whoknows News!

[whoknows]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-6th-2020-breaches-everywhere

 

[whoknows]

https://github.com/taviso/loadlibrary

@Kurapica @CodeExplorer @kao

 

bonus

fudzilla.com/news/memory-and-storage/50462-vmware-upgrades-with-kubernetes

Avast JavaScript Interactive Shell - github.com/taviso/avscript

Avast disables JavaScript engine  - zdnet.com/article/avast-disables-javascript-engine-in-its-antivirus-following-major-bug/

Edited March 12, 2020 by whoknows

[whoknows]

 

https://www.zdnet.com/article/brave-accuses-google-of-using-vague-privacy-policies-that-breach-gdpr/

 

bonus

Mcafee #myass - podbean.com/eu/pb-yrfty-d661d3

COVID-19 Stanford professor of neurobiology and bioengineering Michael Lin an excellent 31-page - slideshare.net/MichaelLin14/how-to-fight-the-coronavirus-sarscov2-and-its-disease-covid19

MS.GitHub buys NPM - theregister.co.uk/2020/03/16/microsofts_github_npm/

Edited March 17, 2020 by whoknows

[whoknows]

https://blog.tetrane.com/Analysis_of_CVE_2018_8653_Memory_Management.html

 

bonus

Coronavirus Explained - youtu.be/BtN-goy9VOY
He used Glo Germ powder to demonstrate how germs spread - youtu.be/I5-dI74zxPg
DirectX 12 Ultimate - mspoweruser.com/microsoft-announces-directx-12-ultimate

Edited March 19, 2020 by whoknows

[whoknows]

Quote

Why do 90 random servers, sitting out on the public internet, share the same exact access key token that only servers allowed to officially access and provide support to US government agencies should have. Who created these servers? What is there plan? Why do they keep funding this infrastructure?

https://blog.12security.com/accidentally-altering-data-on-senate-gov/

 

bonus

Packt.Hands-On Dark Web Analysis - neowin.tradepub.com/free/w_pacb118/prgm.cgi

Edited March 21, 2020 by whoknows

[whoknows]

https://blog.jldc.me/posts/decrypting-blind

 

 

bonus :

Critical bugs in dozens of Zyxel and Lilin - arstechnica.com/information-technology/2020/03/lilin-dvrs-and-zyxel-nas-devices-have-been-active-exploit-for-months

Why is Japan still a coronavirus outlier? - japantimes.co.jp/opinion/2020/03/21/commentary/japan-commentary/japan-still-coronavirus-outlier

Prince of Persia it self - youtube.com/watch?v=sw0VfmXKq54

Edited March 22, 2020 by whoknows

[whoknows]

https://www.bleepingcomputer.com/news/security/tupperware-site-hacked-with-fake-form-to-steal-credit-cards/

 

bonus

Chrome stops User-Agent beginning with Chrome 81 - infoq.com/news/2020/03/chrome-phasing-user-agent/

Tox - peer-to-peer instant messaging protocol - ghacks.net/2020/03/25/tox-is-a-peer-to-peer-instant-messaging-protocol-with-end-to-end-encryption/

Pornhub Premium is now free - betanews.com/2020/03/25/free-pornhub-premium-coronavirus-covid-19/

Edited March 25, 2020 by whoknows

[whoknows]

https://www.forbes.com/sites/zakdoffman/2020/03/26/exposed-apple-ios-13-has-worrying-encryption-flaw-and-there-is-no-workaround

 

bonus

iOS application - Apple and the CDC's COVID19 self-diagnosis app - apps.apple.com/us/app/apple-covid-19/id1504132184

Edited March 27, 2020 by whoknows

[whoknows]

More than 750 healthcare providers were hit with ransomware last year, according to Emsisoft, a New Zealand cybersecurity company offering free help to hospitals hit with ransomware. "We may be looking at a near-perfect storm in which healthcare providers are disrupted at the very time they are needed the most," the company says in a blog post. 

 

The attacks hit the largest and smallest of healthcare facilities. The World Health Organization has been attacked with multiple ransomware attempts, but has been able to deflect them with protective cybersecurity software, the giant medical organization's security chief told The Wall Street Journal this week. At the other end of the spectrum, Wood Ranch Medical, a clinic in Simi Valley, California, closed in December after ransomware damage was significant enough that the little clinic found "we cannot rebuild our medical records."

 

Ransomware is often unleashed when an employee clicks on a "phishing" link in an email, or downloads an attachment. Malware can then be released into an organization's computer systems that encrypts data, making it inaccessible. Emsisoft says the cost of ransomware last year may have reached $7.5 billion.

https://blog.emsisoft.com/en/34822/the-state-of-ransomware-in-the-us-report-and-statistics-2019/
https://blog.emsisoft.com/en/35921/free-ransomware-help-for-healthcare-providers-during-the-coronavirus-outbreak/

src-
https://www.businessinsider.com/ransomware-attack-hospitals-coronavirus-covid-19-2020-3

by using addon :
https://github.com/iamadamdev/bypass-paywalls-chrome
https://github.com/iamadamdev/bypass-paywalls-firefox

;)

 

[whoknows]

https://www.ghacks.net/2020/03/27/0patch-publishes-micropatch-to-address-windows-font-parsing-vulnerability/

 

[whoknows]

https://github.com/shemesh999/oregami

 

[whoknows]

https://tooslowexception.com/mobius-net-runtime-running-on-net-core/

 

[whoknows]

https://github.com/zenghongtu/vscode-asciiflow2

 

bonus

ReactOS v0.4.13 is out - reactos.org/project-news/reactos-0413-released/

Edited April 11, 2020 by whoknows

[whoknows]

Files extractor and reimporter, archives and file formats parser, advanced tool for reverse engineers and power users, and much more.

 

http://quickbms.aluigi.org/
or
https://aluigi.altervista.org/quickbms.htm

 

Edited April 12, 2020 by whoknows

[whoknows]

https://hhvm.com/

Slack launched in 2014 with a PHP 5 backend. Along with several other companies, we switched to HHVM in 2016 because it ran our PHP code faster. - slack.engineering/hacklang-at-slack-a-better-php-65f239cbc9e9

 

 

bonus

Ransomware Now Leaking Stolen Documents - schneier.com/blog/archives/2020/04/ransomware_now_.html

500k Zoom accounts are being sold on the dark web - mashable.com/article/zoom-500000-accounts-dark-web

Edited April 14, 2020 by whoknows

[whoknows]

https://github.com/salimk/Rcrawler
https://www.sciencedirect.com/science/article/pii/S2352711017300110

 

 

bonus

Writing an Emulator in JavaScript - taniarascia.com/writing-an-emulator-in-javascript-chip8/

Edited April 15, 2020 by whoknows

[whoknows]

https://keyj.emphy.de/win32-pe/

 

[whoknows]

https://visualstudio.microsoft.com/pure-virtual-cpp-event/

 

 

bonus

Czech cyber officials warn of serious threat to health care sector - cyberscoop.com/czech-republic-cyberthreat-health-care-coronavirus/

Edited April 17, 2020 by whoknows

[whoknows]

https://www.theregister.co.uk/2020/04/10/lockheed_martin_spacex_ransomware_leak/

 

 

bonus

draculatheme.com for any app

World map of domains - nominet.uk/the-shifting-world-of-country-codes/

Edited April 18, 2020 by whoknows

[whoknows]

https://devblogs.microsoft.com/cppblog/gsl-3-0-0-release/

bonus

Free cross-platform password manager compatible with KeePass - github.com/keeweb/keeweb + keeweb.info/ + app.keeweb.info/

COVID-19’s impact on Tor - blog.torproject.org/covid19-impact-tor

Social Distancing Game (Japanese) - gamingchahan.com/mitsudesu/

Drone reforestation - droneseed.com

Edited April 18, 2020 by whoknows

[whoknows]

https://www.theregister.co.uk/2020/05/05/cut_paste_ar_photoshop/

 

[whoknows]

https://threatpost.com/godaddy-hack-breaches-hosting-account-credentials/155475/

 

[whoknows]

Nowadays applications build with Electron (look skype / ms teams +++), it uses the Chrome V8 JavaScript, the developer packs the application and publish it. Electron applications live inside the app.asar (works like tar that concatenates all files together without compression, while having random access support), using a Node addon or 7z addon you can manipulate it.. 

New technic is out, allow developers create custom startup snapshots, that stored inside the snapshot_blob.bin (Chrome V8 JavaScript), for faster startup. if you look your chrome distr on main folder a snapshot_blob.bin exists as well. 

and the JS function bodies in unicode :

 

how to extract and repack ?

sample :

https://dropmefiles.com/UQEcz

 

[whoknows]

https://secrary.com/Random/anti_re_simple/

 

[whoknows]

https://github.com/ioncodes/idacode

 

Assembly “wrapping”: a new technique for anti-disassembly - hxxps://medium.com/@0x4ndr3/assembly-wrapping-a-new-technique-for-anti-disassembly-c144eb90e036

HardCode.64KB and smaller intros - hxxp://hardcode.untergrund.net/

Edited June 8, 2020 by whoknows