Jump to content

chain

Administrators
  • Content Count

    4,324
  • Joined

  • Last visited

Everything posted by chain
 
 
  1. Google is working on another communications application, this one for workplaces, that will combine several different platforms it already operates, according to a new report from The Information. This new product is designed to unify different Google services the company sells to businesses, including parts of its G Suite like corporate-grade Gmail and Google Drive. It would also bundle together the various, somewhat confusing variants of Hangouts. Once a consumer-focused communications platform, Hangouts is now geared toward enterprise customers. It has since been split into Hangouts Meet, a video chat app, and Hangouts Chat, a real-time text-based successor to Gchat. But that means Google may be introducing yet another communications platform, or something similar, into an already confounding ecosystem of existing services. https://www.theverge.com/2020/1/28/21112596/google-messaging-communications-app-hangouts-chat-meet-g-suite
  2. Facebook’s Clear History tool is now available in all countries, CEO Mark Zuckerberg announced in a blog post today. It’s part of a new section in your settings called “Off-Facebook activity,” and it lets users see which third-parties have shared user interactions with the social network — even when they’re not using Facebook directly. Off-Facebook activity is the information that businesses and websites share with Facebook based on your interactions with those sites or apps. The Clear History tool can be helpful if you’re constantly getting ads for something you were just looking at online or being served suggestions for things Facebook thinks you might be interested in. Besides clearing your history, the new section also includes options to view your information by category, download the information, and select how off-Facebook activity can be managed in the future. https://www.theverge.com/2020/1/28/21111981/facebooks-clear-history-tool-now-available-to-everyone
  3. The Japanese vendor Mitsubishi Electric declared a network hack last week in a press release. As revealed at the time (through the translated version of the press release), their network suffered the attack in June 2019. As a result, their system exposed data to the attackers, including “personal information and corporate confidential information”.  They did specify that the incident did not expose any important data relating to business partners. However, they did not reveal much technical detail about the incident. Then in an updated press release,  they confirmed that the incident occurred due to unauthorized access to their network and may have leaked some “trade secrets”. According to the (translated version of) the press release, some 200 MB of files was exposed that included data such as employment applicant information (1987 people), employee information (4566 people), and data related to retired employees of affiliate companies (1569 people). It also included some corporate data such as “technical material, sales materials, etc.”. Furthermore, they also explained the cause behind the attack, which turned out to be a bug in their antivirus. As stated (translated),Attribution link: https://latesthackingnews.com/2020/01/28/hackers-exploited-trend-micro-antivirus-zero-day-in-mitsubishi-electric-hack/
  4. Reportedly, Mozilla has recently banned a large number of Firefox browser extensions for malicious activity. The tech giant has banned 197 different add-ons in the previous weeks, which were found running malicious code. Among these, around 129 extensions belonged to 2Ring, which Mozilla removed for executing remote code. This is something in contrast to Mozilla’s policy which does not allow downloading dynamic codes from remote servers. For the same reason, Mozilla also banned six extensions belonging to Tamo Junto Caixa, and three other ‘fake premium products’. Similarly, they also banned thirty other add-ons for exhibiting malicious behavior on third-party websites. Other banned extensions include five add-ons for collecting search terms and intercepting searches, and separate batches of two, nine, and three add-ons for using obfuscated codes.Attribution link: https://latesthackingnews.com/2020/01/28/mozilla-bans-197-malicious-firefox-add-ons-amidst-crackdown/
  5. Facebook and gaming hardware maker Razer are among the first US technology companies to begin restricting travel to China amid the ongoing coronavirus outbreak. Facebook is halting all non-essential employee travel to the country, and the company is also telling employees who recently returned from China to work from home, according to Bloomberg. Although Facebook is banned in China, the company does have offices in the country and uses Chinese suppliers for manufacturing its Oculus virtual reality headsets and its Portal family of video chat devices. California-based Razer, known for making popular gaming laptops and accessories, has separately confirmed to The Verge that it is taking similar measures. “Our company has already been restricting travel and advising employees to work from home,” a Razer spokesperson said on Monday. Razer, like Facebook and countless other tech companies, has offices throughout China and uses Chinese suppliers to manufacturer some its hardware, which includes gaming mice and keyboards, as well as headsets and laptops. https://www.theverge.com/2020/1/27/21111047/facebook-coronavirus-employee-travel-restricting-virus-outbreak-concern
  6. Video game publisher Activision Blizzard has entered into a multiyear partnership with Google that will see the search giant’s cloud platform power all of Activision Blizzard’s game hosting and other technical needs. But more importantly, as part of the deal, YouTube will become the exclusive streaming partner for all of the game publisher’s big e-sports titles, including the upcoming season of the Overwatch League and the Call of Duty League, which kicks off today in Minneapolis, Minnesota. The deal is a huge win for YouTube, which has struggled to compete with game streaming leader Twitch, despite YouTube being the largest video site in the world and the second most-visited website on the planet behind only its parent company’s search engine. Twitch was the exclusive streaming partner for Activision Blizzard’s first two seasons of the Overwatch League, and Twitch has long been the go-to destination for live gaming entertainment. https://www.theverge.com/2020/1/24/21080731/youtube-activision-blizzard-exclusive-streaming-e-sports-league
  7. Cisco has fixed a critical security Flaw in its Firepower Management Center (FMC). As explained in their advisory, the vulnerability existed in the web-based interface of the tool. And, upon exploitation, the bug could allow remote code execution with admin privileges on the device while bypassing authentication.Attribution link: https://latesthackingnews.com/2020/01/27/cisco-patched-critical-bug-in-firepower-management-center/
  8. chain

