
[link] [comments]