誰在線上

正在瀏覽這個版面的使用者: 沒有註冊會員 和 15 位訪客

全球網絡系統(装置)又再爆鑊.....pg 3

歡迎各位影音 fans 齊齊吹水

Re: 全球網絡系統(被)恐襲中...

文章發表人 mtr 發表於 2017-05-13, 22:40

圖檔
mtr
Fun區皇室 - PinkG首腦
Fun區皇室 - PinkG首腦
  頭像
 
文章: 34572

註冊時間:
2007-04-17, 19:21

Re: 全球網絡系統(被)恐襲中...

文章發表人 茶母 發表於 2017-05-14, 07:56

暫時正苦話未中招, 但要睇咗禮拜一先知, 啲部門都未開工 :question2:
茶母
Fun區 - 黑龍總司令
Fun區 - 黑龍總司令
  頭像
 
文章: 7020

註冊時間:
2005-01-18, 07:43

Re: 全球網絡系統(被)恐襲中...

文章發表人 力奇 發表於 2017-05-14, 08:18

星期一返工開電腦會唔會中晒招? :question2:
力奇
Fun區皇室 - PinkG首腦
Fun區皇室 - PinkG首腦
  頭像
 
文章: 49921

註冊時間:
2005-10-21, 23:55

Re: 全球網絡系統(被)恐襲中...

文章發表人 茶母 發表於 2017-05-14, 08:19

力奇 寫: 星期一返工開電腦會唔會中晒招? :question2:

:question2: :question2:
茶母
Fun區 - 黑龍總司令
Fun區 - 黑龍總司令
  頭像
 
文章: 7020

註冊時間:
2005-01-18, 07:43

Re: 全球網絡系統(被)恐襲中...

文章發表人 mtr 發表於 2017-05-14, 10:53

已經有變種第二代 wanna cry ransomware :

http://thehackernews.com/2017/05/wannac ... ttack.html

除左更新到最新 win10 版 and/or 下載 MSFT 的 patch 外,記得學 frankiepoon 咁 disable SMBv1 (untick 下圖的選項)。

就算最新版 Windows 10 Version 1703 連埋最新既 2017.5.10 累積更新 (KB4016871) 裝左,下圖 SMBv1 選項 win 10 仍設定為 enabled !
附加檔案
smbv1.jpg
smbv1.jpg (173.72 KiB) 被瀏覽 1153 次
圖檔
mtr
Fun區皇室 - PinkG首腦
Fun區皇室 - PinkG首腦
  頭像
 
文章: 34572

註冊時間:
2007-04-17, 19:21

Re: 全球網絡系統(被)恐襲中...

文章發表人 motobee 發表於 2017-05-14, 12:10

motobee
Fun區正義聯盟 - 冇雀隊長
Fun區正義聯盟 - 冇雀隊長
  頭像
 
文章: 160896

註冊時間:
2004-11-26, 13:00

Re: 全球網絡系統(被)恐襲中...

文章發表人 mtr 發表於 2017-05-14, 16:25

http://hkm.appledaily.com/detail.php?gu ... e=20170514

... 中小企周一利用電腦接駁上互聯網前,先進行備份,並保留離線拷貝、安裝防火牆、更新系統等。
圖檔
mtr
Fun區皇室 - PinkG首腦
Fun區皇室 - PinkG首腦
  頭像
 
文章: 34572

註冊時間:
2007-04-17, 19:21

Re: 全球網絡系統(被)恐襲中...

文章發表人 mtr 發表於 2017-05-14, 16:35

而家全球得一個國家用 M$FT 操作系統的電腦可幸免於難 ... 朝鮮 :devil:

http://m.appledaily.com.tw/realtimenews ... 14/1118372

... 中國的電腦安全專家指出,「WannaCry」病毒除能迅自我傳播外,還同時採用AES和RSA兩項加密技術,加密的效果極佳,用戶無法輕易破解秘鑰,簡單來說,除了向駭客掏錢,「短期內幾乎破解無望」。
圖檔
mtr
Fun區皇室 - PinkG首腦
Fun區皇室 - PinkG首腦
  頭像
 
文章: 34572

註冊時間:
2007-04-17, 19:21

Re: 全球網絡系統(被)恐襲中...