    Kobe Bryant

    I dont usually mention sports on this scripting site, but this cannot be helped as a good person and a sports mentor for a lot of kids and many people died in a very tragic accident with other people among him. kobe Bryant was a person that trived to achive exellence in many things in his life, he challanged himself to become great at his skills and to give back to the sport. Kobe Bryant will be well missed not just for being a legend in basketball but for being there to help others and being an inspiration to the world.
  9. Internet Explorer is dead, but not the mess it left behind.Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer (IE) browser that attackers are actively exploiting in the wild — and there is no patch yet available for it.The vulnerability, tracked as CVE-2020-0674 and rated moderated, is a remote code execution issue that exists in the way the scripting engine handles objects in memory of Internet Explorer and triggers through JScript.dll library.A remote attacker can execute arbitrary code on targeted computers and take full control over them just by convincing victims into opening a maliciously crafted web page on the vulnerable Microsoft browser. Read more here:  https://thehackernews.com/2020/01/internet-explorer-zero-day-attack.html
  10. Cybera launched the Rapid Access Cloud (RAC) in order to fill a gap in Alberta research and education: access to free but powerful compute infrastructure to run tests and support learning. Over the last seven years, as usage of our cloud took off, we have been amazed by the breadth of projects we have supported: from public-serving apps, to 3D animations, to a range of AI and machine learning research. But we have always had a soft spot for education, and supporting classrooms to gain experience in the use (and potential) of cloud. Almost from the beginning, Eleni Stroulia has been one of our biggest advocates of using RAC in the classroom. Stroulia is a Computing Science Professor at the University of Alberta, and for several years, has utilized the RAC for her CMPUT 401 – Software Process and Product Management class. To add an interesting challenge to this course, Stroulia incorporates a hackathon for her students. This semester’s hackathon took place this past weekend, with teams of 4-6 working for 48 hours on a data problem. “Their project doesn’t have to be related to their classwork, we just want them to have fun and build team spirit,” says Stroulia. “The most important thing is that they’re getting hands-on experience with RAC. There’s a little bit of configuration, and trial and error, but it’s a great way for them to learn how to deploy things on a basic cloud infrastructure.” more here: https://www.cybera.ca/news-and-events/tech-radar/university-hackathon-shows-students-the-wide-possibilities-of-cloud/
  11. The 33-year-old former Amazon software engineer accused of hacking Capital One made little attempt to hide her attack. In fact, she effectively publicized it. It’s one of many riddles swirling around Paige Thompson, who goes by the online handle “erratic.” Well-known in Seattle’s hacker community, Thompson has lived a life of tumult, with frequent job changes, reported estrangement from family and self-described emotional problems and drug use. more here: https://globalnews.ca/news/5711965/capital-one-hack-paige-thompson/
  12. Microsoft has confirmed a security flaw affecting Internet Explorer is currently being used by hackers, but that it has no immediate plans to fix. In a late-evening tweet, US-CERT, the division of Homeland Security tasked with reporting on major security flaws, tweeted a link to a security advisory detailing the bug, describing it as “being exploited in the wild.” Microsoft said all supported versions of Windows are affected by the flaw, including Windows 7, which after this week no longer receives security updates. The vulnerability was found in how Internet Explorer handles memory. An attacker could use the flaw to remotely run malicious code on an affected computer, such as tricking a user into opening a malicious website from a search query or a link sent by email. It’s believed to be a similar vulnerability as one disclosed by Mozilla, the maker of the Firefox browser, earlier this week. Both Microsoft and Mozilla credited Qihoo 360, a China-based security research team, with finding flaws under active attack. Earlier in the week, Qihoo 360 reportedly deleted a tweet referencing a similar flaw in Internet Explorer. Neither Qihoo, Microsoft, nor Mozilla said how attackers were exploiting the bug, who the attackers were, or who was being targeted. The U.S. government’s cybersecurity advisory unit also issued a warning about current exploitation. Microsoft told TechCrunch that it was was “aware of limited targeted attacks” and was “working on a fix,” but that it was unlikely to release a patch until its next round of monthly security fixes — scheduled for February 11. Microsoft assigned the bug with a common vulnerability identifier, CVE-2020-0674, but specific details of the bug have yet to be released. When reached, a Microsoft spokesperson did not comment https://techcrunch.com/2020/01/18/internet-explorer-security-flaw/
