Script Kiddie2d ago

#VeraCrypt, #WireGuard maintainers locked out by #Microsoft, unable to deliver Windows updates

source: cybernews.com/security/microso…

“Microsoft terminated the #account I have used for years to sign #Windows #drivers and the #bootloader,” Mounir Idrassi posted on #Sourceforge, explaining their absence over the past few months.

#software #update #security #cybersecurity #foss #floss #freedom #economy #bigtech #arbitrary #sabotage #fail #problem #news

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕3d ago

Hach ja, Micro$chrott…

«Microsoft sperrt Konto von VeraCrypt-Entwickler — Windows-Version hängt in der Luft:
@veracrypt Nutzer schauen gerade etwas in die Röhre. Mounir Idrassi, der Hauptentwickler hinter der #Software (die echt noch bei #Sourceforge rumhängt), meldet sich nach längerer Funkstille zurück und hat schlechte Nachrichten im Gepäck. #Microsoft hat sein Konto gesperrt, das er seit Jahren zum Signieren von #Windows-Treibern und dem #Bootloader genutzt hat.»

🤔 https://stadt-bremerhaven.de/microsoft-sperrt-konto-von-veracrypt-entwickler-windows-version-haengt-in-der-luft/

Microsoft sperrt Konto von VeraCrypt-Entwickler: Windows-Version hängt in der Luft

VeraCrypt-Nutzer schauen gerade etwas in die Röhre. Mounir Idrassi, der Hauptentwickler hinter der Software (die echt noch bei Sourceforge ...

artway5d ago

One remaining thing for today is replace gnudip.

Are you aware of #gnudip?

Chinese are!

Implementing RFC 2136 seems to be beyond their abilities so they dug this gnudip somehow and added to DynDNS options on some of their modern routers.

I found its source code on #sourceforge (yes, sourceforge! Remember that?), rewrote in Go, and happily used it for six months.

But now I have to say goodbye, gnudip. And not all routers support it, unfortunately.

Or it's better to go to bed?

RedPacket Security6d ago

CVE Alert: CVE-2018-25251 - Sourceforge - Snes9K 0.0.9z - https://www.redpacketsecurity.com/cve-alert-cve-2018-25251-sourceforge-snes9k-0-0-9z/

#OSINT #ThreatIntel #CyberSecurity #cve-2018-25251 #sourceforge #snes9k-0-0-9z

CVE Alert: CVE-2018-25251 - Sourceforge - Snes9K 0.0.9z - RedPacket Security

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception

RedPacket Security
Show threadC.Apr 4

winetricks has an `allfonts` action. Unfortunately, it loads some of the files from #SourceForge, and SourceForge has gone user-hostile. You can't link directly to a download anymore; they serve a web page instead, so they can show ads, with a timestamp in a meta-refresh URL which your browser then downloads from. But the winetricks script doesn't know how to do that, so it downloads the web page and tries to extract the font, and fails.

It would be more elegant to script this, but I just did it by hand. Run `winetricks allfonts` and it will install some stuff and then stop with a warning about a hash value not matching, and ask if you want to continue. Say "Y", then it will error out. The hash mismatch is because the file is the webpage, not the font file.

In the downloaded file - the full path to it will be in the error message winetricks prints right before exiting - look for the `meta` tag with a refresh property. That will be a URL with a timestamp in it. Copy that URL, and download the file (browser, wget/curl, whatever). Then move the downloaded file on top of the web page it downloaded, which will be in the wine environment.

Run `winetricks allfonts` again and repeat the cycle above for each failure. I think it was about 5 files I had to do it for.

Once it finishes without an error, you're ready. Run Ufile:

wine .wine_ufile/drive_c/"Program Files (x86)"/"UFile 2025"/ufile.exe

Voila, it runs.

3/x

Show threadCees de GrootMar 26

@codepo8 I need food and drink. Nobody needs GItHub (or its host, Microsoft). So that's a really bad analogy.

#forgejo #sourcehut #codeberg #sourceforge #selfhosted

LucianoMar 23

Estoy buscando, alternativa a github, lejos de las corpos, gitlab hmmmm... #sourceforge he leido buenos comentarios pero si me fijo en los resultados los primeros items son de comporaciones como GG , tiene pinta que esta re vendida...

Es triste ver que los repositorios, donde se alojan cientos de proyectos comunitarios de codigo abierto y libre sea usado con fines de promocionar productos y servicios de las corpos, cerrados, privativos y con costos.

RedPacket SecurityMar 22

CVE Alert: CVE-2019-25575 - Sourceforge - SimplePress CMS - https://www.redpacketsecurity.com/cve-alert-cve-2019-25575-sourceforge-simplepress-cms/

#OSINT #ThreatIntel #CyberSecurity #cve-2019-25575 #sourceforge #simplepress-cms

CVE Alert: CVE-2019-25575 - Sourceforge - SimplePress CMS - RedPacket Security

SimplePress CMS 1.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious

RedPacket Security
matthew - retroedge.techMar 16
I think a self-hosted gitea (or similar) instance on a sub-domain of the project's official website is way more legit than SourceForge... or GitHub, for that matter.

#OpenSource #SourceForge #GitHub

RT: https://toot.cat/users/plexus/statuses/116239689140063230
RedPacket SecurityMar 7

CVE Alert: CVE-2018-25178 - Sourceforge - Easyndexer - https://www.redpacketsecurity.com/cve-alert-cve-2018-25178-sourceforge-easyndexer/

#OSINT #ThreatIntel #CyberSecurity #cve-2018-25178 #sourceforge #easyndexer

CVE Alert: CVE-2018-25178 - Sourceforge - Easyndexer - RedPacket Security

Easyndexer 1.0 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating the file

RedPacket Security