The Vampire Ball is Over

We may also speak of a “blood orgy.”

#RT:

The #era of #Western #elites being able to #exploit other #nations and other #peoples across the #world is coming to an #end, Russian President #VladimirPutin said in an exclusive interview published by Rossiya 1 and RIA Novosti on Wednesday.

The president stated that over the past few centuries, the so-called “golden billion” has grown accustomed to being able to “fill their bellies with human flesh and their pockets with money” as they have been “parasitizing” other peoples in #Africa, #Asia, and #LatinAmerica.

”But they must understand that the vampire ball is ending,” #Putin said.

He added that the citizens of the aforementioned regions, which have been continuously exploited by the West over the past 500 years, have started to associate #Russia’s #struggle for #sovereignty with “their own aspirations for sovereignty and independent development.”

That is definitely happening.

It might even be the single most important upshot of the #Ukraine war, when we look back on it in history.

Russia has become the standard bearer of #resistance against the #EvilEmpire...

The Vampire Ball is Over - Daily Stormer

I love the imagery of a vampire ball. We may also speak of a

Hacking supermarkets with #QRCodes

Watch: https://www.youtube.com/watch?v=r1vBAjuT6L8

#sqlInjection #hack #hacker #knowledge #news #security #exploit

#Google don't like C++

Based on this experience we expect that high assurance memory safety can only be achieved via a Secure-by-Design approach centered around comprehensive adoption of languages with rigorous memory safety guarantees. We see no realistic path for an evolution of C++ into a language with rigorous memory safety guarantees that include temporal safety. As a consequence, we are considering a gradual transition of C++ code at Google towards other languages that are memory safe.

Source: https://research.google/pubs/secure-by-design-googles-perspective-on-memory-safety/

#Rust. #Go and #Java will be used.

#software #development #code #language #future #memory #security #bug #exploit #program #news

Hackers exploited #Windows 0-day for 6 months after #Microsoft knew of it

Source: https://arstechnica.com/security/2024/03/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-of-it/

Even after Microsoft patched the #vulnerability last month, the company made no mention that the North Korean threat group #Lazarus had been using the vulnerability since at least August to install a stealthy #rootkit on vulnerable computers. The vulnerability provided an easy and stealthy means for #malware that had already gained administrative system rights to interact with the Windows #kernel. Lazarus used the vulnerability for just that. Even so, Microsoft has long said that such admin-to-kernel elevations don’t represent the crossing of a security boundary, a possible explanation for the time Microsoft took to fix the vulnerability.

#software #news #security #cybercrime #bug #exploit #0day #fail #economy #problem #politics #hack #Hackers #trust #risk

Hackers exploited Windows 0-day for 6 months after Microsoft knew of it

Technically, Microsoft doesn't consider such bugs vulnerabilities. It patched it anyway.

Investigate-Consolidate-Exploit: A General Strategy for Inter-Task Agent Self-Evolution | #llms #agents #xagent #ice #investigate #consolidate #exploit #workflow #memory #cooperation

Investigate-Consolidate-Exploit: A General Strategy for Inter-Task Agent Self-Evolution

This paper introduces Investigate-Consolidate-Exploit (ICE), a novel strategy for enhancing the adaptability and flexibility of AI agents through inter-task self-evolution. Unlike existing methods focused on intra-task learning, ICE promotes the...

Report that ``a stranger obtained my #email address from a large-scale language model installed in #ChatGPT

source: https://gigazine.net/gsc_news/en/20231225-chatgpt-model-delivered-email-personal-information

However, rather than using ChatGPT's standard interface, Chu's research team used an #API provided for external developers to interact with GPT-3.5 Turbo and fine-tune the model for professional use. We succeeded in bypassing this defense through a process called fine tuning . Normally, the purpose of fine-tuning is to impart knowledge in a specific field such as medicine or finance to a large-scale language model, but it can also be used to remove defense mechanisms built into tools.

#security #privacy #ai #technology #problem #news #openAI #exploit

Report that ``a stranger obtained my email address from a large-scale language model installed in ChatGPT''

The news blog specialized in Japanese culture, odd news, gadgets and all other funny stuffs. Updated everyday.

State of #Log4j Vulnerabilities: How Much Did #Log4Shell Change?

