Why are we still attempting to smart off hackers? [on hold]

Isn’t it better to “open” our doors, ajar, leaving a bit of honey behind the door, instead of trying to close what makes it more interesting for the hacker to keep on the operation?

Maybe using a trap behind the open door?

To give a real-world example, leaving the key under the house’ door mat, you make the key available to the intruder and so you try to hide it, it will help to leave the house open and “faking the infrastructure”.

How did hackers get in?

There has been some fraudulent access to my machine. I can see in browser history that they’ve tried to buy gift cards, tried to access PayPal, amazon, etc.

I’ve turned off networking to the machine, but I’d like to know how they got access. Is there something I can search in the console logs to show a list of remote access times? And IP addresses?

Como proteger um plugin premium do WordPress contra distribuição ilegal – hackers

Quais as maneira conhecidas para proteção de plugins premium, contra uso irregular? 🤓 🤔

Você quer lançar um plugin pago, o que pode ser feito para prevenir se não dificultar a distribuição ilegal(craqueada) do plugin?

Técnicas como chamadas para um servidor remoto para verificação da chave/dominio do plugin poderiam dificultar isso. Porém poderiam ser alteradas no código, então invalidando a técnica.

Então, que ideias vocês teriam dentro desse âmbito visando proteger o direito de distribuição do plugin.

(404 Errors) Why are hackers looking for directories named “/najwutoanfga/” and other 10-12 char strings of random letters?

I was looking through the 404 errors of my nginx logs today to see what the hackers are trying to do on my website.

I usued this command:

cat access.log | grep '404' 

I saw the usual requests for directories like “/admin.”, “/backup/”, or “/private/” but I also see a few requests like these:

"GET /yatjgmatiak/ HTTP/1.1"  "GET /gkjasdhytkaf/ HTTP/1.1"  "GET /ukaewlinfsda/ HTTP/1.1"  "GET /vankhasgeskl/ HTTP/1.1" 

There aren’t that many of them (only about 50 total requests) so if it were a brute force attempt at trying to find an admin panel, it would be a poor one.

What do you think these hackers are looking for or trying to do?

Does Lawful Interception of 4G / the proposed 5G provide a back door for hackers as well?

A common saying among people in the field of cryptography and security is that when providing a back door to law enforcement, you also provide a back door for hackers.

I was trying to examine the implementation of Lawful Interception from 4G and the proposed implementation in 5G and to me it looks secure. The only way for a hacker to gain information that they shouldn’t would be if they knew the private key of the base station.

If we assume that the private key of the base station is secure, what could a hacker do that they could not have done without Lawful Interception being implemented?

Is my credit card information “wide open to hackers” without VPN?

I saw an ad for a vpn provider recently where they claimed that, without using a vpn, my credit card information is “wide open to hackers” while shopping on-line. I guess the implication here was that vpns are encrypted, while regular connections are not. However, isn’t https encrypted, and therefore safe to use without vpn? And aren’t on-line stores required to use https or other forms of secure payment?