Hacking & Security

Oracle, still clueless about security

LinuxSecurity.com - 25 Srpen, 2015 - 16:32
LinuxSecurity.com: Oracle's chief security officer, Mary Ann Davidson, recently ticked off almost everyone in the security business. She proclaimed that you had to do security "expertise in-house because security is a core element of software development and you cannot outsource it."
Kategorie: Hacking & Security

Facebook threats against Pokémon World Championships lead to arrests in Boston

Sophos Naked Security - 25 Srpen, 2015 - 16:15
Two men are being held without bail after they allegedly made threats on Facebook promising violence against attendees of the Pokémon World Championships.

Github Mitigates DDoS Attack

Threatpost - 25 Srpen, 2015 - 16:01
Github said it turned back a distributed denial of service attack; it’s unknown whether this attack is related to a similar attack this March.
Kategorie: Hacking & Security

The irony: Ashley Madison plotted hacking rivals to stay ahead of the game

LinuxSecurity.com - 25 Srpen, 2015 - 14:52
LinuxSecurity.com: Ashley Madison may have had a taste of its own medicine this month, judging by a cache of leaked emails which suggest the CEO of the site encouraged the hacking of rival firms.
Kategorie: Hacking & Security

Court Says the FTC Can Slap Companies for Getting Hacked

LinuxSecurity.com - 25 Srpen, 2015 - 14:50
LinuxSecurity.com: For companies like the dating site Ashley Madison or the health insurer Anthem, financial loss, customer anger and professional embarrassment aren't the only consequences of getting massively gutted by hackers. Now a court has confirmed that there's a three-letter agency that can dish out punishment, too.
Kategorie: Hacking & Security

Incorporating Cloud Security Logs into Open-Source Cloud Monitoring Solutions

InfoSec Institute Resources - 25 Srpen, 2015 - 14:00

Introduction In the previous article, we gave an overview about setting up the environment for open-source monitoring of logs across a wide range of devices. In this article we’ll take up from there, use the environment that has already been provided, and incorporate logs from various systems to be sent to ELK stack. To summarize […]

The post Incorporating Cloud Security Logs into Open-Source Cloud Monitoring Solutions appeared first on InfoSec Resources.

Kategorie: Hacking & Security

25 Ways to Become the Ultimate Script Kiddie

InfoSec Institute Resources - 25 Srpen, 2015 - 14:00

You do not need to learn C, C++, C#, Python, Perl, PHP, Assembly and other computer programming languages since Kali, Parrot OS, and Backbox Linux have scripts and GUIs for performing penetration testing, wireless cracking, and vulnerability assessment. Use r57, c100 or c99 shells as your backdoor shells as a proof that you were able […]

The post 25 Ways to Become the Ultimate Script Kiddie appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Ashley Madison data breach leads to extortion attempts

Sophos Naked Security - 25 Srpen, 2015 - 13:49
"Send me 1.00000001 bitcoins or I'll tell your spouse you were cheating" seems to be how it goes down...

Stingrays used to track petty crime

Sophos Naked Security - 25 Srpen, 2015 - 13:47
Baltimore revealed that it's used stingrays 4300 times, and now we know most of that is on the level of check forgery and phone theft.

New Android Smartphones will Come with Fewer Pre-installed Apps

The Hacker News - 25 Srpen, 2015 - 13:35
A sigh of relief indeed! Google is finally listening to us; it is ditching its haunting bloatware from the upcoming Android smartphones and tablets. As per the current situation, our Android devices are attacked with Google's suite of apps like Google Play Games, Google Newsstand, Google Play Books. The new Samsung Galaxy Note 5 is expected not to be pre-occupied with Google+. <!--
Kategorie: Hacking & Security

Pirate sites ban Windows 10 over privacy worries

Sophos Naked Security - 25 Srpen, 2015 - 13:31
Paranoia has spiked over the notion that Microsoft plans to keep people from running software they never bought.

Sexy Girl Devises a 3D Printed High-Heeled Shoes with Hacking Tools Inside

The Hacker News - 25 Srpen, 2015 - 12:24
Next time when you came across a sexy lady wearing high heels, you need to Watch her steps, and yours too. What if a computer hacker with stunning good look and sexual charm, especially a girl, walk around you? This is the only reason why a young woman hacker going under the name SexyCyborg could turn out so dangerous. SexyCyborg, a Chinese hardware hacker, is actually a very
Kategorie: Hacking & Security

