Search the Community
Showing results for tags 'its'.
Found 4 results
GitHub just announced that its new code scanning feature, GitHub code scanning, is now generally available. The new feature of the developer platform that Microsoft bought in 2018 for 7.5 billion dollars can scan any public repository for vulnerabilities. The idea is to offer a native function within GitHub that can find vulnerabilities in the code of a repository before they reach production. If you have a public repo on GitHub, you can activate it from now on following the official documentation. Automated security as part of your workflow With the function active, the code will be revised as it is created, and areas that could be exploited in the future will be highlighted. At GitHub they hope that with this feature active they can catch bugs early to significantly reduce security incidents in the future. GitHub code scanning integrates with GitHub Actions or your existing CI / CD environment to maximize team flexibility. Scans code as it is created and displays actionable security reviews within pull requests and other GitHub experiences, all to automate security as part of your workflow. Before its launch, code scanning went through several months of testing. So far it has scanned 12,000 repositories 1.4 million times, and in total it has detected 20,000 security problems, from bugs that allowed remote code execution, through cross-site scripting, to SQL injection. During the tests the developers and those in charge of maintaining the repositories resolved 72% of the security flaws identified in their pull requests before merging after the first 30 days. This is important data since industry data shows that less than 30% of vulnerabilities are fixed within a month after being discovered. [Hidden Content]
a topic posted itsMe in PythonCommand Line RAT that uses Gmail as its central C2Server. Bypassing common issues, such as the need for port forwarding or proxies. To Do Multi-platform support Command to upload files Transport crypto & obfuscation Setup For this to work you need: A Gmail account (Use a dedicated account! Do not use your personal one!) Turn on "Allow less secure apps" under the security settings of the account You may also have to enable IMAP in the account settings [hide][Hidden Content]]
a topic posted itsMe in WindowsWelcome to CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming. [HIDE][Hidden Content]] Requirements Windows 7 Service Pack 1 or Windows 10 60 GB Hard Drive 2 GB RAM Installed Tools
a topic posted dEEpEst in NewsFacebook discovered it on Tuesday afternoon but did not inform its users until Friday night that the company had suffered the biggest hack in its history in which at least 50 million accounts have been compromised . Last Tuesday, the company informed the FBI and the Irish Data Protection Commission - in charge of ensuring the European regulation of data protection - of a breach in its security system whose origin and mobile were unknown to them . Facebook took two days, until Thursday night, to solve their security problem .However, the internal investigation is still open and the company does not know if "the accounts were misused", according to the CEO of the company, Mark Zuckerberg, in a message on his social network. Notification that users have received in their Facebook profile affected by the hack. "On Tuesday, I assumed that an attacker had exploited a technical vulnerability to steal access to more than 50 million accounts," he said. A fact that, after jumping to public opinion, Zuckerberg himself has described as " a very serious security issue " that "they are taking very seriously" in statements to the American media. According to the company, the hackers were taking advantage of the functionality of "see as" -that allows the owner of an account to know what his profile looks like in the eyes of a third person- to take over and take control of the accounts of third parties . In response to this attack, Facebook has chosen to reset the accounts of 90 million users around the world, who will have to re-enter their username and password to regain access to their account. In addition to the 50 million accounts that have been exposed by the security breach , the company has decided to reset by precaution the accounts of another 40 million users who would have accessed the "see as" function over the past year. A hack at the worst moment for Facebook This hack has come at the worst possible time for Facebook . After its last presentation of results in July, the company's shares plummeted 21% to stand at around $ 170. The stock market crash came precipitated by a growth of 1.44% during the last quarter, a figure well below those that had been harvested during the last years. In addition, Facebook faces a serious leak of users in the United States.According to the latest survey of the Pew Research Center, 25% of users would have already been removed from this social network . A percentage that, in the youngest age group, rises to 44%. What should I do to secure my passwords? The most important thing to avoid someone sneaking into your Facebook account is to have a very secure password. You should not include your name, predictable numbers - such as birth dates - or common words or words that can easily be associated with you. If you want to create a very secure password and always remember it, here is a small guide to do it so that nobody knows how your account is protected. In addition, Facebook offers the option to activate verification in two steps .This system of 'defense' extra that requires a code that is generated randomly and sent by message to a phone number, in addition to having to write our username and password . So, even if someone knows your Instagram credentials and tries to access from your mobile or computer, you can not enter your account unless you also have your phone and receive the SMS with the code . It is highly recommended to activate verification in two steps, both on Facebook and any other service that offers it, be it WhatsApp, Instagram, Gmail or others.