Tag Archive for: explore

Explore print server alternatives to avoid IT headaches

/in


While matters related to printing have always been a challenge for IT, the fallout from the 2021 PrintNightmare vulnerability has spurred more enterprises to find other ways to handle their print server infrastructure.

Window Server print servers are easy enough to spin up but difficult to maintain. Users can also find it mystifying to parse why a print job didn’t execute as expected, which leads to more help desk tickets and ties up valuable IT resources in a troubleshooting exercise. There are many print server alternatives on the market designed to give IT more insight into printing problems, hand users more control over their print jobs and offer enterprises the visibility into how much is spent on printing and where.

Why PrintNightmare made printing even more complicated

The PrintNightmare vulnerability (CVE-2021-34527) surfaced in July 2021 and gave attackers a way to remotely execute code on Windows desktop and server systems through a Windows print spooler bug. A threat actor who manages to exploit this vulnerability could perform privileged operations such as installing software, accessing data or creating user accounts.

Microsoft released patches to correct the vulnerability, but one major consequence is that print driver installation now requires administrator privileges. With users no longer able to install or update existing print drivers due to PrintNightmare mitigations, administrators have had to investigate different configuration options or attempt to circumvent the security measures through registry changes that are not sanctioned by Microsoft.

Where a third-party print server alternative can help

For enterprises with a mix of printers across multiple sites, the changes ushered in by the PrintNightmare patch made an already difficult management job even more troublesome. Administrators lost the flexibility to let users install print drivers unless they skirted security protocols and gave escalated privileges.

Many products offer more security options to give users more control over print jobs that are not available in Windows Server print server. For example, pull printing is a feature some vendors offer that only gives the authenticated user the ability…

Source…

Crawl through dungeons, hack computers, or explore an undersea base: Dungeon Crawler Jam

/in


Before computers had the hardware for 3D games, some games still managed a 3D view on a limited scale in dungeon crawlers. The 3D views were created with prerendered walls and ground that were composed together. Due to this you were restricted to 90 degree turns and movement was restricted to squares on a grid. The game might draw a few in between frames when walking forward but those were already rendered and you couldn’t stop halfway between these squares.

Last year dungeoncrawlers.org organized the Dungeon Crawler Jam 2021. They returned again this year and over forty games were submitted. Some are very much in the vein of classic dungeon crawlers, while others have modern elements. I have not played through them all but have picked some the entries that I’ve tried and recommend. Games without Linux versions were run on the latest Wine version available on Fedora. There may be some small spoilers in the descriptions but I’ve tried to keep that to a minimum.

Cycle of Spore

An explosion knocked you unconscious while on a school trip to a garden maze. The explosion has spread seedlings everywhere. Most of your classmates are probably infected but you focus on trying to find your friends.

The purple and cyan colors of the environment and monsters contribute to the horror setting. Your health is represented with leaves on a vine which fits the setting. Sometimes the monster graphics didn’t appear but otherwise I didn’t have any problems playing the game.

Xenoseekers

An alien spacecraft broke apart in low orbit and rained debris and toxic substances down on the earth. Humanity used the alien technology to construct domed cities but cannot repair the machines. You are a relic seeker travelling the wasteland for alien technology to keep the domed cities functioning.

You start in the safety of your vehicle. You can purchase equipment and save before descending into a dungeon. The toxic air requires you to bring your own oxygen which limits the time you have to explore. Beware of the mutant creatures inhabiting the dungeons. After collecting as much as you feel is safe, you can drive to a new dungeon to explore.

Aegir Rising

You awake with no memory but a voice…

Source…

Explore Lincolnshire’s secret long-lost nuclear bunker

/in


Did you know that just a short drive away from here, deep below the Lincolnshire Wolds, there lies a cavernous former nuclear bunker built at the height of the Cold War?

Just 30 miles south of Grimsby exists a one-time command centre designed to safeguard the lives of 130 of the most powerful people in Britain.

The base at the villlage of Skendleby, near Spilsby, was among the biggest of the nation’s underground networks and would have become a key survival centre had Britain come under attack from Russian nuclear weapons.

Read more: The day the Humber Bridge ‘collapsed’ captured in vintage photos

Work began on the site in complete secrecy in 1953.

Encased behind inch-thick steel doors and thousands of tons of concrete, the facility was kitted out so key government and military personnel could stay underground for three months, without any need for contact with the outside world.

The stairs to leading out of the bunker
The stairs leading out of the bunker

The bunker was prepped for use during the Cuban missile crisis in the early 1960s and the nuclear power race between the USA and the USSR.

Later in the decade the RAF handed the site over so it could begin a new life as a civil defence regional headquarters that controlled Lincolnshire, Nottinghamshire and Derbyshire.

After the collapse of the Soviet Union in 1991, the bunker was decommissioned and sold off.

The plant room which controlled the air conditioning at the bunker
The plant room which controlled the air conditioning at the bunker

Back in 2003, it was bought by global computer security company CentriNet who specialised in keeping hackers and viruses out of Government departments, banks and airlines.

Before the sale, local media were invited to take one last look around the building.

What struck visitors the most was that there was little on the surface to alert you that beneath your feet was 21,000 sq feet of open space.

It's a big place - a long corridor at the bunker
It’s a big place – a long corridor at the bunker

All that was visible above ground were four green ventilation towers, a radio mast, and the unobtrusive ‘bungalow’ entrance building, partially hidden by trees and hedges.

But underground it was a wholly different story.

See more pictures in the gallery below

Source…

Researchers Explore Hacking VirusTotal to Find Stolen Credentials

/in


Security researchers have found a method to collect vast amounts of stolen user credentials by executing searches on VirusTotal, the online service used to analyze suspicious files and URLs.

With a €600 (around $679) VirusTotal license and a few tools, the SafeBreach research team collected more than a million credentials using this technique. The goal was to identify the data a criminal could gather with a license for VirusTotal, which is owned by Google and provides a free service that can be used to upload and check suspicious files and links using several antivirus engines.

A licensed user on VirusTotal can query the service’s dataset with a combination of queries for file type, file name, submitted data, country, and file content, among others. The SafeBreach team created the idea of “VirusTotal hacking” based on the method of “Google hacking,” which criminals use to look for vulnerable websites, Internet of Things devices, Web shells, and sensitive data leaks.

Many information stealers collect credentials from different forums, mail accounts, browsers, and other sources, and write them to a fixed hard-coded file name — for example, “all_credentials.txt” — then exfiltrate this file from the victim’s device to the attackers’ command-and-control server. Using this method, researchers took VirusTotal tools and APIs such as search, VirusTotal Graph, and Retrohunt, and used them to find files containing stolen data.

“It is quite a straightforward technique, which doesn’t require strong understanding in malware,” says Tomer Bar, director of security research at SafeBreach. “All you need is to choose one of the most common info stealers and read about it online.”

The researchers conducted their research using known malware including RedLine Stealer, Azorult, Raccoon Stealer, and Hawkeye as well as known forums such as DrDark and Snatch_Cloud to steal sensitive data. They found their method works at scale.

RedLine Stealer is a form of malware sold on underground forums via a stand-alone purchase or subscription. It uses browsers to collect data such as saved credentials, autocomplete data, and credit card details. When it runs on a target machine, the malware takes a…

Source…