談天說地主旨 ﹝請按主旨作出回應﹞  下頁  尾頁 寄件者 傳送日期 由舊至新 由新至舊
[#1] 電腦/電話保安資訊(不定期更新)    
中國銀行偽冒網站

http://www.bochk.com/m/tc/aboutus/pressrelease.html

2017年05月16日 有關偽冒網站的聲明

http://www.bochk.com/dam/bochk/desktop/top/aboutus/pressrelease2/2017/20170516_01_Press_Release_TC.pdf




uncle11
個人訊息 會員
59.xxx.xxx.58
2017-05-17 19:17
[#2] 電腦/電話保安資訊(不定期更新)    
Stealing Windows Credentials Using Google Chrome

http://defensecode.com/news_article.php?id=21

用Chrome有機會經.SCF外洩 Windows login 資料,暫時解決方法係取消自動檔案下載。

In order to disable automatic downloads in Google Chrome, the following changes should be made: Settings -> Show advanced settings -> Check the Ask where to save each file before downloading option. Manually approving each download attempt significantly decreases the risk of NTLMv2 credential theft attacks using SCF files.

uncle11
個人訊息 會員
59.xxx.xxx.58
2017-05-17 21:08
[#3] 電腦/電話保安資訊(不定期更新)    
中銀個假網站仲active小心。

uncle11
個人訊息 會員
59.xxx.xxx.58
2017-05-17 22:19
[#4] 電腦/電話保安資訊(不定期更新)    
https://www.bleepingcomputer.com/news/security/new-smb-worm-uses-seven-nsa-hacking-tools-wannacry-used-just-two/

New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two

By Catalin Cimpanu,May 19, 2017 06:30 PM

Nonetheless, the faster system administrators patch their systems the better. "The worm is racing with administrators to infect machines before they patch," Stampar told Bleeping Computer in a private conversation. "Once infected, he can weaponize any time he wants, no matter the late patch."

今次呢隻疑似測試版係潛伏一日之後先同控制中心通訊。雖然今次呢隻冇殺傷力,不過唔排除新版會。
uncle11
個人訊息 會員
59.xxx.xxx.58
2017-05-23 06:11
[#5] 電腦/電話保安資訊(不定期更新)    

用電腦、電視、電話媒體播放器下載字幕有可能中招,盡可能下載最新版媒體播放器,如果有的話。

Hacked in Translation – from Subtitles to Complete Takeover
by Check Point Research Team posted 2017/05/23

What’s the effect?

Scope: The total number of the affected users is in the hundreds of millions. Each of the media players found to be vulnerable to date has millions of users, and we believe other media players could be vulnerable to similar attacks as well. VLC has over 170 million downloads of its latest version alone, which was released June 5, 2016. Kodi (XBMC) has reached over 10 million unique users per day, and nearly 40 million unique users each month. No current estimates exist for Popcorn Time usage, but it’s safe to assume that the number is likewise in the millions.

Damage: By conducting attacks through subtitles, hackers can take complete control over any device running them. From this point on, the attacker can do whatever he wants with the victim’s machine, whether it is a PC, a smart TV, or a mobile device. The potential damage the attacker can inflict is endless, ranging anywhere from stealing sensitive information, installing ransomware, mass Denial of Service attacks, and much more.

http://blog.checkpoint.com/2017/05/23/hacked-in-translation/

Proof-of-Concept video



uncle11
個人訊息 會員
59.xxx.xxx.58
2017-05-24 02:26
[#6] 電腦/電話保安資訊(不定期更新)    
BBC fools HSBC voice recognition security system - 20170520

http://www.bbc.co.uk/news/technology-39973217

係UK HSBC 用Voice ID,孖生兄弟講咗"My voice is my password"七次都過唔到,到第八次就過到。
uncle11
個人訊息 會員
59.xxx.xxx.58
2017-05-24 05:29
[#7] 電腦/電話保安資訊(不定期更新)    
多謝ching資訊。
skyliner
個人訊息 會員
210.xxx.xxx.50
2017-05-24 06:13
[#8] 電腦/電話保安資訊(不定期更新)    
Samber 3.5.0開始有個漏洞會影響所有linux/nas,所以請聯絡相關公司睇吓有冇更新,否則唔好放隻NAS出街或者port fordward smb 去隻NAS到。

Patching CVE-2017-7494 in Samba: It’s the Circle of Life
Blog Post created by jenellis Employee on May 24, 2017

"With the scent of scorched internet still lingering in the air from the WannaCry Ransomworm, today we see a new scary-and-potentially-incendiary bug hitting the twitter news. "

"Many network-attached storage (NAS) environments are used as network backup systems. A direct attack or worm would render those backups almost useless, so if patching cannot be done immediately, we recommend creating an offline copy of critical data as soon as possible."

https://community.rapid7.com/community/infosec/blog/2017/05/25/patching-cve-2017-7494-in-samba-it-s-the-circle-of-life

"All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. "

https://www.samba.org/samba/security/CVE-2017-7494.html
uncle11
個人訊息 會員
14.xxx.xxx.23
2017-05-25 17:52
[#9] 電腦/電話保安資訊(不定期更新)    
thanks Uncle.

