Citizens First Cyber Security Professionals cfcspro.com

Login

Username

Password



Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.

Connect via Facebook

Connect via Facebook

Member Poll

There are no polls defined.

Shoutbox

You must login to post a message.

02-12-2017 12:08
Yo' Citizens, How you doing today. Todays Lesson plans & post will consist of, How to give spammers a taste of their own medicine! Cool

20-10-2017 11:38
Yo' Citizens, As per your request. A new forum section, 'Suspicious IP Addresses' will be completed today! Cool

20-10-2017 11:30
Yo' Good Morning Citizens. I hope that you are all having a great and cyber-secure day! Grin

09-10-2017 11:10
Yo' Good Morning Citizens! Wink I hope that you had a cyber-secure weekend! Grin

03-10-2017 10:44
Yo' Citizens, good morning. I have some pretty serious vulnerabilities to share with you, today. I will have them up shortly! Cool

Welcome Citizens

Welcome to, Citizens First Cyber Security Professionals.

The Individual Citizen Specific, Cyber Security Investigative Services Firm. Cyber Security Web Forum and Educational Cyber Security Dojo.

Geared strictly to helping Individual Citizens and Small Businesses! Address unwanted cyber security intrusions and hacking incidents!

Latest Active Forum Threads

  Thread Views Replies Last Post
TeamViewer Vulnerability Le...
Citizen Alerts! Breaking Cyber Security News Alert
125 0 Brooklyn
08-12-2017 17:34
Apteka amatorów racibórz
The Citizens Shout Out Forum!
22 0 umyhag
05-12-2017 22:56
Elite U.S. Government Hacke...
Profiling the Hacks, Attacks and the Attackers!
81 0 Brooklyn
05-12-2017 17:29
How to Remove DarkoderCrypt...
Prepare yourself against Cyber Ransomware Attacks
81 0 Brooklyn
04-12-2017 21:59
How to get someones IP addr...
Citizens Educational Cyber Dojo Topics
93 0 Brooklyn
03-12-2017 17:16
How to Get Email Headers in...
Citizens Educational Cyber Dojo Topics
80 0 Brooklyn
03-12-2017 17:10
How To Track Down A Spam Em...
Citizens Educational Cyber Dojo Topics
82 0 Brooklyn
03-12-2017 16:52
How to Trace Location and i...
Citizens Educational Cyber Dojo Topics
90 0 Brooklyn
03-12-2017 16:47
Which Discovery or Reconnai...
Host Discovery Tactics
171 2 Brooklyn
28-11-2017 16:23
Awesome Hacking Resources -...
Professional Cyber Security Tools
445 3 Brooklyn
27-11-2017 13:33
For John my budtender, Free...
Topics Citizens Should Know About!
205 2 Brooklyn
27-11-2017 13:29
Exploiting X11 Unauthentica...
Citizens Educational Cyber Dojo Topics
137 0 Brooklyn
27-11-2017 13:21
AbuseIPDB » WHOIS 116.103....
Suspicious IP Addresses
150 1 SinisterGenius
22-11-2017 13:25
New OWASP Top 10 List Inclu...
Topics Citizens Should Know About!
153 1 SinisterGenius
22-11-2017 13:23
Critical Flaws in Intel Pro...
Citizen Alerts! Breaking Cyber Security News Alert
113 0 Brooklyn
22-11-2017 12:48

State Net Neutrality Laws? Not If ISPs Have a Say - Via - ThreatWire

NewsYo' Greetings Citizens,

State Net Neutrality Laws? Not If ISPs Have a Say - Via - ThreatWire

ISPs are getting worked up about state net neutrality rules, Tor browser had a bug, but Onion services are getting updated! And the big tech companies testify in court. All that coming up now on ThreatWire.




Please Watch The Full Story here: https://www.youtube.com/watch?v=854f2kXcrFs

Thank You For Your Time, Citizens. I hope that you have a great and cyber-secure day!

Thank You Citizen,
The Administration

Bad Rabbit Spreads, Docs about the Queen - ThreatWire

SecurityYo' Greetings Citizens,

Bad Rabbit Spreads, Docs about the Queen - ThreatWire

Bad Rabbit Ransomware Spreads, Sensitive Airport Docs about the Queen were Found on USB Drive, and Google plans to remove HTTP public key pinning. All that coming up now on ThreatWire.



Please Watch The Full Story here: https://www.youtube.com/watch?v=f8kLY7jkn6o


Thank You For Your Time, Citizens. I hope that you have a great and cyber-secure day!

Thank You Citizen,
The Administration

Google Security Gets Serious, New IoT Botnet On The Loose - ThreatWire

SecurityYo' Greetings Citizens,

Google Security Gets Serious, New IoT Botnet On The Loose - ThreatWire

Google announces all sorts of security updates, a few updates on the KRACK attack, and a new IoT botnet has already infected millions. All that coming up now on ThreatWire.




Please Watch The Full Story here: https://www.youtube.com/watch?v=L0GzsFOXAVI

Thank You For Your Time, Citizens. I hope that you have a great and cyber-secure day!

Thank You Citizen,
The Administration

Windows Defender No Help Against 'Illusion Gap' Bypassed Easily - Via CyberArk

WindowsYo' Greetings Citizens,

Windows Defender No Help Against 'Illusion Gap' Bypassed Easily - Via CyberArk

Introduction

During our research, CyberArk Labs encountered a strange behavior in the file scanning process of Windows Defender. This problem may possibly exist in other anti-viruses, which we have not yet tested.


This behavior led us to investigate the Antivirus scanning process over SMB shares and the outcome is a surprising cause for concern.

Now you see me, no… you don’t (tl;dr).

Imagine a situation where you double-click a file and Windows loads that file, but your Antivirus scans another file or even scans nothing at all. Sounds weird, right? Depends on who you ask; the folks at Microsoft Security Response Center (MSRC) think there should be a feature request to handle this situation. We will get to this, let’s start by understanding how this is possible. To be clear, the techniques presented in this blog allow any known malware to bypass Windows Defender and possibly other Antiviruses.

When you run an executable, most Antiviruses will catch the operation by a kernel callback (nt!PspCallProcessNotifyRoutines and nt!PsCallImageNotifyRoutines) and then scan the file, most commonly by requesting its user-mode agent using to do so, using ioctls/fastio/sharedmem/APC/etc.



Once an executable file is already present on disk, the Antivirus will not scan it on process creation since it already scanned it on file creation. However, running an executable from a SMB share requires the Antivirus to scan the file even on process creation.

In this blog post, we will walk through several ways to bypass Windows Defender. We are going to achieve this goal by implementing our own SMB server...++..

’When you go online, you give up your privacy’ ‒ Lionel on Microsoft data collection - Via - RT

SecurityYo' Greetings Citizens,

’When you go online, you give up your privacy’ ‒ Lionel on Microsoft data collection - Via - RT

Microsoft has been accused of collecting consumer data from personal computers, using its Windows 10 operating system to target users with personalized ads based on their web-surfing habits. Legal and media analyst Lionel of Lionel Media tells RT America’s Ashlee Banks that he not surprised by the revelation, or at how little attention such privacy invasions garner.




WPA2 Wi-Fi Vulnerable to KRACK Hack; RSA Keys Broken - ThreatWire

SecurityYo' Greetings Citizens,

WPA2 Wi-Fi Vulnerable to KRACK Hack; RSA Keys Broken - ThreatWire

Krack is bad for WiFi, Equifax loses their IRS contract, and an RSA crypto key is vulnerable to being reverse engineered. Today on ThreatWire.


Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million Infected - Via - Forbes

SecurityYo' Greetings Citizens,

Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million Infected - Via - Forbes

Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast's own figures, 2.27 million ran the affected software, though the company said users should not panic.

The affected app, CCleaner, is a maintenance and file clean-up software run by a subsidiary of anti-virus giant Avast. It has 2 billion downloads and claims to be getting 5 million extra a week, making the threat particularly severe, researchers at Cisco Talos warned.....

Flaws in ISP gateways let attackers remotely tap internet traffic - Via - HackRead

SecurityYo' Greetings Citizens,

Flaws in ISP gateways let attackers remotely tap internet traffic - Via - HackRead

Defcon is the most important event for the DIY hacking community and this year too, the conference was held in the same spirit. We got to learn about a variety of novel hacking ideas such as the hacking of Voting Machines, hacking airborne drones, hijacking phone numbers and Internet connected car wash system etc. However, there is one story that has been somewhat ignored by many within the tech fraternity but which is extremely important to be noted.

This was noticed by David Holmes of SecurityWeek who reported that it was the “Cable Tap: Wireless Tapping Your Home Network” talk, which initially was believed to be just a brief discussion on how to track what’s happening on your home network but in reality, it turned out to be way “broader” in its scope.

Marc Newlin, Logan Lamb and Christopher Grayson with Bastille Networks and Web Sight have managed to identify 26 different flaws and weaknesses in the ISP network devices. These vulnerabilities would easily provide remote admin access to most of the home networks currently used in the US......

Yo' Greetings Citizens, Another Ethereum ICO Veritaseum Hacked And $8.4 Million Stolen - Via - HackersOnlineClub

NewsYo' Greetings Citizens,

Another Ethereum ICO Veritaseum Hacked And $8.4 Million Stolen - Via -

Another Ethereum ICO Veritaseum Hacked And Stole $8.4 Million

Hackers attack another Cryptocurrency Ethereum ICO Veritaseum and stolen over $8.4 Million. Veritaseum founder Reggie Middleton has confirmed the hack.

Veritaseum known itself as peer-to-peer investment banking service....

A massive trove of highly critical data of Swedish citizens leaked online - Via - HACKREAD

A massive trove of highly critical data of Swedish citizens leaked online - Via - HACKREADYo' Greetings Citizens,

A massive trove of highly critical data of Swedish citizens leaked online - Via - HACKREAD

Privacy of Swedish citizens is at risk as a massive trove of data belonging to Swedish Transport Agency (STA) (Transportstyrelsen) was mistakenly uploaded on a cloud server. The data contained personal and vehicle information of almost every citizen in the country including the military and police officials.


According to Swedish Newspaper report, the breach took place in September 2015 when STA outsourced its IT services including database management to IBM’s subcontractors in the Czech Republic, Romania, and Serbia who had access to the data without any security clearance.....

Supreme Court Rejects Expansion of Government-Speech Doctrine In Tam Case - Via - EFF

JournalYo' Greetings Citizens,

Supreme Court Rejects Expansion of Government-Speech Doctrine In Tam Case - Via - EFF

The Supreme Court’s unanimous decision in Matal v. Tam striking down the trademark non-disparagement requirement as unconstitutional is a big victory for the First Amendment. First, the Court strongly pushed back against the expansion of the government-speech doctrine, perhaps the biggest current threat to free speech jurisprudence. Second, the Court strengthened a position EFF has long advocated—that intellectual property rights and First Amendment rights must be balanced against each other rather than weighted in favor of the former.

The case arose when the band The Slants was denied a federal trademark based on a federal law that prohibits the registration of a trademark that may “disparage . . . or bring into contemp[t] or disrepute” any “persons, living or dead.” The Court found that provision violated the First Amendment. It may no longer be used as a basis for denying trademark registration.

EFF filed an amicus brief [PDF] in the case with the Thomas Jefferson Center for the Protection of Free Expression, advancing many of the arguments adopted by the Court.

Pushing Back on the Dangerous Government-Speech Doctrine.......

If You Use Facebook Messenger, This Is How You Are Being Recorded Even When Not On The Phone - Via - AlternativeNewsNetwork

MembersYo' Greetings Citizens,

If You Use Facebook Messenger, This Is How You Are Being Recorded Even When Not On The Phone - Via - AlternativeNewsNetwork

(De-Program Yourself) If You Use Facebook Messenger, This Is How You Are Being Recorded Even When Not On The Phone :
If You Use Facebook Messenger, This Is How You Are Being Recorded Even When Not On The Phone.

My suggestion: If you have messenger on your phone delete it. Then re-download it and read the terms of agreement. This is sheer lunacy. Also for those who didn’t know this one, check out this video. This news is actually about 5-7 years old.

Notice what the government has made cell phone makers do now? Notice you can’t take the battery out? Cellphone users who attempt to install the Facebook Messenger app are asked to agree to terms of service that allow the social networking giant to use the microphone on their device to record audio at any time without their permission. As the screenshot below illustrates (click to enlarge), users are made to accept an agreement that allows Facebook to “record audio with the microphone… at any time without your confirmation.”.......

ESET detects Industroyer, biggest threat to industrial control systems since Stuxnet - Via - APTANTECH

SecurityYo' Greetings Citizens,

ESET detects Industroyer, biggest threat to industrial control systems since Stuxnet - Via - APTANTECH

ESET detects Industroyer, biggest threat to industrial control systems since Stuxnet

The 2016 attack on Ukraine’s power grid that deprived part of its capital, Kiev, of power for an hour was caused by a cyberattack. ESET researchers have since analyzed samples of malware, detected by ESET as Win32/Industroyer, capable of performing exactly that type of attack......

Attention: RHN Hosted will reach the end of its service life on July 31, 2017. - Via - REDHAT

SoftwareYo' Greetings Citizens,

Attention: RHN Hosted will reach the end of its service life on July 31, 2017. - Via - REDHAT

Attention: RHN Hosted will reach the end of its service life on July 31, 2017.
Customers will be required to migrate existing systems to Red Hat Subscription Management prior to this date.

New packages: kmod-redhat-i40e, kmod-redhat-i40evf

Details.....

Fireball malware infects millions - Via - Threat Wire

SecurityYo' Greetings Citizens,

Fireball malware infects millions - Via - Threat Wire

Fireball malware infects millions of computers worldwide, a OneLogin breach creates headaches for users, and Wikileaks is back with another Vault7 leak. All that coming up now on Threat Wire

Please Watch The Full Story here: https://www.youtube.com/watch?v=fngjYO6DMvE




Thank You For Your Time, Citizens. I hope that you have a great and cyber-secure day!

Thank You Citizen,
The Administration
top image scrolling tools
facebook_share
twitter_share
google_share
linkedin_share
blogger_share
delicious_share
scrolltop
Render time: 0.06 seconds
256,210 unique visits