Kategorie

In addition to traditional phishing, fraudulent cryptocurrency offers pose a rising trend.

This simple setup will help you discover if your apps are listening in on you.

Researchers call the scenario BlackIoT: an IoT botnet of high-wattage devices that could crash the power grid.

This type of multinational ATM cashout could drain cash machines of millions within the span of hours.

Bugcrowd's CTO and founder Casey Ellis talked to Threatpost about the recently launched HP printer bug bounty program.

Daniel Bagge je odborník na kybernetickou bezpečnost z Národního kybernetického úřadu. Podle něj lidé na sociálních sítích a internetu o sobě nechávají tolik citlivých informací, že z nich firmy umí udělat psychologický profil, a ten použít na cokoliv.

A former Microsoft network engineer who was charged in April this year has now been sentenced to 18 months in prison after pleading guilty to money laundering in connection with the Reveton ransomware. Reveton malware is old ransomware, also known as scareware or police ransomware that instead of encrypting files locks the screen of victims’ computers and displays a message purporting to come

2018 has been quite a tough year for Intel. While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks. Dubbed Foreshadow, alternatively called L1 Terminal Fault or L1TF, the new attacks include

Deset minut trvalo jedenáctiletému americkému chlapci, aby s využitím hackerských technik pronikl do modelu volebních výsledků státu Florida. Podle agentury Reuters byl jedním z 35 dětí, které se zapojily do testu bezpečnostního zajištění amerických volebních procedur.

Microsoft rolled out 60 patches for its Patch Tuesday release, impacting 19 critical flaws and 39 important flaws.

In a probable quest to build a botnet, someone is hacking Instagram accounts, deleting handles, avatars and personal details, and linking them to a new email address.

'Foreshadow" and other vulnerabilities in Intel processors can be exploited to steal sensitive information stored inside personal computers or personal clouds.

Foreshadow explained in a video.

Another day, another speculative execution-based attack. Data protected by Intel's SGX—data that's meant to be protected even from a malicious or hacked kernel—can be read by an attacker thanks to leaks enabled by speculative execution.

Since publication of the Spectre and Meltdown attacks in January this year, security researchers have been taking a close look at speculative execution and the implications it has for security. All high-speed processors today perform speculative execution: they assume certain things (a register will contain a particular value, a branch will go a particular way) and perform calculations on the basis of those assumptions. It's an important design feature of these chips that's essential to their performance, and it has been for 20 years.

But Meltdown and Spectre showed that speculative execution has security implications. Meltdown (on most Intel and some ARM processors) allows user applications to read the contents of kernel memory. Spectre (on most Intel, AMD, and ARM chips) can be used to attack software sandboxes used for JavaScript in browsers and, under the right conditions, can allow kernel memory or hypervisor memory to be read. In the months since they were first publicized, we've seen new variants: speculative store bypass, speculative buffer overflows, and even a remotely exploitable version of Spectre.

Read 22 remaining paragraphs | Comments

Get your update caps on. Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for August 2018, patching a total of 60 vulnerabilities, of which 19 are rated as critical. The updates patch flaws in Microsoft Windows, Edge Browser, Internet Explorer, Office, ChakraCore, .NET Framework, Exchange Server, Microsoft SQL Server and Visual Studio. Two of these

This is similar to taking a room key for a building and turning it into a skeleton key that works on every door in the building.

A recent report found that Google services - with functions like checking maps, the weather, and search - are tracking users even when they deny permission.