Darknet Diaries - EP 99: The Spy

Igor works as a private investigator in NYC. He’s often sitting in cars keeping a distant eye on someone with binoculars. Or following someone through the busy streets of New York. In this episode we hear about a time when Igor was on a case but sensed that something wasn’t right.

https://darknetdiaries.com/episode/99/

#truecrime #darknetdiaries #podcast
🎙@cRyPtHoN_INFOSEC_FR
🎙@cRyPtHoN_INFOSEC_EN
🎙@cRyPtHoN_INFOSEC_DE
🎙@BlackBox_Archiv

OnlyFans to block sexually explicit videos starting in October

OnlyFans is getting out of the pornography business.

The company will prohibit users from posting any sexually explicit conduct, starting in October. Creators will still be allowed to post nude photos and videos, provided they’re consistent with OnlyFans’ policy, the company said Thursday.

The changes are needed because of mounting pressure from banking partners and payment providers, according to the company.

“In order to ensure the long-term sustainability of our platform, and the continue to host an inclusive community of creators and fans, we must evolve our content guidelines,” OnlyFans said.

OnlyFans has attracted more than 130 million users by giving online creators a platform to charge their fans for photos and videos. Many of its most-popular creators post nude photos and videos, and it has been praised for giving sex workers a safer place to do their jobs.

But sex work still has a stigma. And OnlyFans is trying to raise money from outside investors at a valuation of more than US$1 billion. The company handled more than $2 billion in sales last year, and is on pace to more than double that this year. It keeps 20 per cent of that figure.

https://www.bnnbloomberg.ca/onlyfans-to-block-sexually-explicit-videos-starting-in-october-1.1642066

#onlyfans
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

FTC requests Facebook sell WhatsApp and Instagram in major antitrust case

The US Federal Trade Commission has re-filed its complaint against Facebook, arguing that the company should be broken up and forced to sell Instagram and WhatsApp.

The revised complaint argues that Facebook has a monopoly over social networking in the US and argues that Facebook has looked to make it difficult for other companies to compete.

The complaint is partly redacted, and the FTC’s filing asks that it is sealed for 10 days.

The new case comes amid mounting scrutiny over the size and power of Facebook’s empire, and the way that it has bought up competitors as they have grown.

The case makes reference to an email from Mark Zuckerberg, sent in 2008, in which he said “it is better to buy than compete”. The FTC’s lawyers argue that Facebook has acted in accordance with that strategy, tracking its rivals and buying them when they become big enough to be threats.

https://www.independent.co.uk/life-style/gadgets-and-tech/facebook-ftc-whatsapp-instagram-antitrust-b1905429.html

#ftc #facebook #whatsapp #instagram #antitrust
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

More than $90 million in cryptocurrency stolen after a top Japanese exchange is hacked

Japanese cryptocurrency exchange Liquid said Thursday it has been hit by a cyberattack that saw hackers make off with a reported $97 million worth of digital coins.

Liquid said some of its digital currency wallets had been "compromised," and that hackers were transferring the assets to four different wallets.

"We are currently investigating and will provide regular updates," Liquid tweeted. "In the meantime deposits and withdrawals will be suspended."

Liquid did not provide an estimate for the loss. It says it is regulated by Japan's Financial Services Agency. The watchdog was not immediately available for comment when contacted by CNBC.

Elliptic, a blockchain analytics company, said its analysis showed that about $97 million in cryptocurrencies have been obtained by the hackers.

Of the total haul, $45 million in tokens were being converted to ethereum through decentralized exchanges — blockchain-based platforms that require no intermediaries — like Uniswap and SushiSwap, Elliptic said.

"This enables the hacker to avoid having these assets frozen — as is possible with many Ethereum tokens," Elliptic said in a blog post.

Liquid ranks among the top 20 crypto exchanges globally by daily trading volumes, processing more than $133 million of transactions in the last 24 hours, according to CoinMarketCap data.

https://www.cnbc.com/2021/08/19/liquid-cryptocurrency-exchange-hack.html

#liquid #cryptocurrency #exchange #hack #cyberattack
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Lake County commissioners order takedown of secret surveillance cameras

Flock Safety installed about 100 cameras in new pilot program to fight crime

Surveillance cameras are being taken down across Lake County after commissioners say they didn’t know about them in the first place.

