A little Frenchie - Slashdot User

Submission + - Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera (github.io)

Submitted by A little Frenchie on Monday September 20, 2021 @04:47PM

A little Frenchie writes: The majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical remote unauthenticated code execution vulnerability even with latest firmware (as of 21 June 2021). Some older models are affected also as far back as at least 2016. Some NVRs are also affected, though this is less widespread.

This is being tracked as CVE-2021-36260

Comment mikrotik response (Score 3, Informative) 31

by A little Frenchie on Saturday September 11, 2021 @02:31PM (#61785695) Attached to: Krebs Also Hit By Massive DDOS, Apparently Caused by Compromised Routers

this is their response https://forum.mikrotik.com/vie...

QUOTE

Many of you have asked, what is this Mris botnet that some news outlets are discussing right now, and if there is any new vulnerability in RouterOS.

As far as we have seen, these attacks use the same routers that were compromised in 2018, when MikroTik RouterOS had a vulnerability, that was quickly patched.

Unfortunately, closing the vulnerability does not immediately protect these routers. If somebody got your password in 2018, just an upgrade will not help. You must also change password, re-check your firewall if it does not allow remote access to unknown parties, and look for scripts that you did not create.

We have tried to reach all users of RouterOS about this, but many of them have never been in contact with MikroTik and are not actively monitoring their devices. We are working on other solutions too.

As far as we know right now - There are no new vulnerabilities in these devices. RouterOS has been recently independently audited by several contractors.

If you do see a RouterOS device that has malicious scripts or SOCKS configuration that was not created by you, especially if this configuration APPEARED NOW, RECENTLY, WHILE RUNNING A NEW ROUTEROS RELEASE: Please contact us immediately.

Comment EARN IT anyone? (Score 2) 17

by A little Frenchie on Thursday April 09, 2020 @07:29PM (#59926542) Attached to: US Senate Tells Members To Stop Using Zoom

zoom = if EARN IT pass

Comment glad to live in Canada ... (Score 1) 662

by A little Frenchie on Tuesday June 18, 2013 @07:39AM (#44037831) Attached to: Supreme Court Decides Your Silence May Be Used Against You

... nothing more to say.

Comment Re:Comments (Score 0) 238

by A little Frenchie on Wednesday December 19, 2012 @03:30PM (#42338965) Attached to: How Experienced And Novice Programmers See Code

if (Foos != null)
____ (Foo foo in Foos)
________ foo.count++;

less text to read, easy to understand

Comment i'm glad to live in Québec (Canada) (Score 1) 234

by A little Frenchie on Thursday August 23, 2012 @11:21AM (#41096081) Attached to: New eBay EULA Prohibits Class Action Lawsuits

this kind of clause are void here! we are "protected" from abusive clause. sadly, we are also excluded from many thing because of it :-p

Submission + - EVE Online channels in-game donations to Haiti (eveonline.com) 1

Submitted by PurpleCarrot on Friday January 29, 2010 @07:01PM

PurpleCarrot writes: Players in the MMORPG EVE Online have been encouraged to convert their virtual income into real monetary help for the Red Cross efforts in Haiti through donations of PLEXes, or game-time extensions. CCP, the developer of EVE Online, will forward 100% of the proceeds generated from donations to support Haiti. PLEXes (which extend a player's subscription for 30 days) are sold in batches of two for $34.99 in the United States, and are freely traded in the game's marketplace for ISK, the in-game currency.

Comment chipset inside and utilization? (Score 4, Interesting) 467

by A little Frenchie on Tuesday October 27, 2009 @12:20PM (#29885039) Attached to: Reliability of PC Flash SSDs?

your not saying what chipset and what kind of usage you did.

if you are going to put a MLC drive for a gentoo distribution which is compiling 24/7, you will kill it in no time

if you got first gen micron chipset... you will have bad experience too

try again with indilinx or intel drive with SLC and come again

Comment and some people got a bricked ssd... (Score 1) 112

by A little Frenchie on Tuesday October 27, 2009 @12:15PM (#29884993) Attached to: Intel Updates SSDs, Supports TRIM, Faster Writes

more at http://communities.intel.com/community/tech/solidstate

Comment Exchange? (Score 1) 324

by A little Frenchie on Tuesday July 28, 2009 @02:36PM (#28856355) Attached to: Dye Used In Blue M&Ms Can Lessen Spinal Injury

I give you my red one, you give me your blue one?

Comment print page for less ads (Score 2, Informative) 626

by A little Frenchie on Sunday March 22, 2009 @03:35PM (#27290097) Attached to: Windows and Linux Not Well Prepared For Multicore Chips

http://www.infoworld.com/archives/emailPrint.jsp?R=printThis&A=/article/09/03/20/Multicore_chips_pose_next_big_challenge_for_industry_1.html

Comment I just made one for less than 400$ canadian! (Score 1) 101

by A little Frenchie on Friday March 20, 2009 @05:31PM (#27274267) Attached to: A Look at Excessive Portable Storage

how funny, I just bought http://www.addonics.com/products/enclosures/AE25RDESU.asp (build-in raid hardware support) and 2x 500gb seagate 5400.6 disk to make my own portable device for less than 400$ canadian, tax and shipping included, lot cheaper than the Lacie one! I will receive everything next Monday so I could do my own test and I will compare them. I never looked for pre-build one before doing my search.

Comment print this page (Score 2, Informative) 116

by A little Frenchie on Friday September 05, 2008 @06:20PM (#24895223) Attached to: Researchers Build Malicious Facebook App

http://www.itworld.com/print/54718

Submission + - iPhone hacked to run Java 2

Submitted by LarsWestergren on Thursday November 22, 2007 @12:50PM

LarsWestergren writes: The project to get Java to run on the iPhone has had a breakthrough — Mark Wielaard has posted the first screenshots of the open source JamVM running on a jail-broken iPhone.

Submission + - Banned colors on the screen (google.com)

Submitted by A little Frenchie on Friday November 16, 2007 @01:57PM

A little Frenchie writes: Deutsche Telekom and Red Bull have deposited the color magenta, and the combination blue-argent as trademarks, banning their unauthorized use in the United States and Europe. The German company Deutsche Telekom declared that the color magenta is an integral part of its logo, prohibiting anyone from using it without his permission, even on a computer screen. Meanwhile, the makers of Red Bull drinks filed as a trademark combination of blue and silver that appears on its cans.

Slashdot Top Deals