  13. Reportedly, researchers from WebARX Security have found a serious security flaw in two different WordPress plugins. Considering the extensive userbase of both plugins, the bug potentially made thousands of websites vulnerable to cyber attacks. Stating about the bug in their advisory, the researchers stated that they found an authentication bypass flaw in two plugins, the WP Time Capsule and InfiniteWP Client. Exploiting the flaw could allow an attacker to sign-in to the admin account without a password. According to the researchers, the bug remained exploitable even with a firewall. Attribution link: https://latesthackingnews.com/2020/01/20/critical-bug-in-two-wordpress-plugins-risked-over-320k-websites/
  14. Researchers from Kaspersky have discovered some old malware active in the wild again. Identified as Faketoken, the old Android banking trojan is now back with more malicious functionality. The malware first emerged several years ago and was among the most widespread banking trojans in 2014. At that time, Faketoken meddled with the device-messaging only once to proceed with fraudulent transactions. However, in 2016, it became more sophisticated in stealing money, as it overlaid apps to steal users’ bank account credentials. At the same time, it also served as ransomware by encrypting the device data.  Whereas, in the following year, it emerged whilst impersonating popular e-wallets and mobile banking apps to bluff users. Hijacking Phone For Sending SMS Elaborating on their findings in a blog post, the researchers stated that their ‘Botnet Attack Tracking’ system recently found at least 5000 devices infected with Faketoken. They found all these devices involved in sending text messages. The researchers considered this behavior ‘unusual’ for a banking trojan. Scratching the surface revealed that the typical banking trojan has now emerged as an even more malicious virus. Faketoken now hijacks the victim devices to send messages to premium rate numbers. Whereas, in case of lack of balance, the attackers behind the malware can top up the victim mobile account through their bank account. Such messages will further cost the victim as the researchers found most messages being sent to foreign numbers. While, for now, it is unclear as to how Faketoken is targeting devices. Nonetheless, the usual precautions, which are avoiding downloads from third-party app stores, avoiding URLs received via SMS messages, reviewing app permissions, and empowering devices with robust mobile antivirus tools can help the Android users stay safe.Attribution link: https://latesthackingnews.com/2020/01/20/android-banking-trojan-faketoken-now-also-messages-premium-rate-phone-numbers/
  15. Reportedly, Facebook has announced an update in its login feature. The new feature will now notify users while logging in to third-party apps via Facebook. Facebook believes this change will bring more control to the users on their information. The tech giant has detailed this new feature in a blog post. As revealed, the new feature, called ‘Login Notifications’, generates user alerts while signing-in to third party apps. This notification will give details to the user about the information shared with the app. It will also let the user make any changes to the shared data.Attribution link: https://latesthackingnews.com/2020/01/19/facebook-will-notify-users-when-logging-in-to-third-party-apps/
  16. Last night we experienced approximately 12 hours of downtime between around 18:00 and 06:40 UTC, caused by a prolonged period of internet routing issues which our ISP has attributed to a failed line card in one of their routers. This was our longest period of downtime in many years and we’re very sorry for the disruption it caused. Running a large service which interfaces with the venerable IRC protocol poses a different set of challenges to most modern web services: Firstly, we have to manage a large number of outbound IRC connections while ensuring as few disconnections as possible. Secondly, IRC networks expect our users to connect from a consistent set of IP addresses, and lastly, IRCCloud is subject to a high volume of distributed denial of service (DDoS) attacks. These constraints mean that our outbound connection servers, which actually make your outbound IRC connections, have been hosted for years by a specialist DDoS-resistant hosting service provided by a major ISP. This is a costly part of our infrastructure, and it wouldn’t be economical for us to completely duplicate these servers elsewhere to mitigate against rare situations like the one last night. Switching to another ISP - even if we could find one to provide the required servers at short notice - would involve a long process of getting new IP addresses whitelisted by IRC networks. Our current architecture also restricts us to running our outbound connection servers in relatively close proximity to the rest of our infrastructure (which is hosted on Amazon Web Services). Over the last few months we’ve been working on a significant update of our backend software to remove this restriction - in fact, we started rolling this update out yesterday. These improvements will make it easier for us to investigate other approaches for our outbound connection servers in future, and we’ll certainly be discussing network redundancy with our ISP and future providers. If you’re an IRCCloud subscriber, we’re happy to issue you a month’s refund in compensation for this downtime - drop us an email at team@irccloud.com. Tuesday January 22 2019 • posted by james Bouncer: connect with other clientsToday we’re launching one of our most requested features. Paid subscribers can now use 3rd party IRC clients to connect to the IRCCloud service, just as you would with a traditional bouncer. Open the menu for one of your IRC or Slack connections and choose the “Connect with another client…” option for details on how to connect. For IRC connections, you’ll be prompted to generate a unique server password. Backlog replayNote: backlog replay isn’t currently available for Slack connections Bouncer passwords are shown to you in the following format: bnc:xxxxxxxx… If you’d like the bouncer to replay missed messages whenever you reconnect with your client, you’ll need to change this format to include a clientid of your choosing. This is used to identify and track the messages your client has seen to make sure we only replay undelivered messages. The clientid can be anything, but can’t include spaces. Just make sure to use a different id for each client you use. Once you’ve chosen a clientid, rewrite your password in the following format: bnc@clientid:xxxxxxxx… For example, if your generated password was bnc:abcxyz and you chose laptop as a clientid, you’d connect with the following server password: bnc@laptop:abcxyz SecurityA bouncer password grants full access to the associated network connection, so make sure to keep it safe. You can revoke or regenerate a bouncer password at any time, in case you no longer need it or it becomes compromised. This will also disconnect any client currently using that password. Backlog timestampsThe latest versions of most 3rd party clients support the server-time IRCv3 feature, which the bouncer will use to provide the correct timestamp for backlog replay. However, some clients may need a little coaxing https://blog.irccloud.com
  17. Embedding a Kiwi IRC widget into your websiteEmbedding a Kiwi IRC widget on your website can be a great way to bring your community together or host an online event. No more linking to a long kiwirc.com address - you can keep your community and users on your own website while taking advantage of the well tested kiwiirc.com servers and functionality. At the very least you must know where you want your users to connect to. This will be an IRC network and a channel name. If you don't have either of these, feel free to use irc.kiwiirc.com as the network and any channel name of your choosing (letters and numbers only but starting with a # symbol). https://kiwiirc.com/embedding
  18. we're back in 2019 with a maintenance release for the 0.13 cycle, Quassel 0.13.1. Besides a handful of fixes and improvements over the previous release, 0.13.1 fixes a particularly annoying issue with 0.13.0 on Qt4-based systems where backlog messages would not all be fetched. I'd like to thank Janne "justJanne" Koschinski and Shane "digitalcircuit" Synan in particular for finding the cause for this problem, as well as implementing and testing the fix! So if you happen to run Quassel 0.13.0 on a system or distro still using Qt4, be sure to upgrade (or ask your friendly distro maintainers to do so), otherwise your chat history may be spotty... Official 0.13.0 builds for Windows and OSX already use Qt5, so they're not affected. Also any recent distro release should have done the migration already, as Qt5 has been out for quite some time. Quassel 0.13.1 also makes database schema upgrades more robust by making them resumable, and allows to configure the listen addresses for the built-in identd. Please see the ChangeLog for a full list of changes. As always, you can find the sources, as well as precompiled binaries for Windows and OSX on the downloads page. Cheers,
  19. chain

