The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf
28.3 MB
Bvp47: Top-tier Backdoor of US NSA Equation Group
In 2016 and 2017, βThe Shadow Brokersβ published two batches of hacking files claimed to be used by
βThe Equation Groupβ. In these hacking files, researchers form Pangu Lab found the private key that can
be used to remotely trigger the backdoor Bvp47. Therefor, It can be concluded that Bvp47 is a hacker tool
belonging to " The Equation Group".
https://files.shitpost.to/rvfxfdj9zmajdtww.pdf?key=SxiRfjPs1SFpxU2gUK5PBmx08w2KTIL7
β οΈ I strongly advise everyone to pass pdfs through something like DangerZone or MAT2 before opening them.
#Bvp47 #nsa #backdoor #pdf
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
In 2016 and 2017, βThe Shadow Brokersβ published two batches of hacking files claimed to be used by
βThe Equation Groupβ. In these hacking files, researchers form Pangu Lab found the private key that can
be used to remotely trigger the backdoor Bvp47. Therefor, It can be concluded that Bvp47 is a hacker tool
belonging to " The Equation Group".
https://files.shitpost.to/rvfxfdj9zmajdtww.pdf?key=SxiRfjPs1SFpxU2gUK5PBmx08w2KTIL7
β οΈ I strongly advise everyone to pass pdfs through something like DangerZone or MAT2 before opening them.
#Bvp47 #nsa #backdoor #pdf
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π1
email2phonenumber
email2phonenumber is an OSINT tool that allows you to obtain a target's phone number just by having his email address.
π‘ For full details check:
https://www.martinvigo.com/email2phonenumber
π‘ Demo:
https://www.youtube.com/watch?v=dfvqhDUn81s
βΌοΈ IMPORTANT:
*email2phonenumber is a proof-of-concept tool I wrote during my research on new OSINT methodologies to obtain a target's phone number. The supported services (Ebay, Lastpass, Amazon and Twitter) have long added protections to protect from these type of scraping like having to receive a code over email first or simply adding captchas. There are of course many other sites that are still leaking phone number digits but I am focused on other research projects. Feel free to submit pull request if you want to add support for new sites.
Please check out my newer tool "Phonerator", which is maintained and focuses on the novel aspect of this research, generating valid phone numbers. See more details. There is also a small OSINT challenge in there... ;)
https://github.com/martinvigo/email2phonenumber
https://www.martinvigo.com/tools/phonerator/
#osint #email2phonenumber #phonerator
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
email2phonenumber is an OSINT tool that allows you to obtain a target's phone number just by having his email address.
π‘ For full details check:
https://www.martinvigo.com/email2phonenumber
π‘ Demo:
https://www.youtube.com/watch?v=dfvqhDUn81s
βΌοΈ IMPORTANT:
*email2phonenumber is a proof-of-concept tool I wrote during my research on new OSINT methodologies to obtain a target's phone number. The supported services (Ebay, Lastpass, Amazon and Twitter) have long added protections to protect from these type of scraping like having to receive a code over email first or simply adding captchas. There are of course many other sites that are still leaking phone number digits but I am focused on other research projects. Feel free to submit pull request if you want to add support for new sites.
Please check out my newer tool "Phonerator", which is maintained and focuses on the novel aspect of this research, generating valid phone numbers. See more details. There is also a small OSINT challenge in there... ;)
https://github.com/martinvigo/email2phonenumber
https://www.martinvigo.com/tools/phonerator/
#osint #email2phonenumber #phonerator
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Martin Vigo
From email to phone number, a new OSINT approach - Martin Vigo
How to find out someone's phone number if you just know their email address and how it can be automated using a new OSINT tool: email2phonenumber
π7π₯2
Ukraine calls on hacker underground to defend against Russia
Feb 24 (Reuters) - The government of Ukraine is asking for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops, according two people involved in the project.
As Russian forces attacked cities across Ukraine, requests for volunteers began to appear on hacker forums on Thursday morning, as many residents fled the capital Kyiv. read more
"Ukrainian cybercommunity! It's time to get involved in the cyber defense of our country," the post read, asking hackers and cybersecurity experts to submit an application via Google docs, listing their specialties, such as malware development, and professional references.
Yegor Aushev, co-founder of a cybersecurity company in Kyiv, told Reuters he wrote the post at the request of a senior Defense Ministry official who contacted him on Thursday. Aushev's firm Cyber Unit Technologies is known for working with Ukraine's government on the defense of critical infrastructure.
https://www.reuters.com/world/exclusive-ukraine-calls-hacker-underground-defend-against-russia-2022-02-24/
#ukraine #russia #hacker #cyberdefence
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Feb 24 (Reuters) - The government of Ukraine is asking for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops, according two people involved in the project.
As Russian forces attacked cities across Ukraine, requests for volunteers began to appear on hacker forums on Thursday morning, as many residents fled the capital Kyiv. read more
"Ukrainian cybercommunity! It's time to get involved in the cyber defense of our country," the post read, asking hackers and cybersecurity experts to submit an application via Google docs, listing their specialties, such as malware development, and professional references.
Yegor Aushev, co-founder of a cybersecurity company in Kyiv, told Reuters he wrote the post at the request of a senior Defense Ministry official who contacted him on Thursday. Aushev's firm Cyber Unit Technologies is known for working with Ukraine's government on the defense of critical infrastructure.
https://www.reuters.com/world/exclusive-ukraine-calls-hacker-underground-defend-against-russia-2022-02-24/
#ukraine #russia #hacker #cyberdefence
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Reuters
EXCLUSIVE Ukraine calls on hacker underground to defend against Russia
The government of Ukraine is asking for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops, according two people involved in the project.
β€2π2
Brave takes the spring out of creepy bounce tracking
Just say no to websites bypassing privacy protections with sneaky redirects
Browser maker Brave has developed a new way to ground "bounce tracking," a sneaky technique for bypassing privacy defenses in order to track people across different websites.
Bounce tracking, also known as redirect tracking, dates back at least to 2014 when ad companies were looking for ways to avoid third-party cookie blocking defenses.
"Bounce tracking is a way for trackers to track you even if browser-level privacy protections are in place," explained Peter Synder, senior director of privacy at Brave, on Tuesday.
"Privacy respecting browsers try to prevent sites from learning about your behaviors and activities on other sites. Bounce tracking attempts to circumvent these protections by gaming how your browser behaves when you browse from one site to another."
Say a website embeds a third-party script from info.tracker. When the website is visited, the third-party script tries to read third-party cookies from info.tracker that have been stored in the visitor's browser.
If it can't β because third-party cookies are blocked β the script redirects to the info.tracker domain by writing a new URL to the browser's window.location object or via some link hijacking method like injecting an info.tracker iframe into the original website.
Doing so puts info.tracker into a first-party context, enabling it to set tracking cookies.
Info.tracker then redirects back to the original website URL and info.tracker cookies can then be read in third-party contexts. By doing so across multiple different websites, info.tracker can develop a profile of the people's interests.
To curtail privacy intrusions of this sort, Brave software engineer Aleksey Khoroshilov and senior software engineer Ivan Efremov devised a defense called Unlinkable Bouncing.
https://www.theregister.com/2022/03/09/brave_bounce_tracking/
#brave #browser #bounce #tracking #privacy
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Just say no to websites bypassing privacy protections with sneaky redirects
Browser maker Brave has developed a new way to ground "bounce tracking," a sneaky technique for bypassing privacy defenses in order to track people across different websites.
Bounce tracking, also known as redirect tracking, dates back at least to 2014 when ad companies were looking for ways to avoid third-party cookie blocking defenses.
"Bounce tracking is a way for trackers to track you even if browser-level privacy protections are in place," explained Peter Synder, senior director of privacy at Brave, on Tuesday.
"Privacy respecting browsers try to prevent sites from learning about your behaviors and activities on other sites. Bounce tracking attempts to circumvent these protections by gaming how your browser behaves when you browse from one site to another."
Say a website embeds a third-party script from info.tracker. When the website is visited, the third-party script tries to read third-party cookies from info.tracker that have been stored in the visitor's browser.
If it can't β because third-party cookies are blocked β the script redirects to the info.tracker domain by writing a new URL to the browser's window.location object or via some link hijacking method like injecting an info.tracker iframe into the original website.
Doing so puts info.tracker into a first-party context, enabling it to set tracking cookies.
Info.tracker then redirects back to the original website URL and info.tracker cookies can then be read in third-party contexts. By doing so across multiple different websites, info.tracker can develop a profile of the people's interests.
To curtail privacy intrusions of this sort, Brave software engineer Aleksey Khoroshilov and senior software engineer Ivan Efremov devised a defense called Unlinkable Bouncing.
https://www.theregister.com/2022/03/09/brave_bounce_tracking/
#brave #browser #bounce #tracking #privacy
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The Register
Brave takes the spring out of creepy bounce tracking
Just say no to websites bypassing privacy protections with sneaky redirects
π11π1
Clone Wars - Open source clones of popular sites
100+ open-source clones and alternatives of popular sites like Airbnb, Amazon, Instagram, Netflix, TikTok, Spotify, WhatsApp, YouTube, etc. List contains source code, tutorials, demo links, tech stack, and GitHub stars count. Great for learning purpose!
https://github.com/GorvGoyl/Clone-Wars
#clonewars #opensource
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
100+ open-source clones and alternatives of popular sites like Airbnb, Amazon, Instagram, Netflix, TikTok, Spotify, WhatsApp, YouTube, etc. List contains source code, tutorials, demo links, tech stack, and GitHub stars count. Great for learning purpose!
https://github.com/GorvGoyl/Clone-Wars
#clonewars #opensource
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
GitHub
GitHub - GorvGoyl/Clone-Wars: 100+ open-source clones of popular sites like Airbnb, Amazon, Instagram, Netflix, Tiktok, Spotifyβ¦
100+ open-source clones of popular sites like Airbnb, Amazon, Instagram, Netflix, Tiktok, Spotify, Whatsapp, Youtube etc. See source code, demo links, tech stack, github stars. - GorvGoyl/Clone-Wars
π6π₯2
Staying online during a conflict
First of all, we hope that there won't come a time where you need to read this article. Nevertheless, since it may happen, here's how you can remain connected to the internet during incertain times.
Do note that this guide is covered for two scenarios: when your connection becomes less stable because of a conflict or when your country's slowly blocking social media platforms.
π‘ Element: a messaging app
Element is a messaging app that lets you talk with other users. If you pick a server in the region (e.g. one that you host yourself or one that the city's university hosts) then you won't lose your connection to the server.
Additionally, since this server can connect to any other Element (Matrix) server, you will always be able to communicate with the outside world whenever there's a brief connection.
This means it's very difficult to block. Your country cannot just block "the Signal server", they'll instead need to block every single hobbyist in the world that decides to set up a new server for Element.
π‘ Mastodon: Twitter unblocked
Mastodon uses very similar protocols to what Element uses: everyone can set up their own servers, which makes Mastodon hard to block.
Take a look at mastodon.social, ru.social, pleroma.chirno.tech, glasgow.social, witches.live, and many more.
Each of them hosts their own instance, that separately needs to be blocked from the internet. You can use instances.social to find a Mastodon instance that suits best for you.
π‘ PeerTube: when YouTube goes down
Do you need to share videos that YouTube may not want to share? Can you no longer access YouTube's foreign servers? Use PeerTube.
PeerTube allows you to broadcast your videos to whomever can see them. This can be very useful when your connection with YouTube is unstable and you'd like to share the videos yourself anyway.
π‘ Conclusion
Using these platforms, you will be able to remain connected with the world better - in situations where connections aren't always stable, as well as if the government may decide to block websites.
Take good care of yourself, and we hope these tips will be helpful for you.
https://digital-justice.com/articles/connection-during-conflict.html
#tips #element #peertube #mastodon
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
First of all, we hope that there won't come a time where you need to read this article. Nevertheless, since it may happen, here's how you can remain connected to the internet during incertain times.
Do note that this guide is covered for two scenarios: when your connection becomes less stable because of a conflict or when your country's slowly blocking social media platforms.
π‘ Element: a messaging app
Element is a messaging app that lets you talk with other users. If you pick a server in the region (e.g. one that you host yourself or one that the city's university hosts) then you won't lose your connection to the server.
Additionally, since this server can connect to any other Element (Matrix) server, you will always be able to communicate with the outside world whenever there's a brief connection.
This means it's very difficult to block. Your country cannot just block "the Signal server", they'll instead need to block every single hobbyist in the world that decides to set up a new server for Element.
π‘ Mastodon: Twitter unblocked
Mastodon uses very similar protocols to what Element uses: everyone can set up their own servers, which makes Mastodon hard to block.
Take a look at mastodon.social, ru.social, pleroma.chirno.tech, glasgow.social, witches.live, and many more.
Each of them hosts their own instance, that separately needs to be blocked from the internet. You can use instances.social to find a Mastodon instance that suits best for you.
π‘ PeerTube: when YouTube goes down
Do you need to share videos that YouTube may not want to share? Can you no longer access YouTube's foreign servers? Use PeerTube.
PeerTube allows you to broadcast your videos to whomever can see them. This can be very useful when your connection with YouTube is unstable and you'd like to share the videos yourself anyway.
π‘ Conclusion
Using these platforms, you will be able to remain connected with the world better - in situations where connections aren't always stable, as well as if the government may decide to block websites.
Take good care of yourself, and we hope these tips will be helpful for you.
https://digital-justice.com/articles/connection-during-conflict.html
#tips #element #peertube #mastodon
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Digital-Justice
Staying online during a conflict
How to remain connected to the internet during a humanitarian conflict or war.
π6
Release: Roskomnadzor (820 GB)
In the Cyberwar category, we are listing 364,000 files from the Roskomnadzor, the Russian federal agency responsible for censorship of Russian media, specifically from the republic of Bashkortostan.
In the Cyberwar category, we are listing 340,000 files from the Π ΠΎΡΠΊΠΎΠΌΠ½Π°Π΄Π·ΠΎΡ or Roskomnadzor of the Russian Republic of Bashkortostan. By population, Bashkortostan is one of the larger republics of the Russian federation, and Roskomnadzor is the Russian federal agency responsible for the monitoring and censorship of Russian media.
Roskomnadzor's activities are always a matter of public interest to the people of Russia and to the world. Their recent actions have only emphasized this:
Roskomnadzor has given instructions about what can be said and ordered media outlets to delete stories that call Russia's invasion of Ukraine an Invasion. In response to Facebook's fact-checking Russia's statements about the war, Roskomnadzor began restricting access to Facebook before later blocking it. Roskomnadzor also threatened to block access to Russian Wikipedia over their article about the Russian invasion of Ukraine. This follows an established history of similar actions in the past.
The source, a part of Anonymous, urgently felt the Russian people should have access to information about their government. They also expressed their opposition to the Russian people being cut off from independent media and the outside world. We are publishing this release in anticipation of Russia potentially being cut off from the global internet on March 11, and hope Russians will have time to download this data, before then.
https://nitter.pussthecat.org/YourAnonTV/status/1501942349550653443
via Twitter
https://www.jpost.com/breaking-news/article-700940
π‘ Download (817.5 GB)
https://ddosxlvzzow7scc7egy75gpke54hgbg2frahxzaw6qq5osnzm7wistid.onion/wiki/Roskomnadzor
#OpRussia #anonymous #roskomnadzor #cyberwar #ukraine
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
In the Cyberwar category, we are listing 364,000 files from the Roskomnadzor, the Russian federal agency responsible for censorship of Russian media, specifically from the republic of Bashkortostan.
In the Cyberwar category, we are listing 340,000 files from the Π ΠΎΡΠΊΠΎΠΌΠ½Π°Π΄Π·ΠΎΡ or Roskomnadzor of the Russian Republic of Bashkortostan. By population, Bashkortostan is one of the larger republics of the Russian federation, and Roskomnadzor is the Russian federal agency responsible for the monitoring and censorship of Russian media.
Roskomnadzor's activities are always a matter of public interest to the people of Russia and to the world. Their recent actions have only emphasized this:
Roskomnadzor has given instructions about what can be said and ordered media outlets to delete stories that call Russia's invasion of Ukraine an Invasion. In response to Facebook's fact-checking Russia's statements about the war, Roskomnadzor began restricting access to Facebook before later blocking it. Roskomnadzor also threatened to block access to Russian Wikipedia over their article about the Russian invasion of Ukraine. This follows an established history of similar actions in the past.
The source, a part of Anonymous, urgently felt the Russian people should have access to information about their government. They also expressed their opposition to the Russian people being cut off from independent media and the outside world. We are publishing this release in anticipation of Russia potentially being cut off from the global internet on March 11, and hope Russians will have time to download this data, before then.
https://nitter.pussthecat.org/YourAnonTV/status/1501942349550653443
via Twitter
https://www.jpost.com/breaking-news/article-700940
π‘ Download (817.5 GB)
https://ddosxlvzzow7scc7egy75gpke54hgbg2frahxzaw6qq5osnzm7wistid.onion/wiki/Roskomnadzor
#OpRussia #anonymous #roskomnadzor #cyberwar #ukraine
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π₯7π1
Former Canadian Government Employee Extradited to the United States to Face Charges for Dozens of Ransomware Attacks Resulting in the Payment of Tens of Millions of Dollars in Ransoms
A Canadian man was extradited yesterday from Canada to the United States on an indictment returned in the Middle District of Florida that charges him with conspiracy to commit computer fraud and wire fraud, intentional damage to a protected computer, and transmitting a demand in relation to damaging a protected computer arising from his alleged participation in a sophisticated form of ransomware known as NetWalker. NetWalker ransomware has targeted dozens of victims all over the world, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges, and universities. Attacks have specifically targeted the healthcare sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.
According to court documents, Sebastien Vachon-Desjardins, 34, of Gatineau, Quebec, Canada, from April through December 2020, conspired to and did intentionally damage a protected computer and transmit a ransom demand in connection with doing so. The indictment also alleges that the United States intends to forfeit more than $27 million, which is alleged to be traceable to proceeds of the offenses. The defendant will make his initial appearance today in federal court in Tampa before U.S. Magistrate Judge Julie S. Sneed.
https://www.justice.gov/opa/pr/former-canadian-government-employee-extradited-united-states-face-charges-dozens-ransomware
#NetWalker #ransomware #usa #canada
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
A Canadian man was extradited yesterday from Canada to the United States on an indictment returned in the Middle District of Florida that charges him with conspiracy to commit computer fraud and wire fraud, intentional damage to a protected computer, and transmitting a demand in relation to damaging a protected computer arising from his alleged participation in a sophisticated form of ransomware known as NetWalker. NetWalker ransomware has targeted dozens of victims all over the world, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges, and universities. Attacks have specifically targeted the healthcare sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.
