Kategorie

The program focuses on potential abuse methods across Google's product-specific channels like Google+, Youtube, Gmail and Blogger.

With the release of Chrome 68, Google prominently marks all non-HTTPS websites as 'Not Secure' on its browser to make the web a more secure place for Internet users. If you haven't yet, there is another significant reason to immediately switch to the latest version of the Chrome web browser. Ron Masas, a security researcher from Imperva, has discovered a vulnerability in web browsers that

Misconfigured DIY smart-home hubs for home automation could allow attackers to track owners’ movements, see if smart doors and windows are opened or closed, and even open garage doors.

Advanced behavior malware threats are targeting telecom services - at a higher level than the global average, researchers found.

Hardwarová peněženka BitFi měla skvělou marketingovou kampaň. Výrobce tvrdil, že nikdo na světě ji nedokáže hacknout a ukrást tak vaše drahocenné kryptoměny. Tvrzení dokonce hojně podporoval známý autor antivirů a předseda představenstva BitFi John McAfee. Jenže jak už to bývá s velkými tvrzeními, ...

The method could be used to deduce the age, sex, likes or the location history of a user – essentially, the attacker can play “20 questions” to profile the victim.

Matt Olsen, bývalý expert americké Národní bezpečnostní agentury (NSA) a šéf Národního protiteroristického centra, se stane šéfem kybernetické bezpečnosti Uberu. Tento týden to oznámil šéf společnosti Dara Khosrowshani. Olsen nahradí Joe Sullivana, kterého Uber propustil kvůli masivnímu úniku ...

The Australian government wants to force companies to help it get at suspected criminals’ data. If they can’t, it would jail people for up to a decade if they refuse to unlock their phones.

For 2 years, welfare investigators used a huge database of automated license plate reader images to sniff out fraud, without audit or policy.

The family of "Dread Pirate Roberts" got him an account and is typing in, word for word, his tweets, including his hope for Trump's clemency.

What's worse than fake news? Fake science - published in legitimate looking journals.

Velkou pozornost by v tomto týdnu měli věnovat uživatelé počítačů bezpečnostním aktualizacím. Společnost Microsoft totiž vydala pravidelnou várku aktualizací, které opravují hned několik kritických zranitelností. Trhliny mohou zneužít počítačoví piráti.

Each year, Kaspersky Lab’s Security Services department carries out dozens of cybersecurity assessment projects for companies worldwide. In this publication, we present a general summary and statistics for the cybersecurity assessments we have conducted of corporate information systems throughout 2017.

We have analyzed several dozen projects for companies from various sectors, including government bodies, financial organizations, telecommunications and IT companies, as well as manufacturing and energy companies. The results and statistics on detected vulnerabilities are provided separately for each type of service provided: external penetration testing, internal penetration testing, web application security assessment.

The distribution of analyzed companies by industry, 2017

The overall level of protection against external attackers was assessed as low or extremely low for 43% of all analyzed companies. The level of protection against internal attackers was identified as low or extremely low for 93% of all analyzed companies.

This publication includes statistics on the most common vulnerabilities and security flaws that Kaspersky Lab’s experts have detected and that can potentially be used by threat actors for unauthorized penetration into company infrastructures.

 “Security assessment of corporate information systems in 2017” full report (PDF)

Chytré telefony jsou pro drtivou většinu uživatelů v dnešní době již naprostou samozřejmostí. Tím, jak se rozrůstá nabídka jejich dovedností, ale zároveň rostou obavy uživatelů z možné sledování a odposlouchávání. Paradoxně nastavení zabezpečení ale příliš mnoho uživatelů pozornost nevěnuje, dokládá to průzkum antivirové společnosti Kaspersky Lab.

Cyber thieves have the higher education industry in their crosshairs. According to some reports, higher education accounted for 13 percent of all breaches, with only financial and healthcare firms being attacked at a greater ratio. Moreover, why shouldn’t they? Personal data (of everyone from alumni to staff to faculty), academic research, and cross-institutional records provide […]

The post Security Awareness in Higher Education appeared first on InfoSec Resources.

Security Awareness in Higher Education was first posted on August 15, 2018 at 5:27 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

In this article, we will try to solve another Capture the Flag (CTF) challenge. This CTF was posted on VulnHub by Hadi Mene and is part of a Basic Pentesting series. According to the information given in the description by the author of the challenge, this is an entry-level boot2root web-based challenge. This challenge aims […]

The post Basic Pentesting: 2 — CTF Walkthrough appeared first on InfoSec Resources.

Basic Pentesting: 2 — CTF Walkthrough was first posted on August 15, 2018 at 5:16 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

The tricky Cortana flaw, CVE-2018-8253, was addressed by Microsoft during Patch Tuesday.

In testing, an Internet of Things (IoT) botnet of large, power-consuming appliances was used to carry out coordinated attacks on the energy grid.

Instagram has been hit by a widespread hacking campaign that appears to stem from Russia and have affected hundreds of users over the past week, leaving them locked out of their accounts. A growing number of Instagram users are taking to social media, including Twitter and Reddit, to report a mysterious hack which involves locking them out of their account with their email addresses changed to

Shock! It appears Google can track the location of anyone using some of its apps on Android or iPhone even when they’ve told it not to.