Bezbedan Balkan
Portal

Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  

Search Forums

(Advanced Search)

Forum Statistics
» Members: 104
» Latest member: Lazar.Ivkovic
» Forum threads: 812
» Forum posts: 2,144

Full Statistics

Latest Threads
patika, fashion, itd scam...
Forum: Phishing / Scam / Spam kampanje
Last Post: milos_rs
4 hours ago
» Replies: 8
» Views: 89
CFM VAS i generalno Value...
Forum: Phishing / Scam / Spam kampanje
Last Post: milos_rs
09-19-2023, 10:36 PM
» Replies: 17
» Views: 7,787
Mobi Banka Phishing
Forum: Phishing / Scam / Spam kampanje
Last Post: milos_rs
09-19-2023, 09:24 PM
» Replies: 1
» Views: 25
Na prodaju mejlovi sa min...
Forum: Kompromitovani resursi
Last Post: 1van
09-18-2023, 09:28 AM
» Replies: 3
» Views: 223
Vakcina za ransomware
Forum: Alati, servisi i tutorijali
Last Post: Petar
09-17-2023, 10:40 PM
» Replies: 7
» Views: 4,264
CyberSecurity, kako pocet...
Forum: Seminari, predavanja, radionice, konferencije
Last Post: Petar
09-17-2023, 08:15 PM
» Replies: 0
» Views: 42
NLB Komercijalna banka up...
Forum: Phishing / Scam / Spam kampanje
Last Post: milos_rs
09-17-2023, 02:56 PM
» Replies: 0
» Views: 41
Novak Đoković iskoriš...
Forum: Phishing / Scam / Spam kampanje
Last Post: milos_rs
09-14-2023, 05:39 PM
» Replies: 5
» Views: 1,784
BIRN: Surveillance States...
Forum: Vesti, zanimljivosti i razno
Last Post: 1van
09-14-2023, 04:12 PM
» Replies: 0
» Views: 32
Povernik/RTS: Naši podac...
Forum: Vesti, zanimljivosti i razno
Last Post: 1van
09-14-2023, 04:10 PM
» Replies: 0
» Views: 28

 
  Mobi Banka Phishing
Posted by: 1van - 09-19-2023, 07:17 PM - Forum: Phishing / Scam / Spam kampanje - Replies (1)

Izvor: https://twitter.com/urosevic/status/1703395476005847061, arhivirano: https://archive.ph/OaUXi.

   

   

Print this item

  patika, fashion, itd scam sajtovi koji kradu kreditne kartice - objedinjeni spisak
Posted by: milos_rs - 09-19-2023, 02:52 PM - Forum: Phishing / Scam / Spam kampanje - Replies (8)

Pošto se često javljaju ovi sajtovi a nema nekog smisla praviti milion postova kada se radi o istoj prevari i verovatno istoj ekipi ili nekoliko ekipa prevaranata iza njih.

Smislio sam kako da ih lako pronalazim, napravio sam skriptu koja koristi certstream Python biblioteku da gleda sve izdate sertifikate koji se vide kroz Certificate Transparency i da mi izbacuje one koji sadrže neke ključne reči. Jes da moram ručno da pogledam šta je sve izašlo i da proverim da li je scam ili nije, ali nema veze.

Ovde ću da ih stavljam u odvojene komentare ali evo spisak svih pronađenih i dole prvi set pronađenih...

lowaonlinesrbija[.]com has address 165.231.180.89
loakesrbijastore[.]com has address 104.21.21.113 (cloudflare)
katespadesrbija[.]com has address 196.196.152.237
puma-serbia[.]com has address 196.245.238.201
norronasrbija[.]com has address cloudflare (site down)
eccosrbijaonline[.]com redirektuje na eccosrbija.top
eccosrbijaonline[.]com has address 196.196.194.182
eccosrbija[.]top has address 196.196.194.182
gymsharksrbija[.]com has address 165.231.87.75
Tentative Pošta scam - serbian-post[.]com
northfacessrbija[.]com has address 188.114.97.2 (cloudflare)
woolrichsrbija[.]com has address 196.197.12.31
pumaisrbija[.]com has address 188.114.96. (cloudflare)
uggcizmesrbija[.]com has address 196.196.208.100
northsailssrbija[.]com has address 196.197.12.9
michaelkorsoutletsrbija[.]com has address 196.245.230.97
filainsrbija[.]com has address 5.157.8.230
miumiusrbija[.]com has address 188.114.97.2 (cloudflare)
lancastersrbija[.]com has address 196.196.208.147
jlindebergsrbija[.]com has address 196.197.12.49
gymsharksrbijaonline[.]com has address 196.196.194.185
jordansrbijapatike[.]com has address 196.245.159.154
vansshopsrbija[.]com has address 104.160.2.216



