Hacking & Security

Mike Mimoso on SAS 2015

Threatpost - 23 Únor, 2015 - 20:55
Dennis Fisher and Mike Mimoso discuss their takeaways from the SAS 2015 conference, including the Equation Group APT analysis, hacking car washes, indexing the dark web and hacking home appliances.
Kategorie: Hacking & Security

Komodia Website Under DDoS Attack

Threatpost - 23 Únor, 2015 - 20:53
Komodia.com, home of the SSL module at the heart of the Superfish scandal, is offline because of a DDoS attack.
Kategorie: Hacking & Security

Gemalto Hack May Have Far-Reaching Effects

Threatpost - 23 Únor, 2015 - 17:14
Security experts are still trying to assess the effects of the reported attack on SIM card manufacturer that resulted in the theft of millions of encryption keys for mobile phones around the world, but it’s safe to say that the operation has caused reverberations throughout the industry and governments in several countries. The attack, reported […]
Kategorie: Hacking & Security

Katie Moussouris on Starting a Bug Bounty Program

Threatpost - 23 Únor, 2015 - 17:02
In this video from last week's Security Analyst Summit, HackerOne's Katie Moussouris explains the main thing companies that want to start a bounty program or vulnerability incentive program need to know: There is no one size fits all.
Kategorie: Hacking & Security

Nová zranitelnosť v Sambe

CSIRT.cz - 23 Únor, 2015 - 16:57

V Sambe sa vyskytla nová zraniteľnosť, ktorá môže byť zneužitá Samba klientom tak, že zašle špeciálne upravené požiadavky na server. Príkazy sa na serveri vykonajú pod rootovskými právami. Aj keď o konkrétnom prípade zneužitia tejto zraniteľnosti sa zatiaľ nevie, Red Hat zverejnil postup na aplikáciu záplat.

Kategorie: Hacking & Security

Konkrétna ukážka boja s (D)DoS útoky

CSIRT.cz - 23 Únor, 2015 - 16:39

Remotely-Triggered Black Hole je technika, ktorá využíva možnosti protokolu BGP na obmedzenie prichádzajúcich paketov z nežiadúceho smeru počas (D)DoS útoku. Tomu, ako táto technika filtrovania packetov funguje, sa z pohľadu peeringového uzla venuje technický riaditeľ združenia NIX.CZ.

Kategorie: Hacking & Security

Alleged US Army hacker Lauri Love wants his computers back

Sophos Naked Security - 23 Únor, 2015 - 16:33
A man arrested on suspicion of hacking into the computer systems of the United States Army and other federal agencies is petitioning for the return of his encrypted computers and storage devices.

Super-fish je väčší, ako sme si mysleli

CSIRT.cz - 23 Únor, 2015 - 16:29

Malware Super-fish, ktorý bol predinštalovaný na laptopoch Lenovo, je omnoho rozšírenejší, ako sa na prvý pohľad zdalo. V ďalších dvanástich aplikáciach sa zistilo, že využívajú HTTPS technológiu, ktorá umožňuje malwaru Super-fish obísť certifikát a zasiahnuť tak do šifrovanej komunikácie medzi užívateľom a samotnou aplikáciou. Spoločnosť Lenovo medzičasom vydala automatizovaný nástroj na odstránenie malwaru Super-fish.

Kategorie: Hacking & Security

Superfish-like Vulnerability Found in Over 12 More Apps

The Hacker News - 23 Únor, 2015 - 15:54
'SuperFish' advertising software recently found pre-installed on Lenovo laptops is more widespread than what we all thought. Facebook has discovered at least 12 more titles using the same HTTPS-breaking technology that gave the Superfish malware capability to evade rogue certificate. The Superfish vulnerability affected dozens of consumer-grade Lenovo laptops shipped before January 2015,
Kategorie: Hacking & Security

13 Popular Wireless Hacking Tools

InfoSec Institute Resources - 23 Únor, 2015 - 14:15

Internet is now the basic need of our daily life. With the increasing use of smartphones, most of the things are now online. Every time we have to do something, we just use our smartphone or desktop. This is the reason wi-fi hotspots can be found everywhere. People also use wireless in their home network […]

The post 13 Popular Wireless Hacking Tools appeared first on InfoSec Institute.

