Kategorie: Security

Oneplus phones secretly sending data to China

Am Von In Android, OnePlus, Security

Your OnePlus handset, running OxygenOS—the company’s custom version of the Android operating system, is collecting way more data on its users than it requires.

You can directly connect your OnePlus device in USB debugging mode to a computer, open adb shell and enter this command — pm uninstall -k –user 0 net.oneplus.odm — in order to get rid of OnePlus‘ excess data collecting practice.

Source

NSA Windows Exploit hits users

Am Von In Ransomware, Security

[Update 13.05.17, 12:26]

After registering „iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com“ the spread of the ransomware has stopped.

(Whois http://whois.domaintools.com/iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com)

What a hit by MalwareTech O_o

„Earlier today, a massive ransomware campaign hit computer systems of hundreds of private companies and public organizations across the globe […]“ – TheHackerNews
http://thehackernews.com/2017/05/wannacry-ransomware-unlock.html

Stay safe!

https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/

Website „aachener-nachrichten.de“ leaks information to decrypt all articles of paywall

Am Von In Paywall, Security

The websites of the „Aachener Zeitung GmbH“ are offering a mixture of free and payed articles hidden by paywall at http://www.aachener-zeitung.de/zva/pc/. The websites use AESUtil and CryptoJS to hide articles.

The provider leaks sensitive data like password, IV and salt which are used for encryption and can be used to decrypt the articles with

 decrypt = aesUtil.decrypt(salt, iv, passPhrase, cipherText);


This issue does not leak any personal data of (registered) users.

Update @ https://github.com/ol3k/azweb_decrypt