Forwarded from BlackBox (Security) Archiv
Powerhouse VPN products can be abused for large-scale DDoS attacks
Around 1,500 Powerhouse VPN servers are exposed online and ready to be abused by DDoS groups.
Botnet operators are abusing VPN servers from VPN provider Powerhouse Management as a way to bounce and amplify junk traffic part of DDoS attacks.
This new DDoS vector has been discovered and documented by a security researcher who goes online as Phenomite, who shared his findings with ZDNet last week.
The researcher said the root cause of this new DDoS vector is a yet-to-be-identified service that runs on UDP port 20811 on Powerhouse VPN servers.
Phenomite says that attackers can ping this port with a one-byte request, and the service will often respond with packets that are up to 40 times the size of the original packet.
Since these packets are UDP-based, they can also be modified to contain an incorrect return IP address. This means that an attacker can send a single-byte UDP packet to a Powerhouse VPN server, which then amplifies it and sends it to the IP address of a victim of a DDoS attack —in what security researchers call a reflected/amplified DDoS attack.
https://www.zdnet.com/article/powerhouse-vpn-products-can-be-abused-for-large-scale-ddos-attacks/
#powerhouse #vpn #abuse #ddos #attacks
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Around 1,500 Powerhouse VPN servers are exposed online and ready to be abused by DDoS groups.
Botnet operators are abusing VPN servers from VPN provider Powerhouse Management as a way to bounce and amplify junk traffic part of DDoS attacks.
This new DDoS vector has been discovered and documented by a security researcher who goes online as Phenomite, who shared his findings with ZDNet last week.
The researcher said the root cause of this new DDoS vector is a yet-to-be-identified service that runs on UDP port 20811 on Powerhouse VPN servers.
Phenomite says that attackers can ping this port with a one-byte request, and the service will often respond with packets that are up to 40 times the size of the original packet.
Since these packets are UDP-based, they can also be modified to contain an incorrect return IP address. This means that an attacker can send a single-byte UDP packet to a Powerhouse VPN server, which then amplifies it and sends it to the IP address of a victim of a DDoS attack —in what security researchers call a reflected/amplified DDoS attack.
https://www.zdnet.com/article/powerhouse-vpn-products-can-be-abused-for-large-scale-ddos-attacks/
#powerhouse #vpn #abuse #ddos #attacks
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
ZDNet
Powerhouse VPN products can be abused for large-scale DDoS attacks
Around 1,500 Powerhouse VPN servers are exposed online and ready to be abused by DDoS groups.
YouTube's AI blocks a chess channel after mistaking the discussion about 'black and white' with racism
https://www.independent.co.uk/life-style/gadgets-and-tech/ai-chess-racism-youtube-agadmator-b1804160.html
#yt #youtube #ai
https://www.independent.co.uk/life-style/gadgets-and-tech/ai-chess-racism-youtube-agadmator-b1804160.html
#yt #youtube #ai
The Independent
AI mistakes ‘black and white’ chess chat for racism
Issues with artificial intelligence-based content moderation highlighted after world’s most popular YouTube chess channel labelled ‘harmful and dangerous’
Firefox 86 introduces 'Total Cookie Protection'
https://blog.mozilla.org/security/2021/02/23/total-cookie-protection
#ff #Firefox #cookies
https://blog.mozilla.org/security/2021/02/23/total-cookie-protection
#ff #Firefox #cookies
Mozilla Security Blog
Firefox 86 Introduces Total Cookie Protection
Total Cookie Protection is a major anti-tracking advance in Firefox that confines cookies to the site where they were created.
