Jump to content

Search the Community

Showing results for tags 'database'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 16 results

  1. PremiumSoft Navicat Premium 12.1.15 is now out. What's new: https://www.navicat.com/en/products/navicat-premium-release-note Navicat Premium (Windows) version 12.1.15 Improvements: Add a "Drop with CASCADE" option for deleting PostgreSQL objects. Bug-fixes: Crashed when opening Oracle table with Spatial data. "Cannot add foreign key constraint" error occurred when importing Access file. Code completion box displayed off the bottom of the screen and partially obscured. Unable to customize query result tab name by using /*NAME:XYZ*/ . Hanged when executing script files in MongoDB server. Boolean or BIT(1) values importing, exporting and transferring issue. Copying table field names in Table Designer was slow. Table Form view was unable to show jpg images. Unable to import data when using Append/Update mode. Importing files to Oracle server was slow. Minor bug fixes and improvements. Navicat Premium (32 bit) - http://download3.navicat.com/download/navicat121_premium_en_x86.exe Navicat Premium (64 bit) - http://download3.navicat.com/download/navicat121_premium_en_x64.exe PremiumSoft Navicat All Products Multi Keygen+Patch v4.6-URET Site: https://www.upload.eeSharecode: /files/9568322/Navicat_Keygen_Patch_v4.6_By_DFoX.rar.html Cheers........
  2. Browse, sort and search your movie collection in various layouts and views Movie Collector's main screen is highly customizable, so that you can make it look the way you want. Choose between: Multiple layouts for the main screen folder, list and details panels. List, Images or Card View for your movie lists. Different templates for the movie details panel. Light, Dark and System skins for all screens. Easily add DVDs and Blu-Rays to your database, by Title or by Barcode Adding new movies to your personal movie database is quick and easy: Just search our online movie database by title or by barcode. Select the movie and/or DVD/Blu-Ray edition you own. Click the Add button. Our Core online movie database will then automatically provide Full movie details like year, cast, crew, IMDb Rating, Plot, etc.. Cover art, movie posters, backdrop art and trailer videos. For TV Series, full episode details (plot, first air dates, cast) and screen shot images. Adding movies by title: Adding movies by barcode: Organize your movie files by scanning your folders Movie Collector can also catalog your movie files. Just let it scan your computer for digital movie files, then link the files to your movies or episode entries. After that, the movies can be played right from your movie details panel. Free CLZ Cloud storage for backups, syncing and sharing Use the free CLZ Cloud service to: always have an online backup of your movie database. synchronize your data to other computers and mobile devices. share your movie list online, for friends and family (example). Other features and tools Efficiently edit your data using field defaults, batch editing, direct editing in main screen list, etc.. Add missing cover images by searching the internet with the built-in Find Image Online tool. Customize your database by renaming existing fields, or by creating your own User Defined Fields. Manage your loans with the integrated Loan Manager system. Export your movie database to Text or XML files. Print movie lists in any order, with your configurable columns. Homepage:https://www.collectorz.com/movie/movie-collector Download:http://installers.collectorz.com/movie-win/moviecollectorsetup1847.exe
  3. Cheatbook-Database 2018 + Updates CheatBook DataBase 2018 - The encyclopedia of game cheats. A die hard gamer would get pissed if they saw someone using cheats and walkthroughs in games, but you have to agree, sometimes little hint or the "God Mode" becomes necessary to beat a particularly hard part of the game. If you're an avid gamer and want a few extra weapons and tools the survive the game, CheatBook DataBase is exactly the resource you would want. - Find even secrets here. Cheatbook-Database - Games, Cheats, Hints, Tips, Walkthroughs, Trainer and Cheat Codes... Cheatbook-DataBase 2018 is a cheats code tracker that makes hints, Tricks, Tips and cheats (for PC, Walkthroughs, Playstation, Playstation 2, Playstation 3, Playstation 4, Sega, Nintendo 64, Nintendo DS, DVD, Gameboy Advance, Gameboy Color, N-Gage, Nintendo DS, XBox, XBox 360, XBox One, iPhone, Gamecube, Dreamcast, Super Nintendo, Wii, Wii U, Sony PSP) easily accessible from one central location. If you're an avid gamer and want a few extra weapons or lives to survive until the next level, this freeware cheat database can come to the rescue. Covering more than 24.000 Games Cheats, this database represents all genres and focuses on recent releases. Games are listed alphabetically in the left-hand window. When you click on a game name, the relevant cheat is displayed in a editor window, with convenient buttons that let you print the selection or save any changes you've made. In the latest past many users of the Cheatbook-Database