Menu
What's new
By:
Filters
Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. Wallace_n_Gromit

    Hackers Stole Access Tokens from Okta’s Support Unit

    https://krebsonsecurity.com/2023/10/hackers-stole-access-tokens-from-oktas-support-unit/ Addendum 10/22/2023: Looks like it wasn't even Okta that discovered the breach. One of their customers found the breach which had been leveraged to attempt a breach of their own information system...
  2. Wallace_n_Gromit

    NordVPN--Couldn't establish a secure connection... internet traffic intercepted?

    In all the years having a NordVPN subscription (4+ years) have never seen such a pop up message before. 1) Using NordVPN -- it's been active for several days. just leave my computer on 24/7. 2) Using Firefox browser at https://armory.worldofwarships.com/ for the prior 2 hours or so. 3) Had...
  3. Wallace_n_Gromit

    News CVE-2022-27255 Realtek eCos SDK-based routers, the ‘SIP ALG’ module is vulnerable to buffer overflow.

    https://www.bleepingcomputer.com/news/security/exploit-out-for-critical-realtek-flaw-affecting-many-networking-devices/ https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2022-27255 .pdf https://cve.circl.lu/cve/CVE-2022-27255 https://www.tenable.com/cve/CVE-2022-27255
  4. Wallace_n_Gromit

    News Exchange/Outlook Autodiscover Bug Spills Emails/Passwords in plain text

    Autodiscover was first introduced in Exchange 2007. https://threatpost.com/exchange-outlook-autodiscover-bug-spills-100k-email-passwords/175004/ https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-autodiscover-bugs-leak-100k-windows-credentials/ As a kludge, Microsoft has begun...
  5. Wallace_n_Gromit

    News PrintNightmare (CVE-2021-34527)

    July 8. 2021 UPDATE: Microsoft’s emergency patch fails to fix critical “PrintNightmare” vulnerability https://arstechnica.com/gadgets/2021/07/microsofts-emergency-patch-fails-to-fix-critical-printnightmare-vulnerability/ Note: The article does make this point: "...Despite Tuesday’s out-of-band...
  6. Wallace_n_Gromit

    Funny Dilbert Cartoon about Bug Bounties

    The Pointy-haired boss's idea was on the right track but...
  7. Wallace_n_Gromit

    Entware offering updated openssl 1.1.1j-2 -> 1.1.1k-1

    I noticed Entware update available from amtm: This begged a question in my mind. Might I infer that if you have not updated your Merlin version to 386.2 which has updated to openssl 1.1.1k, for what ever reason, (i.e. some configuration issue that may have forced you back to a earlier Merlin...
  8. Wallace_n_Gromit

    Is it safe/secure to install a executable from a source that may not be adequately vetted?

    Is it safe/secure to install a executable from a source that may not be "thoroughly" vetted? I have heard from a reputable security source in the past, that using "curl" to install software is a iffy security issue. Have to implicitly trust the source. I have little concern to "curl" from...
  9. Wallace_n_Gromit

    Solved Ublock Origin: Weird custom Filter entries?

    When I go to the Ublock Origin extension on my various desktop/laptop windows computers/browsers; I noticed that on 2 of those computers, when I click on the [Settings] cog then [Filter lists] scroll down the list to [+Custom]; I see 2 custom entries I don't recall (my memory is bad anyway)...
  10. Wallace_n_Gromit

    Solved What's CNAME of your game? This DNS-based tracking defies your browser privacy defenses

    I'm still reading, watching podcasts, videos trying to wrap my mind around this issue. https://www.theregister.com/2021/02/24/dns_cname_tracking https://thehackernews.com/2021/02/online-trackers-increasingly-switching.html Ultimately what caught my eye about this issue is that 3rd parties...
  11. Wallace_n_Gromit

    Solved NEW RT-AC86U BogoMIPS: 100? wah!?!?

    Just got my New Asus RT-AC86U yesterday. It's Sweet! immediately: -installed Merlin 386.1_2 -Rebooted Factory Default with "Initialize..." checked -Hard Reset WPS method -Configured it up to my liking including those kewl 3rd party AMTM scripts -Left it on all night When I type: cat...
  12. Wallace_n_Gromit

    Is [WTFast] the Same thing as [AES-NI]?

    while looking through the specs of the Asus RT-AC86U (which I have been informed supports AES-NI) I see that it supports [WTFast] without mentioning AES-NI in their specs. I know that Faster VPN speeds are possible with the Hardware encryption afforded by AES-NI. So is [WTFast] merely a...
  13. Wallace_n_Gromit

    Solved Logging into SSH: How to set up/use [Authorized Keys] feature?

    I thought I would try to set up SSH to login using [Authorized Keys] I tried to find information using Search for "Authorized Keys" on snbforums. Didn't find anything specific as a step-by-step how to do this. Has anyone tried using the PuTTygen app to set this up? I partially struggled my...
  14. Wallace_n_Gromit

    Solved RT-AC68U [Internal Storage] tab shows JFFS Unmounted

    I first noticed that my [Internal Storage] JFFS shows as [unmounted] when I upgraded one of my 68U's to 386.1 and I couldn't enable SSH (Dropbear would fail to load--according to [System Log]) The first time I reverted back to 384.19 my [Internal Storage] JFFS showed it was mounted. Then...
  15. Wallace_n_Gromit

    Solved Weird NordVPN windows APP Update links to bizzarre url?

    After I got a pop up notice that a new windows version of the Nordvpn app was available and OK'ed the download it required me to relogin to my account. It opened up a browser session: which then changed to: Who or what is [https://auth.zwyr157wwiu6eior.com]?
  16. Wallace_n_Gromit

    Solved Are you SAD DNS? a.k.a. CVE-2020-25705

    CVE-2020-25705 https://www.saddns.net/ [Discussion starts 1:15:13 into podcast] https://blog.cloudflare.com/sad-dns-explained/ https://thehackernews.com/2020/11/sad-dns-new-flaws-re-enable-dns-cache.html...
  17. Wallace_n_Gromit

    Solved RT-N16 bricked after firmware update? How to rescue?

    I'm looking for an exhaustive step-by-step generic method to recover from a failed firmware update for the RT-N16 mips ASUS router. I imagine that something has been posted at snbforums. Just can't seem to find a specific location. I was updating from a working version of [Asus RT-N16 LTS...
  18. Wallace_n_Gromit

    Setting up Virtual Environment for OpenCanary automatically after a reboot

    I've read some setup guides and watched a few videos about using/setting up Thinkst OpenCanary in a virtual environment which I have successfully done in Kali Linux and Raspbian with email notifications. thinkst/opencanary https://github.com/thinkst/opencanary Welcome to the OpenCanary guide...
  19. Wallace_n_Gromit

    Solved Router Attached USB Flash Drive accessible to Roku Media Player?

    The last time my Roku devices(s) were updated was June 06, 2020. While scrolling through the menu on my Roku, yesterday, I noticed a menu item (never noticed it before) called [Roku Media Player]. Out of curiosity, I clicked on it. after clicking several times, deeper into the menu items, I...
  20. Wallace_n_Gromit

    Ripple20 and Dropping UDP packets with the frag bit set in its header

    After listening to a podcast about the Ripple20 Vulnerability: Discussion of the Ripple20 Vulnerability (re: embedded Treck TCP/IP stack in multi-millions of IoT devices) begins at 1:44:05 and the proposed mitigation for most of the issues begins at 2:02:47. The Host referred to "UDP...
Top