Kategorie

How do you check if a website asking for your credentials is fake or legit to log in? By checking if the URL is correct? By checking if the website address is not a homograph? By checking if the site is using HTTPS? Or using software or browser extensions that detect phishing domains? Well, if you, like most Internet users, are also relying on above basic security practices to spot if that

A company operating a facial recognition system in China has exposed millions of residents’ personal information online.

Seznam napadených webů první kategorie rozšířil další kousek – galerie 500px. Služba se na stránkách podpory přiznala (via PetaPixel), že nedávno objevila bezpečnostní zranitelnost, a když inženýři zkoumali, zdali ji náhodou někdo nezneužil, objevili zpětně pravděpodobný únik dat, ke kterému mělo ...

Photography website 500px has become the latest site to admit suffering a serious data breach.

** Americký senátor chce prosadit přísný zákon pro velké technologické firmy ** Cílem je vysoká pokuta z obratu a vězení pro šéfy při zneužití či krádeži dat ** Má takový zákon šanci a smysl?

On this episode of the CyberSpeak with InfoSec Institute podcast, Kathleen Hyde, chair of cybersecurity programs at Champlain College online, discusses a topic that’s a big part of InfoSec Institute’s initiative for the coming years — finding new and innovative ways of closing the cyber skills gap. In the podcast, Hyde and host Chris Sienko […]

The post Closing the Cyber Skills Gap — CyberSpeak Podcast appeared first on InfoSec Resources.

Closing the Cyber Skills Gap — CyberSpeak Podcast was first posted on February 15, 2019 at 3:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

A hacker who was selling details of nearly 620 million online accounts stolen from 16 popular websites has now put up a second batch of 127 million records originating from 8 other sites for sale on the dark web. Last week, The Hacker News received an email from a Pakistani hacker who claims to have hacked dozens of popular websites (listed below) and selling their stolen databases online. <!

Na pozoru by se v posledních dnech měli mít uživatelé před nevyžádanými e-maily, ve kterých útočníci tvrdí, že jejich poštovní schránka byla napadena hackery. Příjemce přitom straší tzv. RAT viry, které skutečně existují, ale v tomto případě si kyberzločinci vymýšlejí ve snaze dostat z lidí peníze výměnou za intimní nahrávky.

Spoluzakladatel Napsteru Sean Parker zareagoval na některé pesimistické výroky Elona Muska, které se týkají umělé inteligence. Podle jeho názoru mnohem větší hrozbu představuje editování lidských genů. „Příliš mnoho lidí naslouchá našemu příteli Elonu Muskovi s jeho komiksovou dystopickou vizí ...

It has added the technique of using malicious XML files as its delivery method.

A Threatpost poll found that 52 percent don't feel prepared to prevent a mobile security incident from happening. The results reflect a challenging mobile security landscape.

The dating site said users' names and email addresses that were added to the system prior to May 2018 may be impacted.

A recent attack on a US hospital gives us a colourful picture of both how a targeted ransomware attack happens, and how it can be stopped.

Google Play said that app suspensions increased by 66 percent in 2018 on its platform.

Are you interested in starting a career as an information security (infosec) professional? Today’s shortage of infosec pros causes many jobs to go unfilled. That provides a great opportunity to consider this field for individuals either starting out in the industry or looking to change their career path. There are many opportunities for IT security-related […]

The post InfoSec Institute’s Top Podcasts to Take Your Computer Skills to the Next Level appeared first on InfoSec Resources.

InfoSec Institute’s Top Podcasts to Take Your Computer Skills to the Next Level was first posted on February 14, 2019 at 9:03 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

The idea of having a CISO with a legal degree came to me some years back, while I worked as a travelling security consultant. I lost count of the times that a legal opinion was needed to confirm some area of liability or inquire about the propriety of certain methods used to reach certain objectives. […]

The post How Organizations Can Benefit If the CISO Is an Attorney appeared first on InfoSec Resources.

How Organizations Can Benefit If the CISO Is an Attorney was first posted on February 14, 2019 at 9:02 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Today, we will be continuing with our exploration of Hack the Box (HTB) machines as begun in the previous article. This walkthrough is of a HTB machine named Valentine. HTB is an excellent platform that hosts machines belonging to multiple OSes. It also has some other challenges as well. Individuals have to solve the puzzle […]

The post Hack the Box (HTB) Machines Walkthrough Series — Valentine [Updated 2019] appeared first on InfoSec Resources.

Hack the Box (HTB) Machines Walkthrough Series — Valentine [Updated 2019] was first posted on February 14, 2019 at 8:30 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Bleeping Computer learned of a strange phishing campaign which uses an unusually long URL - but why?

The apps, which violate content policies, got in there via the same Enterprise Certificate program that Facebook and Google exploited.

317 researchers from 78 countries turned 2018 into a worldwide bug-crunching spree.