and readers of the monthly being published magazine have sent to us small error messages and suggestions for improvement again and again. First of all we say "Thank you very much!" to all of you! Due to this assistance and the permanent sending in of new and revised cheats the Cheatbook is ever increasing and becoming more and more voluminous. Release date: January 14, 2018. Update Release: February 3, 2018. All Cheats inside from the first CHEATBOOK January 1998 until today Supported Operating Systems: Cheatbook-DataBase 2018 is Freeware for Win95/ 98/ 2000/ NT/ XP/ Vista/ Windows 7/ Windows 8/ Windows 10. Screenshots: Installation: Main Program: Unzip the ZIP package. Optionally read "readme.txt" Run "setup-Cheatbook-Database2018.exe" or "Base2018setup.exe" Follow the prompts. Updates: Unzip the ZIP package. Optionally read "readme.txt" Run "cheatbooksetup.exe" It'll extract and open a folder. First instance, it'll auto install, just click on "Direct Update". Note: If you use Vista & later, post first install, when asked for uninstall dialog, cancel it and run the file named "Cheatbook 0x.2018" with admin prompts. To check the installation: Open Cheatbook Database 2018 Main program and click "Update" from Menu and Click on "Update infos". If properly installed, the installed month's issue should show "Green". Repeat the checking with "Run as Administrator" on Main program. It should show Green too. If not repeat the issue install as mentioned in Step 5. Now, click uninstall from extracted folder and click on "Delete All" to complete installation. Downloads: Cheatbook-Database 2018 - 69.56 MB: Cheatbook Database 2018 - Main Program Cheatbook Issue - Updates: January 2018 - 4.43 MB - Not Required to install with 2018 version since it is already included. February 2018 - 5.74 MB -
  4. Cheatbook-Database 2017 + Updates CheatBook DataBase 2017 - The encyclopedia of game cheats. A die hard gamer would get pissed if they saw someone using cheats and walkthroughs in games, but you have to agree, sometimes little hint or the "God Mode" becomes necessary to beat a particularly hard part of the game. If you're an avid gamer and want a few extra weapons and tools the survive the game, CheatBook DataBase is exactly the resource you would want. - Find even secrets here. Cheatbook-Database - Games, Cheats, Hints, Tips, Walkthroughs, Trainer and Cheat Codes... Cheatbook-DataBase 2017 is a cheats code tracker that makes hints, Tricks, Tips and cheats (for PC, Walkthroughs, Playstation, Playstation 2, Playstation 3, Playstation 4, Sega, Nintendo 64, Nintendo DS, DVD, Gameboy Advance, Gameboy Color, N-Gage, Nintendo DS, XBox, XBox 360, XBox One, iPhone, Gamecube, Dreamcast, Super Nintendo, Wii, Wii U, Sony PSP) easily accessible from one central location. If you're an avid gamer and want a few extra weapons or lives to survive until the next level, this freeware cheat database can come to the rescue. Covering more than 23.150 Games Cheats, this database represents all genres and focuses on recent releases. Games are listed alphabetically in the left-hand window. When you click on a game name, the relevant cheat is displayed in a editor window, with convenient buttons that let you print the selection or save any changes you've made. In the latest past many users of the CheatBook-DataBase and readers of the monthly being published magazine have sent to us small error messages and suggestions for improvement again and again. First of all we say "Thank you very much!" to all of you! Due to this assistance and the permanent sending in of new and revised cheats the Cheatbook is ever increasing and becoming more and more voluminous. Release date: January 6, 2017. Update Release: July 1, 2017. All Cheats inside from the first CHEATBOOK January 1998 until today Supported Operating Systems: Cheatbook-DataBase 2017 is Freeware for Win95/ 98/ 2000/ NT/ XP/ Vista/ Windows 7/ Windows 8/ Windows 10. Screenshots: Installation: Main Program: Unzip the ZIP package. Optionally read "readme.txt" Run "setup-Cheatbook-Database2017.exe" Follow the prompts. Updates: Unzip the ZIP package. Optionally read "readme.txt" Run "cheatbooksetup.exe" It'll extract and open a folder. First instance, it'll auto install, just click on "Direct Update". Note: If you use Vista & later, post first install, when asked for uninstall dialog, cancel it and run the file named "Cheatbook 0x.2017" with admin prompts. To check the installation: Open Cheatbook Database 2017 Main program and click "Update" from Menu and Click on "Update infos". If properly installed, the installed month's issue should show "Green". Repeat the checking with "Run as Administrator" on Main program. It should show Green too. If not repeat the issue install as mentioned in Step 5. Now, click uninstall from extracted folder and click on "Delete All" to complete installation. Downloads: Cheatbook-Database 2017 - 68.29 MB: Cheatbook Database 2017 - Main Program Cheatbook Issue - Updates: January 2017 - 6.2 MB - Not Required to install with 2017 version since it is already included. February 2017 - 7.9 MB March 2017 - 5.7 MB April 2017 - 7.0 MB May 2017 - 4.8 MB June 2017 - 5.9 MB July 2017 - 6.3 MB -