文章發表人 mtr 發表於 2017-05-14, 16:49

將懷疑中招部腦完全離線後開機行 "safe mode" 至好咁做:

Block port and disable SMB v1 service at OS level


http://stackoverflow.com/questions/4395 ... -wanna-cry

1. Close ports 135 and 445

According to the reports of antivirus companies, wcrypt penetrates computers through SMB (Server Message Block) ports. To prevent penetration, we block the ports 135 and 445 through which the virus penetrates (in most cases they are not used by ordinary users).

To do this, open the console with administrator rights (cmd.exe -> run as administrator). And we execute in turn 2 commands (after each command there should be status OK).

netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=135 name="Block_TCP-135"

netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=445 name="Block_TCP-445"


2. Disable SMBv1 on the SMB server

Windows 7, Windows Server 2008 R2, Windows Vista, and Windows Server 2008 :

To enable or disable SMB protocols on an SMB Server that is running Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008, use Windows PowerShell or Registry Editor.

Windows PowerShell 2.0 or a later version of PowerShell

https://support.microsoft.com/en-us/hel ... erver-2012

To disable SMBv1 on the SMB server, run the following cmdlet:

Run powershell.

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force
圖檔
mtr
Fun區皇室 - PinkG首腦
Fun區皇室 - PinkG首腦
  頭像
 
文章: 34572

註冊時間:
2007-04-17, 19:21

Re: 全球網絡系統(被)恐襲中...

文章發表人 postmaster 發表於 2017-05-17, 13:38

:question2: :question2:

OH LORDY! Comey Wanna Cry Edition

3 hours ago

theshadowbrokers57 in shadowbrokers




Q. What is being difference between ransom and sale?

A. Sale is buy or no buy, no bad things happen if no buy. Ransom is buy or bad things happen to you. Yes?

TheShadowBrokers is feeling like being very responsible party about Windows dump. Do thepeoples be preferring theshadowbrokers dump windows in January or August? No warning, no time to patch? this is being theshadowbrokers version of alternative facts.

In August theshadowbrokers is telling thepeoples theequationgroup fails at security, theequationgroup is losing their data. Is telling thepeoples, theshadowbrokers is having equation group data, hacker tools for auctioning. Auctioning is sale, bid or no bid. Auction is not ransom. TheShadowBrokers is releasing theequationgroup 2013 firewall tools as proof and advertising. Only Zero-Day is old Cisco. All thepeoples laughing or not paying attention. No peoples is believing theshadowbrokers.

ThePeoples is asking "why not do X or Y or Z?" "Why auction?" TheShadowBrokers is not being interested in bug bounties, selling to cyber thugs, or giving to greedy corporate empires. TheShadowBrokers is taking pride in picking adversary equal to or better than selves, a worthy opponent. Is always being about theshadowbrokers vs theequationgroup.

But theequationgroup didn't bid in auction. The Five Eyes, Russia, China, Iran, Korea, Japan, Israel, Saudi, the UN, NATO, no government or countries didn't bid in auction. Cisco, Juniper, Intel, Microsoft, Symantec, Google, Apple, FireEye, any other bullshit security companies didn't bid in auction.

In December theshadowbrokers canceling auction, offering direct sales, advertising list of warez with reasonable on website. No new Zero-Days.

But theequationgroup didn't buy back lost warez. The Five Eyes, Russia, China, Iran, Korea, Japan, Israel, Saudi, the UN, NATO, no government or countries didn't buy lost warez. Cisco, Juniper, Intel, Microsoft, Symantec, Google, Apple, FireEye, any other bullshit security companies didn't buy lost warez. TheShadowBrokers was very very sad! Story is now sounding like silly children's' book. TheShadowBrokers is writing to audience reading level, thepeoples is having average reading level of 8th grade.

