network – Can an infected device within the LAN still be a threat if turned off?

Scenario

An attacker successfully infiltrates the LAN and infects a device that acts as a future bridge. Once inside, the infected device can communicate with a malicious source outside of the local area network. We assume that only one device is infected and that the malware is located anywhere in the computer but it’s unable to migrate to other devices in the same LAN. I’d imagine that the tools available today are much more sophisticated and can probably spread across devices by itself, in this case you can provide an answer with this alternative scenario described.

Security Measures

The scenario should be realistically simulated which means that there are some security measures put in place, like there are in most homes today. In this case, the scenario described that the attacker was already inside and had successfully infected a device, which means that the security measures were penetrated.

Question

The infected device is turned off and the power input is active. Can the infected device still function as an access-point from the outside of the LAN?

If so, what measures are needed to completely cut off the malicious communication?

java – Potential threat? Twitter media downloader extension on chrome and MS EDGE (manifest.json)

I used TWITTER MEDIA DOWNLOADER on chrome and MS edge for quite a while.
Its a extension that enables to download all media on a specific twitter account.
Enables download with button in the targeted account web page.

Manifest.json

{
"update_url": "https://clients2.google.com/service/update2/crx",
"manifest_version": 2,
"name": "__MSG_ext_title__",
"short_name": "__MSG_ext_short_name__",
"version": "0.1.4.24",
"description": "__MSG_ext_description__",
"author": "furyu",
"default_locale": "en",
"icons": {
    "16": "img/icon_16.png",
    "19": "img/icon_19.png",
    "48": "img/icon_48.png",
    "128": "img/icon_128.png"
},
"permissions": (
    "storage",
    "webRequest",
    "webRequestBlocking",
    "*://*.twitter.com/*",
    "*://pbs.twimg.com/*",
    "*://video.twimg.com/*",
    "*://*.cdn.vine.co/*"
),
"content_scripts": (
    {
        "matches": (
            "*://twitter.com/*",
            "*://tweetdeck.twitter.com/*",
            "*://api.twitter.com/*",
            "*://*.furyutei.work/oauth/*",
            "*://pbs.twimg.com/media/*"
        ),
        "js": (
            "js/browser_info.js",
            "js/jquery.min.js",
            "js/twitter-oauth/sha1.js",
            "js/twitter-oauth/oauth.js",
            "js/twitter-oauth/twitter-api.js",
            "js/session.js"
        ),
        "run_at": "document_start",
        "all_frames": false
    },
    {
        "matches": (
            "*://twitter.com/*",
            "*://tweetdeck.twitter.com/*",
            "*://pbs.twimg.com/media/*"
        ),
        "js": (
            "js/decimal.min.js",
            "js/jszip.min.js",
            "js/zip_request_legacy.js",
            "js/init.js",
            "js/timeline.js"
        ),
        "run_at": "document_start",
        "all_frames": true
    },
    {
        "matches": (
            "*://twitter.com/*"
        ),
        "js": (
            "js/main_react.user.js"
        ),
        "run_at": "document_end",
        "all_frames": true
    },
    {
        "matches": (
            "*://tweetdeck.twitter.com/*"
        ),
        "js": (
            "js/main_tweetdeck.user.js"
        ),
        "run_at": "document_end",
        "all_frames": true
    }
),
"background": {
    "scripts": (
        "js/jszip.min.js",
        "js/zip_worker.js",
        "js/background.js"
    ),
    "persistent": true
},
"options_ui": {
    "page": "html/options.html",
    "open_in_tab": true
},
"browser_action": {
    "default_icon": "img/icon_16.png",
    "default_title": "__MSG_ext_title__",
    "default_popup": "html/options.html"
},
"incognito": "split"

}

Since chrome web store forced publishers to show what data they collect on their extension dashboard, there were few convincing facts displayed on the dashboard.