Kategorie: Hacking & Security

Data Traffic & Network Security

InfoSec Institute Resources - 23 Únor, 2015 - 14:00

Introduction Last year – dubbed “the Year of the Hack” – saw numerous major cyber attacks against prominent corporations, including JP Morgan bank and Sony Pictures Entertainment. And after Target in 2013, another retailer, Home Depot, suffered a data breach with more than 56 million credit cards stolen. The consequences of these incidents can be […]

The post Data Traffic & Network Security appeared first on InfoSec Institute.

Kategorie: Hacking & Security

How the "Great SIM Heist" could have been avoided

Sophos Naked Security - 23 Únor, 2015 - 13:48
Apparently, intelligence services managed to penetrate the network of a major SIM card manufacturer, grab loads of SIM keys, and now we're all liable to be listened in on. But why? What is it about SIM cards that made this possible?

Ještěrky opět útočily. Tentokrát se stal obětí vietnamský Google

Zive.cz - bezpečnost - 23 Únor, 2015 - 12:49
Skupina hackerů Lizard Squad, která se v minulosti nechvalně proslavila třeba útoky na herní síť ony PlayStation Network, si před několika hodinami vybrala nový cíl svého úspěšného útoku. Tentokrát to byly stránky Googlu, respektive DNS systém. Díky jeho pozměnění se jim podařilo přesměrovat ...
Kategorie: Hacking & Security

Facebook to be sued by Native American over real-name policy

Sophos Naked Security - 23 Únor, 2015 - 12:29
Dana Lone Hill, a member of the Lakota people and one of many Native Americans whom Facebook shut out over erroneous reports of fake names, will head the class action lawsuit.

YouTube to launch ad free subscription and a kid safe app

Sophos Naked Security - 23 Únor, 2015 - 11:48
YouTube's stripping comments from its upcoming Kids app and adverts from its upcoming paid subscription model.

Chicago Police Department Pays $600 Cryptoware Ransom to Cybercriminals

The Hacker News - 23 Únor, 2015 - 11:34
Cyber criminals have started targeting government enforcement of the Ransomware in an attempt to extort money. Recently, the police department of the Midlothian Village in Illinois has paid a ransom of over $600 in Bitcoins to an unknown hacker after being hit by a popular ransomware attack. The popular Ransomware, dubbed Cryptoware, disabled a police computer in Midlothian — located south
Kategorie: Hacking & Security

Research: 84 percent more concerned about security and privacy in 2015

LinuxSecurity.com - 23 Únor, 2015 - 11:25
LinuxSecurity.com: Security and privacy are top concerns for many IT professionals, and it's especially relevant now, after 2014's highly publicized data breaches. Because of the constant concerns about security and privacy, Tech Pro Research, ZDNet's premium content sister site, conducted a new survey on the topic and compared the results back to a previous survey from 2013.
Kategorie: Hacking & Security

Spin and FUD: Superfish CEO says software presents no security risk

LinuxSecurity.com - 23 Únor, 2015 - 11:22
LinuxSecurity.com: In a statement to Ars Technica, Adi Pinhas, CEO of Superfish Inc. said his company's pre-installed advertising software on Lenovo PCs poses no security risk - despite clear evidence otherwise.
Kategorie: Hacking & Security

Monday review - the hot 31 stories of the week

Sophos Naked Security - 23 Únor, 2015 - 11:12
Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.

Lenovo uvolnilo nástroj pro automatické odstranění adwaru Superfish

Zive.cz - bezpečnost - 23 Únor, 2015 - 11:04
Lenovo se v těchto dnech vypořádává s aférou okolo adwaru Superfish, který v průběhu loňského roku předinstalovávalo na některé notebooky. Výrobce se sice ve svém vyjádření dušuje, že provozovatel kontroverzního softwaru od loňského roku zablokoval veškerou komunikaci s produkty Lenova, čili i ...
Kategorie: Hacking & Security
Syndikovat obsah