Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Abyss Locker Ransomware Targets Linux & Windows Users

LinuxSecurity.com - 2 Březen, 2024 - 14:05
A ransomware variant dubbed "Abyss Locker" has been observed targeting Microsoft Windows and Linux platforms. The Abyss Locker ransomware is believed to be based on the HelloKitty ransomware source code. It steals and encrypts victims' files, demanding ransom for decryption and preventing the release of stolen data. The ransomware's severity level is classified as high, showcasing the urgency of addressing this issue.
Kategorie: Hacking & Security

New DDoS Malware Puts Apache Servers at Risk

LinuxSecurity.com - 2 Březen, 2024 - 14:01
A Lucifer DDoS botnet malware variant has been identified, specifically targeting Apache Hadoop and Apache Druid servers. This sophisticated malware campaign exploits existing vulnerabilities and misconfigurations within these systems to carry out malicious activities, including cryptojacking and distributed denial-of-service (DDoS) attacks .
Kategorie: Hacking & Security

New Bifrost Malware Evades Detection, Threatens Linux Server Security

LinuxSecurity.com - 2 Březen, 2024 - 13:54
A new variant of Bifrost, a remote access Trojan (RAT), has been observed attacking Linux servers. The new variant, dubbed Bifrose, employs a deceptive domain name to evade detection.
Kategorie: Hacking & Security

Falco Graduation Signals Advancements in Cloud Native Runtime Security

LinuxSecurity.com - 2 Březen, 2024 - 13:48
In the world of cloud-native computing, security is paramount. The recent announcement by the Cloud Native Computing Foundation (CNCF) about the graduation of Falco , a cloud-native security tool, brings it to the forefront. Falco, described as the de facto Kubernetes threat detection engine, has gained significant traction among notable organizations like Booz Allen Hamilton, GitLab, Shopify, and many more.
Kategorie: Hacking & Security

Česko chce s USA spolupracovat na bezpečných sítích. Huawei a Čínu zakažte, vzkazují Izraelci

Zive.cz - bezpečnost - 2 Březen, 2024 - 08:45
Česko připravuje prostřednictvím Národního úřadu pro kybernetickou a informační bezpečnost (NÚKIB) nový zákon o kyberbezpečnosti, který by mohl vést až k zákazu čínských dodavatelů technologií do kritické infrastruktury. Operátoři a energetické podniky v čele s ČEZ proti takto tvrdému postupu ...
Kategorie: Hacking & Security

U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp

The Hacker News - 2 Březen, 2024 - 07:23
A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant's ongoing litigation against the Israeli spyware vendor. The decision, which marks a major legal victory for Meta, which filed the lawsuit in October 2019 for using its infrastructure to distribute the spyware to approximatelyNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

U.S. Charges Iranian Hacker, Offers $10 Million Reward for Capture

The Hacker News - 2 Březen, 2024 - 05:38
The U.S. Department of Justice (DoJ) on Friday unsealed an indictment against an Iranian national for his alleged involvement in a multi-year cyber-enabled campaign designed to compromise U.S. governmental and private entities. More than a dozen entities are said to have been targeted, including the U.S. Departments of the Treasury and State, defense contractors that support U.S. Department of Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Také Androidy budou mít své Face ID. Funkce využije polarizační kameru v displeji

Zive.cz - bezpečnost - 1 Březen, 2024 - 19:15
** Androidy už zřejmě brzy dostanou své „Face ID“ ** Funkce se nazývá Polar ID a využívá polarizační kameru ** Výhledově má z Androidů vystrnadit čtečky otisků prstů
Kategorie: Hacking & Security

Tails 6.0 Released with Critical Security Updates, Big Improvements

LinuxSecurity.com - 1 Březen, 2024 - 14:36
The release of Tails 6.0 brings many improvements that cater to new and seasoned users, emphasizing security, usability, and privacy for those passionate about online security. The new features introduced in this version highlight the project's commitment to enhancing user experience while maintaining robust security protocols.
Kategorie: Hacking & Security

New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users

The Hacker News - 1 Březen, 2024 - 14:32
A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster codenamed CryptoChameleon that’s designed to primarily target mobile devices. “This kit enables attackers to build carbon copies of single sign-on (SSO) pages, then use a combination of email, SMS, and voice phishing to trick the target into sharing Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

4 Instructive Postmortems on Data Downtime and Loss

The Hacker News - 1 Březen, 2024 - 12:08
More than a decade ago, the concept of the ‘blameless’ postmortem changed how tech companies recognize failures at scale. John Allspaw, who coined the term during his tenure at Etsy, argued postmortems were all about controlling our natural reaction to an incident, which is to point fingers: “One option is to assume the single cause is incompetence and scream at engineers to make them The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion

The Hacker News - 1 Březen, 2024 - 11:56
Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. "This latest version of Bifrost aims to bypass security measures and compromise targeted systems," Palo Alto Networks Unit 42 researchers Anmol Maurya and Siddharth Sharma said. BIFROSE is one of the long-standing Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities

The Hacker News - 1 Březen, 2024 - 07:26
The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways, noting that the Integrity Checker Tool (ICT) can be deceived to provide a false sense of security. "Ivanti ICT is not sufficient to detect compromise and that a cyber threat actor may be able Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories

The Hacker News - 1 Březen, 2024 - 06:29
GitHub on Thursday announced that it’s enabling secret scanning push protection by default for all pushes to public repositories. “This means that when a supported secret is detected in any push to a public repository, you will have the option to remove the secret from your commits or, if you deem the secret safe, bypass the block,” Eric Tooley and Courtney Claessens said. Push protection&Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems

The Hacker News - 29 Únor, 2024 - 16:21
Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML “enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against applications configured to use it for authentication, such as Salesforce,” Semperis Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks

The Hacker News - 29 Únor, 2024 - 12:33
Threat hunters have discovered a new Linux malware called GTPDOOR that’s designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for command-and-control (C2) communications. GPRS roaming allows subscribers to access their GPRS services while they are Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

How to Prioritize Cybersecurity Spending: A Risk-Based Strategy for the Highest ROI

The Hacker News - 29 Únor, 2024 - 12:19
As an IT leader, staying on top of the latest cybersecurity developments is essential to keeping your organization safe. But with threats coming from all around — and hackers dreaming up new exploits every day — how do you create proactive, agile cybersecurity strategies? And what cybersecurity approach gives you the most bang for your buck, mitigating your risks and maximizing the value of yourThe Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks

The Hacker News - 29 Únor, 2024 - 12:19
The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can permit an attacker to gain SYSTEM privileges. It was resolved by Microsoft earlier this month as part Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Backdoor Targeting European Officials Linked to Indian Diplomatic Events

The Hacker News - 29 Únor, 2024 - 09:19
A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The adversary, according to a report from Zscaler ThreatLabz, used a PDF file in emails that purported to come from the Ambassador of India, inviting diplomatic staff to a wine-tasting Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems

The Hacker News - 29 Únor, 2024 - 09:17
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 times, with pycryptoconf accounting for the most Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
Syndikovat obsah