TheShadowBrokers is asking selves, selves why is no peoples making offer on theshadowbrokers equation group warez? Are thepeoples not understanding? No, theshadowbrokers canceling complex auction? Is thepeoples not wanting warez? No, much great interest in free warez. Is thepeoples not really caring about security and public safety? No, governments and corporations caring about thepeoples, yes? Do thepeoples thinking theshadowbrokers are scammers? Maybe, no peoples is buying because thinking theshadowbrokers are scammers and not having anymore theequationgroup data.

In January theshadowbrokers is deciding to show screenshots of lost theequationgroup 2013 Windows Ops Disk. TheShadowBrokers is knowing if showing screenshots, then vulnerabilities is being reported by theequationgroup to Microsoft and is being patched. TheShadowBrokers is goes dark and is watching. No new Zero-Days.

In February Microsoft is missing patch Tuesday. TheShadowBrokers is knowing, Microsoft is missing to be making patches for Eternal exploits. No new Zero-Days.

In March Microsoft is releasing patch for SMB vulnerabilities. TheShadowBrokers is knowing this is being for Eternal exploits. TheShadowBrokers is still waiting and not releasing. No new Zero-Days. Oracle is patching huge numbers of vulnerabilities but TheShadowBrokers is not caring enough to be look up exact dates.

In April, 90 days from theequationgroup show and tell, 30 days from Microsoft patch, theshadowbrokers dumps old Linux (auction file) and windows ops disks. Because why not? TheShadowBrokers is having many more where coming from? "75% of U.S. cyber arsenal" TheShadowBrokers dumped 2013 OddJob from ROCTOOLS and 2013 JEEPFLEAMARKET from /TARGETS. This is theshadowbrokers way of telling theequationgroup "all your bases are belong to us". TheShadowBrokers is not being interested in stealing grandmothers' retirement money. This is always being about theshadowbrokers vs theequationgroup.

Eternal exploits is not being ZeroDays. Is being gay to be using this term, but if being gay then correct terminology is being ThirtyDays because Microsoft patch was being available for 30 days before theshadowbrokers is releasing dump to public. Despite what scumbag Microsoft Lawyer is wanting the peoples to be believing Microsoft is being BFF with theequationgroup. Microsoft and theequationgroup is having very very large enterprise contracts millions or billions of USD each year. TheEquationGroup is having spies inside Microsoft and other U.S. technology companies. Unwitting HUMINT. TheEquationGroup is having former employees working in high up security jobs at U.S. Technology companies. Witting HUMINT. Russian, China, Iran, Israel intelligence all doing same at global tech companies. TheShadowBrokers is thinking Google Project Zero is having some former TheEquationGroup member. Project Zero recently releasing "Wormable Zero-Day" Microsoft patching in record time, knowing it was coming? coincidence?

If theshadowbrokers is telling thepeoples theequationgroup is paying U.S technology companies NOT TO PATCH vulnerabilities until public discovery, is this being Fake News or Conspiracy Theory? Why Microsoft patching SMB vulnerabilities in secret? Microsoft is being embarrassed because theequationgroup is lying to Microsoft. TheEquationGroup is not telling Microsoft about SMB vulnerabilities, so Microsoft not preparing with quick fix patch. More important theequationgroup not paying Microsoft for holding vulnerability. Microsoft is thinking it knowing all the vulnerabilities TtheEquationGroup is using and paying for holding patch. Douche bag, dumbass, libtard, rich prick Head Microsoft Lawyer is running his cock holster because he is having ruff weekend doing real work. Head Microsoft Lawyer being angry because he is missing leisurely weekend playing the skin flute behind the country club. Real work is not being for executives. Real work is being for dirty foreign H1B workforce, happily working for less than stupid lazy American workers.

In May, No dumps, theshadowbrokers is eating popcorn and watching "Your Fired" and WannaCry. Is being very strange behavior for crimeware? Killswitch? Crimeware is caring about target country? The oracle is telling theshadowbrokers North Korea is being responsible for the global cyber attack Wanna Cry. Nukes and cyber attacks, America has to go to war, no other choices! (Sarcasm) No new ZeroDays.

In June, TheShadowBrokers is announcing "TheShadowBrokers Data Dump of the Month" service. TheShadowBrokers is launching new monthly subscription model. Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members.

TheShadowBrokers Monthly Data Dump could be being:

•web browser, router, handset exploits and tools


•select items from newer Ops Disks, including newer exploits for Windows 10


•compromised network data from more SWIFT providers and Central banks


•compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs


More details in June.

OR IF RESPONSIBLE PARTY IS BUYING ALL LOST DATA BEFORE IT IS BEING SOLD TO THEPEOPLES THEN THESHADOWBROKERS WILL HAVE NO MORE FINANCIAL INCENTIVES TO BE TAKING CONTINUED RISKS OF OPERATIONS AND WILL GO DARK PERMANENTLY YOU HAVING OUR PUBLIC BITCOIN ADDRESS

-TSB

OH LORDY! Comey Wanna Cry Edition

3 hours ago

theshadowbrokers57 in shadowbrokers




Q. What is being difference between ransom and sale?

A. Sale is buy or no buy, no bad things happen if no buy. Ransom is buy or bad things happen to you. Yes?

TheShadowBrokers is feeling like being very responsible party about Windows dump. Do thepeoples be preferring theshadowbrokers dump windows in January or August? No warning, no time to patch? this is being theshadowbrokers version of alternative facts.

In August theshadowbrokers is telling thepeoples theequationgroup fails at security, theequationgroup is losing their data. Is telling thepeoples, theshadowbrokers is having equation group data, hacker tools for auctioning. Auctioning is sale, bid or no bid. Auction is not ransom. TheShadowBrokers is releasing theequationgroup 2013 firewall tools as proof and advertising. Only Zero-Day is old Cisco. All thepeoples laughing or not paying attention. No peoples is believing theshadowbrokers.

ThePeoples is asking "why not do X or Y or Z?" "Why auction?" TheShadowBrokers is not being interested in bug bounties, selling to cyber thugs, or giving to greedy corporate empires. TheShadowBrokers is taking pride in picking adversary equal to or better than selves, a worthy opponent. Is always being about theshadowbrokers vs theequationgroup.

But theequationgroup didn't bid in auction. The Five Eyes, Russia, China, Iran, Korea, Japan, Israel, Saudi, the UN, NATO, no government or countries didn't bid in auction. Cisco, Juniper, Intel, Microsoft, Symantec, Google, Apple, FireEye, any other bullshit security companies didn't bid in auction.

In December theshadowbrokers canceling auction, offering direct sales, advertising list of warez with reasonable on website. No new Zero-Days.

But theequationgroup didn't buy back lost warez. The Five Eyes, Russia, China, Iran, Korea, Japan, Israel, Saudi, the UN, NATO, no government or countries didn't buy lost warez. Cisco, Juniper, Intel, Microsoft, Symantec, Google, Apple, FireEye, any other bullshit security companies didn't buy lost warez. TheShadowBrokers was very very sad! Story is now sounding like silly children's' book. TheShadowBrokers is writing to audience reading level, thepeoples is having average reading level of 8th grade.

TheShadowBrokers is asking selves, selves why is no peoples making offer on theshadowbrokers equation group warez? Are thepeoples not understanding? No, theshadowbrokers canceling complex auction? Is thepeoples not wanting warez? No, much great interest in free warez. Is thepeoples not really caring about security and public safety? No, governments and corporations caring about thepeoples, yes? Do thepeoples thinking theshadowbrokers are scammers? Maybe, no peoples is buying because thinking theshadowbrokers are scammers and not having anymore theequationgroup data.

In January theshadowbrokers is deciding to show screenshots of lost theequationgroup 2013 Windows Ops Disk. TheShadowBrokers is knowing if showing screenshots, then vulnerabilities is being reported by theequationgroup to Microsoft and is being patched. TheShadowBrokers is goes dark and is watching. No new Zero-Days.

In February Microsoft is missing patch Tuesday. TheShadowBrokers is knowing, Microsoft is missing to be making patches for Eternal exploits. No new Zero-Days.

In March Microsoft is releasing patch for SMB vulnerabilities. TheShadowBrokers is knowing this is being for Eternal exploits. TheShadowBrokers is still waiting and not releasing. No new Zero-Days. Oracle is patching huge numbers of vulnerabilities but TheShadowBrokers is not caring enough to be look up exact dates.

In April, 90 days from theequationgroup show and tell, 30 days from Microsoft patch, theshadowbrokers dumps old Linux (auction file) and windows ops disks. Because why not? TheShadowBrokers is having many more where coming from? "75% of U.S. cyber arsenal" TheShadowBrokers dumped 2013 OddJob from ROCTOOLS and 2013 JEEPFLEAMARKET from /TARGETS. This is theshadowbrokers way of telling theequationgroup "all your bases are belong to us". TheShadowBrokers is not being interested in stealing grandmothers' retirement money. This is always being about theshadowbrokers vs theequationgroup.

Eternal exploits is not being ZeroDays. Is being gay to be using this term, but if being gay then correct terminology is being ThirtyDays because Microsoft patch was being available for 30 days before theshadowbrokers is releasing dump to public. Despite what scumbag Microsoft Lawyer is wanting the peoples to be believing Microsoft is being BFF with theequationgroup. Microsoft and theequationgroup is having very very large enterprise contracts millions or billions of USD each year. TheEquationGroup is having spies inside Microsoft and other U.S. technology companies. Unwitting HUMINT. TheEquationGroup is having former employees working in high up security jobs at U.S. Technology companies. Witting HUMINT. Russian, China, Iran, Israel intelligence all doing same at global tech companies. TheShadowBrokers is thinking Google Project Zero is having some former TheEquationGroup member. Project Zero recently releasing "Wormable Zero-Day" Microsoft patching in record time, knowing it was coming? coincidence?

If theshadowbrokers is telling thepeoples theequationgroup is paying U.S technology companies NOT TO PATCH vulnerabilities until public discovery, is this being Fake News or Conspiracy Theory? Why Microsoft patching SMB vulnerabilities in secret? Microsoft is being embarrassed because theequationgroup is lying to Microsoft. TheEquationGroup is not telling Microsoft about SMB vulnerabilities, so Microsoft not preparing with quick fix patch. More important theequationgroup not paying Microsoft for holding vulnerability. Microsoft is thinking it knowing all the vulnerabilities TtheEquationGroup is using and paying for holding patch. Douche bag, dumbass, libtard, rich prick Head Microsoft Lawyer is running his cock holster because he is having ruff weekend doing real work. Head Microsoft Lawyer being angry because he is missing leisurely weekend playing the skin flute behind the country club. Real work is not being for executives. Real work is being for dirty foreign H1B workforce, happily working for less than stupid lazy American workers.

In May, No dumps, theshadowbrokers is eating popcorn and watching "Your Fired" and WannaCry. Is being very strange behavior for crimeware? Killswitch? Crimeware is caring about target country? The oracle is telling theshadowbrokers North Korea is being responsible for the global cyber attack Wanna Cry. Nukes and cyber attacks, America has to go to war, no other choices! (Sarcasm) No new ZeroDays.

In June, TheShadowBrokers is announcing "TheShadowBrokers Data Dump of the Month" service. TheShadowBrokers is launching new monthly subscription model. Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members.

TheShadowBrokers Monthly Data Dump could be being:

•web browser, router, handset exploits and tools


•select items from newer Ops Disks, including newer exploits for Windows 10


•compromised network data from more SWIFT providers and Central banks


•compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs


More details in June.

OR IF RESPONSIBLE PARTY IS BUYING ALL LOST DATA BEFORE IT IS BEING SOLD TO THEPEOPLES THEN THESHADOWBROKERS WILL HAVE NO MORE FINANCIAL INCENTIVES TO BE TAKING CONTINUED RISKS OF OPERATIONS AND WILL GO DARK PERMANENTLY YOU HAVING OUR PUBLIC BITCOIN ADDRESS

-TSB
postmaster
Fun區 - 黑龍總司令
Fun區 - 黑龍總司令
  頭像
 
文章: 6019
來自: 大中華香港共榮區

註冊時間:
2005-07-16, 14:51

Re: 全球網絡系統或(將)(再)"被"恐襲.....

文章發表人 postmaster 發表於 2017-05-25, 05:34

ipCam 全球十二萬裝置碎料咋 ! 年幾前提及過嘅問題, 終於殺埋身 :coldsweat2: 全球有二億用家嘅裝置 cup cup 可危 :hypno:

圖檔

快的去更新啦 :a009:
postmaster
Fun區 - 黑龍總司令
Fun區 - 黑龍總司令
  頭像
 
文章: 6019
來自: 大中華香港共榮區

註冊時間:
2005-07-16, 14:51

Re: 全球網絡系統(装置)或將再"被"恐襲.....pg 2

文章發表人 白色太陽鎗 發表於 2017-05-25, 12:47

我部電腦成年無開, 理九佢啦 :inlove2:
白色太陽鎗
Fun區 - 小頭目
Fun區 - 小頭目
  頭像
 
文章: 983

註冊時間:
2008-12-06, 12:30

Re: 全球網絡系統(装置)或將再"被"恐襲.....pg 2

文章發表人 mtr 發表於 2017-05-25, 22:12

https://unwire.hk/2017/05/25/hackers-us ... ch-secure/

:alarmalarm: :alarmalarm: :alarmalarm:

... 研究人員同時亦發現黑客為求令更多人接觸到這些有問題字幕,他們更會從演算法方面著手,從而推高字幕搜尋時的排名,如此一來便可令更多用戶中招。慶幸的是上述四款播放軟件已透過更新去堵塞相關漏洞,但由於未知其他播放軟件的情況,因此 Check Point 決定暫時不進一步公開這種攻擊的其他技術細節。
圖檔
mtr
Fun區皇室 - PinkG首腦
Fun區皇室 - PinkG首腦
  頭像
 
文章: 34572

註冊時間:
2007-04-17, 19:21

Re: 全球網絡系統(装置)或將再"被"恐襲.....pg 2

文章發表人 frankiepoon 發表於 2017-05-26, 00:40

mtr 寫: https://unwire.hk/2017/05/25/hackers-us ... ch-secure/

:alarmalarm: :alarmalarm: :alarmalarm:

... 研究人員同時亦發現黑客為求令更多人接觸到這些有問題字幕,他們更會從演算法方面著手,從而推高字幕搜尋時的排名,如此一來便可令更多用戶中招。慶幸的是上述四款播放軟件已透過更新去堵塞相關漏洞,但由於未知其他播放軟件的情況,因此 Check Point 決定暫時不進一步公開這種攻擊的其他技術細節。

dl完自己轉srt lor :003:
frankiepoon
Fun區守護神 - 變淫大金剛
Fun區守護神 - 變淫大金剛
  頭像
 
文章: 74979

註冊時間:
2007-01-01, 17:21

Re: 全球網絡系統(装置)或將再"被"恐襲.....pg 2

文章發表人 mtr 發表於 2017-05-26, 22:12

https://unwire.hk/2017/05/26/cloak-and- ... ch-secure/

新型惡意軟件「Cloak and Dagger」可暗地裡完全控制手機

... 研究人員表示 Cloak and Dagger 可以入侵截至 7.1.2 版本為止的所有 Android 系統,故目前所有 Android 裝置都存在風險。雖然 Google 已經得知這種新惡意攻擊,但由於今次問題牽涉到兩個合法應用權限,因此不似一般 bug 可以簡單修復。由此可見,在 Google 解決到上述問題之前,大家切勿下載各種來歷不明的應用程式,並要時刻留意系統中的應用權限狀況
圖檔
mtr
Fun區皇室 - PinkG首腦
Fun區皇室 - PinkG首腦
  頭像
 
文章: 34572

註冊時間:
2007-04-17, 19:21

上一頁下一頁

回到 影音 fun 區