Forwarded from BlackBox (Security) Archiv
Maltrail
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g.
π‘Architecture
Maltrail is based on the Traffic -> Sensor <-> Server <-> Client architecture. Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs). In case of a positive match, it sends the event details to the (central) Server where they are being stored inside the appropriate logging directory (i.e. LOG_DIR described in the Configuration section). If Sensor is being run on the same machine as Server (default configuration), logs are stored directly into the local logging directory. Otherwise, they are being sent via UDP messages to the remote server (i.e. LOG_SERVER described in the Configuration section).
π ππΌ https://github.com/stamparm/maltrail#introduction
π ππΌ ipsum:
https://github.com/stamparm/ipsum
#stamparm #maltrail #ipsum #tool #malicious #detection #blacklist
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g.
zvpprsensinaix.com
for Banjori malware), URL (e.g. hXXp://109.162.38.120
/harsh02.exe for known malicious executable), IP address (e.g. 185.130.5.231
for known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware).π‘Architecture
Maltrail is based on the Traffic -> Sensor <-> Server <-> Client architecture. Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs). In case of a positive match, it sends the event details to the (central) Server where they are being stored inside the appropriate logging directory (i.e. LOG_DIR described in the Configuration section). If Sensor is being run on the same machine as Server (default configuration), logs are stored directly into the local logging directory. Otherwise, they are being sent via UDP messages to the remote server (i.e. LOG_SERVER described in the Configuration section).
π ππΌ https://github.com/stamparm/maltrail#introduction
π ππΌ ipsum:
https://github.com/stamparm/ipsum
#stamparm #maltrail #ipsum #tool #malicious #detection #blacklist
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
GitHub
GitHub - stamparm/maltrail: Malicious traffic detection system
Malicious traffic detection system. Contribute to stamparm/maltrail development by creating an account on GitHub.
Forwarded from BlackBox (Security) Archiv
744 Supp 4.pdf
3.2 MB
The growing China black list of the USA
After Huawei, China's largest chip manufacturer SMIC is now also threatened by an embargo by the USA. US companies are then no longer allowed to do business with the contract manufacturer.
The Trump government, at the suggestion of the Ministry of Defense, is considering adding SMIC to its blacklist. The companies listed there have virtually no access to US technology. The list already contains over 300 Chinese companies.
π ππΌ The China-black list of the USA (PDF):
https://www.bis.doc.gov/index.php/documents/regulations-docs/2326-supplement-no-4-to-part-744-entity-list-4/file
#usa #china #blacklist #embargo #pdf
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
After Huawei, China's largest chip manufacturer SMIC is now also threatened by an embargo by the USA. US companies are then no longer allowed to do business with the contract manufacturer.
The Trump government, at the suggestion of the Ministry of Defense, is considering adding SMIC to its blacklist. The companies listed there have virtually no access to US technology. The list already contains over 300 Chinese companies.
π ππΌ The China-black list of the USA (PDF):
https://www.bis.doc.gov/index.php/documents/regulations-docs/2326-supplement-no-4-to-part-744-entity-list-4/file
#usa #china #blacklist #embargo #pdf
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
Brusselsβ plan to rein in Big Tech takes shape
The Commission is drawing up a list of actions tech companies can and canβt do, especially for the most powerful.
The EU is preparing for its biggest-ever effort to regulate the tech industry β drawing up extensive rules to govern what tech companies can and cannot do.
Three European Commission internal documents, seen by POLITICO, indicate that Brussels is drawing up a wide range of legislative tools to prohibit what it sees as anti-competitive behavior and oblige companies to do more to protect their users against illegal content and activities.
"This crisis has shown the role and the systemic character of certain platforms that often behave as if they were too big to care about legitimate concerns about their roles: too big to care," Internal Market Commissioner Thierry Breton told the European Parliament this week, an apparent reference to "too big to fail," a criticism leveled at powerful banks after the 2008 financial crisis.
The Commission is expected to present its proposals, known collectively as the Digital Services Act (DSA), in December. The legislative package will include content moderation requirements applying to a wide range of online platforms, as well as so-called ex ante rules for the largest tech companies.
The plans come as Big Tech companies are under intense scrutiny on both sides of the Atlantic.
π ππΌ https://www.politico.eu/article/digital-services-act-brussels-plan-to-rein-in-big-tech-takes-shape-thierry-breton-margrethe-vestager/
π ππΌ (PDF)
https://www.politico.eu/wp-content/uploads/2020/09/SKM_C45820093011040.pdf
#eu #blacklist #bigtech #DSA #pdf
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
The Commission is drawing up a list of actions tech companies can and canβt do, especially for the most powerful.
The EU is preparing for its biggest-ever effort to regulate the tech industry β drawing up extensive rules to govern what tech companies can and cannot do.
Three European Commission internal documents, seen by POLITICO, indicate that Brussels is drawing up a wide range of legislative tools to prohibit what it sees as anti-competitive behavior and oblige companies to do more to protect their users against illegal content and activities.
"This crisis has shown the role and the systemic character of certain platforms that often behave as if they were too big to care about legitimate concerns about their roles: too big to care," Internal Market Commissioner Thierry Breton told the European Parliament this week, an apparent reference to "too big to fail," a criticism leveled at powerful banks after the 2008 financial crisis.
The Commission is expected to present its proposals, known collectively as the Digital Services Act (DSA), in December. The legislative package will include content moderation requirements applying to a wide range of online platforms, as well as so-called ex ante rules for the largest tech companies.
The plans come as Big Tech companies are under intense scrutiny on both sides of the Atlantic.
π ππΌ https://www.politico.eu/article/digital-services-act-brussels-plan-to-rein-in-big-tech-takes-shape-thierry-breton-margrethe-vestager/
π ππΌ (PDF)
https://www.politico.eu/wp-content/uploads/2020/09/SKM_C45820093011040.pdf
#eu #blacklist #bigtech #DSA #pdf
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
POLITICO
Brusselsβ plan to rein in Big Tech takes shape
The Commission is drawing up a list of actions tech companies can and canβt do, especially for the most powerful.
Forwarded from Pegasus NSO & other spyware
Pegasus NSO server blacklist
GitHub - 0n1cOn3/The-NSO-Blacklist: List of NSO Pegasus's C2 Servers where will be used to control Pegasus. β https://github.com/0n1cOn3/The-NSO-Blacklist
Create C2-hosts.txt Β· 0n1cOn3/The-NSO-Blacklist@3f4c620 Β· GitHub β https://github.com/0n1cOn3/The-NSO-Blacklist/commit/3f4c620074ac60cc479248f4ef291d0b861201a8
#Pegasus #NSO #Blacklist
#spyware
Updated on 14/04/2023
GitHub - 0n1cOn3/The-NSO-Blacklist: List of NSO Pegasus's C2 Servers where will be used to control Pegasus. β https://github.com/0n1cOn3/The-NSO-Blacklist
Create C2-hosts.txt Β· 0n1cOn3/The-NSO-Blacklist@3f4c620 Β· GitHub β https://github.com/0n1cOn3/The-NSO-Blacklist/commit/3f4c620074ac60cc479248f4ef291d0b861201a8
#Pegasus #NSO #Blacklist
#spyware
Media is too big
VIEW IN TELEGRAM
The Secret Social Media Surveillance Blacklists Used By Banks
Via @reclaimthenet
#Banksters #Surveillance #BigBrother #SocialMedia #Banks #Blacklist
Via @reclaimthenet
#Banksters #Surveillance #BigBrother #SocialMedia #Banks #Blacklist