Forwarded from GJ `°÷°` 🇵🇸🕊 (t ``~__/>_GJ06)
matrix@mastodon.matrix.org - RT @kdecommunity@twitter.com
NeoChat, KDE's native Matrix chat client, is out and comes with a new login page that detects the server configuration from your ID, stickers, message editing, and much more. Check out all that's new at https://carlschwan.eu/2021/02/23/neochat-1.1/
🦜 🔗: https://nitter.fdn.fr//kdecommunity/status/1364287275039875077
NeoChat, KDE's native Matrix chat client, is out and comes with a new login page that detects the server configuration from your ID, stickers, message editing, and much more. Check out all that's new at https://carlschwan.eu/2021/02/23/neochat-1.1/
🦜 🔗: https://nitter.fdn.fr//kdecommunity/status/1364287275039875077
Forwarded from GJ `°÷°` 🇵🇸🕊 (t ``~__/>_GJ06)
torproject@mastodon.social - Time to update: Tor Browser 10.0.12 is now available. This version updates Desktop Firefox to 78.8.0esr and Android Firefox to 86.1.0 + updates NoScript to 11.2.2, Openssl to 1.1.1j, and Tor to 0.4.5.6. Full changelog:
https://blog.torproject.org/new-release-tor-browser-10012
https://blog.torproject.org/new-release-tor-browser-10012
Auto-Delete, Widgets, Expiring Invite Links and More
Auto-Delete Messages
• Set messages to auto-delete for everyone 24 hours or 7 days after sending.
• Control auto-delete settings in any of your chats, as well as in groups and channels where you are an admin.
• To enable auto-delete, tap ⋮ > Clear History > choose a duration > Enable Auto-Delete.
Expiring Invite Links for Groups and Channels
• Create invite links that work for a limited time or a limited number of uses.
• See which users joined using your, or your admins’, invite links.
• Turn any invite link into a QR code users can scan with their phone cameras.
• To manage invite links, open your Group or Channel Profile > tap the Pencil Button > Invite Links.
Home Screen Widgets
• Access your chats quickly right from your home screen.
• To add a widget, press and hold the wallpaper on your home screen, then tap Widgets and find Telegram.
Groups with Unlimited Members
• Convert groups that have reached the 200,000 member limit into unlimited Broadcast Groups.
Improved Chat Import
• Keep messages sorted by their original sending date when moving chat history from other apps. Works if the target chat on Telegram is new or has fewer than 1000 messages.
More about this update:
https://telegram.org/blog/autodelete-inv2
Auto-Delete Messages
• Set messages to auto-delete for everyone 24 hours or 7 days after sending.
• Control auto-delete settings in any of your chats, as well as in groups and channels where you are an admin.
• To enable auto-delete, tap ⋮ > Clear History > choose a duration > Enable Auto-Delete.
Expiring Invite Links for Groups and Channels
• Create invite links that work for a limited time or a limited number of uses.
• See which users joined using your, or your admins’, invite links.
• Turn any invite link into a QR code users can scan with their phone cameras.
• To manage invite links, open your Group or Channel Profile > tap the Pencil Button > Invite Links.
Home Screen Widgets
• Access your chats quickly right from your home screen.
• To add a widget, press and hold the wallpaper on your home screen, then tap Widgets and find Telegram.
Groups with Unlimited Members
• Convert groups that have reached the 200,000 member limit into unlimited Broadcast Groups.
Improved Chat Import
• Keep messages sorted by their original sending date when moving chat history from other apps. Works if the target chat on Telegram is new or has fewer than 1000 messages.
More about this update:
https://telegram.org/blog/autodelete-inv2
Telegram
Auto-Delete, Widgets and Expiring Invite Links
This update brings an auto-delete timer for messages in any chat, as well as new flexible invite links and faster access to your chats with home screen widgets. Also, groups can now have unlimited members.
Forwarded from BlackBox (Security) Archiv
Ban sale of Grand Theft Auto, other violent video games, state rep says
With carjackings rising, Rep. Marcus Evans wants to prohibit the sale of violent video games promoting criminal activity. Also Monday, Operation Safe Pump announced its gas station guards program will expand to south suburban Olympia Fields.
With carjackings on the rise in Chicago and elsewhere, a South Side Democratic state representative has introduced a bill that would ban the sale of Grand Theft Auto and other violent video games.
