Meta Hit With Massive Piracy Lawsuit Over Epidemic Sound Royalty-Free Music

Meta has been hit with a copyright infringement lawsuit demanding at least $142 million in damages. Epidemic Sound, a company that provides royalty-free music to YouTubers and other creators, claims that Meta hosts 94% of Epidemic's music in its own library, none of it licensed. According to Epidemic, this has resulted in billions of illegal views across Facebook and Instagram.

https://torrentfreak.com/meta-hit-with-massive-piracy-lawsuit-over-epidemic-sound-royalty-free-music-220721/

#meta #facebook #DeleteFacebook
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Malware Theory - DLLs

In this video tutorial I will be teaching you about what a DLL is at a very high level. These concepts will be useful when reverse engineering or performing malware analaysis on DLL files.

https://www.youtube.com/watch?v=0OTYxOJAor4

#video #malware #dll
🎥@cRyPtHoN_INFOSEC_IT
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Remember the PanamaPapers?

For six years the source #JohnDoe stayed silent. Now them is speaking up - in an exclusive interview

👀 Stay tuned… Friday, 11am CEST 👀

https://nitter.pussthecat.org/b_obermayer/status/1550133941386022912

via Twitter

#panamapapers
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

DuckDuckGo Tracker Blocklists

Web tracker blocklists used by DuckDuckGo apps and extensions. Blocklists are based on Tracker Radar data and updated monthly.

https://github.com/duckduckgo/tracker-blocklists

#ddg #tracker #blocklist
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Malware Theory - Bit Masking

In this video I will show you what bit masking is, and why it is important for malware analysis and reverse engineering.

https://www.youtube.com/watch?v=n4xs-X102ak

👀 watch as well - Malware Theory - DLLs 👀
https://t.iss.one/BlackBox_Archiv/2993

#malware #bitmasking #video
🎥@cRyPtHoN_INFOSEC_IT
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

India Seeks to Oust China Firms From Sub-$150 Phone Market

Xiaomi, Realme and Transsion will be among those affected

India seeks to restrict Chinese smartphone makers from selling devices cheaper than 12,000 rupees ($150) to kickstart its faltering domestic industry, dealing a blow to brands including Xiaomi Corp.

The move is aimed at pushing Chinese giants out of the lower segment of the world’s second-biggest mobile market, according to people familiar with the matter. It coincides with mounting concern about high-volume brands like Realme and Transsion undercutting local manufacturers, they said, asking not to be identified discussing a sensitive matter.

https://telegra.ph/India-Seeks-to-Oust-China-Firms-From-Sub-150-Phone-Market-08-09-2

via Bloomberg

#india #smartphones
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Rufus: Microsoft is blocking Windows ISO downloads (Fixed)

It appears that Microsoft has started to block Windows ISO downloads that originate from Rufus. Rufus is a popular open source tool to create bootable media.

Options to download Windows ISO images was introduced in Rufus 3.5, which the developer released in 2019. The ability to download Windows 8, Windows 10 and Windows 11 ISO images was a welcome feature addition, as it made the process of creating Windows boot media more comfortable.

The developer has added more features to Rufus in the meantime that improved the program for some Windows administrators and users significantly. Options to bypass Windows 11 system requirements during Inplace upgrades and to create local accounts instead of Microsoft accounts, and to deny privacy questions outright, were added in 2022.

Downloads are powered by the Fido script in Rufus, and this worked fine ever since the functionality was introduced. The script pulled download information from Microsoft servers and downloads were provided by Microsoft.

Now, Rufus users are receiving error messages on attempts to download Windows 8, 10 or 11 using Rufus.

https://www.ghacks.net/2022/08/13/rufus-microsoft-is-blocking-windows-iso-downloads/

#rufus #microsoft
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The FTC takes aim at commercial surveillance

The biggest fallacy in the online privacy wars is that there is a difference between "state surveillance" and "commercial surveillance." Bizarrely, it's a fallacy that is widely held by both government snoops and Big Tech snoops.

Many's the time I've spoken to a DC audience about privacy, only to have an audience member say, "I'm OK with Uncle Sam spying on me – after all, I've already given up every sensitive scrap of information about my personal life to the Office of Personnel Management when I applied for security clearance. But I don't want my money going to Google – those bastards would sell their mothers out for a nickle."

https://pluralistic.net/2022/08/12/regulatory-uncapture/#conscious-uncoupling

#surveillance
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Ransomware Summit 2022

Talks from the SANS Ransomware Summit 2022 security conference, which took place in July, are now available on YouTube

https://www.youtube.com/playlist?list=PLtgaAEEmVe6AGQj2LhA4UnN0XolmeYw9_

#ransomware #video
🎥@cRyPtHoN_INFOSEC_IT
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

More Evil Markets

Take a sneak peek into the world of criminal markets, how they look on the inside, and how traders advertise and sell unauthorized access to organizations.

From ransomware operators like #LockBit and #BlackBasta to #APTs striking for or against Russian or Chinese interests, threat actors of various stripes all need one thing to get their operations off the ground: initial access to an organization’s network.

Such access can be bought on a variety of trading forums from cyber criminals who specialize in running low-risk phishing campaigns and credential theft operations, or in scanning enterprise networks for known remote code execution (RCE) #software #vulnerabilities.

Because of the ease with which initial access can now be obtained thanks to poor patch management and lax controls over identity and user credentials, there exists a market where supply is outstripping demand, and vendors involved in selling initial access are lowering their prices in a race to the bottom, making it easier than ever before for threat actors to compromise organizations of all sizes and kinds.

In this post, we reveal what these marketplaces look like from the inside, exposing the ways these traders advertise and sell unauthorized access to organizations.

https://www.sentinelone.com/blog/more-evil-markets-how-its-never-been-easier-to-buy-initial-access-to-compromised-networks/

#criminal #markets
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

A very very simple tool that makes some noise every time your computer sends data to Google

Here a demo on the official Dutch government jobs site. The noise starts while typing the domain name already.

Code, currently Linux only:
https://github.com/berthubert/googerteller

#googerteller
🎥@cRyPtHoN_INFOSEC_IT
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Not so boring Android malware

Welcome! The purpose of this website is to gather a diverse set of different Android malware samples. So often the Android malware datasets are boring. They have the same or very similar malware families and, if used to practice reverse engineering, may become very repetitive.

I’ve decided to create a list of samples which are different. Each one should give you a different, fun reverse engineering challenge. The samples are divded in three sections: easy, average and difficult. Each one contains a short description of what the malware does (but no spoilers!). All samples are sourced from publicly available websites and link to these websites.

https://maldroid.github.io/android-malware-samples/

#android #malware #samples
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

We Kill People Based on Metadata” and Other Metadata Things

In a debate with the ACLU’s David Cole, the former director of the NSA and CIA, General Michael Hayden said, “we kill people based on metadata.

(....)
I do not believe there exist any methods through which one can entirely avoid these behemoth agencies’ data collection techniques. However, there are some valuable tools for dealing with metadata at an elementary level. I have listed some of these tools below.

https://darknetlive.com/post/former-nsa-director-will-kill-you-via-metadata/

#DeleteMetadata
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Advanced DnSpy tricks in .NET reversing 2 - PS debugging, Watch vs Locals, Code Optimization

👀 This video covers:
- Debugging Powershell process when debugging Powershell scripts - catch module loading (dnSpy)
- dnSpy multi-process debugging
- Dealing with code optimization during .NET debugging (when and why you can NOT see Locals and put a breakpoints)
- Watch vs. Locals Windows in dnSpy - benefit from both (see fields, invoke expressions etc.)

‼️ This video is created only for educational purposes. ‼️

https://www.youtube.com/watch?v=IJfUSo8E4rI

#dnspy #video
🎥@cRyPtHoN_INFOSEC_IT
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Here Is the Manual for the Mass Surveillance Tool Cops Use to Track Phones

Police departments across the U.S. have been using Fog Reveal for ‘mass surveillance on a budget,’ investigations by the EFF and Associated Press revealed. Now, we're publishing the manual.

Local police departments across the U.S. have been purchasing a tool that allows them to track individual devices without a warrant based on data harvested from ordinary smartphone apps installed on peoples’ phones, according to investigations by activist organization the Electronic Frontier Foundation (EFF) and the Associated Press.

Now, Motherboard is publishing the user manual for the tool, called Fog Reveal. Bennett Cyphers, a staff technologist at the EFF who worked on the investigation using public records requests, shared the user manual with Motherboard.

https://www.vice.com/en/article/v7v34a/fog-reveal-local-cops-phone-location-data-manual

#surveillance
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

HardeningKitty

checks and hardens your Windows configuration.

HardeningKitty supports hardening of a Windows system. The configuration of the system is retrieved and assessed using a finding list. In addition, the system can be hardened according to predefined values. HardeningKitty reads settings from the registry and uses other modules to read configurations outside the registry.

‼️ The script was developed for English systems. It is possible that in other languages the analysis is incorrect. Please create an issue if this occurs. ‼️

https://github.com/scipag/HardeningKitty

#HardeningKitty
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The largest taxi service in Russia 'Yandex Taxi' was hacked by the Anonymous collective

A traffic jam took place in the center of Moscow when dozens of taxi were sent by the hackers to the address on Kutuzovsky Prospekt.

https://nitter.pussthecat.org/YourAnonTV/status/1565555525378506752

via Twitter

#OpRussia #anonymous
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

How to Detect and Prevent impacket's Wmiexec

This blog deep dives into wmiexec usage seen from multiple incident response investigations, and describes indicators to help defenders detect wmiexec.

Introduction

Impacket’s wmiexec.py (“wmiexec”) is a popular tool used by red teams and threat actors alike. The CrowdStrike Services team commonly sees threat actors leveraging wmiexec to move laterally and execute commands on remote systems as wmiexec leverages Windows native protocols to more easily blend in with benign activity. CrowdStrike has also identified threat actors packaging wmiexec using PyInstaller to run it as an executable on Windows systems, remotely executing data exfiltration tools such as Rclone, and Cobalt Strike beacons for lateral movement and command-and-control operations.

Impacket’s suite of tools is extremely versatile and is low impact, making detection more difficult compared to other threat actor tool sets. This blog deep dives into wmiexec usage seen from multiple incident response investigations, and describes indicators to help defenders detect wmiexec.

https://www.crowdstrike.com/blog/how-to-detect-and-prevent-impackets-wmiexec/

#wmiexec
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The scariest piece of malware since Stuxnet (Podcast)

Back in April, cybersecurity officials discovered the notorious “Industroyer” malware in the Ukrainian electrical grid. It might have been the scariest infrastructure hack since malware destroyed centrifuges at an Iranian uranium enrichment plant in 2010 – were it not for a TGIF miracle. Plus, a visit with the IT Army of Ukraine and a different kind of information operation.

https://podcasts.apple.com/us/podcast/30-the-scariest-piece-of-malware-since-stuxnet/id1225077306

#industroyer #podcast
🎙@cRyPtHoN_INFOSEC_IT
🎙@cRyPtHoN_INFOSEC_FR
🎙@cRyPtHoN_INFOSEC_EN
🎙@cRyPtHoN_INFOSEC_DE
🎙@BlackBox_Archiv

Samsung recently discovered a cybersecurity incident

At Samsung, security is a top priority. We are reaching out to inform you that Samsung recently discovered a cybersecurity incident that affected some of your information.

In late July 2022, an unauthorized third party acquired information from some of Samsung's U.S. systems. On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected.

We have taken actions to secure the affected systems, and have engaged a leading outside cybersecurity firm and are coordinating with law enforcement. We want to assure our customers that the issue did not impact Social Security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. The information affected for each relevant customer may vary.

At Samsung, we value the trust our customers place in our products and services ‑ trust that we have built up over many years. By working with industry ‑ leading experts, we will further enhance the security of our systems ‑ and your personal information ‑ and work to maintain the trust you have put into the Samsung brand for more than 40 years.

We regret any inconvenience this may cause you and appreciate your trust in us. We have set up an FAQ page on our website for additional questions and answers along with recommended actions.

If you'd like to check your credit report, you are entitled under U.S. law to one free credit report annually from each of the three major nationwide credit reporting agencies. More information can be found below.

If you have any questions regarding this issue, please visit our website at www.samsung.com/us/support/securityresponsecenter.

#samsung #breach
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Wi-Fi Hacking: Using wifite for Multiple Attack Strategies against Wi-Fi AP's

Often, when doing a pentest, we have multiple Wi-Fi access points to test for security. Rather than testing each one individually with tools such as aircrack-ng, Reaver, pyrit, and hcxdumptool, and others, we can automate that testing with a single tool such as wifite. Wifite enables us to test all of the Wi-Fi AP's with a single tool automatically using multiple strategies against different security protocols.

‼️ only for educational purposes ‼️

https://www.hackers-arise.com/post/wi-fi-hacking-using-wifite-for-multiple-attack-strategies-against-wi-fi-ap-s

#wifi #hacking
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv