Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Fearing Shadow Brokers leak, NSA reported critical flaw to Microsoft

Ars Technica - 17 Květen, 2017 - 21:41

Enlarge / An aerial view of the NSA. (credit: nsa.gov)

After learning that one of its most prized hacking tools was stolen by a mysterious group calling itself the Shadow Brokers, National Security Agency officials warned Microsoft of the critical Windows vulnerability the tool exploited, according to a report published Tuesday by The Washington Post. The private disclosure led to a patch that was issued in March.

Those same NSA officials, according to Tuesday's report, failed to communicate the severity of the vulnerability to the outside world. A month after Microsoft released the patch, the Shadow Brokers published the attack code, code-named EternalBlue, that exploited the critical Windows vulnerability. A month after that, attackers used a modified version of EternalBlue to infect computers around the world with malware that blocked access to data. Within hours of the outbreak of the ransomware worm dubbed WCry, infected hospitals turned away patients; banks, telecommunications companies, and government agencies shut down computers.

"NSA identified a risk and communicated it to Microsoft, who put out an immediate patch," Mike McNerney, a former Pentagon cybersecurity official and a fellow at the Truman National Security Project, told The Washington Post. The problem, he said, is that no senior official took the step of shouting to the world: "This one is very serious, and we need to protect ourselves."

Read 9 remaining paragraphs | Comments

Kategorie: Hacking & Security

APT3 Linked to Chinese Ministry of State Security

Threatpost - 17 Květen, 2017 - 20:52
Researchers claim that APT3, widely believed to be a China-based threat actor, is directly connected to the Chinese Ministry of State Security (MSS).
Kategorie: Hacking & Security

News in brief: warning on extending laptop ban; telecom customers alerted; watchdog opens data probe

Sophos Naked Security - 17 Květen, 2017 - 19:31
Your daily round-up of some of the other stories in the news

Next Payload Could be Much Worse Than WannaCry

Threatpost - 17 Květen, 2017 - 19:19
Researchers urge Windows admins to apply MS17-010 before the next attack using the EternalBlue NSA exploit deploys a worse payload than WannaCry ransomware.
Kategorie: Hacking & Security

How Big Fuzzing helps find holes in open source projects

Sophos Naked Security - 17 Květen, 2017 - 17:35
Google's beta project, OSS-Fuzz, has found 264 vulnerabilities in 47 open-source projects - so is it an idea whose time has come?

Jak zastavit ransomware

CSIRT.cz - 17 Květen, 2017 - 15:26
Kategorie: Hacking & Security

Cryptocurrency-mining malware cashes in on NSA exploit that enabled WannaCry

Sophos Naked Security - 17 Květen, 2017 - 15:14
WannaCry continues to hit headlines, but it's not the first piece of malware to make use of the NSA's EternalBlue exploit

Takto se šířil WannaCry hodinu po hodině. Zaútočil v pátek během snídaně

Zive.cz - bezpečnost - 17 Květen, 2017 - 15:11
** První úder dorazil v pátek ráno ** Útočníci asi moc nevydělali ** Vedou stopy do KLDR?
Kategorie: Hacking & Security

Útok viru WannaCry byl amatérský a plný chyb

Novinky.cz - bezpečnost - 17 Květen, 2017 - 14:58
Zatímco velké společnosti zabývající se kybernetickou bezpečností poukazují na severokorejské stopy nedávného útoku nového vyděračského programu WannaCry, americký magazín Wired si všímá amatérismu, kterého se podle něj strůjci škodlivého softwaru dopustili.
Kategorie: Hacking & Security

Cracking a WPA2 Encryption Password File

InfoSec Institute Resources - 17 Květen, 2017 - 14:00

In this article will learn how you can crack WPA2 encryption password file. How to secure Wi-Fi? If you want to secure 100% wireless network, then the best method is to disable wireless, but if you use it, then you cannot. Wi-Fi was first developed in the late 1990s, with WEP encryption which stands for […]

The post Cracking a WPA2 Encryption Password File appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Metasploitable: 1 – Walkthrough

InfoSec Institute Resources - 17 Květen, 2017 - 14:00

Metasploitable: 1 surfaced on VulnHub on May 19th, 2010. Created by Metasploit, it can be found at https://www.vulnhub.com/entry/metasploitable-1,28/. It is the first machine in the Metasploitable series. The objective is to get root privileges. For the attacking machine, I will be using Kali 2017.1. Once booted, this is what the victim machine will look like: […]

The post Metasploitable: 1 – Walkthrough appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Brooks Brothers reveals theft of payment card details

Sophos Naked Security - 17 Květen, 2017 - 13:35
Retailer suggests 'unauthorized individual' was behind the breach - and says it's now resolved

DocuSign Data Breach Led to Targeted Email Malware Campaign

The Hacker News - 17 Květen, 2017 - 13:19
While we all were busy in the WannaCry ransomware menace, two separate data breaches have been reported, one in DocuSign, a major provider of electronic signature technology, and another in BELL, Canada’s largest telecommunications company. In a notice on its website on Tuesday, DocuSign confirmed a breach at one of its email systems when investigating the cause of an increase in
Kategorie: Hacking & Security

Bell Canada Hacked: Data of 1.9 Million Customers Stolen

The Hacker News - 17 Květen, 2017 - 13:18
While we all were busy in the WannaCry ransomware menace, two separate data breaches have been reported, one in DocuSign, a major provider of electronic signature technology, and another in BELL, Canada’s largest telecommunications company. Canadian mobile phone, TV, and internet service provider Bell on Monday confirmed that the company had been hit by an unknown hacker who has managed to
Kategorie: Hacking & Security

Beware! Hackers Can Steal Your Windows Password Remotely Using Chrome

The Hacker News - 17 Květen, 2017 - 12:14
A security researcher has discovered a serious vulnerability in the default configuration of the latest version of Google's Chrome running on any version of Microsoft's Windows operating system, including Windows 10, that could allow remote hackers to steal user's login credentials. Researcher Bosko Stankovic of DefenseCode has found that just by visiting a website containing a malicious SCF
Kategorie: Hacking & Security

Pozor, internetem se šíří „superdatabáze“ půl miliardy ukradených hesel

Zive.cz - bezpečnost - 17 Květen, 2017 - 11:26
Sítí se šíří další velká databáze ukradených webových účtů. Podle bezpečnostních analytiků čítá více než 560 milionů přihlašovacích údajů. Nicméně mnohé se opakují, takže unikátních je asi polovina; okolo 243,6 milionů. Naštěstí se nejedná o nový průnik hackerů, ale o kompilát těch starých ze ...
Kategorie: Hacking & Security

WannaCry: the ransomware worm that didn’t arrive on a phishing hook

Sophos Naked Security - 17 Květen, 2017 - 01:25
Email doesn't seem to have been the initial vector for WannaCry, which initially took hold in south-east Asia

DocuSign Phishing Campaign Includes Hancitor Downloader

Threatpost - 16 Květen, 2017 - 20:38
DocuSign warns of a breach and subsequent theft of email addresses that are part of a phishing campaign that employs malicious macro-laced Word documents.
Kategorie: Hacking & Security

WCry ransomware worm’s Bitcoin take tops $70k as its spread continues

Ars Technica - 16 Květen, 2017 - 20:09

(credit: fdecomite)

WCry, the National Security Agency exploit-powered ransomware worm that began spreading worldwide on Friday, had reportedly affected hundreds of thousands of computers before the weekend, but the malware had only brought in about $20,000 in ransom payments. However, as the world returned to the office on Monday, those payments have been rapidly mounting, based on tracking data for the three Bitcoin wallets tied by researchers to the malware. As of noon Eastern Time on Monday, payments had reached an estimated $71,000 since May 12. So far, 263 payments have been made to the three wallets linked to the code in the malware.

The payment history for each wallet shows individual transactions ranging mostly between 0.16 and 0.34 Bitcoin (approximately $300 and $600, respectively), with the number of larger payments increasing over time. Different ransom amounts have been presented to victims, and the price of Bitcoin has climbed dramatically over the past week, causing some variation in the payment sizes.

According to researchers at Symantec Security Response, tracking ransom transactions would have been much more difficult if not for a bug in code that was supposed to create an individual bitcoin wallet for each victim:

Read 1 remaining paragraphs | Comments

Kategorie: Hacking & Security

Weeks Before WannaCry, Cryptocurrency Mining Botnet Was Using Windows SMB Exploit

The Hacker News - 16 Květen, 2017 - 20:04
A security researcher has just discovered a stealthy cryptocurrency-mining malware that was also using Windows SMB vulnerability at least two weeks before the outbreak of WannaCry ransomware attacks. According to Kafeine, a security researcher at Proofpoint, another group of cyber criminals was using the same EternalBlue exploit, created by the NSA and dumped last month by the Shadow Brokers,
Kategorie: Hacking & Security
Syndikovat obsah