  5. A faulty backup has inadvertently exposed the entire working database of notorious spam operator River City Media (RCM). In all, the database contains more than 1.37 billion email addresses, and for some records there are additional details such as names, real-world addresses, and IP addresses. It's a situation that's described as "a tangible threat to online privacy and security." Details about the leak come courtesy of Chris Vickery from macOS security firm MacKeeper who -- with a team of helpers -- has been investigating since January. River City Media's database ended up online thanks to incorrectly-configured Rsync backups. In the words of Vickery: "Chances are you, or at least someone you know, is affected." The leaked, and unprotected, database is what's behind the sending of over a billion spam emails every day -- helped, as Vickery points out, by "a lot of automation, years of research, and fair bit of illegal hacking techniques." But it's more than a database that has leaked -- it's River City Media's entire operation. Business plans, HipChat logs, accounts and much more. As with any big leak, there is the question of whether it is genuine. Vickery has shared his finding with numerous security sites as well as law enforcement agencies, and says: That was my initial reaction. I'm still struggling with the best software solution to handle such a voluminous collection, but I have looked up several people that I know and the entries are accurate. The only saving grace is that some are outdated by a few years and the subject no longer lives at the same location. In conjunction with security experts Salted Hash and spam experts Spamhaus, Vickery found that RCM had used illegal IP hijacking techniques during some of its spam campaigns. He says that since making this discovery, he has contacted the companies affected by the leak: Once we concluded that this was indeed related to a criminal operation, it was decided that we should approach law enforcement and the affected companies (like Microsoft and Yahoo) before making any attempts at contacting the spammers directly. The leaking servers went dark during the process of notifying law enforcement and the major companies. So, I did not directly contact the spammers themselves. It remains to be seen quite what impact this will have on River City Media's operations, and whether there will be an immediate reduction in the amount of spam flying to inboxes around the world. You can read more about Vickery's finding over on MacKeeper. Article source
  6. Cheatbook-Database 2016 + Updates CheatBook DataBase 2016 - The encyclopedia of game cheats. A die hard gamer would get pissed if they saw someone using cheats and walkthroughs in games, but you have to agree, sometimes little hint or the "God Mode" becomes necessary to beat a particularly hard part of the game. If you're an avid gamer and want a few extra weapons and tools the survive the game, CheatBook DataBase is exactly the resource you would want. - Find even secrets here. Cheatbook-Database - Games, Cheats, Hints, Tips, Walkthroughs, Trainer and Cheat Codes... Cheatbook-DataBase 2016 is a cheats code tracker that makes hints, Tricks, Tips and cheats (for PC, Walkthroughs, Playstation, Playstation 2, Playstation 3, Playstation 4, Sega, Nintendo 64, Nintendo DS, DVD, Gameboy Advance, Gameboy Color, N-Gage, Nintendo DS, XBox, XBox 360, XBox One, iPhone, Gamecube, Dreamcast, Super Nintendo, Wii, Wii U, Sony PSP) easily accessible from one central location. If you're an avid gamer and want a few extra weapons or lives to survive until the next level, this freeware cheat database can come to the rescue. Covering more than 23.150 Games Cheats, this database represents all genres and focuses on recent releases. Games are listed alphabetically in the left-hand window. When you click on a game name, the relevant cheat is displayed in a editor window, with convenient buttons that let you print the selection or save any changes you've made. In the latest past many users of the CheatBook-DataBase and readers of the monthly being published magazine have sent to us small error messages and suggestions for improvement again and again. First of all we say "Thank you very much!" to all of you! Due to this assistance and the permanent sending in of new and revised cheats the Cheatbook is ever increasing and becoming more and more voluminous. Release date: January 10, 2016. Update Release: December 31, 2016. All Cheats inside from the first CHEATBOOK January 1998 until today Supported Operating Systems: Cheatbook-DataBase 2016 is Freeware for Win95/ 98/ 2000/ NT/ XP/ Vista/ Windows 7/ Windows 8/ Windows 10. Screenshots: Installation: Main Program: Unzip the ZIP package. Optionally read "readme.txt" Run "setup-Cheatbook-Database2016.exe" Follow the prompts. Updates: Unzip the ZIP package. Optionally read "readme.txt" Run "cheatbooksetup.exe" It'll extract and open a folder. First instance, it'll auto install, just click on "Direct Update". Note: If you use Vista & later, post first install, when asked for uninstall dialog, cancel it and run the file named "Cheatbook 0x.2016" or "Cheatbook 0x.2017" with admin prompts. To check the installation: Open Cheatbook Database 2016 Main program and click "Update" from Menu and Click on "Update infos". If properly installed, the installed month's issue should show "Green". Repeat the checking with "Run as Administrator" on Main program. It should show Green too. If not repeat the issue install as mentioned in Step 5. Now, click uninstall from extracted folder and click on "Delete All" to complete installation. Downloads: Cheatbook-Database 2016 - 69 MB: Cheatbook Database 2016 - Main Program Cheatbook Issue - Updates: Jan 2016 - 5.7 MB Feb 2016 - 4.2 MB Mar 2016 - 4.5 MB Apr 2016 - 4.4 MB May 2016 - 4.8 MB Jun 2016 - 5.6 MB July 2016 - 5.8 MB August 2016 - 4.9 MB September 2016 - 6.19 MB October 2016 - 5.9 MB November 2016 - 4.8 MB December 2016 - 3.6 MB January 2017 - 6.2 MB -
  7. Two critical privilege escalation vulnerabilities in MySQL, MariaDB, and PerconaDB can help take control of the whole server, which is very bad for shared environments MySQL, MariaDB, and PerconaDB administrators need to check their database versions, as attackers can chain two critical vulnerabilities and completely take over the server hosting the database. The two critical vulnerabilities, which can lead to arbitrary code execution, root privilege escalation, and server compromise, affect MySQL and forks like Percona Server, Percona XtraDB Cluster, and MariaDB, according to security researcher Dawid Golunski, who provided details of the vulnerability on LegalHackers. Administrators should install the latest updates as soon as possible, or in cases where the patches cannot be applied, they should disable symbolic link support within the database server configuration by setting symbolic-links=0 in my.cnf. Race condition gives access to the server The first vulnerability, a privilege escalation/race condition flaw (CVE-2016-6663), gives elevated privileges to a local system user with access to a database and allows the him or her to execute arbitrary code as the database system user. This gives an attacker access to all of the databases on the affected server. "The vulnerability can allow a local system user with access to the affected database in the context of a low-privileged account (CREATE/INSERT/SELECT grants) to escalate their privileges and execute arbitrary code as the database system user (typically 'mysql')," Golunski said. "Successful exploitation would allow an attacker to gain access to all of the databases stored on the affected database server. The local system user simply needs to have local select, insert, and create privileges to exploit the vulnerability, which is related to unsafe operations on temporary files created by the REPAIR TABLE SQL statement. In MySQL-based databases, users with create privileges can specify a disk path of the directory where the new table will be stored. During the table repair process, if an attacker manages to unlink a temporary table and replace it with a symlink to a system directory (/var/lib/mysql) before it gets locked, the attacker would be able to apply arbitrary permissions on the data directory. For example, setting the permissions to the temporary table can result in the data directory becoming readable and writable because of the symlink. At this point, the attacker can access mysql shell and run arbitrary code. To run mysql shell as a privileged system user (mysql), the attacker could create another directory with specific permissions and created the table in that path. Affected database software include MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier; Percona Server 5.5.51-38.2 and earlier, 5.6.32-78-1 and earlier, and 5.7.14-8 and earlier; Percona XtraDB Cluster 5.6.32-25.17 and earlier, 5.7.14-26.17 and earlier, and 5.5.41-37.0 and earlier; and MariaDB 5.5.52 and earlier, 10.1.18 and earlier, and 10.0.28 and earlier. Gaining god mode The privilege escalation/race condition flaw can be chained with another critical vulnerability, a root privilege escalation vulnerability (CVE-2016-6664), to further elevate the system level user to gain root on the server. The issue is related to the unsafe file operations performed by error logs and other system files. The error.log file on most default installations of MySQL, PerconaDB, and MariaDB is stored in either /var/log/mysql or /var/lib/mysql. "The combination of the two would effectively allow low privileged local database users to escalate their system privileges to root system account and allow them to fully compromise the server which increases the severity of this issue," Golunski writes. In a shared environment, where multiples databases belonging to different organizations and applications are hosted on the same server, this combination could give an attacker with access to the system as a lower-tier user full control over the machine. The race condition flaw can be combined with a different privilege escalation vulnerability, such as the one in MySQL reported in September, to gain rootshell on the server. Attackers can potentially gain a foothold on the server by exploiting a common web application vulnerability and work their way up to fully compromising the server. Affected database software include MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier; Percona Server 5.5.51-38.2 and earlier, 5.6.32-78-1 and earlier, and 5.7.14-8 and earlier; and Percona XtraDB Cluster 5.6.32-25.17 and earlier, 5.7.14-26.17 and earlier, and 5.5.41-37.0 and earlier. All current versions of MariaDB are affected by this flaw. Understanding and applying updates Oracle fixed the vulnerabilities in MySQL, and Percona has fixed the issues in Server and XtaDB Cluster. The MySQL fix can be a little confusing because the vulnerabilities were assigned different CVE identifiers in Oracle's Critical Patch Tuesday. The race condition flaw is identified as CVE-2016-5616 and the root privilege escalation vulnerability as CVE-2016-5617 in last month's Oracle CPU. Administrators who have already applied the MySQL updates from the Oracle CPU have the latest patches. MariaDB fixed the race condition vulnerability and will close the root privilege escalation flaw in a later release. Since the root privilege escalation vulnerability cannot be exploited directly, the severity is less than the race condition flaw. While it does need to be fixed, the fact that another vulnerability is required to make the database exploitable gives the team some time to work on the patch. Applying updates to servers, especially for production databases, is not as simple as downloading and installing updates on desktops and laptops. The patches have to be tested thoroughly, and administrators have to figure out the update window that would cause the least amount of disruption. This is why many vulnerabilities continue to be used in successful attacks long after a patch has been released. A vulnerability like this, which could implicate other databases and applications in a shared environment, requires an aggressive patching schedule to stay ahead of the inevitable attacks on the way. Article source
  8. Following the news earlier this week that Kim Dotcom intends to relaunch Megaupload, the entrepreneur has just delivered a new surprise. Rather than a cold start, Megaupload 2.0 will hit the ground running by deploying the original Megaupload user database. Following a few hints earlier this week, it is now fully confirmed. Kim Dotcom will be launching a brand new file-sharing site with a familiar name. Megaupload 2.0 is pencilled in for a January 2017 launch, an event that will coincide with the 2012 closure of the original Megaupload and the massive police raid on its operators. Having successfully avoided the clutches of a hungry United States government for half a decade, this five-year anniversary is an important one for Dotcom, and it’s becoming clear he hopes to celebrate it with another poke in the eye for the Obama administration. Details are few at this stage, but here’s what we know. Megaupload 2.0 will have 100gb of free storage. It will allow users to sync all of their devices and there will be no data transfer limits. On-the-fly encryption will be baked-in. But while site features are important, what the original Megaupload had going for it was millions of loyal users. They were all made homeless and scattered when the site was shut down but according to Dotcom, there will be a future grand reunion. Intriguingly, the serial entrepreneur says that Megaupload 2.0 will get a fantastic start in life. Rather than simply relying on word-of-mouth advertising to get going, his new venture will launch with the original Megaupload user database intact. How Dotcom managed to preserve a copy of this data isn’t clear, but he says that each user account held within will get a foot up. “Most Megaupload accounts will be reinstated with Premium privileges on the new Megaupload,” Dotcom announced this morning. If every one of those former Megaupload users hit the site on day one, that’s 100 million people needing attention. It’s unlikely that anywhere near that will come aboard, but just one or two percent would be a tremendous start. But hosting files isn’t the only thing on Dotcom’s mind. His censorship-resistant MegaNet project is still in development and although it’s not going to be ready until 2018 at the earliest, Dotcom says that Megaupload 2.0 will be a crucial component of that network. “Megaupload 2.0 will be the launch platform for MegaNet. Let’s make sure that we have critical mass first. #100MillionUsers,” he said this morning. Dotcom clearly has much work to do and even flat-out will struggle to meet his January deadline. Still, he doesn’t intend to do it alone. “To former Megaupload and current Mega employees. We welcome you with open arms. Mega App developers, we have a great deal for you. Ping me,” he wrote a few hours ago. So how will former Megaupload users know if they can use their old credentials to access the new site? “Expect an email,” Dotcom concludes. Article source
  9. Adult website's private user details and browsing habits found by white-hat security researchers. Security experts uncovered Pornhub's entire user database but didn't expose the dirty details, in favour of a $20,000 reward The private details of Pornhub visitors, the largest adult website in the world, could have been easily exposed after cybersecurity researchers discovered a glaring vulnerability in the site that revealed its entire user database and their browsing habits. Thankfully, for those on that database, the discovery was made by white-hat hackers (who hack for good) and shared the information with Pornhub's developers in order to highlight the flaw and bolster security. In return, they were rewarded with a $20,000 bug bounty for their work. The team of computer experts, which included Ruslan Habalov, a computer science student, explained in his blog that they found two use-after-free vulnerabilities in PHP's garbage collection algorithm. It said that by gaining remote code execution they would have been able to do anything from "dump the complete database of pornhub.com including all sensitive user information" to "track and observe user behaviour on the platform and leak the complete available source code of all sites hosted on the server." "We have taken the perspective of an advanced attacker with the full intent to get as deep as possible into the system, focusing on one main goal: gaining remote code execution capabilities. Thus, we left no stone unturned and attacked what Pornhub is built upon: PHP," said Habalov. Pornhub bug bounty Pornhub clearly has a vested interest to keep its user base confidential as well as those who upload videos to the adult site, which could expose performers' identities. Therefore they run 'bug bounty' a reward programme that pays out up to $25,000 to anyone who spots a security fault in its system. The reported fault was hastily patched up by the Pornhub team. It may seems counter-intuitive to invite experts to poke around its cybersecurity but clearly the cash bounty was more appealing than the online panic that would have been caused by releasing the data. "As you can see, offering high bug bounties can motivate security researchers to find bugs in underlying software. This positively impacts other sites and unrelated services as well," said the white-hatters. Being one of the world's most visited websites it's a constant target for malicious cyberattackers. One hacker claimed to have sold access to its servers for $1000, although this turned out to be a hoax. Malware is another big problem that attempts to exploit users by trying to get them to click on links that lead them away to another site that could install viruses to glean your personal information or ransomware, which will lock your whole computer unless you pay a ransom. Article source
  10. Thomson Reuters has secured the source of the leak A database described by some as a "terrorism blacklist" has fallen into the hands of a white-hat hacker who may decide to make it accessible to the public online. The database, called World-Check, belongs to Thomson Reuters and is used by banks, governments and intelligence agencies to screen people for criminal ties and links to terrorism. Security researcher Chris Vickery claims to have obtained a 2014 copy of the database. He announced the details on Tuesday in a post on Reddit. "No hacking was involved in my acquisition of this data," he wrote. "I would call it more of a leak than anything, although not directly from Thomson Reuters." Vickery declined to share how he obtained the data, but he's already contacted Thomson Reuters about securing the source of the leak. In an email, Thomson Reuters said on Wednesday that it was "grateful" to Vickery for the alert. The "third-party" that leaked the database has taken it down, the company added. Vickery has previously exposed database leaks related to Mexican voters, a Hello Kitty online fan community and medical records. His copy of the World-Check database contains the names of over 2.2 million people and organizations declared "heightened risks." Only a small part of the data features a terrorism category. Additional categories include individuals with ties to money laundering, organized crime, corruption and others. He is asking Reddit users whether he should leak the database to the public. His concern is that innocent people with no criminal ties may have been placed on the list. The information isn't really secret either. Users can buy access to the database from Thomson Reuters. Leaking the database, however, could create risks and tip off "actual bad guys" that they’ve been placed on the list, Vickery said. Thomson Reuters declined to say how it might respond if Vickery decides to publicize the information. The World-Check database is sourced from the company’s analysts, "industry sources" and government records. Article source
  11. Crooks love to leverage SQL injection attacks to encrypt databases and hold it up for ransom, security firm says RansomWeb attacks are happening five times more frequently in 2016, compared to 2015, security firm High-Tech Bridge is reporting, based on activity seen on its security products in the past six months. The term "RansomWeb" describes attacks during which crooks break into a website using various vulnerabilities and encrypt its content. This can be its database or its files, but in the end, crooks notify the website owners that they have to pay a ransom to get their files back. RansomWeb attacks detected for the first time in 2015 These Web-based ransomware attacks, hence the term RansomWeb, were first seen in January 2015, when High-Tech Bridge was called in to investigate a locked down phpBB forum. Since then, the company is saying that the numbers have grown tremendously, and crooks are using all sorts of vulnerabilities to break into websites and carry out such attacks. High-Tech Bridge says that in most cases, the hackers' favorite entry point is an SQL injection. These are severe vulnerabilities because attackers can quickly escalate their access from an SQL database and get control over the whole server. 60% of all websites contain a vulnerability As part of a general overview of Web application security, which the company is presenting at this year's Infosecurity Europe 2016 conference, High-Tech Bridge also says that overall, Web attacks are becoming more sophisticated, and criminals are combining different vectors together to ensure they reach their desired goals. High-Tech Bridge says that three in five websites or APIs contain at least one security flaw, and if a service has an XSS vulnerability, in 35 percent of cases, it also hides multiple others as well. HTTPS usage stats still depressing Furthermore, High-Tech Bridge, who also runs an HTTPS scanning service, also says that only 24.3 of websites use proper SSL/TLS configurations, and only 1.38 percent are fully NIST compliant. Worrying is the fact that 97 percent of all scanned websites are using the insecure TLS 1.0 protocol, soon to be deprecated in 2018, and that 23 percent are using the ancient SSLv3 protocol. Webmasters that realize they run vulnerable websites usually employ a WAF (Web Application Firewall) to safeguard their properties against exploitation. On average, High-Tech Bridge says that websites protected by a WAF usually hide 20 percent more vulnerabilities. Unfortunately, this doesn't keep them safe, and the company is reporting that three out of five vulnerabilities can be leveraged despite the presence of a WAF. The Source
  12. DVD-Ranger has released version 3 of its SoundTouch software that claims to provide to remove the Blu-ray copy protection Cinavia while retaining excellent sound quality without requiring a database to download. A first test by our member ILLP confirms that the sound quality is “outstanding”. In an announcement, DVD-Ranger writes about the new version of SoundTouch that it, “uses our experience completely decoding Cinavia. SoundTouch 3 will just break the Cinavia markers so that the original Cinavia detector will not be able to lock into the Cinavia signal anymore. It is a successful combination of SoundTouch 2, CinDe and CinFect.” There are currently two ways of ending up with a working Cinavia movie backup. One method works by applying an algorithm to the movie, the other one by replacing the audio track. The technology powering SoundTouch 3 appears to be an improvement of the algorithm method, which is able to fool Cinavia detectors but comes with degraded audio quality. It is thought that the current algorithms degrade the soundtrack so much that the Cinavia copy protection isn’t actually removed, but because the audio is so much distorted, also not triggered. Method two to end up with a Cinavia free movie backup is by replacing a soundtrack with the same audio from other source. This has the drawback that it requires downloading large files but the advantage that the sound quality is good. It appears DVD-Ranger is now able to target Cinavia more precise than before. This has the benefit of good audio quality while not requiring the large downloads. Another advantage is that, in theory, this should work on all movies that are Cinavia protected until Verance updates the protection. An initial report of our member ILLP states the sound quality is good and Cinavia is indeed removed. He writes about the sound quality,”just ran the new edition with sound touch 3 incorporated within sound touch 2 I can’t believe the sound quality is as good as the databases on the title I just ran which was resident Evil Afterlife outstanding”. Users who want to try the new SoundTouch 3 can download CinEx HD Utility 2.4.1.1 that features, “Improved SoundTouch 2 (With SoundTouch 3 development experience)”. We love to hear your reports on the audio quality! This new CinEx HD version also comes with an improved burn engine and faster Cinavia removal from DVDs. Article source
  13. E-mail addresses and cryptographically protected passwords for thousands of Mozilla developers were exposed through a database glitch that may have been exploited by hackers, Mozilla officials warned Friday. About 76,000 e-mail addresses and 4,000 password hashes were left on a publicly accessible server for about 30 days beginning June 23, according to a blog post. There is no indication the data was accessed, but Mozilla officials investigating the disclosure can't rule out the possibility. Hackers who might have managed to crack the hashes wouldn't be able to use the passwords to access Mozilla Developer Network accounts, but they may be able to access other user accounts secured with the same cracked passcode. The glitch was touched off when a data "sanitization" process failed, causing the addresses and hashes to be dumped to a publicly accessible server. "We are known for our commitment to privacy and security, and we are deeply sorry for any inconvenience or concern this incident may cause you," Stormy Peters, director of developer relations, and Joe Stevensen, operations security manager, wrote. They continued: Source : http://arstechnica.com/security/2014/08/thousands-of-mozilla-developers-e-mail-addresses-password-hashes-exposed/
  14. The American Civil Liberties Union (ACLU) has launched a searchable online database that contains all of the documents obtained by Edward Snowden and made public since last June. "These documents stand as primary source evidence of our government's interpretation of its authority to engage in sweeping surveillance activities at home and abroad, and how it carries out that surveillance," Emily Weinrebe of the ACLU's National Security project wrote on Thursday. "The ACLU hopes to facilitate this debate by making these documents more easily accessible and understandable," Weinrebe wrote. "Toward that end, today we are launching the NSA Documents Database."The database is searchable by document title, category, or full-text content, allowing anyone with online access to delve through all the documents and find information on whatever previously secret government info-slurping they're interested in. There's also a filtering function that allows you to sort the documents based on the type and area of surveillance you're interested in. "For example," Weinrebe writes, "you can have the database return all documents that both pertain to 'Section 215' and 'Internal NSA/DOJ Legal Analysis'." As more documents are released, they will be added to the database as part of the ACLU's effort to ensure that the public has easy access to the information that, after all, they paid to have collected by the NSA. "The fact is," Weinrebe wrote, "that most of the documents contained in this database should have never been secret in the first place." The inauguration of the searchable collection comes just in time for some leisurely weekend browsing, eh, Reg readers? Source
  15. Pakistan’s Federal Investigation Agency (FIA) has arrested a Pakistani Hacker allegedly involved in hacking into a telecom company and uploaded their database on his website. With the help of the National Response Center for Cyber Crime (NR3C) of Pakistan’s Federal Investigation Agency, the local authorities were able to trace and arrest the hacker suspected of infiltrating into the systems of Warid Telecom, an Abu-Dhabi-based telecoms company that provides services in Congo, Pakistan and Uganda. The suspect, Mubashar Shahzad, a resident of Kasur, is believed to have downloaded Warid Telecom’s customer information from the company’s databases and exposed it online, which was published on earlysms.com, a site hosted with HosterPK. Investigation started after one of the senior manager of a cellular company filed a complaint saying the ‘information of its consumers till 2006 had been exposed over the internet.’ “A technical/forensic analysis found that the website was being hosted by hosterpk. The FIA traced the IP address, email address and phone number of the suspect through the host company,” Usman Anwar, the Director of FIA told The Express Tribune. The suspects IP address was traced to a shop in Ghalla Mandi, Kasur, from where the authorities arrested the suspect Mubashar Shahzad. The Investigation Team also detected and seized Shahzad’s computers which contained folders named ‘Warid Data’. In addition to that, two desktop systems, hard drives and portable Hard drives were also seized by the authorities. The website on which the stolen data was posted by the hacker has now been shut down. Source
  16. selesn777

    CheMax 15.5 Eng + CheMax FC

    CheMax 15.5 Eng + CheMax FC: database of cheat codes for console versions of games (consoles) CheMax is one of the best offline cheat-base for PC games. The base is based on ChEaTs software and it is fully rewritten and updated. There are no hints or solutions in its base, only pure cheat codes, level codes and easter eggs. Current version of CheMax contains cheats for more than 6249 games! This program is freeware, so you can use it without paying anything! Attention! The application includes additional software to be careful when installing.CheMax En 15.6 The current version covers more than 6258 games.Homepage: http://www.chemax.ru OS: Windows XP / Vista / 7 / 8 Language: Eng Size: 8,25 Mb.
×
×
  • Create New...