HUP cikkturkáló

The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain. Six of the malware instances were added by a malicious actor to the device’s ROM using system privileges, meaning they couldn’t be removed by the user and the device had to be re-flashed.

Most of the malware found to be pre-installed on the devices were info-stealers and rough ad networks, and one of them was Slocker, a mobile ransomware. Slocker uses the AES encryption algorithm to encrypt all files on the device and demand ransom in return for their decryption key. Slocker uses Tor for its C&C communications.

Galaxy Note 2
LG G4
Galaxy S7
Galaxy S4
Galaxy Note 4
Galaxy Note 5
Galaxy Note 8
Xiaomi Mi 4i
Galaxy A5
ZTE x500
Galaxy Note 3
Galaxy Note Edge
Galaxy Tab S2
Galaxy Tab 2
Oppo N3
Vivo X6 plus
Nexus 5
Nexus 5X
Asus Zenfone 2
LenovoS90
OppoR7 plus
Xiaomi Redmi
Lenovo A850

The malware backdoor offers its operator unrestricted access to these infected devices, from downloading, installing and activating Android malicious apps, deleting user data, uninstalling security software and disabling system apps, to dialing premium phone numbers.

http://thehackernews.com/2017/03/android-malware-apps.html
http://blog.checkpoint.com/2017/03/10/preinstalled-malware-targeting-mo…

Erről még semmi hír itt?

https://wikileaks.org/ciav7p1/

Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named "Vault 7" by WikiLeaks, it is the largest ever publication of confidential documents on the agency.

The first full part of the series, "Year Zero", comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

Dahua Technology Co., Ltd. is a provider of video surveillance products and services, with the world’s 2nd largest market share, according to a 2015 IMS report.

In short:
You can delete/add/change name on the admin users, you change password on the admin users - this backdoor simply don't
care about that!
It uses whatever names and passwords you configuring - by simply downloading the full user database and use your own
credentials!

This is so simple as:
1. Remotely download the full user database with all credentials and permissions
2. Choose whatever admin user, copy the login names and password hashes
3. Use them as source to remotely login to the Dahua devices

via

Összefoglaló arról, hogy miért állt le a fél internet kedden: https://aws.amazon.com/message/41926/

The Amazon Simple Storage Service (S3) team was debugging an issue causing the S3 billing system to progress more slowly than expected. At 9:37AM PST, an authorized S3 team member using an established playbook executed a command which was intended to remove a small number of servers for one of the S3 subsystems that is used by the S3 billing process. Unfortunately, one of the inputs to the command was entered incorrectly and a larger set of servers was removed than intended. The servers that were inadvertently removed supported two other S3 subsystems. (...)

Remélem a "felhős"

rm -rf

-et kiadó illetőnek ismét irodalmi érték közelében van már a vérnyomása. :)

https://www.researchgate.net/blog/post/dna-could-be-the-future-of-data-…​

Kijött, kijött! :) Ahogy igérték, időben. Már vagy 15 percce lehet installálni Linuxon is. ;)
steamdb: DiRT Rally

http://hvg.hu/kkv/201708_antiokostelefon

Today is Raspberry Pi’s fifth birthday: it’s five years since we launched the original Raspberry Pi, selling a hundred thousand units in the first day, and setting us on the road to a lifetime total (so far) of over twelve million units. To celebrate, we’re announcing a new product: meet Raspberry Pi Zero W, a new variant of Raspberry Pi Zero with wireless LAN and Bluetooth, priced at only $10.

https://www.raspberrypi.org/blog/raspberry-pi-zero-w-joins-family/

The security vulnerability was recently detailed in a lengthy post by Troy Hunt over on his website. The issue, it seems, is CloudPets’ lax security, which allowed ‘a MongoDB that was in a publicly facing network segment without any authentication’ requirements to be indexed by a search engine called Shodan. This database contains extensive information about the company’s users.

https://www.troyhunt.com/data-from-connected-cloudpets-teddy-bears-leak…

http://www.retronauts.com/?p=1989