Aggregator
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
我们为什么没有抓到高端APT领导者的荷兰AIVD
工信部通报17款涉嫌侵害用户权益的APP
工业和信息化部依据《个人信息保护法》《网络安全法》《电信条例》《电信和互联网用户个人信息保护规定》等法律法规,持续整治APP侵害用户权益的违规行为。
近期,工业和信息化部组织第三方检测机构进行抽查,共发现17款APP及SDK存在侵害用户权益行为,已予以通报。文中所述APP及SDK应按有关规定进行整改,整改落实不到位的,将依法依规组织开展相关处置工作。你的手机里是否也有安装如下软件?若有,速速卸载!
工信部通报存在问题的APP(SDK)名单
文章来源自:北京发布 工信部官网
工信部通报17款涉嫌侵害用户权益的APP
How to Rename Firefox's Profile Path
Prerequisite: install mozlz4.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 cd ~/.mozilla/firefox # the current profile directory's name and the target profile directory name ORIGINAL_NAME='abcd0efg.default-release' TARGET_NAME='k4yt3x' # replace path name references in text files mv "$ORIGINAL_NAME" "$TARGET_NAME" sed -i "s/$ORIGINAL_NAME/$TARGET_NAME/g" installs.ini sed -i "s/$ORIGINAL_NAME/$TARGET_NAME/g" profiles.ini sed -i "s/$ORIGINAL_NAME/$TARGET_NAME/g" "$TARGET_NAME/pkcs11.txt" sed -i "s/$ORIGINAL_NAME/$TARGET_NAME/g" "$TARGET_NAME/extensions.json" # decompress the addonStartup.json, replace the strings, and re-compress cd "$TARGET_NAME" mozlz4 -x addonStartup.json.lz4 > addonStartup.json sed -i "s/$ORIGINAL_NAME/$TARGET_NAME/g" addonStartup.json mozlz4 -z addonStartup.json addonStartup.json.lz4 rm addonStartup.jsonMy Firefox is heavily customized with dozens of extensions and settings spread across multiple configuration files such as user.js and perf.js. It is, thus, not practical for me to migrate my Firefox profile to a machine while ensuring that all settings are synchronized and that it will behave exactly the same way if I were to rely on Firefox’s built-in Sync. The most reliable and efficient, albeit slightly “hacky” way, to migrate my Firefox profile to machine is, therefore, to straight up copy the entire profile to the new machine. There might be a more elegant way to do this, but until then, this will be the method I have to rely on. Additionally, this approach also makes it easy to reliably synchronize all of my few hundreds of tabs over to a different machine.
While I was synchronizing the profile, I noticed that Firefox made a default name and path for the profile. The profile name I got is a random string (yrdz6hff.default-release) generated based on how stars were aligned the day I created the profile. I’d rather not having to embed this random string in my automation scripts and etc., so I decided to look into changing it. This string is used both as the displayed profile name in Firefox and the name of the profile’s directory on the file system.
The profile’s name can be easily changed in the about:profiles page:
However, the same cannot be said about the profile’s directory name on the file system. On my Arch Linux system, Firefox’s profile is located under .mozilla/firefox/$PROFILE_NAME. If you simply rename the directory, Firefox will not be able to find the profile anymore and will simply make a new profile for you. Thus, we will need to change Firefox’s configurations so the profile-related configurations point to the right path.
In order to find out which files we need to change, we can use ripgrep to list all the files that contain the profile’s name under Firefox’s profiles directory. The following command lists all files that contain the profile name’s string, including binary files:
Let’s first rename the profile’s directory and then replace all occurrences of yrdz6hff.default-release in all text files. In this example, I’ll rename my profile directory’s name to k4yt3x:
Let’s try and start Firefox. Unfortunately, we’ll see that the extensions are broken:
The broken extensions and the fact that we did not change addonStartup.json.lz4 provides a pretty clear hint that this file may be causing the troubles. In fact, this file is, indeed, the culprit. We will need to update the content of this file as well. However, this file is compress in an uncommon format used by Firefox named mozlz4. It cannot be decompressed by Linux utilities such as lz4 or 7z.