First, here is the extension web store link

https://chrome.google.com/webstore/detail/twitter-media-downloader/cblpjenafgeohmnjknfhpdbdljfkndig?hl=en

Since it says on the dashboard that it collects NEARLY EVERY DATA THAT CAN BE PRODUCED ON A WEBSITE,
I am quite concerned, however i have used it for a long time and i would like to check if this extension really does collect KEYLOGS, MOUSE CLICK RATES and so on….and of course.. any threats that it can have..!

I used CRX VIEWER to view the source .
(Please use to view full code)
https://robwu.nl/crxviewer/

But i dont really know much about .js and all other coding words..

Creator name: furyutei
Japanese.

Has github page https://github.com/furyutei/twMediaDownloader

Twitter
https://mobile.twitter.com/furyutei?lang=en

Has his own blogs
https://memo.furyutei.work/
And the one in the chrome web page
Saying PROVIDED BY

I Reported to chrome for abuse use so that developers can look through it. How ever does any body know where to see the result of the review?

would you please help??
Thank you all!

mining theory – Could the threat of centralization be realized if a sufficiently large entity acquired enough Bitcoin?

Bitcoin has always been against that type of centralization, but if one of these entities decided they wanted to gain centralized control, could they do that by taking the action of acquiring a majority of the coins in circulation?

Bitcoin network’s token (currency) BTC can be accumulated by anyone in the world by:

  1. Exchanging other currencies for BTC
  2. Mining
  3. Get paid in BTC

There is nothing in the protocol that takes care of distribution. Everyone owning similar amounts is only possible in an ideal world or some game. In practice some people will always own more than others.

Do they control Bitcoin?

No. Alice has 1000 BTC and Bob has 1 BTC. Alice has no special permissions to change the consensus rules.

Process for soft forks:

  1. Create BIP and share with others. Discuss everything involved.

  2. Code implementation

  3. If MASF:

    • Miners signalling readiness
    • Locked in if signalling % according to BIP
    • Activated

    Else if UASF:

    • Miners signalling readiness
    • Locked in irrespective of signalling %
    • Activated
  4. Miners can follow the new consensus rules else their blocks will be rejected by full nodes. Economic nodes play an important role.

None of the above mentioned things involve supply of bitcoin. Maybe people with more money can have some influence but 2017 soft fork proved that closed door meetings, corporates, miners etc. cannot decide things for Bitcoin ignoring users, devs and decentralization.

Threat hunting tools for web domain

Given a web domain. What are the available online threat hunting platforms which
could help in doing a threat hunt for that domain?
Also does Metasploit exploits for web applications can be considered as threat hunting?

security – What is threat model for Bitcoin?

Bitcoin is secure when 51% of the miners are honest.
We also need every node to have at least one honest peer to avoid eclipse attacks.

Are these the only assumptions based on which Bitcoin is secure? Is there a complete list of assumptions and a formal analysis of the threat model somewhere?

google sheets – Separating multiple section inputs into multiple lines of data (I can’t get it to work even with the other threat help that is there already)

Hello Google Masterminds,

I come to you since I have followed almost every single youtube video and every single thread here and I been working with this freaking form for the past 3 weeks and have had 0 progress.

Everytime when I use all the formulas as create by you smart people I get errors and yes I adjusted them to my set data.

Row A & B are the header information
Row C-H 1st kid
Row I-N 2nd Kid
Row O-T 3rd kid
Row U-Z 4th kid
Row AA-AF 5th Kid
Row AG-AL 6th kid
Childern info has to go to Deelnemers Lijst Tab

Row AM-AQ 1st Volunteer (vrijwilliger in Dutch for volunteer)
Row AR-AV 2nd Volunteer
Row AW-BB 3rd Volunteer
Row BC-BF 4th Volunteer
Row BG-BK 5th Volunteer
Row BL-BP 6th Volunteer

Volunteers info has to go to Vrijwilligers Lijst Tab

Kids 1 to 4 are mandatory 5 and 6 are optional and sometimes not filled in.
Volunteer 1 is mandatory and 2 till 6 are optional.

I have no what has been going wrong and I kind of gave up but I am in really dire need this needs to get digital cause doing it all by hand it taking way to much time we could use else where as an non profit organisation. We do this to let the kids have some fun in their last week of Summer Holiday. Can someone please help me out here, I am just stuck and non of the video’s nor formula’s seem to work. For some reason the moment I put a , as shown in the other formulas my entire formula stops working.

transactions – What are the malleability threat vectors when passing PSBTs to other actors?

If I am passing a PSBT (Partially Signed Bitcoin Transaction) between multiple people, and I pass on my signature for my UTXOs for given inputs, can someone take advantage of malleability and cheat me out of the outputs I’m expecting?

What are the full ramifications of this? What is the most I can be taken advantage of, and is there any defense other than using funding with segwit spends? Can you be specific on how exactly such an attack would occur, and what portions of the PSBT might a malicious actor pay most attention to

nist – Methodologies or framworks for threat taxonomy?

nist – Methodologies or framworks for threat taxonomy? – Information Security Stack Exchange

malware – Could video streaming pose a security threat?

A video file is normally just image and sound data, with additional metadata involved. It normally does not contain any sort of executable code, and therefore, generally video files are safe.

However, it is possible that the video player you’re using has a security problem like a buffer overflow, and that a video file could be specially crafted to exploit that video player and run malware. This is true of virtually every non-trivial program that processes untrusted data and is not specific to video players.

This is also not, in general, a great way to spread malware because people tend to use a variety of different video players which will contain different codecs for processing data. Therefore, even if someone distributed a malicious video file that exploited video player A, it probably just wouldn’t be malicious (or might not even render) on video player B. That isn’t to say it couldn’t happen or hasn’t happened, but there are more effective ways to spread general-purpose malware.

The only time I’d be seriously concerned about this as a threat model is if it were a targeted attack, where an attacker would have created a malicious file to exploit you or your company specifically and would have targeted it to software they know you use. However, you are probably not in that case, and even if you are, following standard best practices around security is the most effective way to prevent this.

It is likely that transcoding the file would prevent the malware from being exploited if the problem is in a codec (which is where many such security problems tend to occur), but the problem could also be in a metadata parser or other format-independent piece of code, in which case it wouldn’t have any effect. I would not transcode a video on the off chance that it might contain malware.

Your best defense here is to keep your software up to date with security patches. That means keeping your web browser, operating system, and other software you use, including any video players, up to date. If you’re using a cell phone for this purpose, be sure that you’re using a model that ships with regular security updates for as long as you own it, and apply them promptly.

You may also choose to prefer more reputable sites for content. For example, it is unlikely that Netflix is going to serve you malware. I realize that people live in the real world, though, so that may not always be practical, but if you’re very concerned about this possibility, then maybe you’d like to adopt that approach.

Actors and processes in threat models

I want to create a threat model to guide a security-oriented review on a project. I found the OWASP Threat Dragon and would like to do it in that, but from the documentation and example I am unsure how to use the elements provided.

The diagrams can contain following elements:

  • Actors (represented with boxes)
  • Processes (represented with circles)
  • Storage (represented with over and underline)
  • Data flows (represented with arrows)
  • Trust boundaries (represented with dashed lines)

The latter three seem obvious, but there is an example model and that shows Actor “Browser” and Process “Web App”. I would expect actor to mean user, but then on the other hand what would represent the browser? Or should it be represented at all?

And each function should be a separate process, no? I suppose the component itself does not really need to be represented, though where would I then put cross-process concerns like authorization? Or should I mention them for each and every function?

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies 5000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive.com Proxies-free.com New Proxy Lists Every Day Proxies123.com Buy Cheap Private Proxies; Best Quality USA Private Proxies