    ChainScriptz Blog

    Just to inform people we at chainscriptz have added a blog from which i will rant about things and add things and explain things. This blog will be a way to let steam out and for others to comment or rebutle.
  20. So Im going to Rant about people and chat server's I've been hearing a lot of complaint pertaing to Buzzen staff and how there running it. I can remember a time when buzzen was always being flooded or being attacked. there were so many issues when Buzzen first opened and how things gradually changed over the times. There was a point in my life where i did care about the chat servers and how they were being controlled by staff and after awhile i also became staff and saw things and saw ppl being fired due to just being control freaks and banning people for stupid shit. then came the huge move where err0r,Eyecu,Fiesty,me became dedicated to the server and started working and bringing in new staff with err0r developing new clinets for us and constructing the server with eyecu to be more secure and less flooding. Also danger was a help in finding loop holes and assisting. it was great and the server became more and more popular. But then Duke realized he could sell his chat network to others and with the help of err0r bring in new servers. so as you can see Buzzen has a huge history with scripters. So now this brings me to the question is Buzzen mistreating some chatters or are theses chatters finally getting what they deserve. Ive know Eyecu for quite some years and I know that no matter what people say I believe not any woman would come between him and his knowledge of what is right and what is wrong. Now if its another staff member well thats a different story and im sure if its brought to head staffs attention it will be looked into and then dealt with in the proper manner!! This is my opinion only.
  21. Here you'll find IT related howtos, code snippets, random rants, and probably horribly outdated information, written by a guy born in 1964 who likes IT&tech stuff, Scripting, Chat Servers, and Music you can bang your head to, and Dogs. Enjoy your stay!
  22. chain

    New Look ChainScriptz

    Wes & I have decided to update the site and make it a little more easy on the eyes. As we are getting older espicially me LOL We hope you will like the New Theme.
  23. Two men have been arrested after Britain’s National Crime Agency and its international pals claimed the takedown of breached credentials-reselling website WeLeakInfo. In a collaboration between British, Northern Irish, German, US and Dutch police agencies WeLeakInfo was taken offline yesterday with two 22-year-olds alleged to be linked to its operation being arrested at the same time. The NCA began looking closely at the site, which is said to have offered paid access to around 12 billion items of personal data, in August 2019. In a statement the agency alleged that credentials from the site were being used in cyber attacks affecting Britain, Germany and America. The two arrested men were said, by NCA investigators, to have made £200,000 from running the site. One hailed from Fintona, Fermanagh, Northern Ireland, while the other is from Arnhem in the Netherlands. read more here :https://www.theregister.co.uk/2020/01/17/weleakinfo_takedown_nca_fbi_operation/
  24. Hackers exploiting the high-profile Citrix CVE-2019-19781 flaw to compromise VPN gateways are now patching the servers to keep others out. Researchers at FireEye report finding a hacking group (dubbed NOTROBIN) that has been bundling mitigation code for NetScaler servers with its exploits. In effect, the hackers exploit the flaw to get access to the server, kill any existing malware, set up their own backdoor, then block off the vulnerable code from future exploit attempts by mitigation. Obviously, this is less of a noble gesture and more of a way to keep others out of the pwned boxes. "Upon gaining access to a vulnerable NetScaler device, this actor cleans up known malware and deploys NOTROBIN to block subsequent exploitation attempts," the FireEye team explained. "But all is not as it seems, as NOTROBIN maintains backdoor access for those who know a secret passphrase. FireEye believes that this actor may be quietly collecting access to NetScaler devices for a subsequent campaign." Read more Here: https://www.theregister.co.uk/2020/01/17/hackers_patch_citrix_vulnerability/
  25. This is something you should decide for yourself, this is work that you will do or should i say put into it. if love scripting then you have your answer.
 

Copywrite © 2020 ChainScriptz

×
  • Create New...