According to court documents, Sebastien Vachon-Desjardins, 34, of Gatineau, Quebec, Canada, from April through December 2020, conspired to and did intentionally damage a protected computer and transmit a ransom demand in connection with doing so. The indictment also alleges that the United States intends to forfeit more than $27 million, which is alleged to be traceable to proceeds of the offenses. The defendant will make his initial appearance today in federal court in Tampa before U.S. Magistrate Judge Julie S. Sneed.
https://www.justice.gov/opa/pr/former-canadian-government-employee-extradited-united-states-face-charges-dozens-ransomware
#NetWalker #ransomware #usa #canada
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
www.justice.gov
Former Canadian Government Employee Extradited to the United States to Face Charges for Dozens of Ransomware Attacks Resultingβ¦
A Canadian man was extradited yesterday from Canada to the United States on an indictment returned in the Middle District of Florida that charges him with conspiracy to commit computer fraud and wire fraud, intentional damage to a protected computer, andβ¦
#Emotet E5 Update - Within the last several hours, we have seen some bots on the Epoch 5 botnet begin to drop SystemBC now as a module and execute it. This is the first drop beyond Cobalt Strike that we have seen since Emotet returned. This is a significant change 1/x
https://nitter.pussthecat.org/Cryptolaemus1/status/1502069552246575105
via Twitter
#emotet
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
https://nitter.pussthecat.org/Cryptolaemus1/status/1502069552246575105
via Twitter
#emotet
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Nitter
Cryptolaemus (@Cryptolaemus1)
#Emotet E5 Update - Within the last several hours, we have seen some bots on the Epoch 5 botnet begin to drop SystemBC now as a module and execute it. This is the first drop beyond Cobalt Strike that we have seen since Emotet returned. This is a significantβ¦
π1
Privacy and the Future of the Internet
The Internet is at a critical juncture. As it has been for the past decade or so, those who care about privacy and social morality are (practically) barred from participation in interest-based "focus groups", because most of them are still on Facebook, Twitter, YouTube and other anti-social networks. Even websites that have nothing to do with these networks have forgone self-management of user accounts in favor of "social logins," which are only useful until Facebook blocks your account and you realize you're now blocked from everything, and the only customer support available is provided by bots who were programmed to fix nothing and provide no information.
Government-provided services around the world are becoming more and more difficult to receive without installing apps spyware on your smartphone. Search engines grow more and more unusable every day, and our ability to self-govern is being taken away by money-hungry startups and corporations who are looking to "make the world a better place." Finally, the Internet as a whole is now nothing more than a shopping mall, where visitors implicitly consent to being searched.
https://ido50.net/rants/privacy-and-the-future-of-the-internet
#privacy #internet
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
The Internet is at a critical juncture. As it has been for the past decade or so, those who care about privacy and social morality are (practically) barred from participation in interest-based "focus groups", because most of them are still on Facebook, Twitter, YouTube and other anti-social networks. Even websites that have nothing to do with these networks have forgone self-management of user accounts in favor of "social logins," which are only useful until Facebook blocks your account and you realize you're now blocked from everything, and the only customer support available is provided by bots who were programmed to fix nothing and provide no information.
Government-provided services around the world are becoming more and more difficult to receive without installing apps spyware on your smartphone. Search engines grow more and more unusable every day, and our ability to self-govern is being taken away by money-hungry startups and corporations who are looking to "make the world a better place." Finally, the Internet as a whole is now nothing more than a shopping mall, where visitors implicitly consent to being searched.
https://ido50.net/rants/privacy-and-the-future-of-the-internet
#privacy #internet
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
ido50.net
Privacy and the Future of the Internet | Ido Perlmuter
Personal Website of Ido Perlmuter
π7π₯1
Media is too big
VIEW IN TELEGRAM
Ukraine On Fire
Ukraine. Across its eastern border is Russia and to its west-Europe. For centuries, it has been at the center of a tug-of-war between powers seeking to control its rich lands and access to the Black Sea. 2014's Maidan Massacre triggered a bloody uprising that ousted president Viktor Yanukovych and painted Russia as the perpetrator by Western media. But was it?
π‘ One or the other may wonder why this movie was posted here in this Channel. Well, the last few days did show that the war between Russia and Ukraine is also a major threat to security/privacy/democracy in the global - but especially in the Russian Net.
#cyberwar #war #security #privacy #democracy #ukraine #russia #usa
π₯@cRyPtHoN_INFOSEC_FR
π₯@cRyPtHoN_INFOSEC_EN
π₯@cRyPtHoN_INFOSEC_DE
π₯@BlackBox_Archiv
Ukraine. Across its eastern border is Russia and to its west-Europe. For centuries, it has been at the center of a tug-of-war between powers seeking to control its rich lands and access to the Black Sea. 2014's Maidan Massacre triggered a bloody uprising that ousted president Viktor Yanukovych and painted Russia as the perpetrator by Western media. But was it?
π‘ One or the other may wonder why this movie was posted here in this Channel. Well, the last few days did show that the war between Russia and Ukraine is also a major threat to security/privacy/democracy in the global - but especially in the Russian Net.