Source: https://www.veracode.com/blog/research/state-log4j-vulnerabilities-how-much-did-log4shell-change

What we found illustrates how unaddressed #security technical debt exposes organizations to numerous risks.

...

Overall, we found that more than 1 in 3 (38 percent) of applications currently use vulnerable versions of Log4j.

#vulnerability #problem #software #development #news #economy #capitalism #fail #exploit

State of Log4j Vulnerabilities: How Much Did Log4Shell Change? | Veracode

Discover new research about the state of Log4j vulnerabilities. What we found illustrates how unaddressed security technical debt exposes organizations to numerous risks. 

#LogoFAIL #UEFI #exploit #p0wn

If you want to be a hacker try to understand this article in detail ...

In-Depth #Analysis of July 2023 #Exploit Chain Featuring #CVE-2023-36884 and #CVE-2023-36584
https://unit42.paloaltonetworks.com/new-cve-2023-36584-discovered-in-attack-chain-used-by-russian-apt/

Why should you care?
* Get a peek into #malware reverse engeneering
* Learn about weaponizing #attack chaining and other evils of a succesful attack
* Understand #Windows client leaks
* Exposure to #Wireshark, #pcap, #procom, ...
* Relevance for Windows #Security Zones, Mark of the Web (MotW)
* ...

#internet #hacker #hack #education #knowledge #coding #web

In-Depth Analysis of July 2023 Exploit Chain Featuring CVE-2023-36884 and CVE-2023-36584

In July 2023, pro-Russian APT Storm-0978 targeted support for Ukrainian NATO admission with an exploit chain. Analysis of it reveals the new CVE-2023-36584.

If you use #Confluence instead of an #OpenSource #wiki then you are not real hackers!

The setup of #DokuWiki is quick and easy even for bloody noobs: https://www.dokuwiki.org

Background: https://www.bleepingcomputer.com/news/security/ukrainian-activists-hack-trigona-ransomware-gang-wipe-servers/

Ukrainian #Cyber Alliance hackers gained access to #Trigona #ransomware’s infrastructure by using a public #exploit for CVE-2023-22515, a critical #vulnerability in Confluence Data Center and Server that can be leveraged remotely to escalate privileges.

#news #software #fail #hack #hacker #cybercrime #problem #security #privacy #knowledge

#iLeakage: Browser-based Timerless Speculative Execution Attacks on #Apple Devices

Source: https://ileakage.com

We present iLeakage, a transient execution side channel targeting the #Safari #web #browser present on Macs, iPads and iPhones. iLeakage shows that the #Spectre #attack is still relevant and exploitable, even after nearly 6 years of effort to mitigate it since its discovery.

#mac #iPhone #iPad #problem #exploit #software #hack #hacker #news #security #internet

Hacking device #FlipperZero can #spam nearby #iPhones with #Bluetooth pop-ups

source: https://techcrunch.com/2023/09/05/flipper-zero-hacking-iphone-flood-popups/

The #exploits worked on iPhones both when Bluetooth was enabled or switched-off in the Control Center, but could not reproduce the #exploit when Bluetooth was fully switched off from the Settings.

#hack #smartphone #apple #security #problem #news

Hackaday Links: August 20, 2023

#hackadaycolumns #hackadaylinks #slider #ansi #bombscare #cme #coronalmassejection #defcon #escape #exploit #helicopter #imu #ingenuity #mars #navigation #robotaxi #sanfrancisco #selfdriving #shouldhaveuseda555 #hackaday
posted by pod_feeder_v2

Hackaday Links: August 20, 2023

In some ways, we’ve become a little jaded when it comes to news from Mars, which almost always has to do with the Ingenuity helicopter completing yet another successful flight. And so it was …

Easy-to-exploit local privilege escalation vulnerabilities in #Ubuntu #Linux affect 40% of Ubuntu cloud workloads

source: https://www.wiz.io/blog/ubuntu-overlayfs-vulnerability

CVE-2023-2640 and CVE-2023-32629 were found in the #OverlayFS module in Ubuntu, which is a widely used Linux #filesystem that became highly popular with the rise of containers as its features enable the deployment of dynamic filesystems based on pre-built images. OverlayFS serves as an attractive attack surface as it has a history of numerous logical vulnerabilities that were easy to exploit. This makes the new discovered vulnerabilities especially risky given the exploits for the past OverlayFS vulnerabilities work out of the box without any changes.

