je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.


Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks

Threatpost - 17 Listopad, 2017 - 22:50
Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library.
Kategorie: Hacking & Security

How to fix a program without the source code? Patch the binary directly

Ars Technica - 17 Listopad, 2017 - 22:24

Enlarge (credit: Flickr user: Ivan T)

When a company like Microsoft needs to fix a security flaw in one of its products, the process is normally straightforward: determine where the bug lies, change the program's source code to fix the bug, and then recompile the program. But it looks like the company had to step outside this typical process for one of the flaws it patched this Tuesday. Instead of fixing the source code, it appears that the company's developers made a series of careful changes directly to the buggy program's executable file.

Bug CVE-2017-11882 is a buffer overflow in the ancient Equation Editor that comes with Office. The Equation Editor allocates a fixed-size piece of memory to hold a font name and then copies the font name from the equation file into this piece of memory. It doesn't, however, check to ensure that the font name will fit into this piece of memory. When provided with a font name that's too long, the Equation Editor overflows the buffer, corrupting its own memory, and an attacker can use this to execute arbitrary malicious code.

Curious how a buffer overflow works? Previously on Ars we did a deep-dive explanation. (video link)

Read 7 remaining paragraphs | Comments

Kategorie: Hacking & Security

Amazon Promises Fix to Stop Key Service Hack

Threatpost - 17 Listopad, 2017 - 19:59
Amazon said it will offer a fix for its Amazon Key delivery service that allows hackers to tamper with a home security camera.
Kategorie: Hacking & Security

Skype faces fine after refusing to allow eavesdropping

Sophos Naked Security - 17 Listopad, 2017 - 19:01
The trouble began when authorities came knocking, wanting to listen in on organised crime

Twitter gets tough on white supremacists with new policy

Sophos Naked Security - 17 Listopad, 2017 - 17:27
Verified user badges are not an endorsement and and you can't be sure they'll always be there

Banking Trojan Gains Ability to Steal Facebook, Twitter and Gmail Accounts

The Hacker News - 17 Listopad, 2017 - 17:08
Security researchers have discovered a new, sophisticated form of malware based on the notorious Zeus banking Trojan that steals more than just bank account details. Dubbed Terdot, the banking Trojan has been around since mid-2016 and was initially designed to operate as a proxy to conduct man-in-the-middle (MitM) attacks, steal browsing information such as stored credit card information
Kategorie: Hacking & Security

Kaspersky: NSA Worker's Computer Was Already Infected With Malware

The Hacker News - 17 Listopad, 2017 - 15:51
Refuting allegations that its anti-virus product helped Russian spies steal classified files from an NSA employee's laptop, Kaspersky Lab has released more findings that suggest the computer in question may have been infected with malware. Moscow-based cyber security firm Kaspersky Lab on Thursday published the results of its own internal investigation claiming the NSA worker who took
Kategorie: Hacking & Security

Bug that deleted $300m could have been fixed months ago

Sophos Naked Security - 17 Listopad, 2017 - 13:52
The flaw was reported in August 2017 and mistaken for a “convenience enhancement”

KeePass – a password manager that’s cloud-less (but complex)

Sophos Naked Security - 17 Listopad, 2017 - 12:30
It does all the things you'd expect a password manager to do - without the cloud.

DJI bug bounty NDA is 'not signable', say irate infosec researchers - 17 Listopad, 2017 - 11:12 Chinese drone maker DJI faces questions from infosec researchers about its bug bounty programme. Sources have told The Register that a non-disclosure agreement (NDA) they were invited to sign would result in the company "owning their actions".
Kategorie: Hacking & Security

Kaspersky Lab – Beyond Black Friday Threat Report, November 2017

Kaspersky Securelist - 17 Listopad, 2017 - 11:00


The festive holiday shopping season, which covers Thanksgiving, Black Friday and Cyber Monday in late November as well as Christmas in December, now accounts for a significant share of annual sales for retailers, particularly in the U.S., Europe and APAC.

Those selling clothing, jewellery, consumer electronics, sports, hobbies and books can make around a quarter of their sales during the holiday period. In 2017, holiday sales in the U.S. alone are expected to be up by 3.6 to 4.0 per cent on the same time in 2016.

For brands looking to make the most of this annual spending spree, the desire to sell as much as possible at a time of intense competition is leading to ever more aggressive marketing campaigns – particularly online.

Promotional emails, banner ads, social media posts and more bombard consumers over the holiday months; generating a great deal of noise. Tactics such as one-click buying are designed to making the purchase process ever easier and faster. Further, up to three quarters of emails received on Black Friday and Cyber Monday are now opened on a mobile device. People are becoming used to making instant decisions – and that has significant security implications. They may miss vital signs that things are not what they seem and their data could be at risk.

All this makes this time of year an ideal hunting ground for hackers, phishers and malware spreaders; disguising their attacks as offers too good to refuse, a concerned security message from your bank requiring urgent attention, a special rate discount from your credit card service, and more. All you have to do is enter your personal details, card numbers or bank account credentials.

Not surprisingly, messages or links designed to look as if they come from well-known, trusted brands, payment cards and banks account for many of the malicious communications detected by Kaspersky Lab’s systems in the last few years.

Methodology and Key Findings

The overview is based on information gathered by Kaspersky Lab’s heuristic anti-phishing component that activates every time a user tries to open a phishing link that has not yet been added to Kaspersky Lab’s database. Data is presented either as the number of attacks or the number of attacked users. It updates the 2016 Black Friday overview report with data covering the fourth quarter of 2016 through to 18 October, 2017.

Key Findings:
  • Following a decline in 2015, financial phishing abusing online payment systems, banks and retailers increased again in 2016.
  • Financial phishing now accounts for half (49.77 per cent) of all phishing attacks, up from 34.33 per cent in 2015.
  • Mobile-first consumers are likely to be a key driver behind the rise in financial phishing: the use of smartphones for online banking, payment and shopping has doubled in a year, and mobile users will have less time to think and check each action, particularly if they are out and about.
  • Attack levels are now fairly consistent throughout the year; and Q4 data shows they are also more evenly spread in terms of the brand names the phishers make use of.
  • Data for both 2015 and 2016 shows a clear attack peak on Black Friday, followed by a fall. In 2016 the number of attacks fell by up to 33 per cent between Friday and Saturday, despite Saturday being the second biggest shopping day over the holiday weekend in the U.S.
  • Financial phishers are exploiting the Black Friday name in their attacks, as well as consumer awareness of, and concerns about online security – disguising their attack messages as security alerts, implications that the user has been hacked, or adding reassuring-sounding security messages.
Phishing – a universal threat

As earlier editions of the Black Friday overview have shown, phishing is one of the most popular ways of stealing personal information, including payment card details and credentials to online banking accounts. The schemes are fairly easy to set up, requiring limited investment and skills – and are mainly reliant on encouraging people to voluntarily part with their personal and financial information.

Originally spread mainly through emails – phishing attacks are now also carried out through website banners and pop-ups, links, instant messaging, SMS, forums, blogs and social media.

Percentage of users on whose computers Kaspersky Lab’s heuristic anti-phishing system was triggered as a proportion of the total number of Kaspersky Lab users in that country, Q1-Q3 2017

Phishing has a global reach. Kaspersky Lab data on attempted attacks shows that in 2017, China, Australia, Brazil were particularly vulnerable – with up to a quarter or more (28 per cent) of users targeted. Followed by North America., large parts of Western Europe, the Russian federation, Latin America, India and elsewhere – where up to one in six (17 per cent) were affected.

A new pool for phishers

During the holiday period, consumers can become more exposed online. An onslaught of promotional emails, offers and ads, the pressure to buy gifts, and a growing tendency to use their smartphone for everything, can mean that people are browsing and buying through a relatively small screen and often while out and about surrounded by distractions. Taken together, the can make them easier to mislead and manipulate through social engineering and high quality spoofed web interfaces.

The 2017 Kaspersky Cybersecurity Index shows how important smartphones have become for online banking, payment and retail transactions.

Between the first six months of 2016 and the same period in 2017, online shopping on smartphones increased from 24 per cent to 43 per cent; online banking from 22 per cent to 35 per cent; and the use of online payment systems from 14 per cent to 29 per cent. Further, the use of smartphones to send and receive emails grew from 44 per cent to 59 per cent over the same period.

The Kaspersky Lab phishing data used in this report focuses on the attack rather than the device the messages/links are received or opened on, but the trend towards mobile-first behavior among consumers is creating new opportunities for cybercriminals that they will not hesitate to capitalize on.

Financial phishing on the rise

As more people adopt online payment and shopping, the theft of financial information or credentials to online bank accounts is a growing target. The proportion of phishing attacks focused on financial data has risen steadily over the last few years and now accounts for half of all phishing attacks.

Financial phishing as a share of the overall number of phishing attacks, 2013 – 2017 (to end Q3)

This popularity means that attack levels now remain fairly consistent throughout the year. The gap that previously existed between the number of attacks experienced during the high spending holiday period, and those registered in the rest of the year, seemed to close in 2016.

The proportion of phishing that was financial phishing over the whole year, and during the holiday period

However, when you dig deeper into the data it becomes clear that the holiday season continues to represent a time of significant and greater risk of falling victim to financial phishing – mainly because of clear localized attack peaks, but probably also because of the increased vulnerability of distracted mobile shoppers and the surge of marketing noise.

Types of financial phishing

We define three categories of financial phishing, depending on what is being exploited: online banking, online payment or online shopping. Each type has evolved at a different, and not always consistent rate over the last few years.

2013 Full year Q4 Financial phishing total 31.45% 32.02% Online shop 6.51% 7.80% Online banks 22.20% 18.76% Online payments 2.74% 5.46% 2014 Full year Q4 Financial phishing total 28.73% 38.49% Online shop 7.32% 12.63% Online banks 16.27% 17.94% Online payments 5.14% 7.92% 2015 Full year Q4 Financial phishing total 34.33% 43.38% Online shop 9.08% 12.29% Online banks 17.45% 18.90% Online payments 7.08% 12.19% 2016 Full year Q4 Financial phishing total 47.48% 48.14% Online shop 10.41% 10.17% Online banks 25.76% 26.35% Online payments 11.55% 11.37% 2017 Q1-Q3   Financial phishing total 49.77%   Online shop 9.98%   Online banks 24.47%   Online payments 15.31%  

The change in the share of different types of financial phishing in 2013-2017

Attackers follow consumer adoption trends

Data for the first three quarters of 2017 shows a slight drop in all financial phishing categories with the exception of online payment systems.

Looking at the dynamics of Q4 attacks using the names of leading payment systems it is clear that cybercriminals are adapting to reflect the growing use of online payment methods such as PayPal. But overall, there seems to be a disappearance of extremes, with attacks spread more evenly across the different brand names.

The change in the use of online payment system brands in financial phishing attacks, Q4, 2013-2016

Multi-brand retailers remain a top choice for financial phishing

In terms of retail brand, the leading names used by attackers over the last few years have barely changed – but the number of attacks in Q4 using each brand have also become more evenly spread. This could reflect growing consumer adoption of online shopping. Most of the top names supply multiple brands (Amazon, Alibaba, Taobao, eBay).

The change in the use of online retail brands in financial phishing attacks, Q4 2013-2016

In short, financial phishing is no longer focused on one or two brands to the exclusion of all others, the attackers are widening their net – and this has far-reaching security implications. No brand can be assumed to be safe, or even safer.

Further, looking at the daily spread of attacks during the week leading up to Black Friday it can be seen that there are some major red flag days when consumers are more vulnerable than ever.

Black Friday attacks

The following chart shows how the number of financial phishing attacks peak on Black Friday (November 25 in 2016, and November 27 in 2015), followed by a decline – particularly in 2016 when attacks detected fell by 33 per cent within a day (from around 770,000 to 510,000 detections). Weekends generally see lower levels of attacks and fewer people online, but in the U.S. the day after Black Friday is the second biggest shopping day of the year.

The change in the number of phishing attacks using names of popular retail, banking and payment brands during Black Friday week 2015 and 2016 (data from all Kaspersky Lab security components – heuristic, offline and cloud detections)

Conclusion and advice

The main purpose of the report is to raise awareness of a threat that consumers, retailers, financial services and payments systems may encounter over the holiday season. Cybercriminals out for financial information and account details – and ultimately money – are increasingly adept at hiding in the noise, targeting their attacks and exploiting human emotions, such as fear and desire. For further information and advice, please see the full overview.

 Download the Beyond Black Friday Threat Report 2017

The Motherboard Guide to Not Getting Hacked - 17 Listopad, 2017 - 10:22 Do you want to stop criminals from getting into your Gmail or Facebook account? Are you worried about the cops spying on you? We have all the answers on how to protect yourself.
Kategorie: Hacking & Security

Mr. Robot – the security review

Sophos Naked Security - 17 Listopad, 2017 - 02:20
We analyse the latest security goings on in the world of Mr. Robot...

Oracle Issues Emergency Patches for ‘JoltandBleed’ Vulnerabilities

Threatpost - 16 Listopad, 2017 - 23:05
Oracle pushed out an emergency update for vulnerabilities dubbed 'JoltandBleed' affecting five of its products that rely on its proprietary Jolt protocol.
Kategorie: Hacking & Security

White House Releases VEP Disclosure Rules

Threatpost - 16 Listopad, 2017 - 20:19
The White House released a charter document on Wednesday outlining how the U.S. government will disclose cyber security flaws and when it will keep them secret.
Kategorie: Hacking & Security

Ransomware via RDP – how to stay safe! [VIDEO]

Sophos Naked Security - 16 Listopad, 2017 - 20:00
Crooks love to get into your network and wander around as if they were on your IT team. Here'e one good reason why you want to stop them!

Hackerský útok na Účtenkovku přišel ze zahraničí - bezpečnost - 16 Listopad, 2017 - 15:23
Útok na webové stránky loterie Účtenkovka měli na svědomí zahraniční hackeři. Uvedlo to ve čtvrtek odpoledne ministerstvo financí s tím, že kybernetičtí nájezdníci vyřadili web z provozu prostřednictvím techniky zvané DDoS (Distributed Denial of Service).
Kategorie: Hacking & Security

Editor rovnic ohrožuje všechny novější verze Windows a Office. Chyba existuje už 17 let - bezpečnost - 16 Listopad, 2017 - 14:33
Editor rovnic Microsoftu se těší velké popularitě mezi studenty, ale své uplatnění nachází i v některých profesích. Bezpečnostní experti však v tomto modulu odhalili kritickou zranitelnost, která umožňuje spuštění libovolného škodlivého kódu. Stačí přitom jen otevřít nebezpečný dokument. Bližší ...
Kategorie: Hacking & Security

Cryptocurrencies – from controversial practices to cyber attacks

InfoSec Institute Resources - 16 Listopad, 2017 - 14:29

Entrepreneurs, governments, hackers, and fraudsters are becoming even more interested in cryptocurrencies. To conduct financial transactions is very easy, but the numerous incidents that have happened recently raise the alert level. Another element of concern is the apparent volatility of the value the cryptocurrencies. Principal actors in the world of digital transactions are the exchanges […]

The post Cryptocurrencies – from controversial practices to cyber attacks appeared first on InfoSec Resources.

Cryptocurrencies – from controversial practices to cyber attacks was first posted on November 16, 2017 at 7:29 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at
Kategorie: Hacking & Security

YASAT - A Simple Security Auditing Tool - 16 Listopad, 2017 - 13:20 YASAT (Yet Another Stupid Audit Tool) is a simple audit tool with minimum binary dependencies (only sed, grep and cut).
Kategorie: Hacking & Security
Syndikovat obsah