#cyberwar #war #security #privacy #democracy #ukraine #russia #usa
π₯@cRyPtHoN_INFOSEC_FR
π₯@cRyPtHoN_INFOSEC_EN
π₯@cRyPtHoN_INFOSEC_DE
π₯@BlackBox_Archiv
π4π3π₯1
BlackBox (Security) Archiv
Privacy and the Future of the Internet The Internet is at a critical juncture. As it has been for the past decade or so, those who care about privacy and social morality are (practically) barred from participation in interest-based "focus groups", becauseβ¦
Real names and pseudonyms of leading Conti members
An actor on Exploit and XSS criminal forums just shared a list of real names and aliases that allegedly belong to top Conti members
Andrey Yuryevich Zhuykov -> "Defender"
Maksim Khaliullin -> "Kagas", "maxfax"
Eduard Mizurov -> "modar"
Dimitriy Kornev -> "mustang"
Mikhail Zlydnev -> "sitev"
Andrey Maximov -> "untouch"
Sergey Gorko -> "Salamandra"
Sergey Guryev -> "Stakan"
Maksim Rudenskiy -> "silver", "buza"
Maksim Galochkin -> "Bentley", "volhvb"
https://nitter.pussthecat.org/y_advintel/status/1502348645877833736
via Twitter
#cyberwar #conti #ransomware #leak
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
An actor on Exploit and XSS criminal forums just shared a list of real names and aliases that allegedly belong to top Conti members
Andrey Yuryevich Zhuykov -> "Defender"
Maksim Khaliullin -> "Kagas", "maxfax"
Eduard Mizurov -> "modar"
Dimitriy Kornev -> "mustang"
Mikhail Zlydnev -> "sitev"
Andrey Maximov -> "untouch"
Sergey Gorko -> "Salamandra"
Sergey Guryev -> "Stakan"
Maksim Rudenskiy -> "silver", "buza"
Maksim Galochkin -> "Bentley", "volhvb"
https://nitter.pussthecat.org/y_advintel/status/1502348645877833736
via Twitter
#cyberwar #conti #ransomware #leak
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π1
Telegram Trilateration
Telegram Finally listened!
It took them over a YEAR to realize their mistake but they FINALLY lowered the accuracy of the "People Nearby" function. Or it might be that the huge sudden outburst of negativity from Russian and Ukrainian media has finally made them come to senses Β―\_(γ)_/Β―
Either way, when you run the function now, you will only see results of 500m, 1km, 2km, etc. I have little faith left in Telegram when it comes to privacy and taking issues seriously. This repository will stay online, but be adviced that none of the data collection methods in here will work as expected.
https://github.com/jkctech/Telegram-Trilateration
π‘ Read as well:
https://nitter.pussthecat.org/JKCTech/status/1489712467248926728
via Twitter
#telegram #peoplenearby
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Telegram Finally listened!
It took them over a YEAR to realize their mistake but they FINALLY lowered the accuracy of the "People Nearby" function. Or it might be that the huge sudden outburst of negativity from Russian and Ukrainian media has finally made them come to senses Β―\_(γ)_/Β―
Either way, when you run the function now, you will only see results of 500m, 1km, 2km, etc. I have little faith left in Telegram when it comes to privacy and taking issues seriously. This repository will stay online, but be adviced that none of the data collection methods in here will work as expected.
https://github.com/jkctech/Telegram-Trilateration
π‘ Read as well:
https://nitter.pussthecat.org/JKCTech/status/1489712467248926728
via Twitter
#telegram #peoplenearby
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
GitHub
GitHub - jkctech/Telegram-Trilateration: Proof of concept for abusing Telegram's "People Near Me" feature and tracking people'sβ¦
Proof of concept for abusing Telegram's "People Near Me" feature and tracking people's location - jkctech/Telegram-Trilateration
π4
Exclusive: U.S. spy agency probes sabotage of satellite internet during Russian invasion, sources say
March 11 (Reuters) - Western intelligence agencies are investigating a cyberattack by unidentified hackers that disrupted broadband satellite internet access in Ukraine coinciding with Russia's invasion, according to three people with direct knowledge of the incident.
Analysts for the U.S. National Security Agency, French government cybersecurity organization ANSSI, and Ukrainian intelligence are assessing whether the remote sabotage of a satellite internet provider's service was the work of Russian-state backed hackers preparing the battlefield by attempting to sever communications.
The digital blitz on the satellite service began on Feb. 24 between 5 a.m. and 9 a.m., just as Russian forces started going in and firing missiles, striking major Ukrainian cities including the capital, Kyiv.