#security #os #software #update #bug #problem #news #exploit #hack #hacker #server #vulnerability

GameOverlay Vulnerability Impacts 40% of Ubuntu Workloads | Wiz Blog

Wiz Research discovers CVE-2023-2640 & CVE-2023-32629, 2 privilege escalation vulnerabilities in Ubuntu's OverlayFS module impacting 40% of cloud workloads.

Remote Code Execution on an Oscilloscope

#securityhacks #arbitrarycodeexecution #binary #curl #exploit #firmware #network #oscilloscope #rigol #security #vulnerability #hackaday
posted by pod_feeder_v2

Remote Code Execution On An Oscilloscope

There are a huge number of products available in the modern world that come with network connectivity now, when perhaps they might be better off with out it. Kitchen appliances like refrigerators a…

A Zero-Day Exploit in the Linux Kernel

#softwarehacks #buffer #exploit #io_uring #linux #localprivilegeescalation #memory #software #vulnerability #zeroday #hackaday
posted by pod_feeder_v2

A Zero-Day Exploit In The Linux Kernel

A lot of talk and discussion happens anytime a hardware manufacturer releases a new line of faster, more powerful, or more efficient computers. It’s easy to see better and better specificatio…

This is what the #police think about our #children 😱

Some advice for the really cool kids:

• install #Kali on your #computer - delete #Windows
• encrypt your HD and have a kill switch.
• don't use #Discord there are better #FLOSS alternatives like #xmpp with #Omemo, #matrix, #tox and others...
• #Pineapple is too expensive. Build it on your own with a #RaspberryPi.
• Hack the WiFi of authorities and leak the data anonymously on the darknet. Don't use this to stalk your ex girl friend! Public data should be public but respect the #privacy of normal people.
• learn #Python and write your own scripts.
• try to be a white hat. If you need money use bug bounty. Please don't sell exploits to our enemies like the secret service.
• build a network. You don't have to be a lonely wolf. If things are to big for you send them with a good explanation to organisations like EFF, Wikileaks, CCC, cryptome.org, The Intercept, La Quadrature du Net (LQDN),...
• Hack the planet and have fun. Teach others at your local hacker space.

#darknet #internet #wardriving #wifi #exploit #hack #hacker #fail #1312 #problem #technology #uk #security #scriptkiddy #linux #Kali #software

Breaking Into the Nintendo DSi Through the (Browser) Window

#nintendodshacks #securityhacks #exploit #nintendodsi #opera #webkit #hackaday
posted by pod_feeder_v2

Breaking Into The Nintendo DSi Through The (Browser) Window

The Nintendo DSi was surpassed by newer and better handhelds many years ago, but that doesn’t stop people like [Nathan Farlow] from attempting to break into the old abandoned house through a …

The state can not #hack your #cash but your #cryoto #money

Source: https://blockworks.co/news/jump-crypto-wormhole-hack-recovery

Fast forward to 21st February, #Oasis received an order from the High #Court of #England and #Wales to take all necessary steps to retrieve assets involved with the wallet address associated with the #exploit.

According to a report, $140 million worth of assets were successfully recovered following a counter-exploit. The retrieval was initiated via the Oasis Multisig, and the funds were returned to a court-authorized third party. The counter exploit was only possible with the approval of the Oasis Multisig.

#justice #crime #cybercrime #finance #security #software #smartContract #news #btc #bitcoin #bitcoins #cryptocurrency #wormhole #Blockchain

Jump Crypto Just Counter-Exploited the Wormhole Hacker for $140 Million

The Wormhole hacker could have gotten away with it too, if it wasn't for that pesky upgradeable smart contract.

5.4 million #Twitter users' stolen #data leaked #online — more shared privately

source: https://www.bleepingcomputer.com/news/security/54-million-twitter-users-stolen-data-leaked-online-more-shared-privately/

While most of the data consisted of public information, such as Twitter IDs, names, login names, locations, and verified status, it also included private information, such as phone numbers and email addresses.

#privacy #cybercrime #exploit #leak #news #hack #security

5.4 million Twitter users' stolen data leaked online — more shared privately

Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum. Another massive, potentially more significant, data dump of millions of Twitter...