Patika scam - lowaonlinesrbija

lowaonlinesrbija[.]com has address 165.231.180.89

Code:
Domain Name: lowaonlinesrbija.com
Registry Domain ID: 2788163550_DOMAIN_COM-VRSN
Registrar WHOIS Server: grs-whois.aliyun.com
Registrar URL: http://www.alibabacloud.com
Updated Date: 2023-06-08T06:54:40Z
Creation Date: 2023-06-08T06:54:40Z
Registrar Registration Expiration Date: 2024-06-08T06:54:40Z


Patika scam - loakesrbijastore

loakesrbijastore[.]com has address 104.21.21.113 (cloudflare)
loakesrbijastore[.]com has address 172.67.198.75 (cloudflare)


Code:
Domain Name: loakesrbijastore.com
Registry Domain ID: 2786338124_DOMAIN_COM-VRSN
Registrar WHOIS Server: grs-whois.aliyun.com
Registrar URL: http://www.alibabacloud.com
Updated Date: 2023-06-02T01:49:51Z
Creation Date: 2023-06-02T01:49:51Z
Registrar Registration Expiration Date: 2024-06-02T01:49:51Z
Registrar: ALIBABA.COM SINGAPORE E-COMMERCE PRIVATE LIMITED



fashion scam - katespadesrbija

katespadesrbija[.]com has address 196.196.152.237

Code:
Registry Domain ID: 2793494665_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.paknic.com
Registrar URL: http://www.paknic.com/
Updated Date: 2023-09-15T06:31:37Z
Creation Date: 2023-06-26T01:04:53Z
Registrar Registration Expiration Date: 2024-06-26T01:04:53Z
Registrar: Paknic Private Limited
Registrar IANA ID: 1367
Registrar Abuse Contact Email: domainabuse@paknic.com
Registrar Abuse Contact Phone: +92.4237421615

patika scam - puma-serbia

puma-serbia[.]com has address 196.245.238.201


Code:
Domain Name: PUMA-SERBIA.COM
Registry Domain ID: 2794975095_DOMAIN_COM-VRSN
Registrar WHOIS Server: grs-whois.aliyun.com
Registrar URL: http://www.alibabacloud.com
Updated Date: 2023-07-01T03:07:51Z
Creation Date: 2023-07-01T03:05:53Z
Registry Expiry Date: 2024-07-01T03:05:53Z
Registrar: ALIBABA.COM SINGAPORE E-COMMERCE PRIVATE LIMITED

fashion & outdoor scam - norronasrbija

norronasrbija[.]com has address cloudflare (site down)

Code:
Domain Name: norronasrbija.com
Registry Domain ID: 2764747578_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.regtons.com
Registrar URL: http://regtons.com
Updated Date: 2023-03-13T00:00:00Z
Creation Date: 2023-03-13T00:00:00Z
Registrar Registration Expiration Date: 2024-03-13T00:00:00Z
Registrar: GRANSY S.R.O D/B/A SUBREG.CZ
Registrar IANA ID: 1505
Registrar Abuse Contact Email: abuse@regtons.com
Registrar Abuse Contact Phone: +420.734463373

patika scam - eccosrbijaonline

eccosrbijaonline[.]com redirektuje na eccosrbija.top
eccosrbijaonline[.]com has address 196.196.194.182
eccosrbija[.]top has address 196.196.194.182

Code:
Domain Name: eccosrbija.top
Registry Domain ID: D20230220G10001G_96637240-top
Registrar WHOIS Server: whois.publicdomainregistry.com
Registrar URL: http://publicdomainregistry.com
Updated Date: 2023-03-28T18:28:50Z
Creation Date: 2023-02-20T08:15:45Z
Registry Expiry Date: 2024-02-20T08:15:45Z
Registrar: PDR Ltd
Registrar IANA ID: 303
Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
Registrar Abuse Contact Phone: +91.2013775952


Code:
Domain Name: ECCOSRBIJAONLINE.COM
Registry Domain ID: 2738618258_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.publicdomainregistry.com
Registrar URL: www.publicdomainregistry.com
Updated Date: 2023-01-15T04:05:04Z
Creation Date: 2022-11-15T07:37:59Z
Registrar Registration Expiration Date: 2023-11-15T07:37:59Z
Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
Registrar IANA ID: 303
Print this item

  CyberSecurity, kako poceti? (Decentrala radionica)
Posted by: Petar - 09-17-2023, 08:15 PM - Forum: Seminari, predavanja, radionice, konferencije - No Replies

Zdravo,

Sutra, 18. Septembra u ponedeljak, u DC Krovu (ispod Vukovog Spomenika) je prezentacija na temu: CyberSecurity, kako poceti?  od 19h.
Ulaz je kao i uvek otvoren za sve zainteresovane a ko ne moze da stigne neka isprati forum bice okaceni materijali i izvestaj sa radionice.

Ideja da ukazemo na neke smernice sa ciljem da ce olaksati taj prvi i najtezi korak kada se pocinje nesto. Cilj je da zainteresujemo ljude da zakorace u CyberSecurity vode, bilo u blue team ili u red, kome sta vise odgovara i gde se lakse snanje.

Za radionicu nije potrebno poneti nista, samo dobar duh.


Pozdrav i vidimo se.

Print this item

  NLB Komercijalna banka upozorava na phishing kampanju. Druge banke takođe ciljane
Posted by: milos_rs - 09-17-2023, 02:56 PM - Forum: Phishing / Scam / Spam kampanje - No Replies

upozorenje od NLB:

   

kako liči kampanja: za NLB preko fejsbuka:

   

dodatni izvor za NLB https://www.b92.net/biz/vesti/srbija/ban...to-2400503

kad sam otvorio anketi-rs[.]online zapravo sam dobio stranicu za Mobi Banku:

   

posle kratke i glupe ankete nudi da se "Prijavite se na svoj nalog" koji vodi na anketi-rs[.]online/login.php :

   

pri unosu "podataka" vrti kružić kao da nešto radi a ne radi ništa.

Mobi banka je takođe upozorila na ovo https://www.mobibanka.rs/sr/stanovnistvo...m-mrezama/


Code:
anketi-rs[.]online has address 31.31.196.244 (org-name: "Domain names registrar REG.RU", Ltd)

Domain name: ANKETI-RS.ONLINE
Registry Domain ID: D383247594-CNIC
Registrar WHOIS Server: whois.reg.com
Registrar URL: https://www.reg.com
Registrar URL: https://www.reg.ru
Updated Date: 2023-08-31T17:13:25.0Z
Creation Date: 2023-07-26T12:48:20.0Z
Registrar Registration Expiration Date: 2024-07-26T23:59:59.0Z
Registrar: Registrar of domain names REG.RU LLC
Registrar IANA ID: 1606
Print this item

  BIRN: Surveillance States: Monitoring of Journalists Goes Unchecked
Posted by: 1van - 09-14-2023, 04:12 PM - Forum: Vesti, zanimljivosti i razno - No Replies

Quote:Using new spyware technology as well as bugs and wiretaps, authorities in various Central and South-East European countries continue to monitor reporters and their sources, journalists who have been under surveillance told BIRN.
...
Predator is a type of spyware similar to Pegasus but created by a company called Cytrox in North Macedonia.
...

Link: https://balkaninsight.com/2023/09/14/sur...st-europe/

Print this item

  Povernik/RTS: Naši podaci se u digitalnom svetu prodaju za debele pare
Posted by: 1van - 09-14-2023, 04:10 PM - Forum: Vesti, zanimljivosti i razno - No Replies

Quote:U digitalnom svetu svi naši podaci imaju vrednost. Poverenik za informacije od javnog značaja i zaštitu podataka o ličnosti Milan Marinović kaže za RTS da podatke imamo svi i da treba da ih čuvamo jer lako mogu biti zloupotrebljeni. Ističe da u razne svrhe moramo da dajemo podatke, što je najčešće zakonito, ali savetuje da treba biti posebno oprezan kada ih traži neko s kim nemamo iskustva i ko je nepoznat.

Link: https://www.rts.rs/lat/vesti/drustvo/527...avati.html

Print this item

  Nova runda Nike patika scam sajtova
Posted by: milos_rs - 09-14-2023, 03:10 PM - Forum: Phishing / Scam / Spam kampanje - No Replies

nikesrbijapatike .com has address 165.231.180.38
Creation Date: 2023-08-25T07:07:00Z
Registrar: ALIBABA.COM SINGAPORE E-COMMERCE PRIVATE LIMITED

nikesrbijaeshop .com has address 165.231.180.40
Creation Date: 2023-08-16T04:14:33Z
Registrar: ALIBABA.COM SINGAPORE E-COMMERCE PRIVATE LIMITED

nikestoresrbija .com has address 196.245.238.121
Creation Date: 2023-08-08T01:23:24Z

od ranije još uvek aktivni:

nikesrbija .com has address cloudflare
Creation Date: 2022-07-13T03:18:19Z

nikesrbijars .com has address 5.157.51.179
Creation Date: 2022-12-08T08:19:20Z

Print this item

  OWASP: Chapter Croatia Physical Meetup (SRCE, Zagreb)
Posted by: 1van - 09-14-2023, 10:48 AM - Forum: Seminari, predavanja, radionice, konferencije - No Replies

Quote:Details

Hello everyone, it’s time for our OWASP Croatia meetup. This time, we will meet in person.

Location: Public Lecture Room inside the SRCE/CARNet building on floor -1 (Ul. Josipa Marohnića 5, 10000, Zagreb). Thursday, 21.9.2023 @ 18:00.

Huge thanks to the National CERT (cert.hr) and SRCE (srce.hr) for providing the venue!

We have two topics for this meetup:

Leon Juranic: Evil-Colon attacks
Luka Porobija: NIS2 EU direktiva - Cybersec goes mainstream

Talk abstracts and biographies follow:

Leon Juranic: Evil-Colon attacks
Bio:
Leon Juranic is security research team lead at Mend where he works on improving application security products. He has decades of experience in information security and application security. He founded Defensecode company, most famous for its DAST and SAST products. Defensecode is later acquired by WhiteSource/Mend. Leon has numerous vulnerability advisories and CVEs on his belt. He has been 3 times slashdotted.

Sažetak:
Evil-Colon has the potential to cause severe disruption to your code if not properly addressed. Discover how Evil-Colon attacks work, what their implications are, and how you can defend your code from them.

Luka Porobija: NIS2 EU direktiva - Cybersec goes mainstream

Bio:
Luka Porobija, odvjetnik partner u Porobija & Špoljarić d.o.o.
Luka je odvjetnik specijaliziran za IT & TMT sa višegodišnjim iskustvom rada s klijentima iz vertikale IT/TMT sektora (infrastruktura, hardver, softver) gdje se izravno i neizravno susretao sa pitanjima i problematikom kibernetičke sigurnosti.

Sažetak:
Donošenjem NIS2 direktive i njezinom budućom implementacijom u zakonodavstva EU članica doći će do značajnog proširenja kruga subjekata koji postaju regulirani i zakonom obvezani osigurati visoku razinu sigurnosti svojih informatičkih sustava, te da međusobno razmjenjuju informacije o sigurnosnim incidentima i ugrozama.

Posljedice uvođenja NIS2 očitovati će se na značajno širi spektar poslovnih subjekata od onih izravno obuhvaćenih propisima, ali i na same profesionalce u polju informacijske sigurnosti, te bi se moglo reći da se radi o najznačajnijoj ne-tehničkoj pojavi u polju informacijske i kibernetičke sigurnosti
posljednjih godina.

U predavanju će se govoriti o:
- Implementacija NIS 2 u RH kroz Zakon o kibernetičkoj sigurnosti
- SOA kao civilni regulator?
- Osnovni kriteriji određivanja obveznika zakona
- Izravne i neizravne posljedice implementacije NIS2 na razini EU
- Što bi implementacija NIS2 mogla značiti za profesionalce u polju kibernetičke sigurnosti

Link: https://www.meetup.com/owasp-croatia-mee...296055257/

Print this item

  Početak Amber alerta u Srbiji: Mediji obavezni da izveštavaju o nestanku
Posted by: 1van - 09-13-2023, 12:49 PM - Forum: Vesti, zanimljivosti i razno - No Replies

Quote:Mediji će biti dužni da bez odlaganja objavljuju informacije o nestanku deteta nakon što dobiju obaveštenje od ministarstva nadležnog za poslove informisanja, predviđa novi pravilnik Regulatornog tela za elektronske medije (REM).

Mediji će biti dužni da bez odlaganja objave obaveštenje i da ga emituju redovno u naredna 48 sata. Obaveštenja prvih osam sati moraju da se emituju na svakih 30 minuta, a posle toga na svakih 50 minuta.

Nakon isteka roka od 48 sati od prvog objavljivanja, prestaje obaveze daljeg objavljivanja obaveštenja.

Kada nestalo maloletno dete bude pronađeno, mediji moraju da prekinu program i obaveste javnost o tome da je dete pronađeno.

Izvor: https://novaekonomija.rs/vesti-iz-zemlje...o-nestanku

Print this item

  Konferencija povodom 5 godina rada Digitalnog forenzičkog centra
Posted by: 1van - 09-13-2023, 12:29 PM - Forum: Seminari, predavanja, radionice, konferencije - No Replies

Quote:28. jun 2023. godine
09:30h
Hotel Hilton, Podgorica

Na konferenciji će se obratiti ambasadorka SAD u Crnoj Gori Džudi Rajzing Rajnke i naš Milan Jovanović, koji će se osvrnuti na rad DFC-a u prethodnih 5 godina.

Konferencija će obuhvatiti dva panela sa temama:
(Dez)informaciono okruženje i jačanje otpornosti
Percepcija stranog uticaja u domaćim i regionalnim medijima.

Izvor: https://twitter.com/dfcmedotme/status/17...8547441120

Print this item