A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
wired.comu/wiredmagazine — 11 hours ago
r/blackhat
Made a pe packer/crypter with a custom vm and compression. Wanting to share it and get feedback/suggestions for updates! thanks :)
u/GuiltyAd2976 — 5 days ago
My Privacy Focused USB Drive
Just here to share a project I'm working on. It's a 100% open source (hardware, firmware, mechanical, etc) USB drive with a hidden security feature.
When you plug it in, it appears as a normal 8GB USB drive. Only if you create a file called "unlock.txt" with the contents "password:addyourpasswordhere" will it unlock and show the remainder of the drive. Everything in this second section of the disk is now AES256 encrypted in place, using a custom KDF + your password.
I'll answer some questions before people ask them :)
Q: Isn't this just Vercrypt? A: No, a normal drive setup with veracrypt will show up as jumbled data. This is pretty obviously encrypted media. If you enter your duress password, there will still be another xMB of jumbled data.
Q: Isn't entering your password into a plain text file insecure. A: My drive doesn't allow this write to actually happen to the memory
Q: Why did you use a SD card A: Because AI made EMMC cards like 80$ for a 32GB. It takes two seconds for me to spin another board with EMMC in the future.
Anyways feel free to ask any more questions about the project :) !
u/Machinehum — 6 days ago
▲ 0 r/blackhat
Online casino security
Hey there! Im working on an online gaming security and something that really concerns me is how to prevent fraud or any harm to my gains, anyone nows how do users could exploit the application in order to withdraw more than they should, bypass limits or something alike?. How will a black hat try and steal money from the app???
u/arca9147 — 6 days ago
u/swinglr — 8 days ago
a leak from "the gentleman" ransomware group confirms Infostealers were often used to establish initial access
A recent internal data leak from “The Gentlemen” ransomware-as-a-service (RaaS) group has provided the cybersecurity community with a rare, unfiltered look into their daily operations. Exposed on underground forums, the internal communications shed light on exactly how ransomware affiliates organize, breach, and extort global organizations.
But among the many technical details revealed in Checkpoint Research’s comprehensive analysis (“Thus Spoke… The Gentlemen”), one operational pattern stands out prominently: their heavy reliance on infostealer credential logs for initial access.
u/Malwarebeasts — 8 days ago
▲ 59 r/blackhat
Are days really over?
Have been afk for a long time. Cant connect with anybody that i knew a long time back.
Any irc channels that i knew are dead. What are people of trenches doing these days? ' put the fries in the bag " lil bro?
We used to have a great time in those chatrooms. Talk shit, make fun of things, talk about exploits n shit etc.
Guess those days are really over.
u/Anxious_Channel_9263 — 12 days ago
u/wiredmagazine — 14 days ago
Hi guys!
So basically I run and manage many UGC instagram influencers socialmedias. Long story short, I have noticed that some of the accounts got banned, and even after appeals, they don't get reinstated/they get banned again. I am trying to create some new accounts, and have the influencers create new accounts, but they just get banned again. We don't do anything crazy, there's no real reason, some ban reasonings are super BS and we try and appeal, and some ban reasons are super vague like "content policy" or smth.
Anyways, any tips on how to create new instagram accounts? Not even new instagram accounst for the UGC creators, but just new IG accounts for the future clients that I am trying to work with?
IG has been taking our revenue and reputation because they keep trying to ban us for no reason, and I don't want this to affect our clientele.
u/OtherNarwhal3796 — 14 days ago