In order to decompress and re-compress the addonStartup.json file, we will need a tool named mozlz4. This tool is available on AUR in the name of mozlz4 and mozlz4-bin. If your platform’s repository does not have it, you can download the compiled binaries on their GitHub releases page. After getting the tool, you can use the following commands to decompress the file, update its content, and re-compress the file:
Now, if we start Firefox again, we will see that all the extensions load correctly again:
There you have it. I hope this post would help whomever that also happens to need to do the same hacky thing. If you notice that something isn’t working after this modification or if there are other files that should be updated as well, please reach out and I’ll update this guide.
- https://k4yt3x.com/how-to-rename-firefoxs-profile-path/ - 2019-2024 K4YT3X. All rights reserved.SIEM-системы в 2024: каждый сотрудник под подозрением
新型 Styx 窃取程序攻击用户窃取登录密码
一种名为 Styx Stealer 的新网络安全威胁已经出现。它可以在使用频繁网络浏览器中窃取敏感数据(例如已保存的密码、cookie 和自动填充信息)来锁定用户。
该恶意软件影响涉及到 Chromium 和 Gecko 的浏览器,并将其影响范围扩展到了浏览器扩展、加密货币钱包,甚至 Telegram 和 Discord 等消息平台。
Styx Stealer 的曝光引起了网络安全专家和用户的警惕,它对网络安全构成了重大风险。
利用 Windows Defender 漏洞
Styx Stealer 利用了 Microsoft Windows Defender SmartScreen 中的漏洞,该漏洞编号为CVE-2023-36025,也称为 Phemedrone Stealer。
该漏洞于 2024 年初广泛传播,使得恶意分子能够绕过安全措施并渗透到用户的系统。
不断的漏洞的利用,给网络安全防御带来了持续挑战,特别是当威胁分子发现和利用广泛使用的软件中的漏洞时。
有趣的是,Styx Stealer 的功能演示已发布在其开发人员的社交媒体上。尽管该媒体账号影响力不大,但此次演示还是引起了网络安全专业人士的注意。
此外,有威胁分子在俄罗斯一个热门论坛上发现出售 Styx Stealer,这表明该病毒具有广泛传播的潜力。这一事件发展无疑警醒了用户和组织需要保持警惕以保护其数字资产。
随着情况的发展,专家建议用户更新安全软件,对可疑链接和下载保持警惕,并定期更改密码,以防止潜在的违规行为。
Styx Stealer 的出现提醒人们网络威胁形势的不断演变以及主动网络安全措施的重要性,增强网络安全意识和手段刻不容缓。
新型 Styx 窃取程序攻击用户窃取登录密码
CVE-2024-39717: сети телекомов оказались в руках Volt Typhoon
微软发布Windows Terminal v1.21正式版和v1.22预览版 带来多个重要功能更新
夕阳无限好,天色已黄昏:我的落日观赏经验谈
如何安装 Redis Bloom Filter:完整指南
AMD将分支预测优化移植到Windows 11 23H2 不用Admin账户也可以提高性能
Cribl Gets $319M on $3.5B Valuation to Boost Data Management
Cribl has completed a $319 million Series E funding round led by Google Ventures. The financing pushes the company’s valuation to $3.5 billion, with backing from prominent investors as Cribl's data engine technology continues to be rapid adoped by enterprises globally.
McLaren Health: IT Operations Fully Back Online Post-Attack
McLaren Health says its IT systems are fully restored a few days earlier than expected, following an Aug. 6 ransomware attack that disrupted clinical and administrative operations at its 13 hospitals and other facilities. The Michigan-based entity had expected the recovery to last through August.
Tech Orgs: UN Cybercrime Treaty Will Worsen Global Security
A coalition of technology organizations says a draft United Nations cybercrime treaty would facilitate crime and is urging nations to reject the treaty. "The best option now is for a majority of the U.N.'s member states to decide not to adopt the convention," said Nick Ashton-Hart.
Check Point to Buy External Risk Management Vendor Cyberint
Check Point plans to purchase an external risk management vendor led by an Israeli intelligence veteran to boost its SOC and managed threat intelligence capabilities. The proposed acquisition of Cyberint will make it easier for companies to defend against both internal and external cyberthreats.