According to the Lake County Sherriff’s Office, surveillance cameras were installed around the county in July under a new pilot program to help fight crime, but county commissioners said the cameras have to go.

https://www.clickorlando.com/news/local/2021/08/12/shocking-violation-of-procedure-lake-county-commissioners-order-takedown-of-traffic-surveillance-cameras/

#usa #traffic #surveillance #cameras #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

AT&T denies data breach after hacker auctions 70 million user database

AT&T says that they did not suffer a data breach after a well-known threat actor claimed to be selling a database containing the personal information of 70 million customers.

The threat actor, known as ShinyHunters, began selling this database yesterday on a hacking forum with a starting price of $200,000 and incremental offers of $30,000. The hacker states that they are willing to sell it immediately for $1 million.

From the samples shared by the threat actor, the database contains customers' names, addresses, phone numbers, Social Security numbers, and date of birth.

A security researcher who wishes to remain anonymous told BleepingComputer that two of the four people in the samples were confirmed to have accounts on att.com.

Other than these few details, not much is known about the database, how it was acquired, and whether it is authentic.

However, ShinyHunters is a well-known threat actor with a long history of compromising websites and developer repositories to steal credentials or API keys. This authentication is then used to steal databases, which they then sell directly to other threat actors or utilize a middle-man data breach seller.

In many cases, when a database is not sold, ShinyHunters will release it for free on hacker forums.

In the past, ShinyHunters has breached numerous companies, including Wattpad, Tokopedia, Microsoft's GitHub account, BigBasket, Nitro PDF, Pixlr, TeeSpring, Promo.com, Mathway, and many more.

https://www.bleepingcomputer.com/news/security/atandt-denies-data-breach-after-hacker-auctions-70-million-user-database/

#breach #atandt #ShinyHunters
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

A Facebook hacker beat my 2FA, bricked my Oculus Quest, and hit the company credit card

If you haven’t been following the action on Twitter, you may or may not have noticed I vanished from Facebook and Instagram. That was just the beginning. In this post I’ll run you through the timeline, share what I’ve pieced together, and post updates as they unfold. Let me encourage you to follow @CodeWritePlay or @Mechatodzilla on Twitter where I’ll alert you when those updates occur.

The timeline

8/19, shortly before 3:30 AM – While I slept like I was dead after staying up too late watching Hulu, my Facebook account was disabled for violating community guidelines.....

https://codewriteplay.com/2021/08/20/a-facebook-hacker-beat-my-2fa-bricked-my-oculus-quest-and-hit-the-company-credit-card/

#codewriteplay #hacker #facebook
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

GNU Privacy Assistant: PGP (Part I)

We generate our first open PGP keys and encrypt text using a wonderful GUI tool:
GNU Privacy Assistant (on Linux). We describe the public/private key exchange encryption/decryption process, and create our first encrypted text message. Briefly talking about potential issues with all in one encryption + communication programs and how PGP can help solve this.

The benefits of a compartmentalized, offline encryption setup are discussed as we learn to generate a key and encrypt a message in GNU Privacy Assistant.

I think you will enjoy the all in one nature of this setup.

https://devtube.dev-wiki.de/videos/watch/4d106a61-a850-4d42-b2ff-34f14b6b16cd

#pgp #encryption #gnu #PrivacyAssistant #linux #tool #video #guide
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Jumpskip - Watch movies on Netflix without the jumpscares

Jumpskip is a Chrome Extension for Netflix that helps you watch movies without being scared by jumpscares. Skip, mute, get a warning when jumpscares are about to happen, view all the jumpscare timestamps, and much more.

👉🏽 https://chrome.google.com/webstore/detail/jumpskip-skip-jumpscares/fbemiaecodgpghdfegmdcikjkobdghab

https://github.com/alyssaxuu/jumpskip

#jumpskip #netflix #chrome #extension
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Office 365 audit logging

It’s important to enable audit logging for o365 even if you are not monitoring them actively. Atleast if you get hacked there’s logging to investigate :). The audit log is not always enabled by default, it seems to rely on license levels. However there are some important things to take into consideration.