Rep. Marcus Evans Jr. wants to amend a 2012 law preventing some video games from being sold to minors. Friday, he filed HB3531, which would amend that law to ban the sale to anyone of video games depicting “psychological harm,” including “motor vehicle theft with a driver or passenger present.”
Evans had been contacted in January by Early Walker, who started Operation Safe Pump to prevent carjackings at gas stations and shopping centers. Safe Pump positions security guards from the Kates Detective and Security Agency in areas with high numbers of carjackings.
“The bill would prohibit the sale of some of these games that promote the activities that we’re suffering from in our communities.” Evans said.
Walker said he reached out to several state legislators to ban the video game after noticing similarities in local incidents of carjackings and actions players can make in the video game.
“I feel like this game has become a huge issue in this spectrum,” Walker said. “When you compare the two, you see harsh similarities as it relates to these carjackings.”
https://chicago.suntimes.com/news/2021/2/22/22295471/grand-theft-auto-illinois-ban-violent-video-games-carjackings-evans-operation-safe-pump
#gta #usa #illinois #carjacking #chicago #ban #prohibit #videogame #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
With carjackings rising, Rep. Marcus Evans wants to prohibit the sale of violent video games promoting criminal activity. Also Monday, Operation Safe Pump announced its gas station guards program will expand to south suburban Olympia Fields.
With carjackings on the rise in Chicago and elsewhere, a South Side Democratic state representative has introduced a bill that would ban the sale of Grand Theft Auto and other violent video games.
Rep. Marcus Evans Jr. wants to amend a 2012 law preventing some video games from being sold to minors. Friday, he filed HB3531, which would amend that law to ban the sale to anyone of video games depicting “psychological harm,” including “motor vehicle theft with a driver or passenger present.”
Evans had been contacted in January by Early Walker, who started Operation Safe Pump to prevent carjackings at gas stations and shopping centers. Safe Pump positions security guards from the Kates Detective and Security Agency in areas with high numbers of carjackings.
“The bill would prohibit the sale of some of these games that promote the activities that we’re suffering from in our communities.” Evans said.
Walker said he reached out to several state legislators to ban the video game after noticing similarities in local incidents of carjackings and actions players can make in the video game.
“I feel like this game has become a huge issue in this spectrum,” Walker said. “When you compare the two, you see harsh similarities as it relates to these carjackings.”
https://chicago.suntimes.com/news/2021/2/22/22295471/grand-theft-auto-illinois-ban-violent-video-games-carjackings-evans-operation-safe-pump
#gta #usa #illinois #carjacking #chicago #ban #prohibit #videogame #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Chicago Sun-Times
Ban sale of Grand Theft Auto, other violent video games, state rep says
With carjackings rising, Rep. Marcus Evans wants to prohibit the sale of violent video games promoting criminal activity. Also Monday, Operation Safe Pump announced its gas station guards program will expand to south suburban Olympia Fields.
NoGoolag
Ban sale of Grand Theft Auto, other violent video games, state rep says With carjackings rising, Rep. Marcus Evans wants to prohibit the sale of violent video games promoting criminal activity. Also Monday, Operation Safe Pump announced its gas station guards…
This media is not supported in your browser
VIEW IN TELEGRAM
Spotify voices fears over price rises encouraging music piracy
Spotify fears raising its monthly subscription above £9.99 ($9.99) could “push users into piracy”, it told MPs at a parliamentary select committee inquiry on Tuesday, despite suggestions from record labels that an increase could help struggling musicians.
The chief legal officer for the popular music streaming service, Horacio Gutierrez, claimed that any rise in the current fee, which hasn't changed in a decade, would make music "unaffordable to consumers", the BBC reports.
Gutierrez was giving evidence to the 'Digital, Culture, Media and Sport' committee inquiry into the economic impact music streaming is having on artists, record labels and the wider music industry's sustainability.
The inquiry was established at the tail end of 2020, a year in which artists all but lost any direct income from live shows due to the pandemic but, according to the BPI, also saw UK music streams grow by 20 per cent. MPs are investigating the business models of platforms such as Spotify, Apple Music, Amazon Music and Google Play and have heard compelling testimonies from record executives and artists, including Radiohead, Elbow and Chic's Nile Rodgers.
Music streaming provides the UK economy with more than £1 billion in revenue, however artists can be paid as little as 13 per cent of the income generated.
https://www.whathifi.com/news/spotify-claims-price-rise-could-encourage-music-piracy
💡 https://thetrichordist.com/2020/03/05/2019-2020-streaming-price-bible-youtube-is-still-the-1-problem-to-solve/
#spotify #music #piracy #youtube #thinkabout
Spotify fears raising its monthly subscription above £9.99 ($9.99) could “push users into piracy”, it told MPs at a parliamentary select committee inquiry on Tuesday, despite suggestions from record labels that an increase could help struggling musicians.
The chief legal officer for the popular music streaming service, Horacio Gutierrez, claimed that any rise in the current fee, which hasn't changed in a decade, would make music "unaffordable to consumers", the BBC reports.
Gutierrez was giving evidence to the 'Digital, Culture, Media and Sport' committee inquiry into the economic impact music streaming is having on artists, record labels and the wider music industry's sustainability.
The inquiry was established at the tail end of 2020, a year in which artists all but lost any direct income from live shows due to the pandemic but, according to the BPI, also saw UK music streams grow by 20 per cent. MPs are investigating the business models of platforms such as Spotify, Apple Music, Amazon Music and Google Play and have heard compelling testimonies from record executives and artists, including Radiohead, Elbow and Chic's Nile Rodgers.
Music streaming provides the UK economy with more than £1 billion in revenue, however artists can be paid as little as 13 per cent of the income generated.
https://www.whathifi.com/news/spotify-claims-price-rise-could-encourage-music-piracy
💡 https://thetrichordist.com/2020/03/05/2019-2020-streaming-price-bible-youtube-is-still-the-1-problem-to-solve/
#spotify #music #piracy #youtube #thinkabout
What Hi-Fi?
Spotify voices fears over price rises encouraging music piracy
Streaming giant defends current subscription fee in MP inquiry
Forwarded from BlackBox (Security) Archiv
This browser extension shows what the Internet would look like without Big Tech
A web without Google, Facebook, Microsoft, or Amazon
The Economic Security Project is trying to make a point about big tech monopolies by releasing a browser plugin that will block any sites that reach out to IP addresses owned by Google, Facebook, Microsoft, or Amazon. The extension is called Big Tech Detective, and after using the internet with it for a day (or, more accurately, trying and failing to use), I’d say it drives home the point that it’s almost impossible to avoid these companies on the modern web, even if you try.
https://www.theverge.com/2021/2/24/22297686/browser-extension-blocks-sites-using-google-facebook-microsoft-amazon
💡 https://bigtechdetective.net/
#DeleteGoogle #delete #microsoft #amazon #browser #plugin #extension #tool
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
A web without Google, Facebook, Microsoft, or Amazon
The Economic Security Project is trying to make a point about big tech monopolies by releasing a browser plugin that will block any sites that reach out to IP addresses owned by Google, Facebook, Microsoft, or Amazon. The extension is called Big Tech Detective, and after using the internet with it for a day (or, more accurately, trying and failing to use), I’d say it drives home the point that it’s almost impossible to avoid these companies on the modern web, even if you try.
https://www.theverge.com/2021/2/24/22297686/browser-extension-blocks-sites-using-google-facebook-microsoft-amazon
💡 https://bigtechdetective.net/
#DeleteGoogle #delete #microsoft #amazon #browser #plugin #extension #tool
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Google Invests in Linux Kernel Developers to Focus on Security
Google and the Linux Foundation have announced plans to fund two full-time maintainers to exclusively focus on Linux kernel security development. Gustavo Silva and Nathan Chancellor, both active Linux contributors, will work to strengthen kernel security and associated projects.
https://www.darkreading.com/operations/google-invests-in-linux-kernel-developers-to-focus-on-security/d/d-id/1340247
https://www.xda-developers.com/xda-recognized-developer-linux-kernel-security/
#Google #Linux
Google and the Linux Foundation have announced plans to fund two full-time maintainers to exclusively focus on Linux kernel security development. Gustavo Silva and Nathan Chancellor, both active Linux contributors, will work to strengthen kernel security and associated projects.
https://www.darkreading.com/operations/google-invests-in-linux-kernel-developers-to-focus-on-security/d/d-id/1340247
https://www.xda-developers.com/xda-recognized-developer-linux-kernel-security/
#Google #Linux
Dark Reading
Google Invests in Linux Kernel Developers to Focus on Security
Google will fund two full-time Linux kernel developers to maintain and improve Linux security in the long term.
Media is too big
VIEW IN TELEGRAM
RSS Really Simple Syndication
How you can follow your favorite content creators, webs, videos, podcasts, news... subscribing with RSS
https://www.corbettreport.com/?p=40167#SolutionsWatch
#rss
How you can follow your favorite content creators, webs, videos, podcasts, news... subscribing with RSS
https://www.corbettreport.com/?p=40167#SolutionsWatch
#rss
Media is too big
VIEW IN TELEGRAM
Is your keyboard spying on you?
The virtual keyboard on your phone is probably the biggest security vulnerability. Is what you type on your phone logged?
https://www.bitchute.com/video/vCRX0MZm2KI/
Keyboard apps:
https://t.me/libreware/260
#keyboard #android #thehatedone
The virtual keyboard on your phone is probably the biggest security vulnerability. Is what you type on your phone logged?
https://www.bitchute.com/video/vCRX0MZm2KI/
Keyboard apps:
https://t.me/libreware/260
#keyboard #android #thehatedone
Forwarded from We Are Change
🚨🚨 Twitter Deletes Dozens of Russian Accounts for “Undermining Faith in NATO”
A propaganda system is far more effective—and dangerous—when those inside are unaware of it and believe themselves to be free from influence.
https://wearechange.org/twitter-deletes-dozens-of-russian-accounts-for-undermining-faith-in-nato/
A propaganda system is far more effective—and dangerous—when those inside are unaware of it and believe themselves to be free from influence.
https://wearechange.org/twitter-deletes-dozens-of-russian-accounts-for-undermining-faith-in-nato/
We Are Change
Twitter Deletes Dozens of Russian Accounts for “Undermining Faith in NATO”
The move sparked controversy on Twitter itself, with many users joking that their own fealty to NATO was insufficiently zealous.
Amazon Sends ‘Vote NO’ Instructions to Unionizing Employees, Tells Them to Use New Mailbox
via www.vice.com
#amazon #union #why
via www.vice.com
#amazon #union #why
Telegraph
Amazon Sends ‘Vote NO’ Instructions to Unionizing Employees, Tells Them to Use New Mailbox
On the Clock
Forwarded from cRyPtHoN™ INFOSEC (EN)
Google Funds Linux Kernel Security Development.
Google and the Linux Foundation this week announced the prioritizing of funds to allow long-time Linux kernel maintainers Gustavo Silva and Nathan Chancellor to focus on improving the security of the platform.
With this funding, Silva and Chancellor will dedicate their work to improving kernel security, as well as to associated initiatives, so that the open source software project remains sustainable in the long run.
https://www.securityweek.com/google-funds-linux-kernel-security-development
Read Via Telegram
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Google and the Linux Foundation this week announced the prioritizing of funds to allow long-time Linux kernel maintainers Gustavo Silva and Nathan Chancellor to focus on improving the security of the platform.
With this funding, Silva and Chancellor will dedicate their work to improving kernel security, as well as to associated initiatives, so that the open source software project remains sustainable in the long run.
https://www.securityweek.com/google-funds-linux-kernel-security-development
Read Via Telegram
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag