β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The developer added a series of RISC-V UEFI support patches for Linux:
#NEWS
> Earlier this year, the UEFI code in Linux has been cleaned up, and then a series of early patches for RISC-V UEFI support were proposed, forming a more comprehensive patch set for enabling RISC-V UEFI support under Linux. Recently, developers have submitted a series of patches to solve a large number of problems and add some new capabilities to support RISC-V UEFI under Linux.
> Developer Atish Patra comes from Western Digital. He submitted 11 patches last Thursday. According to his introduction, patches 1-6 are preparatory patches that can fix some common efi and riscv issues; patches 7-9 add The efi stub support for RISC-V was submitted for review in April; patch 10 renamed arm-init so that the foundation can be used in different codes; patch 11 adds runtime services to RISC-V.
π¦ In summary, the main contributions of this series of patches are:
1) Added full ioremap support.
2) Added efi runtime service support.
3) Fixed the mm problem.
4) At present, the patch has been verified by using the bootefi command in U-Boot on Qemu, and it has passed the test on both RISC-V 32-bit and RISC-V 64-bit. However, some problems with the EDK2 code on RISC-V are still being solved, mainly related to SPI and network drivers.
> This series of patches are applied to the Linux kernel 5.8-rc2 and is currently in PR status, waiting for code review. If the related problems are solved and finally accepted, they should be visible when Linux 5.8 is released.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The developer added a series of RISC-V UEFI support patches for Linux:
#NEWS
> Earlier this year, the UEFI code in Linux has been cleaned up, and then a series of early patches for RISC-V UEFI support were proposed, forming a more comprehensive patch set for enabling RISC-V UEFI support under Linux. Recently, developers have submitted a series of patches to solve a large number of problems and add some new capabilities to support RISC-V UEFI under Linux.
> Developer Atish Patra comes from Western Digital. He submitted 11 patches last Thursday. According to his introduction, patches 1-6 are preparatory patches that can fix some common efi and riscv issues; patches 7-9 add The efi stub support for RISC-V was submitted for review in April; patch 10 renamed arm-init so that the foundation can be used in different codes; patch 11 adds runtime services to RISC-V.
π¦ In summary, the main contributions of this series of patches are:
1) Added full ioremap support.
2) Added efi runtime service support.
3) Fixed the mm problem.
4) At present, the patch has been verified by using the bootefi command in U-Boot on Qemu, and it has passed the test on both RISC-V 32-bit and RISC-V 64-bit. However, some problems with the EDK2 code on RISC-V are still being solved, mainly related to SPI and network drivers.
> This series of patches are applied to the Linux kernel 5.8-rc2 and is currently in PR status, waiting for code review. If the related problems are solved and finally accepted, they should be visible when Linux 5.8 is released.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦McAfee VirusScan console user unlock password forgotten solutions:
1) If the user unlocking password of the McAfee VirusScan console is forgotten, the following solutions can be taken:
2) restart the computer, enter the safe mode, and then open the registry, find
>HKEYLOCALMACHINE\SOFTWARE\McAfee\DesktopProtection
3) in the registry, and then find the UIP subkey, delete the subkey To restart.
4) Or I have
installed McAfee 8.5i, and the password cannot be unlocked if I forget the password. Look at the Internet and say that delete
>HKEYLOCALMACHINE\SOFTWARE\McAfee\DesktopProtection\UIP in safe mode. If
5) we donβt have that condition, we will try to modify the original one and replace it with a known one.
admin:19a2854144b63a8f7617a6f225019b12
6) If modification is forbidden, try ice blade, but it doesn't work, call the computer room to reinstall the system.
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦McAfee VirusScan console user unlock password forgotten solutions:
1) If the user unlocking password of the McAfee VirusScan console is forgotten, the following solutions can be taken:
2) restart the computer, enter the safe mode, and then open the registry, find
>HKEYLOCALMACHINE\SOFTWARE\McAfee\DesktopProtection
3) in the registry, and then find the UIP subkey, delete the subkey To restart.
4) Or I have
installed McAfee 8.5i, and the password cannot be unlocked if I forget the password. Look at the Internet and say that delete
>HKEYLOCALMACHINE\SOFTWARE\McAfee\DesktopProtection\UIP in safe mode. If
5) we donβt have that condition, we will try to modify the original one and replace it with a known one.
admin:19a2854144b63a8f7617a6f225019b12
6) If modification is forbidden, try ice blade, but it doesn't work, call the computer room to reinstall the system.