Spamu ubylo, stále ale tvoří přes polovinu všech odeslaných e-mailů

Novinky.cz - bezpečnost - 25 Srpen, 2015 - 12:23
Podíl nevyžádané pošty ve druhém čtvrtletí celosvětově klesl o šest procentních bodů na 53 procent. Výrazně se ale ve spamu zvýšilo zneužívání světových událostí. Cílem bylo získat osobní údaje a dobrovolné příspěvky od uživatelů po celém světě. Uvedla to antivirová firma Kaspersky Lab.
Kategorie: Hacking & Security

Hack Leads to Extortions and Suicides! Ashley Madison puts $500,000 Bounty on Hackers' Head

The Hacker News - 25 Srpen, 2015 - 12:11
It's been a rough week for cheating website Ashley Madison, whose slogan is "Life is short, have an affair." Last week, the Impact Team, who claimed to hack Ashley Madison, posted 10GB of personal data for tens of Millions of its customers, including their names and email addresses. The hackers made things even worse by releasing another 20GB of company's internal data, including
Kategorie: Hacking & Security

Microsoft Launches Cortana App For Android Users

The Hacker News - 25 Srpen, 2015 - 11:18
Yes, she is here! Android users can now talk to Cortana – the first personal digital assistant – which is a patented product of Microsoft. She is available on all the devices running Windows 10. Earlier in May, Microsoft said they will make Cortana available for Android and iOS users. Therefore, a beta version of Cortana has been rolled out by Microsoft for public. <!-- adsense -->
Kategorie: Hacking & Security

USA mohou trestat firmy, které mají chabou kybernetickou ochranu

Zive.cz - bezpečnost - 25 Srpen, 2015 - 10:42
Americká obchodní komise FTC může sankcionovat zámořské společnosti s nedostatečnou obranou proti kyberútokům. Rozhodl tak odvolací soud , který projednával starší při mezi FTC a hotelovým řetězcem Wyndham Worldwide. Hotelová síť se v letech 2008 až 2009 potýkala se třemi úspěšnými kybernetickými ...
Kategorie: Hacking & Security

Ashley Madison nabízí za dopadení hackerů půl milionu dolarů

Zive.cz - bezpečnost - 25 Srpen, 2015 - 08:49
Seznamka pro nevěrníky Ashley Madison nabízí odměnu ve výši půl milion dolarů (11,7 milionů korun) za informace vedoucí k dopadení hackerů, kteří nedávno napadli její servery a po počátečních výhrůžkách skutečně umístili na internet kompletní databázi s registrovanými uživateli, zdrojové kódy ...
Kategorie: Hacking & Security

Specialisté popsali nový způsob masivní DoS útoku. Používají BitTorrent

Zive.cz - bezpečnost - 25 Srpen, 2015 - 08:04
Specialisté z londýnské City University, techniky v německém Friedbergu a společnosti PLUMgrid se na nedávné bezpečnostní konferenci WOOT pochlubili studií ( PDF ), ve které popsali nový způsob masivního DoS útoku. Jedná se o takzvanou techniku DRDoS – Distributed Reflective Denial of Service a ...
Kategorie: Hacking & Security

Ashley Madison execs hacked competitors, wrote screenplay

Ars Technica - 25 Srpen, 2015 - 04:40

Last week, a hacking ring calling itself "Impact Team" released a trove of information collected by Ashley Madison, a dating site that connected people looking to have extramarital affairs. Not only were details pertaining to more than 30 million Ashley Madison accounts leaked, but Impact Team also dropped a 30-gigabyte archive which it said encompassed e-mails from the company's CEO, Noel Biderman.

In one of the more salient exchanges, according to KrebsOnSecurity, Ashley Madison's Chief Technology Officer Raja Bhatia apparently e-mailed Biderman in 2012 to tell him that he had discovered a security hole in a site called nerve.com, which operated a dating platform that was an Ashley Madison competitor at the time. A few months before, Nerve had approached Ashley Madison's parent company, Avid Life Media, with an offer to partner with the company. E-mails suggested that Bhatia offered at least $20 million for Nerve and another website called flirts.com, but Ashley Madison ended up declining pursuit of the deal.

When Bhatia started probing Nerve's site for weaknesses, however, he found some interesting things. As he wrote to Biderman, “They did a very lousy job building their platform. I got their entire user base. Also, I can turn any non paying user into a paying user, vice versa, compose messages between users, check unread stats, etc.” Bhatia included a link to a sample of the database, apparently.

Read 3 remaining paragraphs | Comments

Kategorie: Hacking & Security

Charlie Miller to Leave Twitter Security Team

Threatpost - 25 Srpen, 2015 - 02:31
Charlie Miller, one of the more respected and accomplished security researchers in the industry, is leaving Twitter's security team after three years.
Kategorie: Hacking & Security
Syndikovat obsah