You can enable the unified audit log and be done. However there are some things to take into consideration. Especially when it comes to mailbox operations and logging. Office 365 audit logging can be tricky to manage. There’s some things you need to be wary of when relying on the o365 logging. Essentially we need to make sure Unified Audit log is enabled and the mailbox audit settings are set correctly.

https://nitter.pussthecat.org/rikvduijn/status/1428628157456949253#m

https://zolder.io/office-365-audit-logging/

#office #audit #logging
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The use of TLS in Censorship Circumvention

https://tlsfingerprint.io/

https://tlsfingerprint.io/static/frolov2019.pdf

#tls #fingerprint #censorship #circumvention #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Apple Exec: ‘We Are The Greatest Platform For Distributing Child Porn’

Apple fraud executive Eric Friedman told colleague Herve Sibert that Apple is the greatest platform for distributing child pornography. The comment sheds light on why Apple is now pursing a controversial program and automating checks for child porn on customers’ phones and in their messages.

According to a rather thin LinkedIn profile, Eric Friedman is a senior engineering manager at Apple. Security websites, however, list his actual role as “head of Apple’s Fraud Engineering Algorithms and Risk unit,” also known as FEAR. Sibert is Apple’s security and fraud engineering manager, according to his LinkedIn profile.

Friedman made the claim in a February 2020 text message conversation revealed in discovery for the Apple-Epic trial over whether Apple can demand app developers use its payment services, among other things. The Verge has published an extensive list of the most interesting reveals from court discovery.

Friedman was messaging using Apple’s iMessage platform, which is end-to-end encrypted for privacy. That privacy, however, works for both positive and negative uses.

https://www.forbes.com/sites/johnkoetsier/2021/08/19/apple-exec-we-are-the-greatest-platform-for-distributing-child-porn/

#usa #apple #iphones #childabuse #surveillance
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Apple and Google ordered by Russia's media authority to take down the app of Vladimir Putin's biggest opponent

Russia's media authority Roskomnadzor has ordered Apple and Alphabet, Google's parent company, to take the app of the biggest opponent of Russian President Vladimir Putin off of their platforms, according to a report.

Roskomnadzor said the app dedicated to publishing stories about Alexei Navalny should be taken off of Google and Apple's app stores because Russian courts have labeled Navalny's anti-corruption foundation as extremist, the Russian news agency Interfax reported on Friday.

Neither Apple or Alphabet were immediately available for comment Saturday about the request.

The development marks the latest attempt by the Russian government to silence Navalny. Navalny is currently in a Russian prison after returning to the country from Germany, where he recovered from being poisoned with the Soviet-era nerve agent Novichok during a flight within Russia last August. The Russian government says he is guilty of embezzlement.

Putin and the Russian government's treatment of Navalny continues to draw criticism from abroad. During a Friday meeting with Putin, German Chancellor Angela Merkel called Navalny's imprisonment unacceptable and called for his release.

The team of US President Joe Biden has warned Russia of "consequences" if Navalny dies while in custody.

https://www.businessinsider.com/russia-media-authority-orders-apple-google-take-down-navalny-app-2021-8

#usa #russia #putin #biden #navalny #roskomnadzor #apple #google #appstore #takedown
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Virtual machines with PCI passthrough on Ubuntu 20.04, straightforward guide for gaming on a virtual machine

Preamble

The direct way to a PCI passthrough virtual machines on Ubuntu 20.04 LTS. I try limit changes of the host operating system to a minimum, but provide enough details, that even Linux rookies are able to participate.

The final system will run Xubuntu 20.04 as host operating system(OS), and Windows 10 2004 as guest OS. Gaming is the main use-case of the guest system.

Unfortunately, the setup process can be pretty complex. It consists of fixed base settings, some variable settings and several optional (mostly performance) settings. In order to sustain readability of this post, and because I aim to use the virtual machine for gaming only, I minimized the variable parts for latency optimization. The variable topics itself are linked in articles – I hope this makes sense. 🙂

💡About this guide

This guide targets Ubuntu 20.04 and is based on my former guides for Ubuntu 18.04 and 16.04 host systems.

However, this guide should be also applicable to Pop!_OS 19.04 and newer. If you wish to proceed with Pop!_OS as host system you can do so, just look out for my colorful Pop!_OS labels.

https://mathiashueber.com/pci-passthrough-ubuntu-2004-virtual-machine/

#virtual #gaming #ubuntu #guide
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

PAM Duress - a module used to allow someone pressed to give a password under coersion to provide a password that grants access but in the background runs scripts to clean up sensitive data

The PAM Duress is a module designed to allow users to generate 'duress' passwords that when used in place of their normal password will execute abritrary scripts.

This functionality could be used to allow someone pressed to give a password under coersion to provide a password that grants access but in the background runs scripts to clean up sensitive data, close connections to other networks to limit lateral movement, and/or to send off a notifcation or alert (potentially one with detailed information like location, visible wifi hotspots, a picture from the camera, a link to a stream from the microphone, etc). You could even spawn a process to remove the pam_duress module so the threat actor won't be able to see if the duress module was available.

https://github.com/nuvious/pam-duress

#pam #duress #tool
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Data Protection Laws of the World

Compare data protection laws around the world

https://www.dlapiperdataprotection.com/index.html

#dataprotection #worldwide
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

You Can Gain Admin Privileges to Any Windows Machine by Plugging in a Razer Mouse

Is it an interesting security hack, or a PSA to keep your computer safe? (It's both.)

Not all users are equal in Windows. Without administrator access, you can use the computer, but you aren’t allowed to install certain apps or perform commands, and you’re generally blocked from full control of the machine. But right now, you can grant yourself SYSTEM privileges on any Windows 10 machine simply by plugging in a Razer keyboard or mouse. That seems... bad.

Usually, different “user rights” are a good thing for Windows. It protects your system from people who would abuse those privileges, either nefariously or not. When you have admin—or SYSTEM—privileges, you are in total control over Windows, so it can be dangerous to give that power to just anyone.

The idea that plugging in the right mouse could give you total control over a computer sounds more unrealistic than a TV hacker, but it’s true. When you plug in one of these Razer peripherals, Windows will automatically download Razer Synapse, the software that controls certain settings for your mouse or keyboard. Said Razer software has SYSTEM privileges, since it launches from a Windows process with SYSTEM privileges.

https://lifehacker.com/you-can-gain-admin-privileges-to-any-windows-machine-by-1847537634

#razer #mouse #windows #vulnerability
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

US authorities want more and more location data from Google

The cell phone in your pocket often leaves a rich data trail, including its location. U.S. investigative agencies are asking for more and more of this data to track down possible suspects who were in a particular place at a particular time. Now Google has published figures for the first time.

https://services.google.com/fh/files/misc/supplemental_information_geofence_warrants_united_states.pdf

#google #usa #geofence #warrants #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Razer Mice + Microsoft Windows = Privilege Escalation - ThreatWire

Razer mice plus a windows machine can give you admin privileges, contact tracing data is exposed in a data leak, and a t-mobile hack followup - yes, it’s real! All that coming up now on ThreatWire.

https://www.youtube.com/watch?v=NA1ocWiAMVg

#threatwire #hak5 #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Ransomware gang's script shows exactly the files they're after

A PowerShell script used by the Pysa ransomware operation gives us a sneak peek at the types of data they attempt to steal during a cyberattack.

When ransomware gangs compromise a network, they usually start with limited access to a single device.

They then use various tools and exploits to steal other credentials used on the Windows domain or gain elevated privileges on different devices.

Once they gain access to a Windows domain controller, they search for and steal data on the network before encrypting devices.

The threat actors use this stolen data in two ways.

The first is to generate a ransom demand based on company revenue and whether they have insurance policies. The second is to scare the victims into paying a ransom because the gang will leak the data.

https://www.bleepingcomputer.com/news/security/ransomware-gangs-script-shows-exactly-the-files-theyre-after/

#ransomware #pysa
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

LibreTranslator

LibreTranslater a translator based on LibreTranslate

💡 Features:
- translate your text into up to 16 languages
- 5 different themes
- share translation easily from the app
- completely open source
- more coming...

https://f-droid.org/en/packages/de.beowulf.libretranslater/

#translator #apk #LibreTranslate #fdroid
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv