Hi people!
There are many new violations of our rights and privacy every day that we miss and forget to post in our channel.

If you have any such news, please join our group and send it there:

https://t.me/joinchat/FyFlS0X2D7eDayZ4R4Gkzw

(Remember to say something there or the bot kicks you out)


❤️ @NoGoolag

ϟ A quick update on our current situation -

The repository is now back online for everyone to download the hosts from.

BUT..

We need some time to set up a new strategy to provide updates, such that we would not violate GitHub ToS and get our repos disabled again. For this we have considered GitHub "releases" as a great option to keep the repository size low, without compromising on the update schedule.

(Shout out to @clannad, @fr3akyphantom and everyone else on our support chat who helped us discover this.)

Feel free to tag me [@AvinashReddy3108] (or any admin) on our support chat if you know a better way to keep the updates coming, we'd love to hear your thoughts.

Block app components
(receivers/services/activities/ads/trackers...)

Disable Fuck Services script
https://t.me/libreware/735

Watt
https://t.me/libreware/756

Blocker
https://t.me/libreware/745

My Android Tools (closed source)
https://www.myandroidtools.com


Here's a list of things you could disable, it's not complete:

AdIdListener
AppMeasurementService
ContentFiltersService
DailyHygiene$DailyHygieneService
DisplayLeakService
FirebaseInstanceIdService
FirebaseJobDispatcherEngine$FirebaseJobDispatcherService
FlushLogsReceiver$FlushLogsService
HeapAnalyzerService
InstantAppHygieneService
InstantAppsLoggingService
InstantAppsSharedPreferencesService
KeepAliveService
SetupWizardPaymentsEnablementService
WearChangeListenerService
WearSupportService
AdsActivity
Crashlytics
AnalyticsJobService
CampaignTrackingService
AppMeasurementJobService
InterstitialActivity
facebook.ads.AudienceNetworkActivity
Referral.InstallListener
Accountkit
AdAlarmHelperService
AdReminderHelperService
AdTriggerEventsService
AppTrackingService


📡 @Libreware 📡 @NoGoolag
#disablebadservices #blocker #watt #mat #disablefuckservices #block #ifw #intents #services #ads #tracking

Exploiting (Almost) Every Antivirus Software

Summary

Antivirus software is supposed to protect you from malicious threats, but what if that protection could be silently disabled before a threat can even be neutralized? What if that protection could be manipulated to perform certain file operations that would allow the operating system to be compromised or simply rendered unusable by an attacker?

RACK911 Labs has come up with a unique but simple method of using directory junctions (Windows) and symlinks (macOS & Linux) to turn almost every antivirus software into self-destructive tools.

Method of Exploitation
Most antivirus software works in a similar fashion: When an unknown file is saved to the hard drive, the antivirus software will usually perform a “real time scan” either instantly or within a couple of minutes. If the unknown file is determined to be a suspected threat, the file will then be automatically quarantined and moved to a secure location pending further user instructions or it will simply be deleted.

Given the nature of how antivirus software has to operate, almost all of them run in a privileged state meaning the highest level of authority within the operating system. Therein lies a fundamental flaw as the file operations are (almost) always performed at the highest level which opens the door to a wide range of security vulnerabilities and various race conditions.

What most antivirus software fail to take into consideration is the small window of time between the initial file scan that detects the malicious file and the cleanup operation that takes place immediately after. A malicious local user or malware author is often able to perform a race condition via a directory junction (Windows) or a symlink (Linux & macOS) that leverages the privileged file operations to disable the antivirus software or interfere with the operating system to render it useless, etc.

👉🏼 Read more:
https://www.rack911labs.com/research/exploiting-almost-every-antivirus-software/

#exploiting #antivirus #RACK911
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Facebook owns social.

Facebook owns WhatsApp, Instagram, Oculus and can share data between these and its own products e.g. Messenger.

Keep this in mind when using their apps. Here are the deletion links.

👍🏻 Delete Instagram

👍🏻 Delete WhatsApp

👍🏻 Delete Oculus

📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@NoGoolag

Hacking health

About hacking wheelchairs, building custom bicycles, adapters to use e-scooters as outboard motors: Empowering people with disablitities or healthcare needs through Open Hardware. Presentation on experiences and lessons learned in collecting and co-creating open personalized DIY healthcare solutions for replicability and adaptability in Makerspace worldwide.

https://vid.lelux.fi/videos/watch/5c2b56de-5e0c-4e9a-a299-52b2547c27cb

#CCC #36C3 #hacking #health #wheelchairs #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

This is not the Onion
This is not satire
This is real life

[...] President Trump's latest medical advice to the nation has shocked the entire world.
In other news, due to Zoom's video conference service gaining popularity all over the world, Zoom stocks have shot up 1400%... oh wait, the wrong Zoom! Due to the latest display of capitalism's remarkable abilities, an empty useless company with zero staff, and very little practical value has managed to take the earnings of a hard-working company such as Zoom. In other news, [...]

https://www.ft.com/content/98635c63-b4ab-49a3-9c18-1de6819d6305

#zoom #stocks #sec

Chinese internet users who uploaded coronavirus memories to GitHub have been arrested

This story has been updated with comment from volunteers behind a GitHub page.

A group of volunteers in China who worked to prevent digital records of the coronavirus outbreak from being scrubbed by censors are now targets of a crackdown.

Cai Wei, a Beijing-based man who participated in one such project on GitHub, the software development website, was arrested together with his girlfriend by Beijing police on April 19. The couple were accused of “picking quarrels and provoking trouble,” a commonly used charge against dissidents in China, according to Chen Kun, the brother of Chen Mei, another volunteer involved with the project. Chen Mei has been missing since that same day. On April 24, the couple’s families received a police notice that informed them of the charge, and said the two have been put under “residential surveillance at a designated place.” There is still no information about Chen Mei, said his brother.

It is unclear whether the arrest of the couple and the disappearance of Chen are directly linked to their GitHub project, named “Terminus2049.” The Beijing police could not be reached for comment.

👉🏼 Read more:
https://qz.com/1846277/china-arrests-users-behind-github-coronavirus-memories-page/

#China #coronavirus #GitHub #arrested
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

MinMicroG MicroG installer
v2.7-beta3-milkandbootloops

28 april, 2020

By MOVZX and FatherJony and FriendlyNeighborhoodShane

⚠️ Check the guide called readme.md inside the zips ⚠️

Probably the last release with custom APKs made for my own satisfaction until Marvin revives microG to its former glory. With all the recent fixes made while sitting at home (thanks COVID-19!)

Why you would bother flashing this:
♦ Formally put the scripts under GPLv3
♦ Added an install.md file as a handy reference manual and guide
♦ Update AuroraSuite, Play store
♦ Remove DroidGuard for obvious reasons (thanks Googs!)
♦ Replace abandoned FDroid GSM NLP backend with releases from @ploink
♦ Removed unmaintained radiocell backend that was crashing on many phones
♦ Now uses awk from MBB if you have Magisk installed
♦ Fix the (yet inexplicable) rare simple_mount bug that expanded faster than the universe (thanks advanced physics!)

Still the same selfbuilt GMSCore and UNLP for background location fix
(sauce at github.com/nogoolag)

⬇️ Downloads:
https://github.com/friendlyneighborhoodshane/minmicrog_releases/releases

Build scripts and instructions:
(slightly modified - GMSCore and UNLP selfbuilt)
github.com/friendlyneighborhoodshane/minmicrog


📡 @NoGoolag
#minmicrog #microg #installer

Two Usenet providers blame data breaches on partner company

Remember Usenet?

Two companies that provide Usenet services have disclosed security breaches today. The two companies, UseNeXT and Usenet.nl, blamed the breaches on "a security vulnerability at a partner company."

Neither UseNeXT nor Usenet.nl have named the third-party company whose software enabled the intrusion. It is unclear if this is referring to a Usenet desktop client or a server-side service.

Both Usenet providers have now shut down their websites to investigate the breach.

According to a near-identical message posted on both sites [1, 2], the two companies say the intruder gained access to information such as names, billing addresses, payment details (IBAN and account number), and other information users provided during the process of creating an account on the two websites.

👉🏼 Read more:
https://www.zdnet.com/article/two-usenet-providers-blame-data-breaches-on-partner-company/

#usenet #breach #UseNeXT #Usenetnl
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

🚨 Malware warning 🚨

Currently, malware is again actively distributed in telegram groups.

It is an .exe file whose name usually reflects the topic of the respective group.
The .exe file always has 2.6 MB.

❗️ Always check executable files before opening them
❗️ Pay attention to the file size and strange names


‼️If you see such an .exe file with exactly 2.6 MB in one of your groups, please inform an admin and warn the other users ‼️

https://www.virustotal.com/gui/file/279abdad31bf6eaf6fa9b182dad32806060c06d4107c9a96d0738c26427eeb9b/detection

👀 group with malware:
https://t.me/redmi3com

#alert #malware #telegram
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Poor Windows Users...

Ministers plan to give more UK public bodies power to access phone data

Expansion of ‘snooper’s charter’ would allow more authorities to access web browsing histories

Ministers want to expand the scope of UK surveillance laws to give more public authorities – including a pensions watchdog and the Environment Agency – the power to access vast databases of personal phone and computer data.

Five additional public bodies are to be allowed to obtain communications data under the Investigatory Powers Act – frequently dubbed the snooper’s charter – as they are “increasingly unable to rely on local police forces to investigate crimes on their behalf”, according to documents published by the government.

The US whistleblower Edward Snowden once described the act as the “most extreme surveillance in the history of western democracy”.

The Civil Nuclear Constabulary, the armed police force in charge of protecting civil nuclear sites; the Environment Agency; the Insolvency Service; the UK National Authority for Counter Eavesdropping (UKNACE), an anti-espionage service and the Pensions Regulator are poised to benefit from strengthened powers.

The authorities join an established list that includes police forces, government departments and public agencies including the Health and Safety Executive.

A Home Office spokesperson said: “To protect national security and investigate serious crimes, law enforcement and relevant public authorities need the ability to acquire communications data.

“These powers are only used where it is absolutely necessary and proportionate and are independently authorised by the Office for Communications Data Authorisations, except in urgent or national security cases.”

👉🏼 Read more:
https://www.theguardian.com/world/2020/apr/22/ministers-plan-to-give-more-uk-public-bodies-power-to-hack-phones

#UK #surveillance #smartphone #data
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Hey all, a little announcement.

Google has changed the API a lot lately, breaking a lot of Aurora functionalities.

I'm done with patching things to get it working.
I have decided to start writing gplayapi3 from scratch using latest protobuf, it will take some time.

There will be no further updates until I finish this new API.

I will be writing it using RetroFit & Wire, anyone interested can join.

Stay Tuned!

Progress can be tracked here : https://gitlab.com/AuroraOSS/gplayapi3

Google Confirms New Security Threat For 2 Billion Chrome Users.

Google has warned of yet more security vulnerabilities in Chrome 81, which was only launched three weeks ago.

Google has confirmed two new high-rated security vulnerabilities affecting Chrome, prompting yet another update since the release of Chrome 81 on April 7. These new security threats could enable an attacker to take control of an exploited system, which is why the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has advised users to apply that update now.

https://www.forbes.com/sites/daveywinder/2020/04/29/google-confirms-new-security-threats-for-2-billion-chrome-users/#1683b71d39bc

📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@NoGoolag

Xiaomi phone logging browser use

A researcher shows how his Xiaomi phone is tracking his web use, including a visit to PornHub.

https://invidio.us/watch?v=62kxZunBQyI

#PoC #Xiaomi #logging #browser
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use


#xiaomi #miui #spyware #virus

Xiaomi Devices Found Tracking And Recording Browsing Data Of Millions

The tracking extends to browser's Incognito mode as well !!

Xiaomi has been tracking and recording an insane amount of private data, from user’s phone habits to queries in the Xiaomi’s default browsers.

According to a cybersecurity researcher, Cirlig, Xiaomi records all the search queries and items viewed on its default browser (Mi Browser Pro) as well as on the Mint browser. The tracking extends to Incognito mode as well.

The researcher was able to confirm the same pattern on other Xiaomi phones, including Mi 10, Redmi K20, and Mi MIX 3.

Xiaomi, in response, confirmed that it collects browsing data. However, the company says the data sent is anonymized, and users have consented to the data tracking. Meanwhile, it denied claims of information being monitored in Incognito mode.

The researcher, however, was able to prove that Xiaomi is recording Incognito mode data as well. In a video, he showcases how the information of him visiting a porn website in incognito mode is being sent to the servers.

👉🏼 Read more:
https://fossbytes.com/xiaomi-devices-found-tracking-and-recording-browsing-data-of-millions/

#PoC #Xiaomi #spy #logging #browser #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Ubuntu has full access to your Google Account

Beware of this security bug if you are using Chromium Browser on Ubuntu

I am not the kind of dude who's too nerdy about IT security in general but I reviewed my Google Account's security today because I happened to land there as I wanted to change some other Google setting. Now what I saw literally shocked me.

I happen to use a handful of apps where I use my Google account but the permissions are limited to what they do (for example, the Car Driving Simulator app can only access the Google Play Service and nothing else). However, this app called "Ubuntu" has full access to my Google account which I thought was odd.

Though I happen to use an Ubuntu OS (18.04 LTS to be precise), they don't seem to be the kind who will hijack permissions to their users' Google accounts. Further research led me to this and this which are eye opening posts in this regard, and then it stuck me that I also use the Chromium Browser installed right from the Ubuntu repos using apt!

I also remember signing into Chromium browser so as to sync my bookmarks, etc. with my Android phone. Just to verify, I removed the access to Ubuntu and for sure, the sync feature on my browser suddenly stopped and I was temporarily signed out. So, I signed into Chromium again and that permission (Ubuntu Has full access!) came up again at its place. Now, I understand that its Chromium and not Ubuntu who is given permissions here, but there are a few problems (or rather a bug) with this workflow:

👉🏼 Read more:
https://techtudor.blogspot.com/2020/05/ubuntu-has-full-access-to-your-google.html

#ubuntu #linux #google #DeleteGoogle #privacy #security #chrome #browser
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

ICANN rejects sale of .org to Etheros Capital
Today, the ICANN Board made the decision to reject the proposed change of control and entity conversion request that Public Interest Registry (PIR) submitted to ICANN.

After completing extensive due diligence, the ICANN Board finds that withholding consent of the transfer of PIR from the Internet Society (ISOC) to Ethos Capital is reasonable, and the right thing to do.

ICANN's role is to ensure the stable and secure operation of the Internet's unique identifier systems. We are dedicated to making the right decision, knowing that whatever we decide will be well received by some, and not by others. It is our responsibility to weigh all factors from an ICANN Bylaws and policies perspective, including considering the global public interest. We have done this diligently, ensuring as much transparency as possible and welcoming input from stakeholders throughout.

On 13 November 2019, PIR announced that ISOC, its parent organization, had reached an agreement with Ethos Capital, under which Ethos Capital would acquire PIR and all of its assets from ISOC. Under the agreement, PIR would also be converted from a Pennsylvania not-for-profit corporation to a for-profit Pennsylvania limited liability company. ISOC created and agreed to the transaction details that are under review.
https://www.icann.org/news/blog/icann-board-withholds-consent-for-a-change-of-control-of-the-public-interest-registry-pir

Spyware slinger NSO to Facebook: Pretty funny you're suing us in California when we have no US presence and use no American IT services...

Malware maker urges judge to dump lawsuit over WhatsApp phone snooping

Israeli spyware maker NSO Group has rubbished Facebook's claim it can be sued in California because it allegedly uses American IT services and has a business presence in the US.

Last October, Facebook and its WhatsApp subsidiary sued the software developer and its affiliate Q Cyber Technologies in California, claiming that the firms made, distributed, and operated surveillance software known as Pegasus that remotely infects, hijacks, and extracts data from the smartphones of WhatsApp users.

https://www.theregister.co.uk/2020/05/01/nso_whatsapp_california/

📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@NoGoolag