Domain: securityintelligence.com
Stories and comments across the archive that link to securityintelligence.com.
Comments · 20
-
No "1st" & here's e.g. thereof... apk
Idiot unidentifiable anon trolls gave me guff for BLOCKING github in hosts (ESET noted threatvector https://www.welivesecurity.com... )!
* Just goes to show you they're either MORONS/DOLTS or malware makers/botnet herders themselves...
Want more e.g. of github hosting malware?
See See subject & https://securityintelligence.c... + https://www.bleepingcomputer.c... + https://www.bleepingcomputer.c... + https://www.bleepingcomputer.c... + https://www.bleepingcomputer.c... + https://www.bleepingcomputer.c...
P.S.=> The thieves & morons doing bots/malware = assholes & it is getting "outta control" on OpenSORES sites & yes, CLOUD HOSTING too (along w/s short-lived SPAM domains outta GoDaddy hosting providers allowing it CHEAP via "$1 unlimited domain/subdomain" stuff too)... apk
-
Happened before too (nodejs/npm & more)... apk
See subject & https://securityintelligence.c... + https://www.bleepingcomputer.c... + https://www.bleepingcomputer.c... + https://www.bleepingcomputer.c... + https://www.bleepingcomputer.c... + https://www.bleepingcomputer.c...
* The thieves & morons doing bots/malware = assholes which I'm sure you agree with based on YOUR sentiments.
APK
P.S.=> What I do about it is here (from my earlier post) https://developers.slashdot.or...
... apk -
It's why I won't OpenSORES my code
It's why I won't OpenSORES my code (for https://it.slashdot.org/commen... ): Google EFast (malware ver. of Chrome) can happen.
* Other packages also HAVE been "bushwhacked" e.g. PYTHON https://www.bleepingcomputer.c... & https://www.bleepingcomputer.c... NODEJS https://securityintelligence.c... & OTHER Javascript packages https://www.bleepingcomputer.c... + https://www.bleepingcomputer.c...
APK
P.S.=> However, I won't say "stay away from open source" - only to be CAREFUL of OpenSORES (pun intended per examples above)... apk
-
c6gunner it's better than you do w/ proof
c6gunner it's better than you can do w/ proof in a challenge I put to you that YOU RAN from https://linux.slashdot.org/com... & like I said before you IMPERSONATED me (forgetting to submit anon as registered 'lusers' like YOU can do)?
When YOU do better, then TALK (all you DO is chatter apparently since you can't show ANYTHING worthwhile others like/use/praise as they do my work w/ 100,000++ users or more by now worldwide that does a GREAT JOB both speeding up & PROTECTING users vs. threats of MANY kinds).
* Yes, I KNOW it's YOU again as you're already in this thread earlier here https://science.slashdot.org/c... & my response to you there is SIMILAR to now.
APK
P.S.=> OpenSORES eh? Tell us about node.js https://securityintelligence.c... bushwhacked &/or https://www.bleepingcomputer.c... (far from a complete list of like examples mind you) OR Google EFast (malicious Chrome doppleganger due to its code being out THAT CAN'T HAPPEN TO ME that way)... apk
-
c6gunner it's better than you do w/ proof
c6gunner it's better than you can do w/ proof in a challenge I put to you that YOU RAN from https://linux.slashdot.org/com... & like I said before you IMPERSONATED me (forgetting to submit anon as registered 'lusers' like YOU can do)?
When YOU do better, then TALK (all you DO is chatter apparently since you can't show ANYTHING worthwhile others like/use/praise as they do my work w/ 100,000++ users or more by now worldwide that does a GREAT JOB both speeding up & PROTECTING users vs. threats of MANY kinds).
* Yes, I KNOW it's YOU again as you're already in this thread earlier here https://science.slashdot.org/c... & my response to you there is SIMILAR to now.
APK
P.S.=> OpenSORES eh? Tell us about node.js https://securityintelligence.c... bushwhacked &/or https://securityintelligence.c... (far from a complete list of like examples mind you) OR Google EFast (malicious Chrome doppleganger due to its code being out THAT CAN'T HAPPEN TO ME that way)... apk
-
c6gunner it's better than you do w/ proof
c6gunner it's better than you can do w/ proof in a challenge I put to you that YOU RAN from https://linux.slashdot.org/com... & like I said before you IMPERSONATED me (forgetting to submit anon as registered 'lusers' like YOU can do)?
When YOU do better, then TALK (all you DO is chatter apparently since you can't show ANYTHING worthwhile others like/use/praise as they do my work w/ 100,000++ users or more by now worldwide that does a GREAT JOB both speeding up & PROTECTING users vs. threats of MANY kinds).
* Yes, I KNOW it's YOU again as you're already in this thread earlier here https://science.slashdot.org/c... & my response to you there is SIMILAR to now.
APK
P.S.=> OpenSORES eh? Tell us about node.js https://securityintelligence.c... bushwhacked &/or https://securityintelligence.c... (far from a complete list of like examples mind you) OR Google EFast (malicious Chrome doppleganger due to its code being out THAT CAN'T HAPPEN TO ME that way)... apk
-
You're in for a surprise soon Steven Black... apk
I'm getting a Mac Mini (almost top of the line one) on the 21st & will be porting it to MacOS X shortly - no runtime bs needed like your 'scriptkiddie script' that's crude, demands a runtime environment NOT native to Windows, NON-GUI (or did you surf here in lynx?) that users don't want (it's a GUI world). Your script, last I checked UNLESS YOU COPIED ME BY NOW (probably, imitation = sincerest form of flattery) did NOT check for VALID tld/gTLD, or do hardcoded favorites @ top of hosts (which speed you up, make you more reliably connected when DNS goes down OR is redirect poisoned, & avoids DNS tracking requestlogs).
OpenSORES? You can TRUST IT?? OK, trust node.js & others that get BUSHWHACKED https://securityintelligence.c... OR https://www.bleepingcomputer.c... OR LOOKUP Google EFast (a malware built off of OPENSORES Chrome code which cannot happen to me).
APK
P.S.=> My software's used & TRUSTED by 100k people worldwide & BETTER than YOURS.. apk
-
Swearing = use of God's name in vain
Swearing = use of God's name in vain - PROFANITY = the word they ought to use instead. OpenSORES & PROFANITY = deserved in https://www.bleepingcomputer.c... AND MORESO in https://securityintelligence.c...
*
... & IDIOTS around here "DEMAND" I open my code to the world?Bwaahahahaha - Look up Google EFast & tell me another one (ontop of those 2 evidences of OPENSores being BUSHWHACKED).
REPOST vs. BOGUS DOWNMOD WHEN I POSTED IT BEFORE https://developers.slashdot.or...
APK
P.S.=> The DOUBLE-EDGED RAZOR of OpenSORES is all that, with proof... apk
-
WHY I don't "OpenSORES" my code Mr. P... apk
See subject & Google EFast (malicious doppleganger created from OpenSORES Chrome code) & bushwhacked code too https://www.bleepingcomputer.c... AND https://securityintelligence.c...
* PLUS "threats" I've gotten on my code that IF I opened SORES'd it I'd have a malicious doppleganger made of it by those doing the threats HERE ON
/.!Per this hobby program of mine I've recently ported to Linux (better vs. Win32/64 model too) & SOON to MacOS (very soon, getting a Mac this week) https://yro.slashdot.org/comme...
(PAY ATTENTION TO THE CHINA ONE in that last link - it will AMAZE you what I discovered that is going to SAVE Spectrum users...)
APK
P.S.=> You're seeing what happens to it - I'd be for it, & have opened my code, but I WON'T NOW for sure per the above - any questions? Ask... apk
-
Swearing = use of God's name in vain
Swearing = use of God's name in vain - PROFANITY = the word they ought to use instead. OpenSORES & PROFANITY = deserved in https://www.bleepingcomputer.c... AND MORESO in https://securityintelligence.c...
*
... & IDIOTS around here "DEMAND" I open my code to the world? Bwaahahahaha - Look up Google EFast & tell me another one (ontop of those 2 evidences of OPENSores being BUSHWHACKED).APK
P.S.=> The DOUBLE-EDGED RAZOR of OpenSORES is all that, with proof... apk
-
Re:Sites back, grabs a tub of popcorn...
Ok. Clinton wasn't accused of using personal email for business. She was accused of transmitting top secret documents over unsecured personal email
Classified, actually. Top Secret is considerably higher; "classified" is not the same as "top secret".
Amusingly, her server turns out to have been more secure than the State Department server. The State Department got hacked, but the Clintons didn't. https://securityintelligence.c...
(very illegal),
In fact, all she had to do was issue an exemption stating that her server was allowed for classified email. As Secretary of State, she had the authority to declare what server are secure!
-
I told you already: OFTEN AS YOU LIKE! apk
See subject & my sources my program gets do it @ diff. intervals ALL AROUND THE CLOCK & I go 'above & beyond it' personally - how?
SECURITY SITES I WILL LIST FOR YOU (these are excellent finding all kinds of exploiters & malicious sites/servers galore for ALL types of threats):
http://blog.talosintelligence....
https://www.welivesecurity.com...
https://blog.malwarebytes.com/
https://researchcenter.paloalt...
https://www.bleepingcomputer.c...
https://securityintelligence.c...
https://www.cyren.com/blog
http://garwarner.blogspot.com/
http://www.malwaretech.com/
https://securelist.com/all/?ca...
https://www.fireeye.com/blog/t...
https://www.secureworks.com/re...
https://research.checkpoint.co...
http://blog.trendmicro.com/tre...
https://www.proofpoint.com/us/...
https://blog.comodo.com/catego...That's 25 sources in total from the security community that UPDATES all the time around the clock - my program makes easy work of consolidating all that data is all! It works (see testimonials I posted in my other replies to you from
/. peers).APK
P.S.=>
... & YOU, personally, have FULL CONTROL OF THE DATA (try that w/ addons OR a REMOTE DNS - good luck on the latter & the former? You'd best know regular expressions)... apk -
Re:Sounds about right...
If a person was knowingly harmed due to this security lapse, I think we would have heard about it.
Yea it's a shame "we" haven't heard any examples.
Like almost-exactly a year ago when Krebs was taken offline for three days along with significant damage to the Akamai network when hit by a DDoS attack from D-Link (and others) insecurities:
https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/Or when hundreds of thousands of websites at OVH were DDoSed offline:
https://securityintelligence.com/news/leaked-mirai-malware-boosts-iot-insecurity-threat-level/Or when Dyn's entire US east-coast network was taken offline for a good part of a weekend a month later effecting millions of Americans accessing pretty much everything:
https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/All of which were caused by a massive botnet of infected embedded devices, such as D-Link routers and D-Link IP cameras.
Shame none of that hit the news for "us" to hear about...
-
Re:chroot /var/empty; suid nobody
Well, of course, Microsoft could never use a sandbox in production code for the Windows desktop, because ease-of-use and compatibility would be compromised. Sandboxes are just for servers.
-
AppContainer in Windows 8 and later
Windows has no equivalent function to AppArmor or SELinux to profile an executive's privileges before running it.
Windows 8 introduces "AppContainer", which IE uses for its Enhanced Protected Mode. An AppContainer provides a capability model analogous to Android permissions. UWP applications likewise runs in an AppContainer. Google Chrome is based on Chromium, which has its own sandbox that uses AppContainer when available.
-
Not buying it.
I'm not buying Team Viewers explaination one bit. I know the individual in this article. He's a fellow security expert with whom I've worked. He's no security slouch, quite the opposite in fact. He caught the attackers in the act (yeah, he got lucky there) and took action as it unfolded before his eyes. Team Viewer has some serious 'splainen to do...
-
Researcher's actual page
Slashdot editors can't help themselves. Post original article? No, lets post a monetized site with two generations of dumbing-down.
At this week's RSA USA 2016 conference, I will be presenting my research on the attack surface and exploit mitigations in EdgeHTML, the rendering engine used by the Edge browser on Windows 10. One of the interesting features of EdgeHTML that I will discuss is its ability to use the built-in WinRT PDF Renderer library in Windows for rendering PDFs.
The feature is useful in that users do not need to install and maintain additional software for reading PDFs. However, the feature also opens up another attack surface that can be used to attack the Edge browser. This blog post takes a look at this library and its security implications.
-
Re:Ridiculous
-
Cloud is fundamentally less secure
The multi-tenant nature of the public cloud is fundamentally less secure than an on-premises single-tenant environemtn. Why? One example is a class of security exploits which allow a guest Virtual Machine to gain control of its hosting hypervisor operating system. Since anyone can setup a VM on the public cloud, which may run on the same physical machines as your company's VMs, this exposes you to an attack vector that simply does not exist on-premises. Here is one such example:
https://securityintelligence.c...
No amount of bug fixes, hand waving, and certifications can make this problem disappear; it is fundamental to the design choices of cloud hosting companies.
-
Banking trojan attacking Japanese banks?
I would have though a software trojan attacked defects in a specific Operating System and we all know which one
.. ref