Questions tagged [system-compromise]
Dealing with a system compromise: your defenses failed, now what?
153 questions
0
votes
0
answers
138
views
Locating Spambot
My mail server (IP, not domains) was recently flagged as a spam source by Spamhaus and I'm looking for help at tracking down the source.
First, I verified the forward and reverse DNS records, SPF ...
- 389
11
votes
1
answer
522
views
XZ compromise and consequences for people having used it
Here's a hot topic:
https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
https://lwn.net/Articles/967180/
https://lwn.net/ml/oss-security/20240329155126.kjjfduxw2yrlxgzm@...
- 3,551
1
vote
1
answer
272
views
Creating bootable USB from a compromised OS. Is it safe?
If we buy for instance a laptop with an OS pre-installed e.g. Ubuntu and but the original seller was not reputable and there are doubts with the preinstall.
My question is: if we use the laptop to ...
- 221
2
votes
1
answer
473
views
Examining linux memory dump with signs of compromise in yarascan
I have captured a memory dump of recent Ubuntu 22.04 kernel 6.2.0-39-generic.
captured image with LiMe and analyzed with volatility3.
did a yarascan against all known rules and found a suspicious ...
- 31
1
vote
0
answers
201
views
Different types of USB charger attacks that work on Android phones
I'm wondering about different types of malicious USB charger attacks that work on Android devices when USB debugging option is disabled and if the USB option is set to "charge only".
I'm not ...
1
vote
1
answer
286
views
What "indicators of compromise" are there that end users can diagnose themselves?
I'm responsible for the IT security of a small (~5 users) office, and I'm preparing training materials for our users.
Obviously, the first step my users should do if anything seems suspicious is to ...
- 3,950
2
votes
1
answer
2k
views
Windows Update installs yandex.ru browser hijacker
I recently created a Windows 10 installation stick via the official media creation tool. Presumably, there was no malware on my host system on which I created the stick. It's a pretty fresh install as ...
2
votes
1
answer
230
views
Is it possible for a hostname lookup to be temporarily lying (wrong ISP)?
In 2017, I was running a local website on my own dedicated server in a professional data center. FreeBSD. Installed by me remotely. Maintained carefully by me. No other human users than myself. I was ...
- 21
1
vote
0
answers
134
views
How can I get & keep an unauthorized user out of my network? [closed]
I have replaced hardware, equipment, and passwords. I think they are in Yahoo, Microsoft, phone, and laptop. I have changed all with no success. They use my identity as the temporary ID from Microsoft ...
0
votes
1
answer
913
views
Can VPN protect me against MITM attacks if my device is already compromised by having a malicious root certificate installed?
Let's say my device is already compromised without my knowledge by my ISP, it has a malicious root certificate installed which allows my ISP to view all of my HTTPS traffic as plain text.
now if I use ...
user285140
0
votes
0
answers
180
views
How to fix deceptive site ahead warning on a wordpress site
I have an issue with my website, when visitors try to access it shows the deceptive site ahead warning I used google search console to try to fix it (as I successfully did it previously with some ...
- 103
0
votes
1
answer
350
views
OS on external drive -- is it safe?
So I'm installing macOS to my external hard drive partition, so I can have a 100% clean environment where I can engage with cryptocurrencies. (Exchanges, stable coins, protocols, putting actual money ...
0
votes
0
answers
171
views
Compromised machine. Should I create a partition or volume to install a clean OS?
My goal is to create a 100% clean environment where I can interact with cryptocurrencies. For that, I can partition my disk or I can create a volume. Which one should I prefer?
Some context about the ...
-1
votes
1
answer
3k
views
How can this Jim Browning YouTuber have access to so many scammers' computers/networks?
I'm frankly sick of these videos, and the only interesting part to me has nothing to do with the scam or the content of the video, but simply the fact that he is apparently somehow able to see exactly ...
- 13
6
votes
3
answers
10k
views
Friend's Instagram account repeatedly hacked despite changing all information and enabling 2FA
My friends Instagram account has repeatedly been hacked. Someone is gaining access to her account, proceeding to change all the security information to lock her out. Then posts scam ads on her account....
- 61