Category: CyberSec / ITSec / Sicherheit / Security / SPAM

24.07.2019

„Linux desktop remains an unpopular choice among mainstream desktop users, making up a little more than 2% of the desktop operating system market share. This is in contrast to the web server market share, which consists of 70% of Linux-based operating systems. […]

24.07.2019

Capitalism inspires the short sighted incentives. But trust and honesty is key in long term relationships. So for a short period of time – some dishonest people might enjoy the benefits – but in the end – it comes home […]

ntpd – when fundamentals fail
06.07.2019

servers/clients/computers/programs/services/webservers need accurate time… they usually get it from time servers that have an atomic clock attached to their USB port. (just guessing) ping time.google.com PING time.google.com (216.239.35.4) 56(84) bytes of data. 64 bytes from time2.google.com (216.239.35.4): icmp_seq=1 ttl=46 time=43.5 […]

can you trust PDF attachments/files in 2019?
06.07.2019

thank you ccc you are doing a lovely work – make this planet more interesting by creativity and more informed about security 🙂 keep it up 🙂 https://cdn.media.ccc.de/events/gpn/gpn19/h264-hd/gpn19-45-eng-BADPDF_-_Stealing_Windows_Credentials_via_PDF_Files_hd.mp4 https://cdn.media.ccc.de/events/gpn/gpn19/h264-hd/gpn19-45-eng-BADPDF_-_Stealing_Windows_Credentials_via_PDF_Files_hd.mp4 today i discovered a mail at my client from domain v-kamen.ru […]

cost of cybercrime and lawful backdoors
09.03.2019

„The cost to companies from malware and “malicious insider”-related cyberattacks jumped +12 percent in 2018 and accounted for one-third of all cyberattack costs, according to new research published today by Accenture and the Ponemon Institute.“ src: helpnetsecurity.com logical consequence: stop […]

Hardware Implants – Thunderbolt and OMG USB Cable of Evil
09.03.2019

… this is why no usb stick and no cable can be trusted… Thunderbolt / PCI-Express is having similar issues „Abstract—Direct Memory Access (DMA) attacks have beenknown for many years: DMA-enabled I/O peripherals have com-plete access to the state of […]

CentOS7 uninstall nftables install iptables
06.03.2019

watch your logs with this command, you can watch all logs at the same time, which should work for small servers with 10-30x websites (with more it probably get’s a little too much output) analyze the malicious traffic you can […]

how to htaccess limit wordpress searches
04.03.2019

lately this blog gets bombarded with queries like these: which decoded are Korean SPAM? which translates as: iptables / firewalld seem not to work and have to really really figure out why. until then this is a little workaround, it […]

20.02.2019

shortcut: the fix for this seems to be to simply replace https://stackoverflow.com/questions/9477115/what-are-the-differences-and-similarities-between-ffmpeg-libav-and-avconv „This program (ffmpeg) is not developed anymore and is only provided for compatibility. Use avconv instead“ ffmpeg -i „$1“ -acodec libmp3lame -ac 2 -q:a 2 „$1.mp3“; -> avconv […]

opening png images on Android phones is not safe anymore
12.02.2019

Outlook hacked by receiving an email – fax machine – hacked by receiving a fax – Android SmartPhones hacked by vieweing a picture.png (it’s a bug in the Framework/SDK) – „great“ whats next?Will SmartPhones and „THE INTERNET“ be doomed „unsafe“ […]

lnav – like less but more colorful output of log files
03.02.2019

how to monitor all logs… https://dwaves.org/2017/06/15/linux-monitor-all-logs-in-real-time-d-follow-all-show-changes-to-log-files-under-varlog/ as i was wondering what combination of less -R with or without ccze would allow me to view log files colorful (because a desert of black and white… does not give you a good […]