The consequences are still being investigated but satellite modems belonging to tens of thousands of customers in Europe were knocked offline, according to an official of U.S. telecommunications firm Viasat, which owns the affected network.
https://www.reuters.com/world/europe/exclusive-us-spy-agency-probes-sabotage-satellite-internet-during-russian-2022-03-11/
#russia #ukraine #sabotage #satellite #internet #cyberwar
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
March 11 (Reuters) - Western intelligence agencies are investigating a cyberattack by unidentified hackers that disrupted broadband satellite internet access in Ukraine coinciding with Russia's invasion, according to three people with direct knowledge of the incident.
Analysts for the U.S. National Security Agency, French government cybersecurity organization ANSSI, and Ukrainian intelligence are assessing whether the remote sabotage of a satellite internet provider's service was the work of Russian-state backed hackers preparing the battlefield by attempting to sever communications.
The digital blitz on the satellite service began on Feb. 24 between 5 a.m. and 9 a.m., just as Russian forces started going in and firing missiles, striking major Ukrainian cities including the capital, Kyiv.
The consequences are still being investigated but satellite modems belonging to tens of thousands of customers in Europe were knocked offline, according to an official of U.S. telecommunications firm Viasat, which owns the affected network.
https://www.reuters.com/world/europe/exclusive-us-spy-agency-probes-sabotage-satellite-internet-during-russian-2022-03-11/
#russia #ukraine #sabotage #satellite #internet #cyberwar
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Reuters
Exclusive: U.S. spy agency probes sabotage of satellite internet during Russian invasion, sources say
Western intelligence agencies are investigating a cyberattack by unidentified hackers that disrupted broadband satellite internet access in Ukraine coinciding with Russia's invasion, according to three people with direct knowledge of the incident.
π2
MongoDB is terminating Russian accounts
Makes you wonder how your IT may look like if other IaaS, PaaS and SaaS providers will decide to shut you down. What if AWS decided to shut down your account? How business critical is your reliance on the cloud?
https://nitter.pussthecat.org/brodtoleg/status/1502587827783098371
via Twitter
#mongodb #russia #usa #sanctions
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Makes you wonder how your IT may look like if other IaaS, PaaS and SaaS providers will decide to shut you down. What if AWS decided to shut down your account? How business critical is your reliance on the cloud?
https://nitter.pussthecat.org/brodtoleg/status/1502587827783098371
via Twitter
#mongodb #russia #usa #sanctions
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π9π3π₯1
LibRedirect
A web extension that redirects YouTube, Twitter, Instagram... requests to alternative privacy friendly frontends and backends.
Youtube => Piped, Invidious, Piped-Material, FreeTube, Yattee
YoutubeMusic => Beatbump
Twitter => Nitter
Instagram => Bibliogram
TikTok => ProxiTok
Imgur => Rimgo
Reddit => Libreddit, Teddit, Old Reddit
Pixiv => pixivθγ
Search => SearX, Whoogle
Translate => SimplyTranslate, LingvaTranslate
Maps => OpenStreetMap, FacilMap
Wikipedia => Wikiless
Medium => Scribe
Send Files => Send
π‘ Note: It will be using random instances by default. You can also add custom instances.
https://github.com/libredirect/libredirect
#libredirect
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
A web extension that redirects YouTube, Twitter, Instagram... requests to alternative privacy friendly frontends and backends.
Youtube => Piped, Invidious, Piped-Material, FreeTube, Yattee
YoutubeMusic => Beatbump
Twitter => Nitter
Instagram => Bibliogram
TikTok => ProxiTok
Imgur => Rimgo
Reddit => Libreddit, Teddit, Old Reddit
Pixiv => pixivθγ
Search => SearX, Whoogle
Translate => SimplyTranslate, LingvaTranslate
Maps => OpenStreetMap, FacilMap
Wikipedia => Wikiless
Medium => Scribe
Send Files => Send
π‘ Note: It will be using random instances by default. You can also add custom instances.
https://github.com/libredirect/libredirect
#libredirect
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
GitHub
GitHub - libredirect/browser_extension: A browser extension that redirects popular sites to alternative privacy friendly frontends
A browser extension that redirects popular sites to alternative privacy friendly frontends - libredirect/browser_extension
π6β€3π₯1
Shenzhen, a major manufacturing and distribution hub in China just announced FULL LOCKDOWN!! RIP US SUPPLY CHAINβ¦
https://nitter.pussthecat.org/kingkong9888/status/1502990424968814595
via Twitter
#china #shenzhen #lockdown #supplychain
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
https://nitter.pussthecat.org/kingkong9888/status/1502990424968814595
via Twitter
#china #shenzhen #lockdown #supplychain
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π1
We Are In The First Open Source Intelligence War
A thesis I cannot prove but I believe: We are witnessing the worldβs first war where open source intelligence is providing more actionable insights than classified sources.
Tiktok provided direct evidence of the nature of troop and equipment movements. Commercial imagery showed field deployment locations, field hospitals, then proof of movement to invade. Dating apps provided indications of which military units are being deployed. Twitter gave a platform for highly skilled deeply experienced open source analysts to provide insights. And cloud connected smartphones with a wide range of capabilities throughout Ukraine gave direct tactical insights into how the war was and is being prosecuted. Open source analysts are listening into and translating military communications. Cybersecurity analysts and cyber threat intelligence companies are sharing indicators of incidents faster than ever and before any tipping and queuing by government sources. Historians with great context on culture and history are more rapidly collaborating and sharing relevant insights. And much of this is supported by new tools and applications and collaborative environments for individuals and non government groups.
All of this means, I believe, that this is the worldβs first war where open source intelligence is the dominate source.
https://www.oodaloop.com/archive/2022/03/13/we-are-in-the-first-open-source-intelligence-war/
#opensource #intelligence #war
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
A thesis I cannot prove but I believe: We are witnessing the worldβs first war where open source intelligence is providing more actionable insights than classified sources.
Tiktok provided direct evidence of the nature of troop and equipment movements. Commercial imagery showed field deployment locations, field hospitals, then proof of movement to invade. Dating apps provided indications of which military units are being deployed. Twitter gave a platform for highly skilled deeply experienced open source analysts to provide insights. And cloud connected smartphones with a wide range of capabilities throughout Ukraine gave direct tactical insights into how the war was and is being prosecuted. Open source analysts are listening into and translating military communications. Cybersecurity analysts and cyber threat intelligence companies are sharing indicators of incidents faster than ever and before any tipping and queuing by government sources. Historians with great context on culture and history are more rapidly collaborating and sharing relevant insights. And much of this is supported by new tools and applications and collaborative environments for individuals and non government groups.
All of this means, I believe, that this is the worldβs first war where open source intelligence is the dominate source.
https://www.oodaloop.com/archive/2022/03/13/we-are-in-the-first-open-source-intelligence-war/
#opensource #intelligence #war
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
OODA Loop
We Are In The First Open Source Intelligence War
We are witnessing the world's first war where open source intelligence is providing more actionable insights than classified sources. Here are views on what this shift means for governments, businesses, NGOs and Citizens.
π6π1
The story of REvil: From origin to beyond.
The story of REvil: From origin to beyond
Guest Jon DiMaggio, Chief Security Strategist at Analyst1, joins Dave Bittner to discuss his team's research "A History of REvil" that chronicles the rise and fall of REvil. The REvil gang is an organized criminal enterprise based primarily out of Russia that runs a Ransomware as a Service (RaaS) operation.
The core members of the gang reside and operate out of Russia. REvil leverages hackers for hire, known as affiliates, to conduct the breach, steal victim data, delete backups, and infect victim systems with ransomware for a share of the profits.
https://thecyberwire.com/podcasts/research-saturday/223/notes
#cyberwire #revil #podcast
π@cRyPtHoN_INFOSEC_FR
π@cRyPtHoN_INFOSEC_EN
π@cRyPtHoN_INFOSEC_DE
π@BlackBox_Archiv
Guest Jon DiMaggio, Chief Security Strategist at Analyst1, joins Dave Bittner to discuss his team's research "A History of REvil" that chronicles the rise and fall of REvil. The REvil gang is an organized criminal enterprise based primarily out of Russia that runs a Ransomware as a Service (RaaS) operation.
The core members of the gang reside and operate out of Russia. REvil leverages hackers for hire, known as affiliates, to conduct the breach, steal victim data, delete backups, and infect victim systems with ransomware for a share of the profits.
https://thecyberwire.com/podcasts/research-saturday/223/notes
#cyberwire #revil #podcast
π@cRyPtHoN_INFOSEC_FR
π@cRyPtHoN_INFOSEC_EN
π@cRyPtHoN_INFOSEC_DE
π@BlackBox_Archiv
Discontinuation of the Vanced project
Vanced has been discontinued. In the coming days, the download links will be taken down. The Discord server, telegram chat and subreddit will stay for the time being. We know this is not something you wanted to hear, but it's something we need to do. We want to thank you all for the support over the years.
Edit: On a side note, the existing installation will continue to work.
https://t.iss.one/Vanced/197
#vanced
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Vanced has been discontinued. In the coming days, the download links will be taken down. The Discord server, telegram chat and subreddit will stay for the time being. We know this is not something you wanted to hear, but it's something we need to do. We want to thank you all for the support over the years.
Edit: On a side note, the existing installation will continue to work.
https://t.iss.one/Vanced/197
#vanced
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
Telegram
Vanced
DISCONTINUATION OF THE VANCED PROJECT
Vanced has been discontinued. In the coming days, the download links will be taken down. The Discord server, Telegram chat and subreddit will stay for the time being. We know this is not something you wanted to hearβ¦
Vanced has been discontinued. In the coming days, the download links will be taken down. The Discord server, Telegram chat and subreddit will stay for the time being. We know this is not something you wanted to hearβ¦
π±7π5β€1