je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.


Fronton IOT Botnet Packs Disinformation Punch

Threatpost - 1 hodina 6 min zpět
Fronton botnet has far more ability than launching DDOS attack, can track social media trends and launch suitable propaganda.
Kategorie: Hacking & Security

SIM-based Authentication Aims to Transform Device Binding Security to End Phishing

The Hacker News - 3 hodiny 2 min zpět
Let's face it: we all use email, and we all use passwords. Passwords create inherent vulnerability in the system. The success rate of phishing attacks is skyrocketing, and opportunities for the attack have greatly multiplied as lives moved online. All it takes is one password to be compromised for all other users to become victims of a data breach.  To deliver additional security, therefore,
Kategorie: Hacking & Security

New Chaos Ransomware Builder Variant "Yashma" Discovered in the Wild

The Hacker News - 3 hodiny 3 min zpět
Cybersecurity researchers have disclosed details of the latest version of the Chaos ransomware line, dubbed Yashma. "Though Chaos ransomware builder has only been in the wild for a year, Yashma claims to be the sixth version (v6.0) of this malware," BlackBerry research and intelligence team said in a report shared with The Hacker News. Chaos is a customizable ransomware builder that emerged in
Kategorie: Hacking & Security

Malware Analysis: Trickbot

The Hacker News - 3 hodiny 58 min zpět
In this day and age, we are not dealing with roughly pieced together, homebrew type of viruses anymore. Malware is an industry, and professional developers are found to exchange, be it by stealing one's code or deliberate collaboration. Attacks are multi-layer these days, with diverse sophisticated software apps taking over different jobs along the attack-chain from initial compromise to
Kategorie: Hacking & Security

Conti Ransomware Operation Shut Down After Splitting into Smaller Groups

The Hacker News - 4 hodiny 32 min zpět
Even as the operators of Conti threatened to overthrow the Costa Rican government, the notorious cybercrime gang officially took down their infrastructure in favor of migrating their criminal activities to other ancillary operations, including Karakurt and BlackByte. "From the negotiations site, chatrooms, messengers to servers and proxy hosts - the Conti brand, not the organization itself, is
Kategorie: Hacking & Security

Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code

The Hacker News - 5 hodin 30 min zpět
Threat actors behind web skimming campaigns are leveraging malicious JavaScript code that mimics Google Analytics and Meta Pixel scripts in an attempt to sidestep detection. "It's a shift from earlier tactics where attackers conspicuously injected malicious scripts into e-commerce platforms and content management systems (CMSs) via vulnerability exploitation, making this threat highly evasive to
Kategorie: Hacking & Security

Americké orgány vyšetřují po nehodě Tesly Model S se třemi oběťmi systém Autopilot - bezpečnost - 9 hodin 20 min zpět
Nedávná nehoda automobilu Tesla Model S, při níž zahynuli tři lidé, vyústila v další federální vyšetřování systému Autopilot společnosti Tesla, uvádí deník The Wall Street Journal. Vyšetřování vede Národní úřad pro bezpečnost silničního provozu (NHTSA), který uvedl, že v současné době prověřuje ...
Kategorie: Hacking & Security

381,000-plus Kubernetes API servers 'exposed to internet'> - 15 hodin 33 min zpět
A large number of servers running the Kubernetes API have been left exposed to the internet, which is not great: they're potentially vulnerable to abuse.
Kategorie: Hacking & Security

Complete Guide to Keylogging in Linux: Part 1> - 23 Květen, 2022 - 20:11
In this first part of our Complete Guide to Keylogging in Linux, we will explore the basics of keylogging and its importance in the realm of Linux security, and dive deeper into keylogging in userspace, demonstrating how a keylogger can be written for Linux, by reading events directly from a keyboard device.
Kategorie: Hacking & Security

Clearview AI face-matching service fined a lot less than expected

Sophos Naked Security - 23 Květen, 2022 - 20:01
The fine has finally gone through... but it's less than 45% of what was originally proposed.

Yes, Containers Are Terrific, But Watch the Security Risks

The Hacker News - 23 Květen, 2022 - 17:02
Containers revolutionized the development process, acting as a cornerstone for DevOps initiatives, but containers bring complex security risks that are not always obvious. Organizations that don’t mitigate these risks are vulnerable to attack.  In this article, we outline how containers contributed to agile development, which unique security risks containers bring into the picture – and what
Kategorie: Hacking & Security

Kyberútok způsobil ŘSD obrovské škody - bezpečnost - 23 Květen, 2022 - 15:34
Kybernetický útok na Ředitelství silnic a dálnic (ŘSD) napáchal podle šéfa organizace Radka Mátla „obrovské škody“, z nichž se společnost bude vzpamatovávat měsíce. Útok minulý týden narušil weby či účetnictví, stavby však neohrozil.
Kategorie: Hacking & Security

Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches

Threatpost - 23 Květen, 2022 - 14:47
Mohit Tiwari, CEO of Symmetry Systems, explores Zero Trust, data objects and the NIST framework for cloud and on-prem environments.
Kategorie: Hacking & Security

Snake Keylogger Spreads Through Malicious PDFs

Threatpost - 23 Květen, 2022 - 14:07
Microsoft Word also leveraged in the email campaign, which uses a 22-year-old Office RCE bug.
Kategorie: Hacking & Security

New Unpatched Bug Could Let Attackers Steal Money from PayPal Users

The Hacker News - 23 Květen, 2022 - 13:02
A security researcher claims to have discovered an unpatched vulnerability in PayPal's money transfer service that could allow attackers to trick victims into unknowingly completing attacker-directed transactions with a single click. Clickjacking, also called UI redressing, refers to a technique wherein an unwitting user is tricked into clicking seemingly innocuous webpage elements like buttons
Kategorie: Hacking & Security

Fronton: Russian IoT Botnet Designed to Run Social Media Disinformation Campaigns

The Hacker News - 23 Květen, 2022 - 13:01
Fronton, a distributed denial-of-service (DDoS) botnet that came to light in March 2020, is much more powerful than previously thought, per the latest research. "Fronton is a system developed for coordinated inauthentic behavior on a massive scale," threat intelligence firm Nisos said in a report published last week. "This system includes a web-based dashboard known as SANA that enables a user
Kategorie: Hacking & Security

VirtualBox On Linux Affected By Security Vulnerability Leaking Host Data To Guests> - 23 Květen, 2022 - 13:00
Security researcher Jason Donenfeld who is known for leading the development of the WireGuard open-source software has outlined a new security vulnerability affecting the Oracle VM VirtualBox software.
Kategorie: Hacking & Security

Microsoft: This botnet is growing fast and hunting for servers with weak passwords> - 23 Květen, 2022 - 13:00
Protect your Linux servers from XorDdos, a botnet scanning the internet for SSH servers with weak passwords, Microsoft warns.
Kategorie: Hacking & Security

ISaPWN – research on the security of ISaGRAF Runtime

Kaspersky Securelist - 23 Květen, 2022 - 12:00

In early 2020, we notified the Rockwell Automation Product Security Incident Response Team (RA PSIRT) of several vulnerabilities we had identified in the ISaGRAF Runtime execution environment.

According to public sources of information, ISaGRAF Runtime is used as an automation framework in multiple products in various industries across the globe and its use is not limited to ICS. ISaGRAF Runtime are also used in transportation, power & energy, and other sectors.

This report includes an analysis of the ISaGRAF framework, its architecture, the IXL and SNCP protocols that are used to program and control ISaGRAF-based devices and to communicate with them.

Our research has uncovered multiple vulnerabilities in ISaGRAF Runtime. The following potential vectors of attacks on ISaGRAF-based devices have been identified:

  • A remote unauthenticated attacker could execute privileged commands of the IXL service on devices with ISaGRAF Runtime versions released before 2010.
  • A remote attacker could easily implement a password brute force attack in ISaGRAF Runtime.
  • An attacker that can carry out a MitM attack will be able to overwrite tag statuses, the program being downloaded to the device, or authentication data. Since authentication data is encrypted with a preset symmetric key, the attacker could decrypt an intercepted target (device) password.
  • An attacker could exploit the vulnerabilities identified to gain remote access to a device with ISaGRAF Runtime and execute arbitrary malicious code inside the ISaGRAF Runtime virtual machine.
  • An attacker could exploit the vulnerabilities to escape the ISaGRAF Runtime sandbox, ensure the malicious code’s persistence on the device, and hide it from future detection.

Detailed descriptions of the vulnerabilities identified are provided, along with an analysis of the impact that their potential abuse could have and recommendations on additional risk mitigation measures.

By the end of 2021, all of the vulnerabilities identified had been fixed by the technology vendor, or mitigations were suggested by the vendor, CISA, or Kaspersky ICS CERT.

As of March 2022, the following vendors had reported ISaGRAF Runtime vulnerabilities in their products: Rockwell Automation, Schneider Electric, Xylem, GE, and Moxa.

More information is available on the Kaspersky ICS CERT website.

Pozor na LinkedIn, DHL i Google. Tyto značky zneužívají hackeři nejčastěji - bezpečnost - 23 Květen, 2022 - 11:53
Při phishingových útocích zneužívají hackeři zpravidla známé značky. V prvním čtvrtletí letošního roku se přitom vůbec nejčastěji vydávali za pracovníky profesní sítě LinkedIn. Vyplývá to z analýzy kyberbezpečnostní společnosti Check Point. Jaké další značky jsou nejvíce zneužívané?
Kategorie: Hacking & Security
Syndikovat obsah