>> 用電腦、電視、電話媒體播放器下載字幕有可能中招

咁即係 .srt 檔可能有 virus ??
-kathy-
個人訊息 會員
220.xxx.xxx.215
2017-05-25 18:25
[#10] 電腦/電話保安資訊(不定期更新)    
#9 簡單嚟講,係,不過係某幾隻media players 先有事,不過d subtitles download sites 就要小心d pop-up 同d download link。
uncle11
個人訊息 會員
14.xxx.xxx.144
2017-05-25 18:37
[#11] 電腦/電話保安資訊(不定期更新)    

唔知大家有冇聽過clickjacking,基本上所有android 去到7.1.2都有潛在危機,要今年第三季android O先解決到。

'Cloak and Dagger' attacks could be the biggest security threat facing Android'This is as dangerous an attack as we could possibly describe' expert warns.

By Jason Murdock, May 23, 2017 12:21 BST

"Users need to be careful about the permissions that new apps request," Lee said, adding: "If there are very broad permissions, or the permissions don't seem to match what the app is promising to do, you need to be sure you really need that app.

"Apps from name-brand sources such as Facebook, Uber and Skype should be okay. But with a random game or free versions of paid apps that you might download, you should be very careful. These features are very powerful and can be abused [...] without you knowing."

http://www.ibtimes.co.uk/cloak-dagger-attacks-could-be-biggest-security-threat-facing-android-1622962

Demos
Invisible Grid Attack 



Context-aware/hiding Clickjacking + Silent God-mode Install Attack 


Stealthy Phishing Attack


Publications and Researchers Website
Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop 
Yanick Fratantonio, Chenxiong Qian, Simon P. Chung, Wenke Lee

Proceedings of the IEEE Symposium on Security and Privacy (S&P), San Jose, CA, May 2017.

另外可以參考 http://cloak-and-dagger.org/
Frequently Asked Questions 嘅
What do you recommend to users? 點check 同暫時解決方法。

uncle11
個人訊息 會員
59.xxx.xxx.58
2017-05-26 20:12
[#12] 電腦/電話保安資訊(不定期更新)    
宜家d 假Google password reset email會用Google 嘅Accelerated Mobile Pages, or AMP 去存儲個假password reset page,所以 望落去個url係 https :// www . google . com / 開頭,真係防不勝防。

Russian Hackers Are Using Google's Own Infrastructure to Hack Gmail Users

LORENZO FRANCESCHI-BICCHIERAI,May 26 2017, 10:42pm

https://motherboard.vice.com/en_us/article/russian-hackers-are-using-googles-own-infrastructure-to-hack-gmail-users

uncle11
個人訊息 會員
59.xxx.xxx.58
2017-05-28 00:00
[#13] 電腦/電話保安資訊(不定期更新)    
如果android手機有裝過呢個系列嘅apps就快手uninstall佢。

Android Malware ‘Judy’ Hits as Many as 36.5 Million Phones
David Z. Morris, May 28, 2017

http://fortune.com/2017/05/28/android-malware-judy/

The Judy Malware: Possibly the largest malware campaign found on Google Play
by Check Point Mobile Research Team posted 2017/05/25

http://blog.checkpoint.com/2017/05/25/judy-malware-possibly-largest-malware-campaign-found-google-play/

uncle11
個人訊息 會員
59.xxx.xxx.58
2017-05-30 00:02
[#14] 電腦/電話保安資訊(不定期更新)    
今次好認真。記得定期做軟件更新同備份。

TheShadowBrokers Monthly Dump Service – June 2017/ 20170530
theshadowbrokers

https://steemit.com/shadowbrokers/@theshadowbrokers/theshadowbrokers-monthly-dump-service-june-2017
uncle11
個人訊息 會員
59.xxx.xxx.58
2017-05-30 16:17
[#15] 電腦/電話保安資訊(不定期更新)    

美加嘅朋友用ATM就要小心d,因為你地應該未轉曬用EMV,所以要小心d微型skimmers同內置式skimmer。

微型skimmers同鏡頭
Would you notice an ATM skimmer?
Jim Stickley, May 30, 2017



內置式skimmer(條片最後拉出嚟嗰塊)
呢隻NCR舊年已經出咗新firmware去detect。
KrebsOnSecurity, Nov 27, 2016
Source: HoldSecurity.com

uncle11
個人訊息 會員
59.xxx.xxx.58
2017-05-31 05:44
[#16] 電腦/電話保安資訊(不定期更新)    
如果你改唔到browser個default homepage,或者個search engine好似比人hijack咗咁,你可能
中咗fireball,佢暫時冇乜殺傷力,主力幫佢搵錢,Windows同Mac都有機會中。所以唔好亂裝免費軟件,服務(其中一個途徑係free wifi)。

文章末段有詳細方法教點check,大前提係你要記得自己安裝過乜嘢軟件同add-on。

FIREBALL – The Chinese Malware of 250 Million Computers Infected
by Check Point Threat Intelligence Research Team posted 2017/06/01
20% OF CORPORATE NETWORKS WORLDWIDE INFECTED

"As with everything in the internet, remember that there are no free lunches. When you download freeware, or use cost-free services (streaming and downloads, for example), the service provider is making profit somehow. If it’s not from you or from advertisements, it will come from somewhere else."

HOW CAN I KNOW IF I AM INFECTED?

To check if you’re infected, first open your web browser. Was your home-page set by you? Are you able to modify it? Are you familiar with your default search engine and can modify that as well? Do you remember installing all of your browser extensions?

If the answer to any of these questions is “NO”, this is a sign that you’re infected with adware. You can also use a recommended adware scanner, just to be extra cautious.

http://blog.checkpoint.com/2017/06/01/fireball-chinese-malware-250-million-infection/

uncle11
個人訊息 會員
59.xxx.xxx.58
2017-06-02 03:18
[#17] 電腦/電話保安資訊(不定期更新)    
今集bloomberg咁啱又係講唔見咗電話可以點。最簡單就係enable remote device management,真係唔好彩就用佢去remote洗機。

iPhone 用家就要手動enable返Find My iPhone,因為佢default 係off。
Android device 由5開始個Android Device Manager 就enable by default。

另外就係定期backup,用電腦或者用cloud就由用家自己決定。

What You Should Do If You Lose Your Smartphone 20170601
https://bloom.bg/2rg70ha
uncle11
個人訊息 會員
59.xxx.xxx.58
2017-06-02 03:19
[#18] 電腦/電話保安資訊(不定期更新)    
如果有用OneLogin雲端password manager就可能要快手轉曬所有password,因為佢之前比人入侵。

May 31, 2017 Security Incident
Alvaro Hoyos/security and compliance

"Today we detected unauthorized access to OneLogin data in our US data region. We have since blocked this unauthorized access, reported the matter to law enforcement, and are working with an independent security firm to determine how the unauthorized access happened and verify the extent of the impact of this incident."

https://www.onelogin.com/blog/may-31-2017-security-incident
uncle11
個人訊息 會員
59.xxx.xxx.58
2017-06-02 04:40
[#19] 電腦/電話保安資訊(不定期更新)    
是否只限國內手機號碼同Apple ID

大陸蘋果員工偷客Apple ID等資料 網上轉售獲利5千萬
立場報道 2017/6/7 — 18:15

https://thestandnews.com/china/%E5%A4%A7%E9%99%B8%E8%98%8B%E6%9E%9C%E5%93%A1%E5%B7%A5%E5%81%B7%E5%AE%A2apple-id%E7%AD%89%E8%B3%87%E6%96%99-%E7%B6%B2%E4%B8%8A%E8%BD%89%E5%94%AE%E7%8D%B2%E5%88%A95%E5%8D%83%E8%90%AC/

新華社原文
浙江警方破获特大侵犯公民个人信息案
http://news.xinhuanet.com/local/2017-06/07/c_1121101302.htm
uncle11
個人訊息 會員
59.xxx.xxx.58
2017-06-07 19:03
[#20] 電腦/電話保安資訊(不定期更新)    
如果有用Opticam i5 HD或者Foscam C2呢兩款IP Cam就最好唔好放出街或者做port forwarding,因為佢哋有hard code嘅password用家係改唔到。如果想係街外access,最好就VPN返去隻router/firewall/internal vpn server再access隻IP Cam。

根據份report以下牌子嘅IP Cam有部分型號都係用Foscam嘅肉,所以都可能有事。

- Chacon,Thomson,7links,Opticam,Netis,Turbox,Novodio,Ambientcam,Nexxt,Technaxx,Qcam,Ivue,Ebode,Sab

Is This Cam Inviting Hackers into Your Home?
F-Secure 2017/06/07

“For example, an attacker can view the video feed, control the camera operation, and upload and download files from the built-in FTP server.” Not only that, with the help of some malicious code, attackers can leverage this camera to access the rest of the network it’s in.

https://safeandsavvy.f-secure.com/2017/06/06/foscam-ip-cameras-insecure-iot/
uncle11
個人訊息 會員
14.xxx.xxx.106
2017-06-08 18:18
主旨內容一共有 6 頁,每頁顯示 20 個信息,選擇頁數:  下頁  尾頁
按照傳送日期顯示:由舊至新由舊至新  由新至舊由新至舊
最新資訊 - 影音
CAMBRIDGE AUDIO RECORD STORE DAY SPECIALS 2020-09-26

最新資訊 - 影音
新色來襲,Bose 推出全新 Triple Midnight 顏色 Headphones 700 降噪耳機 2020-09-24

最新資訊 - 影音
全球首款應用革命性 Metamaterial Absorption Technology 揚聲器 2020-09-23

最新資訊 - 影音
更輕更耐用,Bowers & Wilkins 推出全新「碳纖」版 PX7 Carbon Edition 2020-09-23