Forwarded from The Hacker News
โ ๏ธ 15,000+ Four-Faith routers are exposed, with attackers actively exploiting a command injection flaw (CVE-2024-12856).
1๏ธโฃ Attackers execute commands remotely via the adj_time_year parameter.
2๏ธโฃ Reverse shells enable hackers to stay hidden and in control.
Read: https://thehackernews.com/2024/12/15000-four-faith-routers-exposed-to-new.html
1๏ธโฃ Attackers execute commands remotely via the adj_time_year parameter.
2๏ธโฃ Reverse shells enable hackers to stay hidden and in control.
Read: https://thehackernews.com/2024/12/15000-four-faith-routers-exposed-to-new.html
Forwarded from The Hacker News
๐ 600,000+ users impacted! A widespread campaign compromised 16+ extensions, including tools for AI and VPNs, using phishing and malicious code injection.
Learn more: https://thehackernews.com/2024/12/16-chrome-extensions-hacked-exposing.html
Learn more: https://thehackernews.com/2024/12/16-chrome-extensions-hacked-exposing.html
Forwarded from The Hacker News
What if your password manager or note-taking tool became a hackerโs entry point? Recent attacks on Chrome Store extensions reveal just how exposed your organization might be.
โ Why It Matters:
ยป Browser extensions are a silent threatโgranted access to sensitive data like cookies and identities.
ยป Credential theft can lead to organizational data breaches and compliance nightmares.
๐กKey Takeaways:
ยป Limit user-installed extensions.
ยป Implement risk-based policies to block risky permissions.
ยป Stay updated on the latest threats.
๐ Check out this guide to learn how: https://thehackernews.com/2024/12/when-good-extensions-go-bad-takeaways.html
โ Why It Matters:
ยป Browser extensions are a silent threatโgranted access to sensitive data like cookies and identities.
ยป Credential theft can lead to organizational data breaches and compliance nightmares.
๐กKey Takeaways:
ยป Limit user-installed extensions.
ยป Implement risk-based policies to block risky permissions.
ยป Stay updated on the latest threats.
๐ Check out this guide to learn how: https://thehackernews.com/2024/12/when-good-extensions-go-bad-takeaways.html
Forwarded from The Hacker News
๐จ Are hospitals prepared for the next big cyber attack? The HHS proposes new HIPAA updates to safeguard patient data and critical systems.
๐Proposed Solutions:
๐พ Encrypt sensitive data everywhere
๐ Map assets and identify vulnerabilities
โฑ Set recovery protocols within 72 hours
Read more: https://thehackernews.com/2024/12/new-hipaa-rules-mandate-72-hour-data.html
๐Proposed Solutions:
๐พ Encrypt sensitive data everywhere
๐ Map assets and identify vulnerabilities
โฑ Set recovery protocols within 72 hours
Read more: https://thehackernews.com/2024/12/new-hipaa-rules-mandate-72-hour-data.html
Forwarded from It's FOSS
Happy Birthday to the legend! ๐ ๐
Linus Torvalds, born on December 28, 1969, is the creator of the Linux kernel and Git, two groundbreaking inventions that transformed software development. His work on Linux revolutionized open-source operating systems, and Git became the standard tool for version control. ๐ง
Linus Torvalds, born on December 28, 1969, is the creator of the Linux kernel and Git, two groundbreaking inventions that transformed software development. His work on Linux revolutionized open-source operating systems, and Git became the standard tool for version control. ๐ง
Forwarded from It's FOSS
A lifetime membership offer for It's FOSS Pro to show your support and get rid of ads! โค๏ธ
https://news.itsfoss.com/tuxmas-day-4/
https://news.itsfoss.com/tuxmas-day-4/
It's FOSS News
12 Days of Tuxmas: Day 4
Let's have a lifetime friendship
Forwarded from It's FOSS
Free eBooks to conveniently learn about the Linux terminal and bash shell scripting! ๐
https://news.itsfoss.com/tuxmas-day-5/
https://news.itsfoss.com/tuxmas-day-5/
It's FOSS News
12 Days of Tuxmas: Day 5
Start learning Linux for free with us
Forwarded from It's FOSS
Image editing capabilities coming to GNOME's Loupe image viewer:
https://news.itsfoss.com/gnome-image-viewer-loupe-editing/
https://news.itsfoss.com/gnome-image-viewer-loupe-editing/
It's FOSS News
Wow! The New GNOME Image Viewer (Loupe) Plans to Add Basic Image Editing Options
GNOME's new image viewer is getting useful upgrades. Check them out here.
Forwarded from It's FOSS
Manage smarter, not harder. Here are the top homelab dashboards. ๐
https://itsfoss.com/homelab-dashboard/
https://itsfoss.com/homelab-dashboard/
It's FOSS
9 Dashboard Tools to Manage Your Homelab Effectively
See which server is running what services with the help of a dashboard tool for your homelab.
Forwarded from ๐ฝ๐ผ๐ฝ๐ ๐ข๐๐ฆ | ๐๐ข๐ฆ๐ฆ, ๐๐ถ๐ณ๐ฒ, ๐ ๐ฒ๐บ๐ฒ๐ (รmer)
CRX Installer
CRX Installer is a Firefox extension that enables the installation of Chrome extensions on browsers such as Floorp, Firefox Nightly, Firefox Developer Edition, Librewolf, and Zen Browser. It does not function with the standard version of Firefox. For browsers other than Floorp, users must set xpinstall.signatures.required to false in the about:config settings to utilize this extension.
๐ Links:
- Add it to your Firefox
- Demo video
- Source code
Developer: FoxRefire
๐ท๏ธ Tags: #Browser #Extension
CRX Installer is a Firefox extension that enables the installation of Chrome extensions on browsers such as Floorp, Firefox Nightly, Firefox Developer Edition, Librewolf, and Zen Browser. It does not function with the standard version of Firefox. For browsers other than Floorp, users must set xpinstall.signatures.required to false in the about:config settings to utilize this extension.
๐ Links:
- Add it to your Firefox
- Demo video
- Source code
Developer: FoxRefire
๐ท๏ธ Tags: #Browser #Extension
Forwarded from ๐ฝ๐ผ๐ฝ๐ ๐ข๐๐ฆ | ๐๐ข๐ฆ๐ฆ, ๐๐ถ๐ณ๐ฒ, ๐ ๐ฒ๐บ๐ฒ๐ (รmer)
StyleBot
Stylebot is a browser extension that lets you change the appearance of the web instantly.
๐ Links:
- Add it to your browser
- Screenshots and screen record
- Features
- Source code
Developer: Ankit
๐ท๏ธ Tags: #Extension #Customization
Stylebot is a browser extension that lets you change the appearance of the web instantly.
๐ Links:
- Add it to your browser
- Screenshots and screen record
- Features
- Source code
Developer: Ankit
๐ท๏ธ Tags: #Extension #Customization
Forwarded from ๐ฝ๐ผ๐ฝ๐ ๐ข๐๐ฆ | ๐๐ข๐ฆ๐ฆ, ๐๐ถ๐ณ๐ฒ, ๐ ๐ฒ๐บ๐ฒ๐ (รmer)
InstaEclipse (Xposed module)
InstaEclipse is an LSPosed module designed to enhance your Instagram experience with advanced features like developer options, ghost mode, distraction-free mode, and more. This module is built to stay compatible with new Instagram releases by leveraging dynamic analysis to locate targeted classes and methods automatically.
๐ Links:
- Download
- Screenshots
- Features
- Support group
- Source code
Developer: Abdul (ReSo7200)
๐ท๏ธ Tags: #Android #Xposed #Root #Tools
InstaEclipse is an LSPosed module designed to enhance your Instagram experience with advanced features like developer options, ghost mode, distraction-free mode, and more. This module is built to stay compatible with new Instagram releases by leveraging dynamic analysis to locate targeted classes and methods automatically.
๐ Links:
- Download
- Screenshots
- Features
- Support group
- Source code
Developer: Abdul (ReSo7200)
๐ท๏ธ Tags: #Android #Xposed #Root #Tools
Forwarded from ๐ฝ๐ผ๐ฝ๐ ๐ข๐๐ฆ | ๐๐ข๐ฆ๐ฆ, ๐๐ถ๐ณ๐ฒ, ๐ ๐ฒ๐บ๐ฒ๐ (รmer)
Youtube Times
A Firefox Extension that replaces the undescriptive youtube time with the exact absolute time of release. Perfect for all your Internet Historian needs!
๐ Links:
- Add it to your Firefox
- Sample pictures
- How it works
- Source code
Developer: RandomGamingDev
๐ท๏ธ Tags: #Browser #Extension #Utilities
A Firefox Extension that replaces the undescriptive youtube time with the exact absolute time of release. Perfect for all your Internet Historian needs!
๐ Links:
- Add it to your Firefox
- Sample pictures
- How it works
- Source code
Developer: RandomGamingDev
๐ท๏ธ Tags: #Browser #Extension #Utilities
Forwarded from ๐ฝ๐ผ๐ฝ๐ ๐ข๐๐ฆ | ๐๐ข๐ฆ๐ฆ, ๐๐ถ๐ณ๐ฒ, ๐ ๐ฒ๐บ๐ฒ๐ (๊ญ ๐๐๐๐๐๐๐๐๐ ๐งง)
SoundRemote
An Android app that, when paired up with SoundRemote server, allows to capture and stream audio from a PC to an Android device, execute keyboard commands on the PC remotely from the Android app either directly through its UI or by binding to certain events such as device shaking or incoming phone call and control media on the PC through the Android media notification.
๐ Links:
- Download: GitHub | IzzySoft
- Screenshots
- Source Code
- Developer: SoundRemote
๐ท๏ธ Tags: #android #desktop #sound
An Android app that, when paired up with SoundRemote server, allows to capture and stream audio from a PC to an Android device, execute keyboard commands on the PC remotely from the Android app either directly through its UI or by binding to certain events such as device shaking or incoming phone call and control media on the PC through the Android media notification.
๐ Links:
- Download: GitHub | IzzySoft
- Screenshots
- Source Code
- Developer: SoundRemote
๐ท๏ธ Tags: #android #desktop #sound
Forwarded from ๐ฝ๐ผ๐ฝ๐ ๐ข๐๐ฆ | ๐๐ข๐ฆ๐ฆ, ๐๐ถ๐ณ๐ฒ, ๐ ๐ฒ๐บ๐ฒ๐ (Misfit)
Ghostty
Ghostty is a fast, feature-rich, and cross-platform terminal emulator that uses platform-native UI and GPU acceleration.
๐ Links:
- Download
- Screenshots
- Source Code
- Developer: Mitchellh
๐ท๏ธ Tags: #Linux #MacOS
Ghostty is a fast, feature-rich, and cross-platform terminal emulator that uses platform-native UI and GPU acceleration.
๐ Links:
- Download
- Screenshots
- Source Code
- Developer: Mitchellh
๐ท๏ธ Tags: #Linux #MacOS
Forwarded from NoGoolag
Liberating #WiFi on the #ESP32 [video]
https://media.ccc.de/v/38c3-liberating-wi-fi-on-the-esp32
Comments
https://media.ccc.de/v/38c3-liberating-wi-fi-on-the-esp32
Comments
media.ccc.de
Liberating Wi-Fi on the ESP32
Reverse engineering the Wi-Fi peripheral of the ESP32 to build an open source Wi-Fi stack.
During the 38c3, there are probably multipl...
During the 38c3, there are probably multipl...
Forwarded from ๐ ๐๐ข๐ช ๐๐จ๐ ๐ฃ (๐ ๐๐ข๐ช๐ป๐ฎ ๐
)
This scammer on Telegram [UID 1878505335] is spreading a dangerous Magisk module to hack/destroy phones and demand money. (stoplamers gang)
[See Screenshot 1- CHAT BETWEEN SCAMMER & VICTIM]
What Happened:
โข [UID 7576386418] Victim Ganesh's phone was hacked via Scammer's module.
โข Scammer demanded $100, threatening to destroy the phone if they didn't pay.
โข This guy alerted me to this scam.
โข I went undercover to investigate how it works
[See Screenshot 2- CHAT BETWEEN SCAMMER & Investigator] MUST READ
Here's how it went down:
There were only two things needed: "Zygisk" and the "virus module" (click to read more)
I was really surprised to find out it didn't even require a restart. Once you flashed it, it was basically done.
So I contacted the person and, pretending to be someone else, said I wanted to access my girlfriend's phone. I acted like a nibba & He seemed to believe my story and sent me the module.
To see how it works, I needed to install it. Instead of using the real module, I made two fake modules. I just copied module.prop file from his module, repacked it with my update binary, and flashed it using "kernel su".
The person was then trying to do things to my phone, but nothing was happening.๐ญ ๐คฃ I was just watching it and was really laughing hard because it wasn't working. Then he sent commands to run in the terminal, related to the service.sh file inside his module. Since I hadnโt installed the original module, the commands didn't do anything. He then seemed confused and started asking for my Android and kernel versions๐. Finally, he sent something I wouldnโt run as it was an obvious privacy concern. So, I've decided to just hold on to things for now since I have enough evidence
What Happens If You Flash This Module?:
โข Scammer gets full access to your phone (data, messages, photos, chats etc.)
โข Scammer can steal your data and money.
โข Scammer can lock or destroy your phone. (he remotely destroyed victim's device making it unbootable)
โข You will be blackmailed.
- Moral from this incident๏ปฟ
โข Do not flash modules from unknown sources
โข Only use trusted modules.
โข Be suspicious of free or "too good to be true" modules.
โข Research modules before installing.
Stay safe and share this information with your friends to help stop these scams!
~ Regards // Mona
Please open Telegram to view this post
VIEW IN TELEGRAM
๐1