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Your safety first see our small tips
#FastTips
How should I use Wi-Fi when I go out?
1) Refusing to connect to Wi-Fi from unknown sources. Hackers mostly take advantage of the fact that users want to surf the Internet for free. They should be cautious in using free Wi-Fi without passwords. Many merchants have places that provide free internet, but we also have to keep an eye on it and we must ask for detailed names to avoid being deceived by fake Wi-Fi such as "Starbucks-1";
2) Be cautious when logging in online banking and online shopping with your mobile phone. For the safety of your funds, you should use 3/4G Internet access mode to do so!
3) Turn off the "Select automatic connection" option in the phone settings, because if this function is turned on, the phone will automatically scan when it enters an area with a Wi-Fi network and connect to a network that does not require a password. Greatly increase the chance of mistakenly connecting to "fishing Wi-Fi".
4) Refuse to use Wi-Fi connection and password acquisition tools such as "Wi-Fi Master Key". This is because they share the Wi-Fi information that you or others have connected to based on the principle of data upload and sharing. If someone has connected "Fishing Wi-Fi" or "Trojan Wi-Fi", it happens that you are also nearby, then congratulations, you are also recruited!
5)How to prevent your own routing from being compromised?
Just now, the editor and my friends vowed to bet that he would never be able to break the router he is currently using. As a result, the technical man reimbursed the high-end router he had spent thousands of dollars on with an Android phone. ! And it's so easy and simple, just a few commonly used apps for testing, such as Wi-Fi analyzers, Wi-Fi master keys and other tools.
> The process is also very simple. First, crack the router's password, perform DNS hijacking on the router, and then steal all kinds of information from the editor as you wish.
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Your safety first see our small tips
#FastTips
How should I use Wi-Fi when I go out?
1) Refusing to connect to Wi-Fi from unknown sources. Hackers mostly take advantage of the fact that users want to surf the Internet for free. They should be cautious in using free Wi-Fi without passwords. Many merchants have places that provide free internet, but we also have to keep an eye on it and we must ask for detailed names to avoid being deceived by fake Wi-Fi such as "Starbucks-1";
2) Be cautious when logging in online banking and online shopping with your mobile phone. For the safety of your funds, you should use 3/4G Internet access mode to do so!
3) Turn off the "Select automatic connection" option in the phone settings, because if this function is turned on, the phone will automatically scan when it enters an area with a Wi-Fi network and connect to a network that does not require a password. Greatly increase the chance of mistakenly connecting to "fishing Wi-Fi".
4) Refuse to use Wi-Fi connection and password acquisition tools such as "Wi-Fi Master Key". This is because they share the Wi-Fi information that you or others have connected to based on the principle of data upload and sharing. If someone has connected "Fishing Wi-Fi" or "Trojan Wi-Fi", it happens that you are also nearby, then congratulations, you are also recruited!
5)How to prevent your own routing from being compromised?
Just now, the editor and my friends vowed to bet that he would never be able to break the router he is currently using. As a result, the technical man reimbursed the high-end router he had spent thousands of dollars on with an Android phone. ! And it's so easy and simple, just a few commonly used apps for testing, such as Wi-Fi analyzers, Wi-Fi master keys and other tools.
> The process is also very simple. First, crack the router's password, perform DNS hijacking on the router, and then steal all kinds of information from the editor as you wish.
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from WEB UNDERCODE - PRIVATE
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How should medical equipment resist hacker attacks ?
#news
> Since 2020, the scale of cyber attacks has increased by 300% compared to last year. Institutions such as hospitals, pharmacies, and medical equipment suppliers that concern everyone's life and health are facing greater security risks than ever before. Even though this series of attacks are sometimes not directly targeted at a certain medical Internet of Things (IoMT) device, it can also pass through the hospitalβs internal network to infect devices used to diagnose and treat patients, such as intravenous pumps, patient monitors, and breathing. Machine and x-ray machine.
> As John Riggi, senior consultant for cyber security and risk of the American Hospital Association (AHA), said: "The worst case is that these life-saving medical equipment may be unusable directly after being infected."
>For hospitals, the best way to prevent cyber attacks and protect IoMT equipment from infection is to isolate the most vulnerable and critical equipment from each other or maintain a virtual distance, which is the so-called network segmentation.
π¦Hospitals can take the following practical steps to segment the clinical network, reduce the attack surface, and protect patients from cyber attacks:
1. Make clear who is responsible first
Traditionally, medical equipment safety has always been the responsibility of biomedical engineering equipment experts.
However, with the increasing popularity of IoMT equipment and the increase in cyber attacks against healthcare, the IT team of the hospital information department has to invest more energy in the security of medical equipment. Therefore, the information department and the biomedical engineering research team need to work closely together to design and implement safe and effective security policies for clinical networks.
In order to ensure the safety of medical equipment and integrate the IT and biomedical teams across departments, a separate and final IoMT network security policy decision maker is needed at this time. Some large organizations have even added the role of Medical Device Security Officer (MDSO), who is directly responsible for the security of medical devices in the entire clinical network of the hospital.
2. Create a reliable equipment list
If you do not have enough in-depth knowledge of the medical equipment connected to the hospital, the configuration files on the equipment, and the communication mode, you cannot set a network segmentation strategy.
Automated inventory tools must also be able to continuously analyze the equipment while understanding the behavior, criticality, and vulnerability of the IoMT equipment.
3. Assess the risk of each device
The risk score should be calculated based on the degree of criticality and medical impact that the equipment may cause. Risk assessment should be conducted continuously and abnormal network behavior should be continuously monitored. In order to assess the risk, the following factors must be considered:
Communication with external servers required for normal device functions (i.e. vendor communication)
The device needs to store and send ePHI, and for what purpose?
Device usage pattern
Does the device run an unsupported operating system or have any known vulnerabilities? If so, do you use patches or network segmentation methods to protect the equipment?
4. Follow regulatory guidelines and rules in real time
If the hospital does not comply with federal and state regulatory standards, it will face a fine of millions of dollars. Regardless of monetary loss, failure to comply with cybersecurity guidelines puts medical equipment at risk and may endanger patient safety, business integrity, and hospital reputation.
The guidelines and regulations concerning healthcare and medical equipment are updated regularly. In order to maintain compliance, hospitals must pay close attention to regulatory standards and updates issued by state and federal agencies, including:
π¦How should medical equipment resist hacker attacks ?
#news
> Since 2020, the scale of cyber attacks has increased by 300% compared to last year. Institutions such as hospitals, pharmacies, and medical equipment suppliers that concern everyone's life and health are facing greater security risks than ever before. Even though this series of attacks are sometimes not directly targeted at a certain medical Internet of Things (IoMT) device, it can also pass through the hospitalβs internal network to infect devices used to diagnose and treat patients, such as intravenous pumps, patient monitors, and breathing. Machine and x-ray machine.
> As John Riggi, senior consultant for cyber security and risk of the American Hospital Association (AHA), said: "The worst case is that these life-saving medical equipment may be unusable directly after being infected."
>For hospitals, the best way to prevent cyber attacks and protect IoMT equipment from infection is to isolate the most vulnerable and critical equipment from each other or maintain a virtual distance, which is the so-called network segmentation.
π¦Hospitals can take the following practical steps to segment the clinical network, reduce the attack surface, and protect patients from cyber attacks:
1. Make clear who is responsible first
Traditionally, medical equipment safety has always been the responsibility of biomedical engineering equipment experts.
However, with the increasing popularity of IoMT equipment and the increase in cyber attacks against healthcare, the IT team of the hospital information department has to invest more energy in the security of medical equipment. Therefore, the information department and the biomedical engineering research team need to work closely together to design and implement safe and effective security policies for clinical networks.
In order to ensure the safety of medical equipment and integrate the IT and biomedical teams across departments, a separate and final IoMT network security policy decision maker is needed at this time. Some large organizations have even added the role of Medical Device Security Officer (MDSO), who is directly responsible for the security of medical devices in the entire clinical network of the hospital.
2. Create a reliable equipment list
If you do not have enough in-depth knowledge of the medical equipment connected to the hospital, the configuration files on the equipment, and the communication mode, you cannot set a network segmentation strategy.
Automated inventory tools must also be able to continuously analyze the equipment while understanding the behavior, criticality, and vulnerability of the IoMT equipment.
3. Assess the risk of each device
The risk score should be calculated based on the degree of criticality and medical impact that the equipment may cause. Risk assessment should be conducted continuously and abnormal network behavior should be continuously monitored. In order to assess the risk, the following factors must be considered:
Communication with external servers required for normal device functions (i.e. vendor communication)
The device needs to store and send ePHI, and for what purpose?
Device usage pattern
Does the device run an unsupported operating system or have any known vulnerabilities? If so, do you use patches or network segmentation methods to protect the equipment?
4. Follow regulatory guidelines and rules in real time
If the hospital does not comply with federal and state regulatory standards, it will face a fine of millions of dollars. Regardless of monetary loss, failure to comply with cybersecurity guidelines puts medical equipment at risk and may endanger patient safety, business integrity, and hospital reputation.
The guidelines and regulations concerning healthcare and medical equipment are updated regularly. In order to maintain compliance, hospitals must pay close attention to regulatory standards and updates issued by state and federal agencies, including:
Forwarded from WEB UNDERCODE - PRIVATE
U.S. Food and Drug Administration (FDA)
Medical Device Information Sharing and Analysis (MDISS) Initiative
Health Insurance Portability and Accountability Act (HIPAA)
5. Design, verify and execute segmentation strategies
Segmentation strategies are used to reduce the attack surface and prevent potential threats. Network segmentation can also help the network run more smoothly by restricting traffic to designated areas and reducing network load.
> However, before implementing any segmentation strategy on the clinical network, its safety and effectiveness should be tested. The hospital security team should always verify the segmentation strategy and then execute it on the network to ensure the continuity of medical services and clinical operations.
Share USβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
Medical Device Information Sharing and Analysis (MDISS) Initiative
Health Insurance Portability and Accountability Act (HIPAA)
5. Design, verify and execute segmentation strategies
Segmentation strategies are used to reduce the attack surface and prevent potential threats. Network segmentation can also help the network run more smoothly by restricting traffic to designated areas and reducing network load.
> However, before implementing any segmentation strategy on the clinical network, its safety and effectiveness should be tested. The hospital security team should always verify the segmentation strategy and then execute it on the network to ensure the continuity of medical services and clinical operations.
Share USβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from WEB UNDERCODE - PRIVATE
π¦How should medical equipment resist hacker attacks ?
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦WHAT IS ARP ATTACK & how to secure yourself ?
ARP attacks mainly exist in the local area network. If a computer in the local area network is infected with an ARP Trojan, the system infected with the ARP Trojan will try to intercept the communication information of other computers in the network by means of "ARP spoofing". It will cause communication failures of other computers in the network. Let's introduce the solution to the ARP attack on the computer.
π¦Computer suffers ARP attack, solution :
#FastTips
1. Turn on the built-in firewall of the system. In fact, the built-in firewall of the system can also cope with general ARP attacks! But few people use it. First click on the start menu and enter the control panel!
2. Select the "System and Security" option on the control panel page to enter,
3. In the system and security interface, choose to enter the check firewall status under the windows firewall!
4. On the windows firewall status page, click "open or close windows firewall" in the right menu
5. Open and close the firewall page, and turn on the firewall in all network environments!
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦WHAT IS ARP ATTACK & how to secure yourself ?
ARP attacks mainly exist in the local area network. If a computer in the local area network is infected with an ARP Trojan, the system infected with the ARP Trojan will try to intercept the communication information of other computers in the network by means of "ARP spoofing". It will cause communication failures of other computers in the network. Let's introduce the solution to the ARP attack on the computer.
π¦Computer suffers ARP attack, solution :
#FastTips
1. Turn on the built-in firewall of the system. In fact, the built-in firewall of the system can also cope with general ARP attacks! But few people use it. First click on the start menu and enter the control panel!
2. Select the "System and Security" option on the control panel page to enter,
3. In the system and security interface, choose to enter the check firewall status under the windows firewall!
4. On the windows firewall status page, click "open or close windows firewall" in the right menu
5. Open and close the firewall page, and turn on the firewall in all network environments!
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from Backup Legal Mega
π¦ Common PHP Errors You Will Encounter β165 MBβ
https://www.oreilly.com/library/view/common-php-errors/100000006A0493/
https://mega.nz/folder/9J5CASwT#4zhBD9pib-H_xSZo2kCkUw
https://www.oreilly.com/library/view/common-php-errors/100000006A0493/
https://mega.nz/folder/9J5CASwT#4zhBD9pib-H_xSZo2kCkUw
mega.nz
165.69 MB folder on MEGA
7 files
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to quickly remove the Trojan horse virus in the system ?
Clearing the DLL backdoor is
relatively file-bundled. The DLL insertion Trojan is more advanced, with no process, no ports, etc. It is difficult for ordinary people to notice. Therefore, the removal steps are relatively complicated.
The DLL insertion Trojan is more advanced, with no process, no ports, etc. It is difficult for ordinary people to notice. Therefore, the removal steps are relatively complicated.
1. End the Trojan horse process.
Since this type of Trojan horse is embedded in other processes, it does not generate specific items in the process viewer. If we find that our system is abnormal, we need to judge whether it has been hit DLL Trojan.
> Here we use the IceSword tool. After running the program, it will automatically detect the running process of the system. Right-click on the suspicious process and select "Module Information" in the pop-up menu. You can view all DLL modules in the pop-up window. At this time, if you find an item of unknown origin, you can select it, and then click the "Uninstall" button to delete it from the process. For some stubborn processes, we will also click the "Forced Release" button, and then use the address in the "Module File Name" column to delete them directly in the folder.
2. Finding suspicious DLL modules
As general users are not familiar with the calling of DLL files, it is difficult to determine which DLL module is suspicious. In this way, ECQ-PS (Super Process King) can come in handy.
> After running the software, you can see all the processes in the current system in the middle list. After double-clicking one of the processes, you can display detailed information in the "All Modules" tab of the window below, including the module name , Version and manufacturer, and time of creation, etc. The manufacturer and creation time information is more important. If it is a critical system process such as "svchost.exe", but the result is a module from an unknown manufacturer, the module must be faulty. In addition, if the manufacturer is Microsoft, but the creation time is different from that of other DLL modules, it may also be a DLL Trojan.
> In addition, we can also directly switch to the "Suspicious Module" option, the software will automatically scan the suspicious files in the module and display them in the list. Double-click the suspicious DLL module in the scan result list to see the process of calling this module. Generally, each DLL file is called by multiple processes. If this DLL file is only called by this process, it may also be a DLL Trojan. Click the "Forced Delete" button to delete the DLL Trojan from the process.
3. Thorough Rootkit detection It is
impossible for anyone to check the ports, registry, files, and services in the system all the time to see if the Trojan is hidden. At this time I can use some special tools for detection.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to quickly remove the Trojan horse virus in the system ?
Clearing the DLL backdoor is
relatively file-bundled. The DLL insertion Trojan is more advanced, with no process, no ports, etc. It is difficult for ordinary people to notice. Therefore, the removal steps are relatively complicated.
The DLL insertion Trojan is more advanced, with no process, no ports, etc. It is difficult for ordinary people to notice. Therefore, the removal steps are relatively complicated.
1. End the Trojan horse process.
Since this type of Trojan horse is embedded in other processes, it does not generate specific items in the process viewer. If we find that our system is abnormal, we need to judge whether it has been hit DLL Trojan.
> Here we use the IceSword tool. After running the program, it will automatically detect the running process of the system. Right-click on the suspicious process and select "Module Information" in the pop-up menu. You can view all DLL modules in the pop-up window. At this time, if you find an item of unknown origin, you can select it, and then click the "Uninstall" button to delete it from the process. For some stubborn processes, we will also click the "Forced Release" button, and then use the address in the "Module File Name" column to delete them directly in the folder.
2. Finding suspicious DLL modules
As general users are not familiar with the calling of DLL files, it is difficult to determine which DLL module is suspicious. In this way, ECQ-PS (Super Process King) can come in handy.
> After running the software, you can see all the processes in the current system in the middle list. After double-clicking one of the processes, you can display detailed information in the "All Modules" tab of the window below, including the module name , Version and manufacturer, and time of creation, etc. The manufacturer and creation time information is more important. If it is a critical system process such as "svchost.exe", but the result is a module from an unknown manufacturer, the module must be faulty. In addition, if the manufacturer is Microsoft, but the creation time is different from that of other DLL modules, it may also be a DLL Trojan.
> In addition, we can also directly switch to the "Suspicious Module" option, the software will automatically scan the suspicious files in the module and display them in the list. Double-click the suspicious DLL module in the scan result list to see the process of calling this module. Generally, each DLL file is called by multiple processes. If this DLL file is only called by this process, it may also be a DLL Trojan. Click the "Forced Delete" button to delete the DLL Trojan from the process.
3. Thorough Rootkit detection It is
impossible for anyone to check the ports, registry, files, and services in the system all the time to see if the Trojan is hidden. At this time I can use some special tools for detection.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from Backup Legal Mega
mega.nz
File folder on MEGA